On Wed, 2 May 2018 10:54:56 -0700, William Tu wrote: > On Wed, May 2, 2018 at 1:29 AM, Daniel Borkmann <dan...@iogearbox.net> wrote: > > On 05/02/2018 06:52 AM, Alexei Starovoitov wrote: > >> On Tue, May 01, 2018 at 09:35:29PM -0700, William Tu wrote: > >> Please test it with real program and you'll see crashes and garbage > >> returned. > > > > +1, *convert_ctx_access() use bpf_insn's off to determine what to rewrite, > > so this is definitely buggy, and wasn't properly tested as it should have > > been. The test case is also way too simple, just the LDX and then doing a > > return 0 will get you past verifier, but won't give you anything in terms > > of runtime testing that test_verifier is doing. A single test case for a > > non trivial verifier change like this is also _completely insufficient_, > > this really needs to test all sort of weird corner cases (involving out of > > bounds accesses, overflows, etc). > > Thanks, now I understand. > It's much more complicated than I thought.
FWIW NFP JIT would also have to be updated, similarly to *convert_ctx_access() in mem_ldx_skb()/mem_ldx_xdp() we are currently looking at insn.off. In case you find a way to solve this.. :)
