From 0442af8bfb8887efe99cfa88534c7e9ae65fc5d7 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Thu, 4 Jul 2024 09:29:46 +0200 Subject: [PATCH] 6.6-stable patches added patches: powerpc-bpf-rename-powerpc64_jit_data-to-powerpc_jit_data.patch powerpc-bpf-use-bpf_jit_binary_pack_.patch --- ...from-set_memory_rox-into-account-wit.patch | 55 +-- ...werpc64_jit_data-to-powerpc_jit_data.patch | 41 ++ ...powerpc-bpf-use-bpf_jit_binary_pack_.patch | 388 ++++++++++++++++++ queue-6.6/series | 3 +- ...numa_no_node-when-calling-memblock_s.patch | 58 --- 5 files changed, 449 insertions(+), 96 deletions(-) create mode 100644 queue-6.6/powerpc-bpf-rename-powerpc64_jit_data-to-powerpc_jit_data.patch create mode 100644 queue-6.6/powerpc-bpf-use-bpf_jit_binary_pack_.patch delete mode 100644 queue-6.6/x86-mm-numa-use-numa_no_node-when-calling-memblock_s.patch diff --git a/queue-6.6/bpf-take-return-from-set_memory_rox-into-account-wit.patch b/queue-6.6/bpf-take-return-from-set_memory_rox-into-account-wit.patch index 55b886724f3..df153d14960 100644 --- a/queue-6.6/bpf-take-return-from-set_memory_rox-into-account-wit.patch +++ b/queue-6.6/bpf-take-return-from-set_memory_rox-into-account-wit.patch @@ -25,21 +25,19 @@ Message-ID: <036b6393f23a2032ce75a1c92220b2afcb798d5d.1709850515.git.christophe. Signed-off-by: Alexei Starovoitov Signed-off-by: Sasha Levin --- - arch/arm/net/bpf_jit_32.c | 25 ++++++++++++------------- - arch/loongarch/net/bpf_jit.c | 22 ++++++++++++++++------ - arch/mips/net/bpf_jit_comp.c | 3 ++- - arch/parisc/net/bpf_jit_core.c | 8 +++++++- - arch/s390/net/bpf_jit_comp.c | 6 +++++- - arch/sparc/net/bpf_jit_comp_64.c | 6 +++++- - arch/x86/net/bpf_jit_comp32.c | 3 +-- - include/linux/filter.h | 5 +++-- + arch/arm/net/bpf_jit_32.c | 25 ++++++++++++------------- + arch/loongarch/net/bpf_jit.c | 22 ++++++++++++++++------ + arch/mips/net/bpf_jit_comp.c | 3 ++- + arch/parisc/net/bpf_jit_core.c | 8 +++++++- + arch/s390/net/bpf_jit_comp.c | 6 +++++- + arch/sparc/net/bpf_jit_comp_64.c | 6 +++++- + arch/x86/net/bpf_jit_comp32.c | 3 +-- + include/linux/filter.h | 5 +++-- 8 files changed, 51 insertions(+), 27 deletions(-) -diff --git a/arch/arm/net/bpf_jit_32.c b/arch/arm/net/bpf_jit_32.c -index 6a1c9fca5260b..ac8e4d9bf9544 100644 --- a/arch/arm/net/bpf_jit_32.c +++ b/arch/arm/net/bpf_jit_32.c -@@ -1982,28 +1982,21 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *prog) +@@ -1982,28 +1982,21 @@ struct bpf_prog *bpf_int_jit_compile(str /* If building the body of the JITed code fails somehow, * we fall back to the interpretation. */ @@ -74,7 +72,7 @@ index 6a1c9fca5260b..ac8e4d9bf9544 100644 prog->bpf_func = (void *)ctx.target; prog->jited = 1; prog->jited_len = image_size; -@@ -2020,5 +2013,11 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *prog) +@@ -2020,5 +2013,11 @@ out: bpf_jit_prog_release_other(prog, prog == orig_prog ? tmp : orig_prog); return prog; @@ -86,11 +84,9 @@ index 6a1c9fca5260b..ac8e4d9bf9544 100644 + goto out_imms; } -diff --git a/arch/loongarch/net/bpf_jit.c b/arch/loongarch/net/bpf_jit.c -index 9eb7753d117df..13cd480385ca8 100644 --- a/arch/loongarch/net/bpf_jit.c +++ b/arch/loongarch/net/bpf_jit.c -@@ -1206,16 +1206,19 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *prog) +@@ -1206,16 +1206,19 @@ skip_init_ctx: flush_icache_range((unsigned long)header, (unsigned long)(ctx.image + ctx.idx)); if (!prog->is_func || extra_pass) { @@ -116,7 +112,7 @@ index 9eb7753d117df..13cd480385ca8 100644 } else { jit_data->ctx = ctx; jit_data->image = image_ptr; -@@ -1246,6 +1249,13 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *prog) +@@ -1246,6 +1249,13 @@ out: out_offset = -1; return prog; @@ -130,11 +126,9 @@ index 9eb7753d117df..13cd480385ca8 100644 } /* Indicate the JIT backend supports mixing bpf2bpf and tailcalls. */ -diff --git a/arch/mips/net/bpf_jit_comp.c b/arch/mips/net/bpf_jit_comp.c -index a40d926b65139..e355dfca44008 100644 --- a/arch/mips/net/bpf_jit_comp.c +++ b/arch/mips/net/bpf_jit_comp.c -@@ -1012,7 +1012,8 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *prog) +@@ -1012,7 +1012,8 @@ struct bpf_prog *bpf_int_jit_compile(str bpf_prog_fill_jited_linfo(prog, &ctx.descriptors[1]); /* Set as read-only exec and flush instruction cache */ @@ -144,11 +138,9 @@ index a40d926b65139..e355dfca44008 100644 flush_icache_range((unsigned long)header, (unsigned long)&ctx.target[ctx.jit_index]); -diff --git a/arch/parisc/net/bpf_jit_core.c b/arch/parisc/net/bpf_jit_core.c -index d6ee2fd455503..979f45d4d1fbe 100644 --- a/arch/parisc/net/bpf_jit_core.c +++ b/arch/parisc/net/bpf_jit_core.c -@@ -167,7 +167,13 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *prog) +@@ -167,7 +167,13 @@ skip_init_ctx: bpf_flush_icache(jit_data->header, ctx->insns + ctx->ninsns); if (!prog->is_func || extra_pass) { @@ -163,11 +155,9 @@ index d6ee2fd455503..979f45d4d1fbe 100644 prologue_len = ctx->epilogue_offset - ctx->body_len; for (i = 0; i < prog->len; i++) ctx->offset[i] += prologue_len; -diff --git a/arch/s390/net/bpf_jit_comp.c b/arch/s390/net/bpf_jit_comp.c -index 62ee557d4b499..05746e22fe79c 100644 --- a/arch/s390/net/bpf_jit_comp.c +++ b/arch/s390/net/bpf_jit_comp.c -@@ -1973,7 +1973,11 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *fp) +@@ -1973,7 +1973,11 @@ skip_init_ctx: print_fn_code(jit.prg_buf, jit.size_prg); } if (!fp->is_func || extra_pass) { @@ -180,11 +170,9 @@ index 62ee557d4b499..05746e22fe79c 100644 } else { jit_data->header = header; jit_data->ctx = jit; -diff --git a/arch/sparc/net/bpf_jit_comp_64.c b/arch/sparc/net/bpf_jit_comp_64.c -index fa0759bfe498e..73bf0aea8baf1 100644 --- a/arch/sparc/net/bpf_jit_comp_64.c +++ b/arch/sparc/net/bpf_jit_comp_64.c -@@ -1602,7 +1602,11 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *prog) +@@ -1602,7 +1602,11 @@ skip_init_ctx: bpf_flush_icache(header, (u8 *)header + header->size); if (!prog->is_func || extra_pass) { @@ -197,11 +185,9 @@ index fa0759bfe498e..73bf0aea8baf1 100644 } else { jit_data->ctx = ctx; jit_data->image = image_ptr; -diff --git a/arch/x86/net/bpf_jit_comp32.c b/arch/x86/net/bpf_jit_comp32.c -index 429a89c5468b5..f2fc8c38629b5 100644 --- a/arch/x86/net/bpf_jit_comp32.c +++ b/arch/x86/net/bpf_jit_comp32.c -@@ -2600,8 +2600,7 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *prog) +@@ -2600,8 +2600,7 @@ out_image: if (bpf_jit_enable > 1) bpf_jit_dump(prog->len, proglen, pass + 1, image); @@ -211,11 +197,9 @@ index 429a89c5468b5..f2fc8c38629b5 100644 prog->bpf_func = (void *)image; prog->jited = 1; prog->jited_len = proglen; -diff --git a/include/linux/filter.h b/include/linux/filter.h -index 5a2800ec94ea6..a74d97114a542 100644 --- a/include/linux/filter.h +++ b/include/linux/filter.h -@@ -853,10 +853,11 @@ static inline int __must_check bpf_prog_lock_ro(struct bpf_prog *fp) +@@ -853,10 +853,11 @@ static inline int __must_check bpf_prog_ return 0; } @@ -229,6 +213,3 @@ index 5a2800ec94ea6..a74d97114a542 100644 } int sk_filter_trim_cap(struct sock *sk, struct sk_buff *skb, unsigned int cap); --- -2.43.0 - diff --git a/queue-6.6/powerpc-bpf-rename-powerpc64_jit_data-to-powerpc_jit_data.patch b/queue-6.6/powerpc-bpf-rename-powerpc64_jit_data-to-powerpc_jit_data.patch new file mode 100644 index 00000000000..20e799f50e6 --- /dev/null +++ b/queue-6.6/powerpc-bpf-rename-powerpc64_jit_data-to-powerpc_jit_data.patch @@ -0,0 +1,41 @@ +From de04e40600ae15fa5e484be242e74aad6de7418f Mon Sep 17 00:00:00 2001 +From: Hari Bathini +Date: Fri, 20 Oct 2023 19:43:57 +0530 +Subject: powerpc/bpf: rename powerpc64_jit_data to powerpc_jit_data + +From: Hari Bathini + +commit de04e40600ae15fa5e484be242e74aad6de7418f upstream. + +powerpc64_jit_data is a misnomer as it is meant for both ppc32 and +ppc64. Rename it to powerpc_jit_data. + +Signed-off-by: Hari Bathini +Acked-by: Song Liu +Signed-off-by: Michael Ellerman +Link: https://msgid.link/20231020141358.643575-5-hbathini@linux.ibm.com +Signed-off-by: Greg Kroah-Hartman +--- + arch/powerpc/net/bpf_jit_comp.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +--- a/arch/powerpc/net/bpf_jit_comp.c ++++ b/arch/powerpc/net/bpf_jit_comp.c +@@ -39,7 +39,7 @@ int bpf_jit_emit_exit_insn(u32 *image, s + return 0; + } + +-struct powerpc64_jit_data { ++struct powerpc_jit_data { + struct bpf_binary_header *header; + u32 *addrs; + u8 *image; +@@ -59,7 +59,7 @@ struct bpf_prog *bpf_int_jit_compile(str + u8 *image = NULL; + u32 *code_base; + u32 *addrs; +- struct powerpc64_jit_data *jit_data; ++ struct powerpc_jit_data *jit_data; + struct codegen_context cgctx; + int pass; + int flen; diff --git a/queue-6.6/powerpc-bpf-use-bpf_jit_binary_pack_.patch b/queue-6.6/powerpc-bpf-use-bpf_jit_binary_pack_.patch new file mode 100644 index 00000000000..26fe098d9d9 --- /dev/null +++ b/queue-6.6/powerpc-bpf-use-bpf_jit_binary_pack_.patch @@ -0,0 +1,388 @@ +From 90d862f370b6e9de1b5d607843c5a2f9823990f3 Mon Sep 17 00:00:00 2001 +From: Hari Bathini +Date: Fri, 20 Oct 2023 19:43:58 +0530 +Subject: powerpc/bpf: use bpf_jit_binary_pack_[alloc|finalize|free] + +From: Hari Bathini + +commit 90d862f370b6e9de1b5d607843c5a2f9823990f3 upstream. + +Use bpf_jit_binary_pack_alloc in powerpc jit. The jit engine first +writes the program to the rw buffer. When the jit is done, the program +is copied to the final location with bpf_jit_binary_pack_finalize. +With multiple jit_subprogs, bpf_jit_free is called on some subprograms +that haven't got bpf_jit_binary_pack_finalize() yet. Implement custom +bpf_jit_free() like in commit 1d5f82d9dd47 ("bpf, x86: fix freeing of +not-finalized bpf_prog_pack") to call bpf_jit_binary_pack_finalize(), +if necessary. As bpf_flush_icache() is not needed anymore, remove it. + +Signed-off-by: Hari Bathini +Acked-by: Song Liu +Signed-off-by: Michael Ellerman +Link: https://msgid.link/20231020141358.643575-6-hbathini@linux.ibm.com +Signed-off-by: Greg Kroah-Hartman +--- + arch/powerpc/net/bpf_jit.h | 18 +----- + arch/powerpc/net/bpf_jit_comp.c | 106 ++++++++++++++++++++++++++++---------- + arch/powerpc/net/bpf_jit_comp32.c | 13 ++-- + arch/powerpc/net/bpf_jit_comp64.c | 10 +-- + 4 files changed, 96 insertions(+), 51 deletions(-) + +--- a/arch/powerpc/net/bpf_jit.h ++++ b/arch/powerpc/net/bpf_jit.h +@@ -36,9 +36,6 @@ + EMIT(PPC_RAW_BRANCH(offset)); \ + } while (0) + +-/* bl (unconditional 'branch' with link) */ +-#define PPC_BL(dest) EMIT(PPC_RAW_BL((dest) - (unsigned long)(image + ctx->idx))) +- + /* "cond" here covers BO:BI fields. */ + #define PPC_BCC_SHORT(cond, dest) \ + do { \ +@@ -147,12 +144,6 @@ struct codegen_context { + #define BPF_FIXUP_LEN 2 /* Two instructions => 8 bytes */ + #endif + +-static inline void bpf_flush_icache(void *start, void *end) +-{ +- smp_wmb(); /* smp write barrier */ +- flush_icache_range((unsigned long)start, (unsigned long)end); +-} +- + static inline bool bpf_is_seen_register(struct codegen_context *ctx, int i) + { + return ctx->seen & (1 << (31 - i)); +@@ -169,16 +160,17 @@ static inline void bpf_clear_seen_regist + } + + void bpf_jit_init_reg_mapping(struct codegen_context *ctx); +-int bpf_jit_emit_func_call_rel(u32 *image, struct codegen_context *ctx, u64 func); +-int bpf_jit_build_body(struct bpf_prog *fp, u32 *image, struct codegen_context *ctx, ++int bpf_jit_emit_func_call_rel(u32 *image, u32 *fimage, struct codegen_context *ctx, u64 func); ++int bpf_jit_build_body(struct bpf_prog *fp, u32 *image, u32 *fimage, struct codegen_context *ctx, + u32 *addrs, int pass, bool extra_pass); + void bpf_jit_build_prologue(u32 *image, struct codegen_context *ctx); + void bpf_jit_build_epilogue(u32 *image, struct codegen_context *ctx); + void bpf_jit_realloc_regs(struct codegen_context *ctx); + int bpf_jit_emit_exit_insn(u32 *image, struct codegen_context *ctx, int tmp_reg, long exit_addr); + +-int bpf_add_extable_entry(struct bpf_prog *fp, u32 *image, int pass, struct codegen_context *ctx, +- int insn_idx, int jmp_off, int dst_reg); ++int bpf_add_extable_entry(struct bpf_prog *fp, u32 *image, u32 *fimage, int pass, ++ struct codegen_context *ctx, int insn_idx, ++ int jmp_off, int dst_reg); + + #endif + +--- a/arch/powerpc/net/bpf_jit_comp.c ++++ b/arch/powerpc/net/bpf_jit_comp.c +@@ -40,9 +40,12 @@ int bpf_jit_emit_exit_insn(u32 *image, s + } + + struct powerpc_jit_data { +- struct bpf_binary_header *header; ++ /* address of rw header */ ++ struct bpf_binary_header *hdr; ++ /* address of ro final header */ ++ struct bpf_binary_header *fhdr; + u32 *addrs; +- u8 *image; ++ u8 *fimage; + u32 proglen; + struct codegen_context ctx; + }; +@@ -63,11 +66,14 @@ struct bpf_prog *bpf_int_jit_compile(str + struct codegen_context cgctx; + int pass; + int flen; +- struct bpf_binary_header *bpf_hdr; ++ struct bpf_binary_header *fhdr = NULL; ++ struct bpf_binary_header *hdr = NULL; + struct bpf_prog *org_fp = fp; + struct bpf_prog *tmp_fp; + bool bpf_blinded = false; + bool extra_pass = false; ++ u8 *fimage = NULL; ++ u32 *fcode_base; + u32 extable_len; + u32 fixup_len; + +@@ -97,9 +103,16 @@ struct bpf_prog *bpf_int_jit_compile(str + addrs = jit_data->addrs; + if (addrs) { + cgctx = jit_data->ctx; +- image = jit_data->image; +- bpf_hdr = jit_data->header; ++ /* ++ * JIT compiled to a writable location (image/code_base) first. ++ * It is then moved to the readonly final location (fimage/fcode_base) ++ * using instruction patching. ++ */ ++ fimage = jit_data->fimage; ++ fhdr = jit_data->fhdr; + proglen = jit_data->proglen; ++ hdr = jit_data->hdr; ++ image = (void *)hdr + ((void *)fimage - (void *)fhdr); + extra_pass = true; + /* During extra pass, ensure index is reset before repopulating extable entries */ + cgctx.exentry_idx = 0; +@@ -119,7 +132,7 @@ struct bpf_prog *bpf_int_jit_compile(str + cgctx.stack_size = round_up(fp->aux->stack_depth, 16); + + /* Scouting faux-generate pass 0 */ +- if (bpf_jit_build_body(fp, 0, &cgctx, addrs, 0, false)) { ++ if (bpf_jit_build_body(fp, NULL, NULL, &cgctx, addrs, 0, false)) { + /* We hit something illegal or unsupported. */ + fp = org_fp; + goto out_addrs; +@@ -134,7 +147,7 @@ struct bpf_prog *bpf_int_jit_compile(str + */ + if (cgctx.seen & SEEN_TAILCALL || !is_offset_in_branch_range((long)cgctx.idx * 4)) { + cgctx.idx = 0; +- if (bpf_jit_build_body(fp, 0, &cgctx, addrs, 0, false)) { ++ if (bpf_jit_build_body(fp, NULL, NULL, &cgctx, addrs, 0, false)) { + fp = org_fp; + goto out_addrs; + } +@@ -156,17 +169,19 @@ struct bpf_prog *bpf_int_jit_compile(str + proglen = cgctx.idx * 4; + alloclen = proglen + FUNCTION_DESCR_SIZE + fixup_len + extable_len; + +- bpf_hdr = bpf_jit_binary_alloc(alloclen, &image, 4, bpf_jit_fill_ill_insns); +- if (!bpf_hdr) { ++ fhdr = bpf_jit_binary_pack_alloc(alloclen, &fimage, 4, &hdr, &image, ++ bpf_jit_fill_ill_insns); ++ if (!fhdr) { + fp = org_fp; + goto out_addrs; + } + + if (extable_len) +- fp->aux->extable = (void *)image + FUNCTION_DESCR_SIZE + proglen + fixup_len; ++ fp->aux->extable = (void *)fimage + FUNCTION_DESCR_SIZE + proglen + fixup_len; + + skip_init_ctx: + code_base = (u32 *)(image + FUNCTION_DESCR_SIZE); ++ fcode_base = (u32 *)(fimage + FUNCTION_DESCR_SIZE); + + /* Code generation passes 1-2 */ + for (pass = 1; pass < 3; pass++) { +@@ -174,8 +189,10 @@ skip_init_ctx: + cgctx.idx = 0; + cgctx.alt_exit_addr = 0; + bpf_jit_build_prologue(code_base, &cgctx); +- if (bpf_jit_build_body(fp, code_base, &cgctx, addrs, pass, extra_pass)) { +- bpf_jit_binary_free(bpf_hdr); ++ if (bpf_jit_build_body(fp, code_base, fcode_base, &cgctx, addrs, pass, ++ extra_pass)) { ++ bpf_arch_text_copy(&fhdr->size, &hdr->size, sizeof(hdr->size)); ++ bpf_jit_binary_pack_free(fhdr, hdr); + fp = org_fp; + goto out_addrs; + } +@@ -195,17 +212,19 @@ skip_init_ctx: + + #ifdef CONFIG_PPC64_ELF_ABI_V1 + /* Function descriptor nastiness: Address + TOC */ +- ((u64 *)image)[0] = (u64)code_base; ++ ((u64 *)image)[0] = (u64)fcode_base; + ((u64 *)image)[1] = local_paca->kernel_toc; + #endif + +- fp->bpf_func = (void *)image; ++ fp->bpf_func = (void *)fimage; + fp->jited = 1; + fp->jited_len = proglen + FUNCTION_DESCR_SIZE; + +- bpf_flush_icache(bpf_hdr, (u8 *)bpf_hdr + bpf_hdr->size); + if (!fp->is_func || extra_pass) { +- bpf_jit_binary_lock_ro(bpf_hdr); ++ if (bpf_jit_binary_pack_finalize(fp, fhdr, hdr)) { ++ fp = org_fp; ++ goto out_addrs; ++ } + bpf_prog_fill_jited_linfo(fp, addrs); + out_addrs: + kfree(addrs); +@@ -215,8 +234,9 @@ out_addrs: + jit_data->addrs = addrs; + jit_data->ctx = cgctx; + jit_data->proglen = proglen; +- jit_data->image = image; +- jit_data->header = bpf_hdr; ++ jit_data->fimage = fimage; ++ jit_data->fhdr = fhdr; ++ jit_data->hdr = hdr; + } + + out: +@@ -230,12 +250,13 @@ out: + * The caller should check for (BPF_MODE(code) == BPF_PROBE_MEM) before calling + * this function, as this only applies to BPF_PROBE_MEM, for now. + */ +-int bpf_add_extable_entry(struct bpf_prog *fp, u32 *image, int pass, struct codegen_context *ctx, +- int insn_idx, int jmp_off, int dst_reg) ++int bpf_add_extable_entry(struct bpf_prog *fp, u32 *image, u32 *fimage, int pass, ++ struct codegen_context *ctx, int insn_idx, int jmp_off, ++ int dst_reg) + { + off_t offset; + unsigned long pc; +- struct exception_table_entry *ex; ++ struct exception_table_entry *ex, *ex_entry; + u32 *fixup; + + /* Populate extable entries only in the last pass */ +@@ -246,9 +267,16 @@ int bpf_add_extable_entry(struct bpf_pro + WARN_ON_ONCE(ctx->exentry_idx >= fp->aux->num_exentries)) + return -EINVAL; + ++ /* ++ * Program is first written to image before copying to the ++ * final location (fimage). Accordingly, update in the image first. ++ * As all offsets used are relative, copying as is to the ++ * final location should be alright. ++ */ + pc = (unsigned long)&image[insn_idx]; ++ ex = (void *)fp->aux->extable - (void *)fimage + (void *)image; + +- fixup = (void *)fp->aux->extable - ++ fixup = (void *)ex - + (fp->aux->num_exentries * BPF_FIXUP_LEN * 4) + + (ctx->exentry_idx * BPF_FIXUP_LEN * 4); + +@@ -259,18 +287,42 @@ int bpf_add_extable_entry(struct bpf_pro + fixup[BPF_FIXUP_LEN - 1] = + PPC_RAW_BRANCH((long)(pc + jmp_off) - (long)&fixup[BPF_FIXUP_LEN - 1]); + +- ex = &fp->aux->extable[ctx->exentry_idx]; ++ ex_entry = &ex[ctx->exentry_idx]; + +- offset = pc - (long)&ex->insn; ++ offset = pc - (long)&ex_entry->insn; + if (WARN_ON_ONCE(offset >= 0 || offset < INT_MIN)) + return -ERANGE; +- ex->insn = offset; ++ ex_entry->insn = offset; + +- offset = (long)fixup - (long)&ex->fixup; ++ offset = (long)fixup - (long)&ex_entry->fixup; + if (WARN_ON_ONCE(offset >= 0 || offset < INT_MIN)) + return -ERANGE; +- ex->fixup = offset; ++ ex_entry->fixup = offset; + + ctx->exentry_idx++; + return 0; + } ++ ++void bpf_jit_free(struct bpf_prog *fp) ++{ ++ if (fp->jited) { ++ struct powerpc_jit_data *jit_data = fp->aux->jit_data; ++ struct bpf_binary_header *hdr; ++ ++ /* ++ * If we fail the final pass of JIT (from jit_subprogs), ++ * the program may not be finalized yet. Call finalize here ++ * before freeing it. ++ */ ++ if (jit_data) { ++ bpf_jit_binary_pack_finalize(fp, jit_data->fhdr, jit_data->hdr); ++ kvfree(jit_data->addrs); ++ kfree(jit_data); ++ } ++ hdr = bpf_jit_binary_pack_hdr(fp); ++ bpf_jit_binary_pack_free(hdr, NULL); ++ WARN_ON_ONCE(!bpf_prog_kallsyms_verify_off(fp)); ++ } ++ ++ bpf_prog_unlock_free(fp); ++} +--- a/arch/powerpc/net/bpf_jit_comp32.c ++++ b/arch/powerpc/net/bpf_jit_comp32.c +@@ -200,12 +200,13 @@ void bpf_jit_build_epilogue(u32 *image, + EMIT(PPC_RAW_BLR()); + } + +-int bpf_jit_emit_func_call_rel(u32 *image, struct codegen_context *ctx, u64 func) ++/* Relative offset needs to be calculated based on final image location */ ++int bpf_jit_emit_func_call_rel(u32 *image, u32 *fimage, struct codegen_context *ctx, u64 func) + { +- s32 rel = (s32)func - (s32)(image + ctx->idx); ++ s32 rel = (s32)func - (s32)(fimage + ctx->idx); + + if (image && rel < 0x2000000 && rel >= -0x2000000) { +- PPC_BL(func); ++ EMIT(PPC_RAW_BL(rel)); + } else { + /* Load function address into r0 */ + EMIT(PPC_RAW_LIS(_R0, IMM_H(func))); +@@ -278,7 +279,7 @@ static int bpf_jit_emit_tail_call(u32 *i + } + + /* Assemble the body code between the prologue & epilogue */ +-int bpf_jit_build_body(struct bpf_prog *fp, u32 *image, struct codegen_context *ctx, ++int bpf_jit_build_body(struct bpf_prog *fp, u32 *image, u32 *fimage, struct codegen_context *ctx, + u32 *addrs, int pass, bool extra_pass) + { + const struct bpf_insn *insn = fp->insnsi; +@@ -1009,7 +1010,7 @@ int bpf_jit_build_body(struct bpf_prog * + jmp_off += 4; + } + +- ret = bpf_add_extable_entry(fp, image, pass, ctx, insn_idx, ++ ret = bpf_add_extable_entry(fp, image, fimage, pass, ctx, insn_idx, + jmp_off, dst_reg); + if (ret) + return ret; +@@ -1065,7 +1066,7 @@ int bpf_jit_build_body(struct bpf_prog * + EMIT(PPC_RAW_STW(bpf_to_ppc(BPF_REG_5), _R1, 12)); + } + +- ret = bpf_jit_emit_func_call_rel(image, ctx, func_addr); ++ ret = bpf_jit_emit_func_call_rel(image, fimage, ctx, func_addr); + if (ret) + return ret; + +--- a/arch/powerpc/net/bpf_jit_comp64.c ++++ b/arch/powerpc/net/bpf_jit_comp64.c +@@ -240,7 +240,7 @@ static int bpf_jit_emit_func_call_hlp(u3 + return 0; + } + +-int bpf_jit_emit_func_call_rel(u32 *image, struct codegen_context *ctx, u64 func) ++int bpf_jit_emit_func_call_rel(u32 *image, u32 *fimage, struct codegen_context *ctx, u64 func) + { + unsigned int i, ctx_idx = ctx->idx; + +@@ -361,7 +361,7 @@ asm ( + ); + + /* Assemble the body code between the prologue & epilogue */ +-int bpf_jit_build_body(struct bpf_prog *fp, u32 *image, struct codegen_context *ctx, ++int bpf_jit_build_body(struct bpf_prog *fp, u32 *image, u32 *fimage, struct codegen_context *ctx, + u32 *addrs, int pass, bool extra_pass) + { + enum stf_barrier_type stf_barrier = stf_barrier_type_get(); +@@ -952,8 +952,8 @@ emit_clear: + addrs[++i] = ctx->idx * 4; + + if (BPF_MODE(code) == BPF_PROBE_MEM) { +- ret = bpf_add_extable_entry(fp, image, pass, ctx, ctx->idx - 1, +- 4, dst_reg); ++ ret = bpf_add_extable_entry(fp, image, fimage, pass, ctx, ++ ctx->idx - 1, 4, dst_reg); + if (ret) + return ret; + } +@@ -1007,7 +1007,7 @@ emit_clear: + if (func_addr_fixed) + ret = bpf_jit_emit_func_call_hlp(image, ctx, func_addr); + else +- ret = bpf_jit_emit_func_call_rel(image, ctx, func_addr); ++ ret = bpf_jit_emit_func_call_rel(image, fimage, ctx, func_addr); + + if (ret) + return ret; diff --git a/queue-6.6/series b/queue-6.6/series index 85e4ec4445e..d532af774f0 100644 --- a/queue-6.6/series +++ b/queue-6.6/series @@ -2,7 +2,6 @@ iio-pressure-fix-some-word-spelling-errors.patch iio-pressure-bmp280-fix-bmp580-temperature-reading.patch usb-typec-ucsi-never-send-a-lone-connector-change-ac.patch usb-typec-ucsi-ack-also-failed-get-error-commands.patch -x86-mm-numa-use-numa_no_node-when-calling-memblock_s.patch input-ili210x-fix-ili251x_read_touch_data-return-val.patch pinctrl-fix-deadlock-in-create_pinctrl-when-handling.patch pinctrl-rockchip-fix-pinmux-bits-for-rk3328-gpio2-b-.patch @@ -49,6 +48,8 @@ netfilter-nf_tables-fully-validate-nft_data_value-on.patch tracing-net_sched-null-pointer-dereference-in-perf_t.patch net-mana-fix-possible-double-free-in-error-handling-.patch bpf-take-return-from-set_memory_ro-into-account-with.patch +powerpc-bpf-rename-powerpc64_jit_data-to-powerpc_jit_data.patch +powerpc-bpf-use-bpf_jit_binary_pack_.patch bpf-take-return-from-set_memory_rox-into-account-wit.patch drm-panel-ilitek-ili9881c-fix-warning-with-gpio-cont.patch vduse-validate-block-features-only-with-block-device.patch diff --git a/queue-6.6/x86-mm-numa-use-numa_no_node-when-calling-memblock_s.patch b/queue-6.6/x86-mm-numa-use-numa_no_node-when-calling-memblock_s.patch deleted file mode 100644 index d9195d7bb85..00000000000 --- a/queue-6.6/x86-mm-numa-use-numa_no_node-when-calling-memblock_s.patch +++ /dev/null @@ -1,58 +0,0 @@ -From 8609cf4207a564022badd8310756e2ee384323b5 Mon Sep 17 00:00:00 2001 -From: Sasha Levin -Date: Wed, 29 May 2024 09:42:05 +0200 -Subject: x86/mm/numa: Use NUMA_NO_NODE when calling memblock_set_node() - -From: Jan Beulich - -[ Upstream commit 3ac36aa7307363b7247ccb6f6a804e11496b2b36 ] - -memblock_set_node() warns about using MAX_NUMNODES, see - - e0eec24e2e19 ("memblock: make memblock_set_node() also warn about use of MAX_NUMNODES") - -for details. - -Reported-by: Narasimhan V -Signed-off-by: Jan Beulich -Cc: stable@vger.kernel.org -[bp: commit message] -Signed-off-by: Borislav Petkov (AMD) -Reviewed-by: Mike Rapoport (IBM) -Tested-by: Paul E. McKenney -Link: https://lore.kernel.org/r/20240603141005.23261-1-bp@kernel.org -Link: https://lore.kernel.org/r/abadb736-a239-49e4-ab42-ace7acdd4278@suse.com -Signed-off-by: Mike Rapoport (IBM) -Signed-off-by: Sasha Levin ---- - arch/x86/mm/numa.c | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/arch/x86/mm/numa.c b/arch/x86/mm/numa.c -index c7fa5396c0f05..c281326baa144 100644 ---- a/arch/x86/mm/numa.c -+++ b/arch/x86/mm/numa.c -@@ -523,7 +523,7 @@ static void __init numa_clear_kernel_node_hotplug(void) - for_each_reserved_mem_region(mb_region) { - int nid = memblock_get_region_node(mb_region); - -- if (nid != MAX_NUMNODES) -+ if (nid != NUMA_NO_NODE) - node_set(nid, reserved_nodemask); - } - -@@ -643,9 +643,9 @@ static int __init numa_init(int (*init_func)(void)) - nodes_clear(node_online_map); - memset(&numa_meminfo, 0, sizeof(numa_meminfo)); - WARN_ON(memblock_set_node(0, ULLONG_MAX, &memblock.memory, -- MAX_NUMNODES)); -+ NUMA_NO_NODE)); - WARN_ON(memblock_set_node(0, ULLONG_MAX, &memblock.reserved, -- MAX_NUMNODES)); -+ NUMA_NO_NODE)); - /* In case that parsing SRAT failed. */ - WARN_ON(memblock_clear_hotplug(0, ULLONG_MAX)); - numa_reset_distance(); --- -2.43.0 - -- 2.47.3