--- /dev/null
+From b9082970478009b778aa9b22d5561eef35b53b63 Mon Sep 17 00:00:00 2001
+From: Stanislav Fomichev <sdf@google.com>
+Date: Fri, 19 Mar 2021 17:00:01 -0700
+Subject: bpf: Use NOP_ATOMIC5 instead of emit_nops(&prog, 5) for BPF_TRAMP_F_CALL_ORIG
+
+From: Stanislav Fomichev <sdf@google.com>
+
+commit b9082970478009b778aa9b22d5561eef35b53b63 upstream.
+
+__bpf_arch_text_poke does rewrite only for atomic nop5, emit_nops(xxx, 5)
+emits non-atomic one which breaks fentry/fexit with k8 atomics:
+
+P6_NOP5 == P6_NOP5_ATOMIC (0f1f440000 == 0f1f440000)
+K8_NOP5 != K8_NOP5_ATOMIC (6666906690 != 6666666690)
+
+Can be reproduced by doing "ideal_nops = k8_nops" in "arch_init_ideal_nops()
+and running fexit_bpf2bpf selftest.
+
+Fixes: e21aa341785c ("bpf: Fix fexit trampoline.")
+Signed-off-by: Stanislav Fomichev <sdf@google.com>
+Signed-off-by: Alexei Starovoitov <ast@kernel.org>
+Link: https://lore.kernel.org/bpf/20210320000001.915366-1-sdf@google.com
+Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
+---
+ arch/x86/net/bpf_jit_comp.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+--- a/arch/x86/net/bpf_jit_comp.c
++++ b/arch/x86/net/bpf_jit_comp.c
+@@ -1811,7 +1811,8 @@ int arch_prepare_bpf_trampoline(struct b
+ /* remember return value in a stack for bpf prog to access */
+ emit_stx(&prog, BPF_DW, BPF_REG_FP, BPF_REG_0, -8);
+ im->ip_after_call = prog;
+- emit_nops(&prog, 5);
++ memcpy(prog, ideal_nops[NOP_ATOMIC5], X86_PATCH_SIZE);
++ prog += X86_PATCH_SIZE;
+ }
+
+ if (fmod_ret->nr_progs) {
projects / thirdparty / kernel / stable-queue.git / commitdiff
