diff options
| -rw-r--r-- | include/linux/filter.h | 17 | ||||
| -rw-r--r-- | kernel/bpf/core.c | 1 |
2 files changed, 3 insertions, 15 deletions
diff --git a/include/linux/filter.h b/include/linux/filter.h index 14ec3bdad9a9..7d3abde3f183 100644 --- a/include/linux/filter.h +++ b/include/linux/filter.h | |||
| @@ -20,6 +20,7 @@ | |||
| 20 | #include <linux/set_memory.h> | 20 | #include <linux/set_memory.h> |
| 21 | #include <linux/kallsyms.h> | 21 | #include <linux/kallsyms.h> |
| 22 | #include <linux/if_vlan.h> | 22 | #include <linux/if_vlan.h> |
| 23 | #include <linux/vmalloc.h> | ||
| 23 | 24 | ||
| 24 | #include <net/sch_generic.h> | 25 | #include <net/sch_generic.h> |
| 25 | 26 | ||
| @@ -503,7 +504,6 @@ struct bpf_prog { | |||
| 503 | u16 pages; /* Number of allocated pages */ | 504 | u16 pages; /* Number of allocated pages */ |
| 504 | u16 jited:1, /* Is our filter JIT'ed? */ | 505 | u16 jited:1, /* Is our filter JIT'ed? */ |
| 505 | jit_requested:1,/* archs need to JIT the prog */ | 506 | jit_requested:1,/* archs need to JIT the prog */ |
| 506 | undo_set_mem:1, /* Passed set_memory_ro() checkpoint */ | ||
| 507 | gpl_compatible:1, /* Is filter GPL compatible? */ | 507 | gpl_compatible:1, /* Is filter GPL compatible? */ |
| 508 | cb_access:1, /* Is control block accessed? */ | 508 | cb_access:1, /* Is control block accessed? */ |
| 509 | dst_needed:1, /* Do we need dst entry? */ | 509 | dst_needed:1, /* Do we need dst entry? */ |
| @@ -733,27 +733,17 @@ bpf_ctx_narrow_access_ok(u32 off, u32 size, u32 size_default) | |||
| 733 | 733 | ||
| 734 | static inline void bpf_prog_lock_ro(struct bpf_prog *fp) | 734 | static inline void bpf_prog_lock_ro(struct bpf_prog *fp) |
| 735 | { | 735 | { |
| 736 | fp->undo_set_mem = 1; | 736 | set_vm_flush_reset_perms(fp); |
| 737 | set_memory_ro((unsigned long)fp, fp->pages); | 737 | set_memory_ro((unsigned long)fp, fp->pages); |
| 738 | } | 738 | } |
| 739 | 739 | ||
| 740 | static inline void bpf_prog_unlock_ro(struct bpf_prog *fp) | ||
| 741 | { | ||
| 742 | if (fp->undo_set_mem) | ||
| 743 | set_memory_rw((unsigned long)fp, fp->pages); | ||
| 744 | } | ||
| 745 | |||
| 746 | static inline void bpf_jit_binary_lock_ro(struct bpf_binary_header *hdr) | 740 | static inline void bpf_jit_binary_lock_ro(struct bpf_binary_header *hdr) |
| 747 | { | 741 | { |
| 742 | set_vm_flush_reset_perms(hdr); | ||
| 748 | set_memory_ro((unsigned long)hdr, hdr->pages); | 743 | set_memory_ro((unsigned long)hdr, hdr->pages); |
| 749 | set_memory_x((unsigned long)hdr, hdr->pages); | 744 | set_memory_x((unsigned long)hdr, hdr->pages); |
| 750 | } | 745 | } |
| 751 | 746 | ||
| 752 | static inline void bpf_jit_binary_unlock_ro(struct bpf_binary_header *hdr) | ||
| 753 | { | ||
| 754 | set_memory_rw((unsigned long)hdr, hdr->pages); | ||
| 755 | } | ||
| 756 | |||
| 757 | static inline struct bpf_binary_header * | 747 | static inline struct bpf_binary_header * |
| 758 | bpf_jit_binary_hdr(const struct bpf_prog *fp) | 748 | bpf_jit_binary_hdr(const struct bpf_prog *fp) |
| 759 | { | 749 | { |
| @@ -789,7 +779,6 @@ void __bpf_prog_free(struct bpf_prog *fp); | |||
| 789 | 779 | ||
| 790 | static inline void bpf_prog_unlock_free(struct bpf_prog *fp) | 780 | static inline void bpf_prog_unlock_free(struct bpf_prog *fp) |
| 791 | { | 781 | { |
| 792 | bpf_prog_unlock_ro(fp); | ||
| 793 | __bpf_prog_free(fp); | 782 | __bpf_prog_free(fp); |
| 794 | } | 783 | } |
| 795 | 784 | ||
diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c index ff09d32a8a1b..c605397c79f0 100644 --- a/kernel/bpf/core.c +++ b/kernel/bpf/core.c | |||
| @@ -848,7 +848,6 @@ void __weak bpf_jit_free(struct bpf_prog *fp) | |||
| 848 | if (fp->jited) { | 848 | if (fp->jited) { |
| 849 | struct bpf_binary_header *hdr = bpf_jit_binary_hdr(fp); | 849 | struct bpf_binary_header *hdr = bpf_jit_binary_hdr(fp); |
| 850 | 850 | ||
| 851 | bpf_jit_binary_unlock_ro(hdr); | ||
| 852 | bpf_jit_binary_free(hdr); | 851 | bpf_jit_binary_free(hdr); |
| 853 | 852 | ||
| 854 | WARN_ON_ONCE(!bpf_prog_kallsyms_verify_off(fp)); | 853 | WARN_ON_ONCE(!bpf_prog_kallsyms_verify_off(fp)); |