From e36ffb8f084154fd648de21d8f21ffb326869308 Mon Sep 17 00:00:00 2001
From: swananan <jt26wzz@gmail.com>
Date: Mon, 25 May 2026 20:19:06 +0800
Subject: [PATCH] aya-ebpf: document FExit ret kernel range

Kernel git bisect identified the upstream verifier fix:

https://github.com/torvalds/linux/commit/d028f87517d6775dccff4ddbca2740826f9e53f1

`bpf_get_func_ret` was added in v5.17. The workaround is therefore
for kernels v5.17 through v6.7, before the fix is present in v6.8.
---
 ebpf/aya-ebpf/src/programs/fexit.rs | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/ebpf/aya-ebpf/src/programs/fexit.rs b/ebpf/aya-ebpf/src/programs/fexit.rs
index 45c4cc73c..e414a1b5f 100644
--- a/ebpf/aya-ebpf/src/programs/fexit.rs
+++ b/ebpf/aya-ebpf/src/programs/fexit.rs
@@ -83,10 +83,11 @@ impl FExitContext {
         // changing runtime semantics.
         //
         // See also:
-        // https://github.com/torvalds/linux/commit/4621202adc5b
-        // fixes the forward propagation variant in v6.8.
-        // https://github.com/torvalds/linux/commit/4bf79f9be434
-        // fixes a related backtracking variant in v6.12.
+        // https://github.com/torvalds/linux/commit/d028f87517d6775dccff4ddbca2740826f9e53f1
+        // fixes this verifier bug by tracking BPF_JNE "not equal" constraints.
+        // https://github.com/torvalds/linux/commit/9e314f5d8682e1fe6ac214fb34580a238b6fd3c4
+        // is also a prerequisite, because it preserves 32/64-bit bounds
+        // across reg_set_min_max().
         let err = core::hint::black_box(err);
         if err == 0 {
             Ok(T::from_register(ret_val))