From: catalin.marinas@arm.com (Catalin Marinas)
To: linux-arm-kernel@lists.infradead.org
Subject: [PATCH arm64-next] net: bpf: arm64: address randomize and write protect JIT code
Date: Fri, 12 Sep 2014 17:03:45 +0100 [thread overview]
Message-ID: <20140912160345.GF5532@arm.com> (raw)
In-Reply-To: <1410505897-20122-1-git-send-email-dborkman@redhat.com>
Daniel,
On Fri, Sep 12, 2014 at 08:11:37AM +0100, Daniel Borkmann wrote:
> Will, Catalin, Dave, this is more or less a heads-up: when net-next and
> arm64-next tree will get both merged into Linus' tree, we will run into
> a 'silent' merge conflict until someone actually runs eBPF JIT on ARM64
> and might notice (I presume) an oops when JIT is freeing bpf_prog. I'd
> assume nobody actually _runs_ linux-next, but not sure about that though.
Some people do.
> How do we handle this? Would I need to resend this patch when the time
> comes or would you ARM64 guys take care of it automagically? ;)
I think we could disable BPF for arm64 until -rc1 and re-enable it
together with this patch.
One comment below:
> --- a/arch/arm64/net/bpf_jit_comp.c
> +++ b/arch/arm64/net/bpf_jit_comp.c
[...]
> +static void jit_fill_hole(void *area, unsigned int size)
> +{
> + /* Insert illegal UND instructions. */
> + u32 *ptr, fill_ins = 0xe7ffffff;
On arm64 we don't have a guaranteed undefined instruction space (and
Will tells me that on Thumb-2 for the 32-bit arm port it actually is a
valid instruction, it seems that you used the same value).
I think the only guaranteed way is to use the BRK #imm instruction but
it requires some changes to the handling code as it is currently used
for kgdb (unless you can use two instructions for filling in which could
generate a NULL pointer access).
--
Catalin
WARNING: multiple messages have this Message-ID (diff)
From: Catalin Marinas <catalin.marinas@arm.com>
To: Daniel Borkmann <dborkman@redhat.com>
Cc: Will Deacon <Will.Deacon@arm.com>,
"davem@davemloft.net" <davem@davemloft.net>,
"zlim.lnx@gmail.com" <zlim.lnx@gmail.com>,
"ast@plumgrid.com" <ast@plumgrid.com>,
"linux-arm-kernel@lists.infradead.org"
<linux-arm-kernel@lists.infradead.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH arm64-next] net: bpf: arm64: address randomize and write protect JIT code
Date: Fri, 12 Sep 2014 17:03:45 +0100 [thread overview]
Message-ID: <20140912160345.GF5532@arm.com> (raw)
In-Reply-To: <1410505897-20122-1-git-send-email-dborkman@redhat.com>
Daniel,
On Fri, Sep 12, 2014 at 08:11:37AM +0100, Daniel Borkmann wrote:
> Will, Catalin, Dave, this is more or less a heads-up: when net-next and
> arm64-next tree will get both merged into Linus' tree, we will run into
> a 'silent' merge conflict until someone actually runs eBPF JIT on ARM64
> and might notice (I presume) an oops when JIT is freeing bpf_prog. I'd
> assume nobody actually _runs_ linux-next, but not sure about that though.
Some people do.
> How do we handle this? Would I need to resend this patch when the time
> comes or would you ARM64 guys take care of it automagically? ;)
I think we could disable BPF for arm64 until -rc1 and re-enable it
together with this patch.
One comment below:
> --- a/arch/arm64/net/bpf_jit_comp.c
> +++ b/arch/arm64/net/bpf_jit_comp.c
[...]
> +static void jit_fill_hole(void *area, unsigned int size)
> +{
> + /* Insert illegal UND instructions. */
> + u32 *ptr, fill_ins = 0xe7ffffff;
On arm64 we don't have a guaranteed undefined instruction space (and
Will tells me that on Thumb-2 for the 32-bit arm port it actually is a
valid instruction, it seems that you used the same value).
I think the only guaranteed way is to use the BRK #imm instruction but
it requires some changes to the handling code as it is currently used
for kgdb (unless you can use two instructions for filling in which could
generate a NULL pointer access).
--
Catalin
next prev parent reply other threads:[~2014-09-12 16:03 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-12 7:11 [PATCH arm64-next] net: bpf: arm64: address randomize and write protect JIT code Daniel Borkmann
2014-09-12 7:11 ` Daniel Borkmann
2014-09-12 16:03 ` Catalin Marinas [this message]
2014-09-12 16:03 ` Catalin Marinas
2014-09-12 16:21 ` Daniel Borkmann
2014-09-12 16:21 ` Daniel Borkmann
2014-09-12 16:46 ` Catalin Marinas
2014-09-12 16:46 ` Catalin Marinas
2014-09-12 17:10 ` Will Deacon
2014-09-12 17:10 ` Will Deacon
2014-09-12 17:16 ` Daniel Borkmann
2014-09-12 17:16 ` Daniel Borkmann
2014-09-12 17:21 ` Catalin Marinas
2014-09-12 17:21 ` Catalin Marinas
2014-09-12 17:39 ` Daniel Borkmann
2014-09-12 17:39 ` Daniel Borkmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140912160345.GF5532@arm.com \
--to=catalin.marinas@arm.com \
--cc=linux-arm-kernel@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.