[PATCH v3 0/7] x86/cfi,bpf: Fix CFI vs eBPF
Alexei Starovoitov
alexei.starovoitov at gmail.com
Fri Dec 15 16:53:48 PST 2023
On Fri, Dec 15, 2023 at 1:33 AM Peter Zijlstra <peterz at infradead.org> wrote:
>
> Hi!
>
> What started with the simple observation that bpf_dispatcher_*_func() was
> broken for calling CFI functions with a __nocfi calling context for FineIBT
> ended up with a complete BPF wide CFI fixup.
>
> With these changes on the BPF selftest suite passes without crashing -- there's
> still a few failures, but Alexei has graciously offered to look into those.
>
> (Alexei, I have presumed your SoB on the very last patch, please update
> as you see fit)
>
> Changes since v2 are numerous but include:
> - cfi_get_offset() -- as a means to communicate the offset (ast)
> - 5 new patches fixing various BPF internals to be CFI clean
Looks great to me. Pushed to bpf-next.
There is a failure on s390 that I temporarily denylisted
with an extra patch.
And sent a proposed fix:
https://lore.kernel.org/bpf/20231216004549.78355-1-alexei.starovoitov@gmail.com/
Ilya,
please take a look.
> Note: it *might* be possible to merge the
> bpf_bpf_tcp_ca.c:unsupported_ops[] thing into the CFI stubs, as is
> get_info will have a NULL stub, unlike the others.
That's a good idea. Will clean up unsupported_ops.
Either myself or Martin will follow up.
More information about the linux-riscv
mailing list