Tony Arcieri <basc...@gmail.com> writes: > On Tue, May 27, 2014 at 12:17 AM, Peter Bex <peter....@xs4all.nl> wrote: > >> This is run within the kernel context, and arbitrary code in this bytecode >> can be uploaded. It reins in power by allowing only a fixed length for the >> program and by allowing only jumps to forward addresses, which precludes >> loop, making it effectively non-Turing complete. > > > What's particularly interesting is extended BPF (eBPF) allows backwards > jumps, with a catch: > > https://lwn.net/Articles/575531/ > > "Every jump is mapped and, while backward jumps are allowed, jumps to > previously executed parts of the program are not, so loops should not be > possible."
The reasoning given in the article seems to be motivated by lazyness: > The GCC backend is available from a GitHub repository, while the LLVM > version is in the LLVM tree itself. This feature, incidentally, is why > extended BPF allows backward jumps: the compilers will emit them as a > result of their optimization work. Seems awfully convenient, until suddenly code is harder to reason about. -- Nils Dagsson Moskopp // erlehmann <http://dieweltistgarnichtso.net>
signature.asc
Description: PGP signature
_______________________________________________ langsec-discuss mailing list langsec-discuss@mail.langsec.org https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
