ubpf
ubpf copied to clipboard
iovisor
Interest in verifier passes?
I'm interested in adding support to ubpf for verifier passes that are similar in purpose to what the kernel has. My primary question is: are these passes desired? If so, should they be optional, and should they be the default?
Secondarily, what kinds of passes should we start with? I've already developed a pass to detect unreachable instructions and a pass to detect loops which work decently well on simple examples; I'd be happy to send these upstream for review.
ebpf-verifier is C++ (and a lot of it), and has non-trivial dependencies like gmp and boost. I think ubpf could pretty easily implement much of the same functionality (including some basic abstract interpretation) in simple C without bloating the codebase or adding dependencies.
I'm interested in adding support to ubpf for verifier passes that are similar in purpose to what the kernel has. My primary question is: are these passes desired?
Yeah, definitely!
If so, should they be optional, and should they be the default?
I think verifier passes should be opt-in, at least at first. Once they are stable/complete enough, we can consider making them opt-out.
Secondarily, what kinds of passes should we start with? I've already developed a pass to detect unreachable instructions and a pass to detect loops which work decently well on simple examples; I'd be happy to send these upstream for review.
I'd start with the easiest first, but that's really up to you. Detecting dead code and loops can be a good start as we could then take that for granted in other passes.
