Skip to content

Commit 372ccb4

Browse files
LichtsoLichtso
committed
Always sanitize emit_profile_instruction_count() and emit_undo_profile_instruction_count().
1 parent c7fffe4 commit 372ccb4

File tree

1 file changed

+20
-26
lines changed

1 file changed

+20
-26
lines changed

src/jit.rs

Lines changed: 20 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -423,7 +423,7 @@ impl<'a, C: ContextObject> JitCompiler<'a, C> {
423423

424424
match insn.opc {
425425
ebpf::LD_DW_IMM if !self.executable.get_sbpf_version().disable_lddw() => {
426-
self.emit_validate_and_profile_instruction_count(false, Some(self.pc + 2));
426+
self.emit_validate_and_profile_instruction_count(Some(self.pc + 2));
427427
self.pc += 1;
428428
self.result.pc_section[self.pc] = self.anchors[ANCHOR_CALL_UNSUPPORTED_INSTRUCTION] as usize;
429429
ebpf::augment_lddw_unchecked(self.program, &mut insn);
@@ -702,7 +702,7 @@ impl<'a, C: ContextObject> JitCompiler<'a, C> {
702702

703703
// BPF_JMP class
704704
ebpf::JA => {
705-
self.emit_validate_and_profile_instruction_count(true, Some(target_pc));
705+
self.emit_validate_and_profile_instruction_count(Some(target_pc));
706706
self.emit_ins(X86Instruction::load_immediate(REGISTER_SCRATCH, target_pc as i64));
707707
let jump_offset = self.relative_to_target_pc(target_pc, 5);
708708
self.emit_ins(X86Instruction::jump_immediate(jump_offset));
@@ -788,7 +788,7 @@ impl<'a, C: ContextObject> JitCompiler<'a, C> {
788788
self.emit_ins(X86Instruction::alu(OperandSize::S64, 0x81, 5, REGISTER_PTR_TO_VM, 1, Some(call_depth_access))); // env.call_depth -= 1;
789789

790790
// and return
791-
self.emit_profile_instruction_count(false, Some(0));
791+
self.emit_profile_instruction_count(Some(0));
792792
self.emit_ins(X86Instruction::return_near());
793793
},
794794

@@ -802,7 +802,7 @@ impl<'a, C: ContextObject> JitCompiler<'a, C> {
802802
if self.offset_in_text_section + MAX_MACHINE_CODE_LENGTH_PER_INSTRUCTION * 2 >= self.result.text_section.len() {
803803
return Err(EbpfError::ExhaustedTextSegment(self.pc));
804804
}
805-
self.emit_validate_and_profile_instruction_count(false, Some(self.pc + 1));
805+
self.emit_validate_and_profile_instruction_count(Some(self.pc + 1));
806806
self.emit_ins(X86Instruction::load_immediate(REGISTER_SCRATCH, self.pc as i64)); // Save pc
807807
self.emit_set_exception_kind(EbpfError::ExecutionOverrun);
808808
self.emit_ins(X86Instruction::jump_immediate(self.relative_to_anchor(ANCHOR_THROW_EXCEPTION, 5)));
@@ -951,39 +951,27 @@ impl<'a, C: ContextObject> JitCompiler<'a, C> {
951951
}
952952

953953
#[inline]
954-
fn emit_profile_instruction_count(&mut self, user_provided: bool, target_pc: Option<usize>) {
954+
fn emit_profile_instruction_count(&mut self, target_pc: Option<usize>) {
955955
if !self.config.enable_instruction_meter {
956956
return;
957957
}
958958
match target_pc {
959959
Some(target_pc) => {
960-
// instruction_meter += target_pc - (self.pc + 1);
961-
let immediate = target_pc as i64 - self.pc as i64 - 1;
962-
if user_provided {
963-
self.emit_sanitized_alu(OperandSize::S64, 0x01, 0, REGISTER_INSTRUCTION_METER, immediate);
964-
} else {
965-
self.emit_ins(X86Instruction::alu(OperandSize::S64, 0x81, 0, REGISTER_INSTRUCTION_METER, immediate, None));
966-
}
960+
self.emit_sanitized_alu(OperandSize::S64, 0x01, 0, REGISTER_INSTRUCTION_METER, target_pc as i64 - self.pc as i64 - 1); // instruction_meter += target_pc - (self.pc + 1);
967961
},
968962
None => {
969-
self.emit_ins(X86Instruction::alu(OperandSize::S64, 0x81, 5, REGISTER_INSTRUCTION_METER, self.pc as i64 + 1, None)); // instruction_meter -= self.pc + 1;
970963
self.emit_ins(X86Instruction::alu(OperandSize::S64, 0x01, REGISTER_SCRATCH, REGISTER_INSTRUCTION_METER, 0, None)); // instruction_meter += target_pc;
964+
self.emit_sanitized_alu(OperandSize::S64, 0x81, 5, REGISTER_INSTRUCTION_METER, self.pc as i64 + 1); // instruction_meter -= self.pc + 1;
971965
},
972966
}
973967
}
974968

975-
#[inline]
976-
fn emit_validate_and_profile_instruction_count(&mut self, user_provided: bool, target_pc: Option<usize>) {
977-
self.emit_validate_instruction_count(Some(self.pc));
978-
self.emit_profile_instruction_count(user_provided, target_pc);
979-
}
980-
981969
#[inline]
982970
fn emit_undo_profile_instruction_count(&mut self, target_pc: Value) {
983971
if self.config.enable_instruction_meter {
984972
match target_pc {
985973
Value::Constant64(target_pc, _) => {
986-
self.emit_ins(X86Instruction::alu(OperandSize::S64, 0x81, 0, REGISTER_INSTRUCTION_METER, self.pc as i64 + 1 - target_pc, None)); // instruction_meter += (self.pc + 1) - target_pc;
974+
self.emit_sanitized_alu(OperandSize::S64, 0x01, 0, REGISTER_INSTRUCTION_METER, self.pc as i64 + 1 - target_pc); // instruction_meter += (self.pc + 1) - target_pc;
987975
}
988976
Value::Register(target_pc) => {
989977
self.emit_ins(X86Instruction::alu(OperandSize::S64, 0x29, target_pc, REGISTER_INSTRUCTION_METER, 0, None)); // instruction_meter -= guest_target_pc
@@ -995,6 +983,12 @@ impl<'a, C: ContextObject> JitCompiler<'a, C> {
995983
}
996984
}
997985

986+
#[inline]
987+
fn emit_validate_and_profile_instruction_count(&mut self, target_pc: Option<usize>) {
988+
self.emit_validate_instruction_count(Some(self.pc));
989+
self.emit_profile_instruction_count(target_pc);
990+
}
991+
998992
fn emit_rust_call(&mut self, target: Value, arguments: &[Argument], result_reg: Option<u8>) {
999993
let mut saved_registers = CALLER_SAVED_REGISTERS.to_vec();
1000994
if let Some(reg) = result_reg {
@@ -1123,7 +1117,7 @@ impl<'a, C: ContextObject> JitCompiler<'a, C> {
11231117
},
11241118
Value::Constant64(target_pc, user_provided) => {
11251119
debug_assert!(user_provided);
1126-
self.emit_profile_instruction_count(user_provided, Some(target_pc as usize));
1120+
self.emit_profile_instruction_count(Some(target_pc as usize));
11271121
if user_provided && self.should_sanitize_constant(target_pc) {
11281122
self.emit_sanitized_load_immediate(REGISTER_SCRATCH, target_pc);
11291123
} else {
@@ -1149,7 +1143,7 @@ impl<'a, C: ContextObject> JitCompiler<'a, C> {
11491143

11501144
#[inline]
11511145
fn emit_syscall_dispatch(&mut self, function: BuiltinFunction<C>) {
1152-
self.emit_validate_and_profile_instruction_count(false, Some(0));
1146+
self.emit_validate_and_profile_instruction_count(Some(0));
11531147
self.emit_ins(X86Instruction::load_immediate(REGISTER_SCRATCH, function as usize as i64));
11541148
self.emit_ins(X86Instruction::call_immediate(self.relative_to_anchor(ANCHOR_EXTERNAL_FUNCTION_CALL, 5)));
11551149
self.emit_undo_profile_instruction_count(Value::Constant64(0, false));
@@ -1228,7 +1222,7 @@ impl<'a, C: ContextObject> JitCompiler<'a, C> {
12281222

12291223
#[inline]
12301224
fn emit_conditional_branch_reg(&mut self, op: u8, bitwise: bool, first_operand: u8, second_operand: u8, target_pc: usize) {
1231-
self.emit_validate_and_profile_instruction_count(true, Some(target_pc));
1225+
self.emit_validate_and_profile_instruction_count(Some(target_pc));
12321226
if bitwise { // Logical
12331227
self.emit_ins(X86Instruction::test(OperandSize::S64, first_operand, second_operand, None));
12341228
} else { // Arithmetic
@@ -1242,7 +1236,7 @@ impl<'a, C: ContextObject> JitCompiler<'a, C> {
12421236

12431237
#[inline]
12441238
fn emit_conditional_branch_imm(&mut self, op: u8, bitwise: bool, immediate: i64, second_operand: u8, target_pc: usize) {
1245-
self.emit_validate_and_profile_instruction_count(true, Some(target_pc));
1239+
self.emit_validate_and_profile_instruction_count(Some(target_pc));
12461240
if self.should_sanitize_constant(immediate) {
12471241
self.emit_sanitized_load_immediate(REGISTER_SCRATCH, immediate);
12481242
if bitwise { // Logical
@@ -1578,7 +1572,7 @@ impl<'a, C: ContextObject> JitCompiler<'a, C> {
15781572
let number_of_instructions = self.result.pc_section.len();
15791573
self.emit_ins(X86Instruction::cmp_immediate(OperandSize::S64, REGISTER_SCRATCH, (number_of_instructions * INSN_SIZE) as i64, None)); // guest_target_address.cmp(number_of_instructions * INSN_SIZE)
15801574
self.emit_ins(X86Instruction::conditional_jump_immediate(0x83, self.relative_to_anchor(ANCHOR_CALL_OUTSIDE_TEXT_SEGMENT, 6)));
1581-
// First half of self.emit_profile_instruction_count(false, None);
1575+
// First half of self.emit_profile_instruction_count(None);
15821576
self.emit_ins(X86Instruction::alu(OperandSize::S64, 0x2b, REGISTER_INSTRUCTION_METER, RSP, 0, Some(X86IndirectAccess::OffsetIndexShift(-8, RSP, 0)))); // instruction_meter -= guest_current_pc;
15831577
self.emit_ins(X86Instruction::alu(OperandSize::S64, 0x81, 5, REGISTER_INSTRUCTION_METER, 1, None)); // instruction_meter -= 1;
15841578
// Load host target_address from self.result.pc_section
@@ -1591,7 +1585,7 @@ impl<'a, C: ContextObject> JitCompiler<'a, C> {
15911585
let shift_amount = INSN_SIZE.trailing_zeros();
15921586
debug_assert_eq!(INSN_SIZE, 1 << shift_amount);
15931587
self.emit_ins(X86Instruction::alu(OperandSize::S64, 0xc1, 5, REGISTER_SCRATCH, shift_amount as i64, None)); // guest_target_pc /= INSN_SIZE;
1594-
// Second half of self.emit_profile_instruction_count(false, None);
1588+
// Second half of self.emit_profile_instruction_count(None);
15951589
self.emit_ins(X86Instruction::alu(OperandSize::S64, 0x01, REGISTER_SCRATCH, REGISTER_INSTRUCTION_METER, 0, None)); // instruction_meter += guest_target_pc;
15961590
// Restore the clobbered REGISTER_MAP[0]
15971591
self.emit_ins(X86Instruction::xchg(OperandSize::S64, REGISTER_MAP[0], RSP, Some(X86IndirectAccess::OffsetIndexShift(0, RSP, 0)))); // Swap REGISTER_MAP[0] and host_target_address

0 commit comments

Comments
 (0)