experiment01-tailgrow: try recommentation but it fails

This shows the code after Daniel's idea for change in PR #123

The code can now pass the verifier checks, but it will drop
all packets, because the offset is the packet lenght and
doing +1 will put us over the packet lenght.  Thus, the
if-check against data_end will cause a XDP_DROP.

The +1 is needed to pass the verifier checks.

Using XDP_DROP for this case, to make it easier to identify
the problem via using xdpdump[1]

 ./xdpdump -v -i mlx5p1 --rx-capture entry,exit -x

[1] https://github.com/xdp-project/xdp-tools/tree/master/xdp-dump

Signed-off-by: Jesper Dangaard Brouer <brouer@redhat.com>

Author: netoptimizer

experiment01-tailgrow/xdp_prog_kern3.c

@@ -3,11 +3,9 @@
 #include <bpf/bpf_helpers.h>
 
 /*
- * This BPF-prog will FAIL, due to verifier rejecting it.
+ * This BPF-prog will drop all packets, but pass verifier checks.
  *
- * General idea: Use packet length to find and access last byte in
- * packet.  The verifier cannot see this is safe, as it cannot deduce
- * the packet length at verification time.
+ * General idea: Use packet length to find and access last byte.
  */
 
 SEC("xdp_fail1")
@@ -18,29 +16,22 @@ int _xdp_fail1(struct xdp_md *ctx)
 	unsigned char *ptr;
 	void *pos;
 
-	/* (Correct me if I'm wrong)
-	 *
-	 * The verifier cannot use this packet length calculation as
-	 * part of its static analysis.  It chooses to use zero as the
-	 * offset value static value.
-	 */
 	unsigned int offset = data_end - data;
 
 	pos = data;
+	offset &= 0x7FFF; /* Bound/limit max value to help verifier */
 
-	if (pos + offset > data_end)
-		goto out;
+	pos += offset;
 
-	/* Fails at this line with:
-	 *   "invalid access to packet, off=-1 size=1, R1(id=2,off=0,r=0)"
-	 *   "R1 offset is outside of the packet"
-	 *
-	 * Because verifer used offset==0 it thinks that we are trying
-	 * to access (data - 1), which is not within [data,data_end)
+	/* Below +1 will cause all packet to be dropped, as it will be
+	 * longer than packet length (just calc as offset).
 	 */
-	ptr = pos + (offset - sizeof(*ptr));
+	if (pos + 1 > data_end)
+		return XDP_DROP;
+
+	ptr = pos;
 	if (*ptr == 0xFF)
 		return XDP_ABORTED;
-out:
+
 	return XDP_PASS;
 }