diff mbox series

s390/bpf: perform r1 range checking before accessing jit->seen_reg[r1]

Message ID 20210715125712.24690-1-colin.king@canonical.com (mailing list archive)
State Accepted
Commit 91091656252f5d6d8c476e0c92776ce9fae7b445
Delegated to: BPF
Headers show
Series s390/bpf: perform r1 range checking before accessing jit->seen_reg[r1] | expand

Checks

Context Check Description
netdev/tree_selection success Not a local patch

Commit Message

Colin King July 15, 2021, 12:57 p.m. UTC 
From: Colin Ian King <colin.king@canonical.com>

Currently array jit->seen_reg[r1] is being accessed before the range
checking of index r1. The range changing on r1 should be performed
first since it will avoid any potential out-of-range accesses on the
array seen_reg[] and also it is more optimal to perform checks on
r1 before fetching data from the array.  Fix this by swapping the
order of the checks before the array access.

Fixes: 054623105728 ("s390/bpf: Add s390x eBPF JIT compiler backend")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
---
 arch/s390/net/bpf_jit_comp.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Ilya Leoshkevich July 15, 2021, 5:02 p.m. UTC | #1 
On Thu, 2021-07-15 at 13:57 +0100, Colin King wrote:
> From: Colin Ian King <colin.king@canonical.com>
> 
> Currently array jit->seen_reg[r1] is being accessed before the range
> checking of index r1. The range changing on r1 should be performed
> first since it will avoid any potential out-of-range accesses on the
> array seen_reg[] and also it is more optimal to perform checks on
> r1 before fetching data from the array.  Fix this by swapping the
> order of the checks before the array access.
> 
> Fixes: 054623105728 ("s390/bpf: Add s390x eBPF JIT compiler backend")
> Signed-off-by: Colin Ian King <colin.king@canonical.com>
> ---
>  arch/s390/net/bpf_jit_comp.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/arch/s390/net/bpf_jit_comp.c
> b/arch/s390/net/bpf_jit_comp.c
> index 63cae0476bb4..2ae419f5115a 100644
> --- a/arch/s390/net/bpf_jit_comp.c
> +++ b/arch/s390/net/bpf_jit_comp.c
> @@ -112,7 +112,7 @@ static inline void reg_set_seen(struct bpf_jit
> *jit, u32 b1)
>  {
>         u32 r1 = reg2hex[b1];
>  
> -       if (!jit->seen_reg[r1] && r1 >= 6 && r1 <= 15)
> +       if (r1 >= 6 && r1 <= 15 && !jit->seen_reg[r1])
>                 jit->seen_reg[r1] = 1;
>  }
>  

Looks good to me, thanks!

Acked-by: Ilya Leoshkevich <iii@linux.ibm.com>
Tested-by: Ilya Leoshkevich <iii@linux.ibm.com>
patchwork-bot+netdevbpf@kernel.org July 15, 2021, 5:50 p.m. UTC | #2 
Hello:

This patch was applied to bpf/bpf.git (refs/heads/master):

On Thu, 15 Jul 2021 13:57:12 +0100 you wrote:
> From: Colin Ian King <colin.king@canonical.com>
> 
> Currently array jit->seen_reg[r1] is being accessed before the range
> checking of index r1. The range changing on r1 should be performed
> first since it will avoid any potential out-of-range accesses on the
> array seen_reg[] and also it is more optimal to perform checks on
> r1 before fetching data from the array.  Fix this by swapping the
> order of the checks before the array access.
> 
> [...]

Here is the summary with links:
  - s390/bpf: perform r1 range checking before accessing jit->seen_reg[r1]
    https://git.kernel.org/bpf/bpf/c/91091656252f

You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
diff mbox series

Patch

diff --git a/arch/s390/net/bpf_jit_comp.c b/arch/s390/net/bpf_jit_comp.c
index 63cae0476bb4..2ae419f5115a 100644
--- a/arch/s390/net/bpf_jit_comp.c
+++ b/arch/s390/net/bpf_jit_comp.c
@@ -112,7 +112,7 @@  static inline void reg_set_seen(struct bpf_jit *jit, u32 b1)
 {
 	u32 r1 = reg2hex[b1];
 
-	if (!jit->seen_reg[r1] && r1 >= 6 && r1 <= 15)
+	if (r1 >= 6 && r1 <= 15 && !jit->seen_reg[r1])
 		jit->seen_reg[r1] = 1;
 }