linux/kernel/bpf
Alexei Starovoitov 735b433397 bpf: improve verifier state equivalence
since UNKNOWN_VALUE type is weaker than CONST_IMM we can un-teach
verifier its recognition of constants in conditional branches
without affecting safety.
Ex:
if (reg == 123) {
  .. here verifier was marking reg->type as CONST_IMM
     instead keep reg as UNKNOWN_VALUE
}

Two verifier states with UNKNOWN_VALUE are equivalent, whereas
CONST_IMM_X != CONST_IMM_Y, since CONST_IMM is used for stack range
verification and other cases.
So help search pruning by marking registers as UNKNOWN_VALUE
where possible instead of CONST_IMM.

Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
2016-05-06 16:01:54 -04:00
..
Makefile bpf: introduce percpu_freelist 2016-03-08 15:28:31 -05:00
arraymap.c bpf: check for reserved flag bits in array and stack maps 2016-03-08 15:28:31 -05:00
core.c bpf: direct packet access 2016-05-06 16:01:53 -04:00
hashtab.c bpf: pre-allocate hash map elements 2016-03-08 15:28:31 -05:00
helpers.c bpf: convert relevant helper args to ARG_PTR_TO_RAW_STACK 2016-04-14 21:40:41 -04:00
inode.c bpf: fix refcnt overflow 2016-04-28 17:29:45 -04:00
percpu_freelist.c bpf: introduce percpu_freelist 2016-03-08 15:28:31 -05:00
percpu_freelist.h bpf: introduce percpu_freelist 2016-03-08 15:28:31 -05:00
stackmap.c bpf: support bpf_get_stackid() and bpf_perf_event_output() in tracepoint programs 2016-04-07 21:04:26 -04:00
syscall.c bpf: fix refcnt overflow 2016-04-28 17:29:45 -04:00
verifier.c bpf: improve verifier state equivalence 2016-05-06 16:01:54 -04:00