bpf: bump jmp sequence limit

The limit of 1024 subsequent jumps was causing otherwise valid
programs to be rejected. Bump it to 8192 and make the error more verbose.

Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: Andrii Nakryiko <andriin@fb.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>

diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
index 95f9354495ad833ae7c981e551a518a478897fd0..3f8b5443cc67b2b509a08f48ba605d75493e3f03 100644 (file)
--- a/kernel/bpf/verifier.c
+++ b/kernel/bpf/verifier.c
@@ -176,7 +176,7 @@ struct bpf_verifier_stack_elem {
        struct bpf_verifier_stack_elem *next;
 };
 
-#define BPF_COMPLEXITY_LIMIT_STACK     1024
+#define BPF_COMPLEXITY_LIMIT_JMP_SEQ   8192
 #define BPF_COMPLEXITY_LIMIT_STATES    64
 
 #define BPF_MAP_PTR_UNPRIV     1UL
@@ -782,8 +782,9 @@ static struct bpf_verifier_state *push_stack(struct bpf_verifier_env *env,
        if (err)
                goto err;
        elem->st.speculative |= speculative;
-       if (env->stack_size > BPF_COMPLEXITY_LIMIT_STACK) {
-               verbose(env, "BPF program is too complex\n");
+       if (env->stack_size > BPF_COMPLEXITY_LIMIT_JMP_SEQ) {
+               verbose(env, "The sequence of %d jumps is too complex.\n",
+                       env->stack_size);
                goto err;
        }
        return &elem->st;