From 40e8b9169b536eddb8aa2408b96898cc25cfc9d5 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Tue, 20 May 2025 09:51:57 +0000 Subject: [PATCH] Revert "bpf: fix null dereference when computing changes_pkt_data of prog w/o subprogs" This reverts commit f0946dcccb3d8d28e4735a93ba54f626273aff3a which is commit ac6542ad92759cda383ad62b4e4cbfc28136abc1 upstream. It breaks the Android kernel abi and can be brought back in the future in an abi-safe way if it is really needed. Bug: 161946584 Change-Id: I118af20de9e39a79659ec9d336a807f7c05a3411 Signed-off-by: Greg Kroah-Hartman --- kernel/bpf/verifier.c | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c index d2ef289993f2..e2e16349ae3f 100644 --- a/kernel/bpf/verifier.c +++ b/kernel/bpf/verifier.c @@ -21990,7 +21990,6 @@ int bpf_check_attach_target(struct bpf_verifier_log *log, } if (tgt_prog) { struct bpf_prog_aux *aux = tgt_prog->aux; - bool tgt_changes_pkt_data; if (bpf_prog_is_dev_bound(prog->aux) && !bpf_prog_dev_bound_match(prog, tgt_prog)) { @@ -22025,10 +22024,8 @@ int bpf_check_attach_target(struct bpf_verifier_log *log, "Extension programs should be JITed\n"); return -EINVAL; } - tgt_changes_pkt_data = aux->func - ? aux->func[subprog]->aux->changes_pkt_data - : aux->changes_pkt_data; - if (prog->aux->changes_pkt_data && !tgt_changes_pkt_data) { + if (prog->aux->changes_pkt_data && + !aux->func[subprog]->aux->changes_pkt_data) { bpf_log(log, "Extension program changes packet data, while original does not\n"); return -EINVAL;