On Tue, 2017-04-04 at 19:26 +0200, Daniel Borkmann wrote:

> >     if (regs[BPF_REG_6].type != PTR_TO_CTX) {
> > -           verbose("at the time of BPF_LD_ABS|IND R6 !=
> > pointer to skb\n");
> > +           verbose("at the time of BPF_LD_ABS|IND R6 !=
> > pointer to ctx\n");
> >             return -EINVAL;
> 
> Seems okay, the reason why we had 'skb' in the verbose message here
> is due to BPF_LD + BPF_ABS/BPF_IND operations being only specific to
> skbs and no other context (see __bpf_prog_run(), and in verifier
> may_access_skb() check before that verbose() message in
> check_ld_abs()). Reason for this is mostly historical due to the cBPF
> to eBPF migration so that these loads don't get slowed down when
> migrated to eBPF and can be handled by JIT optimizations (e.g.,
> caching skb->data), too. Anyway, just to provide some more background
> on this. I've no strong opinion if you want to change the verifier
> error message, so:

Ah. I really have no opinion on this either - it just seemed somewhat
inconsistent. I clearly neglected to read the comment in front of the
function though, that explains that we must have ctx == skb. I think
therefore it's probably better to drop this - thanks for the
explanation!

johannes

Reply via email to