Re: [PATCH] arm64: bpf: Fix UBSAN misaligned access in BPF JIT

Next message: Shrikanth Hegde: "Re: [PATCH 04/15] powerpc/time: Prepare to stop elapsing in dynticks-idle"
Previous message: Kees Cook: "[PATCH v2] drm/amd/ras: Fix type size of remainder argument"
In reply to: patchwork-bot+netdevbpf: "Re: [PATCH v3] arm64: bpf: Force 8-byte alignment for JIT buffer to prevent atomic tearing"
Next in thread: Fuad Tabba: "Re: [PATCH] arm64: bpf: Fix UBSAN misaligned access in BPF JIT"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Will Deacon

Date: Wed Feb 25 2026 - 12:48:17 EST

On Wed, Feb 25, 2026 at 05:46:52PM +0800, Xu Kuohai wrote:
> Interesting, I think the plt target should be 64-bit aligned to ensure
> atomic reading on arm64. It can be updated concurrently by WRITE_ONCE
> in the bpf_arch_text_poke function while the ldr instruction in the plt is
> executed. If it is not aligned correctly, the ldr may read a half-old
> half-new value, causing the plt to jump to an invalid destination.

Thanks for pointing that out; I hadn't realised that we patched live
PLTs!

> To avoid over-aligning the entire buffer, how about fixing the padding
> method in build_plt to just make the plt target aligned correctly?

Makes sense to me.

Will