| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAEyhmHQby6kGBRP8wQvKeL3fb1J_kpByBtYEWDY-3eOzRbhf0Q@mail.gmail.com>
Date: Thu, 12 Jun 2025 20:32:38 +0800
From: Hengqi Chen <hengqi.chen@...il.com>
To: Chenghao Duan <duanchenghao@...inos.cn>
Cc: loongarch@...ts.linux.dev, linux-kernel@...r.kernel.org,
George Guo <guodongtai@...inos.cn>, Youling Tang <tangyouling@...inos.cn>
Subject: Re: [PATCH v1 2/5] LoongArch: BPF: The operation commands needed to
add a trampoline
On Wed, Jun 11, 2025 at 1:37 PM Chenghao Duan <duanchenghao@...inos.cn> wrote:
>
> Add instrctions:
> emit_NOP
> emit_BREAK
>
> Add branch jump function:
> larch_insn_gen_beq
> larch_insn_gen_bne
>
> Add instruction copy function: larch_insn_text_copy
> The implementation of larch_insn_text_copy uses the fixmap
> FIX_TEXT_POKE0.
>
> Signed-off-by: George Guo <guodongtai@...inos.cn>
> Signed-off-by: Youling Tang <tangyouling@...inos.cn>
> Signed-off-by: Chenghao Duan <duanchenghao@...inos.cn>
> ---
> arch/loongarch/include/asm/inst.h | 19 +++++++
> arch/loongarch/kernel/inst.c | 85 +++++++++++++++++++++++++++++++
> 2 files changed, 104 insertions(+)
>
> diff --git a/arch/loongarch/include/asm/inst.h b/arch/loongarch/include/asm/inst.h
> index 3089785ca..dd6e07781 100644
> --- a/arch/loongarch/include/asm/inst.h
> +++ b/arch/loongarch/include/asm/inst.h
> @@ -497,6 +497,7 @@ void arch_simulate_insn(union loongarch_instruction insn, struct pt_regs *regs);
> int larch_insn_read(void *addr, u32 *insnp);
> int larch_insn_write(void *addr, u32 insn);
> int larch_insn_patch_text(void *addr, u32 insn);
> +int larch_insn_text_copy(void *dst, void *src, size_t len);
>
> u32 larch_insn_gen_nop(void);
> u32 larch_insn_gen_b(unsigned long pc, unsigned long dest);
> @@ -511,6 +512,8 @@ u32 larch_insn_gen_lu12iw(enum loongarch_gpr rd, int imm);
> u32 larch_insn_gen_lu32id(enum loongarch_gpr rd, int imm);
> u32 larch_insn_gen_lu52id(enum loongarch_gpr rd, enum loongarch_gpr rj, int imm);
> u32 larch_insn_gen_jirl(enum loongarch_gpr rd, enum loongarch_gpr rj, int imm);
> +u32 larch_insn_gen_beq(enum loongarch_gpr rd, enum loongarch_gpr rj, int imm);
> +u32 larch_insn_gen_bne(enum loongarch_gpr rd, enum loongarch_gpr rj, int imm);
>
> static inline bool signed_imm_check(long val, unsigned int bit)
> {
> @@ -778,6 +781,22 @@ static inline void emit_##NAME(union loongarch_instruction *insn, \
>
> DEF_EMIT_REG3SA2_FORMAT(alsld, alsld_op)
>
> +#define DEF_EMIT_NOP(NAME) \
> +static inline void emit_##NAME(union loongarch_instruction *insn) \
> +{ \
> + insn->word = INSN_NOP; \
> +}
> +
> +DEF_EMIT_NOP(NOP)
> +
We have the following helpers in bpf_jit.h already:
* emit_nop
* emit_cond_jmp
* emit_uncond_jmp
These can be used directly.
> +#define DEF_EMIT_BREAK(NAME) \
> +static inline void emit_##NAME(union loongarch_instruction *insn) \
> +{ \
> + insn->word = INSN_BREAK; \
> +}
> +
> +DEF_EMIT_BREAK(BREAK)
> +
> struct pt_regs;
>
> void emulate_load_store_insn(struct pt_regs *regs, void __user *addr, unsigned int *pc);
> diff --git a/arch/loongarch/kernel/inst.c b/arch/loongarch/kernel/inst.c
> index 14d7d700b..a47dc3575 100644
> --- a/arch/loongarch/kernel/inst.c
> +++ b/arch/loongarch/kernel/inst.c
> @@ -10,6 +10,33 @@
>
> static DEFINE_RAW_SPINLOCK(patch_lock);
>
> +static bool is_image_text(unsigned long addr)
> +{
> + return core_kernel_text(addr);
> +}
> +
> +static void *patch_map(void *addr, int fixmap)
^ extra space here
> +{
> + unsigned long uintaddr = (uintptr_t)addr;
> + bool image = is_image_text(uintaddr);
> + struct page *page;
> + phys_addr_t phys;
> +
> + if (image)
> + phys = __pa_symbol(addr);
> + else {
> + page = vmalloc_to_page(addr);
> + phys = page_to_phys(page) + offset_in_page(addr);
weird indentation, please fix.
> + }
> +
> + return (void *)set_fixmap_offset(fixmap, phys);
> +}
> +
> +static void patch_unmap(int fixmap)
> +{
> + clear_fixmap(fixmap);
> +}
> +
> void simu_pc(struct pt_regs *regs, union loongarch_instruction insn)
> {
> unsigned long pc = regs->csr_era;
> @@ -218,6 +245,36 @@ int larch_insn_patch_text(void *addr, u32 insn)
> return ret;
> }
>
> +int larch_insn_text_copy(void *dst, void *src, size_t len)
> +{
> + unsigned long flags;
> + size_t wlen = 0;
> + size_t size;
> + void *waddr;
> + void *ptr;
> + int ret = 0;
> +
> + raw_spin_lock_irqsave(&patch_lock, flags);
> + while (wlen < len) {
> + ptr = dst + wlen;
> + size = min_t(size_t, PAGE_SIZE - offset_in_page(ptr),
> + len - wlen);
> +
> + waddr = patch_map(ptr, FIX_TEXT_POKE0);
> + ret = copy_to_kernel_nofault(waddr, src + wlen, size);
> + patch_unmap(FIX_TEXT_POKE0);
> +
> + if (ret) {
> + pr_err("%s: operation failed\n", __func__);
> + break;
> + }
> + wlen += size;
> + }
> + raw_spin_unlock_irqrestore(&patch_lock, flags);
> +
> + return ret;
> +}
> +
> u32 larch_insn_gen_nop(void)
> {
> return INSN_NOP;
> @@ -336,3 +393,31 @@ u32 larch_insn_gen_jirl(enum loongarch_gpr rd, enum loongarch_gpr rj, int imm)
>
> return insn.word;
> }
> +
> +u32 larch_insn_gen_beq(enum loongarch_gpr rd, enum loongarch_gpr rj, int imm)
> +{
> + union loongarch_instruction insn;
> +
> + if ((imm & 3) || imm < -SZ_128K || imm >= SZ_128K) {
> + pr_warn("The generated beq instruction is out of range.\n");
> + return INSN_BREAK;
> + }
> +
> + emit_beq(&insn, rd, rj, imm >> 2);
> +
> + return insn.word;
> +}
> +
> +u32 larch_insn_gen_bne(enum loongarch_gpr rd, enum loongarch_gpr rj, int imm)
> +{
> + union loongarch_instruction insn;
> +
> + if ((imm & 3) || imm < -SZ_128K || imm >= SZ_128K) {
> + pr_warn("The generated bne instruction is out of range.\n");
> + return INSN_BREAK;
> + }
> +
> + emit_bne(&insn, rj, rd, imm >> 2);
> +
> + return insn.word;
> +}
> --
> 2.25.1
>
>
Powered by blists - more mailing lists