git.baikalelectronics.ru Git - kernel.git/commit

author	Xu Kuohai <xukuohai@huawei.com>
	Sat, 2 Apr 2022 07:39:42 +0000 (03:39 -0400)
committer	Daniel Borkmann <daniel@iogearbox.net>
	Tue, 5 Apr 2022 22:04:22 +0000 (00:04 +0200)
commit	af35bbcc2195825c873f683ffbf73d73f23bd3c6
tree	ae90f31a102b5e3d55e8e974fb8622ea0c8a4566	tree \| snapshot
parent	bdade36679cbcd0f9a63b3dda99d7e024cad7613	commit \| diff

bpf, arm64: Sign return address for JITed code

Sign return address for JITed code when the kernel is built with pointer
authentication enabled:

1. Sign LR with paciasp instruction before LR is pushed to stack. Since
paciasp acts like landing pads for function entry, no need to insert
bti instruction before paciasp.

2. Authenticate LR with autiasp instruction after LR is popped from stack.

For BPF tail call, the stack frame constructed by the caller is reused by
the callee. That is, the stack frame is constructed by the caller and
destructed by the callee. Thus LR is signed and pushed to the stack in the
caller's prologue, and poped from the stack and authenticated in the
callee's epilogue.

For BPF2BPF call, the caller and callee construct their own stack frames,
and sign and authenticate their own LRs.

Signed-off-by: Xu Kuohai <xukuohai@huawei.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Link: https://events.static.linuxfound.org/sites/events/files/slides/slides_23.pdf
Link: https://lore.kernel.org/bpf/20220402073942.3782529-1-xukuohai@huawei.com

arch/arm64/net/bpf_jit.h		diff \| blob \| history
arch/arm64/net/bpf_jit_comp.c		diff \| blob \| history