From 63ca0ed629e46d820eb557480a2e1b69bc77c2e1 Mon Sep 17 00:00:00 2001 From: Greg Kroah-Hartman Date: Mon, 15 Jan 2024 11:28:41 +0000 Subject: [PATCH] Revert "bpf: Fix a verifier bug due to incorrect branch offset comparison with cpu=v4" This reverts commit 15db682980fc0d438a1706f20343ebdd01325356 which is commit dfce9cb3140592b886838e06f3e0c25fea2a9cae upstream. It breaks the Android kernel abi and can be brought back in the future in an abi-safe way if it is really needed. Bug: 161946584 Change-Id: I5666ddce48ae86770aec837534e3fbd5ce196785 Signed-off-by: Greg Kroah-Hartman --- kernel/bpf/core.c | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c index 76bf1de26115..0b55ebf4a9b1 100644 --- a/kernel/bpf/core.c +++ b/kernel/bpf/core.c @@ -365,18 +365,14 @@ static int bpf_adj_delta_to_imm(struct bpf_insn *insn, u32 pos, s32 end_old, static int bpf_adj_delta_to_off(struct bpf_insn *insn, u32 pos, s32 end_old, s32 end_new, s32 curr, const bool probe_pass) { - s64 off_min, off_max, off; + const s32 off_min = S16_MIN, off_max = S16_MAX; s32 delta = end_new - end_old; + s32 off; - if (insn->code == (BPF_JMP32 | BPF_JA)) { + if (insn->code == (BPF_JMP32 | BPF_JA)) off = insn->imm; - off_min = S32_MIN; - off_max = S32_MAX; - } else { + else off = insn->off; - off_min = S16_MIN; - off_max = S16_MAX; - } if (curr < pos && curr + off + 1 >= end_old) off += delta;