nfp: bpf: support u32 divide using reciprocal_div.h

NFP doesn't have integer divide instruction, this patch use reciprocal algorithm (the basic one, reciprocal_div) to emulate it. For each u32 divide, we would need 11 instructions to finish the operation. 7 (for multiplication) + 4 (various ALUs) = 11 Given NFP only supports multiplication no bigger than u32, we'd require divisor and dividend no bigger than that as well. Also eBPF doesn't support signed divide and has enforced this on C language level by failing compilation. However LLVM assembler hasn't enforced this, so it is possible for negative constant to leak in as a BPF_K operand through assembly code, we reject such cases as well. Signed-off-by: Jiong Wang <jiong.wang@netronome.com> Reviewed-by: Jakub Kicinski <jakub.kicinski@netronome.com> Acked-by: Song Liu <songliubraving@fb.com> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
author: Jiong Wang <jiong.wang@netronome.com> 2018-07-06 15:13:22 -0700
committer: Daniel Borkmann <daniel@iogearbox.net> 2018-07-07 01:45:31 +0200
commit: 2a952b03d1a011e2e7ddc9ca59cbb21df7dc3525 (patch)
tree: 65fec3490f3538a15d1f35a89a806aec9cbe495b /drivers/net/ethernet/netronome/nfp/bpf/verifier.c
parent: nfp: bpf: support u16 and u32 multiplications (diff)
download: linux-dev-2a952b03d1a011e2e7ddc9ca59cbb21df7dc3525.tar.xz
linux-dev-2a952b03d1a011e2e7ddc9ca59cbb21df7dc3525.zip
1 files changed, 31 insertions, 0 deletions
diff --git a/drivers/net/ethernet/netronome/nfp/bpf/verifier.c b/drivers/net/ethernet/netronome/nfp/bpf/verifier.c
index 30d4f1580693..49ba0d645d36 100644
--- a/drivers/net/ethernet/netronome/nfp/bpf/verifier.c
+++ b/drivers/net/ethernet/netronome/nfp/bpf/verifier.c
@@ -558,6 +558,37 @@ nfp_bpf_check_alu(struct nfp_prog *nfp_prog, struct nfp_insn_meta *meta,
 		}
 	}
 
+	/* NFP doesn't have divide instructions, we support divide by constant
+	 * through reciprocal multiplication. Given NFP support multiplication
+	 * no bigger than u32, we'd require divisor and dividend no bigger than
+	 * that as well.
+	 *
+	 * Also eBPF doesn't support signed divide and has enforced this on C
+	 * language level by failing compilation. However LLVM assembler hasn't
+	 * enforced this, so it is possible for negative constant to leak in as
+	 * a BPF_K operand through assembly code, we reject such cases as well.
+	 */
+	if (is_mbpf_div(meta)) {
+		if (meta->umax_dst > U32_MAX) {
+			pr_vlog(env, "dividend is not within u32 value range\n");
+			return -EINVAL;
+		}
+		if (mbpf_src(meta) == BPF_X) {
+			if (meta->umin_src != meta->umax_src) {
+				pr_vlog(env, "divisor is not constant\n");
+				return -EINVAL;
+			}
+			if (meta->umax_src > U32_MAX) {
+				pr_vlog(env, "divisor is not within u32 value range\n");
+				return -EINVAL;
+			}
+		}
+		if (mbpf_src(meta) == BPF_K && meta->insn.imm < 0) {
+			pr_vlog(env, "divide by negative constant is not supported\n");
+			return -EINVAL;
+		}
+	}
+
 	return 0;
 }
author	Jiong Wang <jiong.wang@netronome.com>	2018-07-06 15:13:22 -0700
committer	Daniel Borkmann <daniel@iogearbox.net>	2018-07-07 01:45:31 +0200
commit	2a952b03d1a011e2e7ddc9ca59cbb21df7dc3525 (patch)
tree	65fec3490f3538a15d1f35a89a806aec9cbe495b /drivers/net/ethernet/netronome/nfp/bpf/verifier.c
parent	nfp: bpf: support u16 and u32 multiplications (diff)
download	linux-dev-2a952b03d1a011e2e7ddc9ca59cbb21df7dc3525.tar.xz linux-dev-2a952b03d1a011e2e7ddc9ca59cbb21df7dc3525.zip