[bpf,0/2] s390/bpf: Fix backchain issues in the trampoline

Message ID	20231010203512.385819-1-iii@linux.ibm.com (mailing list archive)
Headers	show Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net [23.128.96.19]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 05313225CF for <bpf@vger.kernel.org>; Tue, 10 Oct 2023 20:35:32 +0000 (UTC) From: Ilya Leoshkevich <iii@linux.ibm.com> To: Alexei Starovoitov <ast@kernel.org>, Daniel Borkmann <daniel@iogearbox.net>, Andrii Nakryiko <andrii@kernel.org> Cc: bpf@vger.kernel.org, Heiko Carstens <hca@linux.ibm.com>, Vasily Gorbik <gor@linux.ibm.com>, Alexander Gordeev <agordeev@linux.ibm.com>, Song Liu <song@kernel.org>, Ilya Leoshkevich <iii@linux.ibm.com> Subject: [PATCH bpf 0/2] s390/bpf: Fix backchain issues in the trampoline Date: Tue, 10 Oct 2023 22:20:08 +0200 Message-ID: <20231010203512.385819-1-iii@linux.ibm.com> Content-Transfer-Encoding: 8bit Precedence: bulk MIME-Version: 1.0
Series	s390/bpf: Fix backchain issues in the trampoline \| expand [bpf,0/2] s390/bpf: Fix backchain issues in the trampoline [bpf,1/2] s390/bpf: Fix clobbering the caller's backchain in the trampoline [bpf,2/2] s390/bpf: Fix unwinding past the trampoline

Message ID

20231010203512.385819-1-iii@linux.ibm.com (mailing list archive)

Headers

From: Ilya Leoshkevich <iii@linux.ibm.com>
To: Alexei Starovoitov <ast@kernel.org>,
        Daniel Borkmann <daniel@iogearbox.net>,
        Andrii Nakryiko <andrii@kernel.org>
Cc: bpf@vger.kernel.org, Heiko Carstens <hca@linux.ibm.com>,
        Vasily Gorbik <gor@linux.ibm.com>,
        Alexander Gordeev <agordeev@linux.ibm.com>,
 Song Liu <song@kernel.org>,
        Ilya Leoshkevich <iii@linux.ibm.com>
Subject: [PATCH bpf 0/2] s390/bpf: Fix backchain issues in the trampoline
Date: Tue, 10 Oct 2023 22:20:08 +0200
Message-ID: <20231010203512.385819-1-iii@linux.ibm.com>
Content-Transfer-Encoding: 8bit
Precedence: bulk
MIME-Version: 1.0

Series

s390/bpf: Fix backchain issues in the trampoline | expand

Message

Ilya Leoshkevich Oct. 10, 2023, 8:20 p.m. UTC

Hi,

Song reported that a patch he wrote was causing kernel panics on s390.
The disassembly printed by the kernel indicated that the stored
backchain was not a valid pointer; setting a watchpoint in GDB has
shown the culprit: the trampoline.

Currently it's implemented without regard for backchain: it clobbers
the caller's backchain and causes the issue reported by Song, and also
doesn't store its own, making it impossible to unwind past itself.

This series fixes both problems.

Best regards,
Ilya

[1] https://lore.kernel.org/bpf/20231004004350.533234-1-song@kernel.org/

Ilya Leoshkevich (2):
  s390/bpf: Fix clobbering the caller's backchain in the trampoline
  s390/bpf: Fix unwinding past the trampoline

 arch/s390/net/bpf_jit_comp.c | 25 ++++++++++++++++++++-----
 1 file changed, 20 insertions(+), 5 deletions(-)

Comments

patchwork-bot+netdevbpf@kernel.org Oct. 10, 2023, 10:10 p.m. UTC | #1

Hello:

This series was applied to bpf/bpf.git (master)
by Daniel Borkmann <daniel@iogearbox.net>:

On Tue, 10 Oct 2023 22:20:08 +0200 you wrote:
> Hi,
> 
> Song reported that a patch he wrote was causing kernel panics on s390.
> The disassembly printed by the kernel indicated that the stored
> backchain was not a valid pointer; setting a watchpoint in GDB has
> shown the culprit: the trampoline.
> 
> [...]

Here is the summary with links:
  - [bpf,1/2] s390/bpf: Fix clobbering the caller's backchain in the trampoline
    https://git.kernel.org/bpf/bpf/c/ce10fc0604bc
  - [bpf,2/2] s390/bpf: Fix unwinding past the trampoline
    https://git.kernel.org/bpf/bpf/c/5356ba1ff4f2

You are awesome, thank you!