Re: [PATCH] ppc: Fix BPF JIT for ABIv2
On 2016/06/22 12:42PM, Naveen N Rao wrote: > On 2016/06/21 11:47AM, Thadeu Lima de Souza Cascardo wrote: > > On Tue, Jun 21, 2016 at 09:15:48PM +1000, Michael Ellerman wrote: > > > On Tue, 2016-06-21 at 14:28 +0530, Naveen N. Rao wrote: > > > > On 2016/06/20 03:56PM, Thadeu Lima de Souza Cascardo wrote: > > > > > On Sun, Jun 19, 2016 at 11:19:14PM +0530, Naveen N. Rao wrote: > > > > > > On 2016/06/17 10:00AM, Thadeu Lima de Souza Cascardo wrote: > > > > > > > > > > > > > > Hi, Michael and Naveen. > > > > > > > > > > > > > > I noticed independently that there is a problem with BPF JIT and > > > > > > > ABIv2, and > > > > > > > worked out the patch below before I noticed Naveen's patchset and > > > > > > > the latest > > > > > > > changes in ppc tree for a better way to check for ABI versions. > > > > > > > > > > > > > > However, since the issue described below affect mainline and > > > > > > > stable kernels, > > > > > > > would you consider applying it before merging your two patchsets, > > > > > > > so that we can > > > > > > > more easily backport the fix? > > > > > > > > > > > > Hi Cascardo, > > > > > > Given that this has been broken on ABIv2 since forever, I didn't > > > > > > bother > > > > > > fixing it. But, I can see why this would be a good thing to have > > > > > > for > > > > > > -stable and existing distros. However, while your patch below may > > > > > > fix > > > > > > the crash you're seeing on ppc64le, it is not sufficient -- you'll > > > > > > need > > > > > > changes in bpf_jit_asm.S as well. > > > > > > > > > > Hi, Naveen. > > > > > > > > > > Any tips on how to exercise possible issues there? Or what changes > > > > > you think > > > > > would be sufficient? > > > > > > > > The calling convention is different with ABIv2 and so we'll need > > > > changes > > > > in bpf_slow_path_common() and sk_negative_common(). > > > > > > How big would those changes be? Do we know? So, this does need quite a few changes: - the skb helpers need to emit code to setup TOC and the JIT code needs to be updated to setup r12. - the slow path code needs to be changed to store r3 elsewhere on ABIv2 - the above also means we need to change the stack macros with the proper ABIv2 values - the little endian support isn't complete as well -- some of the skb helpers are not using byte swap instructions. As such, I think we should just disable classic JIT on ppc64le. - Naveen
Re: [PATCH] ppc: Fix BPF JIT for ABIv2
On 2016/06/21 11:47AM, Thadeu Lima de Souza Cascardo wrote: > On Tue, Jun 21, 2016 at 09:15:48PM +1000, Michael Ellerman wrote: > > On Tue, 2016-06-21 at 14:28 +0530, Naveen N. Rao wrote: > > > On 2016/06/20 03:56PM, Thadeu Lima de Souza Cascardo wrote: > > > > On Sun, Jun 19, 2016 at 11:19:14PM +0530, Naveen N. Rao wrote: > > > > > On 2016/06/17 10:00AM, Thadeu Lima de Souza Cascardo wrote: > > > > > > > > > > > > Hi, Michael and Naveen. > > > > > > > > > > > > I noticed independently that there is a problem with BPF JIT and > > > > > > ABIv2, and > > > > > > worked out the patch below before I noticed Naveen's patchset and > > > > > > the latest > > > > > > changes in ppc tree for a better way to check for ABI versions. > > > > > > > > > > > > However, since the issue described below affect mainline and stable > > > > > > kernels, > > > > > > would you consider applying it before merging your two patchsets, > > > > > > so that we can > > > > > > more easily backport the fix? > > > > > > > > > > Hi Cascardo, > > > > > Given that this has been broken on ABIv2 since forever, I didn't > > > > > bother > > > > > fixing it. But, I can see why this would be a good thing to have for > > > > > -stable and existing distros. However, while your patch below may fix > > > > > the crash you're seeing on ppc64le, it is not sufficient -- you'll > > > > > need > > > > > changes in bpf_jit_asm.S as well. > > > > > > > > Hi, Naveen. > > > > > > > > Any tips on how to exercise possible issues there? Or what changes you > > > > think > > > > would be sufficient? > > > > > > The calling convention is different with ABIv2 and so we'll need changes > > > in bpf_slow_path_common() and sk_negative_common(). > > > > How big would those changes be? Do we know? I don't think it'd be that much -- I will take a stab at this today. > > > > How come no one reported this was broken previously? This is the first I've > > heard of it being broken. > > > > I just heard of it less than two weeks ago, and only could investigate it last > week, when I realized mainline was also affected. > > It looks like the little-endian support for classic JIT were done before the > conversion to ABIv2. And as JIT is disabled by default, no one seems to have > exercised it. Yes, my thoughts too. I didn't previously think much about this as JIT wouldn't be enabled by default. It's interesting though that no one else reported this as an issue before. > > > > However, rather than enabling classic JIT for ppc64le, are we better off > > > just disabling it? > > > > > > --- a/arch/powerpc/Kconfig > > > +++ b/arch/powerpc/Kconfig > > > @@ -128,7 +128,7 @@ config PPC > > > select IRQ_FORCED_THREADING > > > select HAVE_RCU_TABLE_FREE if SMP > > > select HAVE_SYSCALL_TRACEPOINTS > > > - select HAVE_CBPF_JIT > > > + select HAVE_CBPF_JIT if CPU_BIG_ENDIAN > > > select HAVE_ARCH_JUMP_LABEL > > > select ARCH_HAVE_NMI_SAFE_CMPXCHG > > > select ARCH_HAS_GCOV_PROFILE_ALL > > > > > > > > > Michael, > > > Let me know your thoughts on whether you intend to take this patch or > > > Cascardo's patch for -stable before the eBPF patches. I can redo my > > > patches accordingly. > > > > This patch sounds like the best option at the moment for something we can > > backport. Unless the changes to fix it are minimal. Right -- I will take a look today to see what changes would be needed. - Naveen
Re: [PATCH] ppc: Fix BPF JIT for ABIv2
On Tue, 2016-06-21 at 14:28 +0530, Naveen N. Rao wrote: > On 2016/06/20 03:56PM, Thadeu Lima de Souza Cascardo wrote: > > On Sun, Jun 19, 2016 at 11:19:14PM +0530, Naveen N. Rao wrote: > > > On 2016/06/17 10:00AM, Thadeu Lima de Souza Cascardo wrote: > > > > > > > > Hi, Michael and Naveen. > > > > > > > > I noticed independently that there is a problem with BPF JIT and ABIv2, > > > > and > > > > worked out the patch below before I noticed Naveen's patchset and the > > > > latest > > > > changes in ppc tree for a better way to check for ABI versions. > > > > > > > > However, since the issue described below affect mainline and stable > > > > kernels, > > > > would you consider applying it before merging your two patchsets, so > > > > that we can > > > > more easily backport the fix? > > > > > > Hi Cascardo, > > > Given that this has been broken on ABIv2 since forever, I didn't bother > > > fixing it. But, I can see why this would be a good thing to have for > > > -stable and existing distros. However, while your patch below may fix > > > the crash you're seeing on ppc64le, it is not sufficient -- you'll need > > > changes in bpf_jit_asm.S as well. > > > > Hi, Naveen. > > > > Any tips on how to exercise possible issues there? Or what changes you think > > would be sufficient? > > The calling convention is different with ABIv2 and so we'll need changes > in bpf_slow_path_common() and sk_negative_common(). > > However, rather than enabling classic JIT for ppc64le, are we better off > just disabling it? > > --- a/arch/powerpc/Kconfig > +++ b/arch/powerpc/Kconfig > @@ -128,7 +128,7 @@ config PPC > select IRQ_FORCED_THREADING > select HAVE_RCU_TABLE_FREE if SMP > select HAVE_SYSCALL_TRACEPOINTS > - select HAVE_CBPF_JIT > + select HAVE_CBPF_JIT if CPU_BIG_ENDIAN > select HAVE_ARCH_JUMP_LABEL > select ARCH_HAVE_NMI_SAFE_CMPXCHG > select ARCH_HAS_GCOV_PROFILE_ALL > > > Michael, > Let me know your thoughts on whether you intend to take this patch or > Cascardo's patch for -stable before the eBPF patches. I can redo my > patches accordingly. Can one of you send me a proper version of this patch, with change log and sign-off etc. cheers
Re: [PATCH] ppc: Fix BPF JIT for ABIv2
On Fri, 2016-06-17 at 10:00 -0300, Thadeu Lima de Souza Cascardo wrote:
> From a984dc02b6317a1d3a3c2302385adba5227be5bd Mon Sep 17 00:00:00 2001
> From: Thadeu Lima de Souza Cascardo <casca...@redhat.com>
> Date: Wed, 15 Jun 2016 13:22:12 -0300
> Subject: [PATCH] ppc: Fix BPF JIT for ABIv2
>
> ABIv2 used for ppc64le does not use function descriptors. Without this patch,
> whenever BPF JIT is enabled, we get a crash as below.
>
...
> diff --git a/arch/powerpc/net/bpf_jit.h b/arch/powerpc/net/bpf_jit.h
> index 889fd19..28b89ed 100644
> --- a/arch/powerpc/net/bpf_jit.h
> +++ b/arch/powerpc/net/bpf_jit.h
> @@ -70,7 +70,7 @@ DECLARE_LOAD_FUNC(sk_load_half);
> DECLARE_LOAD_FUNC(sk_load_byte);
> DECLARE_LOAD_FUNC(sk_load_byte_msh);
>
> -#ifdef CONFIG_PPC64
> +#if defined(CONFIG_PPC64) && (!defined(_CALL_ELF) || _CALL_ELF != 2)
> #define FUNCTION_DESCR_SIZE 24
> #else
> #define FUNCTION_DESCR_SIZE 0
> diff --git a/arch/powerpc/net/bpf_jit_comp.c b/arch/powerpc/net/bpf_jit_comp.c
> index 2d66a84..035b887 100644
> --- a/arch/powerpc/net/bpf_jit_comp.c
> +++ b/arch/powerpc/net/bpf_jit_comp.c
> @@ -664,7 +664,7 @@ void bpf_jit_compile(struct bpf_prog *fp)
>
> if (image) {
> bpf_flush_icache(code_base, code_base + (proglen/4));
> -#ifdef CONFIG_PPC64
> +#if defined(CONFIG_PPC64) && (!defined(_CALL_ELF) || _CALL_ELF != 2)
> /* Function descriptor nastiness: Address + TOC */
> ((u64 *)image)[0] = (u64)code_base;
> ((u64 *)image)[1] = local_paca->kernel_toc;
Confirmed that even with this patch we still crash:
# echo 1 > /proc/sys/net/core/bpf_jit_enable
# modprobe test_bpf
BPF filter opcode 0020 (@3) unsupported
BPF filter opcode 0020 (@2) unsupported
BPF filter opcode 0020 (@0) unsupported
Unable to handle kernel paging request for data at address 0xd54f65e8
Faulting instruction address: 0xc08765f8
cpu 0x0: Vector: 300 (Data Access) at [c34f3480]
pc: c08765f8: skb_copy_bits+0x158/0x330
lr: c008fb7c: bpf_slow_path_byte+0x28/0x54
sp: c34f3700
msr: 80010280b033
dar: d54f65e8
dsisr: 4000
current = 0xc001f857d8d0
paca= 0xc7b8 softe: 0irq_happened: 0x01
pid = 2993, comm = modprobe
Linux version 4.7.0-rc3-00055-g9497a1c1c5b4-dirty
(mich...@ka3.ozlabs.ibm.com) () #30 SMP Wed Jun 22 15:06:58 AEST 2016
enter ? for help
[c34f3770] c008fb7c bpf_slow_path_byte+0x28/0x54
[c34f37e0] d7bb004c
[c34f3900] d5331668 test_bpf_init+0x5fc/0x7f8 [test_bpf]
[c34f3a30] c000b628 do_one_initcall+0x68/0x1d0
[c34f3af0] c09beb24 do_init_module+0x90/0x240
[c34f3b80] c01642bc load_module+0x206c/0x22f0
[c34f3d30] c01648b0 SyS_finit_module+0x120/0x180
[c34f3e30] c0009260 system_call+0x38/0x108
--- Exception: c01 (System Call) at 3fff7ffa2db4
cheers
Re: [PATCH] ppc: Fix BPF JIT for ABIv2
On Tue, 2016-06-21 at 08:45 -0700, Alexei Starovoitov wrote: > On 6/21/16 7:47 AM, Thadeu Lima de Souza Cascardo wrote: > > > > > > > > The calling convention is different with ABIv2 and so we'll need changes > > > > in bpf_slow_path_common() and sk_negative_common(). > > > > > > How big would those changes be? Do we know? > > > > > > How come no one reported this was broken previously? This is the first > > > I've > > > heard of it being broken. > > > > > > > I just heard of it less than two weeks ago, and only could investigate it > > last > > week, when I realized mainline was also affected. > > > > It looks like the little-endian support for classic JIT were done before the > > conversion to ABIv2. And as JIT is disabled by default, no one seems to have > > exercised it. > > it's not a surprise unfortunately. The JITs that were written before > test_bpf.ko was developed were missing corner cases. Typical tcpdump > would be fine, but fragmented packets, negative offsets and > out-out-bounds wouldn't be handled correctly. > I'd suggest to validate the stable backport with test_bpf as well. OK thanks. I have been running seltests/net/test_bpf, but I realise now it doesn't enable the JIT. cheers
Re: [PATCH] ppc: Fix BPF JIT for ABIv2
On 6/21/16 7:47 AM, Thadeu Lima de Souza Cascardo wrote: The calling convention is different with ABIv2 and so we'll need changes in bpf_slow_path_common() and sk_negative_common(). How big would those changes be? Do we know? How come no one reported this was broken previously? This is the first I've heard of it being broken. I just heard of it less than two weeks ago, and only could investigate it last week, when I realized mainline was also affected. It looks like the little-endian support for classic JIT were done before the conversion to ABIv2. And as JIT is disabled by default, no one seems to have exercised it. it's not a surprise unfortunately. The JITs that were written before test_bpf.ko was developed were missing corner cases. Typical tcpdump would be fine, but fragmented packets, negative offsets and out-out-bounds wouldn't be handled correctly. I'd suggest to validate the stable backport with test_bpf as well.
Re: [PATCH] ppc: Fix BPF JIT for ABIv2
On Tue, Jun 21, 2016 at 09:15:48PM +1000, Michael Ellerman wrote: > On Tue, 2016-06-21 at 14:28 +0530, Naveen N. Rao wrote: > > On 2016/06/20 03:56PM, Thadeu Lima de Souza Cascardo wrote: > > > On Sun, Jun 19, 2016 at 11:19:14PM +0530, Naveen N. Rao wrote: > > > > On 2016/06/17 10:00AM, Thadeu Lima de Souza Cascardo wrote: > > > > > > > > > > Hi, Michael and Naveen. > > > > > > > > > > I noticed independently that there is a problem with BPF JIT and > > > > > ABIv2, and > > > > > worked out the patch below before I noticed Naveen's patchset and the > > > > > latest > > > > > changes in ppc tree for a better way to check for ABI versions. > > > > > > > > > > However, since the issue described below affect mainline and stable > > > > > kernels, > > > > > would you consider applying it before merging your two patchsets, so > > > > > that we can > > > > > more easily backport the fix? > > > > > > > > Hi Cascardo, > > > > Given that this has been broken on ABIv2 since forever, I didn't bother > > > > fixing it. But, I can see why this would be a good thing to have for > > > > -stable and existing distros. However, while your patch below may fix > > > > the crash you're seeing on ppc64le, it is not sufficient -- you'll need > > > > changes in bpf_jit_asm.S as well. > > > > > > Hi, Naveen. > > > > > > Any tips on how to exercise possible issues there? Or what changes you > > > think > > > would be sufficient? > > > > The calling convention is different with ABIv2 and so we'll need changes > > in bpf_slow_path_common() and sk_negative_common(). > > How big would those changes be? Do we know? > > How come no one reported this was broken previously? This is the first I've > heard of it being broken. > I just heard of it less than two weeks ago, and only could investigate it last week, when I realized mainline was also affected. It looks like the little-endian support for classic JIT were done before the conversion to ABIv2. And as JIT is disabled by default, no one seems to have exercised it. > > However, rather than enabling classic JIT for ppc64le, are we better off > > just disabling it? > > > > --- a/arch/powerpc/Kconfig > > +++ b/arch/powerpc/Kconfig > > @@ -128,7 +128,7 @@ config PPC > > select IRQ_FORCED_THREADING > > select HAVE_RCU_TABLE_FREE if SMP > > select HAVE_SYSCALL_TRACEPOINTS > > - select HAVE_CBPF_JIT > > + select HAVE_CBPF_JIT if CPU_BIG_ENDIAN > > select HAVE_ARCH_JUMP_LABEL > > select ARCH_HAVE_NMI_SAFE_CMPXCHG > > select ARCH_HAS_GCOV_PROFILE_ALL > > > > > > Michael, > > Let me know your thoughts on whether you intend to take this patch or > > Cascardo's patch for -stable before the eBPF patches. I can redo my > > patches accordingly. > > This patch sounds like the best option at the moment for something we can > backport. Unless the changes to fix it are minimal. > > cheers > With my patch only, I can run a minimal tcpdump tcp port 22 with success. It correctly filter packets. But as pointed out, slow paths may not be taken. I don't have strong opinions on what to apply to stable, just that it would be nice to have something for the crash before applying all the nice changes by Naveen. Cascardo.
Re: [PATCH] ppc: Fix BPF JIT for ABIv2
On Tue, 2016-06-21 at 14:28 +0530, Naveen N. Rao wrote: > On 2016/06/20 03:56PM, Thadeu Lima de Souza Cascardo wrote: > > On Sun, Jun 19, 2016 at 11:19:14PM +0530, Naveen N. Rao wrote: > > > On 2016/06/17 10:00AM, Thadeu Lima de Souza Cascardo wrote: > > > > > > > > Hi, Michael and Naveen. > > > > > > > > I noticed independently that there is a problem with BPF JIT and ABIv2, > > > > and > > > > worked out the patch below before I noticed Naveen's patchset and the > > > > latest > > > > changes in ppc tree for a better way to check for ABI versions. > > > > > > > > However, since the issue described below affect mainline and stable > > > > kernels, > > > > would you consider applying it before merging your two patchsets, so > > > > that we can > > > > more easily backport the fix? > > > > > > Hi Cascardo, > > > Given that this has been broken on ABIv2 since forever, I didn't bother > > > fixing it. But, I can see why this would be a good thing to have for > > > -stable and existing distros. However, while your patch below may fix > > > the crash you're seeing on ppc64le, it is not sufficient -- you'll need > > > changes in bpf_jit_asm.S as well. > > > > Hi, Naveen. > > > > Any tips on how to exercise possible issues there? Or what changes you think > > would be sufficient? > > The calling convention is different with ABIv2 and so we'll need changes > in bpf_slow_path_common() and sk_negative_common(). How big would those changes be? Do we know? How come no one reported this was broken previously? This is the first I've heard of it being broken. > However, rather than enabling classic JIT for ppc64le, are we better off > just disabling it? > > --- a/arch/powerpc/Kconfig > +++ b/arch/powerpc/Kconfig > @@ -128,7 +128,7 @@ config PPC > select IRQ_FORCED_THREADING > select HAVE_RCU_TABLE_FREE if SMP > select HAVE_SYSCALL_TRACEPOINTS > - select HAVE_CBPF_JIT > + select HAVE_CBPF_JIT if CPU_BIG_ENDIAN > select HAVE_ARCH_JUMP_LABEL > select ARCH_HAVE_NMI_SAFE_CMPXCHG > select ARCH_HAS_GCOV_PROFILE_ALL > > > Michael, > Let me know your thoughts on whether you intend to take this patch or > Cascardo's patch for -stable before the eBPF patches. I can redo my > patches accordingly. This patch sounds like the best option at the moment for something we can backport. Unless the changes to fix it are minimal. cheers
Re: [PATCH] ppc: Fix BPF JIT for ABIv2
On 2016/06/20 03:56PM, Thadeu Lima de Souza Cascardo wrote: > On Sun, Jun 19, 2016 at 11:19:14PM +0530, Naveen N. Rao wrote: > > On 2016/06/17 10:00AM, Thadeu Lima de Souza Cascardo wrote: > > > > > > Hi, Michael and Naveen. > > > > > > I noticed independently that there is a problem with BPF JIT and ABIv2, > > > and > > > worked out the patch below before I noticed Naveen's patchset and the > > > latest > > > changes in ppc tree for a better way to check for ABI versions. > > > > > > However, since the issue described below affect mainline and stable > > > kernels, > > > would you consider applying it before merging your two patchsets, so that > > > we can > > > more easily backport the fix? > > > > Hi Cascardo, > > Given that this has been broken on ABIv2 since forever, I didn't bother > > fixing it. But, I can see why this would be a good thing to have for > > -stable and existing distros. However, while your patch below may fix > > the crash you're seeing on ppc64le, it is not sufficient -- you'll need > > changes in bpf_jit_asm.S as well. > > Hi, Naveen. > > Any tips on how to exercise possible issues there? Or what changes you think > would be sufficient? The calling convention is different with ABIv2 and so we'll need changes in bpf_slow_path_common() and sk_negative_common(). However, rather than enabling classic JIT for ppc64le, are we better off just disabling it? --- a/arch/powerpc/Kconfig +++ b/arch/powerpc/Kconfig @@ -128,7 +128,7 @@ config PPC select IRQ_FORCED_THREADING select HAVE_RCU_TABLE_FREE if SMP select HAVE_SYSCALL_TRACEPOINTS - select HAVE_CBPF_JIT + select HAVE_CBPF_JIT if CPU_BIG_ENDIAN select HAVE_ARCH_JUMP_LABEL select ARCH_HAVE_NMI_SAFE_CMPXCHG select ARCH_HAS_GCOV_PROFILE_ALL Michael, Let me know your thoughts on whether you intend to take this patch or Cascardo's patch for -stable before the eBPF patches. I can redo my patches accordingly. - Naveen
Re: [PATCH] ppc: Fix BPF JIT for ABIv2
On Sun, Jun 19, 2016 at 11:19:14PM +0530, Naveen N. Rao wrote:
> On 2016/06/17 10:00AM, Thadeu Lima de Souza Cascardo wrote:
> > On Fri, Jun 17, 2016 at 10:53:21PM +1000, Michael Ellerman wrote:
> > > On Tue, 2016-07-06 at 13:32:23 UTC, "Naveen N. Rao" wrote:
> > > > diff --git a/arch/powerpc/net/bpf_jit_comp64.c
> > > > b/arch/powerpc/net/bpf_jit_comp64.c
> > > > new file mode 100644
> > > > index 000..954ff53
> > > > --- /dev/null
> > > > +++ b/arch/powerpc/net/bpf_jit_comp64.c
> > > > @@ -0,0 +1,956 @@
> > > ...
> > > > +
> > > > +static void bpf_jit_fill_ill_insns(void *area, unsigned int size)
> > > > +{
> > > > + int *p = area;
> > > > +
> > > > + /* Fill whole space with trap instructions */
> > > > + while (p < (int *)((char *)area + size))
> > > > + *p++ = BREAKPOINT_INSTRUCTION;
> > > > +}
> > >
> > > This breaks the build for some configs, presumably you're missing a
> > > header:
> > >
> > > arch/powerpc/net/bpf_jit_comp64.c:30:10: error:
> > > 'BREAKPOINT_INSTRUCTION' undeclared (first use in this function)
> > >
> > > http://kisskb.ellerman.id.au/kisskb/buildresult/12720611/
> > >
> > > cheers
> >
> > Hi, Michael and Naveen.
> >
> > I noticed independently that there is a problem with BPF JIT and ABIv2, and
> > worked out the patch below before I noticed Naveen's patchset and the latest
> > changes in ppc tree for a better way to check for ABI versions.
> >
> > However, since the issue described below affect mainline and stable kernels,
> > would you consider applying it before merging your two patchsets, so that
> > we can
> > more easily backport the fix?
>
> Hi Cascardo,
> Given that this has been broken on ABIv2 since forever, I didn't bother
> fixing it. But, I can see why this would be a good thing to have for
> -stable and existing distros. However, while your patch below may fix
> the crash you're seeing on ppc64le, it is not sufficient -- you'll need
> changes in bpf_jit_asm.S as well.
Hi, Naveen.
Any tips on how to exercise possible issues there? Or what changes you think
would be sufficient?
I will see what I can find by myself, but would appreciate any help.
Regards.
Cascardo.
>
> Regards,
> Naveen
>
Re: [PATCH] ppc: Fix BPF JIT for ABIv2
On 2016/06/17 10:00AM, Thadeu Lima de Souza Cascardo wrote:
> On Fri, Jun 17, 2016 at 10:53:21PM +1000, Michael Ellerman wrote:
> > On Tue, 2016-07-06 at 13:32:23 UTC, "Naveen N. Rao" wrote:
> > > diff --git a/arch/powerpc/net/bpf_jit_comp64.c
> > > b/arch/powerpc/net/bpf_jit_comp64.c
> > > new file mode 100644
> > > index 000..954ff53
> > > --- /dev/null
> > > +++ b/arch/powerpc/net/bpf_jit_comp64.c
> > > @@ -0,0 +1,956 @@
> > ...
> > > +
> > > +static void bpf_jit_fill_ill_insns(void *area, unsigned int size)
> > > +{
> > > + int *p = area;
> > > +
> > > + /* Fill whole space with trap instructions */
> > > + while (p < (int *)((char *)area + size))
> > > + *p++ = BREAKPOINT_INSTRUCTION;
> > > +}
> >
> > This breaks the build for some configs, presumably you're missing a header:
> >
> > arch/powerpc/net/bpf_jit_comp64.c:30:10: error: 'BREAKPOINT_INSTRUCTION'
> > undeclared (first use in this function)
> >
> > http://kisskb.ellerman.id.au/kisskb/buildresult/12720611/
> >
> > cheers
>
> Hi, Michael and Naveen.
>
> I noticed independently that there is a problem with BPF JIT and ABIv2, and
> worked out the patch below before I noticed Naveen's patchset and the latest
> changes in ppc tree for a better way to check for ABI versions.
>
> However, since the issue described below affect mainline and stable kernels,
> would you consider applying it before merging your two patchsets, so that we
> can
> more easily backport the fix?
Hi Cascardo,
Given that this has been broken on ABIv2 since forever, I didn't bother
fixing it. But, I can see why this would be a good thing to have for
-stable and existing distros. However, while your patch below may fix
the crash you're seeing on ppc64le, it is not sufficient -- you'll need
changes in bpf_jit_asm.S as well.
Regards,
Naveen
[PATCH] ppc: Fix BPF JIT for ABIv2
On Fri, Jun 17, 2016 at 10:53:21PM +1000, Michael Ellerman wrote:
> On Tue, 2016-07-06 at 13:32:23 UTC, "Naveen N. Rao" wrote:
> > diff --git a/arch/powerpc/net/bpf_jit_comp64.c
> > b/arch/powerpc/net/bpf_jit_comp64.c
> > new file mode 100644
> > index 000..954ff53
> > --- /dev/null
> > +++ b/arch/powerpc/net/bpf_jit_comp64.c
> > @@ -0,0 +1,956 @@
> ...
> > +
> > +static void bpf_jit_fill_ill_insns(void *area, unsigned int size)
> > +{
> > + int *p = area;
> > +
> > + /* Fill whole space with trap instructions */
> > + while (p < (int *)((char *)area + size))
> > + *p++ = BREAKPOINT_INSTRUCTION;
> > +}
>
> This breaks the build for some configs, presumably you're missing a header:
>
> arch/powerpc/net/bpf_jit_comp64.c:30:10: error: 'BREAKPOINT_INSTRUCTION'
> undeclared (first use in this function)
>
> http://kisskb.ellerman.id.au/kisskb/buildresult/12720611/
>
> cheers
Hi, Michael and Naveen.
I noticed independently that there is a problem with BPF JIT and ABIv2, and
worked out the patch below before I noticed Naveen's patchset and the latest
changes in ppc tree for a better way to check for ABI versions.
However, since the issue described below affect mainline and stable kernels,
would you consider applying it before merging your two patchsets, so that we can
more easily backport the fix?
Thanks.
Cascardo.
---
>From a984dc02b6317a1d3a3c2302385adba5227be5bd Mon Sep 17 00:00:00 2001
From: Thadeu Lima de Souza Cascardo <casca...@redhat.com>
Date: Wed, 15 Jun 2016 13:22:12 -0300
Subject: [PATCH] ppc: Fix BPF JIT for ABIv2
ABIv2 used for ppc64le does not use function descriptors. Without this patch,
whenever BPF JIT is enabled, we get a crash as below.
[root@ibm-p8-kvm-05-guest-02 ~]# echo 2 > /proc/sys/net/core/bpf_jit_enable
[root@ibm-p8-kvm-05-guest-02 ~]# tcpdump -n -i eth0 tcp port 22
device eth0 entered promiscuous mode
Pass 1: shrink = 0, seen = 0x0
Pass 2: shrink = 0, seen = 0x0
flen=1 proglen=8 pass=3 image=d5bb9018 from=tcpdump pid=11387
JIT code: : 00 00 60 38 20 00 80 4e
Pass 1: shrink = 0, seen = 0x3
Pass 2: shrink = 0, seen = 0x3
flen=20 proglen=524 pass=3 image=d5bbd018 from=tcpdump pid=11387
JIT code: : a6 02 08 7c 10 00 01 f8 70 ff c1 f9 78 ff e1 f9
JIT code: 0010: e1 fe 21 f8 7c 00 e3 80 78 00 e3 81 50 78 e7 7d
JIT code: 0020: c8 00 c3 e9 00 00 a0 38 00 c0 e0 3c c6 07 e7 78
JIT code: 0030: 08 00 e7 64 54 1b e7 60 a6 03 e8 7c 0c 00 c0 38
JIT code: 0040: 21 00 80 4e b0 01 80 41 00 00 00 60 dd 86 e0 38
JIT code: 0050: 01 00 e7 3c 40 38 04 7c 9c 00 82 40 00 00 00 60
JIT code: 0060: 00 c0 e0 3c c6 07 e7 78 08 00 e7 64 70 1b e7 60
JIT code: 0070: a6 03 e8 7c 14 00 c0 38 21 00 80 4e 78 01 80 41
JIT code: 0080: 00 00 00 60 06 00 04 28 68 01 82 40 00 00 00 60
JIT code: 0090: 00 c0 e0 3c c6 07 e7 78 08 00 e7 64 54 1b e7 60
JIT code: 00a0: a6 03 e8 7c 36 00 c0 38 21 00 80 4e 48 01 80 41
JIT code: 00b0: 00 00 00 60 16 00 04 28 2c 01 82 41 00 00 00 60
JIT code: 00c0: 00 c0 e0 3c c6 07 e7 78 08 00 e7 64 54 1b e7 60
JIT code: 00d0: a6 03 e8 7c 38 00 c0 38 21 00 80 4e 18 01 80 41
JIT code: 00e0: 00 00 00 60 16 00 04 28 fc 00 82 41 00 00 00 60
JIT code: 00f0: 00 01 00 48 00 08 04 28 f8 00 82 40 00 00 00 60
JIT code: 0100: 00 c0 e0 3c c6 07 e7 78 08 00 e7 64 70 1b e7 60
JIT code: 0110: a6 03 e8 7c 17 00 c0 38 21 00 80 4e d8 00 80 41
JIT code: 0120: 00 00 00 60 06 00 04 28 c8 00 82 40 00 00 00 60
JIT code: 0130: 00 c0 e0 3c c6 07 e7 78 08 00 e7 64 54 1b e7 60
JIT code: 0140: a6 03 e8 7c 14 00 c0 38 21 00 80 4e a8 00 80 41
JIT code: 0150: 00 00 00 60 ff 1f 87 70 98 00 82 40 00 00 00 60
JIT code: 0160: 00 c0 e0 3c c6 07 e7 78 08 00 e7 64 88 1b e7 60
JIT code: 0170: a6 03 e8 7c 0e 00 c0 38 21 00 80 4e 78 00 80 41
JIT code: 0180: 00 00 00 60 00 c0 e0 3c c6 07 e7 78 08 00 e7 64
JIT code: 0190: 4c 1b e7 60 a6 03 e8 7c 0e 00 c5 38 21 00 80 4e
JIT code: 01a0: 54 00 80 41 00 00 00 60 16 00 04 28 38 00 82 41
JIT code: 01b0: 00 00 00 60 00 c0 e0 3c c6 07 e7 78 08 00 e7 64
JIT code: 01c0: 4c 1b e7 60 a6 03 e8 7c 10 00 c5 38 21 00 80 4e
JIT code: 01d0: 24 00 80 41 00 00 00 60 16 00 04 28 14 00 82 40
JIT code: 01e0: 00 00 00 60 ff ff 60 38 01 00 63 3c 08 00 00 48
JIT code: 01f0: 00 00 60 38 20 01 21 38 10 00 01 e8 a6 03 08 7c
JIT code: 0200: 70 ff c1 e9 78 ff e1 e9 20 00 80 4e
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
Oops: Exception in kernel mode, sig: 4 [#1]
SMP NR_CPUS=32 NUMA pSeries
Modules linked in: virtio_balloon nfsd ip_tables x_tables autofs4 xfs libcrc32c
virtio_console virtio_net virtio_pci virtio_ring virtio
CPU: 1 PID: 0 Comm: swapper/1 No
