[PATCH openEuler-1.0-LTS 04/14] Revert "x86_64: bpf: implement jitting of JMP32"

28 Sep 2021

From: He Fengqing hefengqing@huawei.com
hulk inclusion
category: bugfix
bugzilla: NA
CVE: CVE-2021-3444
-------------------------------------------------
This reverts commit 2a8fdb1525ec3038c6e5bc6644ae61880f95a527.
Signed-off-by: He Fengqing hefengqing@huawei.com
Reviewed-by: Kuohai Xu xukuohai@huawei.com
Signed-off-by: Yang Yingliang yangyingliang@huawei.com
---
 arch/x86/net/bpf_jit_comp.c | 46 +++++--------------------------------
 1 file changed, 6 insertions(+), 40 deletions(-)

diff --git a/arch/x86/net/bpf_jit_comp.c b/arch/x86/net/bpf_jit_comp.c
index f33ecbbf647b6..658869ac2e55e 100644
--- a/arch/x86/net/bpf_jit_comp.c
+++ b/arch/x86/net/bpf_jit_comp.c
@@ -861,41 +861,20 @@ xadd:			if (is_imm8(insn->off))
    	case BPF_JMP | BPF_JSLT | BPF_X:
    	case BPF_JMP | BPF_JSGE | BPF_X:
    	case BPF_JMP | BPF_JSLE | BPF_X:
-		case BPF_JMP32 | BPF_JEQ | BPF_X:
-		case BPF_JMP32 | BPF_JNE | BPF_X:
-		case BPF_JMP32 | BPF_JGT | BPF_X:
-		case BPF_JMP32 | BPF_JLT | BPF_X:
-		case BPF_JMP32 | BPF_JGE | BPF_X:
-		case BPF_JMP32 | BPF_JLE | BPF_X:
-		case BPF_JMP32 | BPF_JSGT | BPF_X:
-		case BPF_JMP32 | BPF_JSLT | BPF_X:
-		case BPF_JMP32 | BPF_JSGE | BPF_X:
-		case BPF_JMP32 | BPF_JSLE | BPF_X:
    		/* cmp dst_reg, src_reg */
-			if (BPF_CLASS(insn->code) == BPF_JMP)
-				EMIT1(add_2mod(0x48, dst_reg, src_reg));
-			else if (is_ereg(dst_reg) || is_ereg(src_reg))
-				EMIT1(add_2mod(0x40, dst_reg, src_reg));
-			EMIT2(0x39, add_2reg(0xC0, dst_reg, src_reg));
+			EMIT3(add_2mod(0x48, dst_reg, src_reg), 0x39,
+			      add_2reg(0xC0, dst_reg, src_reg));
    		goto emit_cond_jmp;
case BPF_JMP | BPF_JSET | BPF_X:
-		case BPF_JMP32 | BPF_JSET | BPF_X:
    		/* test dst_reg, src_reg */
-			if (BPF_CLASS(insn->code) == BPF_JMP)
-				EMIT1(add_2mod(0x48, dst_reg, src_reg));
-			else if (is_ereg(dst_reg) || is_ereg(src_reg))
-				EMIT1(add_2mod(0x40, dst_reg, src_reg));
-			EMIT2(0x85, add_2reg(0xC0, dst_reg, src_reg));
+			EMIT3(add_2mod(0x48, dst_reg, src_reg), 0x85,
+			      add_2reg(0xC0, dst_reg, src_reg));
    		goto emit_cond_jmp;
case BPF_JMP | BPF_JSET | BPF_K:
-		case BPF_JMP32 | BPF_JSET | BPF_K:
    		/* test dst_reg, imm32 */
-			if (BPF_CLASS(insn->code) == BPF_JMP)
-				EMIT1(add_1mod(0x48, dst_reg));
-			else if (is_ereg(dst_reg))
-				EMIT1(add_1mod(0x40, dst_reg));
+			EMIT1(add_1mod(0x48, dst_reg));
    		EMIT2_off32(0xF7, add_1reg(0xC0, dst_reg), imm32);
    		goto emit_cond_jmp;
@@ -909,21 +888,8 @@ xadd:			if (is_imm8(insn->off))
    	case BPF_JMP | BPF_JSLT | BPF_K:
    	case BPF_JMP | BPF_JSGE | BPF_K:
    	case BPF_JMP | BPF_JSLE | BPF_K:
-		case BPF_JMP32 | BPF_JEQ | BPF_K:
-		case BPF_JMP32 | BPF_JNE | BPF_K:
-		case BPF_JMP32 | BPF_JGT | BPF_K:
-		case BPF_JMP32 | BPF_JLT | BPF_K:
-		case BPF_JMP32 | BPF_JGE | BPF_K:
-		case BPF_JMP32 | BPF_JLE | BPF_K:
-		case BPF_JMP32 | BPF_JSGT | BPF_K:
-		case BPF_JMP32 | BPF_JSLT | BPF_K:
-		case BPF_JMP32 | BPF_JSGE | BPF_K:
-		case BPF_JMP32 | BPF_JSLE | BPF_K:
    		/* cmp dst_reg, imm8/32 */
-			if (BPF_CLASS(insn->code) == BPF_JMP)
-				EMIT1(add_1mod(0x48, dst_reg));
-			else if (is_ereg(dst_reg))
-				EMIT1(add_1mod(0x40, dst_reg));
+			EMIT1(add_1mod(0x48, dst_reg));
if (is_imm8(imm32))
    			EMIT3(0x83, add_1reg(0xF8, dst_reg), imm32);
-- 
2.25.1

    

2024

2023

2022

2021

2020

2019

[PATCH openEuler-1.0-LTS 04/14] Revert "x86_64: bpf: implement jitting of JMP32"