[llvm] [RFC][BPF] Support Jump Table (PR #133856)
Anton Protopopov via llvm-commits
llvm-commits at lists.llvm.org
Thu Apr 3 03:58:54 PDT 2025
aspsk wrote:
Thanks @yonghong-song, that size/offset section is really useful! This looks sufficient for me to continue with a PoC.
> you do not need to care about gotox at all.
Unfortunately, I do, this is required for verification. For indirect jumps to work, two things should be verified:
```
rX <- jump_table_x[i] # here jump_table_x[i] should be converted to M[i]
...
gotox rX # here on load imm=fd(M)
```
The `gotox` should reference an instance of an instruction set map `M` directly. This is required to 1) verify that we take each branch in `visit_insn` 2) verify the instruction when we symbolically run the verifier. In the latter case `gotox rX` is allowed iff `imm=M` and `rX` was loaded from the same map `M`.
So, in order to construct a verifiable program, libbpf should:
* find all jump tables, for each jump table `X`:
* create an instruction set map `M(X)`
* find all loads from table `X`, replace by a map value load from map `M(X)`
* find all `gotox`, backtrack the register load from map `M(X)`, set `imm=M(X)` in the `gotox`
(Haven't checked yet for real, but this looks to be enough for "custom", e.g., user-defined, jump tables to work. Just declare it as `static const`, initialize with label addresses, and it will be present in `.rodata`. Maybe the only change that the corresponding `size` section should be pushed manually in this case?)
https://github.com/llvm/llvm-project/pull/133856
More information about the llvm-commits
mailing list