From: Kumar Kartikeya Dwivedi <memxor@gmail.com>
To: bpf@vger.kernel.org
Cc: Alexei Starovoitov <ast@kernel.org>,
Andrii Nakryiko <andrii@kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>,
Martin KaFai Lau <martin.lau@kernel.org>,
Eduard Zingerman <eddyz87@gmail.com>, Tejun Heo <tj@kernel.org>,
Dan Schatzberg <dschatzberg@meta.com>,
kkd@meta.com, kernel-team@meta.com
Subject: [PATCH bpf-next v4 0/7] Allow variable offsets for syscall PTR_TO_CTX
Date: Wed, 1 Apr 2026 14:28:09 +0200 [thread overview]
Message-ID: <20260401122818.2240807-1-memxor@gmail.com> (raw)
Enable pointer modification with variable offsets accumulated in the
register for PTR_TO_CTX for syscall programs where it won't be
rewritten, and the context is user-supplied and checked against the max
offset. See patches for details. Fixed offset support landed in [0].
By combining this set with [0], examples like the one below should
succeed verification now.
SEC("syscall")
int prog(void *ctx) {
int *arr = ctx;
int i;
bpf_for(i, 0, 100)
arr[i] *= i;
return 0;
}
[0]: https://lore.kernel.org/bpf/20260227005725.1247305-1-memxor@gmail.com
Changelog:
----------
v3 -> v4
v3: https://lore.kernel.org/bpf/20260318103526.2590079-1-memxor@gmail.com
* Drop comment around describing choice of fixed or variable offsets. (Eduard)
* Simplify offset adjustment for different cases. (Eduard)
* Add PTR_TO_CTX case in __check_mem_access(). (Eduard)
* Drop aligned access constraint from syscall_prog_is_valid_access().
* Wrap naked checks for BPF_PROG_TYPE_SYSCALL in a utility function. (Eduard)
* Split tests into separate clean up and addition patches. (Eduard)
* Remove CAP_SYS_ADMIN changes. (Eduard)
* Enable unaligned access to syscall ctx, add tests.
* Add more tests for various corner cases.
* Add acks. (Puranjay, Mykyta)
v2 -> v3
v2: https://lore.kernel.org/bpf/20260318075133.1031781-1-memxor@gmail.com
* Prevent arg_type for KF_ARG_PTR_TO_CTX from applying to other cases
due to preceding fallthrough. (Gemini/Sashiko)
v1 -> v2
v1: https://lore.kernel.org/bpf/20260317111850.2107846-2-memxor@gmail.com
* Harden check_func_arg_reg_off check with ARG_PTR_TO_CTX.
* Add tests for unmodified ctx into tail calls.
* Squash unmodified ctx change into base commit.
* Add Reviewed-by's from Emil.
Kumar Kartikeya Dwivedi (7):
bpf: Support variable offsets for syscall PTR_TO_CTX
bpf: Enable unaligned accesses for syscall ctx
selftests/bpf: Convert ctx tests from ASM to C
selftests/bpf: Add syscall ctx variable offset tests
selftests/bpf: Test modified syscall ctx for ARG_PTR_TO_CTX
selftests/bpf: Add tests for unaligned syscall ctx accesses
selftests/bpf: Add tests for syscall ctx accesses beyond U16_MAX
kernel/bpf/syscall.c | 3 +-
kernel/bpf/verifier.c | 104 +--
.../selftests/bpf/prog_tests/verifier.c | 2 +-
.../selftests/bpf/progs/verifier_ctx.c | 591 ++++++++++++++++--
.../bpf/progs/verifier_global_subprogs.c | 95 ++-
.../selftests/bpf/test_kmods/bpf_testmod.c | 2 +-
6 files changed, 704 insertions(+), 93 deletions(-)
base-commit: 0eeb0094ba0321f0927806857b5f01c1577bc245
--
2.52.0
next reply other threads:[~2026-04-01 12:28 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-01 12:28 Kumar Kartikeya Dwivedi [this message]
2026-04-01 12:28 ` [PATCH bpf-next v4 1/7] bpf: Support variable offsets for syscall PTR_TO_CTX Kumar Kartikeya Dwivedi
2026-04-01 12:40 ` Kumar Kartikeya Dwivedi
2026-04-01 12:28 ` [PATCH bpf-next v4 2/7] bpf: Enable unaligned accesses for syscall ctx Kumar Kartikeya Dwivedi
2026-04-06 1:11 ` Emil Tsalapatis
2026-04-01 12:28 ` [PATCH bpf-next v4 3/7] selftests/bpf: Convert ctx tests from ASM to C Kumar Kartikeya Dwivedi
2026-04-06 1:20 ` Emil Tsalapatis
2026-04-01 12:28 ` [PATCH bpf-next v4 4/7] selftests/bpf: Add syscall ctx variable offset tests Kumar Kartikeya Dwivedi
2026-04-01 12:28 ` [PATCH bpf-next v4 5/7] selftests/bpf: Test modified syscall ctx for ARG_PTR_TO_CTX Kumar Kartikeya Dwivedi
2026-04-01 12:28 ` [PATCH bpf-next v4 6/7] selftests/bpf: Add tests for unaligned syscall ctx accesses Kumar Kartikeya Dwivedi
2026-04-06 2:00 ` Emil Tsalapatis
2026-04-01 12:28 ` [PATCH bpf-next v4 7/7] selftests/bpf: Add tests for syscall ctx accesses beyond U16_MAX Kumar Kartikeya Dwivedi
2026-04-06 2:02 ` Emil Tsalapatis
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260401122818.2240807-1-memxor@gmail.com \
--to=memxor@gmail.com \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=dschatzberg@meta.com \
--cc=eddyz87@gmail.com \
--cc=kernel-team@meta.com \
--cc=kkd@meta.com \
--cc=martin.lau@kernel.org \
--cc=tj@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox