[bpf-next v8 1/5] bpf: Move constants blinding from JIT to verifier
Xu Kuohai
xukuohai at huaweicloud.com
Tue Mar 10 00:39:12 PDT 2026
On 3/10/2026 5:25 AM, Eduard Zingerman wrote:
> On Mon, 2026-03-09 at 22:00 +0800, Xu Kuohai wrote:
>
> This was discussed some time ago in [1]. In that message Daniel notes
> the following:
>
> > constant blinding needs to work from native bpf(2) as well as from
> > cbpf->ebpf (seccomp-bpf, filters, etc)
>
> It appears this patch does not address the cbpf->ebpf part, or did I
> miss something?
>
> [1] https://lore.kernel.org/bpf/284404c7-c6e0-4cf9-8ada-71ebfc681541@iogearbox.net/
>
Hmm, I overlooked that the cbpf jit also needs constant blinding. I'll add it back
in bpf_prog_select_runtime() before the JIT is invoked.
> [...]
>
>> diff --git a/arch/powerpc/net/bpf_jit_comp.c b/arch/powerpc/net/bpf_jit_comp.c
>> index 52162e4a7f84..7a7c49640a2f 100644
>> --- a/arch/powerpc/net/bpf_jit_comp.c
>> +++ b/arch/powerpc/net/bpf_jit_comp.c
>
> [...]
>
>> @@ -272,7 +250,6 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *fp)
>> extra_pass)) {
>> bpf_arch_text_copy(&fhdr->size, &hdr->size, sizeof(hdr->size));
>> bpf_jit_binary_pack_free(fhdr, hdr);
>> - fp = org_fp;
>
> Is it necessary to set `...; fp->jited = 0; ...` here?
> It seems it does if extra_pass is set.
>
Yes. When extra_pass is set, orig_fp and fp are the same, so the original
fp = orig_fp cannot restore fp either.
>> goto out_addrs;
>> }
>> bpf_jit_build_epilogue(code_base, &cgctx);
>> @@ -301,7 +278,9 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *fp)
>>
>> if (!fp->is_func || extra_pass) {
>> if (bpf_jit_binary_pack_finalize(fhdr, hdr)) {
>> - fp = org_fp;
>> + fp->bpf_func = NULL;
>> + fp->jited = 0;
>> + fp->jited_len = 0;
>> goto out_addrs;
>> }
>> bpf_prog_fill_jited_linfo(fp, addrs);
>
> [...]
>
>> diff --git a/arch/s390/net/bpf_jit_comp.c b/arch/s390/net/bpf_jit_comp.c
>> index 1f9a6b728beb..d6de2abfe4a7 100644
>> --- a/arch/s390/net/bpf_jit_comp.c
>> +++ b/arch/s390/net/bpf_jit_comp.c
>
> [...]
>
>> @@ -2383,7 +2360,6 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *fp)
>> if (!fp->is_func || extra_pass) {
>> if (bpf_jit_binary_lock_ro(header)) {
>> bpf_jit_binary_free(header);
>> - fp = orig_fp;
>
> In the similar condition for powerpc you reset `...; prog->jited = 0; ...`,
> is this case different?
>
No difference, will fix it.
>> goto free_addrs;
>> }
>> } else {
>
> [...]
More information about the linux-arm-kernel
mailing list