tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

s390/bpf: Add s390 JIT support for timed may_goto

The verifier provides an architecture-independent implementation of the
may_goto instruction, which is currently used on s390x, but it has a
downside: there is no way to prevent progs using it from running for a
very long time.

The solution to this problem is an alternative timed implementation,
which requires architecture-specific bits. Its availability is signaled
to the verifier by bpf_jit_supports_timed_may_goto() returning true.

The verifier then emits a call to arch_bpf_timed_may_goto() using a
non-standard calling convention. This function must act as a trampoline
for bpf_check_timed_may_goto().

Implement bpf_jit_supports_timed_may_goto(), account for the special
calling convention in the BPF_CALL implementation, and implement
arch_bpf_timed_may_goto().

Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Link: https://lore.kernel.org/r/20250821113339.292434-2-iii@linux.ibm.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>

authored by

Ilya Leoshkevich and committed by
Alexei Starovoitov b8efa810 d0f27ff2

+67 -5
+1 -1
arch/s390/net/Makefile
··· 2 2 # 3 3 # Arch-specific network modules 4 4 # 5 - obj-$(CONFIG_BPF_JIT) += bpf_jit_comp.o 5 + obj-$(CONFIG_BPF_JIT) += bpf_jit_comp.o bpf_timed_may_goto.o 6 6 obj-$(CONFIG_HAVE_PNETID) += pnet.o
+21 -4
arch/s390/net/bpf_jit_comp.c
··· 1806 1806 } 1807 1807 } 1808 1808 1809 - /* brasl %r14,func */ 1810 - EMIT6_PCREL_RILB_PTR(0xc0050000, REG_14, (void *)func); 1811 - /* lgr %b0,%r2: load return value into %b0 */ 1812 - EMIT4(0xb9040000, BPF_REG_0, REG_2); 1809 + if ((void *)func == arch_bpf_timed_may_goto) { 1810 + /* 1811 + * arch_bpf_timed_may_goto() has a special ABI: the 1812 + * parameters are in BPF_REG_AX and BPF_REG_10; the 1813 + * return value is in BPF_REG_AX; and all GPRs except 1814 + * REG_W0, REG_W1, and BPF_REG_AX are callee-saved. 1815 + */ 1816 + 1817 + /* brasl %r0,func */ 1818 + EMIT6_PCREL_RILB_PTR(0xc0050000, REG_0, (void *)func); 1819 + } else { 1820 + /* brasl %r14,func */ 1821 + EMIT6_PCREL_RILB_PTR(0xc0050000, REG_14, (void *)func); 1822 + /* lgr %b0,%r2: load return value into %b0 */ 1823 + EMIT4(0xb9040000, BPF_REG_0, REG_2); 1824 + } 1813 1825 1814 1826 /* 1815 1827 * Copy the potentially updated tail call counter back. ··· 3004 2992 break; 3005 2993 prev_addr = addr; 3006 2994 } 2995 + } 2996 + 2997 + bool bpf_jit_supports_timed_may_goto(void) 2998 + { 2999 + return true; 3007 3000 }
+45
arch/s390/net/bpf_timed_may_goto.S
··· 1 + /* SPDX-License-Identifier: GPL-2.0 */ 2 + 3 + #include <linux/export.h> 4 + #include <linux/linkage.h> 5 + #include <asm/asm-offsets.h> 6 + #include <asm/nospec-insn.h> 7 + 8 + #define R2_OFF 0 9 + #define R5_OFF (R2_OFF + (5 - 2 + 1) * 8) 10 + #define R14_OFF (R5_OFF + 8) 11 + #define RETADDR_OFF (R14_OFF + 8) 12 + #define R15_OFF (RETADDR_OFF + 8) 13 + #define BACKCHAIN_OFF (R15_OFF + 8) 14 + #define FRAME_SIZE (BACKCHAIN_OFF + 8) 15 + #define FRAME_OFF (STACK_FRAME_OVERHEAD - FRAME_SIZE) 16 + #if (FRAME_OFF + BACKCHAIN_OFF) != __SF_BACKCHAIN 17 + #error Stack frame layout calculation is broken 18 + #endif 19 + 20 + GEN_BR_THUNK %r1 21 + 22 + SYM_FUNC_START(arch_bpf_timed_may_goto) 23 + /* 24 + * This function has a special ABI: the parameters are in %r12 and 25 + * %r13; the return value is in %r12; all GPRs except %r0, %r1, and 26 + * %r12 are callee-saved; and the return address is in %r0. 27 + */ 28 + stmg %r2,%r5,FRAME_OFF+R2_OFF(%r15) 29 + stg %r14,FRAME_OFF+R14_OFF(%r15) 30 + stg %r0,FRAME_OFF+RETADDR_OFF(%r15) 31 + stg %r15,FRAME_OFF+R15_OFF(%r15) 32 + lgr %r1,%r15 33 + lay %r15,-FRAME_SIZE(%r15) 34 + stg %r1,__SF_BACKCHAIN(%r15) 35 + 36 + lay %r2,0(%r12,%r13) 37 + brasl %r14,bpf_check_timed_may_goto 38 + lgr %r12,%r2 39 + 40 + lg %r15,FRAME_SIZE+FRAME_OFF+R15_OFF(%r15) 41 + lmg %r2,%r5,FRAME_OFF+R2_OFF(%r15) 42 + lg %r14,FRAME_OFF+R14_OFF(%r15) 43 + lg %r1,FRAME_OFF+RETADDR_OFF(%r15) 44 + BR_EX %r1 45 + SYM_FUNC_END(arch_bpf_timed_may_goto)