BPF List
 help / color / mirror / Atom feed
From: sashiko-bot@kernel.org
To: "Pawan Gupta" <pawan.kumar.gupta@linux.intel.com>
Cc: bpf@vger.kernel.org
Subject: Re: [PATCH 7.1.y 1/6] bpf: Support for hardening against JIT spraying
Date: Thu, 09 Jul 2026 22:37:15 +0000	[thread overview]
Message-ID: <20260709223717.3C6291F00A3F@smtp.kernel.org> (raw)
In-Reply-To: <20260709-cbpf-jit-spray-hardening-7-1-y-v1-1-5ac5a2d6797f@linux.intel.com>

Thank you for your contribution! Sashiko AI review found 1 potential issue(s) to consider:
- [High] Security Mitigation Bypass: Indirect branch predictor flush is skipped for large BPF allocations and when packs are freed to the system pool.
--

--- Patch [1]: [PATCH 7.1.y 1/6] bpf: Support for hardening against JIT spraying ---
commit 3f99052f0f28956849dd13889694d621bc46be60
Author: Pawan Gupta <pawan.kumar.gupta@linux.intel.com>

bpf: Support for hardening against JIT spraying

This patch introduces the bpf_arch_pred_flush mechanism to flush indirect
branch predictors before reusing JIT memory. This aims to protect new BPF
programs from using branch predictions left behind by previous programs that
occupied the same space. However, it intentionally skips flushing for large
allocations and when returning packs to the system pool.

> diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c
> index 6aa2a8b240306..f49b9b23f95e6 100644
> --- a/kernel/bpf/core.c
> +++ b/kernel/bpf/core.c
[ ... ]
> @@ -941,6 +951,14 @@ void *bpf_prog_pack_alloc(u32 size, bpf_jit_fill_hole_t bpf_fill_ill_insns)
>  
>  	mutex_lock(&pack_mutex);
>  	if (size > BPF_PROG_PACK_SIZE) {
> +		/*
> +		 * Allocations larger than a pack get their own pages, and
> +		 * predictors are not flushed for such allocation. This is only
> +		 * safe because cBPF programs (the unprivileged attack surface)
> +		 * are bounded well below a pack size.
> +		 */
> +		if (static_branch_unlikely(&bpf_pred_flush_enabled))
> +			pr_warn_once("BPF: Predictors not flushed for allocations greater than BPF_PROG_PACK_SIZE\n");
>  		size = round_up(size, PAGE_SIZE);
>  		ptr = bpf_jit_alloc_exec(size);

[Severity: High]
Does skipping the flush for allocations larger than BPF_PROG_PACK_SIZE leave
large BPF programs and Kernel Modules vulnerable to poisoned predictions?

If an unprivileged attacker loads cBPF programs to fill a BPF pack and trains
the indirect branch predictor, they leave poisoned predictions for that memory.

When the attacker unloads the cBPF programs, the BPF pack is freed. If a
privileged user subsequently allocates a large BPF program, this new
allocation might reuse the freed memory.

Since bpf_prog_pack_alloc() explicitly skips bpf_arch_pred_flush() for these
allocations, wouldn't the privileged victim program inherit the attacker's
poisoned predictions?

Additionally, does freeing an empty pack back to the system pool bypass the
mitigation completely?

When a pack is fully emptied in bpf_prog_pack_free(), it is returned to the
system pool without a predictor flush:

kernel/bpf/core.c:bpf_prog_pack_free() {
	...
	if (bitmap_find_next_zero_area(pack->bitmap, BPF_PROG_CHUNK_COUNT, 0,
				       BPF_PROG_CHUNK_COUNT, 0) == 0) {
		list_del(&pack->list);
		bpf_jit_free_exec(pack->ptr);
		kfree(pack);
	}
	...
}

Could Kernel Modules or large BPF programs that subsequently allocate this
memory via execmem inherit these poisoned predictions?

-- 
Sashiko AI review · https://sashiko.dev/#/patchset/20260709-cbpf-jit-spray-hardening-7-1-y-v1-0-5ac5a2d6797f@linux.intel.com?part=1

  reply	other threads:[~2026-07-09 22:37 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-07-09 22:22 [PATCH 7.1.y 0/6] cBPF JIT spray hardening Pawan Gupta
2026-07-09 22:23 ` [PATCH 7.1.y 1/6] bpf: Support for hardening against JIT spraying Pawan Gupta
2026-07-09 22:37   ` sashiko-bot [this message]
2026-07-09 22:52   ` bot+bpf-ci
2026-07-09 22:23 ` [PATCH 7.1.y 2/6] x86/bugs: Enable IBPB flush on BPF JIT allocation Pawan Gupta
2026-07-09 22:37   ` sashiko-bot
2026-07-09 22:23 ` [PATCH 7.1.y 3/6] bpf: Restrict JIT predictor flush to cBPF Pawan Gupta
2026-07-09 22:35   ` sashiko-bot
2026-07-09 22:23 ` [PATCH 7.1.y 4/6] bpf: Skip redundant IBPB in pack allocator Pawan Gupta
2026-07-09 22:24 ` [PATCH 7.1.y 5/6] bpf: Prefer packs that won't trigger an IBPB flush on allocation Pawan Gupta
2026-07-09 22:24 ` [PATCH 7.1.y 6/6] bpf: Prefer dirty packs for eBPF allocations Pawan Gupta
2026-07-10 21:03 ` [PATCH 7.1.y 0/6] cBPF JIT spray hardening Sasha Levin

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20260709223717.3C6291F00A3F@smtp.kernel.org \
    --to=sashiko-bot@kernel.org \
    --cc=bpf@vger.kernel.org \
    --cc=pawan.kumar.gupta@linux.intel.com \
    --cc=sashiko-reviews@lists.linux.dev \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox