Important: This article was written by Github Copilot, while it's not entirely accurate, it's quite good to see what it ended up with.
The bpf verifier is a tool that can be used to check the correctness of eBPF programs. It is implemented in C and is used by the kernel. When the kernel is built with CONFIG_BPF_JIT, it does further optimization on the BPF programs.
To write a valid eBPF program you need to follow a few rules:
- The program must not have any side-effects.
- The program must not call any system calls.
- The program must not call any functions that are not part of the eBPF API.
If you are interested in writing eBPF programs, you should read the eBPF programmer's guide.
If the verifier does not work, you can try to run the verifier manually:
$ ebpf_verifier <program.o>
If that does not work, you can try to run the verifier with the -v option:
$ ebpf_verifier -v <program.o>
You can also dump assembler code for the program:
$ ebpf_verifier -a <program.o>
Human-readable error messages are also available:
$ ebpf_verifier -v -H <program.o>
Said that, the verifier is not perfect.
It will report errors when it finds something that is not allowed.
Thanks for reading!