Re: [PATCH RFC net-next 08/14] bpf: add eBPF verifier

From: Daniel Borkmann
Date: Tue Jul 01 2014 - 04:06:00 EST

Next message: Peter Zijlstra: "Re: [RFC PATCH v2] Implement Batched (group) ticket lock"
Previous message: Mel Gorman: "Re: [PATCH 4/4] mm: page_alloc: Reduce cost of the fair zone allocation policy"
Next in thread: Alexei Starovoitov: "Re: [PATCH RFC net-next 08/14] bpf: add eBPF verifier"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 06/28/2014 02:06 AM, Alexei Starovoitov wrote:

Safety of eBPF programs is statically determined by the verifier, which detects:
- loops
- out of range jumps
- unreachable instructions
- invalid instructions
- uninitialized register access
- uninitialized stack access
- misaligned stack access
- out of range stack access
- invalid calling convention

...

More details in Documentation/networking/filter.txt

Signed-off-by: Alexei Starovoitov <ast@xxxxxxxxxxxx>
---

...

kernel/bpf/verifier.c | 1431 +++++++++++++++++++++++++++++++++++

Looking at classic BPF verifier which checks safety of BPF
user space programs, it's roughly 200 loc. :-/

diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
new file mode 100644

...

+#define _(OP) ({ int ret = OP; if (ret < 0) return ret; })

...

+ _(get_map_info(env, map_id, &map));

...

+ _(size = bpf_size_to_bytes(bpf_size));

Nit: such macros should be removed, please.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Peter Zijlstra: "Re: [RFC PATCH v2] Implement Batched (group) ticket lock"
Previous message: Mel Gorman: "Re: [PATCH 4/4] mm: page_alloc: Reduce cost of the fair zone allocation policy"
Next in thread: Alexei Starovoitov: "Re: [PATCH RFC net-next 08/14] bpf: add eBPF verifier"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]