git.ipfire.org Git - thirdparty/linux.git/commit

author	Matt Bobrowski <mattbobrowski@google.com>
	Tue, 13 Jan 2026 08:39:47 +0000 (08:39 +0000)
committer	Alexei Starovoitov <ast@kernel.org>
	Wed, 14 Jan 2026 03:19:13 +0000 (19:19 -0800)
commit	f8ade2342e22e7dbc71af496f07c900f8c69dd54
tree	f97c5b6717b775ec8bc746bf29203233d8ddc985	tree
parent	b9da17391e135f65df0eaa73e7c3fd09a1d45f6d	commit \| diff

bpf: return PTR_TO_BTF_ID | PTR_TRUSTED from BPF kfuncs by default

Teach the BPF verifier to treat pointers to struct types returned from
BPF kfuncs as implicitly trusted (PTR_TO_BTF_ID | PTR_TRUSTED) by
default. Returning untrusted pointers to struct types from BPF kfuncs
should be considered an exception only, and certainly not the norm.

Update existing selftests to reflect the change in register type
printing (e.g. `ptr_` becoming `trusted_ptr_` in verifier error
messages).

Link: https://lore.kernel.org/bpf/aV4nbCaMfIoM0awM@google.com/
Signed-off-by: Matt Bobrowski <mattbobrowski@google.com>
Acked-by: Kumar Kartikeya Dwivedi <memxor@gmail.com>
Link: https://lore.kernel.org/r/20260113083949.2502978-1-mattbobrowski@google.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>

kernel/bpf/verifier.c		diff \| blob \| blame \| history
tools/testing/selftests/bpf/progs/map_kptr_fail.c		diff \| blob \| blame \| history
tools/testing/selftests/bpf/progs/struct_ops_kptr_return_fail__wrong_type.c		diff \| blob \| blame \| history
tools/testing/selftests/bpf/progs/verifier_global_ptr_args.c		diff \| blob \| blame \| history
tools/testing/selftests/bpf/verifier/calls.c		diff \| blob \| blame \| history