Commit eada40e0 authored by Ilya Leoshkevich's avatar Ilya Leoshkevich Committed by Daniel Borkmann
Browse files

s390/bpf: Do not write tail call counter into helper and kfunc frames 



Only BPF functions make use of the tail call counter; helpers and
kfuncs ignore and most likely also clobber it. Writing it into these
functions' frames is pointless and misleading, so do not do it.

Fixes: dd691e84 ("s390/bpf: Implement bpf_jit_supports_subprog_tailcalls()")
Signed-off-by: default avatarIlya Leoshkevich <iii@linux.ibm.com>
Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
Link: https://lore.kernel.org/bpf/20250813121016.163375-2-iii@linux.ibm.com
parent 3ec85602

arch/s390/net/bpf_jit_comp.c

+12 −4
Original line number Diff line number Diff line
@@ -1790,6 +1790,7 @@ static noinline int bpf_jit_insn(struct bpf_jit *jit, struct bpf_prog *fp, 


		REG_SET_SEEN(BPF_REG_5);

		jit->seen |= SEEN_FUNC;



		/*

		 * Copy the tail call counter to where the callee expects it.

		 *
@@ -1800,10 +1801,17 @@ static noinline int bpf_jit_insn(struct bpf_jit *jit, struct bpf_prog *fp, 
		 * Note 2: We assume that the verifier does not let us call the

		 * main program, which clears the tail call counter on entry.

		 */

		/* mvc tail_call_cnt(4,%r15),frame_off+tail_call_cnt(%r15) */

		_EMIT6(0xd203f000 | offsetof(struct prog_frame, tail_call_cnt),



		if (insn->src_reg == BPF_PSEUDO_CALL)

			/*

			 * mvc tail_call_cnt(4,%r15),

			 *     frame_off+tail_call_cnt(%r15)

			 */

			_EMIT6(0xd203f000 | offsetof(struct prog_frame,

						     tail_call_cnt),

			       0xf000 | (jit->frame_off +

				 offsetof(struct prog_frame, tail_call_cnt)));

					 offsetof(struct prog_frame,

						  tail_call_cnt)));



		/* Sign-extend the kfunc arguments. */

		if (insn->src_reg == BPF_PSEUDO_KFUNC_CALL) {