review.tizen.org Git - platform/kernel/linux-rpi.git/commit

author	Alexei Starovoitov <ast@kernel.org>
	Wed, 11 Nov 2020 03:12:11 +0000 (19:12 -0800)
committer	Daniel Borkmann <daniel@iogearbox.net>
	Fri, 13 Nov 2020 00:42:11 +0000 (01:42 +0100)
commit	6d94e741a8ff818e5518da8257f5ca0aaed1f269
tree	8f456797a13698d3a57252a8d427a86ebaee1ff6	tree \| snapshot
parent	c36538798fc6c80bd8bdaddad803b0c86dc13d7c	commit \| diff

bpf: Support for pointers beyond pkt_end.

This patch adds the verifier support to recognize inlined branch conditions.
The LLVM knows that the branch evaluates to the same value, but the verifier
couldn't track it. Hence causing valid programs to be rejected.
The potential LLVM workaround: https://reviews.llvm.org/D87428
can have undesired side effects, since LLVM doesn't know that
skb->data/data_end are being compared. LLVM has to introduce extra boolean
variable and use inline_asm trick to force easier for the verifier assembly.

Instead teach the verifier to recognize that
r1 = skb->data;
r1 += 10;
r2 = skb->data_end;
if (r1 > r2) {
  here r1 points beyond packet_end and
  subsequent
  if (r1 > r2) // always evaluates to "true".
}

Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Tested-by: Jiri Olsa <jolsa@redhat.com>
Acked-by: John Fastabend <john.fastabend@gmail.com>
Link: https://lore.kernel.org/bpf/20201111031213.25109-2-alexei.starovoitov@gmail.com

include/linux/bpf_verifier.h		diff \| blob \| history
kernel/bpf/verifier.c		diff \| blob \| history