On Thu, 2024-01-25 at 09:34 +0100, Hao Sun wrote: [...] > Testing this case with test_progs/test_verifier is hard because it happens > when cpu_mitigations_off() is true, but we do not have this setup yet. > So the mentioned prog is rejected by sanitize_check_bounds() due to ptr > alu with var_off when adding it to test_progs, and loading as unpriv. > > My local test was conducted: (1) booting the kernel with "mitigations=off" > so that bypass_spec_v1 is true and sanitize_check_bounds() is skipped; > (2) running the prog without the patch leaks the pointer; (3) loading the > prog with the patch applied resulting in the expected message. Thank you for explaining. I booted VM with "mitigations=off" and tried test as in [1], it passes. Tested-by: Eduard Zingerman <eddyz87@xxxxxxxxx> [1] https://gist.github.com/eddyz87/bb517437767a8f01891cc6e6a847d448