Commit 6dae957c authored by Anton Protopopov's avatar Anton Protopopov Committed by Alexei Starovoitov

bpf: fix possible file descriptor leaks in verifier

The resolve_pseudo_ldimm64() function might have leaked file
descriptors when BPF_MAP_TYPE_ARENA was used in a program (some
error paths missed a corresponding fdput). Add missing fdputs.

v2:
  remove unrelated changes from the fix

Fixes: 6082b6c3 ("bpf: Recognize addr_space_cast instruction in the verifier.")
Signed-off-by: default avatarAnton Protopopov <aspsk@isovalent.com>
Acked-by: default avatarYonghong Song <yonghong.song@linux.dev>
Acked-by: default avatarShung-Hsi Yu <shung-hsi.yu@suse.com>
Link: https://lore.kernel.org/r/20240329071106.67968-1-aspsk@isovalent.comSigned-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
parent 62248b22
...@@ -18379,15 +18379,18 @@ static int resolve_pseudo_ldimm64(struct bpf_verifier_env *env) ...@@ -18379,15 +18379,18 @@ static int resolve_pseudo_ldimm64(struct bpf_verifier_env *env)
} }
if (!env->prog->jit_requested) { if (!env->prog->jit_requested) {
verbose(env, "JIT is required to use arena\n"); verbose(env, "JIT is required to use arena\n");
fdput(f);
return -EOPNOTSUPP; return -EOPNOTSUPP;
} }
if (!bpf_jit_supports_arena()) { if (!bpf_jit_supports_arena()) {
verbose(env, "JIT doesn't support arena\n"); verbose(env, "JIT doesn't support arena\n");
fdput(f);
return -EOPNOTSUPP; return -EOPNOTSUPP;
} }
env->prog->aux->arena = (void *)map; env->prog->aux->arena = (void *)map;
if (!bpf_arena_get_user_vm_start(env->prog->aux->arena)) { if (!bpf_arena_get_user_vm_start(env->prog->aux->arena)) {
verbose(env, "arena's user address must be set via map_extra or mmap()\n"); verbose(env, "arena's user address must be set via map_extra or mmap()\n");
fdput(f);
return -EINVAL; return -EINVAL;
} }
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment