tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
selftests: bpf: complete sub-register zero extension checks
eBPF ISA specification requires high 32-bit cleared when only low 32-bit
sub-register is written. JIT back-ends must guarantee this semantics when
doing code-gen.
This patch complete unit tests for all of those insns that could be visible
to JIT back-ends and defining sub-registers, if JIT back-ends failed to
guarantee the mentioned semantics, these unit tests will fail.
Acked-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Reviewed-by: Quentin Monnet <quentin.monnet@netronome.com>
Signed-off-by: Jiong Wang <jiong.wang@netronome.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
authored by
Jiong Wang
and committed by
Daniel Borkmann
c25d60c1
9e084bb9
+507
-13
+507
-13
tools/testing/selftests/bpf/verifier/subreg.c
+507
-13
tools/testing/selftests/bpf/verifier/subreg.c
···
1
+
/* This file contains sub-register zero extension checks for insns defining
2
+
* sub-registers, meaning:
3
+
* - All insns under BPF_ALU class. Their BPF_ALU32 variants or narrow width
4
+
* forms (BPF_END) could define sub-registers.
5
+
* - Narrow direct loads, BPF_B/H/W | BPF_LDX.
6
+
* - BPF_LD is not exposed to JIT back-ends, so no need for testing.
7
+
*
8
+
* "get_prandom_u32" is used to initialize low 32-bit of some registers to
9
+
* prevent potential optimizations done by verifier or JIT back-ends which could
10
+
* optimize register back into constant when range info shows one register is a
11
+
* constant.
12
+
*/
1
13
{
2
-
"or32 reg zero extend check",
14
+
"add32 reg zero extend check",
3
15
.insns = {
4
-
BPF_MOV64_IMM(BPF_REG_0, -1),
5
-
BPF_MOV64_IMM(BPF_REG_2, -2),
6
-
BPF_ALU32_REG(BPF_OR, BPF_REG_0, BPF_REG_2),
16
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
17
+
BPF_MOV64_REG(BPF_REG_1, BPF_REG_0),
18
+
BPF_LD_IMM64(BPF_REG_0, 0x100000000ULL),
19
+
BPF_ALU32_REG(BPF_ADD, BPF_REG_0, BPF_REG_1),
7
20
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
8
21
BPF_EXIT_INSN(),
9
22
},
10
-
.prog_type = BPF_PROG_TYPE_SCHED_CLS,
23
+
.result = ACCEPT,
24
+
.retval = 0,
25
+
},
26
+
{
27
+
"add32 imm zero extend check",
28
+
.insns = {
29
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
30
+
BPF_LD_IMM64(BPF_REG_1, 0x1000000000ULL),
31
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_1),
32
+
/* An insn could have no effect on the low 32-bit, for example:
33
+
* a = a + 0
34
+
* a = a | 0
35
+
* a = a & -1
36
+
* But, they should still zero high 32-bit.
37
+
*/
38
+
BPF_ALU32_IMM(BPF_ADD, BPF_REG_0, 0),
39
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
40
+
BPF_MOV64_REG(BPF_REG_6, BPF_REG_0),
41
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
42
+
BPF_LD_IMM64(BPF_REG_1, 0x1000000000ULL),
43
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_1),
44
+
BPF_ALU32_IMM(BPF_ADD, BPF_REG_0, -2),
45
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
46
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_6),
47
+
BPF_EXIT_INSN(),
48
+
},
49
+
.result = ACCEPT,
50
+
.retval = 0,
51
+
},
52
+
{
53
+
"sub32 reg zero extend check",
54
+
.insns = {
55
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
56
+
BPF_MOV64_REG(BPF_REG_1, BPF_REG_0),
57
+
BPF_LD_IMM64(BPF_REG_0, 0x1ffffffffULL),
58
+
BPF_ALU32_REG(BPF_SUB, BPF_REG_0, BPF_REG_1),
59
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
60
+
BPF_EXIT_INSN(),
61
+
},
62
+
.result = ACCEPT,
63
+
.retval = 0,
64
+
},
65
+
{
66
+
"sub32 imm zero extend check",
67
+
.insns = {
68
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
69
+
BPF_LD_IMM64(BPF_REG_1, 0x1000000000ULL),
70
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_1),
71
+
BPF_ALU32_IMM(BPF_SUB, BPF_REG_0, 0),
72
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
73
+
BPF_MOV64_REG(BPF_REG_6, BPF_REG_0),
74
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
75
+
BPF_LD_IMM64(BPF_REG_1, 0x1000000000ULL),
76
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_1),
77
+
BPF_ALU32_IMM(BPF_SUB, BPF_REG_0, 1),
78
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
79
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_6),
80
+
BPF_EXIT_INSN(),
81
+
},
82
+
.result = ACCEPT,
83
+
.retval = 0,
84
+
},
85
+
{
86
+
"mul32 reg zero extend check",
87
+
.insns = {
88
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
89
+
BPF_MOV64_REG(BPF_REG_1, BPF_REG_0),
90
+
BPF_LD_IMM64(BPF_REG_0, 0x100000001ULL),
91
+
BPF_ALU32_REG(BPF_MUL, BPF_REG_0, BPF_REG_1),
92
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
93
+
BPF_EXIT_INSN(),
94
+
},
95
+
.result = ACCEPT,
96
+
.retval = 0,
97
+
},
98
+
{
99
+
"mul32 imm zero extend check",
100
+
.insns = {
101
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
102
+
BPF_LD_IMM64(BPF_REG_1, 0x1000000000ULL),
103
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_1),
104
+
BPF_ALU32_IMM(BPF_MUL, BPF_REG_0, 1),
105
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
106
+
BPF_MOV64_REG(BPF_REG_6, BPF_REG_0),
107
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
108
+
BPF_LD_IMM64(BPF_REG_1, 0x1000000000ULL),
109
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_1),
110
+
BPF_ALU32_IMM(BPF_MUL, BPF_REG_0, -1),
111
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
112
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_6),
113
+
BPF_EXIT_INSN(),
114
+
},
115
+
.result = ACCEPT,
116
+
.retval = 0,
117
+
},
118
+
{
119
+
"div32 reg zero extend check",
120
+
.insns = {
121
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
122
+
BPF_MOV64_REG(BPF_REG_1, BPF_REG_0),
123
+
BPF_MOV64_IMM(BPF_REG_0, -1),
124
+
BPF_ALU32_REG(BPF_DIV, BPF_REG_0, BPF_REG_1),
125
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
126
+
BPF_EXIT_INSN(),
127
+
},
128
+
.result = ACCEPT,
129
+
.retval = 0,
130
+
},
131
+
{
132
+
"div32 imm zero extend check",
133
+
.insns = {
134
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
135
+
BPF_LD_IMM64(BPF_REG_1, 0x1000000000ULL),
136
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_1),
137
+
BPF_ALU32_IMM(BPF_DIV, BPF_REG_0, 1),
138
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
139
+
BPF_MOV64_REG(BPF_REG_6, BPF_REG_0),
140
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
141
+
BPF_LD_IMM64(BPF_REG_1, 0x1000000000ULL),
142
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_1),
143
+
BPF_ALU32_IMM(BPF_DIV, BPF_REG_0, 2),
144
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
145
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_6),
146
+
BPF_EXIT_INSN(),
147
+
},
148
+
.result = ACCEPT,
149
+
.retval = 0,
150
+
},
151
+
{
152
+
"or32 reg zero extend check",
153
+
.insns = {
154
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
155
+
BPF_MOV64_REG(BPF_REG_1, BPF_REG_0),
156
+
BPF_LD_IMM64(BPF_REG_0, 0x100000001ULL),
157
+
BPF_ALU32_REG(BPF_OR, BPF_REG_0, BPF_REG_1),
158
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
159
+
BPF_EXIT_INSN(),
160
+
},
161
+
.result = ACCEPT,
162
+
.retval = 0,
163
+
},
164
+
{
165
+
"or32 imm zero extend check",
166
+
.insns = {
167
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
168
+
BPF_LD_IMM64(BPF_REG_1, 0x1000000000ULL),
169
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_1),
170
+
BPF_ALU32_IMM(BPF_OR, BPF_REG_0, 0),
171
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
172
+
BPF_MOV64_REG(BPF_REG_6, BPF_REG_0),
173
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
174
+
BPF_LD_IMM64(BPF_REG_1, 0x1000000000ULL),
175
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_1),
176
+
BPF_ALU32_IMM(BPF_OR, BPF_REG_0, 1),
177
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
178
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_6),
179
+
BPF_EXIT_INSN(),
180
+
},
11
181
.result = ACCEPT,
12
182
.retval = 0,
13
183
},
14
184
{
15
185
"and32 reg zero extend check",
16
186
.insns = {
17
-
BPF_MOV64_IMM(BPF_REG_0, -1),
18
-
BPF_MOV64_IMM(BPF_REG_2, -2),
19
-
BPF_ALU32_REG(BPF_AND, BPF_REG_0, BPF_REG_2),
187
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
188
+
BPF_LD_IMM64(BPF_REG_1, 0x100000000ULL),
189
+
BPF_ALU64_REG(BPF_OR, BPF_REG_1, BPF_REG_0),
190
+
BPF_LD_IMM64(BPF_REG_0, 0x1ffffffffULL),
191
+
BPF_ALU32_REG(BPF_AND, BPF_REG_0, BPF_REG_1),
20
192
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
21
193
BPF_EXIT_INSN(),
22
194
},
23
-
.prog_type = BPF_PROG_TYPE_SCHED_CLS,
195
+
.result = ACCEPT,
196
+
.retval = 0,
197
+
},
198
+
{
199
+
"and32 imm zero extend check",
200
+
.insns = {
201
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
202
+
BPF_LD_IMM64(BPF_REG_1, 0x1000000000ULL),
203
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_1),
204
+
BPF_ALU32_IMM(BPF_AND, BPF_REG_0, -1),
205
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
206
+
BPF_MOV64_REG(BPF_REG_6, BPF_REG_0),
207
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
208
+
BPF_LD_IMM64(BPF_REG_1, 0x1000000000ULL),
209
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_1),
210
+
BPF_ALU32_IMM(BPF_AND, BPF_REG_0, -2),
211
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
212
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_6),
213
+
BPF_EXIT_INSN(),
214
+
},
215
+
.result = ACCEPT,
216
+
.retval = 0,
217
+
},
218
+
{
219
+
"lsh32 reg zero extend check",
220
+
.insns = {
221
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
222
+
BPF_LD_IMM64(BPF_REG_1, 0x100000000ULL),
223
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_1),
224
+
BPF_MOV64_IMM(BPF_REG_1, 1),
225
+
BPF_ALU32_REG(BPF_LSH, BPF_REG_0, BPF_REG_1),
226
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
227
+
BPF_EXIT_INSN(),
228
+
},
229
+
.result = ACCEPT,
230
+
.retval = 0,
231
+
},
232
+
{
233
+
"lsh32 imm zero extend check",
234
+
.insns = {
235
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
236
+
BPF_LD_IMM64(BPF_REG_1, 0x1000000000ULL),
237
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_1),
238
+
BPF_ALU32_IMM(BPF_LSH, BPF_REG_0, 0),
239
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
240
+
BPF_MOV64_REG(BPF_REG_6, BPF_REG_0),
241
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
242
+
BPF_LD_IMM64(BPF_REG_1, 0x1000000000ULL),
243
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_1),
244
+
BPF_ALU32_IMM(BPF_LSH, BPF_REG_0, 1),
245
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
246
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_6),
247
+
BPF_EXIT_INSN(),
248
+
},
249
+
.result = ACCEPT,
250
+
.retval = 0,
251
+
},
252
+
{
253
+
"rsh32 reg zero extend check",
254
+
.insns = {
255
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
256
+
BPF_LD_IMM64(BPF_REG_1, 0x1000000000ULL),
257
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_1),
258
+
BPF_MOV64_IMM(BPF_REG_1, 1),
259
+
BPF_ALU32_REG(BPF_RSH, BPF_REG_0, BPF_REG_1),
260
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
261
+
BPF_EXIT_INSN(),
262
+
},
263
+
.result = ACCEPT,
264
+
.retval = 0,
265
+
},
266
+
{
267
+
"rsh32 imm zero extend check",
268
+
.insns = {
269
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
270
+
BPF_LD_IMM64(BPF_REG_1, 0x1000000000ULL),
271
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_1),
272
+
BPF_ALU32_IMM(BPF_RSH, BPF_REG_0, 0),
273
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
274
+
BPF_MOV64_REG(BPF_REG_6, BPF_REG_0),
275
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
276
+
BPF_LD_IMM64(BPF_REG_1, 0x1000000000ULL),
277
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_1),
278
+
BPF_ALU32_IMM(BPF_RSH, BPF_REG_0, 1),
279
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
280
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_6),
281
+
BPF_EXIT_INSN(),
282
+
},
283
+
.result = ACCEPT,
284
+
.retval = 0,
285
+
},
286
+
{
287
+
"neg32 reg zero extend check",
288
+
.insns = {
289
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
290
+
BPF_LD_IMM64(BPF_REG_1, 0x1000000000ULL),
291
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_1),
292
+
BPF_ALU32_IMM(BPF_NEG, BPF_REG_0, 0),
293
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
294
+
BPF_EXIT_INSN(),
295
+
},
296
+
.result = ACCEPT,
297
+
.retval = 0,
298
+
},
299
+
{
300
+
"mod32 reg zero extend check",
301
+
.insns = {
302
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
303
+
BPF_MOV64_REG(BPF_REG_1, BPF_REG_0),
304
+
BPF_MOV64_IMM(BPF_REG_0, -1),
305
+
BPF_ALU32_REG(BPF_MOD, BPF_REG_0, BPF_REG_1),
306
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
307
+
BPF_EXIT_INSN(),
308
+
},
309
+
.result = ACCEPT,
310
+
.retval = 0,
311
+
},
312
+
{
313
+
"mod32 imm zero extend check",
314
+
.insns = {
315
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
316
+
BPF_LD_IMM64(BPF_REG_1, 0x1000000000ULL),
317
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_1),
318
+
BPF_ALU32_IMM(BPF_MOD, BPF_REG_0, 1),
319
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
320
+
BPF_MOV64_REG(BPF_REG_6, BPF_REG_0),
321
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
322
+
BPF_LD_IMM64(BPF_REG_1, 0x1000000000ULL),
323
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_1),
324
+
BPF_ALU32_IMM(BPF_MOD, BPF_REG_0, 2),
325
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
326
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_6),
327
+
BPF_EXIT_INSN(),
328
+
},
24
329
.result = ACCEPT,
25
330
.retval = 0,
26
331
},
27
332
{
28
333
"xor32 reg zero extend check",
29
334
.insns = {
30
-
BPF_MOV64_IMM(BPF_REG_0, -1),
31
-
BPF_MOV64_IMM(BPF_REG_2, 0),
32
-
BPF_ALU32_REG(BPF_XOR, BPF_REG_0, BPF_REG_2),
335
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
336
+
BPF_MOV64_REG(BPF_REG_1, BPF_REG_0),
337
+
BPF_LD_IMM64(BPF_REG_0, 0x100000000ULL),
338
+
BPF_ALU32_REG(BPF_XOR, BPF_REG_0, BPF_REG_1),
33
339
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
34
340
BPF_EXIT_INSN(),
35
341
},
36
-
.prog_type = BPF_PROG_TYPE_SCHED_CLS,
342
+
.result = ACCEPT,
343
+
.retval = 0,
344
+
},
345
+
{
346
+
"xor32 imm zero extend check",
347
+
.insns = {
348
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
349
+
BPF_LD_IMM64(BPF_REG_1, 0x1000000000ULL),
350
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_1),
351
+
BPF_ALU32_IMM(BPF_XOR, BPF_REG_0, 1),
352
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
353
+
BPF_EXIT_INSN(),
354
+
},
355
+
.result = ACCEPT,
356
+
.retval = 0,
357
+
},
358
+
{
359
+
"mov32 reg zero extend check",
360
+
.insns = {
361
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
362
+
BPF_LD_IMM64(BPF_REG_1, 0x100000000ULL),
363
+
BPF_ALU64_REG(BPF_OR, BPF_REG_1, BPF_REG_0),
364
+
BPF_LD_IMM64(BPF_REG_0, 0x100000000ULL),
365
+
BPF_MOV32_REG(BPF_REG_0, BPF_REG_1),
366
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
367
+
BPF_EXIT_INSN(),
368
+
},
369
+
.result = ACCEPT,
370
+
.retval = 0,
371
+
},
372
+
{
373
+
"mov32 imm zero extend check",
374
+
.insns = {
375
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
376
+
BPF_LD_IMM64(BPF_REG_1, 0x1000000000ULL),
377
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_1),
378
+
BPF_MOV32_IMM(BPF_REG_0, 0),
379
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
380
+
BPF_MOV64_REG(BPF_REG_6, BPF_REG_0),
381
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
382
+
BPF_LD_IMM64(BPF_REG_1, 0x1000000000ULL),
383
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_1),
384
+
BPF_MOV32_IMM(BPF_REG_0, 1),
385
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
386
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_6),
387
+
BPF_EXIT_INSN(),
388
+
},
389
+
.result = ACCEPT,
390
+
.retval = 0,
391
+
},
392
+
{
393
+
"arsh32 reg zero extend check",
394
+
.insns = {
395
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
396
+
BPF_LD_IMM64(BPF_REG_1, 0x1000000000ULL),
397
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_1),
398
+
BPF_MOV64_IMM(BPF_REG_1, 1),
399
+
BPF_ALU32_REG(BPF_ARSH, BPF_REG_0, BPF_REG_1),
400
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
401
+
BPF_EXIT_INSN(),
402
+
},
403
+
.result = ACCEPT,
404
+
.retval = 0,
405
+
},
406
+
{
407
+
"arsh32 imm zero extend check",
408
+
.insns = {
409
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
410
+
BPF_LD_IMM64(BPF_REG_1, 0x1000000000ULL),
411
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_1),
412
+
BPF_ALU32_IMM(BPF_ARSH, BPF_REG_0, 0),
413
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
414
+
BPF_MOV64_REG(BPF_REG_6, BPF_REG_0),
415
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
416
+
BPF_LD_IMM64(BPF_REG_1, 0x1000000000ULL),
417
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_1),
418
+
BPF_ALU32_IMM(BPF_ARSH, BPF_REG_0, 1),
419
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
420
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_6),
421
+
BPF_EXIT_INSN(),
422
+
},
423
+
.result = ACCEPT,
424
+
.retval = 0,
425
+
},
426
+
{
427
+
"end16 (to_le) reg zero extend check",
428
+
.insns = {
429
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
430
+
BPF_MOV64_REG(BPF_REG_6, BPF_REG_0),
431
+
BPF_ALU64_IMM(BPF_LSH, BPF_REG_6, 32),
432
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
433
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_6),
434
+
BPF_ENDIAN(BPF_TO_LE, BPF_REG_0, 16),
435
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
436
+
BPF_EXIT_INSN(),
437
+
},
438
+
.result = ACCEPT,
439
+
.retval = 0,
440
+
},
441
+
{
442
+
"end32 (to_le) reg zero extend check",
443
+
.insns = {
444
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
445
+
BPF_MOV64_REG(BPF_REG_6, BPF_REG_0),
446
+
BPF_ALU64_IMM(BPF_LSH, BPF_REG_6, 32),
447
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
448
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_6),
449
+
BPF_ENDIAN(BPF_TO_LE, BPF_REG_0, 32),
450
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
451
+
BPF_EXIT_INSN(),
452
+
},
453
+
.result = ACCEPT,
454
+
.retval = 0,
455
+
},
456
+
{
457
+
"end16 (to_be) reg zero extend check",
458
+
.insns = {
459
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
460
+
BPF_MOV64_REG(BPF_REG_6, BPF_REG_0),
461
+
BPF_ALU64_IMM(BPF_LSH, BPF_REG_6, 32),
462
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
463
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_6),
464
+
BPF_ENDIAN(BPF_TO_BE, BPF_REG_0, 16),
465
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
466
+
BPF_EXIT_INSN(),
467
+
},
468
+
.result = ACCEPT,
469
+
.retval = 0,
470
+
},
471
+
{
472
+
"end32 (to_be) reg zero extend check",
473
+
.insns = {
474
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
475
+
BPF_MOV64_REG(BPF_REG_6, BPF_REG_0),
476
+
BPF_ALU64_IMM(BPF_LSH, BPF_REG_6, 32),
477
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
478
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_6),
479
+
BPF_ENDIAN(BPF_TO_BE, BPF_REG_0, 32),
480
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
481
+
BPF_EXIT_INSN(),
482
+
},
483
+
.result = ACCEPT,
484
+
.retval = 0,
485
+
},
486
+
{
487
+
"ldx_b zero extend check",
488
+
.insns = {
489
+
BPF_MOV64_REG(BPF_REG_6, BPF_REG_10),
490
+
BPF_ALU64_IMM(BPF_ADD, BPF_REG_6, -4),
491
+
BPF_ST_MEM(BPF_W, BPF_REG_6, 0, 0xfaceb00c),
492
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
493
+
BPF_LD_IMM64(BPF_REG_1, 0x1000000000ULL),
494
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_1),
495
+
BPF_LDX_MEM(BPF_B, BPF_REG_0, BPF_REG_6, 0),
496
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
497
+
BPF_EXIT_INSN(),
498
+
},
499
+
.result = ACCEPT,
500
+
.retval = 0,
501
+
},
502
+
{
503
+
"ldx_h zero extend check",
504
+
.insns = {
505
+
BPF_MOV64_REG(BPF_REG_6, BPF_REG_10),
506
+
BPF_ALU64_IMM(BPF_ADD, BPF_REG_6, -4),
507
+
BPF_ST_MEM(BPF_W, BPF_REG_6, 0, 0xfaceb00c),
508
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
509
+
BPF_LD_IMM64(BPF_REG_1, 0x1000000000ULL),
510
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_1),
511
+
BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_6, 0),
512
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
513
+
BPF_EXIT_INSN(),
514
+
},
515
+
.result = ACCEPT,
516
+
.retval = 0,
517
+
},
518
+
{
519
+
"ldx_w zero extend check",
520
+
.insns = {
521
+
BPF_MOV64_REG(BPF_REG_6, BPF_REG_10),
522
+
BPF_ALU64_IMM(BPF_ADD, BPF_REG_6, -4),
523
+
BPF_ST_MEM(BPF_W, BPF_REG_6, 0, 0xfaceb00c),
524
+
BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_prandom_u32),
525
+
BPF_LD_IMM64(BPF_REG_1, 0x1000000000ULL),
526
+
BPF_ALU64_REG(BPF_OR, BPF_REG_0, BPF_REG_1),
527
+
BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_6, 0),
528
+
BPF_ALU64_IMM(BPF_RSH, BPF_REG_0, 32),
529
+
BPF_EXIT_INSN(),
530
+
},
37
531
.result = ACCEPT,
38
532
.retval = 0,
39
533
},