6.17-stable review patch. If anyone has any objections, please let me know.
------------------
From: Hengqi Chen hengqi.chen@gmail.com
commit ea645cfd3d5f74a2bd40a60003f113b3c467975d upstream.
When attach fentry/fexit BPF programs, __arch_prepare_bpf_trampoline() is called twice with different `struct bpf_tramp_image *im`:
bpf_trampoline_update() -> arch_bpf_trampoline_size() -> __arch_prepare_bpf_trampoline() -> arch_prepare_bpf_trampoline() -> __arch_prepare_bpf_trampoline()
Use move_imm() will emit unstable instruction sequences, so let's use move_addr() instead to prevent subtle bugs.
(I observed this while debugging other issues with printk.)
Cc: stable@vger.kernel.org Tested-by: Vincent Li vincent.mc.li@gmail.com Signed-off-by: Hengqi Chen hengqi.chen@gmail.com Signed-off-by: Huacai Chen chenhuacai@loongson.cn Signed-off-by: Greg Kroah-Hartman gregkh@linuxfoundation.org --- arch/loongarch/net/bpf_jit.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
--- a/arch/loongarch/net/bpf_jit.c +++ b/arch/loongarch/net/bpf_jit.c @@ -1632,7 +1632,7 @@ static int __arch_prepare_bpf_trampoline orig_call += LOONGARCH_BPF_FENTRY_NBYTES;
if (flags & BPF_TRAMP_F_CALL_ORIG) { - move_imm(ctx, LOONGARCH_GPR_A0, (const s64)im, false); + move_addr(ctx, LOONGARCH_GPR_A0, (const u64)im); ret = emit_call(ctx, (const u64)__bpf_tramp_enter); if (ret) return ret; @@ -1682,7 +1682,7 @@ static int __arch_prepare_bpf_trampoline
if (flags & BPF_TRAMP_F_CALL_ORIG) { im->ip_epilogue = ctx->ro_image + ctx->idx; - move_imm(ctx, LOONGARCH_GPR_A0, (const s64)im, false); + move_addr(ctx, LOONGARCH_GPR_A0, (const u64)im); ret = emit_call(ctx, (const u64)__bpf_tramp_exit); if (ret) goto out;