summaryrefslogtreecommitdiff
path: root/arch/arm/mach-gemini
diff options
context:
space:
mode:
authorNicolas Schichan <nschichan@freebox.fr>2015-05-07 18:14:21 +0300
committerZefan Li <lizefan@huawei.com>2015-09-18 04:20:39 +0300
commit48b33c5b1759561efb72db8ba729a5c2656e5a1d (patch)
treed818914493d0295f1c3435481d6e7cc1541bbe0d /arch/arm/mach-gemini
parentf5d35596f9a9e21217436a7892d3ed0366cf0997 (diff)
downloadlinux-48b33c5b1759561efb72db8ba729a5c2656e5a1d.tar.xz
ARM: net: delegate filter to kernel interpreter when imm_offset() return value can't fit into 12bits.
commit 0b59d8806a31bb0267b3a461e8fef20c727bdbf6 upstream. The ARM JIT code emits "ldr rX, [pc, #offset]" to access the literal pool. #offset maximum value is 4095 and if the generated code is too large, the #offset value can overflow and not point to the expected slot in the literal pool. Additionally, when overflow occurs, bits of the overflow can end up changing the destination register of the ldr instruction. Fix that by detecting the overflow in imm_offset() and setting a flag that is checked for each BPF instructions converted in build_body(). As of now it can only be detected in the second pass. As a result the second build_body() call can now fail, so add the corresponding cleanup code in that case. Using multiple literal pools in the JITed code is going to require lots of intrusive changes to the JIT code (which would better be done as a feature instead of fix), just delegating to the kernel BPF interpreter in that case is a more straight forward, minimal fix and easy to backport. Fixes: ddecdfcea0ae ("ARM: 7259/3: net: JIT compiler for packet filters") Signed-off-by: Nicolas Schichan <nschichan@freebox.fr> Acked-by: Daniel Borkmann <daniel@iogearbox.net> Signed-off-by: David S. Miller <davem@davemloft.net> Signed-off-by: Zefan Li <lizefan@huawei.com>
Diffstat (limited to 'arch/arm/mach-gemini')
0 files changed, 0 insertions, 0 deletions