Received: by 2002:a05:7412:8d10:b0:f3:1519:9f41 with SMTP id bj16csp6095423rdb; Thu, 14 Dec 2023 08:11:07 -0800 (PST) X-Google-Smtp-Source: AGHT+IEuBTqSAtg6wDPnKDVaMyi5mTAxx01AkD/8BsS/9hsaUc5U475sTXU9HYIwL8ds5fQJOYfu X-Received: by 2002:a05:6a00:464b:b0:68f:a92a:8509 with SMTP id kp11-20020a056a00464b00b0068fa92a8509mr14793778pfb.7.1702570266844; Thu, 14 Dec 2023 08:11:06 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1702570266; cv=none; d=google.com; s=arc-20160816; b=IvQlxwI11wIBr+Zbc6WHbFFE8Oc1ei81LwywW2GNqqPaScDGyaV6CMlFXqidMQ6l36 MheKDPhrpOcdHHKIzo+2kOWfdeSSDThzRhDCIiH4Zs37DppY5RrgeocsESpAA1Q2YHLI KDzo000zP049CJ7VhrOVdsnxp4wk3q4PHmhK7uCYKF0+xT2snnjhet7xitlWfxzgXGQi jsbjBbhTnTTAoLYumF6KuTpcb2vw9pqwcXHOQD5II3IjbYMGDiUCyLq7mLa5cS/N0M0s 4SBZw9SNYrQhe5ATbWrMtWitx+ojgXaPN/YAV6gMCzTPJ/N437PO+95yHMoIw+if9eha T/Ig== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:cc:to:subject :message-id:date:from:in-reply-to:references:mime-version :dkim-signature; bh=F040nn5DGpwH0v1Omp9qK9nDHPF0hXACKBYMGUkMwi8=; fh=HM7zLZKdcTUOf1uvav7MJ0fdjJodau0oiFvqBG/+acY=; b=E5DQzkRhkD6lHymdY0BlMtA02/3lRMyh4kbj3tdJ0BbiTQPpb3rR6DP3tBQ8FAL+cP PHcCvgcJwjjHraA9ATrXRb0wHzeMgGckln9heZroJ8xsTzTuyZ1rHKvBYLzgYZXufQjZ c1pWyBmVjm8xKc621yWAAbrsUKEnV9rMdyO833UYA+OD5m+ksqBMqnFn/kQRb1/tWJnG E6L+kBNVJLPHQSZnVlxbsQJWNZ8RA7DU75B4yqrKvg5r8lBcL976VzpGpkJFJ7a8JzGd AAsO5o3+VEZ4D1AMCAtPO0awPCNWLaDjG9+vlFgIBco0uFwT0GCdIjwLemadp10TDQE3 Ka1g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=VPGpW1p7; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from groat.vger.email (groat.vger.email. [2620:137:e000::3:5]) by mx.google.com with ESMTPS id e1-20020a656881000000b005c627018c38si11523652pgt.307.2023.12.14.08.10.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 14 Dec 2023 08:11:06 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) client-ip=2620:137:e000::3:5; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=VPGpW1p7; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:5 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by groat.vger.email (Postfix) with ESMTP id DB5D78266259; Thu, 14 Dec 2023 08:10:56 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at groat.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1444067AbjLNQKZ (ORCPT + 99 others); Thu, 14 Dec 2023 11:10:25 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:60074 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1443906AbjLNQKQ (ORCPT ); Thu, 14 Dec 2023 11:10:16 -0500 Received: from mail-wm1-x332.google.com (mail-wm1-x332.google.com [IPv6:2a00:1450:4864:20::332]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B5CF2127; Thu, 14 Dec 2023 08:10:21 -0800 (PST) Received: by mail-wm1-x332.google.com with SMTP id 5b1f17b1804b1-40c3f68b79aso64598125e9.0; Thu, 14 Dec 2023 08:10:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1702570220; x=1703175020; darn=vger.kernel.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=F040nn5DGpwH0v1Omp9qK9nDHPF0hXACKBYMGUkMwi8=; b=VPGpW1p7Su9qr8cPoy0OzysZPbdyOopHuFW98w1lbVMLewUyzw+pAOybHL5VeR+4US /Mxp3MGauDVOjfh5/RVp1E74vWv0+UYKAiwHkW5R845o0Creu2NEfweoABXy2+9ZWzgh p4+JY7+mXkr2oXUTBprZTHdgQSg5wTsTtt3ALaC4I/R2PUKwuviPSbPetYE9JBg2OplH cqZ11ZSTQhdRqZCpMW+wZrTtne76ohit+qIZgFGPe03mhnHpMLRnPtcUrFYscMhBS5rl pieJiLjdLQd9sfSiHsMKs+RI8rrsiT8rIRzaaZsLD+R7+E/UkDmKQiu6F0ug7F92KxRI od0Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1702570220; x=1703175020; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=F040nn5DGpwH0v1Omp9qK9nDHPF0hXACKBYMGUkMwi8=; b=esN8+wg/GGsOzFmQ76ngxmqQlp4/IR53JOE2ojfEnui2RLIwVPGNqjk0IUyVr1m8WZ LsG3wNeizYO+1ri2URb7TXzMzhIvy2lEnbhwkqk4iJi+jj7MGC3Mh8Zp+oJD4S2q39yI 6OMa8Syko7t44lN55dTlZSzmYteXQU3D8wOhCMS5x4IIEEzKgrr/KwJ7291G5yeYHfQa z7ZlKzM8NExJ+kJ6llhunWnT5/ngegAfFMOcLKSoWwlWZcI8BdwOrEgqj6LQ0EcVniiy fflOX0w7VoOnuf8w13a6+1vLxdph/pfdXqj7+hk5VaRECuBISkO9/WNRhD6s5q6XNIPV xQTw== X-Gm-Message-State: AOJu0YwTqAEMcfzAaYVZK4iKb0JhxT8utluATE5g4jfY2DGBgc+0TVGr yFwIUT1wogbpr7tou/YG7A4FQnsz3LZMhqb6jmg= X-Received: by 2002:a05:600c:250:b0:40c:66b4:ce3e with SMTP id 16-20020a05600c025000b0040c66b4ce3emr504399wmj.104.1702570219713; Thu, 14 Dec 2023 08:10:19 -0800 (PST) MIME-Version: 1.0 References: <20231214062434.3565630-1-menglong8.dong@gmail.com> <20231214062434.3565630-2-menglong8.dong@gmail.com> In-Reply-To: From: Alexei Starovoitov Date: Thu, 14 Dec 2023 08:10:08 -0800 Message-ID: Subject: Re: [PATCH bpf-next v3 1/2] bpf: make the verifier tracks the "not equal" for regs To: Menglong Dong Cc: Andrii Nakryiko , Eddy Z , Yonghong Song , Alexei Starovoitov , Daniel Borkmann , John Fastabend , Martin KaFai Lau , Song Liu , KP Singh , Stanislav Fomichev , Hao Luo , Jiri Olsa , bpf , LKML Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Spam-Status: No, score=-0.6 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE, SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on groat.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (groat.vger.email [0.0.0.0]); Thu, 14 Dec 2023 08:10:57 -0800 (PST) On Thu, Dec 14, 2023 at 6:07=E2=80=AFAM Menglong Dong wrote: > > Hello, > > On Thu, Dec 14, 2023 at 9:49=E2=80=AFPM Alexei Starovoitov > wrote: > > > > On Wed, Dec 13, 2023 at 10:28=E2=80=AFPM Menglong Dong wrote: > > > > > > We can derive some new information for BPF_JNE in regs_refine_cond_op= (). > > > Take following code for example: > > > > > > /* The type of "a" is u16 */ > > > if (a > 0 && a < 100) { > > > /* the range of the register for a is [0, 99], not [1, 99], > > > * and will cause the following error: > > > * > > > * invalid zero-sized read > > > * > > > * as a can be 0. > > > */ > > > bpf_skb_store_bytes(skb, xx, xx, a, 0); > > > } > > > > Please craft a selftest from above with inline asm > > (C might not work as compiler might optimize it) > > Okay! Should I add this selftests to reg_bounds as a subtest, > or add a "verifier_reg_edge.c" for verifier testing? reg_bounds is for automated. I think it will fit fine in the existing progs/verifier_bounds.c > > > Also we call: > > /* fallthrough (FALSE) branch */ > > regs_refine_cond_op(false_reg1, false_reg2, > > rev_opcode(opcode), is_jmp32); > > /* jump (TRUE) branch */ > > regs_refine_cond_op(true_reg1, true_reg2, opcode, is_jmp32); > > > > so despite BPF_JNE is not handled explicitly it still should have > > caught above due to rev_opcode() ? > > Ennn.....I'm a little confused. In this case, the TRUE path is > handled properly, as the opcode is BPF_JEQ; and the FALSE > is not handled properly, as the opcode is rev_opcode(BPF_JEQ), > which is BPF_JNE. And the bpf_skb_store_bytes() will be called > in the FALSE path. The origin state of false_reg* should be the same > as true_reg*. Ahh. I see. It wasn't clear how 'a > 0 && a < 100' got to be JNE after optimizations.