iovisor / ubpf / 21458222544 / 4
78%
main: 78%

DEFAULT BRANCH: main
Ran
Files 69
Run time 2s
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 58.74% (+0.5%) from 58.204%
21458222544.4

push

github

web-flow 
ARM64 JIT: Implement constant blinding support (#733)

* Implement ARM64 constant blinding support in JIT

Co-authored-by: Alan-Jowett <20480683+Alan-Jowett@users.noreply.github.com>

* Fix register allocation bug in emit_movewide_immediate_blinded

Co-authored-by: Alan-Jowett <20480683+Alan-Jowett@users.noreply.github.com>

* ARM64 JIT: avoid clobbering temp register in constant blinding

* ARM64: Blind all immediate operations when constant blinding enabled

When constant blinding is enabled, now force all immediate operations
(including simple immediates < 0x1000) through the blinded path by
converting them to register operations. This matches x86-64 behavior
and ensures all attacker-controlled immediates are properly blinded.

Co-authored-by: Alan-Jowett <20480683+Alan-Jowett@users.noreply.github.com>

* ARM64: Blind helper index and atomic offsets in constant blinding

Extended constant blinding to cover all remaining attacker-controlled
immediates:
- Helper function index in emit_dispatched_external_helper_call
- Large atomic operation offsets in emit_atomic_operation

These values come from BPF instruction fields (inst.imm, inst.offset)
and must be blinded when constant_blinding_enabled is true.

Note: JIT-internal constants (e.g., stack sizes, shift amounts) remain
unblinded as they provide no security benefit and hurt performance.

Co-authored-by: Alan-Jowett <20480683+Alan-Jowett@users.noreply.github.com>

* ARM64 JIT: fix large negative load/store offsets

* ARM64 JIT: remove unused load/store helper

* ARM64: Optimize MOV_IMM blinding to avoid extra ORR instruction

Excluded MOV_IMM/MOV64_IMM from the immediate-to-register conversion
path when constant blinding is enabled. These instructions are now
handled directly in their switch case, which blinds the immediate
without requiring an extra ORR instruction to copy from temp_register
to dst.

Before: MOVZ temp, #blinded → EOR temp, temp, #random → ORR dst, RZ, temp
After:  MOVZ dst, #blinde... (continued)

3804 of 6476 relevant lines covered (58.74%)

20721.86 hits per line

Source Files on job run-RelWithDebInfo-ubuntu-24.04-arm-arm64 - 21458222544.4