From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Yonghong Song <yhs@fb.com>,
John Fastabend <john.fastabend@gmail.com>,
Alexei Starovoitov <ast@kernel.org>,
Ovidiu Panait <ovidiu.panait@windriver.com>
Subject: [PATCH 5.4 22/23] bpf, selftests: Add a verifier test for assigning 32bit reg states to 64bit ones
Date: Fri, 6 Aug 2021 10:16:54 +0200 [thread overview]
Message-ID: <20210806081112.900244614@linuxfoundation.org> (raw)
In-Reply-To: <20210806081112.104686873@linuxfoundation.org>
From: John Fastabend <john.fastabend@gmail.com>
commit cf66c29bd7534813d2e1971fab71e25fe87c7e0a upstream
Added a verifier test for assigning 32bit reg states to
64bit where 32bit reg holds a constant value of 0.
Without previous kernel verifier.c fix, the test in
this patch will fail.
Signed-off-by: Yonghong Song <yhs@fb.com>
Signed-off-by: John Fastabend <john.fastabend@gmail.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Link: https://lore.kernel.org/bpf/159077335867.6014.2075350327073125374.stgit@john-Precision-5820-Tower
Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
tools/testing/selftests/bpf/verifier/bounds.c | 22 ++++++++++++++++++++++
1 file changed, 22 insertions(+)
--- a/tools/testing/selftests/bpf/verifier/bounds.c
+++ b/tools/testing/selftests/bpf/verifier/bounds.c
@@ -545,3 +545,25 @@
},
.result = ACCEPT
},
+{
+ "assigning 32bit bounds to 64bit for wA = 0, wB = wA",
+ .insns = {
+ BPF_LDX_MEM(BPF_W, BPF_REG_8, BPF_REG_1,
+ offsetof(struct __sk_buff, data_end)),
+ BPF_LDX_MEM(BPF_W, BPF_REG_7, BPF_REG_1,
+ offsetof(struct __sk_buff, data)),
+ BPF_MOV32_IMM(BPF_REG_9, 0),
+ BPF_MOV32_REG(BPF_REG_2, BPF_REG_9),
+ BPF_MOV64_REG(BPF_REG_6, BPF_REG_7),
+ BPF_ALU64_REG(BPF_ADD, BPF_REG_6, BPF_REG_2),
+ BPF_MOV64_REG(BPF_REG_3, BPF_REG_6),
+ BPF_ALU64_IMM(BPF_ADD, BPF_REG_3, 8),
+ BPF_JMP_REG(BPF_JGT, BPF_REG_3, BPF_REG_8, 1),
+ BPF_LDX_MEM(BPF_W, BPF_REG_5, BPF_REG_6, 0),
+ BPF_MOV64_IMM(BPF_REG_0, 0),
+ BPF_EXIT_INSN(),
+ },
+ .prog_type = BPF_PROG_TYPE_SCHED_CLS,
+ .result = ACCEPT,
+ .flags = F_NEEDS_EFFICIENT_UNALIGNED_ACCESS,
+},
next prev parent reply other threads:[~2021-08-06 8:22 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-06 8:16 [PATCH 5.4 00/23] 5.4.139-rc1 review Greg Kroah-Hartman
2021-08-06 8:16 ` [PATCH 5.4 01/23] btrfs: delete duplicated words + other fixes in comments Greg Kroah-Hartman
2021-08-06 8:16 ` [PATCH 5.4 02/23] btrfs: do not commit logs and transactions during link and rename operations Greg Kroah-Hartman
2021-08-06 8:16 ` [PATCH 5.4 03/23] btrfs: fix race causing unnecessary inode logging during link and rename Greg Kroah-Hartman
2021-08-06 8:16 ` [PATCH 5.4 04/23] btrfs: fix lost inode on log replay after mix of fsync, rename and inode eviction Greg Kroah-Hartman
2021-08-06 8:16 ` [PATCH 5.4 05/23] regulator: rt5033: Fix n_voltages settings for BUCK and LDO Greg Kroah-Hartman
2021-08-06 8:16 ` [PATCH 5.4 06/23] spi: stm32h7: fix full duplex irq handler handling Greg Kroah-Hartman
2021-08-06 8:16 ` [PATCH 5.4 07/23] ASoC: tlv320aic31xx: fix reversed bclk/wclk master bits Greg Kroah-Hartman
2021-08-06 8:16 ` [PATCH 5.4 08/23] r8152: Fix potential PM refcount imbalance Greg Kroah-Hartman
2021-08-06 8:16 ` [PATCH 5.4 09/23] qed: fix possible unpaired spin_{un}lock_bh in _qed_mcp_cmd_and_union() Greg Kroah-Hartman
2021-08-06 8:16 ` [PATCH 5.4 10/23] net: Fix zero-copy head len calculation Greg Kroah-Hartman
2021-08-06 8:16 ` [PATCH 5.4 11/23] nvme: fix nvme_setup_command metadata trace event Greg Kroah-Hartman
2021-08-06 8:16 ` [PATCH 5.4 12/23] ACPI: fix NULL pointer dereference Greg Kroah-Hartman
2021-08-06 8:16 ` [PATCH 5.4 13/23] Revert "spi: mediatek: fix fifo rx mode" Greg Kroah-Hartman
2021-08-06 8:16 ` [PATCH 5.4 14/23] Revert "Bluetooth: Shutdown controller after workqueues are flushed or cancelled" Greg Kroah-Hartman
2021-08-06 8:16 ` [PATCH 5.4 15/23] firmware: arm_scmi: Ensure drivers provide a probe function Greg Kroah-Hartman
2021-08-06 8:16 ` [PATCH 5.4 16/23] firmware: arm_scmi: Add delayed response status check Greg Kroah-Hartman
2021-08-06 8:16 ` [PATCH 5.4 17/23] Revert "watchdog: iTCO_wdt: Account for rebooting on second timeout" Greg Kroah-Hartman
2021-08-06 8:16 ` [PATCH 5.4 18/23] bpf: Inherit expanded/patched seen count from old aux data Greg Kroah-Hartman
2021-08-06 8:16 ` [PATCH 5.4 19/23] bpf: Do not mark insn as seen under speculative path verification Greg Kroah-Hartman
2021-08-06 8:16 ` [PATCH 5.4 20/23] bpf: Fix leakage under speculation on mispredicted branches Greg Kroah-Hartman
2021-08-06 8:16 ` [PATCH 5.4 21/23] bpf: Test_verifier, add alu32 bounds tracking tests Greg Kroah-Hartman
2021-08-06 8:16 ` Greg Kroah-Hartman [this message]
2021-08-06 8:16 ` [PATCH 5.4 23/23] bpf, selftests: Adjust few selftest outcomes wrt unreachable code Greg Kroah-Hartman
2021-08-06 18:58 ` [PATCH 5.4 00/23] 5.4.139-rc1 review Guenter Roeck
2021-08-07 10:41 ` Sudip Mukherjee
2021-08-07 18:40 ` Naresh Kamboju
2021-08-08 3:27 ` Aakash Hemadri
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210806081112.900244614@linuxfoundation.org \
--to=gregkh@linuxfoundation.org \
--cc=ast@kernel.org \
--cc=john.fastabend@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=ovidiu.panait@windriver.com \
--cc=stable@vger.kernel.org \
--cc=yhs@fb.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).