Hi, Johan!
>>>>> On Tue, 5 Jul 2022 11:31:58 +0300, Yauheni Kaliuta wrote:
> Hi, Johan!
> On Tue, Jul 5, 2022 at 11:06 AM Johan Almbladh
> <johan.almbladh@xxxxxxxxxxxxxxxxx> wrote:
>>
>> On Mon, Jul 4, 2022 at 10:22 AM Yauheni Kaliuta <ykaliuta@xxxxxxxxxx> wrote:
>> >
>> > Hi!
>> >
>> > On Fri, Jul 1, 2022 at 2:05 PM Yauheni Kaliuta <ykaliuta@xxxxxxxxxx> wrote:
>> > > >>>>> On Thu, 30 Jun 2022 22:57:37 +0200, Daniel Borkmann wrote:
>> > >
>> > > > On 6/30/22 3:19 PM, Yauheni Kaliuta wrote:
>> > > >> Hi!
>> > > >> test_kmod.sh fails for hardened 2 check with
>> > > >> test_bpf: #964 Staggered jumps: JMP_JA FAIL to select_runtime
>> > > >> err=-524
>> > > >> (-ERANGE during constant blinding)
>> > > >> Did I miss something?
>> > >
>> > > > That could be expected if one of bpf_adj_delta_to_imm() / bpf_adj_delta_to_off()
>> > > > fails given the targets go out of range.
>> > >
>> > > I believe that, but how to fix the test? It should not fail.
>> > >
>> > > > How do the generated insn look?
>> > >
>> > > The instruction when it fails is
>> > >
>> > > (gdb) p/x insn[0]
>> > > $8 = {code = 0xb7, dst_reg = 0x0, src_reg = 0x0, off = 0x0, imm = 0x2aaa}
>> > >
>> > > And it's rewritten as
>> > >
>> > > (gdb) p rewritten
>> > > $9 = 3
>> > > (gdb) p/x insn_buff[0]
>> > > $10 = {code = 0xb7, dst_reg = 0xb, src_reg = 0x0, off = 0x0, imm = 0x68ad0283}
>> > > (gdb) p/x insn_buff[1]
>> > > $11 = {code = 0xa7, dst_reg = 0xb, src_reg = 0x0, off = 0x0, imm = 0x68ad2829}
>> > > (gdb) p/x insn_buff[2]
>> > > $12 = {code = 0xbf, dst_reg = 0x0, src_reg = 0xb, off = 0x0, imm = 0x0}
>> > >
>> > > IIUC.
>> > >
>> >
>> > Johan, what do you think?
>>
>> Hmm, I can take a look at it. What is the target arch?
>>
> It fails even on x86.
Did you have a chance to look?
--
WBR,
Yauheni Kaliuta
