Re: [PATCH v4 0/8] bpf powerpc: Add BPF_PROBE_MEM support in powerpc JIT compiler
Daniel Borkmann writes: > On 9/29/21 1:18 PM, Hari Bathini wrote: >> Patch #1 & #2 are simple cleanup patches. Patch #3 refactors JIT >> compiler code with the aim to simplify adding BPF_PROBE_MEM support. >> Patch #4 introduces PPC_RAW_BRANCH() macro instead of open coding >> branch instruction. Patch #5 & #7 add BPF_PROBE_MEM support for PPC64 >> & PPC32 JIT compilers respectively. Patch #6 & #8 handle bad userspace >> pointers for PPC64 & PPC32 cases respectively. > > Michael, are you planning to pick up the series or shall we route via > bpf-next? Yeah I'll plan to take it, unless you think there is a strong reason it needs to go via the bpf tree (doesn't look like it from the diffstat). cheers
Re: [PATCH 09/10] i2c: pasemi: Add Apple platform driver
On Wed, Sep 29, 2021, at 22:33, Wolfram Sang wrote: >> drivers/i2c/busses/i2c-pasemi-apple.c | 122 ++ > > Can't we name it 'i2c-pasemi-platform.c' instead? Makes more sense to me > because the other instance is named -pci. Sure, that's more consistent. I'll change the filename for v2. Thanks, Sven
Re: Add Apple M1 support to PASemi i2c driver
Hi, On Fri, Oct 1, 2021, at 06:47, Christian Zigotzky wrote: > On 27 September 2021 at 07:39 am, Sven Peter wrote: > > Hi Christian, > > > > Thanks already for volunteering to test this! > > > Hello Sven, > > Damian (Hypex) has successfully tested the RC3 of kernel 5.15 with your > modified i2c driver on his Nemo board yesterday. [1] Thanks a lot, that's great to hear! If he wants to I can credit him with a Tested-by tag in the commit message, see e.g. https://www.kernel.org/doc/html/latest/process/submitting-patches.html#using-reported-by-tested-by-reviewed-by-suggested-by-and-fixes. Best, Sven
Re: [PATCH v4 07/11] mm: kasan: Use is_kernel() helper
On Thu, Sep 30, 2021 at 9:09 AM Kefeng Wang wrote: > > Directly use is_kernel() helper in kernel_or_module_addr(). > > Cc: Andrey Ryabinin > Cc: Alexander Potapenko > Cc: Andrey Konovalov > Cc: Dmitry Vyukov > Signed-off-by: Kefeng Wang > --- > mm/kasan/report.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/mm/kasan/report.c b/mm/kasan/report.c > index 3239fd8f8747..1c955e1c98d5 100644 > --- a/mm/kasan/report.c > +++ b/mm/kasan/report.c > @@ -226,7 +226,7 @@ static void describe_object(struct kmem_cache *cache, > void *object, > > static inline bool kernel_or_module_addr(const void *addr) > { > - if (addr >= (void *)_stext && addr < (void *)_end) > + if (is_kernel((unsigned long)addr)) > return true; > if (is_module_address((unsigned long)addr)) > return true; > -- > 2.26.2 > Reviewed-by: Andrey Konovalov
Re: Add Apple M1 support to PASemi i2c driver
On 03 October 2021 at 04:36 pm, Sven Peter wrote: > Hi, > > > On Fri, Oct 1, 2021, at 06:47, Christian Zigotzky wrote: >> On 27 September 2021 at 07:39 am, Sven Peter wrote: >> > Hi Christian, >> > >> > Thanks already for volunteering to test this! >> > >> Hello Sven, >> >> Damian (Hypex) has successfully tested the RC3 of kernel 5.15 with your >> modified i2c driver on his Nemo board yesterday. [1] > > Thanks a lot, that's great to hear! > If he wants to I can credit him with a Tested-by tag in the commit message, > see e.g. https://www.kernel.org/doc/html/latest/process/submitting-patches.html#using-reported-by-tested-by-reviewed-by-suggested-by-and-fixes. > > > Best, > > > Sven Hello Sven, We are still testing your i2c modifications. [1] Please wait a litte bit till we finished our tests. @Darren Could you also please check Sven's i2c modifications? He has also modified your source code a little bit. [2] @Olof Are these i2c modifications OK? Do these work on your P.A. Semi board? Thanks, Christian [1] https://forum.hyperion-entertainment.com/viewtopic.php?p=54138#p54138 [2] https://lists.ozlabs.org/pipermail/linuxppc-dev/2017-January/153195.html
Re: [PATCH 6/9] powerpc/bpf: Fix BPF_SUB when imm == 0x80000000
Le 01/10/2021 à 23:14, Naveen N. Rao a écrit : We aren't handling subtraction involving an immediate value of 0x8000 properly. Fix the same. Fixes: 156d0e290e969c ("powerpc/ebpf/jit: Implement JIT compiler for extended BPF") Signed-off-by: Naveen N. Rao --- arch/powerpc/net/bpf_jit_comp64.c | 16 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/arch/powerpc/net/bpf_jit_comp64.c b/arch/powerpc/net/bpf_jit_comp64.c index ffb7a2877a8469..4641a50e82d50d 100644 --- a/arch/powerpc/net/bpf_jit_comp64.c +++ b/arch/powerpc/net/bpf_jit_comp64.c @@ -333,15 +333,15 @@ int bpf_jit_build_body(struct bpf_prog *fp, u32 *image, struct codegen_context * case BPF_ALU | BPF_SUB | BPF_K: /* (u32) dst -= (u32) imm */ case BPF_ALU64 | BPF_ADD | BPF_K: /* dst += imm */ case BPF_ALU64 | BPF_SUB | BPF_K: /* dst -= imm */ - if (BPF_OP(code) == BPF_SUB) - imm = -imm; - if (imm) { - if (imm >= -32768 && imm < 32768) - EMIT(PPC_RAW_ADDI(dst_reg, dst_reg, IMM_L(imm))); - else { - PPC_LI32(b2p[TMP_REG_1], imm); + if (imm > -32768 && imm < 32768) { + EMIT(PPC_RAW_ADDI(dst_reg, dst_reg, + BPF_OP(code) == BPF_SUB ? IMM_L(-imm) : IMM_L(imm))); + } else { + PPC_LI32(b2p[TMP_REG_1], imm); + if (BPF_OP(code) == BPF_SUB) + EMIT(PPC_RAW_SUB(dst_reg, dst_reg, b2p[TMP_REG_1])); + else EMIT(PPC_RAW_ADD(dst_reg, dst_reg, b2p[TMP_REG_1])); - } } goto bpf_alu32_trunc; There is now so few code common to both BPF_ADD and BPF_SUB that you should make them different cases. While at it, why not also use ADDIS if imm is 32 bits ? That would be an ADDIS/ADDI instead of LIS/ORI/ADD case BPF_ALU | BPF_MUL | BPF_X: /* (u32) dst *= (u32) src */
Re: [PATCH 4/9] powerpc/bpf: Handle large branch ranges with BPF_EXIT
Le 01/10/2021 à 23:14, Naveen N. Rao a écrit : In some scenarios, it is possible that the program epilogue is outside the branch range for a BPF_EXIT instruction. Instead of rejecting such programs, emit an indirect branch. We track the size of the bpf program emitted after the initial run and do a second pass since BPF_EXIT can end up emitting different number of instructions depending on the program size. Suggested-by: Jordan Niethe Signed-off-by: Naveen N. Rao --- arch/powerpc/net/bpf_jit.h| 3 +++ arch/powerpc/net/bpf_jit_comp.c | 22 +- arch/powerpc/net/bpf_jit_comp32.c | 2 +- arch/powerpc/net/bpf_jit_comp64.c | 2 +- 4 files changed, 26 insertions(+), 3 deletions(-) diff --git a/arch/powerpc/net/bpf_jit.h b/arch/powerpc/net/bpf_jit.h index 89bd744c2bffd4..4023de1698b9f5 100644 --- a/arch/powerpc/net/bpf_jit.h +++ b/arch/powerpc/net/bpf_jit.h @@ -126,6 +126,7 @@ #define SEEN_FUNC 0x2000 /* might call external helpers */ #define SEEN_TAILCALL 0x4000 /* uses tail calls */ +#define SEEN_BIG_PROG 0x8000 /* large prog, >32MB */ #define SEEN_VREG_MASK 0x1ff8 /* Volatile registers r3-r12 */ #define SEEN_NVREG_MASK 0x0003 /* Non volatile registers r14-r31 */ @@ -179,6 +180,8 @@ int bpf_jit_build_body(struct bpf_prog *fp, u32 *image, struct codegen_context * void bpf_jit_build_prologue(u32 *image, struct codegen_context *ctx); void bpf_jit_build_epilogue(u32 *image, struct codegen_context *ctx); void bpf_jit_realloc_regs(struct codegen_context *ctx); +int bpf_jit_emit_exit_insn(u32 *image, struct codegen_context *ctx, + int tmp_reg, unsigned long exit_addr); #endif diff --git a/arch/powerpc/net/bpf_jit_comp.c b/arch/powerpc/net/bpf_jit_comp.c index fcbf7a917c566e..3204872fbf2738 100644 --- a/arch/powerpc/net/bpf_jit_comp.c +++ b/arch/powerpc/net/bpf_jit_comp.c @@ -72,6 +72,21 @@ static int bpf_jit_fixup_subprog_calls(struct bpf_prog *fp, u32 *image, return 0; } +int bpf_jit_emit_exit_insn(u32 *image, struct codegen_context *ctx, + int tmp_reg, unsigned long exit_addr) +{ + if (!(ctx->seen & SEEN_BIG_PROG) && is_offset_in_branch_range(exit_addr)) { + PPC_JMP(exit_addr); + } else { + ctx->seen |= SEEN_BIG_PROG; + PPC_FUNC_ADDR(tmp_reg, (unsigned long)image + exit_addr); + EMIT(PPC_RAW_MTCTR(tmp_reg)); + EMIT(PPC_RAW_BCTR()); + } + + return 0; +} + struct powerpc64_jit_data { struct bpf_binary_header *header; u32 *addrs; @@ -155,12 +170,17 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *fp) goto out_addrs; } + if (!is_offset_in_branch_range((long)cgctx.idx * 4)) + cgctx.seen |= SEEN_BIG_PROG; + /* * If we have seen a tail call, we need a second pass. * This is because bpf_jit_emit_common_epilogue() is called * from bpf_jit_emit_tail_call() with a not yet stable ctx->seen. +* We also need a second pass if we ended up with too large +* a program so as to fix branches. */ - if (cgctx.seen & SEEN_TAILCALL) { + if (cgctx.seen & (SEEN_TAILCALL | SEEN_BIG_PROG)) { cgctx.idx = 0; if (bpf_jit_build_body(fp, 0, &cgctx, addrs, false)) { fp = org_fp; diff --git a/arch/powerpc/net/bpf_jit_comp32.c b/arch/powerpc/net/bpf_jit_comp32.c index a74d52204f8da2..d2a67574a23066 100644 --- a/arch/powerpc/net/bpf_jit_comp32.c +++ b/arch/powerpc/net/bpf_jit_comp32.c @@ -852,7 +852,7 @@ int bpf_jit_build_body(struct bpf_prog *fp, u32 *image, struct codegen_context * * we'll just fall through to the epilogue. */ if (i != flen - 1) - PPC_JMP(exit_addr); + bpf_jit_emit_exit_insn(image, ctx, tmp_reg, exit_addr); On ppc32, if you use tmp_reg you must flag it. But I think you could use r0 instead. /* else fall through to the epilogue */ break; diff --git a/arch/powerpc/net/bpf_jit_comp64.c b/arch/powerpc/net/bpf_jit_comp64.c index f06c62089b1457..3351a866ef6207 100644 --- a/arch/powerpc/net/bpf_jit_comp64.c +++ b/arch/powerpc/net/bpf_jit_comp64.c @@ -761,7 +761,7 @@ int bpf_jit_build_body(struct bpf_prog *fp, u32 *image, struct codegen_context * * we'll just fall through to the epilogue. */ if (i != flen - 1) - PPC_JMP(exit_addr); + bpf_jit_emit_exit_insn(image, ctx, b2p[TMP_REG_1], exit_addr); /* else fall through to the epilogue */ break;
Re: [PATCH 3/9] powerpc/bpf: Remove unused SEEN_STACK
Le 01/10/2021 à 23:14, Naveen N. Rao a écrit : From: Ravi Bangoria SEEN_STACK is unused on PowerPC. Remove it. Also, have SEEN_TAILCALL use 0x4000. Why change SEEN_TAILCALL ? Would it be a problem to leave it as is ? Signed-off-by: Ravi Bangoria Reviewed-by: Christophe Leroy --- arch/powerpc/net/bpf_jit.h | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/arch/powerpc/net/bpf_jit.h b/arch/powerpc/net/bpf_jit.h index 7e9b978b768ed9..89bd744c2bffd4 100644 --- a/arch/powerpc/net/bpf_jit.h +++ b/arch/powerpc/net/bpf_jit.h @@ -125,8 +125,7 @@ #define COND_LE (CR0_GT | COND_CMP_FALSE) #define SEEN_FUNC 0x2000 /* might call external helpers */ -#define SEEN_STACK 0x4000 /* uses BPF stack */ -#define SEEN_TAILCALL 0x8000 /* uses tail calls */ +#define SEEN_TAILCALL 0x4000 /* uses tail calls */ #define SEEN_VREG_MASK 0x1ff8 /* Volatile registers r3-r12 */ #define SEEN_NVREG_MASK 0x0003 /* Non volatile registers r14-r31 */
Re: [PATCH 1/9] powerpc/lib: Add helper to check if offset is within conditional branch range
Le 01/10/2021 à 23:14, Naveen N. Rao a écrit : Add a helper to check if a given offset is within the branch range for a powerpc conditional branch instruction, and update some sites to use the new helper. Signed-off-by: Naveen N. Rao --- arch/powerpc/include/asm/code-patching.h | 1 + arch/powerpc/lib/code-patching.c | 7 ++- arch/powerpc/net/bpf_jit.h | 7 +-- 3 files changed, 8 insertions(+), 7 deletions(-) diff --git a/arch/powerpc/include/asm/code-patching.h b/arch/powerpc/include/asm/code-patching.h index a95f63788c6b14..4ba834599c4d4c 100644 --- a/arch/powerpc/include/asm/code-patching.h +++ b/arch/powerpc/include/asm/code-patching.h @@ -23,6 +23,7 @@ #define BRANCH_ABSOLUTE 0x2 bool is_offset_in_branch_range(long offset); +bool is_offset_in_cond_branch_range(long offset); int create_branch(struct ppc_inst *instr, const u32 *addr, unsigned long target, int flags); int create_cond_branch(struct ppc_inst *instr, const u32 *addr, diff --git a/arch/powerpc/lib/code-patching.c b/arch/powerpc/lib/code-patching.c index f9a3019e37b43c..e2342b9a1ab9c9 100644 --- a/arch/powerpc/lib/code-patching.c +++ b/arch/powerpc/lib/code-patching.c @@ -228,6 +228,11 @@ bool is_offset_in_branch_range(long offset) return (offset >= -0x200 && offset <= 0x1fc && !(offset & 0x3)); } +bool is_offset_in_cond_branch_range(long offset) +{ + return offset >= -0x8000 && offset <= 0x7FFF && !(offset & 0x3); +} Would be better without capital letters in numbers, in extenso 0x7fff instead of 0x7FFF + /* * Helper to check if a given instruction is a conditional branch * Derived from the conditional checks in analyse_instr() @@ -280,7 +285,7 @@ int create_cond_branch(struct ppc_inst *instr, const u32 *addr, offset = offset - (unsigned long)addr; /* Check we can represent the target in the instruction format */ - if (offset < -0x8000 || offset > 0x7FFF || offset & 0x3) + if (!is_offset_in_cond_branch_range(offset)) return 1; /* Mask out the flags and target, so they don't step on each other. */ diff --git a/arch/powerpc/net/bpf_jit.h b/arch/powerpc/net/bpf_jit.h index 99fad093f43ec1..935ea95b66359e 100644 --- a/arch/powerpc/net/bpf_jit.h +++ b/arch/powerpc/net/bpf_jit.h @@ -78,11 +78,6 @@ #define PPC_FUNC_ADDR(d,i) do { PPC_LI32(d, i); } while(0) #endif -static inline bool is_nearbranch(int offset) -{ - return (offset < 32768) && (offset >= -32768); -} - /* * The fly in the ointment of code size changing from pass to pass is * avoided by padding the short branch case with a NOP.If code size differs @@ -91,7 +86,7 @@ static inline bool is_nearbranch(int offset) * state. */ #define PPC_BCC(cond, dest) do { \ - if (is_nearbranch((dest) - (ctx->idx * 4))) { \ + if (is_offset_in_cond_branch_range((long)(dest) - (ctx->idx * 4))) { \ PPC_BCC_SHORT(cond, dest);\ EMIT(PPC_RAW_NOP()); \ } else { \
Re: [PATCH 2/9] powerpc/bpf: Validate branch ranges
Le 01/10/2021 à 23:14, Naveen N. Rao a écrit : Add checks to ensure that we never emit branch instructions with truncated branch offsets. Suggested-by: Michael Ellerman Signed-off-by: Naveen N. Rao --- arch/powerpc/net/bpf_jit.h| 26 -- arch/powerpc/net/bpf_jit_comp.c | 6 +- arch/powerpc/net/bpf_jit_comp32.c | 8 ++-- arch/powerpc/net/bpf_jit_comp64.c | 8 ++-- 4 files changed, 37 insertions(+), 11 deletions(-) diff --git a/arch/powerpc/net/bpf_jit.h b/arch/powerpc/net/bpf_jit.h index 935ea95b66359e..7e9b978b768ed9 100644 --- a/arch/powerpc/net/bpf_jit.h +++ b/arch/powerpc/net/bpf_jit.h @@ -24,16 +24,30 @@ #define EMIT(instr) PLANT_INSTR(image, ctx->idx, instr) /* Long jump; (unconditional 'branch') */ -#define PPC_JMP(dest) EMIT(PPC_INST_BRANCH |\ -(((dest) - (ctx->idx * 4)) & 0x03fc)) +#define PPC_JMP(dest)\ + do { \ + long offset = (long)(dest) - (ctx->idx * 4); \ + if (!is_offset_in_branch_range(offset)) { \ + pr_err_ratelimited("Branch offset 0x%lx (@%u) out of range\n", offset, ctx->idx); \ Does it really deserves a KERN_ERR ? Isn't that something that can trigger with a userland request ? + return -ERANGE; \ + } \ + EMIT(PPC_INST_BRANCH | (offset & 0x03fc)); \ + } while (0) + /* blr; (unconditional 'branch' with link) to absolute address */ #define PPC_BL_ABS(dest) EMIT(PPC_INST_BL |\ (((dest) - (unsigned long)(image + ctx->idx)) & 0x03fc)) /* "cond" here covers BO:BI fields. */ -#define PPC_BCC_SHORT(cond, dest) EMIT(PPC_INST_BRANCH_COND | \ -(((cond) & 0x3ff) << 16) | \ -(((dest) - (ctx->idx * 4)) & \ - 0xfffc)) +#define PPC_BCC_SHORT(cond, dest)\ + do { \ + long offset = (long)(dest) - (ctx->idx * 4); \ + if (!is_offset_in_cond_branch_range(offset)) {\ + pr_err_ratelimited("Conditional branch offset 0x%lx (@%u) out of range\n", offset, ctx->idx); \ Same + return -ERANGE; \ + } \ + EMIT(PPC_INST_BRANCH_COND | (((cond) & 0x3ff) << 16) | (offset & 0xfffc));\ + } while (0) + /* Sign-extended 32-bit immediate load */ #define PPC_LI32(d, i)do { \ if ((int)(uintptr_t)(i) >= -32768 && \ diff --git a/arch/powerpc/net/bpf_jit_comp.c b/arch/powerpc/net/bpf_jit_comp.c index 53aefee3fe70be..fcbf7a917c566e 100644 --- a/arch/powerpc/net/bpf_jit_comp.c +++ b/arch/powerpc/net/bpf_jit_comp.c @@ -210,7 +210,11 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *fp) /* Now build the prologue, body code & epilogue for real. */ cgctx.idx = 0; bpf_jit_build_prologue(code_base, &cgctx); - bpf_jit_build_body(fp, code_base, &cgctx, addrs, extra_pass); + if (bpf_jit_build_body(fp, code_base, &cgctx, addrs, extra_pass)) { + bpf_jit_binary_free(bpf_hdr); + fp = org_fp; + goto out_addrs; + } bpf_jit_build_epilogue(code_base, &cgctx); if (bpf_jit_enable > 1) diff --git a/arch/powerpc/net/bpf_jit_comp32.c b/arch/powerpc/net/bpf_jit_comp32.c index beb12cbc8c2994..a74d52204f8da2 100644 --- a/arch/powerpc/net/bpf_jit_comp32.c +++ b/arch/powerpc/net/bpf_jit_comp32.c @@ -200,7 +200,7 @@ void bpf_jit_emit_func_call_rel(u32 *image, struct codegen_context *ctx, u64 fun } } -static void bpf_jit_emit_tail_call(u32 *image, struct codegen_context *ctx, u32 out) +static int bpf_jit_emit_tail_call(u32 *image, struct codegen_context *ctx, u32 out) { /* * By now, the eBPF program has already setup parameters in r3-r6 @@ -261,7 +261,9 @@ static void bpf_jit_emit_tail_call(u32 *image, struct codegen_context *ctx, u32 bpf_jit_emit_common_epilogue(image, ctx); EMIT(PPC_RAW_BCTR()); + /* out: */ + return 0;