From: daniel@iogearbox.net (Daniel Borkmann)
To: linux-arm-kernel@lists.infradead.org
Subject: [PATCH] bpf, arm64: start flushing icache range from header
Date: Mon, 16 Nov 2015 12:48:08 +0100 [thread overview]
Message-ID: <5649C278.2030803@iogearbox.net> (raw)
In-Reply-To: <20151116113912.GB20696@leverpostej>
On 11/16/2015 12:39 PM, Mark Rutland wrote:
> On Sat, Nov 14, 2015 at 01:16:18AM +0100, Daniel Borkmann wrote:
>> While recently going over ARM64's BPF code, I noticed that the icache
>> range we're flushing should start at header already and not at ctx.image.
>>
>> Reason is that after b569c1c622c5 ("net: bpf: arm64: address randomize
>> and write protect JIT code"), we also want to make sure to flush the
>> random-sized trap in front of the start of the actual program (analogous
>> to x86). No operational differences from user side.
>>
>> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
>> Acked-by: Zi Shen Lim <zlim.lnx@gmail.com>
>> Cc: Alexei Starovoitov <ast@kernel.org>
>> ---
>> ( As arm64 jit fixes seem to go via arm64 tree, sending them here. )
>>
>> arch/arm64/net/bpf_jit_comp.c | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/arch/arm64/net/bpf_jit_comp.c b/arch/arm64/net/bpf_jit_comp.c
>> index a44e529..ee06570 100644
>> --- a/arch/arm64/net/bpf_jit_comp.c
>> +++ b/arch/arm64/net/bpf_jit_comp.c
>> @@ -740,7 +740,7 @@ void bpf_int_jit_compile(struct bpf_prog *prog)
>> if (bpf_jit_enable > 1)
>> bpf_jit_dump(prog->len, image_size, 2, ctx.image);
>>
>> - bpf_flush_icache(ctx.image, ctx.image + ctx.idx);
>> + bpf_flush_icache(header, ctx.image + ctx.idx);
>
> As far as I can see, ctx.idx doesn't take into account the size of the
> header, given we zero it after bpf_jit_binary_alloc, and increment it
> for each instruction.
>
> So won't this prevent us from flushing the end of the image? Or did I
> miss something?
Nope, bpf_flush_icache() takes start and end pointer ... header starts
before ctx.image on the linear buffer. Why should this prevent us from
flushing the end of the image?
next prev parent reply other threads:[~2015-11-16 11:48 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-11-14 0:16 [PATCH] bpf, arm64: start flushing icache range from header Daniel Borkmann
2015-11-16 11:39 ` Mark Rutland
2015-11-16 11:48 ` Daniel Borkmann [this message]
2015-11-16 11:59 ` Mark Rutland
2015-11-16 19:42 ` David Miller
2015-11-16 19:45 ` Daniel Borkmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5649C278.2030803@iogearbox.net \
--to=daniel@iogearbox.net \
--cc=linux-arm-kernel@lists.infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).