git.baikalelectronics.ru Git - kernel.git/commit

author	John Fastabend <john.fastabend@gmail.com>
	Mon, 30 Mar 2020 21:38:21 +0000 (14:38 -0700)
committer	Alexei Starovoitov <ast@kernel.org>
	Mon, 30 Mar 2020 22:00:31 +0000 (15:00 -0700)
commit	bfa39772f58601971f83a0585b9e0812afff7121
tree	891b4fa11cdd0212fe9f094af6d6a1e70cc679f9	tree \| snapshot
parent	6e71a68bb52bbba5cbf92cfdb2c05942ed5d9732	commit \| diff

bpf: Test_verifier, add alu32 bounds tracking tests

Its possible to have divergent ALU32 and ALU64 bounds when using JMP32
instructins and ALU64 arithmatic operations. Sometimes the clang will
even generate this code. Because the case is a bit tricky lets add
a specific test for it.

Here is pseudocode asm version to illustrate the idea,

1 r0 = 0xffffffff00000001;
2 if w0 > 1 goto %l[fail];
3 r0 += 1
5 if w0 > 2 goto %l[fail]
6 exit

The intent here is the verifier will fail the load if the 32bit bounds
are not tracked correctly through ALU64 op. Similarly we can check the
64bit bounds are correctly zero extended after ALU32 ops.

1 r0 = 0xffffffff00000001;
2 w0 += 1
2 if r0 > 3 goto %l[fail];
6 exit

The above will fail if we do not correctly zero extend 64bit bounds
after 32bit op.

Signed-off-by: John Fastabend <john.fastabend@gmail.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Link: https://lore.kernel.org/bpf/158560430155.10843.514209255758200922.stgit@john-Precision-5820-Tower