From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-10.1 required=3.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,INCLUDES_PATCH,MAILING_LIST_MULTI,SIGNED_OFF_BY, SPF_HELO_NONE,SPF_PASS,URIBL_BLOCKED,USER_AGENT_GIT autolearn=unavailable autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 62710C433E0 for ; Tue, 9 Jun 2020 00:57:20 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 3411E20737 for ; Tue, 9 Jun 2020 00:57:20 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1591664240; bh=fK82cI40GO1yH3Ip1kLba1zXWfkLTxYg+MFpEbXh69w=; h=From:To:Cc:Subject:Date:In-Reply-To:References:List-ID:From; b=MslHgL7xjCDUydnSyS+vydNA9jzsYfGMBXY+AiuFRfLhO4XjTMsgkhDB2kESQEWYX XXbCCIYpw62yQ8t9BI3MkdG2tRYqPBnNq0IhrUdQMBC5+DZFxwxxBHQwPhIyQ4Q3lf BkMPbHKp+h912IYS81JwkvgKZo/n6T4fs5BI/sYg= Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728285AbgFHXIz (ORCPT ); Mon, 8 Jun 2020 19:08:55 -0400 Received: from mail.kernel.org ([198.145.29.99]:54422 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727000AbgFHXIx (ORCPT ); Mon, 8 Jun 2020 19:08:53 -0400 Received: from sasha-vm.mshome.net (c-73-47-72-35.hsd1.nh.comcast.net [73.47.72.35]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id 6ED9D2085B; Mon, 8 Jun 2020 23:08:51 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1591657732; bh=fK82cI40GO1yH3Ip1kLba1zXWfkLTxYg+MFpEbXh69w=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=AB2x00QQzebqBsUwR4YxJzpr5+xeA8I+kaWTScWv1pvzB4lZ32TZQhAQ72rT/0Htb iYMGZaiSMGr4z7ARXLCAUdlKvhYOxRin5QoowGhMP6wiqZswdRHKYnI2JDZ92dWtE7 6L5THfCOknEfk/y7lgBM629S6VtZ+NFlKLGNfXbU= From: Sasha Levin To: linux-kernel@vger.kernel.org, stable@vger.kernel.org Cc: Luke Nelson , Luke Nelson , Alexei Starovoitov , Xi Wang , Sasha Levin , netdev@vger.kernel.org, bpf@vger.kernel.org, linux-riscv@lists.infradead.org Subject: [PATCH AUTOSEL 5.7 123/274] bpf, riscv: Fix tail call count off by one in RV32 BPF JIT Date: Mon, 8 Jun 2020 19:03:36 -0400 Message-Id: <20200608230607.3361041-123-sashal@kernel.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200608230607.3361041-1-sashal@kernel.org> References: <20200608230607.3361041-1-sashal@kernel.org> MIME-Version: 1.0 X-stable: review X-Patchwork-Hint: Ignore Content-Transfer-Encoding: 8bit Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org From: Luke Nelson [ Upstream commit 745abfaa9eafa597d31fdf24a3249e5206a98768 ] This patch fixes an off by one error in the RV32 JIT handling for BPF tail call. Currently, the code decrements TCC before checking if it is less than zero. This limits the maximum number of tail calls to 32 instead of 33 as in other JITs. The fix is to instead check the old value of TCC before decrementing. Fixes: 5f316b65e99f ("riscv, bpf: Add RV32G eBPF JIT") Signed-off-by: Luke Nelson Signed-off-by: Alexei Starovoitov Acked-by: Xi Wang Link: https://lore.kernel.org/bpf/20200421002804.5118-1-luke.r.nels@gmail.com Signed-off-by: Sasha Levin --- arch/riscv/net/bpf_jit_comp32.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/arch/riscv/net/bpf_jit_comp32.c b/arch/riscv/net/bpf_jit_comp32.c index 302934177760..11083d4d5f2d 100644 --- a/arch/riscv/net/bpf_jit_comp32.c +++ b/arch/riscv/net/bpf_jit_comp32.c @@ -770,12 +770,13 @@ static int emit_bpf_tail_call(int insn, struct rv_jit_context *ctx) emit_bcc(BPF_JGE, lo(idx_reg), RV_REG_T1, off, ctx); /* - * if ((temp_tcc = tcc - 1) < 0) + * temp_tcc = tcc - 1; + * if (tcc < 0) * goto out; */ emit(rv_addi(RV_REG_T1, RV_REG_TCC, -1), ctx); off = (tc_ninsn - (ctx->ninsns - start_insn)) << 2; - emit_bcc(BPF_JSLT, RV_REG_T1, RV_REG_ZERO, off, ctx); + emit_bcc(BPF_JSLT, RV_REG_TCC, RV_REG_ZERO, off, ctx); /* * prog = array->ptrs[index]; -- 2.25.1