[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: BPF_MISC+BPF_COP and BPF_COPX
On 4 Aug 2013, at 12:12, Mindaugas Rasiukevicius <rmind%netbsd.org@localhost>
> I would like propose new BPF instructions for the misc category: BPF_COP
> and BPF_COPX. It would provide a capability of calling an external
> function - think of BPF "coprocessor". The argument for BPF_COP is an
> index to a pre-loaded array of function pointers. BPF_COPX takes the
> function index from the register X rather than a constant.
> BPF_STMT(BPF_MISC+BPF_COP, 0), /* A <- funcs(...) */
> typedef uint32_t(*bpf_copfunc_t)(struct mbuf *pkt,
> uint32_t A, uint32_t *M);
> int bpf_set_cop(bpf_ctx_t *c, bpf_copfunc_t funcs, size_t n);
> The arguments passed to a called function would be the packet, accumulator
> and the memory store. The return value would be stored in the accumulator
> and the register X would be reset to 0. Note that the function may also
> change the memory store. If the function index is out of range, then the
> register X would be set to 0xffffffff.
> Note that bpf_filter(9) would need to take some context structure (which is
> preferable in general).
Why do you need this in the first place?
Are you sure this is a safe design? Adding this functionality to BPF makes me a
little nervous as an error in the implementation leads to kernel code execution
(I could be able to call random kernel functions).
Main Index |
Thread Index |