Re: [RFC PATCH bpf 1/6] bpf: Disallow interpreter fallback for user BPF_ADDR_SPACE_CAST insn

From: Tiezhu Yang

Date: Tue Jun 30 2026 - 21:26:53 EST


On 2026/6/30 下午10:36, Leon Hwang wrote:
On 2026/6/30 22:29, KaFai Wan wrote:
On Fri, 2026-06-26 at 23:43 +0800, Leon Hwang wrote:
[...]
 /* Fix up helper call offsets on JIT fallback path. */
-static void bpf_fixup_fallback_helpers(struct bpf_verifier_env *env, struct bpf_prog *fp)
+static int bpf_fixup_fallback_helpers(struct bpf_verifier_env *env, struct bpf_prog *fp)
 {
  struct bpf_insn *insn = fp->insnsi;
  const struct bpf_func_proto *fn;
  int i;
- if (!env || !env->ops->get_func_proto)
- return;
+ if (!env)
+ return 0;
  for (i = 0; i < fp->len; i++, insn++) {
- if (bpf_helper_call(insn) && bpf_jit_inlines_helper_call(insn->imm)) {
+ if (env->ops->get_func_proto && bpf_helper_call(insn) &&
+     bpf_jit_inlines_helper_call(insn->imm)) {
  fn = env->ops->get_func_proto(insn->imm, env->prog);
  if (fn && fn->func)
  insn->imm = fn->func - __bpf_call_base;
It might be better to use the BPF_CALL_IMM macro. insn->imm = BPF_CALL_IMM(fn->func);


Makes sense.

This might be applied to Tiezhu's patch.

Hi all,

Alexei said in another thread like this:

```
> [3] https://lore.kernel.org/bpf/20260615025316.24429-1-yangtiezhu@xxxxxxxxxxx/

I don't think we need such fallback in patch [3].
```
https://lore.kernel.org/bpf/DJMRIZ5PDWP4.12OOZ8H881H6O@xxxxxxxxx/

Should I just drop my previous patch? To be honest, I'm not sure how to solve the issue mentioned in it. Is that a real problem, and does it need to be fixed? What is the next step?

Thanks,
Tiezhu