git.kernel.dk Git - linux-2.6-block.git/commit

author	Peter Zijlstra <peterz@infradead.org>
	Fri, 15 Dec 2023 09:12:18 +0000 (10:12 +0100)
committer	Alexei Starovoitov <ast@kernel.org>
	Sat, 16 Dec 2023 00:25:55 +0000 (16:25 -0800)
commit	4f9087f16651aca4a5f32da840a53f6660f0579a
tree	4aae945ff81a7447ed40741a7fc3fce4fbf6fc65	tree \| snapshot
parent	4382159696c9af67ee047ed55f2dbf05480f52f6	commit \| diff

x86/cfi,bpf: Fix BPF JIT call

The current BPF call convention is __nocfi, except when it calls !JIT things,
then it calls regular C functions.

It so happens that with FineIBT the __nocfi and C calling conventions are
incompatible. Specifically __nocfi will call at func+0, while FineIBT will have
endbr-poison there, which is not a valid indirect target. Causing #CP.

Notably this only triggers on IBT enabled hardware, which is probably why this
hasn't been reported (also, most people will have JIT on anyway).

Implement proper CFI prologues for the BPF JIT codegen and drop __nocfi for
x86.

Signed-off-by: Peter Zijlstra (Intel) <peterz@infradead.org>
Link: https://lore.kernel.org/r/20231215092707.345270396@infradead.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>

arch/x86/include/asm/cfi.h		diff \| blob \| blame \| history
arch/x86/kernel/alternative.c		diff \| blob \| blame \| history
arch/x86/net/bpf_jit_comp.c		diff \| blob \| blame \| history
include/linux/bpf.h		diff \| blob \| blame \| history
include/linux/cfi.h		diff \| blob \| blame \| history
kernel/bpf/core.c		diff \| blob \| blame \| history