Re: [PATCH bpf-next v10 1/5] bpf: Move constants blinding out of arch-specific JITs
From: Alexei Starovoitov
Date: Wed Mar 25 2026 - 11:31:47 EST
On Wed, Mar 25, 2026 at 12:47 AM Xu Kuohai <xukuohai@xxxxxxxxxxxxxxx> wrote:
>
> On 3/24/2026 8:46 PM, bot+bpf-ci@xxxxxxxxxx wrote:
> >> diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c
> >> index 67eb12b637a5..8f52f4b6c3af 100644
> >> --- a/kernel/bpf/core.c
> >> +++ b/kernel/bpf/core.c
> >
> > [ ... ]
> >
> >> @@ -1507,13 +1507,16 @@ static void adjust_insn_arrays(struct bpf_prog *prog, u32 off, u32 len)
> >> #endif
> >> }
> >>
> >> -struct bpf_prog *bpf_jit_blind_constants(struct bpf_prog *prog)
> >> +struct bpf_prog *bpf_jit_blind_constants(struct bpf_verifier_env *env, struct bpf_prog *prog)
> >> {
> >
> > [ ... ]
> >
> >> - tmp = bpf_patch_insn_single(clone, i, insn_buff, rewritten);
> >> - if (IS_ERR(tmp)) {
> >> + if (env)
> >> + tmp = bpf_patch_insn_data(env, subprog_start + i, insn_buff, rewritten);
> >> + else
> >> + tmp = bpf_patch_insn_single(clone, i, insn_buff, rewritten);
> >
> > When env is non-NULL, bpf_patch_insn_data() adjusts env->insn_aux_data
> > via adjust_insn_aux_data() and env->subprog_info via
> > adjust_subprog_starts(). This shifts subprogram start positions to
> > account for the expanded instructions.
> >
>
> Right, but only the subsequent subprogs are shifted, the current subprog
> is not. Since we are patching the main prog when env is non-NULL, and
> subprog_start is always 0 for a main prog, subprog_start is not needed
> here and can be removed.
sashiko found other bugs too:
https://sashiko.dev/#/patchset/20260324122052.342751-1-xukuohai%40huaweicloud.com
Pls fix them all.