From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-18.8 required=3.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER, INCLUDES_PATCH,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id AE4B5C47E4E for ; Thu, 15 Jul 2021 12:57:17 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 9269A613BB for ; Thu, 15 Jul 2021 12:57:17 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232212AbhGONAI (ORCPT ); Thu, 15 Jul 2021 09:00:08 -0400 Received: from smtp-relay-canonical-1.canonical.com ([185.125.188.121]:60116 "EHLO smtp-relay-canonical-1.canonical.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229679AbhGONAH (ORCPT ); Thu, 15 Jul 2021 09:00:07 -0400 Received: from localhost (1.general.cking.uk.vpn [10.172.193.212]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-canonical-1.canonical.com (Postfix) with ESMTPSA id D87E3409F4; Thu, 15 Jul 2021 12:57:12 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1626353832; bh=XqK+vx8ysu2dR1xpNfi0uOpzCmJBmn4R/mwkNVGPQrY=; h=From:To:Cc:Subject:Date:Message-Id:MIME-Version:Content-Type; b=KQq+r3AASoEClQVDGdeTH/Bua3fewcvARM7YLnlQw7dWvHB0nHgap+GrPmjK3BOQi fsrrhuR0CP9yy8Ykhi5UHXqlLWx5yIjMUrt5kyS6SC/wgBjBsh15tNjh+tJ3Wwyue7 LE9xQzChcZXyK5e23wcxIc7IznMpf5DeWH6qWt1OAhKKMzz61fYa+WAfBh7vefbtgb YUsOqItmsQkpFK+zBlgND6MJ4o8Kjd0K2xS8b8Snzu1Cc0OxryEeOpE0oUxsp+V9uX HDKg/izKaFHLFJU5gtKe6iD/rpjliOIodSiOQ7FaCGidVKS+8JyQxD/WoffA3N7TYa pCyiNp/JopPBw== From: Colin King To: Ilya Leoshkevich , Heiko Carstens , Vasily Gorbik , Christian Borntraeger , Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , Song Liu , Yonghong Song , John Fastabend , KP Singh , Michael Holzheu , Martin Schwidefsky , netdev@vger.kernel.org, bpf@vger.kernel.org, linux-s390@vger.kernel.org Cc: kernel-janitors@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH] s390/bpf: perform r1 range checking before accessing jit->seen_reg[r1] Date: Thu, 15 Jul 2021 13:57:12 +0100 Message-Id: <20210715125712.24690-1-colin.king@canonical.com> X-Mailer: git-send-email 2.31.1 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Colin Ian King Currently array jit->seen_reg[r1] is being accessed before the range checking of index r1. The range changing on r1 should be performed first since it will avoid any potential out-of-range accesses on the array seen_reg[] and also it is more optimal to perform checks on r1 before fetching data from the array. Fix this by swapping the order of the checks before the array access. Fixes: 054623105728 ("s390/bpf: Add s390x eBPF JIT compiler backend") Signed-off-by: Colin Ian King --- arch/s390/net/bpf_jit_comp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/s390/net/bpf_jit_comp.c b/arch/s390/net/bpf_jit_comp.c index 63cae0476bb4..2ae419f5115a 100644 --- a/arch/s390/net/bpf_jit_comp.c +++ b/arch/s390/net/bpf_jit_comp.c @@ -112,7 +112,7 @@ static inline void reg_set_seen(struct bpf_jit *jit, u32 b1) { u32 r1 = reg2hex[b1]; - if (!jit->seen_reg[r1] && r1 >= 6 && r1 <= 15) + if (r1 >= 6 && r1 <= 15 && !jit->seen_reg[r1]) jit->seen_reg[r1] = 1; } -- 2.31.1