Re: [PATCH bpf 0/3] bpf: improve verifier resilience
On 12/04/2018 07:46 AM, Alexei Starovoitov wrote: > Three patches to improve verifier ability to handle pathological bpf programs > with a lot of branches: > - make sure prog_load syscall can be aborted > - improve branch taken analysis > - introduce per-insn complexity limit for unprivileged programs > > Alexei Starovoitov (3): > bpf: check pending signals while verifying programs > bpf: improve verifier branch analysis > bpf: add per-insn complexity limit > > kernel/bpf/verifier.c | 103 +--- > tools/testing/selftests/bpf/test_verifier.c | 4 +- > 2 files changed, 91 insertions(+), 16 deletions(-) > Applied to bpf, thanks!
[PATCH bpf 0/3] bpf: improve verifier resilience
Three patches to improve verifier ability to handle pathological bpf programs with a lot of branches: - make sure prog_load syscall can be aborted - improve branch taken analysis - introduce per-insn complexity limit for unprivileged programs Alexei Starovoitov (3): bpf: check pending signals while verifying programs bpf: improve verifier branch analysis bpf: add per-insn complexity limit kernel/bpf/verifier.c | 103 +--- tools/testing/selftests/bpf/test_verifier.c | 4 +- 2 files changed, 91 insertions(+), 16 deletions(-) -- 2.17.1