On Tue, 2023-11-28 at 10:28 +0100, Jiri Olsa wrote:
> We need to be able to skip ip address check for caller in following
> changes. Adding checkip argument to allow that.
>
> Signed-off-by: Jiri Olsa <jolsa@xxxxxxxxxx>
> ---
> arch/arm64/net/bpf_jit_comp.c | 3 ++-
> arch/riscv/net/bpf_jit_comp64.c | 5 +++--
> arch/s390/net/bpf_jit_comp.c | 3 ++-
> arch/x86/net/bpf_jit_comp.c | 24 +++++++++++++-----------
> include/linux/bpf.h | 2 +-
> kernel/bpf/arraymap.c | 8 ++++----
> kernel/bpf/core.c | 2 +-
> kernel/bpf/trampoline.c | 12 ++++++------
> 8 files changed, 32 insertions(+), 27 deletions(-)
[...]
> --- a/arch/x86/net/bpf_jit_comp.c
> +++ b/arch/x86/net/bpf_jit_comp.c
> @@ -435,19 +435,21 @@ static int __bpf_arch_text_poke(void *ip, enum
> bpf_text_poke_type t,
> }
>
> int bpf_arch_text_poke(void *ip, enum bpf_text_poke_type t,
> - void *old_addr, void *new_addr)
> + void *old_addr, void *new_addr, bool checkip)
> {
> - if (!is_kernel_text((long)ip) &&
> - !is_bpf_text_address((long)ip))
> - /* BPF poking in modules is not supported */
> - return -EINVAL;
> + if (checkip) {
> + if (!is_kernel_text((long)ip) &&
> + !is_bpf_text_address((long)ip))
> + /* BPF poking in modules is not supported */
> + return -EINVAL;
>
> - /*
> - * See emit_prologue(), for IBT builds the trampoline hook is
> preceded
> - * with an ENDBR instruction.
> - */
> - if (is_endbr(*(u32 *)ip))
> - ip += ENDBR_INSN_SIZE;
> + /*
> + * See emit_prologue(), for IBT builds the trampoline
> hook is preceded
> + * with an ENDBR instruction.
> + */
> + if (is_endbr(*(u32 *)ip))
> + ip += ENDBR_INSN_SIZE;
Do we really want to skip the IP adjustment too?
> + }
>
> return __bpf_arch_text_poke(ip, t, old_addr, new_addr);
> }
[...]
