net: bpf: arm64: fix module memory leak when JIT image build fails

On ARM64, when the BPF JIT compiler fills the JIT image body with
opcodes during translation of eBPF into ARM64 opcodes, we may fail
for several reasons during that phase: one being that we jump to
the notyet label for not yet supported eBPF instructions such as
BPF_ST. In that case we only free offsets, but not the actual
allocated target image where opcodes are being stored. Fix it by
calling module_free() on dismantle time in case of errors.

Signed-off-by: Daniel Borkmann <dborkman@redhat.com>
Acked-by: Zi Shen Lim <zlim.lnx@gmail.com>
Acked-by: Will Deacon <will.deacon@arm.com>
Cc: Alexei Starovoitov <ast@plumgrid.com>
Signed-off-by: Catalin Marinas <catalin.marinas@arm.com>

diff --git a/arch/arm64/net/bpf_jit_comp.c b/arch/arm64/net/bpf_jit_comp.c
index 38c42965382ded124c004cd077503f3ec7302129..7ae33545535b96fd363d08ede9634d8ff0a30ad3 100644 (file)
--- a/arch/arm64/net/bpf_jit_comp.c
+++ b/arch/arm64/net/bpf_jit_comp.c
@@ -651,8 +651,10 @@ void bpf_int_jit_compile(struct bpf_prog *prog)
        build_prologue(&ctx);
 
        ctx.body_offset = ctx.idx;
-       if (build_body(&ctx))
+       if (build_body(&ctx)) {
+               module_free(NULL, ctx.image);
                goto out;
+       }
 
        build_epilogue(&ctx);