]> git.ipfire.org Git - thirdparty/openwrt.git/blob
projects / thirdparty / openwrt.git / blob
? search:


9943f84a9047c33fa1c93012692d68afe7d3ccf8
[thirdparty/openwrt.git] /
1 From: KaFai Wan <kafai.wan@linux.dev>
2 Date: Tue, 9 Sep 2025 22:46:14 +0800
3 Subject: [PATCH] bpf: Allow fall back to interpreter for programs with stack
4 size <= 512
5
6 OpenWRT users reported regression on ARMv6 devices after updating to latest
7 HEAD, where tcpdump filter:
8
9 tcpdump "not ether host 3c37121a2b3c and not ether host 184ecbca2a3a \
10 and not ether host 14130b4d3f47 and not ether host f0f61cf440b7 \
11 and not ether host a84b4dedf471 and not ether host d022be17e1d7 \
12 and not ether host 5c497967208b and not ether host 706655784d5b"
13
14 fails with warning: "Kernel filter failed: No error information"
15 when using config:
16 # CONFIG_BPF_JIT_ALWAYS_ON is not set
17 CONFIG_BPF_JIT_DEFAULT_ON=y
18
19 The issue arises because commits:
20 1. "bpf: Fix array bounds error with may_goto" changed default runtime to
21 __bpf_prog_ret0_warn when jit_requested = 1
22 2. "bpf: Avoid __bpf_prog_ret0_warn when jit fails" returns error when
23 jit_requested = 1 but jit fails
24
25 This change restores interpreter fallback capability for BPF programs with
26 stack size <= 512 bytes when jit fails.
27
28 Reported-by: Felix Fietkau <nbd@nbd.name>
29 Closes: https://lore.kernel.org/bpf/2e267b4b-0540-45d8-9310-e127bf95fc63@nbd.name/
30 Fixes: 6ebc5030e0c5 ("bpf: Fix array bounds error with may_goto")
31 Signed-off-by: KaFai Wan <kafai.wan@linux.dev>
32 Acked-by: Eduard Zingerman <eddyz87@gmail.com>
33 Link: https://lore.kernel.org/r/20250909144614.2991253-1-kafai.wan@linux.dev
34 Signed-off-by: Alexei Starovoitov <ast@kernel.org>
35 ---
36
37 --- a/kernel/bpf/core.c
38 +++ b/kernel/bpf/core.c
39 @@ -2299,8 +2299,7 @@ static unsigned int __bpf_prog_ret0_warn
40 const struct bpf_insn *insn)
41 {
42 /* If this handler ever gets executed, then BPF_JIT_ALWAYS_ON
43 - * is not working properly, or interpreter is being used when
44 - * prog->jit_requested is not 0, so warn about it!
45 + * is not working properly, so warn about it!
46 */
47 WARN_ON_ONCE(1);
48 return 0;
49 @@ -2385,8 +2384,9 @@ out:
50 return ret;
51 }
52
53 -static void bpf_prog_select_func(struct bpf_prog *fp)
54 +static bool bpf_prog_select_interpreter(struct bpf_prog *fp)
55 {
56 + bool select_interpreter = false;
57 #ifndef CONFIG_BPF_JIT_ALWAYS_ON
58 u32 stack_depth = max_t(u32, fp->aux->stack_depth, 1);
59 u32 idx = (round_up(stack_depth, 32) / 32) - 1;
60 @@ -2395,15 +2395,16 @@ static void bpf_prog_select_func(struct
61 * But for non-JITed programs, we don't need bpf_func, so no bounds
62 * check needed.
63 */
64 - if (!fp->jit_requested &&
65 - !WARN_ON_ONCE(idx >= ARRAY_SIZE(interpreters))) {
66 + if (idx < ARRAY_SIZE(interpreters)) {
67 fp->bpf_func = interpreters[idx];
68 + select_interpreter = true;
69 } else {
70 fp->bpf_func = __bpf_prog_ret0_warn;
71 }
72 #else
73 fp->bpf_func = __bpf_prog_ret0_warn;
74 #endif
75 + return select_interpreter;
76 }
77
78 /**
79 @@ -2422,7 +2423,7 @@ struct bpf_prog *bpf_prog_select_runtime
80 /* In case of BPF to BPF calls, verifier did all the prep
81 * work with regards to JITing, etc.
82 */
83 - bool jit_needed = fp->jit_requested;
84 + bool jit_needed = false;
85
86 if (fp->bpf_func)
87 goto finalize;
88 @@ -2431,7 +2432,8 @@ struct bpf_prog *bpf_prog_select_runtime
89 bpf_prog_has_kfunc_call(fp))
90 jit_needed = true;
91
92 - bpf_prog_select_func(fp);
93 + if (!bpf_prog_select_interpreter(fp))
94 + jit_needed = true;
95
96 /* eBPF JITs can rewrite the program in case constant
97 * blinding is active. However, in case of error during
Mirror of https://github.com/openwrt/openwrt.git