On Wed, May 2, 2018 at 1:29 AM, Daniel Borkmann <dan...@iogearbox.net> wrote: > On 05/02/2018 06:52 AM, Alexei Starovoitov wrote: >> On Tue, May 01, 2018 at 09:35:29PM -0700, William Tu wrote: >>> >>>> How did you test this patch? >>>> >>> Without the patch, the test case will fail. >>> With the patch, the test case passes. >> >> Please test it with real program and you'll see crashes and garbage returned. > > +1, *convert_ctx_access() use bpf_insn's off to determine what to rewrite, > so this is definitely buggy, and wasn't properly tested as it should have > been. The test case is also way too simple, just the LDX and then doing a > return 0 will get you past verifier, but won't give you anything in terms > of runtime testing that test_verifier is doing. A single test case for a > non trivial verifier change like this is also _completely insufficient_, > this really needs to test all sort of weird corner cases (involving out of > bounds accesses, overflows, etc).
Thanks, now I understand. It's much more complicated than I thought. William
