Re: [PATCH bpf-next v2 2/3] bpf, arm64: JIT support for private stack

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 7/24/25 5:02 AM, Puranjay Mohan wrote:

The private stack is allocated in bpf_int_jit_compile() with 16-byte
alignment. It includes additional guard regions to detect stack
overflows and underflows at runtime.

Memory layout:

               +------------------------------------------------------+
               |                                                      |
               |  16 bytes padding (overflow guard - stack top)       |
               |  [ detects writes beyond top of stack ]              |
      BPF FP ->+------------------------------------------------------+
               |                                                      |
               |  BPF private stack (sized by verifier)               |
               |  [ 16-byte aligned ]                                 |
               |                                                      |
BPF PRIV SP ->+------------------------------------------------------+
               |                                                      |
               |  16 bytes padding (underflow guard - stack bottom)   |
               |  [ detects accesses before start of stack ]          |
               |                                                      |
               +------------------------------------------------------+

On detection of an overflow or underflow, the kernel emits messages
like:
     BPF private stack overflow/underflow detected for prog <prog_name>

After commit bd737fcb6485 ("bpf, arm64: Get rid of fpb"), Jited BPF
programs use the stack in two ways:
1. Via the BPF frame pointer (top of stack), using negative offsets.
2. Via the stack pointer (bottom of stack), using positive offsets in
    LDR/STR instructions.

When a private stack is used, ARM64 callee-saved register x27 replaces
the stack pointer. The BPF frame pointer usage remains unchanged; but it
now points to the top of the private stack.

Relevant tests (Enabled in following patch):

  #415/1   struct_ops_private_stack/private_stack:OK
  #415/2   struct_ops_private_stack/private_stack_fail:OK
  #415/3   struct_ops_private_stack/private_stack_recur:OK
  #415     struct_ops_private_stack:OK
  #549/1   verifier_private_stack/Private stack, single prog:OK
  #549/2   verifier_private_stack/Private stack, subtree > MAX_BPF_STACK:OK
  #549/3   verifier_private_stack/No private stack:OK
  #549/4   verifier_private_stack/Private stack, callback:OK
  #549/5   verifier_private_stack/Private stack, exception in main prog:OK
  #549/6   verifier_private_stack/Private stack, exception in subprog:OK
  #549/7   verifier_private_stack/Private stack, async callback, not nested:OK
  #549/8   verifier_private_stack/Private stack, async callback, potential nesting:OK
  #549     verifier_private_stack:OK
  Summary: 2/11 PASSED, 0 SKIPPED, 0 FAILED

Signed-off-by: Puranjay Mohan <puranjay@xxxxxxxxxx>


Acked-by: Yonghong Song <yonghong.song@xxxxxxxxx>
[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux