git.baikalelectronics.ru Git - kernel.git/commit

author	Xu Kuohai <xukuohai@huawei.com>
	Sat, 2 Apr 2022 07:39:42 +0000 (03:39 -0400)
committer	Daniel Borkmann <daniel@iogearbox.net>
	Tue, 5 Apr 2022 22:04:22 +0000 (00:04 +0200)
commit	ee34e8d7b5543168e4b724fc428c9ba50dc4e30a
tree	ae90f31a102b5e3d55e8e974fb8622ea0c8a4566	tree \| snapshot
parent	cada7c3334a614c0fb19e9c29440b486f35b11e6	commit \| diff

bpf, arm64: Sign return address for JITed code

Sign return address for JITed code when the kernel is built with pointer
authentication enabled:

1. Sign LR with paciasp instruction before LR is pushed to stack. Since
paciasp acts like landing pads for function entry, no need to insert
bti instruction before paciasp.

2. Authenticate LR with autiasp instruction after LR is popped from stack.

For BPF tail call, the stack frame constructed by the caller is reused by
the callee. That is, the stack frame is constructed by the caller and
destructed by the callee. Thus LR is signed and pushed to the stack in the
caller's prologue, and poped from the stack and authenticated in the
callee's epilogue.

For BPF2BPF call, the caller and callee construct their own stack frames,
and sign and authenticate their own LRs.

Signed-off-by: Xu Kuohai <xukuohai@huawei.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Link: https://events.static.linuxfound.org/sites/events/files/slides/slides_23.pdf
Link: https://lore.kernel.org/bpf/20220402073942.3782529-1-xukuohai@huawei.com

arch/arm64/net/bpf_jit.h		diff \| blob \| history
arch/arm64/net/bpf_jit_comp.c		diff \| blob \| history