On 1/27/24 10:50 AM, dthaler1968@xxxxxxxxxxxxxx wrote:
Under "Load and store instructions", various mode modifiers are documented. I notice that BPF_MSH (0xa0) is not documented, but appears to be in use in various projects, including Linux, BSD, seccomp, etc. and is even documented in various books such as https://www.google.com/books/edition/Programming_Linux_Hacker_Tools_Uncovere d/yqHVAwAAQBAJ?hl=en&gbpv=1&dq=%22BPF_MSH%22&pg=PA129&printsec=frontcover Should we document it as deprecated and add it to the set of deprecated instructions (the legacy conformance group) like BPF_ABS and BPF_IND already are? Also, for purposes of the IANA registry of instructions where we list which opcodes are "(deprecated, implementation-specific)", I currently list all possible BPF_ABS and BPF_IND opcodes regardless of whether they were ever used (I didn't check which were used and which might not have been), so I could just list all possible BPF_MSH opcodes similarly. But if we know that some were never used then I don't need to do so, so I guess I should ask: do we have a list of which combinations were actually used or should we continue to just deprecate all combinations? As an example, https://github.com/seccomp/libseccomp/blob/main/tools/scmp_bpf_disasm.c#L68 lists 6 variants of BPF_MSH: LD and LDX, for B, H, and W (but not DW). Other sources like the book page referenced above, and the BSD man page, list only BPF_LDX | BPF_B | BPF_MSH, which is in Linux sources such as https://elixir.bootlin.com/linux/v6.8-rc1/source/lib/test_bpf.c#L368
From kernel source code (net/core/filter.c), the only supported format is BPF_LDX | BPF_MSH | BPF_B The insn (BPF_LDX | BPF_MSH | BPF_B) is only used when cBPF (classic BPF) is converted to BPF insn set. If the current BPF program has this insn, verifier will reject it and bpf kernel interpreter does not support this insn either. So technically, (BPF_LDX | BPF_MSH | BPF_B) is not supported by BPF program.
So, should we list the DW variants as deprecated, or never assigned? Should we list the H, W, and LD variants as deprecated, or never assigned? What about DW and LDX variants of BPF_IND and BPF_ABS?
