lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <c1932d0d-cf3f-5005-958d-7e08dddf42c9@iogearbox.net>
Date:   Mon, 27 Mar 2023 11:29:48 +0200
From:   Daniel Borkmann <daniel@...earbox.net>
To:     George Guo <guodongtai@...inos.cn>, chenhuacai@...nel.org,
        masahiroy@...nel.org, michal.lkml@...kovi.net
Cc:     kernel@...0n.name, ndesaulniers@...gle.com, ast@...nel.org,
        loongarch@...ts.linux.dev, linux-kernel@...r.kernel.org,
        linux-kbuild@...r.kernel.org, bpf@...r.kernel.org
Subject: Re: [PATCH] loongarch/bpf: Fix bpf load failed with
 CONFIG_BPF_JIT_ALWAYS_ON, caused by jit (BPF_ST | BPF_NOSPEC) code

On 3/26/23 6:40 AM, George Guo wrote:
> Here just skip the code(BPF_ST | BPF_NOSPEC) that has no couterpart to the loongarch.
> 
> To verify, use ltp testcase:
> 
> Without this patch:
> $ ./bpf_prog02
> ... ...
> bpf_common.c:123: TBROK: Failed verification: ??? (524)
> 
> Summary:
> passed   0
> failed   0
> broken   1
> skipped  0
> warnings 0
> 
> With this patch:
> $ ./bpf_prog02
> ... ...
> Summary:
> passed   0
> failed   0
> broken   0
> skipped  0
> warnings 0
> 
> Signed-off-by: George Guo <guodongtai@...inos.cn>
> ---
>   arch/loongarch/net/bpf_jit.c | 5 +++++
>   1 file changed, 5 insertions(+)
> 
> diff --git a/arch/loongarch/net/bpf_jit.c b/arch/loongarch/net/bpf_jit.c
> index 288003a9f0ca..745d344385ed 100644
> --- a/arch/loongarch/net/bpf_jit.c
> +++ b/arch/loongarch/net/bpf_jit.c
> @@ -1046,6 +1046,11 @@ static int build_body(struct jit_ctx *ctx, bool extra_pass)
>   		if (ctx->image == NULL)
>   			ctx->offset[i] = ctx->idx;
>   
> +		/* skip the code that has no couterpart to the host arch */
> +		if(insn->code == (BPF_ST | BPF_NOSPEC)) {
> +			continue;
> +		}

Small nit, but could we align with other JIT implementations and place it into similar
location for consistency? Above looks a bit out of place and it should really be part
of build_insn.

diff --git a/arch/loongarch/net/bpf_jit.c b/arch/loongarch/net/bpf_jit.c
index 288003a9f0ca..d586df48ecc6 100644
--- a/arch/loongarch/net/bpf_jit.c
+++ b/arch/loongarch/net/bpf_jit.c
@@ -1022,6 +1022,10 @@ static int build_insn(const struct bpf_insn *insn, struct jit_ctx *ctx, bool ext
                 emit_atomic(insn, ctx);
                 break;

+       /* Speculation barrier */
+       case BPF_ST | BPF_NOSPEC:
+               break;
+
         default:
                 pr_err("bpf_jit: unknown opcode %02x\n", code);
                 return -EINVAL;

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ