From 5a80244246d503df688341a10e1d244d15bb8ce5 Mon Sep 17 00:00:00 2001
From: Michael Holzheu <holzheu@linux.vnet.ibm.com>
Date: Wed, 14 Jan 2015 11:25:07 +0100
Subject: s390/bpf: Fix JMP_JGE_K (A >= K) and JMP_JGT_K (A > K)

Currently the signed COMPARE HALFWORD IMMEDIATE (chi) and COMPARE (c)
instructions are used to compare "A" with "K". This is not correct
because "A" and "K" are both unsigned. To fix this remove the
chi instruction (no unsigned analogon available) and use the
unsigned COMPARE LOGICAL (cl) instruction instead of COMPARE (c).

Signed-off-by: Michael Holzheu <holzheu@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
---
 arch/s390/net/bpf_jit_comp.c | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

(limited to 'arch')

diff --git a/arch/s390/net/bpf_jit_comp.c b/arch/s390/net/bpf_jit_comp.c
index 524496d47ef5..bbd1981cc150 100644
--- a/arch/s390/net/bpf_jit_comp.c
+++ b/arch/s390/net/bpf_jit_comp.c
@@ -448,15 +448,12 @@ static int bpf_jit_insn(struct bpf_jit *jit, struct sock_filter *filter,
 		mask = 0x800000; /* je */
 kbranch:	/* Emit compare if the branch targets are different */
 		if (filter->jt != filter->jf) {
-			if (K <= 16383)
-				/* chi %r5,<K> */
-				EMIT4_IMM(0xa75e0000, K);
-			else if (test_facility(21))
+			if (test_facility(21))
 				/* clfi %r5,<K> */
 				EMIT6_IMM(0xc25f0000, K);
 			else
-				/* c %r5,<d(K)>(%r13) */
-				EMIT4_DISP(0x5950d000, EMIT_CONST(K));
+				/* cl %r5,<d(K)>(%r13) */
+				EMIT4_DISP(0x5550d000, EMIT_CONST(K));
 		}
 branch:		if (filter->jt == filter->jf) {
 			if (filter->jt == 0)
-- 
cgit v1.2.3


From db9aa8f432b83b270686e68172c6d2895babdc26 Mon Sep 17 00:00:00 2001
From: Michael Holzheu <holzheu@linux.vnet.ibm.com>
Date: Thu, 15 Jan 2015 10:20:28 +0100
Subject: s390/bpf: Fix skb_copy_bits() parameter passing

The skb_copy_bits() function has the following signature:
int skb_copy_bits(const struct sk_buff *skb, int offset, void *to, int len)

Currently in bpf_jit.S the "to" and "len" parameters have been
exchanged. So fix this and call the function with the correct
parameters.

Signed-off-by: Michael Holzheu <holzheu@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
---
 arch/s390/net/bpf_jit.S | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

(limited to 'arch')

diff --git a/arch/s390/net/bpf_jit.S b/arch/s390/net/bpf_jit.S
index 7e45d13816c1..d34b70767d5a 100644
--- a/arch/s390/net/bpf_jit.S
+++ b/arch/s390/net/bpf_jit.S
@@ -22,8 +22,8 @@
  * skb_copy_bits takes 4 parameters:
  *   %r2 = skb pointer
  *   %r3 = offset into skb data
- *   %r4 = length to copy
- *   %r5 = pointer to temp buffer
+ *   %r4 = pointer to temp buffer
+ *   %r5 = length to copy
  */
 #define SKBDATA	%r8
 
@@ -44,8 +44,8 @@ ENTRY(sk_load_word)
 
 sk_load_word_slow:
 	lgr	%r9,%r2			# save %r2
-	lhi	%r4,4			# 4 bytes
-	la	%r5,160(%r15)		# pointer to temp buffer
+	la	%r4,160(%r15)		# pointer to temp buffer
+	lhi	%r5,4			# 4 bytes
 	brasl	%r14,skb_copy_bits	# get data from skb
 	l	%r5,160(%r15)		# load result from temp buffer
 	ltgr	%r2,%r2			# set cc to (%r2 != 0)
@@ -69,8 +69,8 @@ ENTRY(sk_load_half)
 
 sk_load_half_slow:
 	lgr	%r9,%r2			# save %r2
-	lhi	%r4,2			# 2 bytes
-	la	%r5,162(%r15)		# pointer to temp buffer
+	la	%r4,162(%r15)		# pointer to temp buffer
+	lhi	%r5,2			# 2 bytes
 	brasl	%r14,skb_copy_bits	# get data from skb
 	xc	160(2,%r15),160(%r15)
 	l	%r5,160(%r15)		# load result from temp buffer
@@ -95,8 +95,8 @@ ENTRY(sk_load_byte)
 
 sk_load_byte_slow:
 	lgr	%r9,%r2			# save %r2
-	lhi	%r4,1			# 1 bytes
-	la	%r5,163(%r15)		# pointer to temp buffer
+	la	%r4,163(%r15)		# pointer to temp buffer
+	lhi	%r5,1			# 1 bytes
 	brasl	%r14,skb_copy_bits	# get data from skb
 	xc	160(3,%r15),160(%r15)
 	l	%r5,160(%r15)		# load result from temp buffer
@@ -118,8 +118,8 @@ ENTRY(sk_load_byte_msh)
 
 sk_load_byte_msh_slow:
 	lgr	%r9,%r2			# save %r2
-	lhi	%r4,2			# 2 bytes
-	la	%r5,162(%r15)		# pointer to temp buffer
+	la	%r4,162(%r15)		# pointer to temp buffer
+	lhi	%r5,2			# 2 bytes
 	brasl	%r14,skb_copy_bits	# get data from skb
 	xc	160(3,%r15),160(%r15)
 	l	%r12,160(%r15)		# load result from temp buffer
-- 
cgit v1.2.3


From d86eb7448e6de97b1319ea935f77b65590dbc049 Mon Sep 17 00:00:00 2001
From: Michael Holzheu <holzheu@linux.vnet.ibm.com>
Date: Thu, 15 Jan 2015 10:21:20 +0100
Subject: s390/bpf: Fix offset parameter for skb_copy_bits()

Currently the offset parameter for skb_copy_bits is changed in
sk_load_word() and sk_load_half(). Therefore it is not correct when
calling skb_copy_bits(). Fix this and use the original offset
for the function call.

Signed-off-by: Michael Holzheu <holzheu@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
---
 arch/s390/net/bpf_jit.S | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'arch')

diff --git a/arch/s390/net/bpf_jit.S b/arch/s390/net/bpf_jit.S
index d34b70767d5a..ede6108c0002 100644
--- a/arch/s390/net/bpf_jit.S
+++ b/arch/s390/net/bpf_jit.S
@@ -44,6 +44,7 @@ ENTRY(sk_load_word)
 
 sk_load_word_slow:
 	lgr	%r9,%r2			# save %r2
+	lgr	%r3,%r1			# offset
 	la	%r4,160(%r15)		# pointer to temp buffer
 	lhi	%r5,4			# 4 bytes
 	brasl	%r14,skb_copy_bits	# get data from skb
@@ -69,6 +70,7 @@ ENTRY(sk_load_half)
 
 sk_load_half_slow:
 	lgr	%r9,%r2			# save %r2
+	lgr	%r3,%r1			# offset
 	la	%r4,162(%r15)		# pointer to temp buffer
 	lhi	%r5,2			# 2 bytes
 	brasl	%r14,skb_copy_bits	# get data from skb
-- 
cgit v1.2.3


From 1a92b2deaf5c1b71f995ef571076200a391aac66 Mon Sep 17 00:00:00 2001
From: Michael Holzheu <holzheu@linux.vnet.ibm.com>
Date: Thu, 15 Jan 2015 10:21:58 +0100
Subject: s390/bpf: Fix sk_load_byte_msh()

In sk_load_byte_msh() sk_load_byte_slow() is called instead of
sk_load_byte_msh_slow(). Fix this and call the correct function.

Besides of this load only one byte instead of two and fix the comment.

Signed-off-by: Michael Holzheu <holzheu@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
---
 arch/s390/net/bpf_jit.S | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'arch')

diff --git a/arch/s390/net/bpf_jit.S b/arch/s390/net/bpf_jit.S
index ede6108c0002..e2f2111bd107 100644
--- a/arch/s390/net/bpf_jit.S
+++ b/arch/s390/net/bpf_jit.S
@@ -106,11 +106,11 @@ sk_load_byte_slow:
 	lgr	%r2,%r9			# restore %r2
 	br	%r8
 
-	/* A = (*(u8 *)(skb->data+K) & 0xf) << 2 */
+	/* X = (*(u8 *)(skb->data+K) & 0xf) << 2 */
 ENTRY(sk_load_byte_msh)
 	llgfr	%r1,%r3			# extend offset
 	clr	%r11,%r3		# hlen < offset ?
-	jle	sk_load_byte_slow
+	jle	sk_load_byte_msh_slow
 	lhi	%r12,0
 	ic	%r12,0(%r1,%r10)	# get byte from skb
 	nill	%r12,0x0f
@@ -120,8 +120,8 @@ ENTRY(sk_load_byte_msh)
 
 sk_load_byte_msh_slow:
 	lgr	%r9,%r2			# save %r2
-	la	%r4,162(%r15)		# pointer to temp buffer
-	lhi	%r5,2			# 2 bytes
+	la	%r4,163(%r15)		# pointer to temp buffer
+	lhi	%r5,1			# 1 bytes
 	brasl	%r14,skb_copy_bits	# get data from skb
 	xc	160(3,%r15),160(%r15)
 	l	%r12,160(%r15)		# load result from temp buffer
-- 
cgit v1.2.3


From fe82bbae36943fbead5e326aab1665d001a87dd7 Mon Sep 17 00:00:00 2001
From: Michael Holzheu <holzheu@linux.vnet.ibm.com>
Date: Thu, 15 Jan 2015 10:23:46 +0100
Subject: s390/bpf: Zero extend parameters before calling C function

The s390x ABI requires to zero extend parameters before functions
are called.

Signed-off-by: Michael Holzheu <holzheu@linux.vnet.ibm.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
---
 arch/s390/net/bpf_jit.S | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

(limited to 'arch')

diff --git a/arch/s390/net/bpf_jit.S b/arch/s390/net/bpf_jit.S
index e2f2111bd107..ba44c9f55346 100644
--- a/arch/s390/net/bpf_jit.S
+++ b/arch/s390/net/bpf_jit.S
@@ -46,7 +46,7 @@ sk_load_word_slow:
 	lgr	%r9,%r2			# save %r2
 	lgr	%r3,%r1			# offset
 	la	%r4,160(%r15)		# pointer to temp buffer
-	lhi	%r5,4			# 4 bytes
+	lghi	%r5,4			# 4 bytes
 	brasl	%r14,skb_copy_bits	# get data from skb
 	l	%r5,160(%r15)		# load result from temp buffer
 	ltgr	%r2,%r2			# set cc to (%r2 != 0)
@@ -72,7 +72,7 @@ sk_load_half_slow:
 	lgr	%r9,%r2			# save %r2
 	lgr	%r3,%r1			# offset
 	la	%r4,162(%r15)		# pointer to temp buffer
-	lhi	%r5,2			# 2 bytes
+	lghi	%r5,2			# 2 bytes
 	brasl	%r14,skb_copy_bits	# get data from skb
 	xc	160(2,%r15),160(%r15)
 	l	%r5,160(%r15)		# load result from temp buffer
@@ -97,8 +97,9 @@ ENTRY(sk_load_byte)
 
 sk_load_byte_slow:
 	lgr	%r9,%r2			# save %r2
+	lgr	%r3,%r1			# offset
 	la	%r4,163(%r15)		# pointer to temp buffer
-	lhi	%r5,1			# 1 bytes
+	lghi	%r5,1			# 1 byte
 	brasl	%r14,skb_copy_bits	# get data from skb
 	xc	160(3,%r15),160(%r15)
 	l	%r5,160(%r15)		# load result from temp buffer
@@ -120,8 +121,9 @@ ENTRY(sk_load_byte_msh)
 
 sk_load_byte_msh_slow:
 	lgr	%r9,%r2			# save %r2
+	lgr	%r3,%r1			# offset
 	la	%r4,163(%r15)		# pointer to temp buffer
-	lhi	%r5,1			# 1 bytes
+	lghi	%r5,1			# 1 byte
 	brasl	%r14,skb_copy_bits	# get data from skb
 	xc	160(3,%r15),160(%r15)
 	l	%r12,160(%r15)		# load result from temp buffer
-- 
cgit v1.2.3