On Mon, Aug 8, 2016 at 11:29 AM, William Tu <u9012...@gmail.com> wrote: > Hi Alexei, > > Thanks. >> >> This patch does direct packet access from helpers (like lookup and csum): >> https://git.kernel.org/cgit/linux/kernel/git/ast/bpf.git/commit/?id=d2c24a2769693524d >> it's waiting for net-next to reopen. > > I'm confused. Isn't "commit 969bf05eb bpf: direct packet access" > already in net-next?
nope. haven't sent it to the list yet. >> >> here is high level todo list: >> https://github.com/iovisor/bcc/issues/574 >> the e1000+xdp patch that you've tested is not finished yet. >> Would you be interested in taking it over? > > I didn't see an item related to this verifier issue. > The problem I have is for a map's value containing an array, the > verifier isn't able to verify the array access is safe or not, even > though the index to the array is bounded correctly. > > like the example here: > struct actions { > int action[32]; > }; > acts = bpf_map_lookup_elem(&test_map, &key); > if (!acts) > return 0; > > index = skb->cb[0]; > if (index >= 32) > return 0; > v = acts->action[index]; // fail verifier > > It's not related to packet access, but I think from the verifier's > point of view, it's similar that once we check index is within correct > range, the access to the array is safe. I see. yes. that would be useful. Looking forward to your patch. _______________________________________________ iovisor-dev mailing list iovisor-dev@lists.iovisor.org https://lists.iovisor.org/mailman/listinfo/iovisor-dev