Re: [PATCH bpf-next 01/11] bpf: Move insn if/else into do_check_insn()

From: Eduard Zingerman
Date: Fri Mar 14 2025 - 18:47:20 EST


On Thu, 2025-03-13 at 18:21 +0100, Luis Gerhorst wrote:
> This is required to catch the errors later and fall back to a nospec if
> on a speculative path.
>
> Move code into do_check_insn(), replace
> * "continue" with "return INSN_IDX_MODIFIED"
> * "goto process_bpf_exit" with "return PROCESS_BPF_EXIT"
> * "do_print_state = " with "*do_print_state = "
>
> Signed-off-by: Luis Gerhorst <luis.gerhorst@xxxxxx>
> Acked-by: Henriette Herzog <henriette.herzog@xxxxxx>
> Cc: Maximilian Ott <ott@xxxxxxxxx>
> Cc: Milan Stephan <milan.stephan@xxxxxx>
> ---

This refactoring is a long overdue, thank you!
A few nits below.

[...]

> + err = do_check_insn(env, insn, pop_log, &do_print_state, regs, state,
> + &prev_insn_idx);

- `regs` remains declared in do_check(), while nothing prevents
pushing its declaration to do_check_insn().
- `state` is `env->cur_state`, so I'd avoid passing it as a parameter
(just to reduce count);
- `prev_insn_idx` is unused by `do_check_insn`;
- `pop_log` is not used by `do_check_insn`;
- given that `insn` is presumed to correspond to `env->insn_idx` in
many places down the stack not sure about this parameter.

> + if (err < 0) {
> + return err;
> + } else if (err == INSN_IDX_MODIFIED) {

Also, I'd get rid of `INSN_IDX_MODIFIED` and move `env->insn_idx++`
into `do_check_insn()`. This would save a few mental cycles when
looking at the code with full patch-set applied:

} else if (err == INSN_IDX_MODIFIED) {
continue;
} else if (err == PROCESS_BPF_EXIT) {
goto process_bpf_exit;
}
WARN_ON_ONCE(err);

if (state->speculative && cur_aux(env)->nospec_result) {
... bunch of actions ...
}

env->insn_idx++;

One needs to stop for a moment and think why "bunch of actions" is
performed for regular index increment, but not for INSN_IDX_MODIFIED.

> + continue;
> + } else if (err == PROCESS_BPF_EXIT) {

[...]