1
2
3
4
5
6
7
8
9
10
11
12#include <linux/netdevice.h>
13#include <linux/filter.h>
14#include <linux/if_vlan.h>
15#include <asm/cacheflush.h>
16#include <asm/set_memory.h>
17#include <asm/nospec-branch.h>
18#include <linux/bpf.h>
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50static u8 *emit_code(u8 *ptr, u32 bytes, unsigned int len)
51{
52 if (len == 1)
53 *ptr = bytes;
54 else if (len == 2)
55 *(u16 *)ptr = bytes;
56 else {
57 *(u32 *)ptr = bytes;
58 barrier();
59 }
60 return ptr + len;
61}
62
63#define EMIT(bytes, len) \
64 do { prog = emit_code(prog, bytes, len); cnt += len; } while (0)
65
66#define EMIT1(b1) EMIT(b1, 1)
67#define EMIT2(b1, b2) EMIT((b1) + ((b2) << 8), 2)
68#define EMIT3(b1, b2, b3) EMIT((b1) + ((b2) << 8) + ((b3) << 16), 3)
69#define EMIT4(b1, b2, b3, b4) \
70 EMIT((b1) + ((b2) << 8) + ((b3) << 16) + ((b4) << 24), 4)
71
72#define EMIT1_off32(b1, off) \
73 do { EMIT1(b1); EMIT(off, 4); } while (0)
74#define EMIT2_off32(b1, b2, off) \
75 do { EMIT2(b1, b2); EMIT(off, 4); } while (0)
76#define EMIT3_off32(b1, b2, b3, off) \
77 do { EMIT3(b1, b2, b3); EMIT(off, 4); } while (0)
78#define EMIT4_off32(b1, b2, b3, b4, off) \
79 do { EMIT4(b1, b2, b3, b4); EMIT(off, 4); } while (0)
80
81#define jmp_label(label, jmp_insn_len) (label - cnt - jmp_insn_len)
82
83static bool is_imm8(int value)
84{
85 return value <= 127 && value >= -128;
86}
87
88static bool is_simm32(s64 value)
89{
90 return value == (s64) (s32) value;
91}
92
93#define STACK_OFFSET(k) (k)
94#define TCALL_CNT (MAX_BPF_JIT_REG + 0)
95
96#define IA32_EAX (0x0)
97#define IA32_EBX (0x3)
98#define IA32_ECX (0x1)
99#define IA32_EDX (0x2)
100#define IA32_ESI (0x6)
101#define IA32_EDI (0x7)
102#define IA32_EBP (0x5)
103#define IA32_ESP (0x4)
104
105
106
107
108
109#define IA32_JB 0x72
110#define IA32_JAE 0x73
111#define IA32_JE 0x74
112#define IA32_JNE 0x75
113#define IA32_JBE 0x76
114#define IA32_JA 0x77
115#define IA32_JL 0x7C
116#define IA32_JGE 0x7D
117#define IA32_JLE 0x7E
118#define IA32_JG 0x7F
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135static const u8 bpf2ia32[][2] = {
136
137 [BPF_REG_0] = {STACK_OFFSET(0), STACK_OFFSET(4)},
138
139
140
141 [BPF_REG_1] = {STACK_OFFSET(8), STACK_OFFSET(12)},
142 [BPF_REG_2] = {STACK_OFFSET(16), STACK_OFFSET(20)},
143 [BPF_REG_3] = {STACK_OFFSET(24), STACK_OFFSET(28)},
144 [BPF_REG_4] = {STACK_OFFSET(32), STACK_OFFSET(36)},
145 [BPF_REG_5] = {STACK_OFFSET(40), STACK_OFFSET(44)},
146
147
148
149 [BPF_REG_6] = {STACK_OFFSET(48), STACK_OFFSET(52)},
150 [BPF_REG_7] = {STACK_OFFSET(56), STACK_OFFSET(60)},
151 [BPF_REG_8] = {STACK_OFFSET(64), STACK_OFFSET(68)},
152 [BPF_REG_9] = {STACK_OFFSET(72), STACK_OFFSET(76)},
153
154
155 [BPF_REG_FP] = {STACK_OFFSET(80), STACK_OFFSET(84)},
156
157
158 [BPF_REG_AX] = {IA32_ESI, IA32_EDI},
159
160
161 [TCALL_CNT] = {STACK_OFFSET(88), STACK_OFFSET(92)},
162};
163
164#define dst_lo dst[0]
165#define dst_hi dst[1]
166#define src_lo src[0]
167#define src_hi src[1]
168
169#define STACK_ALIGNMENT 8
170
171
172
173
174
175#define SCRATCH_SIZE 96
176
177
178#define _STACK_SIZE (stack_depth + SCRATCH_SIZE)
179
180#define STACK_SIZE ALIGN(_STACK_SIZE, STACK_ALIGNMENT)
181
182
183#define STACK_VAR(off) (off)
184
185
186static u8 add_1reg(u8 byte, u32 dst_reg)
187{
188 return byte + dst_reg;
189}
190
191
192static u8 add_2reg(u8 byte, u32 dst_reg, u32 src_reg)
193{
194 return byte + dst_reg + (src_reg << 3);
195}
196
197static void jit_fill_hole(void *area, unsigned int size)
198{
199
200 memset(area, 0xcc, size);
201}
202
203static inline void emit_ia32_mov_i(const u8 dst, const u32 val, bool dstk,
204 u8 **pprog)
205{
206 u8 *prog = *pprog;
207 int cnt = 0;
208
209 if (dstk) {
210 if (val == 0) {
211
212 EMIT2(0x33, add_2reg(0xC0, IA32_EAX, IA32_EAX));
213
214 EMIT3(0x89, add_2reg(0x40, IA32_EBP, IA32_EAX),
215 STACK_VAR(dst));
216 } else {
217 EMIT3_off32(0xC7, add_1reg(0x40, IA32_EBP),
218 STACK_VAR(dst), val);
219 }
220 } else {
221 if (val == 0)
222 EMIT2(0x33, add_2reg(0xC0, dst, dst));
223 else
224 EMIT2_off32(0xC7, add_1reg(0xC0, dst),
225 val);
226 }
227 *pprog = prog;
228}
229
230
231static inline void emit_ia32_mov_r(const u8 dst, const u8 src, bool dstk,
232 bool sstk, u8 **pprog)
233{
234 u8 *prog = *pprog;
235 int cnt = 0;
236 u8 sreg = sstk ? IA32_EAX : src;
237
238 if (sstk)
239
240 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EAX), STACK_VAR(src));
241 if (dstk)
242
243 EMIT3(0x89, add_2reg(0x40, IA32_EBP, sreg), STACK_VAR(dst));
244 else
245
246 EMIT2(0x89, add_2reg(0xC0, dst, sreg));
247
248 *pprog = prog;
249}
250
251
252static inline void emit_ia32_mov_r64(const bool is64, const u8 dst[],
253 const u8 src[], bool dstk,
254 bool sstk, u8 **pprog,
255 const struct bpf_prog_aux *aux)
256{
257 emit_ia32_mov_r(dst_lo, src_lo, dstk, sstk, pprog);
258 if (is64)
259
260 emit_ia32_mov_r(dst_hi, src_hi, dstk, sstk, pprog);
261 else if (!aux->verifier_zext)
262
263 emit_ia32_mov_i(dst_hi, 0, dstk, pprog);
264}
265
266
267static inline void emit_ia32_mov_i64(const bool is64, const u8 dst[],
268 const u32 val, bool dstk, u8 **pprog)
269{
270 u32 hi = 0;
271
272 if (is64 && (val & (1<<31)))
273 hi = (u32)~0;
274 emit_ia32_mov_i(dst_lo, val, dstk, pprog);
275 emit_ia32_mov_i(dst_hi, hi, dstk, pprog);
276}
277
278
279
280
281
282static inline void emit_ia32_mul_r(const u8 dst, const u8 src, bool dstk,
283 bool sstk, u8 **pprog)
284{
285 u8 *prog = *pprog;
286 int cnt = 0;
287 u8 sreg = sstk ? IA32_ECX : src;
288
289 if (sstk)
290
291 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_ECX), STACK_VAR(src));
292
293 if (dstk)
294
295 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EAX), STACK_VAR(dst));
296 else
297
298 EMIT2(0x8B, add_2reg(0xC0, dst, IA32_EAX));
299
300
301 EMIT2(0xF7, add_1reg(0xE0, sreg));
302
303 if (dstk)
304
305 EMIT3(0x89, add_2reg(0x40, IA32_EBP, IA32_EAX),
306 STACK_VAR(dst));
307 else
308
309 EMIT2(0x89, add_2reg(0xC0, dst, IA32_EAX));
310
311 *pprog = prog;
312}
313
314static inline void emit_ia32_to_le_r64(const u8 dst[], s32 val,
315 bool dstk, u8 **pprog,
316 const struct bpf_prog_aux *aux)
317{
318 u8 *prog = *pprog;
319 int cnt = 0;
320 u8 dreg_lo = dstk ? IA32_EAX : dst_lo;
321 u8 dreg_hi = dstk ? IA32_EDX : dst_hi;
322
323 if (dstk && val != 64) {
324 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EAX),
325 STACK_VAR(dst_lo));
326 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EDX),
327 STACK_VAR(dst_hi));
328 }
329 switch (val) {
330 case 16:
331
332
333
334
335 EMIT2(0x0F, 0xB7);
336 EMIT1(add_2reg(0xC0, dreg_lo, dreg_lo));
337 if (!aux->verifier_zext)
338
339 EMIT2(0x33, add_2reg(0xC0, dreg_hi, dreg_hi));
340 break;
341 case 32:
342 if (!aux->verifier_zext)
343
344 EMIT2(0x33, add_2reg(0xC0, dreg_hi, dreg_hi));
345 break;
346 case 64:
347
348 break;
349 }
350
351 if (dstk && val != 64) {
352
353 EMIT3(0x89, add_2reg(0x40, IA32_EBP, dreg_lo),
354 STACK_VAR(dst_lo));
355
356 EMIT3(0x89, add_2reg(0x40, IA32_EBP, dreg_hi),
357 STACK_VAR(dst_hi));
358 }
359 *pprog = prog;
360}
361
362static inline void emit_ia32_to_be_r64(const u8 dst[], s32 val,
363 bool dstk, u8 **pprog,
364 const struct bpf_prog_aux *aux)
365{
366 u8 *prog = *pprog;
367 int cnt = 0;
368 u8 dreg_lo = dstk ? IA32_EAX : dst_lo;
369 u8 dreg_hi = dstk ? IA32_EDX : dst_hi;
370
371 if (dstk) {
372 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EAX),
373 STACK_VAR(dst_lo));
374 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EDX),
375 STACK_VAR(dst_hi));
376 }
377 switch (val) {
378 case 16:
379
380 EMIT1(0x66);
381 EMIT3(0xC1, add_1reg(0xC8, dreg_lo), 8);
382
383 EMIT2(0x0F, 0xB7);
384 EMIT1(add_2reg(0xC0, dreg_lo, dreg_lo));
385
386 if (!aux->verifier_zext)
387
388 EMIT2(0x33, add_2reg(0xC0, dreg_hi, dreg_hi));
389 break;
390 case 32:
391
392 EMIT1(0x0F);
393 EMIT1(add_1reg(0xC8, dreg_lo));
394
395 if (!aux->verifier_zext)
396
397 EMIT2(0x33, add_2reg(0xC0, dreg_hi, dreg_hi));
398 break;
399 case 64:
400
401 EMIT1(0x0F);
402 EMIT1(add_1reg(0xC8, dreg_lo));
403
404
405 EMIT1(0x0F);
406 EMIT1(add_1reg(0xC8, dreg_hi));
407
408
409 EMIT2(0x89, add_2reg(0xC0, IA32_ECX, dreg_hi));
410
411 EMIT2(0x89, add_2reg(0xC0, dreg_hi, dreg_lo));
412
413 EMIT2(0x89, add_2reg(0xC0, dreg_lo, IA32_ECX));
414
415 break;
416 }
417 if (dstk) {
418
419 EMIT3(0x89, add_2reg(0x40, IA32_EBP, dreg_lo),
420 STACK_VAR(dst_lo));
421
422 EMIT3(0x89, add_2reg(0x40, IA32_EBP, dreg_hi),
423 STACK_VAR(dst_hi));
424 }
425 *pprog = prog;
426}
427
428
429
430
431
432static inline void emit_ia32_div_mod_r(const u8 op, const u8 dst, const u8 src,
433 bool dstk, bool sstk, u8 **pprog)
434{
435 u8 *prog = *pprog;
436 int cnt = 0;
437
438 if (sstk)
439
440 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_ECX),
441 STACK_VAR(src));
442 else if (src != IA32_ECX)
443
444 EMIT2(0x8B, add_2reg(0xC0, src, IA32_ECX));
445
446 if (dstk)
447
448 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EAX),
449 STACK_VAR(dst));
450 else
451
452 EMIT2(0x8B, add_2reg(0xC0, dst, IA32_EAX));
453
454
455 EMIT2(0x31, add_2reg(0xC0, IA32_EDX, IA32_EDX));
456
457 EMIT2(0xF7, add_1reg(0xF0, IA32_ECX));
458
459 if (op == BPF_MOD) {
460 if (dstk)
461 EMIT3(0x89, add_2reg(0x40, IA32_EBP, IA32_EDX),
462 STACK_VAR(dst));
463 else
464 EMIT2(0x89, add_2reg(0xC0, dst, IA32_EDX));
465 } else {
466 if (dstk)
467 EMIT3(0x89, add_2reg(0x40, IA32_EBP, IA32_EAX),
468 STACK_VAR(dst));
469 else
470 EMIT2(0x89, add_2reg(0xC0, dst, IA32_EAX));
471 }
472 *pprog = prog;
473}
474
475
476
477
478
479static inline void emit_ia32_shift_r(const u8 op, const u8 dst, const u8 src,
480 bool dstk, bool sstk, u8 **pprog)
481{
482 u8 *prog = *pprog;
483 int cnt = 0;
484 u8 dreg = dstk ? IA32_EAX : dst;
485 u8 b2;
486
487 if (dstk)
488
489 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EAX), STACK_VAR(dst));
490
491 if (sstk)
492
493 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_ECX), STACK_VAR(src));
494 else if (src != IA32_ECX)
495
496 EMIT2(0x8B, add_2reg(0xC0, src, IA32_ECX));
497
498 switch (op) {
499 case BPF_LSH:
500 b2 = 0xE0; break;
501 case BPF_RSH:
502 b2 = 0xE8; break;
503 case BPF_ARSH:
504 b2 = 0xF8; break;
505 default:
506 return;
507 }
508 EMIT2(0xD3, add_1reg(b2, dreg));
509
510 if (dstk)
511
512 EMIT3(0x89, add_2reg(0x40, IA32_EBP, dreg), STACK_VAR(dst));
513 *pprog = prog;
514}
515
516
517
518
519
520static inline void emit_ia32_alu_r(const bool is64, const bool hi, const u8 op,
521 const u8 dst, const u8 src, bool dstk,
522 bool sstk, u8 **pprog)
523{
524 u8 *prog = *pprog;
525 int cnt = 0;
526 u8 sreg = sstk ? IA32_EAX : src;
527 u8 dreg = dstk ? IA32_EDX : dst;
528
529 if (sstk)
530
531 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EAX), STACK_VAR(src));
532
533 if (dstk)
534
535 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EDX), STACK_VAR(dst));
536
537 switch (BPF_OP(op)) {
538
539 case BPF_ADD:
540 if (hi && is64)
541 EMIT2(0x11, add_2reg(0xC0, dreg, sreg));
542 else
543 EMIT2(0x01, add_2reg(0xC0, dreg, sreg));
544 break;
545
546 case BPF_SUB:
547 if (hi && is64)
548 EMIT2(0x19, add_2reg(0xC0, dreg, sreg));
549 else
550 EMIT2(0x29, add_2reg(0xC0, dreg, sreg));
551 break;
552
553 case BPF_OR:
554 EMIT2(0x09, add_2reg(0xC0, dreg, sreg));
555 break;
556
557 case BPF_AND:
558 EMIT2(0x21, add_2reg(0xC0, dreg, sreg));
559 break;
560
561 case BPF_XOR:
562 EMIT2(0x31, add_2reg(0xC0, dreg, sreg));
563 break;
564 }
565
566 if (dstk)
567
568 EMIT3(0x89, add_2reg(0x40, IA32_EBP, dreg),
569 STACK_VAR(dst));
570 *pprog = prog;
571}
572
573
574static inline void emit_ia32_alu_r64(const bool is64, const u8 op,
575 const u8 dst[], const u8 src[],
576 bool dstk, bool sstk,
577 u8 **pprog, const struct bpf_prog_aux *aux)
578{
579 u8 *prog = *pprog;
580
581 emit_ia32_alu_r(is64, false, op, dst_lo, src_lo, dstk, sstk, &prog);
582 if (is64)
583 emit_ia32_alu_r(is64, true, op, dst_hi, src_hi, dstk, sstk,
584 &prog);
585 else if (!aux->verifier_zext)
586 emit_ia32_mov_i(dst_hi, 0, dstk, &prog);
587 *pprog = prog;
588}
589
590
591
592
593
594static inline void emit_ia32_alu_i(const bool is64, const bool hi, const u8 op,
595 const u8 dst, const s32 val, bool dstk,
596 u8 **pprog)
597{
598 u8 *prog = *pprog;
599 int cnt = 0;
600 u8 dreg = dstk ? IA32_EAX : dst;
601 u8 sreg = IA32_EDX;
602
603 if (dstk)
604
605 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EAX), STACK_VAR(dst));
606
607 if (!is_imm8(val))
608
609 EMIT2_off32(0xC7, add_1reg(0xC0, IA32_EDX), val);
610
611 switch (op) {
612
613 case BPF_ADD:
614 if (hi && is64) {
615 if (is_imm8(val))
616 EMIT3(0x83, add_1reg(0xD0, dreg), val);
617 else
618 EMIT2(0x11, add_2reg(0xC0, dreg, sreg));
619 } else {
620 if (is_imm8(val))
621 EMIT3(0x83, add_1reg(0xC0, dreg), val);
622 else
623 EMIT2(0x01, add_2reg(0xC0, dreg, sreg));
624 }
625 break;
626
627 case BPF_SUB:
628 if (hi && is64) {
629 if (is_imm8(val))
630 EMIT3(0x83, add_1reg(0xD8, dreg), val);
631 else
632 EMIT2(0x19, add_2reg(0xC0, dreg, sreg));
633 } else {
634 if (is_imm8(val))
635 EMIT3(0x83, add_1reg(0xE8, dreg), val);
636 else
637 EMIT2(0x29, add_2reg(0xC0, dreg, sreg));
638 }
639 break;
640
641 case BPF_OR:
642 if (is_imm8(val))
643 EMIT3(0x83, add_1reg(0xC8, dreg), val);
644 else
645 EMIT2(0x09, add_2reg(0xC0, dreg, sreg));
646 break;
647
648 case BPF_AND:
649 if (is_imm8(val))
650 EMIT3(0x83, add_1reg(0xE0, dreg), val);
651 else
652 EMIT2(0x21, add_2reg(0xC0, dreg, sreg));
653 break;
654
655 case BPF_XOR:
656 if (is_imm8(val))
657 EMIT3(0x83, add_1reg(0xF0, dreg), val);
658 else
659 EMIT2(0x31, add_2reg(0xC0, dreg, sreg));
660 break;
661 case BPF_NEG:
662 EMIT2(0xF7, add_1reg(0xD8, dreg));
663 break;
664 }
665
666 if (dstk)
667
668 EMIT3(0x89, add_2reg(0x40, IA32_EBP, dreg),
669 STACK_VAR(dst));
670 *pprog = prog;
671}
672
673
674static inline void emit_ia32_alu_i64(const bool is64, const u8 op,
675 const u8 dst[], const u32 val,
676 bool dstk, u8 **pprog,
677 const struct bpf_prog_aux *aux)
678{
679 u8 *prog = *pprog;
680 u32 hi = 0;
681
682 if (is64 && (val & (1<<31)))
683 hi = (u32)~0;
684
685 emit_ia32_alu_i(is64, false, op, dst_lo, val, dstk, &prog);
686 if (is64)
687 emit_ia32_alu_i(is64, true, op, dst_hi, hi, dstk, &prog);
688 else if (!aux->verifier_zext)
689 emit_ia32_mov_i(dst_hi, 0, dstk, &prog);
690
691 *pprog = prog;
692}
693
694
695static inline void emit_ia32_neg64(const u8 dst[], bool dstk, u8 **pprog)
696{
697 u8 *prog = *pprog;
698 int cnt = 0;
699 u8 dreg_lo = dstk ? IA32_EAX : dst_lo;
700 u8 dreg_hi = dstk ? IA32_EDX : dst_hi;
701
702 if (dstk) {
703 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EAX),
704 STACK_VAR(dst_lo));
705 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EDX),
706 STACK_VAR(dst_hi));
707 }
708
709
710 EMIT2(0x31, add_2reg(0xC0, IA32_ECX, IA32_ECX));
711
712 EMIT2(0x2B, add_2reg(0xC0, dreg_lo, IA32_ECX));
713
714 EMIT2(0x89, add_2reg(0xC0, dreg_lo, IA32_ECX));
715
716
717 EMIT2(0x31, add_2reg(0xC0, IA32_ECX, IA32_ECX));
718
719 EMIT2(0x19, add_2reg(0xC0, dreg_hi, IA32_ECX));
720
721 EMIT2(0x89, add_2reg(0xC0, dreg_hi, IA32_ECX));
722
723 if (dstk) {
724
725 EMIT3(0x89, add_2reg(0x40, IA32_EBP, dreg_lo),
726 STACK_VAR(dst_lo));
727
728 EMIT3(0x89, add_2reg(0x40, IA32_EBP, dreg_hi),
729 STACK_VAR(dst_hi));
730 }
731 *pprog = prog;
732}
733
734
735static inline void emit_ia32_lsh_r64(const u8 dst[], const u8 src[],
736 bool dstk, bool sstk, u8 **pprog)
737{
738 u8 *prog = *pprog;
739 int cnt = 0;
740 u8 dreg_lo = dstk ? IA32_EAX : dst_lo;
741 u8 dreg_hi = dstk ? IA32_EDX : dst_hi;
742
743 if (dstk) {
744 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EAX),
745 STACK_VAR(dst_lo));
746 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EDX),
747 STACK_VAR(dst_hi));
748 }
749
750 if (sstk)
751
752 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_ECX),
753 STACK_VAR(src_lo));
754 else
755
756 EMIT2(0x8B, add_2reg(0xC0, src_lo, IA32_ECX));
757
758
759 EMIT3(0x0F, 0xA5, add_2reg(0xC0, dreg_hi, dreg_lo));
760
761 EMIT2(0xD3, add_1reg(0xE0, dreg_lo));
762
763
764
765
766 EMIT3(0x83, add_1reg(0xF8, IA32_ECX), 32);
767
768 EMIT2(IA32_JB, 4);
769
770
771 EMIT2(0x89, add_2reg(0xC0, dreg_hi, dreg_lo));
772
773 EMIT2(0x33, add_2reg(0xC0, dreg_lo, dreg_lo));
774
775 if (dstk) {
776
777 EMIT3(0x89, add_2reg(0x40, IA32_EBP, dreg_lo),
778 STACK_VAR(dst_lo));
779
780 EMIT3(0x89, add_2reg(0x40, IA32_EBP, dreg_hi),
781 STACK_VAR(dst_hi));
782 }
783
784 *pprog = prog;
785}
786
787
788static inline void emit_ia32_arsh_r64(const u8 dst[], const u8 src[],
789 bool dstk, bool sstk, u8 **pprog)
790{
791 u8 *prog = *pprog;
792 int cnt = 0;
793 u8 dreg_lo = dstk ? IA32_EAX : dst_lo;
794 u8 dreg_hi = dstk ? IA32_EDX : dst_hi;
795
796 if (dstk) {
797 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EAX),
798 STACK_VAR(dst_lo));
799 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EDX),
800 STACK_VAR(dst_hi));
801 }
802
803 if (sstk)
804
805 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_ECX),
806 STACK_VAR(src_lo));
807 else
808
809 EMIT2(0x8B, add_2reg(0xC0, src_lo, IA32_ECX));
810
811
812 EMIT3(0x0F, 0xAD, add_2reg(0xC0, dreg_lo, dreg_hi));
813
814 EMIT2(0xD3, add_1reg(0xF8, dreg_hi));
815
816
817
818
819 EMIT3(0x83, add_1reg(0xF8, IA32_ECX), 32);
820
821 EMIT2(IA32_JB, 5);
822
823
824 EMIT2(0x89, add_2reg(0xC0, dreg_lo, dreg_hi));
825
826 EMIT3(0xC1, add_1reg(0xF8, dreg_hi), 31);
827
828 if (dstk) {
829
830 EMIT3(0x89, add_2reg(0x40, IA32_EBP, dreg_lo),
831 STACK_VAR(dst_lo));
832
833 EMIT3(0x89, add_2reg(0x40, IA32_EBP, dreg_hi),
834 STACK_VAR(dst_hi));
835 }
836
837 *pprog = prog;
838}
839
840
841static inline void emit_ia32_rsh_r64(const u8 dst[], const u8 src[], bool dstk,
842 bool sstk, u8 **pprog)
843{
844 u8 *prog = *pprog;
845 int cnt = 0;
846 u8 dreg_lo = dstk ? IA32_EAX : dst_lo;
847 u8 dreg_hi = dstk ? IA32_EDX : dst_hi;
848
849 if (dstk) {
850 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EAX),
851 STACK_VAR(dst_lo));
852 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EDX),
853 STACK_VAR(dst_hi));
854 }
855
856 if (sstk)
857
858 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_ECX),
859 STACK_VAR(src_lo));
860 else
861
862 EMIT2(0x8B, add_2reg(0xC0, src_lo, IA32_ECX));
863
864
865 EMIT3(0x0F, 0xAD, add_2reg(0xC0, dreg_lo, dreg_hi));
866
867 EMIT2(0xD3, add_1reg(0xE8, dreg_hi));
868
869
870
871
872 EMIT3(0x83, add_1reg(0xF8, IA32_ECX), 32);
873
874 EMIT2(IA32_JB, 4);
875
876
877 EMIT2(0x89, add_2reg(0xC0, dreg_lo, dreg_hi));
878
879 EMIT2(0x33, add_2reg(0xC0, dreg_hi, dreg_hi));
880
881 if (dstk) {
882
883 EMIT3(0x89, add_2reg(0x40, IA32_EBP, dreg_lo),
884 STACK_VAR(dst_lo));
885
886 EMIT3(0x89, add_2reg(0x40, IA32_EBP, dreg_hi),
887 STACK_VAR(dst_hi));
888 }
889
890 *pprog = prog;
891}
892
893
894static inline void emit_ia32_lsh_i64(const u8 dst[], const u32 val,
895 bool dstk, u8 **pprog)
896{
897 u8 *prog = *pprog;
898 int cnt = 0;
899 u8 dreg_lo = dstk ? IA32_EAX : dst_lo;
900 u8 dreg_hi = dstk ? IA32_EDX : dst_hi;
901
902 if (dstk) {
903 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EAX),
904 STACK_VAR(dst_lo));
905 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EDX),
906 STACK_VAR(dst_hi));
907 }
908
909 if (val < 32) {
910
911 EMIT4(0x0F, 0xA4, add_2reg(0xC0, dreg_hi, dreg_lo), val);
912
913 EMIT3(0xC1, add_1reg(0xE0, dreg_lo), val);
914 } else if (val >= 32 && val < 64) {
915 u32 value = val - 32;
916
917
918 EMIT3(0xC1, add_1reg(0xE0, dreg_lo), value);
919
920 EMIT2(0x89, add_2reg(0xC0, dreg_hi, dreg_lo));
921
922 EMIT2(0x33, add_2reg(0xC0, dreg_lo, dreg_lo));
923 } else {
924
925 EMIT2(0x33, add_2reg(0xC0, dreg_lo, dreg_lo));
926
927 EMIT2(0x33, add_2reg(0xC0, dreg_hi, dreg_hi));
928 }
929
930 if (dstk) {
931
932 EMIT3(0x89, add_2reg(0x40, IA32_EBP, dreg_lo),
933 STACK_VAR(dst_lo));
934
935 EMIT3(0x89, add_2reg(0x40, IA32_EBP, dreg_hi),
936 STACK_VAR(dst_hi));
937 }
938 *pprog = prog;
939}
940
941
942static inline void emit_ia32_rsh_i64(const u8 dst[], const u32 val,
943 bool dstk, u8 **pprog)
944{
945 u8 *prog = *pprog;
946 int cnt = 0;
947 u8 dreg_lo = dstk ? IA32_EAX : dst_lo;
948 u8 dreg_hi = dstk ? IA32_EDX : dst_hi;
949
950 if (dstk) {
951 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EAX),
952 STACK_VAR(dst_lo));
953 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EDX),
954 STACK_VAR(dst_hi));
955 }
956
957
958 if (val < 32) {
959
960 EMIT4(0x0F, 0xAC, add_2reg(0xC0, dreg_lo, dreg_hi), val);
961
962 EMIT3(0xC1, add_1reg(0xE8, dreg_hi), val);
963 } else if (val >= 32 && val < 64) {
964 u32 value = val - 32;
965
966
967 EMIT3(0xC1, add_1reg(0xE8, dreg_hi), value);
968
969 EMIT2(0x89, add_2reg(0xC0, dreg_lo, dreg_hi));
970
971 EMIT2(0x33, add_2reg(0xC0, dreg_hi, dreg_hi));
972 } else {
973
974 EMIT2(0x33, add_2reg(0xC0, dreg_lo, dreg_lo));
975
976 EMIT2(0x33, add_2reg(0xC0, dreg_hi, dreg_hi));
977 }
978
979 if (dstk) {
980
981 EMIT3(0x89, add_2reg(0x40, IA32_EBP, dreg_lo),
982 STACK_VAR(dst_lo));
983
984 EMIT3(0x89, add_2reg(0x40, IA32_EBP, dreg_hi),
985 STACK_VAR(dst_hi));
986 }
987 *pprog = prog;
988}
989
990
991static inline void emit_ia32_arsh_i64(const u8 dst[], const u32 val,
992 bool dstk, u8 **pprog)
993{
994 u8 *prog = *pprog;
995 int cnt = 0;
996 u8 dreg_lo = dstk ? IA32_EAX : dst_lo;
997 u8 dreg_hi = dstk ? IA32_EDX : dst_hi;
998
999 if (dstk) {
1000 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EAX),
1001 STACK_VAR(dst_lo));
1002 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EDX),
1003 STACK_VAR(dst_hi));
1004 }
1005
1006 if (val < 32) {
1007
1008 EMIT4(0x0F, 0xAC, add_2reg(0xC0, dreg_lo, dreg_hi), val);
1009
1010 EMIT3(0xC1, add_1reg(0xF8, dreg_hi), val);
1011 } else if (val >= 32 && val < 64) {
1012 u32 value = val - 32;
1013
1014
1015 EMIT3(0xC1, add_1reg(0xF8, dreg_hi), value);
1016
1017 EMIT2(0x89, add_2reg(0xC0, dreg_lo, dreg_hi));
1018
1019
1020 EMIT3(0xC1, add_1reg(0xF8, dreg_hi), 31);
1021 } else {
1022
1023 EMIT3(0xC1, add_1reg(0xF8, dreg_hi), 31);
1024
1025 EMIT2(0x89, add_2reg(0xC0, dreg_lo, dreg_hi));
1026 }
1027
1028 if (dstk) {
1029
1030 EMIT3(0x89, add_2reg(0x40, IA32_EBP, dreg_lo),
1031 STACK_VAR(dst_lo));
1032
1033 EMIT3(0x89, add_2reg(0x40, IA32_EBP, dreg_hi),
1034 STACK_VAR(dst_hi));
1035 }
1036 *pprog = prog;
1037}
1038
1039static inline void emit_ia32_mul_r64(const u8 dst[], const u8 src[], bool dstk,
1040 bool sstk, u8 **pprog)
1041{
1042 u8 *prog = *pprog;
1043 int cnt = 0;
1044
1045 if (dstk)
1046
1047 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EAX),
1048 STACK_VAR(dst_hi));
1049 else
1050
1051 EMIT2(0x8B, add_2reg(0xC0, dst_hi, IA32_EAX));
1052
1053 if (sstk)
1054
1055 EMIT3(0xF7, add_1reg(0x60, IA32_EBP), STACK_VAR(src_lo));
1056 else
1057
1058 EMIT2(0xF7, add_1reg(0xE0, src_lo));
1059
1060
1061 EMIT2(0x89, add_2reg(0xC0, IA32_ECX, IA32_EAX));
1062
1063 if (dstk)
1064
1065 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EAX),
1066 STACK_VAR(dst_lo));
1067 else
1068
1069 EMIT2(0x8B, add_2reg(0xC0, dst_lo, IA32_EAX));
1070
1071 if (sstk)
1072
1073 EMIT3(0xF7, add_1reg(0x60, IA32_EBP), STACK_VAR(src_hi));
1074 else
1075
1076 EMIT2(0xF7, add_1reg(0xE0, src_hi));
1077
1078
1079 EMIT2(0x01, add_2reg(0xC0, IA32_ECX, IA32_EAX));
1080
1081 if (dstk)
1082
1083 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EAX),
1084 STACK_VAR(dst_lo));
1085 else
1086
1087 EMIT2(0x8B, add_2reg(0xC0, dst_lo, IA32_EAX));
1088
1089 if (sstk)
1090
1091 EMIT3(0xF7, add_1reg(0x60, IA32_EBP), STACK_VAR(src_lo));
1092 else
1093
1094 EMIT2(0xF7, add_1reg(0xE0, src_lo));
1095
1096
1097 EMIT2(0x01, add_2reg(0xC0, IA32_ECX, IA32_EDX));
1098
1099 if (dstk) {
1100
1101 EMIT3(0x89, add_2reg(0x40, IA32_EBP, IA32_EAX),
1102 STACK_VAR(dst_lo));
1103
1104 EMIT3(0x89, add_2reg(0x40, IA32_EBP, IA32_ECX),
1105 STACK_VAR(dst_hi));
1106 } else {
1107
1108 EMIT2(0x89, add_2reg(0xC0, dst_lo, IA32_EAX));
1109
1110 EMIT2(0x89, add_2reg(0xC0, dst_hi, IA32_ECX));
1111 }
1112
1113 *pprog = prog;
1114}
1115
1116static inline void emit_ia32_mul_i64(const u8 dst[], const u32 val,
1117 bool dstk, u8 **pprog)
1118{
1119 u8 *prog = *pprog;
1120 int cnt = 0;
1121 u32 hi;
1122
1123 hi = val & (1<<31) ? (u32)~0 : 0;
1124
1125 EMIT2_off32(0xC7, add_1reg(0xC0, IA32_EAX), val);
1126 if (dstk)
1127
1128 EMIT3(0xF7, add_1reg(0x60, IA32_EBP), STACK_VAR(dst_hi));
1129 else
1130
1131 EMIT2(0xF7, add_1reg(0xE0, dst_hi));
1132
1133
1134 EMIT2(0x89, add_2reg(0xC0, IA32_ECX, IA32_EAX));
1135
1136
1137 EMIT2_off32(0xC7, add_1reg(0xC0, IA32_EAX), hi);
1138 if (dstk)
1139
1140 EMIT3(0xF7, add_1reg(0x60, IA32_EBP), STACK_VAR(dst_lo));
1141 else
1142
1143 EMIT2(0xF7, add_1reg(0xE0, dst_lo));
1144
1145 EMIT2(0x01, add_2reg(0xC0, IA32_ECX, IA32_EAX));
1146
1147
1148 EMIT2_off32(0xC7, add_1reg(0xC0, IA32_EAX), val);
1149 if (dstk)
1150
1151 EMIT3(0xF7, add_1reg(0x60, IA32_EBP), STACK_VAR(dst_lo));
1152 else
1153
1154 EMIT2(0xF7, add_1reg(0xE0, dst_lo));
1155
1156
1157 EMIT2(0x01, add_2reg(0xC0, IA32_ECX, IA32_EDX));
1158
1159 if (dstk) {
1160
1161 EMIT3(0x89, add_2reg(0x40, IA32_EBP, IA32_EAX),
1162 STACK_VAR(dst_lo));
1163
1164 EMIT3(0x89, add_2reg(0x40, IA32_EBP, IA32_ECX),
1165 STACK_VAR(dst_hi));
1166 } else {
1167
1168 EMIT2(0x89, add_2reg(0xC0, dst_lo, IA32_EAX));
1169
1170 EMIT2(0x89, add_2reg(0xC0, dst_hi, IA32_ECX));
1171 }
1172
1173 *pprog = prog;
1174}
1175
1176static int bpf_size_to_x86_bytes(int bpf_size)
1177{
1178 if (bpf_size == BPF_W)
1179 return 4;
1180 else if (bpf_size == BPF_H)
1181 return 2;
1182 else if (bpf_size == BPF_B)
1183 return 1;
1184 else if (bpf_size == BPF_DW)
1185 return 4;
1186 else
1187 return 0;
1188}
1189
1190struct jit_context {
1191 int cleanup_addr;
1192};
1193
1194
1195#define BPF_MAX_INSN_SIZE 128
1196#define BPF_INSN_SAFETY 64
1197
1198#define PROLOGUE_SIZE 35
1199
1200
1201
1202
1203
1204static void emit_prologue(u8 **pprog, u32 stack_depth)
1205{
1206 u8 *prog = *pprog;
1207 int cnt = 0;
1208 const u8 *r1 = bpf2ia32[BPF_REG_1];
1209 const u8 fplo = bpf2ia32[BPF_REG_FP][0];
1210 const u8 fphi = bpf2ia32[BPF_REG_FP][1];
1211 const u8 *tcc = bpf2ia32[TCALL_CNT];
1212
1213
1214 EMIT1(0x55);
1215
1216 EMIT2(0x89, 0xE5);
1217
1218 EMIT1(0x57);
1219
1220 EMIT1(0x56);
1221
1222 EMIT1(0x53);
1223
1224
1225 EMIT2_off32(0x81, 0xEC, STACK_SIZE);
1226
1227 EMIT3(0x83, add_1reg(0xE8, IA32_EBP), SCRATCH_SIZE + 12);
1228
1229 EMIT2(0x31, add_2reg(0xC0, IA32_EBX, IA32_EBX));
1230
1231
1232 EMIT3(0x89, add_2reg(0x40, IA32_EBP, IA32_EBP), STACK_VAR(fplo));
1233 EMIT3(0x89, add_2reg(0x40, IA32_EBP, IA32_EBX), STACK_VAR(fphi));
1234
1235
1236
1237 EMIT3(0x89, add_2reg(0x40, IA32_EBP, IA32_EAX), STACK_VAR(r1[0]));
1238 EMIT3(0x89, add_2reg(0x40, IA32_EBP, IA32_EBX), STACK_VAR(r1[1]));
1239
1240
1241 EMIT3(0x89, add_2reg(0x40, IA32_EBP, IA32_EBX), STACK_VAR(tcc[0]));
1242 EMIT3(0x89, add_2reg(0x40, IA32_EBP, IA32_EBX), STACK_VAR(tcc[1]));
1243
1244 BUILD_BUG_ON(cnt != PROLOGUE_SIZE);
1245 *pprog = prog;
1246}
1247
1248
1249static void emit_epilogue(u8 **pprog, u32 stack_depth)
1250{
1251 u8 *prog = *pprog;
1252 const u8 *r0 = bpf2ia32[BPF_REG_0];
1253 int cnt = 0;
1254
1255
1256 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EAX), STACK_VAR(r0[0]));
1257
1258 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EDX), STACK_VAR(r0[1]));
1259
1260
1261 EMIT3(0x83, add_1reg(0xC0, IA32_EBP), SCRATCH_SIZE + 12);
1262
1263
1264 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EBX), -12);
1265
1266 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_ESI), -8);
1267
1268 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EDI), -4);
1269
1270 EMIT1(0xC9);
1271 EMIT1(0xC3);
1272 *pprog = prog;
1273}
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288static void emit_bpf_tail_call(u8 **pprog)
1289{
1290 u8 *prog = *pprog;
1291 int cnt = 0;
1292 const u8 *r1 = bpf2ia32[BPF_REG_1];
1293 const u8 *r2 = bpf2ia32[BPF_REG_2];
1294 const u8 *r3 = bpf2ia32[BPF_REG_3];
1295 const u8 *tcc = bpf2ia32[TCALL_CNT];
1296 u32 lo, hi;
1297 static int jmp_label1 = -1;
1298
1299
1300
1301
1302
1303
1304 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EAX), STACK_VAR(r2[0]));
1305
1306 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EDX), STACK_VAR(r3[0]));
1307
1308
1309 EMIT3(0x39, add_2reg(0x40, IA32_EAX, IA32_EDX),
1310 offsetof(struct bpf_array, map.max_entries));
1311
1312 EMIT2(IA32_JBE, jmp_label(jmp_label1, 2));
1313
1314
1315
1316
1317
1318 lo = (u32)MAX_TAIL_CALL_CNT;
1319 hi = (u32)((u64)MAX_TAIL_CALL_CNT >> 32);
1320 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_ECX), STACK_VAR(tcc[0]));
1321 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EBX), STACK_VAR(tcc[1]));
1322
1323
1324 EMIT3(0x83, add_1reg(0xF8, IA32_EBX), hi);
1325 EMIT2(IA32_JNE, 3);
1326
1327 EMIT3(0x83, add_1reg(0xF8, IA32_ECX), lo);
1328
1329
1330 EMIT2(IA32_JAE, jmp_label(jmp_label1, 2));
1331
1332
1333 EMIT3(0x83, add_1reg(0xC0, IA32_ECX), 0x01);
1334
1335 EMIT3(0x83, add_1reg(0xD0, IA32_EBX), 0x00);
1336
1337
1338 EMIT3(0x89, add_2reg(0x40, IA32_EBP, IA32_ECX), STACK_VAR(tcc[0]));
1339
1340 EMIT3(0x89, add_2reg(0x40, IA32_EBP, IA32_EBX), STACK_VAR(tcc[1]));
1341
1342
1343
1344 EMIT3_off32(0x8B, 0x94, 0x90, offsetof(struct bpf_array, ptrs));
1345
1346
1347
1348
1349
1350
1351 EMIT2(0x85, add_2reg(0xC0, IA32_EDX, IA32_EDX));
1352
1353 EMIT2(IA32_JE, jmp_label(jmp_label1, 2));
1354
1355
1356
1357 EMIT3(0x8B, add_2reg(0x40, IA32_EDX, IA32_EDX),
1358 offsetof(struct bpf_prog, bpf_func));
1359
1360 EMIT3(0x83, add_1reg(0xC0, IA32_EDX), PROLOGUE_SIZE);
1361
1362
1363 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EAX), STACK_VAR(r1[0]));
1364
1365
1366
1367
1368
1369
1370 RETPOLINE_EDX_BPF_JIT();
1371
1372 if (jmp_label1 == -1)
1373 jmp_label1 = cnt;
1374
1375
1376 *pprog = prog;
1377}
1378
1379
1380static inline void emit_push_r64(const u8 src[], u8 **pprog)
1381{
1382 u8 *prog = *pprog;
1383 int cnt = 0;
1384
1385
1386 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_ECX), STACK_VAR(src_hi));
1387
1388 EMIT1(0x51);
1389
1390
1391 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_ECX), STACK_VAR(src_lo));
1392
1393 EMIT1(0x51);
1394
1395 *pprog = prog;
1396}
1397
1398static int do_jit(struct bpf_prog *bpf_prog, int *addrs, u8 *image,
1399 int oldproglen, struct jit_context *ctx)
1400{
1401 struct bpf_insn *insn = bpf_prog->insnsi;
1402 int insn_cnt = bpf_prog->len;
1403 bool seen_exit = false;
1404 u8 temp[BPF_MAX_INSN_SIZE + BPF_INSN_SAFETY];
1405 int i, cnt = 0;
1406 int proglen = 0;
1407 u8 *prog = temp;
1408
1409 emit_prologue(&prog, bpf_prog->aux->stack_depth);
1410
1411 for (i = 0; i < insn_cnt; i++, insn++) {
1412 const s32 imm32 = insn->imm;
1413 const bool is64 = BPF_CLASS(insn->code) == BPF_ALU64;
1414 const bool dstk = insn->dst_reg == BPF_REG_AX ? false : true;
1415 const bool sstk = insn->src_reg == BPF_REG_AX ? false : true;
1416 const u8 code = insn->code;
1417 const u8 *dst = bpf2ia32[insn->dst_reg];
1418 const u8 *src = bpf2ia32[insn->src_reg];
1419 const u8 *r0 = bpf2ia32[BPF_REG_0];
1420 s64 jmp_offset;
1421 u8 jmp_cond;
1422 int ilen;
1423 u8 *func;
1424
1425 switch (code) {
1426
1427
1428 case BPF_ALU | BPF_MOV | BPF_K:
1429 case BPF_ALU | BPF_MOV | BPF_X:
1430 case BPF_ALU64 | BPF_MOV | BPF_K:
1431 case BPF_ALU64 | BPF_MOV | BPF_X:
1432 switch (BPF_SRC(code)) {
1433 case BPF_X:
1434 if (imm32 == 1) {
1435
1436 emit_ia32_mov_i(dst_hi, 0, dstk, &prog);
1437 break;
1438 }
1439 emit_ia32_mov_r64(is64, dst, src, dstk, sstk,
1440 &prog, bpf_prog->aux);
1441 break;
1442 case BPF_K:
1443
1444 emit_ia32_mov_i64(is64, dst, imm32,
1445 dstk, &prog);
1446 break;
1447 }
1448 break;
1449
1450
1451
1452
1453
1454
1455
1456
1457 case BPF_ALU | BPF_ADD | BPF_K:
1458 case BPF_ALU | BPF_ADD | BPF_X:
1459 case BPF_ALU | BPF_SUB | BPF_K:
1460 case BPF_ALU | BPF_SUB | BPF_X:
1461 case BPF_ALU | BPF_OR | BPF_K:
1462 case BPF_ALU | BPF_OR | BPF_X:
1463 case BPF_ALU | BPF_AND | BPF_K:
1464 case BPF_ALU | BPF_AND | BPF_X:
1465 case BPF_ALU | BPF_XOR | BPF_K:
1466 case BPF_ALU | BPF_XOR | BPF_X:
1467 case BPF_ALU64 | BPF_ADD | BPF_K:
1468 case BPF_ALU64 | BPF_ADD | BPF_X:
1469 case BPF_ALU64 | BPF_SUB | BPF_K:
1470 case BPF_ALU64 | BPF_SUB | BPF_X:
1471 case BPF_ALU64 | BPF_OR | BPF_K:
1472 case BPF_ALU64 | BPF_OR | BPF_X:
1473 case BPF_ALU64 | BPF_AND | BPF_K:
1474 case BPF_ALU64 | BPF_AND | BPF_X:
1475 case BPF_ALU64 | BPF_XOR | BPF_K:
1476 case BPF_ALU64 | BPF_XOR | BPF_X:
1477 switch (BPF_SRC(code)) {
1478 case BPF_X:
1479 emit_ia32_alu_r64(is64, BPF_OP(code), dst,
1480 src, dstk, sstk, &prog,
1481 bpf_prog->aux);
1482 break;
1483 case BPF_K:
1484 emit_ia32_alu_i64(is64, BPF_OP(code), dst,
1485 imm32, dstk, &prog,
1486 bpf_prog->aux);
1487 break;
1488 }
1489 break;
1490 case BPF_ALU | BPF_MUL | BPF_K:
1491 case BPF_ALU | BPF_MUL | BPF_X:
1492 switch (BPF_SRC(code)) {
1493 case BPF_X:
1494 emit_ia32_mul_r(dst_lo, src_lo, dstk,
1495 sstk, &prog);
1496 break;
1497 case BPF_K:
1498
1499 EMIT2_off32(0xC7, add_1reg(0xC0, IA32_ECX),
1500 imm32);
1501 emit_ia32_mul_r(dst_lo, IA32_ECX, dstk,
1502 false, &prog);
1503 break;
1504 }
1505 if (!bpf_prog->aux->verifier_zext)
1506 emit_ia32_mov_i(dst_hi, 0, dstk, &prog);
1507 break;
1508 case BPF_ALU | BPF_LSH | BPF_X:
1509 case BPF_ALU | BPF_RSH | BPF_X:
1510 case BPF_ALU | BPF_ARSH | BPF_K:
1511 case BPF_ALU | BPF_ARSH | BPF_X:
1512 switch (BPF_SRC(code)) {
1513 case BPF_X:
1514 emit_ia32_shift_r(BPF_OP(code), dst_lo, src_lo,
1515 dstk, sstk, &prog);
1516 break;
1517 case BPF_K:
1518
1519 EMIT2_off32(0xC7, add_1reg(0xC0, IA32_ECX),
1520 imm32);
1521 emit_ia32_shift_r(BPF_OP(code), dst_lo,
1522 IA32_ECX, dstk, false,
1523 &prog);
1524 break;
1525 }
1526 if (!bpf_prog->aux->verifier_zext)
1527 emit_ia32_mov_i(dst_hi, 0, dstk, &prog);
1528 break;
1529
1530
1531 case BPF_ALU | BPF_DIV | BPF_K:
1532 case BPF_ALU | BPF_DIV | BPF_X:
1533 case BPF_ALU | BPF_MOD | BPF_K:
1534 case BPF_ALU | BPF_MOD | BPF_X:
1535 switch (BPF_SRC(code)) {
1536 case BPF_X:
1537 emit_ia32_div_mod_r(BPF_OP(code), dst_lo,
1538 src_lo, dstk, sstk, &prog);
1539 break;
1540 case BPF_K:
1541
1542 EMIT2_off32(0xC7, add_1reg(0xC0, IA32_ECX),
1543 imm32);
1544 emit_ia32_div_mod_r(BPF_OP(code), dst_lo,
1545 IA32_ECX, dstk, false,
1546 &prog);
1547 break;
1548 }
1549 if (!bpf_prog->aux->verifier_zext)
1550 emit_ia32_mov_i(dst_hi, 0, dstk, &prog);
1551 break;
1552 case BPF_ALU64 | BPF_DIV | BPF_K:
1553 case BPF_ALU64 | BPF_DIV | BPF_X:
1554 case BPF_ALU64 | BPF_MOD | BPF_K:
1555 case BPF_ALU64 | BPF_MOD | BPF_X:
1556 goto notyet;
1557
1558
1559 case BPF_ALU | BPF_RSH | BPF_K:
1560 case BPF_ALU | BPF_LSH | BPF_K:
1561 if (unlikely(imm32 > 31))
1562 return -EINVAL;
1563
1564 EMIT2_off32(0xC7, add_1reg(0xC0, IA32_ECX), imm32);
1565 emit_ia32_shift_r(BPF_OP(code), dst_lo, IA32_ECX, dstk,
1566 false, &prog);
1567 if (!bpf_prog->aux->verifier_zext)
1568 emit_ia32_mov_i(dst_hi, 0, dstk, &prog);
1569 break;
1570
1571 case BPF_ALU64 | BPF_LSH | BPF_K:
1572 if (unlikely(imm32 > 63))
1573 return -EINVAL;
1574 emit_ia32_lsh_i64(dst, imm32, dstk, &prog);
1575 break;
1576
1577 case BPF_ALU64 | BPF_RSH | BPF_K:
1578 if (unlikely(imm32 > 63))
1579 return -EINVAL;
1580 emit_ia32_rsh_i64(dst, imm32, dstk, &prog);
1581 break;
1582
1583 case BPF_ALU64 | BPF_LSH | BPF_X:
1584 emit_ia32_lsh_r64(dst, src, dstk, sstk, &prog);
1585 break;
1586
1587 case BPF_ALU64 | BPF_RSH | BPF_X:
1588 emit_ia32_rsh_r64(dst, src, dstk, sstk, &prog);
1589 break;
1590
1591 case BPF_ALU64 | BPF_ARSH | BPF_X:
1592 emit_ia32_arsh_r64(dst, src, dstk, sstk, &prog);
1593 break;
1594
1595 case BPF_ALU64 | BPF_ARSH | BPF_K:
1596 if (unlikely(imm32 > 63))
1597 return -EINVAL;
1598 emit_ia32_arsh_i64(dst, imm32, dstk, &prog);
1599 break;
1600
1601 case BPF_ALU | BPF_NEG:
1602 emit_ia32_alu_i(is64, false, BPF_OP(code),
1603 dst_lo, 0, dstk, &prog);
1604 if (!bpf_prog->aux->verifier_zext)
1605 emit_ia32_mov_i(dst_hi, 0, dstk, &prog);
1606 break;
1607
1608 case BPF_ALU64 | BPF_NEG:
1609 emit_ia32_neg64(dst, dstk, &prog);
1610 break;
1611
1612 case BPF_ALU64 | BPF_MUL | BPF_X:
1613 case BPF_ALU64 | BPF_MUL | BPF_K:
1614 switch (BPF_SRC(code)) {
1615 case BPF_X:
1616 emit_ia32_mul_r64(dst, src, dstk, sstk, &prog);
1617 break;
1618 case BPF_K:
1619 emit_ia32_mul_i64(dst, imm32, dstk, &prog);
1620 break;
1621 }
1622 break;
1623
1624 case BPF_ALU | BPF_END | BPF_FROM_LE:
1625 emit_ia32_to_le_r64(dst, imm32, dstk, &prog,
1626 bpf_prog->aux);
1627 break;
1628
1629 case BPF_ALU | BPF_END | BPF_FROM_BE:
1630 emit_ia32_to_be_r64(dst, imm32, dstk, &prog,
1631 bpf_prog->aux);
1632 break;
1633
1634 case BPF_LD | BPF_IMM | BPF_DW: {
1635 s32 hi, lo = imm32;
1636
1637 hi = insn[1].imm;
1638 emit_ia32_mov_i(dst_lo, lo, dstk, &prog);
1639 emit_ia32_mov_i(dst_hi, hi, dstk, &prog);
1640 insn++;
1641 i++;
1642 break;
1643 }
1644
1645 case BPF_ST | BPF_MEM | BPF_H:
1646 case BPF_ST | BPF_MEM | BPF_B:
1647 case BPF_ST | BPF_MEM | BPF_W:
1648 case BPF_ST | BPF_MEM | BPF_DW:
1649 if (dstk)
1650
1651 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EAX),
1652 STACK_VAR(dst_lo));
1653 else
1654
1655 EMIT2(0x8B, add_2reg(0xC0, dst_lo, IA32_EAX));
1656
1657 switch (BPF_SIZE(code)) {
1658 case BPF_B:
1659 EMIT(0xC6, 1); break;
1660 case BPF_H:
1661 EMIT2(0x66, 0xC7); break;
1662 case BPF_W:
1663 case BPF_DW:
1664 EMIT(0xC7, 1); break;
1665 }
1666
1667 if (is_imm8(insn->off))
1668 EMIT2(add_1reg(0x40, IA32_EAX), insn->off);
1669 else
1670 EMIT1_off32(add_1reg(0x80, IA32_EAX),
1671 insn->off);
1672 EMIT(imm32, bpf_size_to_x86_bytes(BPF_SIZE(code)));
1673
1674 if (BPF_SIZE(code) == BPF_DW) {
1675 u32 hi;
1676
1677 hi = imm32 & (1<<31) ? (u32)~0 : 0;
1678 EMIT2_off32(0xC7, add_1reg(0x80, IA32_EAX),
1679 insn->off + 4);
1680 EMIT(hi, 4);
1681 }
1682 break;
1683
1684
1685 case BPF_STX | BPF_MEM | BPF_B:
1686 case BPF_STX | BPF_MEM | BPF_H:
1687 case BPF_STX | BPF_MEM | BPF_W:
1688 case BPF_STX | BPF_MEM | BPF_DW:
1689 if (dstk)
1690
1691 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EAX),
1692 STACK_VAR(dst_lo));
1693 else
1694
1695 EMIT2(0x8B, add_2reg(0xC0, dst_lo, IA32_EAX));
1696
1697 if (sstk)
1698
1699 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EDX),
1700 STACK_VAR(src_lo));
1701 else
1702
1703 EMIT2(0x8B, add_2reg(0xC0, src_lo, IA32_EDX));
1704
1705 switch (BPF_SIZE(code)) {
1706 case BPF_B:
1707 EMIT(0x88, 1); break;
1708 case BPF_H:
1709 EMIT2(0x66, 0x89); break;
1710 case BPF_W:
1711 case BPF_DW:
1712 EMIT(0x89, 1); break;
1713 }
1714
1715 if (is_imm8(insn->off))
1716 EMIT2(add_2reg(0x40, IA32_EAX, IA32_EDX),
1717 insn->off);
1718 else
1719 EMIT1_off32(add_2reg(0x80, IA32_EAX, IA32_EDX),
1720 insn->off);
1721
1722 if (BPF_SIZE(code) == BPF_DW) {
1723 if (sstk)
1724
1725 EMIT3(0x8B, add_2reg(0x40, IA32_EBP,
1726 IA32_EDX),
1727 STACK_VAR(src_hi));
1728 else
1729
1730 EMIT2(0x8B, add_2reg(0xC0, src_hi,
1731 IA32_EDX));
1732 EMIT1(0x89);
1733 if (is_imm8(insn->off + 4)) {
1734 EMIT2(add_2reg(0x40, IA32_EAX,
1735 IA32_EDX),
1736 insn->off + 4);
1737 } else {
1738 EMIT1(add_2reg(0x80, IA32_EAX,
1739 IA32_EDX));
1740 EMIT(insn->off + 4, 4);
1741 }
1742 }
1743 break;
1744
1745
1746 case BPF_LDX | BPF_MEM | BPF_B:
1747 case BPF_LDX | BPF_MEM | BPF_H:
1748 case BPF_LDX | BPF_MEM | BPF_W:
1749 case BPF_LDX | BPF_MEM | BPF_DW:
1750 if (sstk)
1751
1752 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EAX),
1753 STACK_VAR(src_lo));
1754 else
1755
1756 EMIT2(0x8B, add_2reg(0xC0, src_lo, IA32_EAX));
1757
1758 switch (BPF_SIZE(code)) {
1759 case BPF_B:
1760 EMIT2(0x0F, 0xB6); break;
1761 case BPF_H:
1762 EMIT2(0x0F, 0xB7); break;
1763 case BPF_W:
1764 case BPF_DW:
1765 EMIT(0x8B, 1); break;
1766 }
1767
1768 if (is_imm8(insn->off))
1769 EMIT2(add_2reg(0x40, IA32_EAX, IA32_EDX),
1770 insn->off);
1771 else
1772 EMIT1_off32(add_2reg(0x80, IA32_EAX, IA32_EDX),
1773 insn->off);
1774
1775 if (dstk)
1776
1777 EMIT3(0x89, add_2reg(0x40, IA32_EBP, IA32_EDX),
1778 STACK_VAR(dst_lo));
1779 else
1780
1781 EMIT2(0x89, add_2reg(0xC0, dst_lo, IA32_EDX));
1782 switch (BPF_SIZE(code)) {
1783 case BPF_B:
1784 case BPF_H:
1785 case BPF_W:
1786 if (!bpf_prog->aux->verifier_zext)
1787 break;
1788 if (dstk) {
1789 EMIT3(0xC7, add_1reg(0x40, IA32_EBP),
1790 STACK_VAR(dst_hi));
1791 EMIT(0x0, 4);
1792 } else {
1793 EMIT3(0xC7, add_1reg(0xC0, dst_hi), 0);
1794 }
1795 break;
1796 case BPF_DW:
1797 EMIT2_off32(0x8B,
1798 add_2reg(0x80, IA32_EAX, IA32_EDX),
1799 insn->off + 4);
1800 if (dstk)
1801 EMIT3(0x89,
1802 add_2reg(0x40, IA32_EBP,
1803 IA32_EDX),
1804 STACK_VAR(dst_hi));
1805 else
1806 EMIT2(0x89,
1807 add_2reg(0xC0, dst_hi, IA32_EDX));
1808 break;
1809 default:
1810 break;
1811 }
1812 break;
1813
1814 case BPF_JMP | BPF_CALL:
1815 {
1816 const u8 *r1 = bpf2ia32[BPF_REG_1];
1817 const u8 *r2 = bpf2ia32[BPF_REG_2];
1818 const u8 *r3 = bpf2ia32[BPF_REG_3];
1819 const u8 *r4 = bpf2ia32[BPF_REG_4];
1820 const u8 *r5 = bpf2ia32[BPF_REG_5];
1821
1822 if (insn->src_reg == BPF_PSEUDO_CALL)
1823 goto notyet;
1824
1825 func = (u8 *) __bpf_call_base + imm32;
1826 jmp_offset = func - (image + addrs[i]);
1827
1828 if (!imm32 || !is_simm32(jmp_offset)) {
1829 pr_err("unsupported BPF func %d addr %p image %p\n",
1830 imm32, func, image);
1831 return -EINVAL;
1832 }
1833
1834
1835 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EAX),
1836 STACK_VAR(r1[0]));
1837
1838 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EDX),
1839 STACK_VAR(r1[1]));
1840
1841 emit_push_r64(r5, &prog);
1842 emit_push_r64(r4, &prog);
1843 emit_push_r64(r3, &prog);
1844 emit_push_r64(r2, &prog);
1845
1846 EMIT1_off32(0xE8, jmp_offset + 9);
1847
1848
1849 EMIT3(0x89, add_2reg(0x40, IA32_EBP, IA32_EAX),
1850 STACK_VAR(r0[0]));
1851
1852 EMIT3(0x89, add_2reg(0x40, IA32_EBP, IA32_EDX),
1853 STACK_VAR(r0[1]));
1854
1855
1856 EMIT3(0x83, add_1reg(0xC0, IA32_ESP), 32);
1857 break;
1858 }
1859 case BPF_JMP | BPF_TAIL_CALL:
1860 emit_bpf_tail_call(&prog);
1861 break;
1862
1863
1864 case BPF_JMP | BPF_JEQ | BPF_X:
1865 case BPF_JMP | BPF_JNE | BPF_X:
1866 case BPF_JMP | BPF_JGT | BPF_X:
1867 case BPF_JMP | BPF_JLT | BPF_X:
1868 case BPF_JMP | BPF_JGE | BPF_X:
1869 case BPF_JMP | BPF_JLE | BPF_X:
1870 case BPF_JMP | BPF_JSGT | BPF_X:
1871 case BPF_JMP | BPF_JSLE | BPF_X:
1872 case BPF_JMP | BPF_JSLT | BPF_X:
1873 case BPF_JMP | BPF_JSGE | BPF_X: {
1874 u8 dreg_lo = dstk ? IA32_EAX : dst_lo;
1875 u8 dreg_hi = dstk ? IA32_EDX : dst_hi;
1876 u8 sreg_lo = sstk ? IA32_ECX : src_lo;
1877 u8 sreg_hi = sstk ? IA32_EBX : src_hi;
1878
1879 if (dstk) {
1880 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EAX),
1881 STACK_VAR(dst_lo));
1882 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EDX),
1883 STACK_VAR(dst_hi));
1884 }
1885
1886 if (sstk) {
1887 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_ECX),
1888 STACK_VAR(src_lo));
1889 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EBX),
1890 STACK_VAR(src_hi));
1891 }
1892
1893
1894 EMIT2(0x39, add_2reg(0xC0, dreg_hi, sreg_hi));
1895 EMIT2(IA32_JNE, 2);
1896
1897 EMIT2(0x39, add_2reg(0xC0, dreg_lo, sreg_lo));
1898 goto emit_cond_jmp;
1899 }
1900 case BPF_JMP | BPF_JSET | BPF_X: {
1901 u8 dreg_lo = dstk ? IA32_EAX : dst_lo;
1902 u8 dreg_hi = dstk ? IA32_EDX : dst_hi;
1903 u8 sreg_lo = sstk ? IA32_ECX : src_lo;
1904 u8 sreg_hi = sstk ? IA32_EBX : src_hi;
1905
1906 if (dstk) {
1907 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EAX),
1908 STACK_VAR(dst_lo));
1909 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EDX),
1910 STACK_VAR(dst_hi));
1911 }
1912
1913 if (sstk) {
1914 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_ECX),
1915 STACK_VAR(src_lo));
1916 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EBX),
1917 STACK_VAR(src_hi));
1918 }
1919
1920 EMIT2(0x23, add_2reg(0xC0, sreg_lo, dreg_lo));
1921 if (is_jmp64) {
1922
1923 EMIT2(0x23, add_2reg(0xC0, sreg_hi, dreg_hi));
1924
1925 EMIT2(0x09, add_2reg(0xC0, dreg_lo, dreg_hi));
1926 }
1927 goto emit_cond_jmp;
1928 }
1929 case BPF_JMP | BPF_JSET | BPF_K: {
1930 u32 hi;
1931 u8 dreg_lo = dstk ? IA32_EAX : dst_lo;
1932 u8 dreg_hi = dstk ? IA32_EDX : dst_hi;
1933 u8 sreg_lo = IA32_ECX;
1934 u8 sreg_hi = IA32_EBX;
1935
1936 if (dstk) {
1937 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EAX),
1938 STACK_VAR(dst_lo));
1939 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EDX),
1940 STACK_VAR(dst_hi));
1941 }
1942 hi = imm32 & (1<<31) ? (u32)~0 : 0;
1943
1944
1945 EMIT2_off32(0xC7, add_1reg(0xC0, IA32_ECX), imm32);
1946
1947 EMIT2_off32(0xC7, add_1reg(0xC0, IA32_EBX), hi);
1948
1949
1950 EMIT2(0x23, add_2reg(0xC0, sreg_lo, dreg_lo));
1951
1952 EMIT2(0x23, add_2reg(0xC0, sreg_hi, dreg_hi));
1953
1954 EMIT2(0x09, add_2reg(0xC0, dreg_lo, dreg_hi));
1955 goto emit_cond_jmp;
1956 }
1957 case BPF_JMP | BPF_JEQ | BPF_K:
1958 case BPF_JMP | BPF_JNE | BPF_K:
1959 case BPF_JMP | BPF_JGT | BPF_K:
1960 case BPF_JMP | BPF_JLT | BPF_K:
1961 case BPF_JMP | BPF_JGE | BPF_K:
1962 case BPF_JMP | BPF_JLE | BPF_K:
1963 case BPF_JMP | BPF_JSGT | BPF_K:
1964 case BPF_JMP | BPF_JSLE | BPF_K:
1965 case BPF_JMP | BPF_JSLT | BPF_K:
1966 case BPF_JMP | BPF_JSGE | BPF_K: {
1967 u32 hi;
1968 u8 dreg_lo = dstk ? IA32_EAX : dst_lo;
1969 u8 dreg_hi = dstk ? IA32_EDX : dst_hi;
1970 u8 sreg_lo = IA32_ECX;
1971 u8 sreg_hi = IA32_EBX;
1972
1973 if (dstk) {
1974 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EAX),
1975 STACK_VAR(dst_lo));
1976 EMIT3(0x8B, add_2reg(0x40, IA32_EBP, IA32_EDX),
1977 STACK_VAR(dst_hi));
1978 }
1979
1980 hi = imm32 & (1<<31) ? (u32)~0 : 0;
1981
1982 EMIT2_off32(0xC7, add_1reg(0xC0, IA32_ECX), imm32);
1983
1984 EMIT2_off32(0xC7, add_1reg(0xC0, IA32_EBX), hi);
1985
1986
1987 EMIT2(0x39, add_2reg(0xC0, dreg_hi, sreg_hi));
1988 EMIT2(IA32_JNE, 2);
1989
1990 EMIT2(0x39, add_2reg(0xC0, dreg_lo, sreg_lo));
1991
1992emit_cond_jmp:
1993 switch (BPF_OP(code)) {
1994 case BPF_JEQ:
1995 jmp_cond = IA32_JE;
1996 break;
1997 case BPF_JSET:
1998 case BPF_JNE:
1999 jmp_cond = IA32_JNE;
2000 break;
2001 case BPF_JGT:
2002
2003 jmp_cond = IA32_JA;
2004 break;
2005 case BPF_JLT:
2006
2007 jmp_cond = IA32_JB;
2008 break;
2009 case BPF_JGE:
2010
2011 jmp_cond = IA32_JAE;
2012 break;
2013 case BPF_JLE:
2014
2015 jmp_cond = IA32_JBE;
2016 break;
2017 case BPF_JSGT:
2018
2019 jmp_cond = IA32_JG;
2020 break;
2021 case BPF_JSLT:
2022
2023 jmp_cond = IA32_JL;
2024 break;
2025 case BPF_JSGE:
2026
2027 jmp_cond = IA32_JGE;
2028 break;
2029 case BPF_JSLE:
2030
2031 jmp_cond = IA32_JLE;
2032 break;
2033 default:
2034 return -EFAULT;
2035 }
2036 jmp_offset = addrs[i + insn->off] - addrs[i];
2037 if (is_imm8(jmp_offset)) {
2038 EMIT2(jmp_cond, jmp_offset);
2039 } else if (is_simm32(jmp_offset)) {
2040 EMIT2_off32(0x0F, jmp_cond + 0x10, jmp_offset);
2041 } else {
2042 pr_err("cond_jmp gen bug %llx\n", jmp_offset);
2043 return -EFAULT;
2044 }
2045
2046 break;
2047 }
2048 case BPF_JMP | BPF_JA:
2049 if (insn->off == -1)
2050
2051
2052
2053
2054
2055
2056 jmp_offset = -2;
2057 else
2058 jmp_offset = addrs[i + insn->off] - addrs[i];
2059
2060 if (!jmp_offset)
2061
2062 break;
2063emit_jmp:
2064 if (is_imm8(jmp_offset)) {
2065 EMIT2(0xEB, jmp_offset);
2066 } else if (is_simm32(jmp_offset)) {
2067 EMIT1_off32(0xE9, jmp_offset);
2068 } else {
2069 pr_err("jmp gen bug %llx\n", jmp_offset);
2070 return -EFAULT;
2071 }
2072 break;
2073
2074 case BPF_STX | BPF_XADD | BPF_W:
2075
2076 case BPF_STX | BPF_XADD | BPF_DW:
2077 goto notyet;
2078 case BPF_JMP | BPF_EXIT:
2079 if (seen_exit) {
2080 jmp_offset = ctx->cleanup_addr - addrs[i];
2081 goto emit_jmp;
2082 }
2083 seen_exit = true;
2084
2085 ctx->cleanup_addr = proglen;
2086 emit_epilogue(&prog, bpf_prog->aux->stack_depth);
2087 break;
2088notyet:
2089 pr_info_once("*** NOT YET: opcode %02x ***\n", code);
2090 return -EFAULT;
2091 default:
2092
2093
2094
2095
2096
2097 pr_err("bpf_jit: unknown opcode %02x\n", code);
2098 return -EINVAL;
2099 }
2100
2101 ilen = prog - temp;
2102 if (ilen > BPF_MAX_INSN_SIZE) {
2103 pr_err("bpf_jit: fatal insn size error\n");
2104 return -EFAULT;
2105 }
2106
2107 if (image) {
2108 if (unlikely(proglen + ilen > oldproglen)) {
2109 pr_err("bpf_jit: fatal error\n");
2110 return -EFAULT;
2111 }
2112 memcpy(image + proglen, temp, ilen);
2113 }
2114 proglen += ilen;
2115 addrs[i] = proglen;
2116 prog = temp;
2117 }
2118 return proglen;
2119}
2120
2121bool bpf_jit_needs_zext(void)
2122{
2123 return true;
2124}
2125
2126struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *prog)
2127{
2128 struct bpf_binary_header *header = NULL;
2129 struct bpf_prog *tmp, *orig_prog = prog;
2130 int proglen, oldproglen = 0;
2131 struct jit_context ctx = {};
2132 bool tmp_blinded = false;
2133 u8 *image = NULL;
2134 int *addrs;
2135 int pass;
2136 int i;
2137
2138 if (!prog->jit_requested)
2139 return orig_prog;
2140
2141 tmp = bpf_jit_blind_constants(prog);
2142
2143
2144
2145
2146 if (IS_ERR(tmp))
2147 return orig_prog;
2148 if (tmp != prog) {
2149 tmp_blinded = true;
2150 prog = tmp;
2151 }
2152
2153 addrs = kmalloc_array(prog->len, sizeof(*addrs), GFP_KERNEL);
2154 if (!addrs) {
2155 prog = orig_prog;
2156 goto out;
2157 }
2158
2159
2160
2161
2162
2163 for (proglen = 0, i = 0; i < prog->len; i++) {
2164 proglen += 64;
2165 addrs[i] = proglen;
2166 }
2167 ctx.cleanup_addr = proglen;
2168
2169
2170
2171
2172
2173
2174
2175 for (pass = 0; pass < 20 || image; pass++) {
2176 proglen = do_jit(prog, addrs, image, oldproglen, &ctx);
2177 if (proglen <= 0) {
2178out_image:
2179 image = NULL;
2180 if (header)
2181 bpf_jit_binary_free(header);
2182 prog = orig_prog;
2183 goto out_addrs;
2184 }
2185 if (image) {
2186 if (proglen != oldproglen) {
2187 pr_err("bpf_jit: proglen=%d != oldproglen=%d\n",
2188 proglen, oldproglen);
2189 goto out_image;
2190 }
2191 break;
2192 }
2193 if (proglen == oldproglen) {
2194 header = bpf_jit_binary_alloc(proglen, &image,
2195 1, jit_fill_hole);
2196 if (!header) {
2197 prog = orig_prog;
2198 goto out_addrs;
2199 }
2200 }
2201 oldproglen = proglen;
2202 cond_resched();
2203 }
2204
2205 if (bpf_jit_enable > 1)
2206 bpf_jit_dump(prog->len, proglen, pass + 1, image);
2207
2208 if (image) {
2209 bpf_jit_binary_lock_ro(header);
2210 prog->bpf_func = (void *)image;
2211 prog->jited = 1;
2212 prog->jited_len = proglen;
2213 } else {
2214 prog = orig_prog;
2215 }
2216
2217out_addrs:
2218 kfree(addrs);
2219out:
2220 if (tmp_blinded)
2221 bpf_jit_prog_release_other(prog, prog == orig_prog ?
2222 tmp : orig_prog);
2223 return prog;
2224}
2225
