[PATCHv2] net: bpf: reject invalid shifts
Eric Dumazet
eric.dumazet at gmail.com
Tue Jan 12 15:28:22 PST 2016
On Tue, 2016-01-12 at 12:46 -0800, Alexei Starovoitov wrote:
> On Tue, Jan 12, 2016 at 09:42:39PM +0100, Daniel Borkmann wrote:
> > >yep and we all know who was able to code hundreds of cBPF insns by hand ;)
> > >But I'm sure that code doesn't have such broken shifts. :)))
> >
> > libpcap certainly supports raw filters now thanks to Chema [1]. Alternative
> > could be to just mask them here, but not in eBPF verifier, but that would be
> > even more inconsistent (on the other hand, we also allow holes in BPF but not
> > in eBPF, so wouldn't be the first time we make things different), hmm.
>
> I would rather see broken classic bpf program fixed instead of continue
> running them with undefined behavior.
This is your choice, because you are a developer.
Some people might be stuck with old software they can not update,
because they do not have the money to pay developers.
And no, I did not code BPF programs like that, but maybe others did, and
I feel the pain of customers that might be stuck.
Linus Torvalds always made clear we must provide backward compatibility,
and really this discussion should not even take place.
As I said, we used to load such BPF program in the past.
The fact that ARM64 crashes because of a faulty JIT implementation is
not an excuse.
More information about the linux-arm-kernel
mailing list