bpf: JIT blinds support JMP32

This patch adds JIT blinds support for JMP32.

Like BPF_JMP_REG/IMM, JMP32 version are needed for building raw bpf insn.
They are added to both include/linux/filter.h and
tools/include/linux/filter.h.

Reviewed-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Signed-off-by: Jiong Wang <jiong.wang@netronome.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>

diff --git a/include/linux/filter.h b/include/linux/filter.h
index be9af6b4a9e4345d8445efb63e94d2c6759bbb88..e4b473f85b467a289d3dd74d66d8e879b80666f3 100644 (file)
--- a/include/linux/filter.h
+++ b/include/linux/filter.h
@@ -277,6 +277,26 @@ struct sock_reuseport;
                .off   = OFF,                                   \
                .imm   = IMM })
 
+/* Like BPF_JMP_REG, but with 32-bit wide operands for comparison. */
+
+#define BPF_JMP32_REG(OP, DST, SRC, OFF)                       \
+       ((struct bpf_insn) {                                    \
+               .code  = BPF_JMP32 | BPF_OP(OP) | BPF_X,        \
+               .dst_reg = DST,                                 \
+               .src_reg = SRC,                                 \
+               .off   = OFF,                                   \
+               .imm   = 0 })
+
+/* Like BPF_JMP_IMM, but with 32-bit wide operands for comparison. */
+
+#define BPF_JMP32_IMM(OP, DST, IMM, OFF)                       \
+       ((struct bpf_insn) {                                    \
+               .code  = BPF_JMP32 | BPF_OP(OP) | BPF_K,        \
+               .dst_reg = DST,                                 \
+               .src_reg = 0,                                   \
+               .off   = OFF,                                   \
+               .imm   = IMM })
+
 /* Unconditional jumps, goto pc + off16 */
 
 #define BPF_JMP_A(OFF)                                         \

diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c
index bba11c2565eefa3571867caa950ea65e06688e20..a7bcb23bee841a2eff4295aaef131d3b1dacb8b0 100644 (file)
--- a/kernel/bpf/core.c
+++ b/kernel/bpf/core.c
@@ -949,6 +949,27 @@ static int bpf_jit_blind_insn(const struct bpf_insn *from,
                *to++ = BPF_JMP_REG(from->code, from->dst_reg, BPF_REG_AX, off);
                break;
 
+       case BPF_JMP32 | BPF_JEQ  | BPF_K:
+       case BPF_JMP32 | BPF_JNE  | BPF_K:
+       case BPF_JMP32 | BPF_JGT  | BPF_K:
+       case BPF_JMP32 | BPF_JLT  | BPF_K:
+       case BPF_JMP32 | BPF_JGE  | BPF_K:
+       case BPF_JMP32 | BPF_JLE  | BPF_K:
+       case BPF_JMP32 | BPF_JSGT | BPF_K:
+       case BPF_JMP32 | BPF_JSLT | BPF_K:
+       case BPF_JMP32 | BPF_JSGE | BPF_K:
+       case BPF_JMP32 | BPF_JSLE | BPF_K:
+       case BPF_JMP32 | BPF_JSET | BPF_K:
+               /* Accommodate for extra offset in case of a backjump. */
+               off = from->off;
+               if (off < 0)
+                       off -= 2;
+               *to++ = BPF_ALU32_IMM(BPF_MOV, BPF_REG_AX, imm_rnd ^ from->imm);
+               *to++ = BPF_ALU32_IMM(BPF_XOR, BPF_REG_AX, imm_rnd);
+               *to++ = BPF_JMP32_REG(from->code, from->dst_reg, BPF_REG_AX,
+                                     off);
+               break;
+
        case BPF_LD | BPF_IMM | BPF_DW:
                *to++ = BPF_ALU64_IMM(BPF_MOV, BPF_REG_AX, imm_rnd ^ aux[1].imm);
                *to++ = BPF_ALU64_IMM(BPF_XOR, BPF_REG_AX, imm_rnd);

diff --git a/tools/include/linux/filter.h b/tools/include/linux/filter.h
index af55acf73e75a91d279aa81b97a8d60f8bf3300e..cce0b02c0e286030171c261df2af713ab15ce75f 100644 (file)
--- a/tools/include/linux/filter.h
+++ b/tools/include/linux/filter.h
@@ -199,6 +199,16 @@
                .off   = OFF,                                   \
                .imm   = 0 })
 
+/* Like BPF_JMP_REG, but with 32-bit wide operands for comparison. */
+
+#define BPF_JMP32_REG(OP, DST, SRC, OFF)                       \
+       ((struct bpf_insn) {                                    \
+               .code  = BPF_JMP32 | BPF_OP(OP) | BPF_X,        \
+               .dst_reg = DST,                                 \
+               .src_reg = SRC,                                 \
+               .off   = OFF,                                   \
+               .imm   = 0 })
+
 /* Conditional jumps against immediates, if (dst_reg 'op' imm32) goto pc + off16 */
 
 #define BPF_JMP_IMM(OP, DST, IMM, OFF)                         \
@@ -209,6 +219,16 @@
                .off   = OFF,                                   \
                .imm   = IMM })
 
+/* Like BPF_JMP_IMM, but with 32-bit wide operands for comparison. */
+
+#define BPF_JMP32_IMM(OP, DST, IMM, OFF)                       \
+       ((struct bpf_insn) {                                    \
+               .code  = BPF_JMP32 | BPF_OP(OP) | BPF_K,        \
+               .dst_reg = DST,                                 \
+               .src_reg = 0,                                   \
+               .off   = OFF,                                   \
+               .imm   = IMM })
+
 /* Unconditional jumps, goto pc + off16 */
 
 #define BPF_JMP_A(OFF)                                         \