Hi Florian, On Fri, May 05, 2023 at 01:16:53PM +0200, Florian Westphal wrote: > Keep a per-rule bitmask that tracks registers that have seen a store, > then reject loads when the accessed registers haven't been flagged. > > This changes uabi contract, because we previously allowed this. > Neither nftables nor iptables-nft create such rules. > > In case there is breakage, we could insert an 'store 0 to x' > immediate expression into the ruleset automatically, but this > isn't done here. > > Let me know if you think the "refuse" approach is too risky. Might the NFT_BREAK case defeat this approach? Sequence is: 1) expression that writes on register hits NFT_BREAK (nothing is written) 2) expression that read from register, it reads uninitialized data. >From ruleset load step, we cannot know if the write fails, because it is subject to NFT_BREAK. Thanks.
