git.baikalelectronics.ru Git - kernel.git/commit

author	Daniel Borkmann <dborkman@redhat.com>
	Mon, 8 Sep 2014 06:04:47 +0000 (08:04 +0200)
committer	David S. Miller <davem@davemloft.net>
	Tue, 9 Sep 2014 23:58:56 +0000 (16:58 -0700)
commit	cf8a51ffc8f0d0d067373d5646c61b77a0c049cf
tree	4c207c0a763ea8998dddda89a7a1d9eb98866b60	tree \| snapshot
parent	8b10ff73b7dce888fd7958b40a7b36ee3091a995	commit \| diff

net: bpf: consolidate JIT binary allocator

Introduced in commit 51d1d536b5aa ("x86: bpf_jit_comp: secure bpf jit
against spraying attacks") and later on replicated in 67318e88d244
("s390/bpf,jit: address randomize and write protect jit code") for
s390 architecture, write protection for BPF JIT images got added and
a random start address of the JIT code, so that it's not on a page
boundary anymore.

Since both use a very similar allocator for the BPF binary header,
we can consolidate this code into the BPF core as it's mostly JIT
independant anyway.

This will also allow for future archs that support DEBUG_SET_MODULE_RONX
to just reuse instead of reimplementing it.

JIT tested on x86_64 and s390x with BPF test suite.

Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Acked-by: Alexei Starovoitov <ast@plumgrid.com>
Cc: Eric Dumazet <edumazet@google.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Signed-off-by: David S. Miller <davem@davemloft.net>

arch/s390/net/bpf_jit_comp.c		diff \| blob \| history
arch/x86/net/bpf_jit_comp.c		diff \| blob \| history
include/linux/filter.h		diff \| blob \| history
kernel/bpf/core.c		diff \| blob \| history