bpf: enable verifier to add 0 to packet ptr
authorWilliam Tu <u9012063@gmail.com>
Sat, 4 Feb 2017 16:37:29 +0000 (08:37 -0800)
committerDavid S. Miller <davem@davemloft.net>
Tue, 7 Feb 2017 03:50:04 +0000 (22:50 -0500)
commit63dfef75ed75364901d7caa52c6420cec3e73519
tree8c3065d18a1b80da112ec1ee9a1074240cd100ca
parent29200c199cc9bde59033ab30fcc40b6c8ae630b0
bpf: enable verifier to add 0 to packet ptr

The patch fixes the case when adding a zero value to the packet
pointer.  The zero value could come from src_reg equals type
BPF_K or CONST_IMM.  The patch fixes both, otherwise the verifer
reports the following error:
  [...]
    R0=imm0,min_value=0,max_value=0
    R1=pkt(id=0,off=0,r=4)
    R2=pkt_end R3=fp-12
    R4=imm4,min_value=4,max_value=4
    R5=pkt(id=0,off=4,r=4)
  269: (bf) r2 = r0     // r2 becomes imm0
  270: (77) r2 >>= 3
  271: (bf) r4 = r1     // r4 becomes pkt ptr
  272: (0f) r4 += r2    // r4 += 0
  addition of negative constant to packet pointer is not allowed

Signed-off-by: William Tu <u9012063@gmail.com>
Signed-off-by: Mihai Budiu <mbudiu@vmware.com>
Cc: Daniel Borkmann <daniel@iogearbox.net>
Cc: Alexei Starovoitov <ast@kernel.org>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: David S. Miller <davem@davemloft.net>
kernel/bpf/verifier.c
tools/testing/selftests/bpf/test_verifier.c