[PATCH] ARM: net: delegate filter to kernel interpreter when imm_offset() return value can't fit into 12bits.

All of lore.kernel.org
 help / color / mirror / Atom feed

From: daniel@iogearbox.net (Daniel Borkmann)
To: linux-arm-kernel@lists.infradead.org
Subject: [PATCH] ARM: net: delegate filter to kernel interpreter when imm_offset() return value can't fit into 12bits.
Date: Thu, 07 May 2015 18:18:08 +0200	[thread overview]
Message-ID: <554B9040.50802@iogearbox.net> (raw)
In-Reply-To: <1431011661-10277-1-git-send-email-nschichan@freebox.fr>

On 05/07/2015 05:14 PM, Nicolas Schichan wrote:
> The ARM JIT code emits "ldr rX, [pc, #offset]" to access the literal
> pool. #offset maximum value is 4095 and if the generated code is too
> large, the #offset value can overflow and not point to the expected
> slot in the literal pool. Additionally, when overflow occurs, bits of
> the overflow can end up changing the destination register of the ldr
> instruction.
>
> Fix that by detecting the overflow in imm_offset() and setting a flag
> that is checked for each BPF instructions converted in
> build_body(). As of now it can only be detected in the second pass. As
> a result the second build_body() call can now fail, so add the
> corresponding cleanup code in that case.
>
> Using multiple literal pools in the JITed code is going to require
> lots of intrusive changes to the JIT code (which would better be done
> as a feature instead of fix), just delegating to the kernel BPF
> interpreter in that case is a more straight forward, minimal fix and
> easy to backport.
>
> Signed-off-by: Nicolas Schichan <nschichan@freebox.fr>

Fix looks good to me.

Fixes: ddecdfcea0ae ("ARM: 7259/3: net: JIT compiler for packet filters")
Acked-by: Daniel Borkmann <daniel@iogearbox.net>

WARNING: multiple messages have this Message-ID (diff)

From: Daniel Borkmann <daniel@iogearbox.net>
To: Nicolas Schichan <nschichan@freebox.fr>,
	Russell King <linux@arm.linux.org.uk>,
	"David S. Miller" <davem@davemloft.net>,
	Alexei Starovoitov <ast@plumgrid.com>,
	Mircea Gherzan <mgherzan@gmail.com>,
	linux-arm-kernel@lists.infradead.org,
	linux-kernel@vger.kernel.org, netdev@vger.kernel.org
Subject: Re: [PATCH] ARM: net: delegate filter to kernel interpreter when imm_offset() return value can't fit into 12bits.
Date: Thu, 07 May 2015 18:18:08 +0200	[thread overview]
Message-ID: <554B9040.50802@iogearbox.net> (raw)
In-Reply-To: <1431011661-10277-1-git-send-email-nschichan@freebox.fr>

On 05/07/2015 05:14 PM, Nicolas Schichan wrote:
> The ARM JIT code emits "ldr rX, [pc, #offset]" to access the literal
> pool. #offset maximum value is 4095 and if the generated code is too
> large, the #offset value can overflow and not point to the expected
> slot in the literal pool. Additionally, when overflow occurs, bits of
> the overflow can end up changing the destination register of the ldr
> instruction.
>
> Fix that by detecting the overflow in imm_offset() and setting a flag
> that is checked for each BPF instructions converted in
> build_body(). As of now it can only be detected in the second pass. As
> a result the second build_body() call can now fail, so add the
> corresponding cleanup code in that case.
>
> Using multiple literal pools in the JITed code is going to require
> lots of intrusive changes to the JIT code (which would better be done
> as a feature instead of fix), just delegating to the kernel BPF
> interpreter in that case is a more straight forward, minimal fix and
> easy to backport.
>
> Signed-off-by: Nicolas Schichan <nschichan@freebox.fr>

Fix looks good to me.

Fixes: ddecdfcea0ae ("ARM: 7259/3: net: JIT compiler for packet filters")
Acked-by: Daniel Borkmann <daniel@iogearbox.net>

next prev parent reply	other threads:[~2015-05-07 16:18 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-05-07 15:14 [PATCH] ARM: net: delegate filter to kernel interpreter when imm_offset() return value can't fit into 12bits Nicolas Schichan
2015-05-07 15:14 ` Nicolas Schichan
2015-05-07 16:18 ` Daniel Borkmann [this message]
2015-05-07 16:18   ` Daniel Borkmann
2015-05-10 23:22 ` David Miller
2015-05-10 23:22   ` David Miller

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=554B9040.50802@iogearbox.net \
    --to=daniel@iogearbox.net \
    --cc=linux-arm-kernel@lists.infradead.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.