From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from lists.ozlabs.org (lists.ozlabs.org [112.213.38.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id 1B230CD98D2 for ; Thu, 11 Jun 2026 11:39:36 +0000 (UTC) Received: from boromir.ozlabs.org (localhost [127.0.0.1]) by lists.ozlabs.org (Postfix) with ESMTP id 4gbgfZ4WgYz3brD; Thu, 11 Jun 2026 21:39:34 +1000 (AEST) Authentication-Results: lists.ozlabs.org; arc=none smtp.remote-ip=148.163.156.1 ARC-Seal: i=1; a=rsa-sha256; d=lists.ozlabs.org; s=201707; t=1781177974; cv=none; b=nGaaPaj003FYPku6abdZEVLncsvGgRpfcGH3F6j2VfYW2ZCtpyfbDMvsWkl8YnacLAtvERnRs2d2Hp1v2Hdznmv94Sbzbia89myO3T1TV1iLhFcI7Ajg1EfH7O9bzRE5Cr7ysrekUPgqy4DmNGG8ZyJb6Z+7zojSKXT99nl/sb78aWQDAqxwXU1w9BrvywUELyr5CnE6lkys3zxuwoOrrPph5ZWfdQdsOPtZD4PuYNDu4IFkjy49YfwlqqGNMJe9I91WVCYQI13DlliGw/vNvBFQZm7mJKBh5Gk2F9q1muPsz3kIImgDD6uOfO3B7jB7k2nxkVSI9xZGLqcAPZ5tpA== ARC-Message-Signature: i=1; a=rsa-sha256; d=lists.ozlabs.org; s=201707; t=1781177974; c=relaxed/relaxed; bh=Z4jOn3Th7ajOqmAzHOGEgpwCXjo3QbwoQSCQRJE9wao=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version; b=Vnngqg2QA/MhBK8pVSnbJW0F+3u9KTDM5RXRYHjpRRf4NqqKKq3oOjAvhU1WbT8YEiKTkd75FOdrm1RTNgcdQ56SehRoq4XAEKzEWJwDkGM2zSY4EeMyMmvPN6C1xVQEphLWg0+Rm6rceQxd6y3CiipyLqpOudMvRwlc6jhfcLGY2WKOkUhwhQ5S2c68DyVPgOggTB+QQOWLvnMxwgNJ+dfIN/dIORXscM+aTlIE3F0OgG+2NgERjJUToXhPqPI2DwWk1NrPGqmhlM8GdnXZAl9c3cxqxI0fGthIS/xNXcJxhU84sNZ+AyGKrWTvB0hQg1MiezGWSNHEHC5t+2Yjlg== ARC-Authentication-Results: i=1; lists.ozlabs.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com; dkim=pass (2048-bit key; unprotected) header.d=ibm.com header.i=@ibm.com header.a=rsa-sha256 header.s=pp1 header.b=gpkAks6Z; dkim-atps=neutral; spf=pass (client-ip=148.163.156.1; helo=mx0a-001b2d01.pphosted.com; envelope-from=adubey@linux.ibm.com; receiver=lists.ozlabs.org) smtp.mailfrom=linux.ibm.com Authentication-Results: lists.ozlabs.org; dmarc=pass (p=none dis=none) header.from=linux.ibm.com Authentication-Results: lists.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=ibm.com header.i=@ibm.com header.a=rsa-sha256 header.s=pp1 header.b=gpkAks6Z; dkim-atps=neutral Authentication-Results: lists.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=linux.ibm.com (client-ip=148.163.156.1; helo=mx0a-001b2d01.pphosted.com; envelope-from=adubey@linux.ibm.com; receiver=lists.ozlabs.org) Received: from mx0a-001b2d01.pphosted.com (mx0a-001b2d01.pphosted.com [148.163.156.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by lists.ozlabs.org (Postfix) with ESMTPS id 4gbgfY4NZmz2xKh for ; Thu, 11 Jun 2026 21:39:33 +1000 (AEST) Received: from pps.filterd (m0360083.ppops.net [127.0.0.1]) by mx0a-001b2d01.pphosted.com (8.18.1.11/8.18.1.11) with ESMTP id 65AJu7Lp722324; Thu, 11 Jun 2026 11:39:17 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ibm.com; h=cc :content-transfer-encoding:date:from:message-id:mime-version :subject:to; s=pp1; bh=Z4jOn3Th7ajOqmAzHOGEgpwCXjo3QbwoQSCQRJE9w ao=; b=gpkAks6Z8zmxpL7bAdkWK+XFcgrIrEH5AftyQuC6uFogMjz/4EzBp4o88 7TJBKKO406z8LnM4bAl3Bwp72iQDqo2JIfF3K1ud5sF6Eg4qbcFjBLNu2Y2l2dlU goVL4SX87FS7adzQudEfwd0jvxrfBsItdNEQk8CbcyLp7jJiHqy94lt11d/QX1kA w6gOWdy80RIs56ovUnIrx0JJSq6k1DdJkoI53fU6QQI/N3oqkFXAP1MzQ+EDzVka X010Q0dbBOfO4dxuoBPKkC6uwEh4/9LFH8aebgw+P6LLLXv1r1q6cuIQeDRyxFWd vgZYeI6Xgb6jaq7HmW0kOPEYbg8tg== Received: from ppma23.wdc07v.mail.ibm.com (5d.69.3da9.ip4.static.sl-reverse.com [169.61.105.93]) by mx0a-001b2d01.pphosted.com (PPS) with ESMTPS id 4eqe8db62g-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 11 Jun 2026 11:39:17 +0000 (GMT) Received: from pps.filterd (ppma23.wdc07v.mail.ibm.com [127.0.0.1]) by ppma23.wdc07v.mail.ibm.com (8.18.1.7/8.18.1.7) with ESMTP id 65BBYiSe004691; Thu, 11 Jun 2026 11:39:16 GMT Received: from smtprelay04.fra02v.mail.ibm.com ([9.218.2.228]) by ppma23.wdc07v.mail.ibm.com (PPS) with ESMTPS id 4eqe0a2ya9-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Thu, 11 Jun 2026 11:39:16 +0000 (GMT) Received: from smtpav06.fra02v.mail.ibm.com (smtpav06.fra02v.mail.ibm.com [10.20.54.105]) by smtprelay04.fra02v.mail.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id 65BBdCX329491742 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Thu, 11 Jun 2026 11:39:12 GMT Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 5B94E2004D; Thu, 11 Jun 2026 11:39:12 +0000 (GMT) Received: from smtpav06.fra02v.mail.ibm.com (unknown [127.0.0.1]) by IMSVA (Postfix) with ESMTP id 4681120049; Thu, 11 Jun 2026 11:39:10 +0000 (GMT) Received: from ltcrain4-lp15.ltc.tadn.ibm.com (unknown [9.5.7.39]) by smtpav06.fra02v.mail.ibm.com (Postfix) with ESMTP; Thu, 11 Jun 2026 11:39:10 +0000 (GMT) From: adubey@linux.ibm.com To: bpf@vger.kernel.org Cc: hbathini@linux.ibm.com, linuxppc-dev@lists.ozlabs.org, maddy@linux.ibm.com, ast@kernel.org, andrii@kernel.org, daniel@iogearbox.net, shuah@kernel.org, linux-kselftest@vger.kernel.org, stable@vger.kernel.org, Abhishek Dubey Subject: [PATCH v7 0/7] powerpc/bpf: Add support for verifier selftest Date: Thu, 11 Jun 2026 11:38:19 -0400 Message-ID: <20260611153826.31187-1-adubey@linux.ibm.com> X-Mailer: git-send-email 2.52.0 X-Mailing-List: linuxppc-dev@lists.ozlabs.org List-Id: List-Help: List-Owner: List-Post: List-Archive: , List-Subscribe: , , List-Unsubscribe: Precedence: list MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-TM-AS-GCONF: 00 X-Proofpoint-Spam-Info: AW1haW4tMjYwNjExMDExNiBTYWx0ZWRfX+dzSsKwMiLxj 8SiSKY/QnqIB+P2f7tjw5vJpJCr2LLjFz88KKpzEKvITA41PohwnoEq7eIqYCm1IWKSeK2LtC4I GNFeJRD3sZVSzt7e6LIUqXEVs+gICWw= X-Proofpoint-Spam-Details-Enc: AW1haW4tMjYwNjExMDExNiBTYWx0ZWRfX+5bOHyVVOB83 qgXZ0zy6AzBxE2+bJJ7ZG7r4AhhW8MriHmk1exWtYirtkNu4s+5+VLV94t9vh3RfRywEpyuexaU rxvYx/BeFStEnOdG9kaykwojcTqpEQvUFJYpLkJ+gNDzM6tFQX72vD6Ra19eS8rwg0oa1wiDHjh z6GH6gOdgFPI8MKljWNYTXwlUGlBvQ79eRpw2EGtv5tTAj5kth4CBxmMeSlmsl+fXGVgWHEQxiX zZa2AC/QNtORLzdrdKYkOKe1/v6ItVZaTHOrGZQNP7PrHdZr9XPrVIjhY3HdTwchzsNgYjN/U+Z p7hq8EEpMyd2b0A1OQJpuC+gCq0heZRAgRyZVfqTrGMf311ohdYj9mU0NQTyQbvYFhnV3geCv6j H1/jJXdKHKySCjlLk0vW6+oiYr1MijMbS+hN7s5KsfdGZt9jMa//QvQy7AjaQ4MZGReOR+kqYlY 14oIifbXbPXwOM7XIVg== X-Proofpoint-ORIG-GUID: jTKcpxXVUJAePPot2YJGp1ZNX_Coen20 X-Authority-Analysis: v=2.4 cv=GIM41ONK c=1 sm=1 tr=0 ts=6a2a9e65 cx=c_pps a=3Bg1Hr4SwmMryq2xdFQyZA==:117 a=3Bg1Hr4SwmMryq2xdFQyZA==:17 a=FelO9ux0wxsA:10 a=VkNPw1HP01LnGYTKEx00:22 a=RnoormkPH1_aCDwRdu11:22 a=iQ6ETzBq9ecOQQE5vZCe:22 a=VwQbUJbxAAAA:8 a=VnNF1IyMAAAA:8 a=D-oU5X2WxZXJlpUmpAoA:9 X-Proofpoint-GUID: jTKcpxXVUJAePPot2YJGp1ZNX_Coen20 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1143,Hydra:6.1.125,FMLib:17.12.100.49 definitions=2026-06-11_02,2026-06-09_02,2025-10-01_01 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 clxscore=1015 suspectscore=0 impostorscore=0 spamscore=0 phishscore=0 adultscore=0 lowpriorityscore=0 bulkscore=0 priorityscore=1501 malwarescore=0 classifier=typeunknown authscore=0 authtc= authcc= route=outbound adjust=0 reason=mlx scancount=1 engine=8.22.0-2606040000 definitions=main-2606110116 From: Abhishek Dubey The verifier selftest validates JITed instructions by matching expected disassembly output. The first two patches fix issues in powerpc instruction disassembly that were causing test flow failures. The fix is common for 64-bit & 32-bit powerpc. Add support for the powerpc-specific "__powerpc64" architecture tag in the third patch, enabling proper test filtering in verifier test files. Introduce verifier testcases for tailcalls on powerpc64 in the final patch. The first patch in series is fix patch, correcting memory alignment with 8-byte boundary for long branch address field. The subsequent patches enables verifier selftests on powerpc. The fifth patch in the series fixes incorrect comparator usage for comparing tailcall info with tailcall threshold. The last patch fixes JIT buffer overflow for large BPF progs. Issue Details: -------------- The Long branch stub in the trampoline implementation[1] provides flexibility to handles short as well as long branch distance to actual trampoline. Whereas, the 8 bytes long dummy_tramp_addr field sitting before long branch stub leads to failure when enabling verifier based seltest for ppc64. The verifier selftests require disassembing the final jited image to get native instructions. Later the disassembled instruction sequence is matched against sequence of instructions provided in test-file under __jited() wrapper. The final jited image contains Out-of-line stub and Long branch stub as part of epilogue jitting for a bpf program. The 8 bytes space for dummy_tramp is sandwiched between both above mentioned stubs. These 8 bytes contain memory address of dummy trampoline during trampoline invocation which don't correspond to any powerpc instructions. So, disassembly fails resulting in failure of verifier selftests. The following code snippet shows the problem with current arrangement made for dummy_tramp_addr. /* Out-of-line stub */ mflr r0 [b|bl] tramp mtlr r0 //only with OOL b bpf_func + 4 /* Long branch stub */ .long <---Invalid bytes sequence, disassembly fails mflr r11 bcl 20,31,$+4 mflr r12 ld r12, -8-SZL(r12) mtctr r12 mtlr r11 //retain ftrace ABI bctr Consider test program binary of size 112 bytes: 0: 00000060 10004de8 00002039 f8ff21f9 81ff21f8 7000e1fb 3000e13b 28: 3000e13b 2a006038 f8ff7ff8 00000039 7000e1eb 80002138 7843037d 56: 2000804e a602087c 00000060 a603087c bcffff4b c0341d00 000000c0 84: a602687d 05009f42 a602887d f0ff8ce9 a603897d a603687d 2004804e Disassembly output of above binary for ppc64le: pc:0 left:112 00 00 00 60 : nop pc:4 left:108 10 00 4d e8 : ld 2, 16(13) pc:8 left:104 00 00 20 39 : li 9, 0 pc:12 left:100 f8 ff 21 f9 : std 9, -8(1) pc:16 left:96 81 ff 21 f8 : stdu 1, -128(1) pc:20 left:92 70 00 e1 fb : std 31, 112(1) pc:24 left:88 30 00 e1 3b : addi 31, 1, 48 pc:28 left:84 30 00 e1 3b : addi 31, 1, 48 pc:32 left:80 2a 00 60 38 : li 3, 42 pc:36 left:76 f8 ff 7f f8 : std 3, -8(31) pc:40 left:72 00 00 00 39 : li 8, 0 pc:44 left:68 70 00 e1 eb : ld 31, 112(1) pc:48 left:64 80 00 21 38 : addi 1, 1, 128 pc:52 left:60 78 43 03 7d : mr 3, 8 pc:56 left:56 20 00 80 4e : blr pc:60 left:52 a6 02 08 7c : mflr 0 pc:64 left:48 00 00 00 60 : nop pc:68 left:44 a6 03 08 7c : mtlr 0 pc:72 left:40 bc ff ff 4b : b .-68 pc:76 left:36 c0 34 1d 00 : ... Failure log: Can't disasm instruction at offset 76: c0 34 1d 00 00 00 00 c0 a6 02 68 7d 05 00 9f 42 -------------------------------------- Observation: Can't disasm instruction at offset 76 as this address has ".long " (0xc0341d00000000c0) But valid instructions follow at offset 84 onwards. Move the long branch address space to the bottom of the long branch stub. This allows uninterrupted disassembly until the last 8 bytes. Exclude these last bytes from the overall program length to prevent failure in assembly generation. Following is disassembler output for same test program with moved down dummy_tramp_addr field: ..... ..... pc:68 left:44 a6 03 08 7c : mtlr 0 pc:72 left:40 bc ff ff 4b : b .-68 pc:76 left:36 a6 02 68 7d : mflr 11 pc:80 left:32 05 00 9f 42 : bcl 20, 31, .+4 pc:84 left:28 a6 02 88 7d : mflr 12 pc:88 left:24 14 00 8c e9 : ld 12, 20(12) pc:92 left:20 a6 03 89 7d : mtctr 12 pc:96 left:16 a6 03 68 7d : mtlr 11 pc:100 left:12 20 04 80 4e : bctr pc:104 left:8 c0 34 1d 00 : Failure log: Can't disasm instruction at offset 104: c0 34 1d 00 00 00 00 c0 --------------------------------------- Disassembly logic can truncate at 104, ignoring last 8 bytes. Update the dummy_tramp_addr field offset calculation from the end of the program to reflect its new location, for bpf_arch_text_poke() to update the actual trampoline's address in this field. [1] https://lore.kernel.org/all/20241030070850.1361304-18-hbathini@linux.ibm.com v6->v7: Fixed JIT buffer overflow in case of large BPF progs Addressed remaining bot comments v5->v6: Changed alignment NOP emittion dependency on fimage layout Adjust tail truncate length for 32-bit ppc Addressed few minor bot comments v4->v5: Handled alignment NOP emit logic and corresponding stub offsets Handled image buffer overflow problem in last pass Above changes took care of other bot reviews Included LLVMDisposeMessage() for graceful freeing Adjusted parameters in bpf_jit_build_fentry_stubs for ppc32 Adjusted expected JIT inst. in tailcall test for CONFIG_PPC_KERNEL_PCREL config Added fix patch at last for inaccurate use of cmplwi inst. v3->v4: Changed logic for emitting alignment NOP v2->v3: Removed fixed NOP from bottom of long branch stub Rebased on top of bpf-next v1->v2: Added fix-patch to correct memory alignment in-place Moved the optional alignmnet NOP before OOL stub [v1]: https://lore.kernel.org/bpf/20260225013627.22098-1-adubey@linux.ibm.com [v2]: https://lore.kernel.org/bpf/20260403004011.44417-1-adubey@linux.ibm.com [v3]: https://lore.kernel.org/bpf/20260411221413.44304-1-adubey@linux.ibm.com [v4]: https://lore.kernel.org/bpf/20260517214043.12975-1-adubey@linux.ibm.com [v5]: https://lore.kernel.org/bpf/20260519233812.18787-1-adubey@linux.ibm.com [v6]: https://lore.kernel.org/bpf/20260529015855.364704-1-adubey@linux.ibm.com Abhishek Dubey (7): powerpc/bpf: fix alignment of long branch trampoline address powerpc/bpf: Move out dummy_tramp_addr after Long branch stub selftest/bpf: Fixing powerpc JIT disassembly failure selftest/bpf: Enable verifier selftest for powerpc64 powerpc64/bpf: fix compare instruction emitted for tailcall selftest/bpf: Add tailcall verifier selftest for powerpc64 powerpc/bpf: fix buffer overflow in JIT for large BPF programs arch/powerpc/net/bpf_jit.h | 7 +- arch/powerpc/net/bpf_jit_comp.c | 73 +++++++++++++------ arch/powerpc/net/bpf_jit_comp32.c | 4 +- arch/powerpc/net/bpf_jit_comp64.c | 15 ++-- .../selftests/bpf/jit_disasm_helpers.c | 21 +++++- tools/testing/selftests/bpf/progs/bpf_misc.h | 1 + .../bpf/progs/verifier_tailcall_jit.c | 69 ++++++++++++++++++ tools/testing/selftests/bpf/test_loader.c | 5 ++ 8 files changed, 161 insertions(+), 34 deletions(-) -- 2.52.0