From patchwork Mon Nov 4 20:04:50 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mathias Krause X-Patchwork-Id: 13861961 X-Patchwork-Delegate: bpf@iogearbox.net Received: from mail-wr1-f44.google.com (mail-wr1-f44.google.com [209.85.221.44]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9FF5C1D3564 for ; Mon, 4 Nov 2024 20:04:59 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.221.44 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730750701; cv=none; b=iq5wR8nmGUyjkJKSFFDE1HYGO9tHdBAvoI+ZsK6lC64Ka/E1nwJxxLbU3gI5Dfjw9UMK5IH3iR6x5hD3KH7Ubqcvln8J21cRdL4wqab/xE6TnJ0o69rdBtsuGaCmLu0gvZ4MoQMpD8K6WtB16IMd6/UwHXinwgHCU2RFo/BXOF8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730750701; c=relaxed/simple; bh=pqrbgqXGtCMj2h1S7WLv4tMOXS0QwAOtEV4ZJmi6sLU=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=fb9TLrR2GsbUVE1/VhJT1aiWVdAmK1yiFqHFGl4cFTOYLiqXUm/MshTF4YRvIIdqNRbHYfLsZiRFWuYVPJLStAtDSccKzhG9LS7eqmWRPt0ENxTaHJwJBpxsSGxs32xxvodcyQkYOnOIr6Ua3W/Qxk5LNJidUCIM8J7P4SviCjM= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=grsecurity.net; spf=pass smtp.mailfrom=opensrcsec.com; dkim=pass (2048-bit key) header.d=grsecurity.net header.i=@grsecurity.net header.b=KaSIvP3W; arc=none smtp.client-ip=209.85.221.44 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=grsecurity.net Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=opensrcsec.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=grsecurity.net header.i=@grsecurity.net header.b="KaSIvP3W" Received: by mail-wr1-f44.google.com with SMTP id ffacd0b85a97d-37f52925fc8so2920254f8f.1 for ; Mon, 04 Nov 2024 12:04:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=grsecurity.net; s=grsec; t=1730750698; x=1731355498; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=meYoa9C/Gt7fI82dSK9qvSdAvPbU+XLmJPn0uNuFWBw=; b=KaSIvP3WTkMrmXX5nhMDb4mubvzkdwo8O3IH6GnTKjsxkooBGQm3x5S8R6N3fZLbTK uurp1K/JHq8q3tbwXdu5OnZrd+m77fPqDKaBjLDTRuoLn7q66qnbSQW/mJb9g2NvdEL0 lCdu4cxp81vUqelGfzUbVgt2A2Qas1Z9agw2LU7mvXZqnmkbGffnLd0ECGBVL67Qmahc +J+Vlkc3AJ1u6FacYGKA+iX12kYIsag2d85YcX8hOA00Bc6vs3++kKpPim8XNdkutdIa UNrFzIFMBwDCmaLE59mGxWgE1kiuOAK5cFhjdhf52jS1MsdRukkMyD6QrR20REPJ+aeO 76zg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1730750698; x=1731355498; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=meYoa9C/Gt7fI82dSK9qvSdAvPbU+XLmJPn0uNuFWBw=; b=o3UjdKFD2xH9Xu5ZFWmeTNFEqdQp6J1cOu6UvzY4z8OD0I4gF9zV/pafLuNxUmBj4N 15PsGtRdT7sjyxl/J99spGHNwjk+GAP4/sFxJd1u8cL9gKUVosAXgsdG0d6QWad7BWe/ p2BmpODNYYFgVAtitMlWwASmzsYjhWVEAnqmuiBtdBZ3Y2HXHWcL6N7PwSxU16l8xl2u FxUxM2vZv7StHCuf8ljBtePvQQYK9I1n6mW6WZVXpgFyFmfeVw67Fio7Ip/pvoky9qtc QCGCHe8/yQd5kO8cIG86TPwNV6+tsDAJPUbudEjILoufziCOC6Ib5U7+GRlaGbEm67GX EoHQ== X-Gm-Message-State: AOJu0Yx4cDZrA4F7bhTSm5smlm9jxZsFi4EYGrL7YRrokiS3aV/maZB1 U2zRkO/yrXJXAzaAs/kjOiOC+An5zwefdW/au6IfYPsxecTNkOE8PRrPyJ+wuRTMGSrkzQrkQM/ 8Llk= X-Google-Smtp-Source: AGHT+IGpNZLMecgK+/z3zufk3TepXY1BKrmNTILr1Aa25Dsp+EQ5o7RCD6SH5KKwwQhRzyGo93LCwg== X-Received: by 2002:a05:6000:1faf:b0:37d:890c:f485 with SMTP id ffacd0b85a97d-381c7a6bf98mr10856166f8f.25.1730750697780; Mon, 04 Nov 2024 12:04:57 -0800 (PST) Received: from bell.fritz.box (p200300f6af056e00c6570c15b61f00e3.dip0.t-ipconnect.de. [2003:f6:af05:6e00:c657:c15:b61f:e3]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5cee6a9a5c6sm249160a12.17.2024.11.04.12.04.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 04 Nov 2024 12:04:56 -0800 (PST) From: Mathias Krause To: bpf@vger.kernel.org Cc: Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , Mathias Krause , Johan Almbladh Subject: [PATCH bpf-next 1/3] bpf/tests: Make max jump tests constant blinding compatible Date: Mon, 4 Nov 2024 21:04:50 +0100 Message-Id: <20241104200452.2651529-2-minipli@grsecurity.net> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20241104200452.2651529-1-minipli@grsecurity.net> References: <20241104200452.2651529-1-minipli@grsecurity.net> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: bpf@iogearbox.net Constant blinding may expand instructions that make use of immediate values into multiple, resulting in preceding jump instructions to get a bigger target offset. The "max jump" tests specifically attempt to test the biggest possible jump offset, requiring to take special care about the final (after blinding) offset while crafting the input program. To make these tests independent of constant blinding's instruction expansion, use a register-only operation to load R0 with the intended value. This fixes the "Long conditional jump" tests with enabled blinding. Fixes: f1517eb790f9 ("bpf/tests: Expand branch conversion JIT test") Cc: Johan Almbladh Signed-off-by: Mathias Krause --- lib/test_bpf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/test_bpf.c b/lib/test_bpf.c index fa5edd6ef7f7..c1140bab280d 100644 --- a/lib/test_bpf.c +++ b/lib/test_bpf.c @@ -491,7 +491,7 @@ static int __bpf_fill_max_jmp(struct bpf_test *self, int jmp, int imm) i = __bpf_ld_imm64(insns, R1, 0x0123456789abcdefULL); insns[i++] = BPF_ALU64_IMM(BPF_MOV, R0, 1); insns[i++] = BPF_JMP_IMM(jmp, R0, imm, S16_MAX); - insns[i++] = BPF_ALU64_IMM(BPF_MOV, R0, 2); + insns[i++] = BPF_ALU64_REG(BPF_ADD, R0, R0); insns[i++] = BPF_EXIT_INSN(); while (i < len - 1) { From patchwork Mon Nov 4 20:04:51 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mathias Krause X-Patchwork-Id: 13861962 X-Patchwork-Delegate: bpf@iogearbox.net Received: from mail-lj1-f173.google.com (mail-lj1-f173.google.com [209.85.208.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 85AB61CCEFA for ; Mon, 4 Nov 2024 20:05:01 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.208.173 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730750704; cv=none; b=j8ELDjSTyI2gOjnvYnTrowKMP+XA1cMi2ih3XF+YXI6BrBAQHGGSJpWpW0Yj7ZK1b0fGG9ZsW6YwXWltTW2lDn/ZBt4RmgAJlAfHSIzOhUJ/sxiNg2LXitTxYPiIIIJ1Jr0tw3c9wSa1uAGVCTp2gM5M/3KMPx6NaQtXTLLFZrI= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730750704; c=relaxed/simple; bh=Br+X2zAaJ+8QvF2nbaUO502GcB/I0wKPaxyQNItvLPI=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=JsWSpeQiaRAeJHt0epbwU+iIQinAXXocOyODdc0H3MizWCkyYd2DVRQuCmS2yGO9PBpLLFmQWGjMjPUBw0Ai38jHcGBCqdvnjzLGELTmC844M5T0N+mrKvDcKD09dcy9e2bAeAxicV/K0gVmdenB+XGXqd9aC5HVe2r9Z9iJLRk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=grsecurity.net; spf=pass smtp.mailfrom=opensrcsec.com; dkim=pass (2048-bit key) header.d=grsecurity.net header.i=@grsecurity.net header.b=Gr1qEJmj; arc=none smtp.client-ip=209.85.208.173 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=grsecurity.net Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=opensrcsec.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=grsecurity.net header.i=@grsecurity.net header.b="Gr1qEJmj" Received: by mail-lj1-f173.google.com with SMTP id 38308e7fff4ca-2fb4fa17044so47403621fa.3 for ; Mon, 04 Nov 2024 12:05:01 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=grsecurity.net; s=grsec; t=1730750700; x=1731355500; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=k45SEOSbY3HGYHBp9pW2SHm40S/1VTk9+rL+96Q3x+M=; b=Gr1qEJmjTX3lp+y+XTwK2iEUb0kRIqNDcs1w+8Ept+wZBc8jDP5pWOSBfsJbPieAUW CjOpyjdGZPRL2+29vV4zPsX3cQm9oxH+2+zDfgy3btZDbqK890+EnAdzu8kQR4H1ie8P JWvkdMlHDdwxNAQ/asvGyZBpH6FsYg+t/9OUW7WypTCAdV3KcI+/z7DsuP331LRa9ImY sK/dQ86y3r/8JJA6VCajCoiZsWGN/UXDHsyPxozrKchqdlZKQWJ6I2pOoDfEhbfnu29T JFI0rqyQI+URPbWbKtMBwNli5NDubaDXA8spTPnLLJg4resGZe98eGUQJev1C7bvJvh4 0cYA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1730750700; x=1731355500; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=k45SEOSbY3HGYHBp9pW2SHm40S/1VTk9+rL+96Q3x+M=; b=P+siUYbfYwty6IPpbAw+UkFXMYF73CGcQDGw9SMm2qNFNzRVNyt3J0ZB5Obdw3I2l3 dxdwWpNnHAdm5liJHmNL7y8wrTZCN95a00vmgOH9pJG5d5+FFtiI9CpjpuQ1dG4LxI7I OW3InIs2JQZI3bMLCQRYR2WnnkYcieARZh3fGQhQdiNYeh8IeDEP68xr4XzPgjBmj/C4 5nFDUBeRKoGKgO0XjhAGbOo8SVm9pQzC0gObFpi9/ftXsvV0hayzOWpauGX2hLASCrlu Yb/xzrGe3lWxYMN/VYXAhCDy/QNAbqTbAMMuRADa098r21kAjGS993AWgqlua/AEpmJD zVFw== X-Gm-Message-State: AOJu0YwIVCrKIdk9P0MUfxhY8qKLPJE5nEnB2T6NUldTojjMq+1PA+xO trkmjI5ujjZwjrFtaxANfjbI/yJ5q8fsYftSOxSa391y/FTU50faNSM1TMtEPAwel2P2aMkZvHE 9 X-Google-Smtp-Source: AGHT+IGyLvBd/emVmQ1/4uSAABtiM/1KkOyVmWM+5dJKMfZS9mCUsiq4fVEKMdvyck/jQeBMKxxswg== X-Received: by 2002:a2e:bd08:0:b0:2fa:cf5b:1e8e with SMTP id 38308e7fff4ca-2fedb758b32mr60972811fa.2.1730750699644; Mon, 04 Nov 2024 12:04:59 -0800 (PST) Received: from bell.fritz.box (p200300f6af056e00c6570c15b61f00e3.dip0.t-ipconnect.de. [2003:f6:af05:6e00:c657:c15:b61f:e3]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5cee6a9a5c6sm249160a12.17.2024.11.04.12.04.57 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 04 Nov 2024 12:04:58 -0800 (PST) From: Mathias Krause To: bpf@vger.kernel.org Cc: Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , Mathias Krause Subject: [PATCH bpf-next 2/3] bpf: Allow calling bpf_jit_blinding_enabled() with a NULL program Date: Mon, 4 Nov 2024 21:04:51 +0100 Message-Id: <20241104200452.2651529-3-minipli@grsecurity.net> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20241104200452.2651529-1-minipli@grsecurity.net> References: <20241104200452.2651529-1-minipli@grsecurity.net> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: bpf@iogearbox.net To allow probing if constant blinding will be applied, support calling bpf_jit_blinding_enabled() with a NULL program. This allows to tailor the creation of a BPF program accordingly. Signed-off-by: Mathias Krause --- include/linux/filter.h | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/include/linux/filter.h b/include/linux/filter.h index 7d7578a8eac1..a1b4a9739f81 100644 --- a/include/linux/filter.h +++ b/include/linux/filter.h @@ -1297,11 +1297,12 @@ static inline bool bpf_jit_blinding_enabled(struct bpf_prog *prog) */ if (!bpf_jit_is_ebpf()) return false; - if (!prog->jit_requested) + if (prog && !prog->jit_requested) return false; if (!bpf_jit_harden) return false; - if (bpf_jit_harden == 1 && bpf_token_capable(prog->aux->token, CAP_BPF)) + if (bpf_jit_harden == 1 && + bpf_token_capable(prog ? prog->aux->token : NULL, CAP_BPF)) return false; return true; From patchwork Mon Nov 4 20:04:52 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Mathias Krause X-Patchwork-Id: 13861963 X-Patchwork-Delegate: bpf@iogearbox.net Received: from mail-ed1-f51.google.com (mail-ed1-f51.google.com [209.85.208.51]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A0D331D47C0 for ; Mon, 4 Nov 2024 20:05:02 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.208.51 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730750704; cv=none; b=mLIIAGqy5wH6GsVUtnh3QsyrzeLTxLl+83jEazK4vtT4ppxLHOGsjK16I3C/D3W31z72jEQuGGoycSuP7QvqX/HUt79D/HOzda+DIVVEij1fisJiQlwpy9Wy0xtsgV41qVElMaNvtgsABPaiLuCdYwQYwWPinBk+e4ogDAW++UY= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730750704; c=relaxed/simple; bh=XIUdvSlCnzbEcy0YniPv49flYBxSP4mV/idspgIeXh8=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=BkcvXT4Nulpo86VHFjwHczrPOUMHxEh+jzHAjkB56rNbpo4n59wgbXV4Rk+awWa5eEWWbCq3zyzLaEM6iRuWfIbac0N38zc89ueg3ytvICYJt9l9DyDZv914tnI9SmOepi0XKmxmnOz7c7+Xs8YcFRrodfVfHXxIjI0hxpheejg= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=grsecurity.net; spf=pass smtp.mailfrom=opensrcsec.com; dkim=pass (2048-bit key) header.d=grsecurity.net header.i=@grsecurity.net header.b=ntCrfejz; arc=none smtp.client-ip=209.85.208.51 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=grsecurity.net Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=opensrcsec.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=grsecurity.net header.i=@grsecurity.net header.b="ntCrfejz" Received: by mail-ed1-f51.google.com with SMTP id 4fb4d7f45d1cf-5c948c41edeso5914523a12.1 for ; Mon, 04 Nov 2024 12:05:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=grsecurity.net; s=grsec; t=1730750701; x=1731355501; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=LqXyBeqTqhNf+awLvPMY72W00ptpe9CxNn7gsTTON+g=; b=ntCrfejzMaIxdXYdOG0M6qCF/O1in5cjp2JWxLXouxDticBceHF7u8GyRpkOn1iVlQ j+uTWKz+GyubPj9Ts548uUpc3nYHe6qvjQpYahiZykHjqXfVE5ZrfMsv0zmMab4Pcg0Q NgeiGbrPp6kOrdmNl5OTxn5/QDBiny6PZCpadAphkW/+V2G/QI6Eg69z9GM7//pb+yhV 1jQCISIv1uufTE0K45GfgxhG+Qfq3rYvlAeEWohkTDK/PDwWdQkK2AHH6QKP3zPvQszQ z+t3p6/VB0eWmOk3qXozjS5aqvOkKtCZirLSDfDKBNK8XKUOXU9I59x9/wCT5FMlSCC2 geDw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1730750701; x=1731355501; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=LqXyBeqTqhNf+awLvPMY72W00ptpe9CxNn7gsTTON+g=; b=D0xmTaQcS/4zIeBwBc5XRENjq3lM/tktdSEJ65hvMllLpUb32/JCCxJbFe7mMrnuqw IBdezteq1CTe7YobQqoVwqDJJgg/Qtuvb/sk8xWxnpzziqsfgU2S6x8IUj7/A3370jyJ A1xiGR+5vDRIFjabXKNj9PPzKmukxBgXHDx9QCVjSIcxsiNu6eowO2dW4VVi0Q1hxN1N lYKGcIphMH1U4SJTqq0wpazUh3XeCiEmd1359f10xKPXwsL8NXhZpwSMsXRJFBe06Isq s8eUiDYC/5o0KeBBQz7jj4WneU0ylG4koyhHVq0dx0xU5Y9Bld22tbj/PDSkL3xKc1Vm aqLw== X-Gm-Message-State: AOJu0YxjRc1i9SZQ336YObU/qMAj3NG8et8ZBiD/hvhoi8l5NbQfg40V iLnVl3+SpNwUTSsd5GpntpDoHEH63xzUCDW8YuGRuWzQDa21Q2k6gzadyZxjBApaMkZSs4rnTt1 QRco= X-Google-Smtp-Source: AGHT+IFfiWwMUqcQi3JT4VkZBNOmJCL/e1pON4K+ovIlwLvD1jQ9g7w8ja3e8ARtKuc2HFxLxH64nw== X-Received: by 2002:a05:6402:3596:b0:5ce:cbce:ccbb with SMTP id 4fb4d7f45d1cf-5cecbcecfcdmr7407916a12.35.1730750700586; Mon, 04 Nov 2024 12:05:00 -0800 (PST) Received: from bell.fritz.box (p200300f6af056e00c6570c15b61f00e3.dip0.t-ipconnect.de. [2003:f6:af05:6e00:c657:c15:b61f:e3]) by smtp.gmail.com with ESMTPSA id 4fb4d7f45d1cf-5cee6a9a5c6sm249160a12.17.2024.11.04.12.04.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 04 Nov 2024 12:05:00 -0800 (PST) From: Mathias Krause To: bpf@vger.kernel.org Cc: Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , Mathias Krause , Johan Almbladh Subject: [PATCH bpf-next 3/3] bpf/tests: Make staggered jump tests constant blinding compatible Date: Mon, 4 Nov 2024 21:04:52 +0100 Message-Id: <20241104200452.2651529-4-minipli@grsecurity.net> X-Mailer: git-send-email 2.30.2 In-Reply-To: <20241104200452.2651529-1-minipli@grsecurity.net> References: <20241104200452.2651529-1-minipli@grsecurity.net> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: bpf@iogearbox.net The "staggered jumps" tests currently fail with constant blinding enabled as the increased program size makes jump offsets overflow. Fix that by decreasing the number of jumps depending on the expected size increase caused by blinding the program. As the test for JIT blinding makes use of bpf_jit_blinding_enabled(NULL) and test_bpf.ko is a kernel modules, 'bpf_token_capable' and 'bpf_jit_harden' need to be exported. Fixes: a7d2e752e520 ("bpf/tests: Add staggered JMP and JMP32 tests") Cc: Johan Almbladh Signed-off-by: Mathias Krause --- kernel/bpf/core.c | 3 +++ kernel/bpf/token.c | 3 +++ lib/test_bpf.c | 19 +++++++++++++++++-- 3 files changed, 23 insertions(+), 2 deletions(-) diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c index 233ea78f8f1b..fe7eada54d4b 100644 --- a/kernel/bpf/core.c +++ b/kernel/bpf/core.c @@ -570,6 +570,9 @@ int bpf_jit_kallsyms __read_mostly = IS_BUILTIN(CONFIG_BPF_JIT_DEFAULT_ON); int bpf_jit_harden __read_mostly; long bpf_jit_limit __read_mostly; long bpf_jit_limit_max __read_mostly; +#if IS_MODULE(CONFIG_TEST_BPF) +EXPORT_SYMBOL_GPL(bpf_jit_harden); +#endif static void bpf_prog_ksym_set_addr(struct bpf_prog *prog) diff --git a/kernel/bpf/token.c b/kernel/bpf/token.c index dcbec1a0dfb3..aed98a958c73 100644 --- a/kernel/bpf/token.c +++ b/kernel/bpf/token.c @@ -26,6 +26,9 @@ bool bpf_token_capable(const struct bpf_token *token, int cap) return false; return true; } +#if IS_MODULE(CONFIG_TEST_BPF) +EXPORT_SYMBOL_GPL(bpf_token_capable); +#endif void bpf_token_inc(struct bpf_token *token) { diff --git a/lib/test_bpf.c b/lib/test_bpf.c index c1140bab280d..3469631c0aba 100644 --- a/lib/test_bpf.c +++ b/lib/test_bpf.c @@ -2700,10 +2700,25 @@ static int __bpf_fill_staggered_jumps(struct bpf_test *self, u64 r1, u64 r2) { int size = self->test[0].result - 1; - int len = 4 + 3 * (size + 1); struct bpf_insn *insns; - int off, ind; + int len, off, ind; + /* Constant blinding triples the size of each instruction making use + * of immediate values. Tweak the test to not overflow jump offsets. + */ + if (bpf_jit_blinding_enabled(NULL)) { + int bloat_factor = 2 * 3; + + if (BPF_SRC(jmp->code) == BPF_K) + bloat_factor += 3; + + size /= bloat_factor; + size &= ~1; + + self->test[0].result = size + 1; + } + + len = 4 + 3 * (size + 1); insns = kmalloc_array(len, sizeof(*insns), GFP_KERNEL); if (!insns) return -ENOMEM;