From: Andrii Nakryiko <andrii@kernel.org>
To: <bpf@vger.kernel.org>, <ast@kernel.org>, <daniel@iogearbox.net>,
<martin.lau@kernel.org>
Cc: <andrii@kernel.org>, <kernel-team@meta.com>
Subject: [PATCH bpf-next 0/4] BPF control flow graph and precision backtrack fixes
Date: Wed, 8 Nov 2023 15:11:48 -0800 [thread overview]
Message-ID: <20231108231152.3583545-1-andrii@kernel.org> (raw)
A few small-ish fixes to BPF verifier's CFG logic around handling and
reporting ldimm64 instructions, and also too eagerly reporting back edges.
Patch #1 was previously submitted separately ([0]), and so this patch set
supersedes that patch.
Fixing above CFG issues uncovered one interesting edge case in precision
backtracking logic, which patch #2 fixes as well. See the patch for details.
All of these fixes seem to cover quite obscure corner cases that don't come up
often in practice. And they all are applicable only to privileged BPF mode.
So targeting bpf-next seems appropriate. Also note that [1] is also touching
get_prev_insn_idx() function, so would conflict if they land in two different
trees.
[0] https://patchwork.kernel.org/project/netdevbpf/patch/20231101205626.119243-1-andrii@kernel.org/
[1] https://patchwork.kernel.org/project/netdevbpf/list/?series=797781&state=*
Andrii Nakryiko (4):
bpf: handle ldimm64 properly in check_cfg()
bpf: fix precision backtracking instruction iteration
bpf: fix control-flow graph checking in privileged mode
selftests/bpf: add more test cases for check_cfg()
include/linux/bpf.h | 8 +-
kernel/bpf/verifier.c | 85 ++++++++++++-------
.../selftests/bpf/progs/verifier_cfg.c | 66 +++++++++++++-
.../selftests/bpf/progs/verifier_loops1.c | 9 +-
.../testing/selftests/bpf/verifier/ld_imm64.c | 8 +-
5 files changed, 136 insertions(+), 40 deletions(-)
--
2.34.1
next reply other threads:[~2023-11-08 23:11 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-11-08 23:11 Andrii Nakryiko [this message]
2023-11-08 23:11 ` [PATCH bpf-next 1/4] bpf: handle ldimm64 properly in check_cfg() Andrii Nakryiko
2023-11-09 22:25 ` Eduard Zingerman
2023-11-08 23:11 ` [PATCH bpf-next 2/4] bpf: fix precision backtracking instruction iteration Andrii Nakryiko
2023-11-09 17:20 ` Eduard Zingerman
2023-11-09 23:18 ` Andrii Nakryiko
2023-11-09 23:28 ` Andrii Nakryiko
2023-11-09 23:37 ` Eduard Zingerman
2023-11-08 23:11 ` [PATCH bpf-next 3/4] bpf: fix control-flow graph checking in privileged mode Andrii Nakryiko
2023-11-09 22:00 ` Eduard Zingerman
2023-11-09 23:25 ` Andrii Nakryiko
2023-11-10 1:26 ` Alexei Starovoitov
2023-11-10 3:41 ` Andrii Nakryiko
2023-11-10 4:08 ` Alexei Starovoitov
2023-11-10 5:31 ` Andrii Nakryiko
2023-11-10 5:33 ` Andrii Nakryiko
2023-11-08 23:11 ` [PATCH bpf-next 4/4] selftests/bpf: add more test cases for check_cfg() Andrii Nakryiko
2023-11-09 22:21 ` Eduard Zingerman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20231108231152.3583545-1-andrii@kernel.org \
--to=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=kernel-team@meta.com \
--cc=martin.lau@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox