bpf: remove patch for file not present in 4.8.x kernel

Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>

2 files changed, 0 insertions, 83 deletions

diff --git a/queue/bpf-improve-verifier-packet-range-checks.patch b/queue/bpf-improve-verifier-packet-range-checks.patch
deleted file mode 100644
index bbcdc2a..0000000
--- a/queue/bpf-improve-verifier-packet-range-checks.patch
+++ /dev/null
@@ -1,82 +0,0 @@
-From b1977682a3858b5584ffea7cfb7bd863f68db18d Mon Sep 17 00:00:00 2001
-From: Alexei Starovoitov <ast@fb.com>
-Date: Fri, 24 Mar 2017 15:57:33 -0700
-Subject: [PATCH] bpf: improve verifier packet range checks
-
-commit b1977682a3858b5584ffea7cfb7bd863f68db18d upstream.
-
-llvm can optimize the 'if (ptr > data_end)' checks to be in the order
-slightly different than the original C code which will confuse verifier.
-Like:
-if (ptr + 16 > data_end)
-  return TC_ACT_SHOT;
-// may be followed by
-if (ptr + 14 > data_end)
-  return TC_ACT_SHOT;
-while llvm can see that 'ptr' is valid for all 16 bytes,
-the verifier could not.
-Fix verifier logic to account for such case and add a test.
-
-Reported-by: Huapeng Zhou <hzhou@fb.com>
-Fixes: 969bf05eb3ce ("bpf: direct packet access")
-Signed-off-by: Alexei Starovoitov <ast@kernel.org>
-Acked-by: Daniel Borkmann <daniel@iogearbox.net>
-Acked-by: Martin KaFai Lau <kafai@fb.com>
-Signed-off-by: David S. Miller <davem@davemloft.net>
-
-diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
-index 796b68d00119..5e6202e62265 100644
---- a/kernel/bpf/verifier.c
-+++ b/kernel/bpf/verifier.c
-@@ -1973,14 +1973,15 @@ static void find_good_pkt_pointers(struct bpf_verifier_state *state,
- 
- 	for (i = 0; i < MAX_BPF_REG; i++)
- 		if (regs[i].type == PTR_TO_PACKET && regs[i].id == dst_reg->id)
--			regs[i].range = dst_reg->off;
-+			/* keep the maximum range already checked */
-+			regs[i].range = max(regs[i].range, dst_reg->off);
- 
- 	for (i = 0; i < MAX_BPF_STACK; i += BPF_REG_SIZE) {
- 		if (state->stack_slot_type[i] != STACK_SPILL)
- 			continue;
- 		reg = &state->spilled_regs[i / BPF_REG_SIZE];
- 		if (reg->type == PTR_TO_PACKET && reg->id == dst_reg->id)
--			reg->range = dst_reg->off;
-+			reg->range = max(reg->range, dst_reg->off);
- 	}
- }
- 
-diff --git a/tools/testing/selftests/bpf/test_verifier.c b/tools/testing/selftests/bpf/test_verifier.c
-index d1555e4240c0..7d761d4cc759 100644
---- a/tools/testing/selftests/bpf/test_verifier.c
-+++ b/tools/testing/selftests/bpf/test_verifier.c
-@@ -3418,6 +3418,26 @@ static struct bpf_test tests[] = {
- 		.prog_type = BPF_PROG_TYPE_LWT_XMIT,
- 	},
- 	{
-+		"overlapping checks for direct packet access",
-+		.insns = {
-+			BPF_LDX_MEM(BPF_W, BPF_REG_2, BPF_REG_1,
-+				    offsetof(struct __sk_buff, data)),
-+			BPF_LDX_MEM(BPF_W, BPF_REG_3, BPF_REG_1,
-+				    offsetof(struct __sk_buff, data_end)),
-+			BPF_MOV64_REG(BPF_REG_0, BPF_REG_2),
-+			BPF_ALU64_IMM(BPF_ADD, BPF_REG_0, 8),
-+			BPF_JMP_REG(BPF_JGT, BPF_REG_0, BPF_REG_3, 4),
-+			BPF_MOV64_REG(BPF_REG_1, BPF_REG_2),
-+			BPF_ALU64_IMM(BPF_ADD, BPF_REG_1, 6),
-+			BPF_JMP_REG(BPF_JGT, BPF_REG_1, BPF_REG_3, 1),
-+			BPF_LDX_MEM(BPF_H, BPF_REG_0, BPF_REG_2, 6),
-+			BPF_MOV64_IMM(BPF_REG_0, 0),
-+			BPF_EXIT_INSN(),
-+		},
-+		.result = ACCEPT,
-+		.prog_type = BPF_PROG_TYPE_LWT_XMIT,
-+	},
-+	{
- 		"invalid access of tc_classid for LWT_IN",
- 		.insns = {
- 			BPF_LDX_MEM(BPF_W, BPF_REG_0, BPF_REG_1,
--- 
-2.12.0
-
diff --git a/queue/series b/queue/series
index b07a53e..2e1361e 100644
--- a/queue/series
+++ b/queue/series
@@ -19,7 +19,6 @@ sparc64-Fix-kernel-panic-due-to-erroneous-ifdef-surr.patch
 net-neigh-guard-against-NULL-solicit-method.patch
 net-phy-handle-state-correctly-in-phy_stop_machine.patch
 kcm-return-immediately-after-copy_from_user-failure.patch
-bpf-improve-verifier-packet-range-checks.patch
 l2tp-purge-socket-queues-in-the-.destruct-callback.patch
 net-packet-fix-overflow-in-check-for-tp_frame_nr.patch
 net-packet-fix-overflow-in-check-for-tp_reserve.patch