From e378cd498204095196f8e66d277b2f45c84a5348 Mon Sep 17 00:00:00 2001 From: Jiri Slaby Date: Apr 20 2023 11:00:23 +0000 Subject: LoongArch, bpf: Fix jit to skip speculation barrier opcode (bsc#1012628). --- diff --git a/patches.kernel.org/6.2.12-043-LoongArch-bpf-Fix-jit-to-skip-speculation-barr.patch b/patches.kernel.org/6.2.12-043-LoongArch-bpf-Fix-jit-to-skip-speculation-barr.patch new file mode 100644 index 0000000..1a7d222 --- /dev/null +++ b/patches.kernel.org/6.2.12-043-LoongArch-bpf-Fix-jit-to-skip-speculation-barr.patch @@ -0,0 +1,75 @@ +From: George Guo +Date: Tue, 28 Mar 2023 15:13:35 +0800 +Subject: [PATCH] LoongArch, bpf: Fix jit to skip speculation barrier opcode +References: bsc#1012628 +Patch-mainline: 6.2.12 +Git-commit: a6f6a95f25803500079513780d11a911ce551d76 + +[ Upstream commit a6f6a95f25803500079513780d11a911ce551d76 ] + +Just skip the opcode(BPF_ST | BPF_NOSPEC) in the BPF JIT instead of +failing to JIT the entire program, given LoongArch currently has no +couterpart of a speculation barrier instruction. To verify the issue, +use the ltp testcase as shown below. + +Also, Wang says: + + I can confirm there's currently no speculation barrier equivalent + on LonogArch. (Loongson says there are builtin mitigations for + Spectre-V1 and V2 on their chips, and AFAIK efforts to port the + exploits to mips/LoongArch have all failed a few years ago.) + +Without this patch: + + $ ./bpf_prog02 + [...] + bpf_common.c:123: TBROK: Failed verification: ??? (524) + [...] + Summary: + passed 0 + failed 0 + broken 1 + skipped 0 + warnings 0 + +With this patch: + + $ ./bpf_prog02 + [...] + Summary: + passed 0 + failed 0 + broken 0 + skipped 0 + warnings 0 + +Fixes: 5dc615520c4d ("LoongArch: Add BPF JIT support") +Signed-off-by: George Guo +Signed-off-by: Daniel Borkmann +Acked-by: WANG Xuerui +Cc: Tiezhu Yang +Link: https://lore.kernel.org/bpf/20230328071335.2664966-1-guodongtai@kylinos.cn +Signed-off-by: Sasha Levin +Signed-off-by: Jiri Slaby +--- + arch/loongarch/net/bpf_jit.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/arch/loongarch/net/bpf_jit.c b/arch/loongarch/net/bpf_jit.c +index 288003a9..d586df48 100644 +--- a/arch/loongarch/net/bpf_jit.c ++++ b/arch/loongarch/net/bpf_jit.c +@@ -1022,6 +1022,10 @@ static int build_insn(const struct bpf_insn *insn, struct jit_ctx *ctx, bool ext + emit_atomic(insn, ctx); + break; + ++ /* Speculation barrier */ ++ case BPF_ST | BPF_NOSPEC: ++ break; ++ + default: + pr_err("bpf_jit: unknown opcode %02x\n", code); + return -EINVAL; +-- +2.35.3 + diff --git a/series.conf b/series.conf index 932551f..10dfcb9 100644 --- a/series.conf +++ b/series.conf @@ -2270,6 +2270,7 @@ patches.kernel.org/6.2.12-040-clk-rs9-Fix-suspend-resume.patch patches.kernel.org/6.2.12-041-RDMA-cma-Allow-UD-qp_type-to-join-multicast-on.patch patches.kernel.org/6.2.12-042-bpf-tcp-Use-sock_gen_put-instead-of-sock_put-i.patch + patches.kernel.org/6.2.12-043-LoongArch-bpf-Fix-jit-to-skip-speculation-barr.patch ######################################################## # Build fixes that apply to the vanilla kernel too.