Re: XDP BPF JIT memory leak on armv7

Next message: Joshua Crofts: "Re: [PATCH v5 1/2] iio: frequency: ad9832: remove kernel.h proxy header"
Previous message: Helge Deller: "Re: [PATCH] parisc: led: fix reference leak on failed device registration"
In reply to: Jonas Rebmann: "Re: XDP BPF JIT memory leak on armv7"
Next in thread: Daniel Borkmann: "Re: XDP BPF JIT memory leak on armv7"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Puranjay Mohan

Date: Fri Apr 17 2026 - 05:57:37 EST

On Fri, Apr 17, 2026 at 10:47 AM Jonas Rebmann <jre@xxxxxxxxxxxxxx> wrote:
>
> Hello Daniel,
> Hello Puranjay,
>
> On 2026-04-16 16:36, Daniel Borkmann wrote:
> > I don't have access to arm32, but it looks like its completely missing the
> > ability to do BPF to BPF calls.. you would need something like the below
> > (uncompiled / untested).
>
> Applying your Patch to latest master leads to a paging error [1] and
> segmentation fault in xdp_program__attach when I run
> ./xdp_pass_user -d lo
>
> > I think the problem is that BPF to BPF calls are not supported but the
> > JIT doesn't reject them as well, so the best way to fix this would be
> > to do:
> >
> > diff --git a/arch/arm/net/bpf_jit_32.c b/arch/arm/net/bpf_jit_32.c
> > index deeb8f292454..91fef10e88bc 100644
> > --- a/arch/arm/net/bpf_jit_32.c
> > +++ b/arch/arm/net/bpf_jit_32.c
> > @@ -2047,6 +2047,8 @@ static int build_insn(const struct bpf_insn
> > *insn, struct jit_ctx *ctx)
> > /* function call */
> > case BPF_JMP | BPF_CALL:
> > {
> > + if (insn->src_reg == BPF_PSEUDO_CALL)
> > + goto notyet;
> > const s8 *r0 = bpf2a32[BPF_REG_0];
> > const s8 *r1 = bpf2a32[BPF_REG_1];
> > const s8 *r2 = bpf2a32[BPF_REG_2];
> >
> > This will cause the memory to be freed properly.
>
> This works for me and resolves the issue.
>
> Tested-by: Jonas Rebmann <jre@xxxxxxxxxxxxxx>

Thanks for testing, let me send the patch to the list.