When BPF_WRITE goes through a PTR_TO_BTF_ID register, check_ptr_to_btf_access()
delegates to env->ops->btf_struct_access(). Most implementations
(bpf_scx_btf_struct_access, tc_cls_act_btf_struct_access, etc.) return
-EACCES for disallowed fields without logging anything, so the verifier
rejects the program with an empty message. For example a scx program doing
1: R1=trusted_ptr_task_struct()
...
4: (7b) *(u64 *)(r1 +0) = r2
verification time 83 usec
the program is rejected
leaves the user guessing which field is off-limits.
Emit verbose message.
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Reviewed-by: Emil Tsalapatis <emil@etsalapatis.com>
Acked-by: Yonghong Song <yonghong.song@linux.dev>
Link: https://lore.kernel.org/r/20260615232146.5491-1-alexei.starovoitov@gmail.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
return -EFAULT;
}
ret = env->ops->btf_struct_access(&env->log, reg, off, size);
+ if (ret < 0)
+ verbose(env,
+ "%s cannot write into ptr_%s at off=%d size=%d\n",
+ reg_arg_name(env, argno), tname, off, size);
} else {
/* Writes are permitted with default btf_struct_access for
* program allocated objects (which always have id > 0),