From b9ea299f69a15b237fd5f992dbadad0d6b19f768 Mon Sep 17 00:00:00 2001 From: Paul Moore Date: Wed, 3 Apr 2013 10:49:05 -0400 Subject: bpf: correctly manage the BPF accumulator state We weren't correctly tracking the accumulator state as we built the BPF code, in an effort to fix this we now store the initial state of the accumulator along with the BPF instruction block. Signed-off-by: Paul Moore --- src/gen_bpf.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/src/gen_bpf.c b/src/gen_bpf.c index 715560d..01c2709 100644 --- a/src/gen_bpf.c +++ b/src/gen_bpf.c @@ -107,6 +107,7 @@ struct bpf_blk { unsigned int flag_unique; /* ->blks is unique to this block */ /* used during block assembly */ + struct acc_state acc_state; uint64_t hash; struct bpf_blk *hash_nxt; struct bpf_blk *prev, *next; @@ -674,6 +675,7 @@ static struct bpf_blk *_gen_bpf_node(struct bpf_state *state, uint64_t act_t_hash = 0, act_f_hash = 0; struct bpf_blk *blk = NULL, *b_act; struct bpf_instr instr; + struct acc_state a_state_orig = *a_state; /* generate the action blocks */ if (node->act_t_flg) { @@ -757,6 +759,7 @@ static struct bpf_blk *_gen_bpf_node(struct bpf_state *state, goto node_failure; blk->node = node; + blk->acc_state = a_state_orig; return blk; node_failure: @@ -770,7 +773,6 @@ node_failure: * @param sys the syscall filter * @param blk the BPF instruction block * @param nxt_jump the jump to fallthrough to at the end of the level - * @param a_state the accumulator state * * Resolve the jump targets in a BPF instruction block generated by the * _gen_bpf_chain_lvl() function and adds the resulting block to the hash @@ -781,8 +783,7 @@ node_failure: static struct bpf_blk *_gen_bpf_chain_lvl_res(struct bpf_state *state, const struct db_sys_list *sys, struct bpf_blk *blk, - const struct bpf_jump *nxt_jump, - struct acc_state *a_state) + const struct bpf_jump *nxt_jump) { int rc; unsigned int iter; @@ -805,7 +806,7 @@ static struct bpf_blk *_gen_bpf_chain_lvl_res(struct bpf_state *state, case TGT_PTR_BLK: b_new = _gen_bpf_chain_lvl_res(state, sys, i_iter->jt.tgt.blk, - nxt_jump, a_state); + nxt_jump); if (b_new == NULL) return NULL; i_iter->jt = _BPF_JMP_HSH(b_new->hash); @@ -813,7 +814,7 @@ static struct bpf_blk *_gen_bpf_chain_lvl_res(struct bpf_state *state, case TGT_PTR_DB: node = (struct db_arg_chain_tree *)i_iter->jt.tgt.db; b_new = _gen_bpf_chain(state, sys, node, - nxt_jump, a_state); + nxt_jump, &blk->acc_state); if (b_new == NULL) return NULL; i_iter->jt = _BPF_JMP_HSH(b_new->hash); @@ -831,7 +832,7 @@ static struct bpf_blk *_gen_bpf_chain_lvl_res(struct bpf_state *state, case TGT_PTR_BLK: b_new = _gen_bpf_chain_lvl_res(state, sys, i_iter->jf.tgt.blk, - nxt_jump, a_state); + nxt_jump); if (b_new == NULL) return NULL; i_iter->jf = _BPF_JMP_HSH(b_new->hash); @@ -839,7 +840,7 @@ static struct bpf_blk *_gen_bpf_chain_lvl_res(struct bpf_state *state, case TGT_PTR_DB: node = (struct db_arg_chain_tree *)i_iter->jf.tgt.db; b_new = _gen_bpf_chain(state, sys, node, - nxt_jump, a_state); + nxt_jump, &blk->acc_state); if (b_new == NULL) return NULL; i_iter->jf = _BPF_JMP_HSH(b_new->hash); @@ -954,8 +955,7 @@ static struct bpf_blk *_gen_bpf_chain(struct bpf_state *state, b_iter = _gen_bpf_chain_lvl_res(state, sys, b_iter, (b_next == NULL ? nxt_jump : - &_BPF_JMP_BLK(b_next)), - a_state); + &_BPF_JMP_BLK(b_next))); if (b_iter == NULL) goto chain_failure; -- cgit v1.2.1