net: bpf: arm64: fix module memory leak when JIT image build fails

On ARM64, when the BPF JIT compiler fills the JIT image body with opcodes during translation of eBPF into ARM64 opcodes, we may fail for several reasons during that phase: one being that we jump to the notyet label for not yet supported eBPF instructions such as BPF_ST. In that case we only free offsets, but not the actual allocated target image where opcodes are being stored. Fix it by calling module_free() on dismantle time in case of errors. Signed-off-by: N Daniel Borkmann <dborkman@redhat.com> Acked-by: N Zi Shen Lim <zlim.lnx@gmail.com> Acked-by: N Will Deacon <will.deacon@arm.com> Cc: Alexei Starovoitov <ast@plumgrid.com> Signed-off-by: N Catalin Marinas <catalin.marinas@arm.com>

net: bpf: arm64: fix module memory leak when JIT image build fails
On ARM64, when the BPF JIT compiler fills the JIT image body with opcodes during translation of eBPF into ARM64 opcodes, we may fail for several reasons during that phase: one being that we jump to the notyet label for not yet supported eBPF instructions such as BPF_ST. In that case we only free offsets, but not the actual allocated target image where opcodes are being stored. Fix it by calling module_free() on dismantle time in case of errors. Signed-off-by: N Daniel Borkmann <dborkman@redhat.com> Acked-by: N Zi Shen Lim <zlim.lnx@gmail.com> Acked-by: N Will Deacon <will.deacon@arm.com> Cc: Alexei Starovoitov <ast@plumgrid.com> Signed-off-by: N Catalin Marinas <catalin.marinas@arm.com>
60ef0494 · Daniel Borkmann · Catalin Marinas · c2eb6b61 · 60ef0494
隐藏空白更改
内联并排

Showing with 3 addition and 1 deletion

arch/arm64/net/bpf_jit_comp.c arch/arm64/net/bpf_jit_comp.c +3 -1

未找到文件。
--- a/arch/arm64/net/bpf_jit_comp.c
+++ b/arch/arm64/net/bpf_jit_comp.c
@@ -651,8 +651,10 @@ void bpf_int_jit_compile(struct bpf_prog *prog)
 	build_prologue(&ctx);

 	ctx.body_offset = ctx.idx;
-	if (build_body(&ctx))
+	if (build_body(&ctx)) {
+		module_free(NULL, ctx.image);
 		goto out;
+	}

 	build_epilogue(&ctx);