From mboxrd@z Thu Jan  1 00:00:00 1970
From: Tycho Andersen <tycho.andersen@canonical.com>
Subject: [PATCH] ebpf: emit correct src_reg for conditional jumps
Date: Thu, 10 Sep 2015 18:25:07 -0600
Message-ID: <1441931107-17673-1-git-send-email-tycho.andersen@canonical.com>
Cc: netdev@vger.kernel.org,
	Tycho Andersen <tycho.andersen@canonical.com>,
	Daniel Borkmann <daniel@iogearbox.net>
To: Alexei Starovoitov <ast@kernel.org>,
	"David S. Miller" <davem@davemloft.net>
Return-path: <netdev-owner@vger.kernel.org>
Received: from mail-io0-f178.google.com ([209.85.223.178]:35291 "EHLO
	mail-io0-f178.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1751007AbbIKAZh (ORCPT
	<rfc822;netdev@vger.kernel.org>); Thu, 10 Sep 2015 20:25:37 -0400
Received: by ioiz6 with SMTP id z6so80541291ioi.2
        for <netdev@vger.kernel.org>; Thu, 10 Sep 2015 17:25:37 -0700 (PDT)
Sender: netdev-owner@vger.kernel.org
List-ID: <netdev.vger.kernel.org>

Instead of always emitting BPF_REG_X, let's emit BPF_REG_X only when the
source actually is BPF_X. This causes programs generated by the classic
converter to not be importable via bpf(), as the eBPF verifier checks that
the src_reg is correct or 0. While not a problem yet, this will be a
problem when BPF_PROG_DUMP lands, and we can potentially dump and re-import
programs generated by the converter.

Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
CC: Alexei Starovoitov <ast@kernel.org>
CC: Daniel Borkmann <daniel@iogearbox.net>
---
 net/core/filter.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/net/core/filter.c b/net/core/filter.c
index 13079f0..05a04ea 100644
--- a/net/core/filter.c
+++ b/net/core/filter.c
@@ -478,9 +478,9 @@ do_pass:
 				bpf_src = BPF_X;
 			} else {
 				insn->dst_reg = BPF_REG_A;
-				insn->src_reg = BPF_REG_X;
 				insn->imm = fp->k;
 				bpf_src = BPF_SRC(fp->code);
+				insn->src_reg = bpf_src == BPF_X ? BPF_REG_X : 0;
 			}
 
 			/* Common case where 'jump_false' is next insn. */
-- 
2.1.4