On 06/28/2014 02:06 AM, Alexei Starovoitov wrote:
Safety of eBPF programs is statically determined by the verifier, which detects:
- loops
- out of range jumps
- unreachable instructions
- invalid instructions
- uninitialized register access
- uninitialized stack access
- misaligned stack access
- out of range stack access
- invalid calling convention
...
More details in Documentation/networking/filter.txt
Signed-off-by: Alexei Starovoitov <ast@xxxxxxxxxxxx>
---
...
kernel/bpf/verifier.c | 1431 +++++++++++++++++++++++++++++++++++
Looking at classic BPF verifier which checks safety of BPF
user space programs, it's roughly 200 loc. :-/
diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
new file mode 100644
...
+#define _(OP) ({ int ret = OP; if (ret < 0) return ret; })
...
+ _(get_map_info(env, map_id, &map));
...
+ _(size = bpf_size_to_bytes(bpf_size));
Nit: such macros should be removed, please.
--
To unsubscribe from this list: send the line "unsubscribe linux-api" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
