tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

bpf, x32: Fix regression caused by commit 24dea04767e6

Commit 24dea04767e6 ("bpf, x32: remove ld_abs/ld_ind")
removed the 4 /* Extra space for skb_copy_bits buffer */
from _STACK_SIZE, but it didn't fix the concerned code
in emit_prologue and emit_epilogue, and this error will
bring very strange kernel runtime errors. This patch
fixes it.

Fixes: 24dea04767e6 ("bpf, x32: remove ld_abs/ld_ind")
Reported-by: Meelis Roos <mroos@linux.ee>
Bisected-by: Meelis Roos <mroos@linux.ee>
Signed-off-by: Wang YanQing <udknight@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>

authored by

Wang YanQing and committed by
Daniel Borkmann 9e4e5b5c 684cce1c

+4 -4
+4 -4
arch/x86/net/bpf_jit_comp32.c
··· 1441 1441 1442 1442 /* sub esp,STACK_SIZE */ 1443 1443 EMIT2_off32(0x81, 0xEC, STACK_SIZE); 1444 - /* sub ebp,SCRATCH_SIZE+4+12*/ 1445 - EMIT3(0x83, add_1reg(0xE8, IA32_EBP), SCRATCH_SIZE + 16); 1444 + /* sub ebp,SCRATCH_SIZE+12*/ 1445 + EMIT3(0x83, add_1reg(0xE8, IA32_EBP), SCRATCH_SIZE + 12); 1446 1446 /* xor ebx,ebx */ 1447 1447 EMIT2(0x31, add_2reg(0xC0, IA32_EBX, IA32_EBX)); 1448 1448 ··· 1475 1475 /* mov edx,dword ptr [ebp+off]*/ 1476 1476 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EDX), STACK_VAR(r0[1])); 1477 1477 1478 - /* add ebp,SCRATCH_SIZE+4+12*/ 1479 - EMIT3(0x83, add_1reg(0xC0, IA32_EBP), SCRATCH_SIZE + 16); 1478 + /* add ebp,SCRATCH_SIZE+12*/ 1479 + EMIT3(0x83, add_1reg(0xC0, IA32_EBP), SCRATCH_SIZE + 12); 1480 1480 1481 1481 /* mov ebx,dword ptr [ebp-12]*/ 1482 1482 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EBX), -12);