Skip to content

bpf: arm64: Fix panic due to missing BTI at indirect jump targets #10382

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
kernel-patches-daemon-bpf wants to merge 1 commit into from
Closed

bpf: arm64: Fix panic due to missing BTI at indirect jump targets #10382

kernel-patches-daemon-bpf wants to merge 1 commit into from

Conversation

@kernel-patches-daemon-bpf
Copy link

@kernel-patches-daemon-bpf kernel-patches-daemon-bpf bot commented Nov 27, 2025

Pull request for series with
subject: bpf: arm64: Fix panic due to missing BTI at indirect jump targets
version: 1
url: https://patchwork.kernel.org/project/netdevbpf/list/?series=1028290

@kernel-patches-daemon-bpf
Copy link
Author

kernel-patches-daemon-bpf bot commented Nov 27, 2025

Upstream branch: 688b745
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1028290
version: 1

@kernel-patches-daemon-bpf
Copy link
Author

kernel-patches-daemon-bpf bot commented Nov 28, 2025

Upstream branch: bd5bdd2
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1028290
version: 1

@kernel-patches-daemon-bpf
Copy link
Author

kernel-patches-daemon-bpf bot commented Nov 29, 2025

Upstream branch: 34235a3
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1028290
version: 1

@kernel-patches-daemon-bpf
Copy link
Author

kernel-patches-daemon-bpf bot commented Nov 29, 2025

Upstream branch: 85bdeeb
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1028290
version: 1

@kernel-patches-daemon-bpf
Copy link
Author

kernel-patches-daemon-bpf bot commented Nov 29, 2025

Upstream branch: ff34657
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1028290
version: 1

@kernel-patches-daemon-bpf
Copy link
Author

kernel-patches-daemon-bpf bot commented Dec 4, 2025

Upstream branch: ff34657
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1028290
version: 1

@kernel-patches-daemon-bpf
Copy link
Author

kernel-patches-daemon-bpf bot commented Dec 4, 2025

Upstream branch: 8f7aa3d
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1028290
version: 1

@kernel-patches-daemon-bpf
Copy link
Author

kernel-patches-daemon-bpf bot commented Dec 4, 2025

Upstream branch: 835a507
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1028290
version: 1

@kernel-patches-daemon-bpf
Copy link
Author

kernel-patches-daemon-bpf bot commented Dec 4, 2025

Upstream branch: 835a507
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1028290
version: 1

@kernel-patches-daemon-bpf
Copy link
Author

kernel-patches-daemon-bpf bot commented Dec 4, 2025

Upstream branch: 835a507
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1028290
version: 1

@kernel-patches-daemon-bpf
Copy link
Author

kernel-patches-daemon-bpf bot commented Dec 6, 2025

Upstream branch: 81f88f6
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1028290
version: 1

@kernel-patches-daemon-bpf
Copy link
Author

kernel-patches-daemon-bpf bot commented Dec 6, 2025

Upstream branch: 5d9fb42
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1028290
version: 1

@kernel-patches-daemon-bpf
Copy link
Author

kernel-patches-daemon-bpf bot commented Dec 10, 2025

Upstream branch: 5d9fb42
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1028290
version: 1

bpf: arm64: Fix panic due to missing BTI at indirect jump targets
4702d99 
When BTI is enabled, the indirect jump selftest triggers BTI exception:

Internal error: Oops - BTI: 0000000036000003 [#1]  SMP
...
Call trace:
 bpf_prog_2e5f1c71c13ac3e0_big_jump_table+0x54/0xf8 (P)
 bpf_prog_run_pin_on_cpu+0x140/0x468
 bpf_prog_test_run_syscall+0x280/0x3b8
 bpf_prog_test_run+0x22c/0x2c0
 __sys_bpf+0x4d8/0x5c8
 __arm64_sys_bpf+0x88/0xa8
 invoke_syscall+0x80/0x220
 el0_svc_common+0x160/0x1d0
 do_el0_svc+0x54/0x70
 el0_svc+0x54/0x188
 el0t_64_sync_handler+0x84/0x130
 el0t_64_sync+0x198/0x1a0

This happens because no BTI instruction is generated by the JIT for
indirect jump targets.

Fix it by emitting BTI instruction for every possible indirect jump
targets when BTI is enabled. The targets are identified by traversing
all instruction arrays used by the BPF program, since indirect jump
targets can only be read from instruction arrays.

Fixes: f4a66cf ("bpf: arm64: Add support for indirect jumps")
Signed-off-by: Xu Kuohai <xukuohai@huawei.com>
@kernel-patches-daemon-bpf
Copy link
Author

kernel-patches-daemon-bpf bot commented Dec 10, 2025

At least one diff in series https://patchwork.kernel.org/project/netdevbpf/list/?series=1028290 expired. Closing PR.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

bpf-next changes-requested V1-ci-fail V1

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant