Since 'may_goto 0' insns are actually no-op, let us remove them.
Otherwise, verifier will generate code like
/* r10 - 8 stores the implicit loop count */
r11 = *(u64 *)(r10 -8)
if r11 == 0x0 goto pc+2
r11 -= 1
*(u64 *)(r10 -8) = r11
which is the pure overhead.
The following code patterns (from the previous commit) are also
handled:
may_goto 2
may_goto 1
may_goto 0
With this commit, the above three 'may_goto' insns are all
eliminated.
Signed-off-by: Yonghong Song <yonghong.song@xxxxxxxxx>
---
kernel/bpf/verifier.c | 36 ++++++++++++++++++++++++++++++++++++
1 file changed, 36 insertions(+)
diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
index edf3cc42a220..72b474bfba2d 100644
--- a/kernel/bpf/verifier.c
+++ b/kernel/bpf/verifier.c
@@ -20133,6 +20133,40 @@ static int opt_remove_nops(struct bpf_verifier_env *env)
return 0;
}
+static int opt_remove_useless_may_gotos(struct bpf_verifier_env *env)
+{
+ struct bpf_insn *insn = env->prog->insnsi;
+ int i, j, err, last_may_goto, removed_cnt;
+ int insn_cnt = env->prog->len;
+
+ for (i = 0; i < insn_cnt; i++) {
+ if (!is_may_goto_insn(&insn[i]))
+ continue;
+
+ for (j = i + 1; j < insn_cnt; j++) {
+ if (!is_may_goto_insn(&insn[j]))
+ break;
+ }
+
+ last_may_goto = --j;
+ removed_cnt = 0;
+ while (j >= i) {
+ if (insn[j].off == 0) {
+ err = verifier_remove_insns(env, j, 1);
+ if (err)
+ return err;
+ removed_cnt++;
+ }
+ j--;
+ }
+
+ insn_cnt -= removed_cnt;
+ i = last_may_goto - removed_cnt;
+ }
+
+ return 0;
+}
+
static int opt_subreg_zext_lo32_rnd_hi32(struct bpf_verifier_env *env,
const union bpf_attr *attr)
{
@@ -23089,6 +23123,8 @@ int bpf_check(struct bpf_prog **prog, union bpf_attr *attr, bpfptr_t uattr, __u3
ret = opt_remove_dead_code(env);
if (ret == 0)
ret = opt_remove_nops(env);
+ if (ret == 0)
+ ret = opt_remove_useless_may_gotos(env);
} else {
if (ret == 0)
sanitize_dead_code(env);
--
2.43.5
