1 files changed, 21 insertions, 1 deletions
diff --git a/arch/arm64/net/bpf_jit_comp.c b/arch/arm64/net/bpf_jit_comp.c
index 7658612d915c..a34420a5df9a 100644
--- a/arch/arm64/net/bpf_jit_comp.c
+++ b/arch/arm64/net/bpf_jit_comp.c
@@ -1,7 +1,7 @@
 /*
 * BPF JIT compiler for ARM64
 *
- * Copyright (C) 2014-2015 Zi Shen Lim <zlim.lnx@gmail.com>
+ * Copyright (C) 2014-2016 Zi Shen Lim <zlim.lnx@gmail.com>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License version 2 as
@@ -737,6 +737,20 @@ static int build_body(struct jit_ctx *ctx)
        return 0;
 }
+static int validate_code(struct jit_ctx *ctx)
+{
+        int i;
+        for (i = 0; i < ctx->idx; i++) {
+                u32 a64_insn = le32_to_cpu(ctx->image[i]);
+                if (a64_insn == AARCH64_BREAK_FAULT)
+                        return -1;
+        }
+        return 0;
+}
 static inline void bpf_flush_icache(void *start, void *end)
 {
        flush_icache_range((unsigned long)start, (unsigned long)end);
@@ -799,6 +813,12 @@ void bpf_int_jit_compile(struct bpf_prog *prog)
        build_epilogue(&ctx);
+        /* 3. Extra pass to validate JITed code. */
+        if (validate_code(&ctx)) {
+                bpf_jit_binary_free(header);
+                goto out;
+        }
        /* And we're done. */
        if (bpf_jit_enable > 1)
                bpf_jit_dump(prog->len, image_size, 2, ctx.image);

diff --git a/arch/arm64/net/bpf_jit_comp.c b/arch/arm64/net/bpf_jit_comp.c index 7658612d915c..a34420a5df9a 100644 --- a/arch/arm64/net/bpf_jit_comp.c +++ b/arch/arm64/net/bpf_jit_comp.c
@@ -1,7 +1,7 @@
1	/*	1	/*
2	* BPF JIT compiler for ARM64	2	* BPF JIT compiler for ARM64
3	*	3	*
4	* Copyright (C) 2014-2015 Zi Shen Lim <zlim.lnx@gmail.com>	4	* Copyright (C) 2014-2016 Zi Shen Lim <zlim.lnx@gmail.com>
5	*	5	*
6	* This program is free software; you can redistribute it and/or modify	6	* This program is free software; you can redistribute it and/or modify
7	* it under the terms of the GNU General Public License version 2 as	7	* it under the terms of the GNU General Public License version 2 as
@@ -737,6 +737,20 @@ static int build_body(struct jit_ctx *ctx)
737	return 0;	737	return 0;
738	}	738	}
739		739
		740	static int validate_code(struct jit_ctx *ctx)
		741	{
		742	int i;
		743
		744	for (i = 0; i < ctx->idx; i++) {
		745	u32 a64_insn = le32_to_cpu(ctx->image[i]);
		746
		747	if (a64_insn == AARCH64_BREAK_FAULT)
		748	return -1;
		749	}
		750
		751	return 0;
		752	}
		753
740	static inline void bpf_flush_icache(void start, void end)	754	static inline void bpf_flush_icache(void start, void end)
741	{	755	{
742	flush_icache_range((unsigned long)start, (unsigned long)end);	756	flush_icache_range((unsigned long)start, (unsigned long)end);
@@ -799,6 +813,12 @@ void bpf_int_jit_compile(struct bpf_prog *prog)
799		813
800	build_epilogue(&ctx);	814	build_epilogue(&ctx);
801		815
		816	/* 3. Extra pass to validate JITed code. */
		817	if (validate_code(&ctx)) {
		818	bpf_jit_binary_free(header);
		819	goto out;
		820	}
		821
802	/* And we're done. */	822	/* And we're done. */
803	if (bpf_jit_enable > 1)	823	if (bpf_jit_enable > 1)
804	bpf_jit_dump(prog->len, image_size, 2, ctx.image);	824	bpf_jit_dump(prog->len, image_size, 2, ctx.image);