|
Jiri Slaby |
e378cd |
From: George Guo <guodongtai@kylinos.cn>
|
|
Jiri Slaby |
e378cd |
Date: Tue, 28 Mar 2023 15:13:35 +0800
|
|
Jiri Slaby |
e378cd |
Subject: [PATCH] LoongArch, bpf: Fix jit to skip speculation barrier opcode
|
|
Jiri Slaby |
e378cd |
References: bsc#1012628
|
|
Jiri Slaby |
e378cd |
Patch-mainline: 6.2.12
|
|
Jiri Slaby |
e378cd |
Git-commit: a6f6a95f25803500079513780d11a911ce551d76
|
|
Jiri Slaby |
e378cd |
|
|
Jiri Slaby |
e378cd |
[ Upstream commit a6f6a95f25803500079513780d11a911ce551d76 ]
|
|
Jiri Slaby |
e378cd |
|
|
Jiri Slaby |
e378cd |
Just skip the opcode(BPF_ST | BPF_NOSPEC) in the BPF JIT instead of
|
|
Jiri Slaby |
e378cd |
failing to JIT the entire program, given LoongArch currently has no
|
|
Jiri Slaby |
e378cd |
couterpart of a speculation barrier instruction. To verify the issue,
|
|
Jiri Slaby |
e378cd |
use the ltp testcase as shown below.
|
|
Jiri Slaby |
e378cd |
|
|
Jiri Slaby |
e378cd |
Also, Wang says:
|
|
Jiri Slaby |
e378cd |
|
|
Jiri Slaby |
e378cd |
I can confirm there's currently no speculation barrier equivalent
|
|
Jiri Slaby |
e378cd |
on LonogArch. (Loongson says there are builtin mitigations for
|
|
Jiri Slaby |
e378cd |
Spectre-V1 and V2 on their chips, and AFAIK efforts to port the
|
|
Jiri Slaby |
e378cd |
exploits to mips/LoongArch have all failed a few years ago.)
|
|
Jiri Slaby |
e378cd |
|
|
Jiri Slaby |
e378cd |
Without this patch:
|
|
Jiri Slaby |
e378cd |
|
|
Jiri Slaby |
e378cd |
$ ./bpf_prog02
|
|
Jiri Slaby |
e378cd |
[...]
|
|
Jiri Slaby |
e378cd |
bpf_common.c:123: TBROK: Failed verification: ??? (524)
|
|
Jiri Slaby |
e378cd |
[...]
|
|
Jiri Slaby |
e378cd |
Summary:
|
|
Jiri Slaby |
e378cd |
passed 0
|
|
Jiri Slaby |
e378cd |
failed 0
|
|
Jiri Slaby |
e378cd |
broken 1
|
|
Jiri Slaby |
e378cd |
skipped 0
|
|
Jiri Slaby |
e378cd |
warnings 0
|
|
Jiri Slaby |
e378cd |
|
|
Jiri Slaby |
e378cd |
With this patch:
|
|
Jiri Slaby |
e378cd |
|
|
Jiri Slaby |
e378cd |
$ ./bpf_prog02
|
|
Jiri Slaby |
e378cd |
[...]
|
|
Jiri Slaby |
e378cd |
Summary:
|
|
Jiri Slaby |
e378cd |
passed 0
|
|
Jiri Slaby |
e378cd |
failed 0
|
|
Jiri Slaby |
e378cd |
broken 0
|
|
Jiri Slaby |
e378cd |
skipped 0
|
|
Jiri Slaby |
e378cd |
warnings 0
|
|
Jiri Slaby |
e378cd |
|
|
Jiri Slaby |
e378cd |
Fixes: 5dc615520c4d ("LoongArch: Add BPF JIT support")
|
|
Jiri Slaby |
e378cd |
Signed-off-by: George Guo <guodongtai@kylinos.cn>
|
|
Jiri Slaby |
e378cd |
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
|
|
Jiri Slaby |
e378cd |
Acked-by: WANG Xuerui <git@xen0n.name>
|
|
Jiri Slaby |
e378cd |
Cc: Tiezhu Yang <yangtiezhu@loongson.cn>
|
|
Jiri Slaby |
e378cd |
Link: https://lore.kernel.org/bpf/20230328071335.2664966-1-guodongtai@kylinos.cn
|
|
Jiri Slaby |
e378cd |
Signed-off-by: Sasha Levin <sashal@kernel.org>
|
|
Jiri Slaby |
e378cd |
Signed-off-by: Jiri Slaby <jslaby@suse.cz>
|
|
Jiri Slaby |
e378cd |
---
|
|
Jiri Slaby |
e378cd |
arch/loongarch/net/bpf_jit.c | 4 ++++
|
|
Jiri Slaby |
e378cd |
1 file changed, 4 insertions(+)
|
|
Jiri Slaby |
e378cd |
|
|
Jiri Slaby |
e378cd |
diff --git a/arch/loongarch/net/bpf_jit.c b/arch/loongarch/net/bpf_jit.c
|
|
Jiri Slaby |
e378cd |
index 288003a9..d586df48 100644
|
|
Jiri Slaby |
e378cd |
--- a/arch/loongarch/net/bpf_jit.c
|
|
Jiri Slaby |
e378cd |
+++ b/arch/loongarch/net/bpf_jit.c
|
|
Jiri Slaby |
e378cd |
@@ -1022,6 +1022,10 @@ static int build_insn(const struct bpf_insn *insn, struct jit_ctx *ctx, bool ext
|
|
Jiri Slaby |
e378cd |
emit_atomic(insn, ctx);
|
|
Jiri Slaby |
e378cd |
break;
|
|
Jiri Slaby |
e378cd |
|
|
Jiri Slaby |
e378cd |
+ /* Speculation barrier */
|
|
Jiri Slaby |
e378cd |
+ case BPF_ST | BPF_NOSPEC:
|
|
Jiri Slaby |
e378cd |
+ break;
|
|
Jiri Slaby |
e378cd |
+
|
|
Jiri Slaby |
e378cd |
default:
|
|
Jiri Slaby |
e378cd |
pr_err("bpf_jit: unknown opcode %02x\n", code);
|
|
Jiri Slaby |
e378cd |
return -EINVAL;
|
|
Jiri Slaby |
e378cd |
--
|
|
Jiri Slaby |
e378cd |
2.35.3
|
|
Jiri Slaby |
e378cd |
|