git.baikalelectronics.ru Git - kernel.git/commit

author	Paul Chaignon <paul@isovalent.com>
	Thu, 9 Dec 2021 23:47:00 +0000 (00:47 +0100)
committer	Alexei Starovoitov <ast@kernel.org>
	Fri, 10 Dec 2021 17:13:21 +0000 (09:13 -0800)
commit	3ff7022528b3ec8e3614b8a77c92b991b7f13e21
tree	5dd13b7d8a936e6f582c388cdfa35288182cfdfc	tree \| snapshot
parent	edba625c128e4ff2ac59b23ccef9112364bd5b1f	commit \| diff

selftests/bpf: Tests for state pruning with u32 spill/fill

This patch adds tests for the verifier's tracking for spilled, <8B
registers. The first two test cases ensure the verifier doesn't
incorrectly prune states in case of <8B spill/fills. The last one simply
checks that a filled u64 register is marked unknown if the register
spilled in the same slack slot was less than 8B.

The map value access at the end of the first program is only incorrect
for the path R6=32. If the precision bit for register R8 isn't
backtracked through the u32 spill/fill, the R6=32 path is pruned at
instruction 9 and the program is incorrectly accepted. The second
program is a variation of the same with u32 spills and a u64 fill.

The additional instructions to introduce the first pruning point may be
a bit fragile as they depend on the heuristics for pruning points in the
verifier (currently at least 8 instructions and 2 jumps). If the
heuristics are changed, the pruning point may move (e.g., to the
subsequent jump) or disappear, which would cause the test to always pass.

Signed-off-by: Paul Chaignon <paul@isovalent.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>

tools/testing/selftests/bpf/verifier/search_pruning.c		diff \| blob \| history
tools/testing/selftests/bpf/verifier/spill_fill.c		diff \| blob \| history