Received: by 2002:a05:6a10:1287:0:0:0:0 with SMTP id d7csp509653pxv; Thu, 15 Jul 2021 09:09:37 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzpE3wwJPHXEouZZplJnPbg/nNgH2UmP2M6TqVpLYQzPX91esDxg5aOpsNVbF+yR+3znCja X-Received: by 2002:a6b:f704:: with SMTP id k4mr3741795iog.191.1626365376977; Thu, 15 Jul 2021 09:09:36 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1626365376; cv=none; d=google.com; s=arc-20160816; b=WCq+71PKXtbZvCPQS3z5W5hFt5LunTbuvj5VeSaR01TjdsxZ1VimNEvv+9o4SeMGTH ZnisnBRyeJRChhl0vQBAcbXRqP3fbiHvnvRtdLiBkN3EfxZcOm1yXMDXLkv8UP0QaWNx yg8S+qn0TQQe8gHhXZ6baZAmBI+L9DODhUZyv0CSuyi3if0PWpUzCTK8MpE1q6LSp/4t 5V+sukHe+JHgT6UbZhreGFLRHW8BEbk6/HR0LhYLL+dSxX0Af+kDuPSWpNQ45ejtucmz t2TI/et7jYXa/bdypwE3HIxw+L3o2YC3e+kgt97QZ+dls7lLe707ReYa9THm2+qJD2jM lvZw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:date:subject:cc:to:from:dkim-signature; bh=XqK+vx8ysu2dR1xpNfi0uOpzCmJBmn4R/mwkNVGPQrY=; b=onf+X6B6PjuZPU7dxFQGW/abFs7wmF5SK+X/kuq2FVQ9oQj+Mt0oXN5CLiPVBrnya1 6aqQ3LsVkkUQYxSY+lworPViT7+zZyUa3DwznDQjrqwnvtqEFMLxRxwXN71BFCi4q8cV LhvPEyQKlMykosnKVs1DfuMtA7H/qHPVBGAMChWMPHScaMPgMaaObvK/sDGUvf//62si 8ao7P/OE0w87tPweURSLaOhBZIeRMPPssbCP6D8RA9DsDjDlZOGCX/fG76mFPP2/+dWy RBlloC/LLFV1ycAMKDz1U283qpFZlCdR0/BvvF1/zjiZ8lXksSzC1cRFyNE3R0ZOb8cw Ibcw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@canonical.com header.s=20210705 header.b=KQq+r3AA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=canonical.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id k19si7669334ion.69.2021.07.15.09.09.25; Thu, 15 Jul 2021 09:09:36 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@canonical.com header.s=20210705 header.b=KQq+r3AA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=canonical.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231964AbhGONAH (ORCPT + 99 others); Thu, 15 Jul 2021 09:00:07 -0400 Received: from smtp-relay-canonical-1.canonical.com ([185.125.188.121]:60116 "EHLO smtp-relay-canonical-1.canonical.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229679AbhGONAH (ORCPT ); Thu, 15 Jul 2021 09:00:07 -0400 Received: from localhost (1.general.cking.uk.vpn [10.172.193.212]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by smtp-relay-canonical-1.canonical.com (Postfix) with ESMTPSA id D87E3409F4; Thu, 15 Jul 2021 12:57:12 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical.com; s=20210705; t=1626353832; bh=XqK+vx8ysu2dR1xpNfi0uOpzCmJBmn4R/mwkNVGPQrY=; h=From:To:Cc:Subject:Date:Message-Id:MIME-Version:Content-Type; b=KQq+r3AASoEClQVDGdeTH/Bua3fewcvARM7YLnlQw7dWvHB0nHgap+GrPmjK3BOQi fsrrhuR0CP9yy8Ykhi5UHXqlLWx5yIjMUrt5kyS6SC/wgBjBsh15tNjh+tJ3Wwyue7 LE9xQzChcZXyK5e23wcxIc7IznMpf5DeWH6qWt1OAhKKMzz61fYa+WAfBh7vefbtgb YUsOqItmsQkpFK+zBlgND6MJ4o8Kjd0K2xS8b8Snzu1Cc0OxryEeOpE0oUxsp+V9uX HDKg/izKaFHLFJU5gtKe6iD/rpjliOIodSiOQ7FaCGidVKS+8JyQxD/WoffA3N7TYa pCyiNp/JopPBw== From: Colin King To: Ilya Leoshkevich , Heiko Carstens , Vasily Gorbik , Christian Borntraeger , Alexei Starovoitov , Daniel Borkmann , Andrii Nakryiko , Song Liu , Yonghong Song , John Fastabend , KP Singh , Michael Holzheu , Martin Schwidefsky , netdev@vger.kernel.org, bpf@vger.kernel.org, linux-s390@vger.kernel.org Cc: kernel-janitors@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH] s390/bpf: perform r1 range checking before accessing jit->seen_reg[r1] Date: Thu, 15 Jul 2021 13:57:12 +0100 Message-Id: <20210715125712.24690-1-colin.king@canonical.com> X-Mailer: git-send-email 2.31.1 MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Colin Ian King Currently array jit->seen_reg[r1] is being accessed before the range checking of index r1. The range changing on r1 should be performed first since it will avoid any potential out-of-range accesses on the array seen_reg[] and also it is more optimal to perform checks on r1 before fetching data from the array. Fix this by swapping the order of the checks before the array access. Fixes: 054623105728 ("s390/bpf: Add s390x eBPF JIT compiler backend") Signed-off-by: Colin Ian King --- arch/s390/net/bpf_jit_comp.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/arch/s390/net/bpf_jit_comp.c b/arch/s390/net/bpf_jit_comp.c index 63cae0476bb4..2ae419f5115a 100644 --- a/arch/s390/net/bpf_jit_comp.c +++ b/arch/s390/net/bpf_jit_comp.c @@ -112,7 +112,7 @@ static inline void reg_set_seen(struct bpf_jit *jit, u32 b1) { u32 r1 = reg2hex[b1]; - if (!jit->seen_reg[r1] && r1 >= 6 && r1 <= 15) + if (r1 >= 6 && r1 <= 15 && !jit->seen_reg[r1]) jit->seen_reg[r1] = 1; } -- 2.31.1