mirrors/linux
2
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2026-05-16 12:31:52 -04:00
Code Issues Packages Projects Releases Wiki Activity
Files
be23266b4a08540aa43d8503a2ea10247c8daebe
linux/kernel/bpf
History
Eduard Zingerman be23266b4a bpf: 4-byte precise clean_verifier_state 
Migrate clean_verifier_state() and its liveness queries from 8-byte
SPI granularity to 4-byte half-slot granularity.

In __clean_func_state(), each SPI is cleaned in two independent
halves:
  - half_spi 2*i   (lo): slot_type[0..3]
  - half_spi 2*i+1 (hi): slot_type[4..7]

Slot types STACK_DYNPTR, STACK_ITER and STACK_IRQ_FLAG are never
cleaned, as their slot type markers are required by
destroy_if_dynptr_stack_slot(), is_iter_reg_valid_uninit() and
is_irq_flag_reg_valid_uninit() for correctness.

When only the hi half is dead, spilled_ptr metadata is destroyed and
the lo half's STACK_SPILL bytes are downgraded to STACK_MISC or
STACK_ZERO. When only the lo half is dead, spilled_ptr is preserved
because the hi half may still need it for state comparison.

Signed-off-by: Eduard Zingerman <eddyz87@gmail.com>
Link: https://lore.kernel.org/r/20260410-patch-set-v4-5-5d4eecb343db@gmail.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
2026-04-10 15:04:59 -07:00
..
preload
umd: Remove usermode driver framework
2025-07-26 21:03:04 +02:00
arena.c
bpf: Lose const-ness of map in map_check_btf()
2026-02-27 15:39:00 -08:00
arraymap.c
bpf: Fix RCU stall in bpf_fd_array_map_clear()
2026-04-10 12:10:06 -07:00
bloom_filter.c
bpf: Lose const-ness of map in map_check_btf()
2026-02-27 15:39:00 -08:00
bpf_cgrp_storage.c
bpf: Switch to bpf_selem_unlink_nofail in bpf_local_storage_{map_free, destroy}
2026-02-06 14:47:59 -08:00
bpf_inode_storage.c
bpf: Switch to bpf_selem_unlink_nofail in bpf_local_storage_{map_free, destroy}
2026-02-06 14:47:59 -08:00
bpf_insn_array.c
bpf: Lose const-ness of map in map_check_btf()
2026-02-27 15:39:00 -08:00
bpf_iter.c
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
bpf_local_storage.c
bpf: Add warning to detect memory leak in bpf_selem_unlink_nofail()
2026-03-19 12:14:28 -07:00
bpf_lru_list.c
bpf: Replace get_next_cpu() with cpumask_next_wrap()
2025-08-18 15:11:02 +02:00
bpf_lru_list.h
bpf: Adjust free target to avoid global starvation of LRU map
2025-06-18 18:50:14 -07:00
bpf_lsm_proto.c
bpf: annotate file argument as __nullable in bpf_lsm_mmap_file
2025-12-21 10:56:33 -08:00
bpf_lsm.c
bpf: Drop task_to_inode and inet_conn_established from lsm sleepable hooks
2026-04-07 07:57:07 -07:00
bpf_struct_ops.c
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
bpf_task_storage.c
bpf: Switch to bpf_selem_unlink_nofail in bpf_local_storage_{map_free, destroy}
2026-02-06 14:47:59 -08:00
btf_iter.c
bpf: Remove custom build rule
2024-08-30 08:55:26 -07:00
btf_relocate.c
bpf: Remove custom build rule
2024-08-30 08:55:26 -07:00
btf.c
btf: Support kernel parsing of BTF with layout info
2026-03-26 13:53:56 -07:00
cgroup_iter.c
bpf: add new BPF_CGROUP_ITER_CHILDREN control option
2026-01-27 09:05:54 -08:00
cgroup.c
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
const_fold.c
bpf: Add bpf_compute_const_regs() and bpf_prune_dead_branches() passes
2026-04-03 08:34:36 -07:00
core.c
bpf: Make find_linfo widely available
2026-04-08 18:09:56 -07:00
cpumap.c
bpf: Add missing XDP_ABORTED handling in cpumap
2026-03-03 08:37:21 -08:00
cpumask.c
bpf: Remove redundant KF_TRUSTED_ARGS flag from all kfuncs
2026-01-02 12:04:28 -08:00
crypto.c
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
devmap.c
bpf: Use RCU-safe iteration in dev_map_redirect_multi() SKB path
2026-03-24 15:17:20 -07:00
disasm.c
bpf: disasm: add support for BPF_JMP|BPF_JA|BPF_X
2025-11-05 17:53:23 -08:00
disasm.h
bpf: Relicense disassembler as GPL-2.0-only OR BSD-2-Clause
2021-09-02 14:49:23 +02:00
dispatcher.c
bpf: Add kernel symbol for struct_ops trampoline
2024-11-12 17:13:46 -08:00
dmabuf_iter.c
bpf: Fix truncated dmabuf iterator reads
2025-12-09 23:48:34 -08:00
hashtab.c
bpf: Use copy_map_value_locked() in alloc_htab_elem() for BPF_F_LOCK
2026-04-05 18:37:32 -07:00
helpers.c
bpf: Retire rcu_trace_implies_rcu_gp()
2026-04-07 12:24:49 -07:00
inode.c
Convert 'alloc_obj' family to use the new default GFP_KERNEL argument
2026-02-21 17:09:51 -08:00
Kconfig
bpf: Update the bpf_prog_calc_tag to use SHA256
2025-09-18 19:10:20 -07:00
kmem_cache_iter.c
bpf: Add open coded version of kmem_cache iterator
2024-11-01 11:08:32 -07:00
link_iter.c
bpf: Clean up individual BTF_ID code
2025-07-16 18:34:42 -07:00
liveness.c
bpf: 4-byte precise clean_verifier_state
2026-04-10 15:04:59 -07:00
local_storage.c
bpf: fix end-of-list detection in cgroup_storage_get_next_key()
2026-04-05 18:45:05 -07:00
log.c
bpf: share several utility functions as internal API
2026-04-10 15:01:55 -07:00
lpm_trie.c
bpf: Lose const-ness of map in map_check_btf()
2026-02-27 15:39:00 -08:00
Makefile
bpf: Add bpf_compute_const_regs() and bpf_prune_dead_branches() passes
2026-04-03 08:34:36 -07:00
map_in_map.c
bpf: switch maps to CLASS(fd, ...)
2024-08-13 15:58:17 -07:00
map_in_map.h
bpf: Add map and need_defer parameters to .map_fd_put_ptr()
2023-12-04 17:50:26 -08:00
map_iter.c
bpf: Remove redundant KF_TRUSTED_ARGS flag from all kfuncs
2026-01-02 12:04:28 -08:00
memalloc.c
bpf: Retire rcu_trace_implies_rcu_gp()
2026-04-07 12:24:49 -07:00
mmap_unlock_work.h
bpf: Introduce helper bpf_find_vma
2021-11-07 11:54:51 -08:00
mprog.c
bpf: Handle bpf_mprog_query with NULL entry
2023-10-06 17:11:20 -07:00
net_namespace.c
treewide: Replace kmalloc with kmalloc_obj for non-scalar types
2026-02-21 01:02:28 -08:00
offload.c
bpf: Fix use-after-free in offloaded map/prog info fill
2026-04-09 13:24:32 -07:00
percpu_freelist.c
bpf: Convert percpu_freelist.c to rqspinlock
2025-03-19 08:03:05 -07:00
percpu_freelist.h
bpf: Convert percpu_freelist.c to rqspinlock
2025-03-19 08:03:05 -07:00
prog_iter.c
bpf: Clean up individual BTF_ID code
2025-07-16 18:34:42 -07:00
queue_stack_maps.c
bpf: Convert queue_stack map to rqspinlock
2025-04-10 12:51:10 -07:00
range_tree.c
bpf: arena: Reintroduce memcg accounting
2026-01-02 14:31:59 -08:00
range_tree.h
bpf: Introduce range_tree data structure and use it in bpf arena
2024-11-13 13:52:45 -08:00
relo_core.c
bpf: Remove custom build rule
2024-08-30 08:55:26 -07:00
reuseport_array.c
bpf: Use sockfd_put() helper
2024-08-30 08:57:47 -07:00
ringbuf.c
bpf: Add SPDX license identifiers to a few files
2026-01-16 14:50:00 -08:00
rqspinlock.c
Merge tag 'mm-nonmm-stable-2026-02-12-10-48' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
2026-02-12 12:13:01 -08:00
rqspinlock.h
rqspinlock: Protect waiters in queue from stalls
2025-03-19 08:03:05 -07:00
stackmap.c
Merge tag 'bpf-next-6.19' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next
2025-12-03 16:54:54 -08:00
stream.c
bpf: Add bpf_stream_print_stack stack dumping kfunc
2026-02-03 10:41:16 -08:00
syscall.c
bpf: Retire rcu_trace_implies_rcu_gp()
2026-04-07 12:24:49 -07:00
sysfs_btf.c
Merge tag 'driver-core-6.17-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/driver-core/driver-core
2025-07-29 12:15:39 -07:00
task_iter.c
bpf: return VMA snapshot from task_vma iterator
2026-04-10 12:05:16 -07:00
tcx.c
treewide: Replace kmalloc with kmalloc_obj for non-scalar types
2026-02-21 01:02:28 -08:00
tnum.c
bpf: Simplify tnum_step()
2026-03-24 08:45:29 -07:00
token.c
treewide: Replace kmalloc with kmalloc_obj for non-scalar types
2026-02-21 01:02:28 -08:00
trampoline.c
bpf: Fix a UAF issue in bpf_trampoline_link_cgroup_shim
2026-03-03 15:13:51 -08:00
verifier.c
bpf: 4-byte precise clean_verifier_state
2026-04-10 15:04:59 -07:00