Re: [iovisor-dev] [PATCH v2 net-next 0/5] bpf: verifier fixes

From: Edward Cree Date: Wed, 23 Aug 2017 15:07:20 +0100 > Fix a couple of bugs introduced in my recent verifier patches. > Patch #2 does slightly increase the insn count on bpf_lxc.o, but only by > about a hundred insns (i.e. 0.2%). > > v2: added test for write-marks bug

Re: [iovisor-dev] minutes: IO Visor TSC/Dev Meeting

On Wed, Aug 23, 2017 at 4:40 PM, Brenden Blanco via iovisor-dev wrote: > Hi All, > > Thanks for joining in to the call today. We shared a round of updates, which > are > included in the notes below. > > Also please remember that Plumbers is right around the corner!

[iovisor-dev] minutes: IO Visor TSC/Dev Meeting

Hi All, Thanks for joining in to the call today. We shared a round of updates, which are included in the notes below. Also please remember that Plumbers is right around the corner! If you have signed up to lead discussion of a topic at the Tracing+BPF microconference, Alexei would like to have a

Re: [iovisor-dev] [PATCH v2 net-next 5/5] bpf/verifier: document liveness analysis

On 08/23/2017 04:11 PM, Edward Cree wrote: The liveness tracking algorithm is quite subtle; add comments to explain it. Signed-off-by: Edward Cree Acked-by: Daniel Borkmann ___ iovisor-dev mailing list

Re: [iovisor-dev] [PATCH v2 net-next 2/5] bpf/verifier: when pruning a branch, ignore its write marks

On 08/23/2017 04:10 PM, Edward Cree wrote: The fact that writes occurred in reaching the continuation state does not screen off its reads from us, because we're not really its parent. So detect 'not really the parent' in do_propagate_liveness, and ignore write marks in that case. Fixes:

Re: [iovisor-dev] [PATCH v2 net-next 3/5] selftests/bpf: add a test for a pruning bug in the verifier

On 08/23/2017 04:10 PM, Edward Cree wrote: From: Alexei Starovoitov The test makes a read through a map value pointer, then considers pruning a branch where the register holds an adjusted map value pointer. It should not prune, but currently it does. Signed-off-by: Alexei

Re: [iovisor-dev] [PATCH v2 net-next 2/5] bpf/verifier: when pruning a branch, ignore its write marks

On 8/23/17 7:10 AM, Edward Cree wrote: The fact that writes occurred in reaching the continuation state does not screen off its reads from us, because we're not really its parent. So detect 'not really the parent' in do_propagate_liveness, and ignore write marks in that case. Fixes:

Re: [iovisor-dev] [PATCH v2 net-next 1/5] selftests/bpf: add a test for a bug in liveness-based pruning

On 8/23/17 7:09 AM, Edward Cree wrote: Writes in straight-line code should not prevent reads from propagating along jumps. With current verifier code, the jump from 3 to 5 does not add a read mark on 3:R0 (because 5:R0 has a write mark), meaning that the jump from 1 to 3 gets pruned as safe

Re: [iovisor-dev] [PATCH v2 net-next 1/5] selftests/bpf: add a test for a bug in liveness-based pruning

On 08/23/2017 04:09 PM, Edward Cree wrote: Writes in straight-line code should not prevent reads from propagating along jumps. With current verifier code, the jump from 3 to 5 does not add a read mark on 3:R0 (because 5:R0 has a write mark), meaning that the jump from 1 to 3 gets pruned

Re: [iovisor-dev] [PATCH v2 net-next 5/5] bpf/verifier: document liveness analysis

On 8/23/17 7:11 AM, Edward Cree wrote: The liveness tracking algorithm is quite subtle; add comments to explain it. Signed-off-by: Edward Cree Acked-by: Alexei Starovoitov ___ iovisor-dev mailing list

[iovisor-dev] [PATCH v2 net-next 2/5] bpf/verifier: when pruning a branch, ignore its write marks

The fact that writes occurred in reaching the continuation state does not screen off its reads from us, because we're not really its parent. So detect 'not really the parent' in do_propagate_liveness, and ignore write marks in that case. Fixes: dc503a8ad984 ("bpf/verifier: track liveness for

[iovisor-dev] [PATCH v2 net-next 4/5] bpf/verifier: remove varlen_map_value_access flag

The optimisation it does is broken when the 'new' register value has a variable offset and the 'old' was constant. I broke it with my pointer types unification (see Fixes tag below), before which the 'new' value would have type PTR_TO_MAP_VALUE_ADJ and would thus not compare equal; other

[iovisor-dev] [PATCH v2 net-next 1/5] selftests/bpf: add a test for a bug in liveness-based pruning

Writes in straight-line code should not prevent reads from propagating along jumps. With current verifier code, the jump from 3 to 5 does not add a read mark on 3:R0 (because 5:R0 has a write mark), meaning that the jump from 1 to 3 gets pruned as safe even though R0 is NOT_INIT. Verifier

[iovisor-dev] [PATCH v2 net-next 3/5] selftests/bpf: add a test for a pruning bug in the verifier

From: Alexei Starovoitov The test makes a read through a map value pointer, then considers pruning a branch where the register holds an adjusted map value pointer. It should not prune, but currently it does. Signed-off-by: Alexei Starovoitov [ec...@solarflare.com:

[iovisor-dev] [PATCH v2 net-next 0/5] bpf: verifier fixes

Fix a couple of bugs introduced in my recent verifier patches. Patch #2 does slightly increase the insn count on bpf_lxc.o, but only by about a hundred insns (i.e. 0.2%). v2: added test for write-marks bug (patch #1); reworded comment on propagate_liveness() for clarity. Alexei Starovoitov