bpf: add a comment about bpf_attr decoding

* bpf.c: Add comment.
This commit is contained in:
Eugene Syromyatnikov 2018-03-04 20:31:25 +01:00 committed by Dmitry V. Levin
parent a2e4217c95
commit b10995d982

9
bpf.c
View File

@ -76,6 +76,15 @@ bpf_cmd_decoder(struct tcb *const tcp, \
typedef DECL_BPF_CMD_DECODER((*bpf_cmd_decoder_t));
/*
* A note about bpf syscall decoder: it doesn't perform any size sanity checks,
* so even if it leads to partial copying of one of the fields, the command
* handler will still use the (partially-copied-from-userspace, partially
* zeroed) field value. That's why we stop decoding and check for known sizes
* that correspond to released versions of the structure used by the specific
* command - it looks like the most sensible way to parse this insanity.
*/
static int
decode_attr_extra_data(struct tcb *const tcp,
const char *data,