• David S. Miller's avatar
    Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf · e4be7bab
    David S. Miller authored
    Daniel Borkmann says:
    
    ====================
    pull-request: bpf 2017-11-23
    
    The following pull-request contains BPF updates for your *net* tree.
    
    The main changes are:
    
    1) Several BPF offloading fixes, from Jakub. Among others:
    
        - Limit offload to cls_bpf and XDP program types only.
        - Move device validation into the driver and don't make
          any assumptions about the device in the classifier due
          to shared blocks semantics.
        - Don't pass offloaded XDP program into the driver when
          it should be run in native XDP instead. Offloaded ones
          are not JITed for the host in such cases.
        - Don't destroy device offload state when moved to
          another namespace.
        - Revert dumping offload info into user space for now,
          since ifindex alone is not sufficient. This will be
          redone properly for bpf-next tree.
    
    2) Fix test_verifier to avoid using bpf_probe_write_user()
       helper in test cases, since it's dumping a warning into
       kernel log which may confuse users when only running tests.
       Switch to use bpf_trace_printk() instead, from Yonghong.
    
    3) Several fixes for correcting ARG_CONST_SIZE_OR_ZERO semantics
       before it becomes uabi, from Gianluca. More specifically:
    
        - Add a type ARG_PTR_TO_MEM_OR_NULL that is used only
          by bpf_csum_diff(), where the argument is either a
          valid pointer or NULL. The subsequent ARG_CONST_SIZE_OR_ZERO
          then enforces a valid pointer in case of non-0 size
          or a valid pointer or NULL in case of size 0. Given
          that, the semantics for ARG_PTR_TO_MEM in combination
          with ARG_CONST_SIZE_OR_ZERO are now such that in case
          of size 0, the pointer must always be valid and cannot
          be NULL. This fix in semantics allows for bpf_probe_read()
          to drop the recently added size == 0 check in the helper
          that would become part of uabi otherwise once released.
          At the same time we can then fix bpf_probe_read_str() and
          bpf_perf_event_output() to use ARG_CONST_SIZE_OR_ZERO
          instead of ARG_CONST_SIZE in order to fix recently
          reported issues by Arnaldo et al, where LLVM optimizes
          two boundary checks into a single one for unknown
          variables where the verifier looses track of the variable
          bounds and thus rejects valid programs otherwise.
    
    4) A fix for the verifier for the case when it detects
       comparison of two constants where the branch is guaranteed
       to not be taken at runtime. Verifier will rightfully prune
       the exploration of such paths, but we still pass the program
       to JITs, where they would complain about using reserved
       fields, etc. Track such dead instructions and sanitize
       them with mov r0,r0. Rejection is not possible since LLVM
       may generate them for valid C code and doesn't do as much
       data flow analysis as verifier. For bpf-next we might
       implement removal of such dead code and adjust branches
       instead. Fix from Alexei.
    ====================
    Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
    e4be7bab
dev.c 220 KB