Comments (3)
Maybe re-use an existing verifier: eBPF verifier
from ubpf.
ebpf-verifier
is C++ (and a lot of it), and has non-trivial dependencies like gmp and boost. I think ubpf could pretty easily implement much of the same functionality (including some basic abstract interpretation) in simple C without bloating the codebase or adding dependencies.
from ubpf.
I'm interested in adding support to ubpf for verifier passes that are similar in purpose to what the kernel has. My primary question is: are these passes desired?
Yeah, definitely!
If so, should they be optional, and should they be the default?
I think verifier passes should be opt-in, at least at first. Once they are stable/complete enough, we can consider making them opt-out.
Secondarily, what kinds of passes should we start with? I've already developed a pass to detect unreachable instructions and a pass to detect loops which work decently well on simple examples; I'd be happy to send these upstream for review.
I'd start with the easiest first, but that's really up to you. Detecting dead code and loops can be a good start as we could then take that for granted in other passes.
from ubpf.
Related Issues (20)
- Missing support for atomic instructions
- ubpf_load fails to validate immediate offset when computing jump targets
- Memory out-of-bound access in the ubpf_fetch_instruction when executing unterminated eBPF program HOT 1
- Incorrect boundary check leading to the out-of-bound memory access HOT 1
- Missing boundary check for load/store in JIT compiler HOT 1
- Incorrect exit implementation in JIT compiler HOT 1
- Incorrect CALL code generation (emit_local_call) in JIT compiler HOT 1
- uBPF interpreter has incorrect behavior for jump with immediate values > 0x7fffffff HOT 2
- uBPF emits wrong instructions for register to register multiplication/division/modulo operations if immediate != 0
- x64 JIT emit wrong jump target when target is at start of byte code
- 32bit ALU operations fail to truncate target register
- Recursive local call causes uBPF JIT to crash HOT 1
- Jump target for PC 0 is wrong
- Crash if call target is not start of a function HOT 1
- Crash on computing required stack size for inner most nested local-call
- Fix code scanning alert - Wrong type of arguments to formatting function
- Fix code scanning alert - Multiplication result converted to larger type
- LE16 fails to truncate register value HOT 2
- Potential dereference of `nullptr` in libfuzzer harness?
- Wrong offset check of relocated function?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ubpf.