summaryrefslogtreecommitdiffstats
path: root/kernel/bpf
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-08 04:15:07 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-08 04:15:07 +0000
commit7fd92ba31ac1c688b59aa93cc03b748f920df8fe (patch)
treebaa580b97c260c790730e2525483eb1953f3c39d /kernel/bpf
parentAdding upstream version 4.19.269. (diff)
downloadlinux-7fd92ba31ac1c688b59aa93cc03b748f920df8fe.tar.xz
linux-7fd92ba31ac1c688b59aa93cc03b748f920df8fe.zip
Adding upstream version 4.19.282.upstream/4.19.282
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r--kernel/bpf/core.c5
-rw-r--r--kernel/bpf/verifier.c4
2 files changed, 5 insertions, 4 deletions
diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c
index cbbd0168f..285101772 100644
--- a/kernel/bpf/core.c
+++ b/kernel/bpf/core.c
@@ -32,6 +32,7 @@
#include <linux/kallsyms.h>
#include <linux/rcupdate.h>
#include <linux/perf_event.h>
+#include <linux/nospec.h>
#include <asm/barrier.h>
#include <asm/unaligned.h>
@@ -602,7 +603,7 @@ static int __init bpf_jit_charge_init(void)
{
/* Only used as heuristic here to derive limit. */
bpf_jit_limit_max = bpf_jit_alloc_exec_limit();
- bpf_jit_limit = min_t(u64, round_up(bpf_jit_limit_max >> 2,
+ bpf_jit_limit = min_t(u64, round_up(bpf_jit_limit_max >> 1,
PAGE_SIZE), LONG_MAX);
return 0;
}
@@ -1373,9 +1374,7 @@ out:
* reuse preexisting logic from Spectre v1 mitigation that
* happens to produce the required code on x86 for v4 as well.
*/
-#ifdef CONFIG_X86
barrier_nospec();
-#endif
CONT;
#define LDST(SIZEOP, SIZE) \
STX_MEM_##SIZEOP: \
diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
index 694ee0b1f..61f3a31ab 100644
--- a/kernel/bpf/verifier.c
+++ b/kernel/bpf/verifier.c
@@ -1012,7 +1012,9 @@ static int check_stack_write(struct bpf_verifier_env *env,
bool sanitize = reg && is_spillable_regtype(reg->type);
for (i = 0; i < size; i++) {
- if (state->stack[spi].slot_type[i] == STACK_INVALID) {
+ u8 type = state->stack[spi].slot_type[i];
+
+ if (type != STACK_MISC && type != STACK_ZERO) {
sanitize = true;
break;
}