[$] Bounded loops in BPF programs

The BPF verifier is charged with ensuring that any given BPF program issafe for the kernel to load and run. Programs that fail to terminate areclearly unsafe, as they present an opportunity for denial-of-serviceattacks. In current kernels, the verifier uses a heavy-handed technique toblock such programs: it disallows any program containing loops. This works, but at thecost of disallowing a wide range of useful programs; if the verifier coulddetermine whether any given loop would terminate within a bounded time,this restriction could be lifted. John Fastabend presented a plan fordoing so during the BPFmicroconference at the 2018 Linux Plumbers Conference.