iv/linux
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
linux/kernel/bpf
History
Alexei Starovoitov ceefbc96fa bpf: add per-insn complexity limit 
malicious bpf program may try to force the verifier to remember
a lot of distinct verifier states.
Put a limit to number of per-insn 'struct bpf_verifier_state'.
Note that hitting the limit doesn't reject the program.
It potentially makes the verifier do more steps to analyze the program.
It means that malicious programs will hit BPF_COMPLEXITY_LIMIT_INSNS sooner
instead of spending cpu time walking long link list.

The limit of BPF_COMPLEXITY_LIMIT_STATES==64 affects cilium progs
with slight increase in number of "steps" it takes to successfully verify
the programs:
                       before    after
bpf_lb-DLB_L3.o         1940      1940
bpf_lb-DLB_L4.o         3089      3089
bpf_lb-DUNKNOWN.o       1065      1065
bpf_lxc-DDROP_ALL.o     28052  |  28162
bpf_lxc-DUNKNOWN.o      35487  |  35541
bpf_netdev.o            10864     10864
bpf_overlay.o           6643      6643
bpf_lcx_jit.o           38437     38437

But it also makes malicious program to be rejected in 0.4 seconds vs 6.5
Hence apply this limit to unprivileged programs only.

Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Edward Cree <ecree@solarflare.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2018-12-04 17:22:02 +01:00
..
arraymap.c
bpf: return EOPNOTSUPP when map lookup isn't supported
2018-10-09 21:52:20 -07:00
bpf_lru_list.c
bpf: lru: Lower the PERCPU_NR_SCANS from 16 to 4
2017-04-17 13:55:52 -04:00
bpf_lru_list.h
bpf: Only set node->ref = 1 if it has not been set
2017-09-01 09:57:39 -07:00
btf.c
bpf: btf: check name validity for various types
2018-11-28 16:03:04 -08:00
cgroup.c
bpf: add cg_skb_is_valid_access for BPF_PROG_TYPE_CGROUP_SKB
2018-10-19 13:49:34 -07:00
core.c
bpf, ppc64: generalize fetching subprog into bpf_jit_get_func_addr
2018-11-26 17:34:24 -08:00
cpumap.c
bpf: fix redirect to map under tail calls
2018-08-17 15:56:23 -07:00
devmap.c
bpf: devmap: fix wrong interface selection in notifier_call
2018-10-26 00:32:21 +02:00
disasm.c
bpf: Remove struct bpf_verifier_env argument from print_bpf_insn
2018-03-23 17:38:57 +01:00
disasm.h
bpf: Remove struct bpf_verifier_env argument from print_bpf_insn
2018-03-23 17:38:57 +01:00
hashtab.c
bpf: add bpffs pretty print for percpu arraymap/hash/lru_hash
2018-08-30 14:03:53 +02:00
helpers.c
bpf: fix direct packet write into pop/peek helpers
2018-10-25 17:02:06 -07:00
inode.c
bpf: decouple btf from seq bpf fs dump and enable more maps
2018-08-13 00:52:45 +02:00
local_storage.c
bpf: allocate local storage buffers using GFP_ATOMIC
2018-11-16 21:17:49 -08:00
lpm_trie.c
bpf: decouple btf from seq bpf fs dump and enable more maps
2018-08-13 00:52:45 +02:00
Makefile
bpf: add queue and stack maps
2018-10-19 13:24:31 -07:00
map_in_map.c
bpf: don't allow create maps of per-cpu cgroup local storages
2018-10-01 16:18:33 +02:00
map_in_map.h
bpf: Add syscall lookup support for fd array and htab
2017-06-29 13:13:25 -04:00
offload.c
bpf: add verifier callback to get stack usage info for offloaded progs
2018-10-08 10:24:12 +02:00
percpu_freelist.c
bpf: fix lockdep splat
2017-11-15 19:46:32 +09:00
percpu_freelist.h
bpf: introduce percpu_freelist
2016-03-08 15:28:31 -05:00
queue_stack_maps.c
bpf: fix integer overflow in queue_stack_map
2018-11-22 21:29:40 +01:00
reuseport_array.c
bpf: Introduce BPF_MAP_TYPE_REUSEPORT_SOCKARRAY
2018-08-11 01:58:46 +02:00
stackmap.c
bpf: rename stack trace map operations
2018-10-19 13:24:30 -07:00
syscall.c
bpf: fix bpf_prog_get_info_by_fd to return 0 func_lens for unpriv
2018-11-02 13:51:15 -07:00
tnum.c
bpf/verifier: improve register value range tracking with ARSH
2018-04-29 08:45:53 -07:00
verifier.c
bpf: add per-insn complexity limit
2018-12-04 17:22:02 +01:00
xskmap.c
Merge git://git.kernel.org/pub/scm/linux/kernel/git/davem/net
2018-10-19 11:03:06 -07:00