diff mbox series

[v9,03/12] bpf: allow self-xor operation

Message ID	20210916001416.39998-4-stephen@networkplumber.org (mailing list archive)
State	Superseded, archived
Delegated to:	Thomas Monjalon
Headers	From: Stephen Hemminger <stephen@networkplumber.org> To: dev@dpdk.org Cc: Stephen Hemminger <stephen@networkplumber.org>, konstantin.ananyev@intel.com Date: Wed, 15 Sep 2021 17:14:07 -0700 Message-Id: <20210916001416.39998-4-stephen@networkplumber.org> In-Reply-To: <20210916001416.39998-1-stephen@networkplumber.org> References: <20210903004732.109023-1-stephen@networkplumber.org> <20210916001416.39998-1-stephen@networkplumber.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [dpdk-dev] [PATCH v9 03/12] bpf: allow self-xor operation Precedence: list Errors-To: dev-bounces@dpdk.org Sender: "dev" <dev-bounces@dpdk.org>
Series	Packet capture framework enhancements \| [v9,00/12] Packet capture framework enhancements [v9,01/12] librte_pcapng: add new library for writing pcapng files [v9,02/12] lib: pdump is not supported on Windows [v9,03/12] bpf: allow self-xor operation [v9,04/12] bpf: add function to convert classic BPF to DPDK BPF [v9,05/12] bpf: add function to dump eBPF instructions [v9,06/12] pdump: support pcapng and filtering [v9,07/12] app/dumpcap: add new packet capture application [v9,08/12] test: add test for bpf_convert [v9,09/12] test: add a test for pcapng library [v9,10/12] test: enable bpf autotest [v9,11/12] doc: changes for new pcapng and dumpcap [v9,12/12] MAINTAINERS: add entry for new packet capture features

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK

Commit Message

Stephen Hemminger Sept. 16, 2021, 12:14 a.m. UTC

  Some BPF programs may use XOR of a register with itself
as a way to zero register in one instruction.
The BPF filter converter generates this in the prolog
to the generated code.

The BPF validator would not allow this because the value of
register was undefined. But after this operation it always zero.

Fixes: 8021917293d0 ("bpf: add extra validation for input BPF program")
Cc: konstantin.ananyev@intel.com
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
---
 lib/bpf/bpf_validate.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

Comments

Ananyev, Konstantin Sept. 16, 2021, 3:23 p.m. UTC | #1

> Some BPF programs may use XOR of a register with itself
> as a way to zero register in one instruction.
> The BPF filter converter generates this in the prolog
> to the generated code.
> 
> The BPF validator would not allow this because the value of
> register was undefined. But after this operation it always zero.
> 
> Fixes: 8021917293d0 ("bpf: add extra validation for input BPF program")
> Cc: konstantin.ananyev@intel.com
> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
> ---
>  lib/bpf/bpf_validate.c | 9 ++++++++-
>  1 file changed, 8 insertions(+), 1 deletion(-)
> 
> diff --git a/lib/bpf/bpf_validate.c b/lib/bpf/bpf_validate.c
> index 7b1291b382e9..853279fee557 100644
> --- a/lib/bpf/bpf_validate.c
> +++ b/lib/bpf/bpf_validate.c
> @@ -661,8 +661,15 @@ eval_alu(struct bpf_verifier *bvf, const struct ebpf_insn *ins)
> 
>  	op = BPF_OP(ins->code);
> 
> +	/* Allow self-xor as way to zero register */
> +	if (op == BPF_XOR && BPF_SRC(ins->code) == BPF_X &&
> +	    ins->src_reg == ins->dst_reg) {
> +		eval_fill_imm(&rs, UINT64_MAX, 0);
> +		eval_fill_imm(rd, UINT64_MAX, 0);
> +	}
> +
>  	err = eval_defined((op != EBPF_MOV) ? rd : NULL,
> -			(op != BPF_NEG) ? &rs : NULL);
> +			   (op != BPF_NEG) ? &rs : NULL);
>  	if (err != NULL)
>  		return err;
> 
> --

Acked-by: Konstantin Ananyev <konstantin.ananyev@intel.com>

> 2.30.2

diff mbox series

Patch

diff --git a/lib/bpf/bpf_validate.c b/lib/bpf/bpf_validate.c
index 7b1291b382e9..853279fee557 100644
--- a/lib/bpf/bpf_validate.c
+++ b/lib/bpf/bpf_validate.c
@@ -661,8 +661,15 @@  eval_alu(struct bpf_verifier *bvf, const struct ebpf_insn *ins)
 
 	op = BPF_OP(ins->code);
 
+	/* Allow self-xor as way to zero register */
+	if (op == BPF_XOR && BPF_SRC(ins->code) == BPF_X &&
+	    ins->src_reg == ins->dst_reg) {
+		eval_fill_imm(&rs, UINT64_MAX, 0);
+		eval_fill_imm(rd, UINT64_MAX, 0);
+	}
+
 	err = eval_defined((op != EBPF_MOV) ? rd : NULL,
-			(op != BPF_NEG) ? &rs : NULL);
+			   (op != BPF_NEG) ? &rs : NULL);
 	if (err != NULL)
 		return err;