[PATCH bpf-next v2 0/5] bpf: allow variable-offset stack access

Andrei Matei <andreimatei1@xxxxxxxxx> · Sun, 24 Jan 2021 14:49:04 -0500

Before this patch, variable offset access to the stack was dissalowed
for regular instructions, but was allowed for "indirect" accesses (i.e.
helpers). This patch removes the restriction, allowing reading and
writing to the stack through stack pointers with variable offsets. This
makes stack-allocated buffers more usable in programs, and brings stack
pointers closer to other types of pointers.

The motivation is being able to use stack-allocated buffers for data
manipulation. When the stack size limit is sufficient, allocating
buffers on the stack is simpler than per-cpu arrays, or other
alternatives.

V1 -> V2

- add support for var-offset stack writes, in addition to reads
- add a C test
- made variable offset direct reads no longer destroy spilled registers
  in the access range
- address review nits

Alexei had asked to split the work into refactoring and new
functionality. I have tried to do so, but the result seemed worse.
Particularly with the addition of write support in this V2, the lines
between refactoring and new functionality are mostly gone; the structure
changes too much. Alexei, if you disagree, I will try harder.

Andrei Matei (5):
  bpf: allow variable-offset stack access
  selftest/bpf: adjust expected verifier errors
  selftest/bpf: verifier tests for var-off access
  selftest/bpf: move utility function to tests header
  selftest/bpf: add test for var-offset stack access

 include/linux/bpf_verifier.h                  |   2 +-
 kernel/bpf/verifier.c                         | 657 ++++++++++++++----
 .../selftests/bpf/prog_tests/attach_probe.c   |  21 -
 .../selftests/bpf/prog_tests/stack_var_off.c  |  56 ++
 .../selftests/bpf/progs/test_stack_var_off.c  |  43 ++
 tools/testing/selftests/bpf/test_progs.c      |  25 +
 tools/testing/selftests/bpf/test_progs.h      |   1 +
 .../selftests/bpf/verifier/basic_stack.c      |   2 +-
 tools/testing/selftests/bpf/verifier/calls.c  |   4 +-
 .../testing/selftests/bpf/verifier/const_or.c |   4 +-
 .../bpf/verifier/helper_access_var_len.c      |  12 +-
 .../testing/selftests/bpf/verifier/int_ptr.c  |   6 +-
 .../selftests/bpf/verifier/raw_stack.c        |  10 +-
 .../selftests/bpf/verifier/stack_ptr.c        |  22 +-
 tools/testing/selftests/bpf/verifier/unpriv.c |   2 +-
 .../testing/selftests/bpf/verifier/var_off.c  | 108 ++-
 16 files changed, 768 insertions(+), 207 deletions(-)
 create mode 100644 tools/testing/selftests/bpf/prog_tests/stack_var_off.c
 create mode 100644 tools/testing/selftests/bpf/progs/test_stack_var_off.c

-- 
2.27.0