search

smartnic / superopt

A superoptimizing compiler for packet-processing
MIT License
30 stars 3 forks source link

bpf verifier: not able to store an immediate number into a register memory if reg type is PTR_TO_CTX #95

Open QiongwenXu opened 4 years ago

QiongwenXu commented 4 years ago

bpf verifier: not able to store an immediate number into a register memory if reg type is PTR_TO_CTX but storing a register value is legal eg: 

*(u32*)(r1+0) = r2 -> legal
*(u32*)(r1+0) = 0  -> illegal

where r1 is the input of BPF program

reference: https://github.com/torvalds/linux/blob/a8205e310011f09cc73cd577d7b0074c57b9bb54/kernel/bpf/verifier.c key information:

  1. * At the start of BPF program the register R1 contains a pointer to bpf_context
* and has type PTR_TO_CTX.
  2.         if (is_ctx_reg(env, insn->dst_reg)) {
            verbose(env, "BPF_ST stores into R%d %s is not allowed\n",
                insn->dst_reg,
                reg_type_str[reg_state(env, insn->dst_reg)->type]);
            return -EACCES;
        }