review.tizen.org Git - platform/kernel/linux-rpi.git/commit

author	Maxim Mikityanskiy <maximmi@nvidia.com>
	Tue, 7 Dec 2021 08:15:21 +0000 (10:15 +0200)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Tue, 14 Dec 2021 10:32:46 +0000 (11:32 +0100)
commit	d428e5477493946b77d1071e84b1475241974930
tree	d7ef7358a6909dd68e485eb07a8df550b1bbadb4	tree \| snapshot
parent	0ec0eda3f3c3483872157a7780cebdf9bf3a11c4	commit \| diff

bpf: Add selftests to cover packet access corner cases

commit b560b21f71eb4ef9dfc7c8ec1d0e4d7f9aa54b51 upstream.

This commit adds BPF verifier selftests that cover all corner cases by
packet boundary checks. Specifically, 8-byte packet reads are tested at
the beginning of data and at the beginning of data_meta, using all kinds
of boundary checks (all comparison operators: <, >, <=, >=; both
permutations of operands: data + length compared to end, end compared to
data + length). For each case there are three tests:

1. Length is just enough for an 8-byte read. Length is either 7 or 8,
   depending on the comparison.

2. Length is increased by 1 - should still pass the verifier. These
   cases are useful, because they failed before commit 2fa7d94afc1a
   ("bpf: Fix the off-by-two error in range markings").

3. Length is decreased by 1 - should be rejected by the verifier.

Some existing tests are just renamed to avoid duplication.

Signed-off-by: Maxim Mikityanskiy <maximmi@nvidia.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Link: https://lore.kernel.org/bpf/20211207081521.41923-1-maximmi@nvidia.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>