ANDROID: arm64: bpf: implement arch_bpf_jit_check_func

Implement arch_bpf_jit_check_func to check that pointers to jited BPF functions are correctly aligned and point to the BPF JIT region. This narrows down the attack surface on the stored pointer. Bug: 145210207 Change-Id: I1c2c9365662437f9a4178b873859576028468ea6 Signed-off-by: Sami Tolvanen <samitolvanen@google.com>
2026-06-07 03:15:31 +09:00 · 2019-09-04 14:56:40 -07:00
parent 788bbf4f26
commit d9756ba082
1 changed files with 11 additions and 0 deletions
--- a/arch/arm64/net/bpf_jit_comp.c
+++ b/arch/arm64/net/bpf_jit_comp.c
@@ -976,3 +976,14 @@ void bpf_jit_free_exec(void *addr)
 {
 	return vfree(addr);
 }
+
+#ifdef CONFIG_CFI_CLANG
+bool arch_bpf_jit_check_func(const struct bpf_prog *prog)
+{
+	const uintptr_t func = (const uintptr_t)prog->bpf_func;
+
+	/* bpf_func must be correctly aligned and within the BPF JIT region */
+	return (func >= BPF_JIT_REGION_START && func < BPF_JIT_REGION_END &&
+		IS_ALIGNED(func, sizeof(u32)));
+}
+#endif