From: Greg Kroah-Hartman Date: Tue, 31 Mar 2026 11:30:08 +0000 (+0200) Subject: 6.1-stable patches X-Git-Tag: v6.6.131~18 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=912450f175e4f25a59d556e67c872513e16c075a;p=thirdparty%2Fkernel%2Fstable-queue.git 6.1-stable patches added patches: powerpc64-bpf-do-not-increment-tailcall-count-when-prog-is-null.patch --- diff --git a/queue-6.1/powerpc64-bpf-do-not-increment-tailcall-count-when-prog-is-null.patch b/queue-6.1/powerpc64-bpf-do-not-increment-tailcall-count-when-prog-is-null.patch new file mode 100644 index 0000000000..23e120675b --- /dev/null +++ b/queue-6.1/powerpc64-bpf-do-not-increment-tailcall-count-when-prog-is-null.patch @@ -0,0 +1,70 @@ +From 521bd39d9d28ce54cbfec7f9b89c94ad4fdb8350 Mon Sep 17 00:00:00 2001 +From: Hari Bathini +Date: Tue, 3 Mar 2026 23:40:25 +0530 +Subject: powerpc64/bpf: do not increment tailcall count when prog is NULL + +From: Hari Bathini + +commit 521bd39d9d28ce54cbfec7f9b89c94ad4fdb8350 upstream. + +Do not increment tailcall count, if tailcall did not succeed due to +missing BPF program. + +Fixes: ce0761419fae ("powerpc/bpf: Implement support for tail calls") +Cc: stable@vger.kernel.org +Tested-by: Venkat Rao Bagalkote +Signed-off-by: Hari Bathini +Signed-off-by: Madhavan Srinivasan +Link: https://patch.msgid.link/20260303181031.390073-2-hbathini@linux.ibm.com +[ Conflict due to missing feature commit 2ed2d8f6fb38 ("powerpc64/bpf: + Support tailcalls with subprogs") resolved accordingly. ] +Signed-off-by: Hari Bathini +Signed-off-by: Greg Kroah-Hartman +--- + arch/powerpc/net/bpf_jit_comp64.c | 23 ++++++++++++++--------- + 1 file changed, 14 insertions(+), 9 deletions(-) + +--- a/arch/powerpc/net/bpf_jit_comp64.c ++++ b/arch/powerpc/net/bpf_jit_comp64.c +@@ -288,27 +288,32 @@ static int bpf_jit_emit_tail_call(u32 *i + + /* + * tail_call_cnt++; ++ * Writeback this updated value only if tailcall succeeds. + */ + EMIT(PPC_RAW_ADDI(bpf_to_ppc(TMP_REG_1), bpf_to_ppc(TMP_REG_1), 1)); +- EMIT(PPC_RAW_STD(bpf_to_ppc(TMP_REG_1), _R1, bpf_jit_stack_tailcallcnt(ctx))); + + /* prog = array->ptrs[index]; */ +- EMIT(PPC_RAW_MULI(bpf_to_ppc(TMP_REG_1), b2p_index, 8)); +- EMIT(PPC_RAW_ADD(bpf_to_ppc(TMP_REG_1), bpf_to_ppc(TMP_REG_1), b2p_bpf_array)); +- EMIT(PPC_RAW_LD(bpf_to_ppc(TMP_REG_1), bpf_to_ppc(TMP_REG_1), offsetof(struct bpf_array, ptrs))); ++ EMIT(PPC_RAW_MULI(bpf_to_ppc(TMP_REG_2), b2p_index, 8)); ++ EMIT(PPC_RAW_ADD(bpf_to_ppc(TMP_REG_2), bpf_to_ppc(TMP_REG_2), b2p_bpf_array)); ++ EMIT(PPC_RAW_LD(bpf_to_ppc(TMP_REG_2), bpf_to_ppc(TMP_REG_2), ++ offsetof(struct bpf_array, ptrs))); + + /* + * if (prog == NULL) + * goto out; + */ +- EMIT(PPC_RAW_CMPLDI(bpf_to_ppc(TMP_REG_1), 0)); ++ EMIT(PPC_RAW_CMPLDI(bpf_to_ppc(TMP_REG_2), 0)); + PPC_BCC_SHORT(COND_EQ, out); + + /* goto *(prog->bpf_func + prologue_size); */ +- EMIT(PPC_RAW_LD(bpf_to_ppc(TMP_REG_1), bpf_to_ppc(TMP_REG_1), offsetof(struct bpf_prog, bpf_func))); +- EMIT(PPC_RAW_ADDI(bpf_to_ppc(TMP_REG_1), bpf_to_ppc(TMP_REG_1), +- FUNCTION_DESCR_SIZE + bpf_tailcall_prologue_size)); +- EMIT(PPC_RAW_MTCTR(bpf_to_ppc(TMP_REG_1))); ++ EMIT(PPC_RAW_LD(bpf_to_ppc(TMP_REG_2), bpf_to_ppc(TMP_REG_2), ++ offsetof(struct bpf_prog, bpf_func))); ++ EMIT(PPC_RAW_ADDI(bpf_to_ppc(TMP_REG_2), bpf_to_ppc(TMP_REG_2), ++ FUNCTION_DESCR_SIZE + bpf_tailcall_prologue_size)); ++ EMIT(PPC_RAW_MTCTR(bpf_to_ppc(TMP_REG_2))); ++ ++ /* Writeback updated tailcall count */ ++ EMIT(PPC_RAW_STD(bpf_to_ppc(TMP_REG_1), _R1, bpf_jit_stack_tailcallcnt(ctx))); + + /* tear down stack, restore NVRs, ... */ + bpf_jit_emit_common_epilogue(image, ctx); diff --git a/queue-6.1/series b/queue-6.1/series index f4d53d5f22..c5b7a5fc6d 100644 --- a/queue-6.1/series +++ b/queue-6.1/series @@ -118,3 +118,4 @@ ext4-reject-mount-if-bigalloc-with-s_first_data_block-0.patch ext4-fix-iloc.bh-leak-in-ext4_fc_replay_inode-error-paths.patch ext4-always-drain-queued-discard-work-in-ext4_mb_release.patch arm64-dts-imx8mn-tqma8mqnl-fix-ldo5-power-off.patch +powerpc64-bpf-do-not-increment-tailcall-count-when-prog-is-null.patch