2599 	u8 opcode = BPF_OP(insn->code);  in backtrack_insn()  local
2616 		if (opcode == BPF_END || opcode == BPF_NEG) {  in backtrack_insn()
2621 		} else if (opcode == BPF_MOV) {  in backtrack_insn()
2696 		if (opcode == BPF_CALL) {  in backtrack_insn()
2720 		} else if (opcode == BPF_EXIT) {  in backtrack_insn()
8229 static bool sanitize_needed(u8 opcode)  in sanitize_needed()  argument
8231 	return opcode == BPF_ADD || opcode == BPF_SUB;  in sanitize_needed()
8273 	u8 opcode = BPF_OP(insn->code);  in sanitize_ptr_alu()  local
8294 		info->mask_to_left = (opcode == BPF_ADD &&  off_is_neg) ||  in sanitize_ptr_alu()
8295 				     (opcode == BPF_SUB && !off_is_neg);  in sanitize_ptr_alu()
8493 	u8 opcode = BPF_OP(insn->code);  in adjust_ptr_min_max_vals()  local
8510 		if (opcode == BPF_SUB && env->allow_ptr_leaks) {  in adjust_ptr_min_max_vals()
8534 		if (known && smin_val == 0 && opcode == BPF_ADD)  in adjust_ptr_min_max_vals()
8562 	if (sanitize_needed(opcode)) {  in adjust_ptr_min_max_vals()
8569 	switch (opcode) {  in adjust_ptr_min_max_vals()
8685 			dst, bpf_alu_string[opcode >> 4]);  in adjust_ptr_min_max_vals()
8690 			dst, bpf_alu_string[opcode >> 4]);  in adjust_ptr_min_max_vals()
8699 	if (sanitize_needed(opcode)) {  in adjust_ptr_min_max_vals()
9286 	u8 opcode = BPF_OP(insn->code);  in adjust_scalar_min_max_vals()  local
9331 	    opcode != BPF_ADD && opcode != BPF_SUB && opcode != BPF_AND) {  in adjust_scalar_min_max_vals()
9336 	if (sanitize_needed(opcode)) {  in adjust_scalar_min_max_vals()
9356 	switch (opcode) {  in adjust_scalar_min_max_vals()
9448 	u8 opcode = BPF_OP(insn->code);  in adjust_reg_min_max_vals()  local
9468 				if (opcode == BPF_SUB && env->allow_ptr_leaks) {  in adjust_reg_min_max_vals()
9474 					bpf_alu_string[opcode >> 4]);  in adjust_reg_min_max_vals()
9530 	u8 opcode = BPF_OP(insn->code);  in check_alu_op()  local
9533 	if (opcode == BPF_END || opcode == BPF_NEG) {  in check_alu_op()
9534 		if (opcode == BPF_NEG) {  in check_alu_op()
9566 	} else if (opcode == BPF_MOV) {  in check_alu_op()
9646 	} else if (opcode > BPF_END) {  in check_alu_op()
9647 		verbose(env, "invalid BPF_ALU opcode %x\n", opcode);  in check_alu_op()
9673 		if ((opcode == BPF_MOD || opcode == BPF_DIV) &&  in check_alu_op()
9679 		if ((opcode == BPF_LSH || opcode == BPF_RSH ||  in check_alu_op()
9680 		     opcode == BPF_ARSH) && BPF_SRC(insn->code) == BPF_K) {  in check_alu_op()
9779 static int is_branch32_taken(struct bpf_reg_state *reg, u32 val, u8 opcode)  in is_branch32_taken()  argument
9784 	switch (opcode) {  in is_branch32_taken()
9853 static int is_branch64_taken(struct bpf_reg_state *reg, u64 val, u8 opcode)  in is_branch64_taken()  argument
9857 	switch (opcode) {  in is_branch64_taken()
9932 static int is_branch_taken(struct bpf_reg_state *reg, u64 val, u8 opcode,  in is_branch_taken()  argument
9945 		switch (opcode) {  in is_branch_taken()
9956 		return is_branch32_taken(reg, val, opcode);  in is_branch_taken()
9957 	return is_branch64_taken(reg, val, opcode);  in is_branch_taken()
9960 static int flip_opcode(u32 opcode)  in flip_opcode()  argument
9978 	return opcode_flip[opcode >> 4];  in flip_opcode()
9983 				   u8 opcode)  in is_pkt_ptr_branch_taken()  argument
9991 		opcode = flip_opcode(opcode);  in is_pkt_ptr_branch_taken()
9999 	switch (opcode) {  in is_pkt_ptr_branch_taken()
10007 			return opcode == BPF_JGT;  in is_pkt_ptr_branch_taken()
10015 			return opcode == BPF_JGE;  in is_pkt_ptr_branch_taken()
10029 			    u8 opcode, bool is_jmp32)  in reg_set_min_max()  argument
10047 	switch (opcode) {  in reg_set_min_max()
10092 			u32 false_umax = opcode == BPF_JGT ? val32  : val32 - 1;  in reg_set_min_max()
10093 			u32 true_umin = opcode == BPF_JGT ? val32 + 1 : val32;  in reg_set_min_max()
10100 			u64 false_umax = opcode == BPF_JGT ? val    : val - 1;  in reg_set_min_max()
10101 			u64 true_umin = opcode == BPF_JGT ? val + 1 : val;  in reg_set_min_max()
10112 			s32 false_smax = opcode == BPF_JSGT ? sval32    : sval32 - 1;  in reg_set_min_max()
10113 			s32 true_smin = opcode == BPF_JSGT ? sval32 + 1 : sval32;  in reg_set_min_max()
10118 			s64 false_smax = opcode == BPF_JSGT ? sval    : sval - 1;  in reg_set_min_max()
10119 			s64 true_smin = opcode == BPF_JSGT ? sval + 1 : sval;  in reg_set_min_max()
10130 			u32 false_umin = opcode == BPF_JLT ? val32  : val32 + 1;  in reg_set_min_max()
10131 			u32 true_umax = opcode == BPF_JLT ? val32 - 1 : val32;  in reg_set_min_max()
10138 			u64 false_umin = opcode == BPF_JLT ? val    : val + 1;  in reg_set_min_max()
10139 			u64 true_umax = opcode == BPF_JLT ? val - 1 : val;  in reg_set_min_max()
10150 			s32 false_smin = opcode == BPF_JSLT ? sval32    : sval32 + 1;  in reg_set_min_max()
10151 			s32 true_smax = opcode == BPF_JSLT ? sval32 - 1 : sval32;  in reg_set_min_max()
10156 			s64 false_smin = opcode == BPF_JSLT ? sval    : sval + 1;  in reg_set_min_max()
10157 			s64 true_smax = opcode == BPF_JSLT ? sval - 1 : sval;  in reg_set_min_max()
10189 				u8 opcode, bool is_jmp32)  in reg_set_min_max_inv()  argument
10191 	opcode = flip_opcode(opcode);  in reg_set_min_max_inv()
10195 	if (opcode)  in reg_set_min_max_inv()
10196 		reg_set_min_max(true_reg, false_reg, val, val32, opcode, is_jmp32);  in reg_set_min_max_inv()
10221 				u8 opcode)  in reg_combine_min_max()  argument
10223 	switch (opcode) {  in reg_combine_min_max()
10422 	u8 opcode = BPF_OP(insn->code);  in check_cond_jmp_op()  local
10428 	if (opcode == BPF_JA || opcode > BPF_JSLE) {  in check_cond_jmp_op()
10429 		verbose(env, "invalid BPF_JMP/JMP32 opcode %x\n", opcode);  in check_cond_jmp_op()
10467 		pred = is_branch_taken(dst_reg, insn->imm, opcode, is_jmp32);  in check_cond_jmp_op()
10472 				       opcode,  in check_cond_jmp_op()
10478 				       opcode,  in check_cond_jmp_op()
10483 		pred = is_pkt_ptr_branch_taken(dst_reg, src_reg, opcode);  in check_cond_jmp_op()
10552 						opcode, is_jmp32);  in check_cond_jmp_op()
10560 						    opcode, is_jmp32);  in check_cond_jmp_op()
10562 				 (opcode == BPF_JEQ || opcode == BPF_JNE))  in check_cond_jmp_op()
10566 						    src_reg, dst_reg, opcode);  in check_cond_jmp_op()
10577 					opcode, is_jmp32);  in check_cond_jmp_op()
10591 	    insn->imm == 0 && (opcode == BPF_JEQ || opcode == BPF_JNE) &&  in check_cond_jmp_op()
10597 				      opcode == BPF_JNE);  in check_cond_jmp_op()
10599 				      opcode == BPF_JEQ);  in check_cond_jmp_op()
12668 			u8 opcode = BPF_OP(insn->code);  in do_check()  local
12671 			if (opcode == BPF_CALL) {  in do_check()
12698 			} else if (opcode == BPF_JA) {  in do_check()
12711 			} else if (opcode == BPF_EXIT) {  in do_check()