1 // SPDX-License-Identifier: GPL-2.0-only
2 /* Copyright (c) 2011-2014 PLUMgrid, http://plumgrid.com
3 * Copyright (c) 2016 Facebook
7 #include <linux/jhash.h>
8 #include <linux/filter.h>
9 #include <linux/rculist_nulls.h>
10 #include <linux/random.h>
11 #include <uapi/linux/btf.h>
12 #include <linux/rcupdate_trace.h>
13 #include <linux/btf_ids.h>
14 #include "percpu_freelist.h"
15 #include "bpf_lru_list.h"
16 #include "map_in_map.h"
17 #include <linux/bpf_mem_alloc.h>
19 #define HTAB_CREATE_FLAG_MASK \
20 (BPF_F_NO_PREALLOC | BPF_F_NO_COMMON_LRU | BPF_F_NUMA_NODE | \
21 BPF_F_ACCESS_MASK | BPF_F_ZERO_SEED)
23 #define BATCH_OPS(_name) \
25 _name##_map_lookup_batch, \
26 .map_lookup_and_delete_batch = \
27 _name##_map_lookup_and_delete_batch, \
29 generic_map_update_batch, \
31 generic_map_delete_batch
34 * The bucket lock has two protection scopes:
36 * 1) Serializing concurrent operations from BPF programs on different
39 * 2) Serializing concurrent operations from BPF programs and sys_bpf()
41 * BPF programs can execute in any context including perf, kprobes and
42 * tracing. As there are almost no limits where perf, kprobes and tracing
43 * can be invoked from the lock operations need to be protected against
44 * deadlocks. Deadlocks can be caused by recursion and by an invocation in
45 * the lock held section when functions which acquire this lock are invoked
46 * from sys_bpf(). BPF recursion is prevented by incrementing the per CPU
47 * variable bpf_prog_active, which prevents BPF programs attached to perf
48 * events, kprobes and tracing to be invoked before the prior invocation
49 * from one of these contexts completed. sys_bpf() uses the same mechanism
50 * by pinning the task to the current CPU and incrementing the recursion
51 * protection across the map operation.
53 * This has subtle implications on PREEMPT_RT. PREEMPT_RT forbids certain
54 * operations like memory allocations (even with GFP_ATOMIC) from atomic
55 * contexts. This is required because even with GFP_ATOMIC the memory
56 * allocator calls into code paths which acquire locks with long held lock
57 * sections. To ensure the deterministic behaviour these locks are regular
58 * spinlocks, which are converted to 'sleepable' spinlocks on RT. The only
59 * true atomic contexts on an RT kernel are the low level hardware
60 * handling, scheduling, low level interrupt handling, NMIs etc. None of
61 * these contexts should ever do memory allocations.
63 * As regular device interrupt handlers and soft interrupts are forced into
64 * thread context, the existing code which does
65 * spin_lock*(); alloc(GFP_ATOMIC); spin_unlock*();
68 * In theory the BPF locks could be converted to regular spinlocks as well,
69 * but the bucket locks and percpu_freelist locks can be taken from
70 * arbitrary contexts (perf, kprobes, tracepoints) which are required to be
71 * atomic contexts even on RT. These mechanisms require preallocated maps,
72 * so there is no need to invoke memory allocations within the lock held
75 * BPF maps which need dynamic allocation are only used from (forced)
76 * thread context on RT and can therefore use regular spinlocks which in
77 * turn allows to invoke memory allocations from the lock held section.
79 * On a non RT kernel this distinction is neither possible nor required.
80 * spinlock maps to raw_spinlock and the extra code is optimized out by the
84 struct hlist_nulls_head head;
86 raw_spinlock_t raw_lock;
91 #define HASHTAB_MAP_LOCK_COUNT 8
92 #define HASHTAB_MAP_LOCK_MASK (HASHTAB_MAP_LOCK_COUNT - 1)
96 struct bpf_mem_alloc ma;
97 struct bucket *buckets;
100 struct pcpu_freelist freelist;
103 struct htab_elem *__percpu *extra_elems;
104 /* number of elements in non-preallocated hashtable are kept
105 * in either pcount or count
107 struct percpu_counter pcount;
109 bool use_percpu_counter;
110 u32 n_buckets; /* number of hash buckets */
111 u32 elem_size; /* size of each element in bytes */
113 struct lock_class_key lockdep_key;
114 int __percpu *map_locked[HASHTAB_MAP_LOCK_COUNT];
117 /* each htab element is struct htab_elem + key + value */
120 struct hlist_nulls_node hash_node;
124 struct bpf_htab *htab;
125 struct pcpu_freelist_node fnode;
126 struct htab_elem *batch_flink;
132 struct bpf_lru_node lru_node;
135 char key[] __aligned(8);
138 static inline bool htab_is_prealloc(const struct bpf_htab *htab)
140 return !(htab->map.map_flags & BPF_F_NO_PREALLOC);
143 static inline bool htab_use_raw_lock(const struct bpf_htab *htab)
145 return (!IS_ENABLED(CONFIG_PREEMPT_RT) || htab_is_prealloc(htab));
148 static void htab_init_buckets(struct bpf_htab *htab)
152 for (i = 0; i < htab->n_buckets; i++) {
153 INIT_HLIST_NULLS_HEAD(&htab->buckets[i].head, i);
154 if (htab_use_raw_lock(htab)) {
155 raw_spin_lock_init(&htab->buckets[i].raw_lock);
156 lockdep_set_class(&htab->buckets[i].raw_lock,
159 spin_lock_init(&htab->buckets[i].lock);
160 lockdep_set_class(&htab->buckets[i].lock,
167 static inline int htab_lock_bucket(const struct bpf_htab *htab,
168 struct bucket *b, u32 hash,
169 unsigned long *pflags)
174 hash = hash & HASHTAB_MAP_LOCK_MASK;
176 use_raw_lock = htab_use_raw_lock(htab);
181 if (unlikely(__this_cpu_inc_return(*(htab->map_locked[hash])) != 1)) {
182 __this_cpu_dec(*(htab->map_locked[hash]));
191 raw_spin_lock_irqsave(&b->raw_lock, flags);
193 spin_lock_irqsave(&b->lock, flags);
199 static inline void htab_unlock_bucket(const struct bpf_htab *htab,
200 struct bucket *b, u32 hash,
203 bool use_raw_lock = htab_use_raw_lock(htab);
205 hash = hash & HASHTAB_MAP_LOCK_MASK;
207 raw_spin_unlock_irqrestore(&b->raw_lock, flags);
209 spin_unlock_irqrestore(&b->lock, flags);
210 __this_cpu_dec(*(htab->map_locked[hash]));
217 static bool htab_lru_map_delete_node(void *arg, struct bpf_lru_node *node);
219 static bool htab_is_lru(const struct bpf_htab *htab)
221 return htab->map.map_type == BPF_MAP_TYPE_LRU_HASH ||
222 htab->map.map_type == BPF_MAP_TYPE_LRU_PERCPU_HASH;
225 static bool htab_is_percpu(const struct bpf_htab *htab)
227 return htab->map.map_type == BPF_MAP_TYPE_PERCPU_HASH ||
228 htab->map.map_type == BPF_MAP_TYPE_LRU_PERCPU_HASH;
231 static inline void htab_elem_set_ptr(struct htab_elem *l, u32 key_size,
234 *(void __percpu **)(l->key + key_size) = pptr;
237 static inline void __percpu *htab_elem_get_ptr(struct htab_elem *l, u32 key_size)
239 return *(void __percpu **)(l->key + key_size);
242 static void *fd_htab_map_get_ptr(const struct bpf_map *map, struct htab_elem *l)
244 return *(void **)(l->key + roundup(map->key_size, 8));
247 static struct htab_elem *get_htab_elem(struct bpf_htab *htab, int i)
249 return (struct htab_elem *) (htab->elems + i * (u64)htab->elem_size);
252 static bool htab_has_extra_elems(struct bpf_htab *htab)
254 return !htab_is_percpu(htab) && !htab_is_lru(htab);
257 static void htab_free_prealloced_timers(struct bpf_htab *htab)
259 u32 num_entries = htab->map.max_entries;
262 if (!map_value_has_timer(&htab->map))
264 if (htab_has_extra_elems(htab))
265 num_entries += num_possible_cpus();
267 for (i = 0; i < num_entries; i++) {
268 struct htab_elem *elem;
270 elem = get_htab_elem(htab, i);
271 bpf_timer_cancel_and_free(elem->key +
272 round_up(htab->map.key_size, 8) +
273 htab->map.timer_off);
278 static void htab_free_prealloced_kptrs(struct bpf_htab *htab)
280 u32 num_entries = htab->map.max_entries;
283 if (!map_value_has_kptrs(&htab->map))
285 if (htab_has_extra_elems(htab))
286 num_entries += num_possible_cpus();
288 for (i = 0; i < num_entries; i++) {
289 struct htab_elem *elem;
291 elem = get_htab_elem(htab, i);
292 bpf_map_free_kptrs(&htab->map, elem->key + round_up(htab->map.key_size, 8));
297 static void htab_free_elems(struct bpf_htab *htab)
301 if (!htab_is_percpu(htab))
304 for (i = 0; i < htab->map.max_entries; i++) {
307 pptr = htab_elem_get_ptr(get_htab_elem(htab, i),
313 bpf_map_area_free(htab->elems);
316 /* The LRU list has a lock (lru_lock). Each htab bucket has a lock
317 * (bucket_lock). If both locks need to be acquired together, the lock
318 * order is always lru_lock -> bucket_lock and this only happens in
319 * bpf_lru_list.c logic. For example, certain code path of
320 * bpf_lru_pop_free(), which is called by function prealloc_lru_pop(),
321 * will acquire lru_lock first followed by acquiring bucket_lock.
323 * In hashtab.c, to avoid deadlock, lock acquisition of
324 * bucket_lock followed by lru_lock is not allowed. In such cases,
325 * bucket_lock needs to be released first before acquiring lru_lock.
327 static struct htab_elem *prealloc_lru_pop(struct bpf_htab *htab, void *key,
330 struct bpf_lru_node *node = bpf_lru_pop_free(&htab->lru, hash);
334 l = container_of(node, struct htab_elem, lru_node);
335 memcpy(l->key, key, htab->map.key_size);
342 static int prealloc_init(struct bpf_htab *htab)
344 u32 num_entries = htab->map.max_entries;
345 int err = -ENOMEM, i;
347 if (htab_has_extra_elems(htab))
348 num_entries += num_possible_cpus();
350 htab->elems = bpf_map_area_alloc((u64)htab->elem_size * num_entries,
351 htab->map.numa_node);
355 if (!htab_is_percpu(htab))
356 goto skip_percpu_elems;
358 for (i = 0; i < num_entries; i++) {
359 u32 size = round_up(htab->map.value_size, 8);
362 pptr = bpf_map_alloc_percpu(&htab->map, size, 8,
363 GFP_USER | __GFP_NOWARN);
366 htab_elem_set_ptr(get_htab_elem(htab, i), htab->map.key_size,
372 if (htab_is_lru(htab))
373 err = bpf_lru_init(&htab->lru,
374 htab->map.map_flags & BPF_F_NO_COMMON_LRU,
375 offsetof(struct htab_elem, hash) -
376 offsetof(struct htab_elem, lru_node),
377 htab_lru_map_delete_node,
380 err = pcpu_freelist_init(&htab->freelist);
385 if (htab_is_lru(htab))
386 bpf_lru_populate(&htab->lru, htab->elems,
387 offsetof(struct htab_elem, lru_node),
388 htab->elem_size, num_entries);
390 pcpu_freelist_populate(&htab->freelist,
391 htab->elems + offsetof(struct htab_elem, fnode),
392 htab->elem_size, num_entries);
397 htab_free_elems(htab);
401 static void prealloc_destroy(struct bpf_htab *htab)
403 htab_free_elems(htab);
405 if (htab_is_lru(htab))
406 bpf_lru_destroy(&htab->lru);
408 pcpu_freelist_destroy(&htab->freelist);
411 static int alloc_extra_elems(struct bpf_htab *htab)
413 struct htab_elem *__percpu *pptr, *l_new;
414 struct pcpu_freelist_node *l;
417 pptr = bpf_map_alloc_percpu(&htab->map, sizeof(struct htab_elem *), 8,
418 GFP_USER | __GFP_NOWARN);
422 for_each_possible_cpu(cpu) {
423 l = pcpu_freelist_pop(&htab->freelist);
424 /* pop will succeed, since prealloc_init()
425 * preallocated extra num_possible_cpus elements
427 l_new = container_of(l, struct htab_elem, fnode);
428 *per_cpu_ptr(pptr, cpu) = l_new;
430 htab->extra_elems = pptr;
434 /* Called from syscall */
435 static int htab_map_alloc_check(union bpf_attr *attr)
437 bool percpu = (attr->map_type == BPF_MAP_TYPE_PERCPU_HASH ||
438 attr->map_type == BPF_MAP_TYPE_LRU_PERCPU_HASH);
439 bool lru = (attr->map_type == BPF_MAP_TYPE_LRU_HASH ||
440 attr->map_type == BPF_MAP_TYPE_LRU_PERCPU_HASH);
441 /* percpu_lru means each cpu has its own LRU list.
442 * it is different from BPF_MAP_TYPE_PERCPU_HASH where
443 * the map's value itself is percpu. percpu_lru has
444 * nothing to do with the map's value.
446 bool percpu_lru = (attr->map_flags & BPF_F_NO_COMMON_LRU);
447 bool prealloc = !(attr->map_flags & BPF_F_NO_PREALLOC);
448 bool zero_seed = (attr->map_flags & BPF_F_ZERO_SEED);
449 int numa_node = bpf_map_attr_numa_node(attr);
451 BUILD_BUG_ON(offsetof(struct htab_elem, htab) !=
452 offsetof(struct htab_elem, hash_node.pprev));
453 BUILD_BUG_ON(offsetof(struct htab_elem, fnode.next) !=
454 offsetof(struct htab_elem, hash_node.pprev));
456 if (lru && !bpf_capable())
457 /* LRU implementation is much complicated than other
458 * maps. Hence, limit to CAP_BPF.
462 if (zero_seed && !capable(CAP_SYS_ADMIN))
463 /* Guard against local DoS, and discourage production use. */
466 if (attr->map_flags & ~HTAB_CREATE_FLAG_MASK ||
467 !bpf_map_flags_access_ok(attr->map_flags))
470 if (!lru && percpu_lru)
473 if (lru && !prealloc)
476 if (numa_node != NUMA_NO_NODE && (percpu || percpu_lru))
479 /* check sanity of attributes.
480 * value_size == 0 may be allowed in the future to use map as a set
482 if (attr->max_entries == 0 || attr->key_size == 0 ||
483 attr->value_size == 0)
486 if ((u64)attr->key_size + attr->value_size >= KMALLOC_MAX_SIZE -
487 sizeof(struct htab_elem))
488 /* if key_size + value_size is bigger, the user space won't be
489 * able to access the elements via bpf syscall. This check
490 * also makes sure that the elem_size doesn't overflow and it's
491 * kmalloc-able later in htab_map_update_elem()
498 static struct bpf_map *htab_map_alloc(union bpf_attr *attr)
500 bool percpu = (attr->map_type == BPF_MAP_TYPE_PERCPU_HASH ||
501 attr->map_type == BPF_MAP_TYPE_LRU_PERCPU_HASH);
502 bool lru = (attr->map_type == BPF_MAP_TYPE_LRU_HASH ||
503 attr->map_type == BPF_MAP_TYPE_LRU_PERCPU_HASH);
504 /* percpu_lru means each cpu has its own LRU list.
505 * it is different from BPF_MAP_TYPE_PERCPU_HASH where
506 * the map's value itself is percpu. percpu_lru has
507 * nothing to do with the map's value.
509 bool percpu_lru = (attr->map_flags & BPF_F_NO_COMMON_LRU);
510 bool prealloc = !(attr->map_flags & BPF_F_NO_PREALLOC);
511 struct bpf_htab *htab;
514 htab = bpf_map_area_alloc(sizeof(*htab), NUMA_NO_NODE);
516 return ERR_PTR(-ENOMEM);
518 lockdep_register_key(&htab->lockdep_key);
520 bpf_map_init_from_attr(&htab->map, attr);
523 /* ensure each CPU's lru list has >=1 elements.
524 * since we are at it, make each lru list has the same
525 * number of elements.
527 htab->map.max_entries = roundup(attr->max_entries,
528 num_possible_cpus());
529 if (htab->map.max_entries < attr->max_entries)
530 htab->map.max_entries = rounddown(attr->max_entries,
531 num_possible_cpus());
534 /* hash table size must be power of 2 */
535 htab->n_buckets = roundup_pow_of_two(htab->map.max_entries);
537 htab->elem_size = sizeof(struct htab_elem) +
538 round_up(htab->map.key_size, 8);
540 htab->elem_size += sizeof(void *);
542 htab->elem_size += round_up(htab->map.value_size, 8);
545 /* prevent zero size kmalloc and check for u32 overflow */
546 if (htab->n_buckets == 0 ||
547 htab->n_buckets > U32_MAX / sizeof(struct bucket))
551 htab->buckets = bpf_map_area_alloc(htab->n_buckets *
552 sizeof(struct bucket),
553 htab->map.numa_node);
557 for (i = 0; i < HASHTAB_MAP_LOCK_COUNT; i++) {
558 htab->map_locked[i] = bpf_map_alloc_percpu(&htab->map,
562 if (!htab->map_locked[i])
563 goto free_map_locked;
566 if (htab->map.map_flags & BPF_F_ZERO_SEED)
569 htab->hashrnd = get_random_int();
571 htab_init_buckets(htab);
573 /* compute_batch_value() computes batch value as num_online_cpus() * 2
574 * and __percpu_counter_compare() needs
575 * htab->max_entries - cur_number_of_elems to be more than batch * num_online_cpus()
576 * for percpu_counter to be faster than atomic_t. In practice the average bpf
577 * hash map size is 10k, which means that a system with 64 cpus will fill
578 * hashmap to 20% of 10k before percpu_counter becomes ineffective. Therefore
579 * define our own batch count as 32 then 10k hash map can be filled up to 80%:
580 * 10k - 8k > 32 _batch_ * 64 _cpus_
581 * and __percpu_counter_compare() will still be fast. At that point hash map
582 * collisions will dominate its performance anyway. Assume that hash map filled
583 * to 50+% isn't going to be O(1) and use the following formula to choose
584 * between percpu_counter and atomic_t.
586 #define PERCPU_COUNTER_BATCH 32
587 if (attr->max_entries / 2 > num_online_cpus() * PERCPU_COUNTER_BATCH)
588 htab->use_percpu_counter = true;
590 if (htab->use_percpu_counter) {
591 err = percpu_counter_init(&htab->pcount, 0, GFP_KERNEL);
593 goto free_map_locked;
597 err = prealloc_init(htab);
599 goto free_map_locked;
601 if (!percpu && !lru) {
602 /* lru itself can remove the least used element, so
603 * there is no need for an extra elem during map_update.
605 err = alloc_extra_elems(htab);
610 err = bpf_mem_alloc_init(&htab->ma, htab->elem_size);
612 goto free_map_locked;
618 prealloc_destroy(htab);
620 for (i = 0; i < HASHTAB_MAP_LOCK_COUNT; i++)
621 free_percpu(htab->map_locked[i]);
622 bpf_map_area_free(htab->buckets);
623 bpf_mem_alloc_destroy(&htab->ma);
625 lockdep_unregister_key(&htab->lockdep_key);
626 bpf_map_area_free(htab);
630 static inline u32 htab_map_hash(const void *key, u32 key_len, u32 hashrnd)
632 return jhash(key, key_len, hashrnd);
635 static inline struct bucket *__select_bucket(struct bpf_htab *htab, u32 hash)
637 return &htab->buckets[hash & (htab->n_buckets - 1)];
640 static inline struct hlist_nulls_head *select_bucket(struct bpf_htab *htab, u32 hash)
642 return &__select_bucket(htab, hash)->head;
645 /* this lookup function can only be called with bucket lock taken */
646 static struct htab_elem *lookup_elem_raw(struct hlist_nulls_head *head, u32 hash,
647 void *key, u32 key_size)
649 struct hlist_nulls_node *n;
652 hlist_nulls_for_each_entry_rcu(l, n, head, hash_node)
653 if (l->hash == hash && !memcmp(&l->key, key, key_size))
659 /* can be called without bucket lock. it will repeat the loop in
660 * the unlikely event when elements moved from one bucket into another
661 * while link list is being walked
663 static struct htab_elem *lookup_nulls_elem_raw(struct hlist_nulls_head *head,
665 u32 key_size, u32 n_buckets)
667 struct hlist_nulls_node *n;
671 hlist_nulls_for_each_entry_rcu(l, n, head, hash_node)
672 if (l->hash == hash && !memcmp(&l->key, key, key_size))
675 if (unlikely(get_nulls_value(n) != (hash & (n_buckets - 1))))
681 /* Called from syscall or from eBPF program directly, so
682 * arguments have to match bpf_map_lookup_elem() exactly.
683 * The return value is adjusted by BPF instructions
684 * in htab_map_gen_lookup().
686 static void *__htab_map_lookup_elem(struct bpf_map *map, void *key)
688 struct bpf_htab *htab = container_of(map, struct bpf_htab, map);
689 struct hlist_nulls_head *head;
693 WARN_ON_ONCE(!rcu_read_lock_held() && !rcu_read_lock_trace_held() &&
694 !rcu_read_lock_bh_held());
696 key_size = map->key_size;
698 hash = htab_map_hash(key, key_size, htab->hashrnd);
700 head = select_bucket(htab, hash);
702 l = lookup_nulls_elem_raw(head, hash, key, key_size, htab->n_buckets);
707 static void *htab_map_lookup_elem(struct bpf_map *map, void *key)
709 struct htab_elem *l = __htab_map_lookup_elem(map, key);
712 return l->key + round_up(map->key_size, 8);
717 /* inline bpf_map_lookup_elem() call.
720 * bpf_map_lookup_elem
721 * map->ops->map_lookup_elem
722 * htab_map_lookup_elem
723 * __htab_map_lookup_elem
726 * __htab_map_lookup_elem
728 static int htab_map_gen_lookup(struct bpf_map *map, struct bpf_insn *insn_buf)
730 struct bpf_insn *insn = insn_buf;
731 const int ret = BPF_REG_0;
733 BUILD_BUG_ON(!__same_type(&__htab_map_lookup_elem,
734 (void *(*)(struct bpf_map *map, void *key))NULL));
735 *insn++ = BPF_EMIT_CALL(__htab_map_lookup_elem);
736 *insn++ = BPF_JMP_IMM(BPF_JEQ, ret, 0, 1);
737 *insn++ = BPF_ALU64_IMM(BPF_ADD, ret,
738 offsetof(struct htab_elem, key) +
739 round_up(map->key_size, 8));
740 return insn - insn_buf;
743 static __always_inline void *__htab_lru_map_lookup_elem(struct bpf_map *map,
744 void *key, const bool mark)
746 struct htab_elem *l = __htab_map_lookup_elem(map, key);
750 bpf_lru_node_set_ref(&l->lru_node);
751 return l->key + round_up(map->key_size, 8);
757 static void *htab_lru_map_lookup_elem(struct bpf_map *map, void *key)
759 return __htab_lru_map_lookup_elem(map, key, true);
762 static void *htab_lru_map_lookup_elem_sys(struct bpf_map *map, void *key)
764 return __htab_lru_map_lookup_elem(map, key, false);
767 static int htab_lru_map_gen_lookup(struct bpf_map *map,
768 struct bpf_insn *insn_buf)
770 struct bpf_insn *insn = insn_buf;
771 const int ret = BPF_REG_0;
772 const int ref_reg = BPF_REG_1;
774 BUILD_BUG_ON(!__same_type(&__htab_map_lookup_elem,
775 (void *(*)(struct bpf_map *map, void *key))NULL));
776 *insn++ = BPF_EMIT_CALL(__htab_map_lookup_elem);
777 *insn++ = BPF_JMP_IMM(BPF_JEQ, ret, 0, 4);
778 *insn++ = BPF_LDX_MEM(BPF_B, ref_reg, ret,
779 offsetof(struct htab_elem, lru_node) +
780 offsetof(struct bpf_lru_node, ref));
781 *insn++ = BPF_JMP_IMM(BPF_JNE, ref_reg, 0, 1);
782 *insn++ = BPF_ST_MEM(BPF_B, ret,
783 offsetof(struct htab_elem, lru_node) +
784 offsetof(struct bpf_lru_node, ref),
786 *insn++ = BPF_ALU64_IMM(BPF_ADD, ret,
787 offsetof(struct htab_elem, key) +
788 round_up(map->key_size, 8));
789 return insn - insn_buf;
792 static void check_and_free_fields(struct bpf_htab *htab,
793 struct htab_elem *elem)
795 void *map_value = elem->key + round_up(htab->map.key_size, 8);
797 if (map_value_has_timer(&htab->map))
798 bpf_timer_cancel_and_free(map_value + htab->map.timer_off);
799 if (map_value_has_kptrs(&htab->map))
800 bpf_map_free_kptrs(&htab->map, map_value);
803 /* It is called from the bpf_lru_list when the LRU needs to delete
804 * older elements from the htab.
806 static bool htab_lru_map_delete_node(void *arg, struct bpf_lru_node *node)
808 struct bpf_htab *htab = arg;
809 struct htab_elem *l = NULL, *tgt_l;
810 struct hlist_nulls_head *head;
811 struct hlist_nulls_node *n;
816 tgt_l = container_of(node, struct htab_elem, lru_node);
817 b = __select_bucket(htab, tgt_l->hash);
820 ret = htab_lock_bucket(htab, b, tgt_l->hash, &flags);
824 hlist_nulls_for_each_entry_rcu(l, n, head, hash_node)
826 hlist_nulls_del_rcu(&l->hash_node);
827 check_and_free_fields(htab, l);
831 htab_unlock_bucket(htab, b, tgt_l->hash, flags);
836 /* Called from syscall */
837 static int htab_map_get_next_key(struct bpf_map *map, void *key, void *next_key)
839 struct bpf_htab *htab = container_of(map, struct bpf_htab, map);
840 struct hlist_nulls_head *head;
841 struct htab_elem *l, *next_l;
845 WARN_ON_ONCE(!rcu_read_lock_held());
847 key_size = map->key_size;
850 goto find_first_elem;
852 hash = htab_map_hash(key, key_size, htab->hashrnd);
854 head = select_bucket(htab, hash);
857 l = lookup_nulls_elem_raw(head, hash, key, key_size, htab->n_buckets);
860 goto find_first_elem;
862 /* key was found, get next key in the same bucket */
863 next_l = hlist_nulls_entry_safe(rcu_dereference_raw(hlist_nulls_next_rcu(&l->hash_node)),
864 struct htab_elem, hash_node);
867 /* if next elem in this hash list is non-zero, just return it */
868 memcpy(next_key, next_l->key, key_size);
872 /* no more elements in this hash list, go to the next bucket */
873 i = hash & (htab->n_buckets - 1);
877 /* iterate over buckets */
878 for (; i < htab->n_buckets; i++) {
879 head = select_bucket(htab, i);
881 /* pick first element in the bucket */
882 next_l = hlist_nulls_entry_safe(rcu_dereference_raw(hlist_nulls_first_rcu(head)),
883 struct htab_elem, hash_node);
885 /* if it's not empty, just return it */
886 memcpy(next_key, next_l->key, key_size);
891 /* iterated over all buckets and all elements */
895 static void htab_elem_free(struct bpf_htab *htab, struct htab_elem *l)
897 if (htab->map.map_type == BPF_MAP_TYPE_PERCPU_HASH)
898 free_percpu(htab_elem_get_ptr(l, htab->map.key_size));
899 check_and_free_fields(htab, l);
900 bpf_mem_cache_free(&htab->ma, l);
903 static void htab_elem_free_rcu(struct rcu_head *head)
905 struct htab_elem *l = container_of(head, struct htab_elem, rcu);
906 struct bpf_htab *htab = l->htab;
908 htab_elem_free(htab, l);
911 static void htab_put_fd_value(struct bpf_htab *htab, struct htab_elem *l)
913 struct bpf_map *map = &htab->map;
916 if (map->ops->map_fd_put_ptr) {
917 ptr = fd_htab_map_get_ptr(map, l);
918 map->ops->map_fd_put_ptr(ptr);
922 static bool is_map_full(struct bpf_htab *htab)
924 if (htab->use_percpu_counter)
925 return __percpu_counter_compare(&htab->pcount, htab->map.max_entries,
926 PERCPU_COUNTER_BATCH) >= 0;
927 return atomic_read(&htab->count) >= htab->map.max_entries;
930 static void inc_elem_count(struct bpf_htab *htab)
932 if (htab->use_percpu_counter)
933 percpu_counter_add_batch(&htab->pcount, 1, PERCPU_COUNTER_BATCH);
935 atomic_inc(&htab->count);
938 static void dec_elem_count(struct bpf_htab *htab)
940 if (htab->use_percpu_counter)
941 percpu_counter_add_batch(&htab->pcount, -1, PERCPU_COUNTER_BATCH);
943 atomic_dec(&htab->count);
947 static void free_htab_elem(struct bpf_htab *htab, struct htab_elem *l)
949 htab_put_fd_value(htab, l);
951 if (htab_is_prealloc(htab)) {
952 check_and_free_fields(htab, l);
953 __pcpu_freelist_push(&htab->freelist, &l->fnode);
955 dec_elem_count(htab);
956 if (htab->map.map_type == BPF_MAP_TYPE_PERCPU_HASH) {
958 call_rcu(&l->rcu, htab_elem_free_rcu);
960 htab_elem_free(htab, l);
965 static void pcpu_copy_value(struct bpf_htab *htab, void __percpu *pptr,
966 void *value, bool onallcpus)
969 /* copy true value_size bytes */
970 memcpy(this_cpu_ptr(pptr), value, htab->map.value_size);
972 u32 size = round_up(htab->map.value_size, 8);
975 for_each_possible_cpu(cpu) {
976 bpf_long_memcpy(per_cpu_ptr(pptr, cpu),
983 static void pcpu_init_value(struct bpf_htab *htab, void __percpu *pptr,
984 void *value, bool onallcpus)
986 /* When using prealloc and not setting the initial value on all cpus,
987 * zero-fill element values for other cpus (just as what happens when
988 * not using prealloc). Otherwise, bpf program has no way to ensure
989 * known initial values for cpus other than current one
990 * (onallcpus=false always when coming from bpf prog).
992 if (htab_is_prealloc(htab) && !onallcpus) {
993 u32 size = round_up(htab->map.value_size, 8);
994 int current_cpu = raw_smp_processor_id();
997 for_each_possible_cpu(cpu) {
998 if (cpu == current_cpu)
999 bpf_long_memcpy(per_cpu_ptr(pptr, cpu), value,
1002 memset(per_cpu_ptr(pptr, cpu), 0, size);
1005 pcpu_copy_value(htab, pptr, value, onallcpus);
1009 static bool fd_htab_map_needs_adjust(const struct bpf_htab *htab)
1011 return htab->map.map_type == BPF_MAP_TYPE_HASH_OF_MAPS &&
1012 BITS_PER_LONG == 64;
1015 static struct htab_elem *alloc_htab_elem(struct bpf_htab *htab, void *key,
1016 void *value, u32 key_size, u32 hash,
1017 bool percpu, bool onallcpus,
1018 struct htab_elem *old_elem)
1020 u32 size = htab->map.value_size;
1021 bool prealloc = htab_is_prealloc(htab);
1022 struct htab_elem *l_new, **pl_new;
1023 void __percpu *pptr;
1027 /* if we're updating the existing element,
1028 * use per-cpu extra elems to avoid freelist_pop/push
1030 pl_new = this_cpu_ptr(htab->extra_elems);
1032 htab_put_fd_value(htab, old_elem);
1035 struct pcpu_freelist_node *l;
1037 l = __pcpu_freelist_pop(&htab->freelist);
1039 return ERR_PTR(-E2BIG);
1040 l_new = container_of(l, struct htab_elem, fnode);
1043 if (is_map_full(htab))
1045 /* when map is full and update() is replacing
1046 * old element, it's ok to allocate, since
1047 * old element will be freed immediately.
1048 * Otherwise return an error
1050 return ERR_PTR(-E2BIG);
1051 inc_elem_count(htab);
1052 l_new = bpf_mem_cache_alloc(&htab->ma);
1054 l_new = ERR_PTR(-ENOMEM);
1057 check_and_init_map_value(&htab->map,
1058 l_new->key + round_up(key_size, 8));
1061 memcpy(l_new->key, key, key_size);
1063 size = round_up(size, 8);
1065 pptr = htab_elem_get_ptr(l_new, key_size);
1067 /* alloc_percpu zero-fills */
1068 pptr = bpf_map_alloc_percpu(&htab->map, size, 8,
1069 GFP_NOWAIT | __GFP_NOWARN);
1071 bpf_mem_cache_free(&htab->ma, l_new);
1072 l_new = ERR_PTR(-ENOMEM);
1077 pcpu_init_value(htab, pptr, value, onallcpus);
1080 htab_elem_set_ptr(l_new, key_size, pptr);
1081 } else if (fd_htab_map_needs_adjust(htab)) {
1082 size = round_up(size, 8);
1083 memcpy(l_new->key + round_up(key_size, 8), value, size);
1085 copy_map_value(&htab->map,
1086 l_new->key + round_up(key_size, 8),
1093 dec_elem_count(htab);
1097 static int check_flags(struct bpf_htab *htab, struct htab_elem *l_old,
1100 if (l_old && (map_flags & ~BPF_F_LOCK) == BPF_NOEXIST)
1101 /* elem already exists */
1104 if (!l_old && (map_flags & ~BPF_F_LOCK) == BPF_EXIST)
1105 /* elem doesn't exist, cannot update it */
1111 /* Called from syscall or from eBPF program */
1112 static int htab_map_update_elem(struct bpf_map *map, void *key, void *value,
1115 struct bpf_htab *htab = container_of(map, struct bpf_htab, map);
1116 struct htab_elem *l_new = NULL, *l_old;
1117 struct hlist_nulls_head *head;
1118 unsigned long flags;
1123 if (unlikely((map_flags & ~BPF_F_LOCK) > BPF_EXIST))
1127 WARN_ON_ONCE(!rcu_read_lock_held() && !rcu_read_lock_trace_held() &&
1128 !rcu_read_lock_bh_held());
1130 key_size = map->key_size;
1132 hash = htab_map_hash(key, key_size, htab->hashrnd);
1134 b = __select_bucket(htab, hash);
1137 if (unlikely(map_flags & BPF_F_LOCK)) {
1138 if (unlikely(!map_value_has_spin_lock(map)))
1140 /* find an element without taking the bucket lock */
1141 l_old = lookup_nulls_elem_raw(head, hash, key, key_size,
1143 ret = check_flags(htab, l_old, map_flags);
1147 /* grab the element lock and update value in place */
1148 copy_map_value_locked(map,
1149 l_old->key + round_up(key_size, 8),
1153 /* fall through, grab the bucket lock and lookup again.
1154 * 99.9% chance that the element won't be found,
1155 * but second lookup under lock has to be done.
1159 ret = htab_lock_bucket(htab, b, hash, &flags);
1163 l_old = lookup_elem_raw(head, hash, key, key_size);
1165 ret = check_flags(htab, l_old, map_flags);
1169 if (unlikely(l_old && (map_flags & BPF_F_LOCK))) {
1170 /* first lookup without the bucket lock didn't find the element,
1171 * but second lookup with the bucket lock found it.
1172 * This case is highly unlikely, but has to be dealt with:
1173 * grab the element lock in addition to the bucket lock
1174 * and update element in place
1176 copy_map_value_locked(map,
1177 l_old->key + round_up(key_size, 8),
1183 l_new = alloc_htab_elem(htab, key, value, key_size, hash, false, false,
1185 if (IS_ERR(l_new)) {
1186 /* all pre-allocated elements are in use or memory exhausted */
1187 ret = PTR_ERR(l_new);
1191 /* add new element to the head of the list, so that
1192 * concurrent search will find it before old elem
1194 hlist_nulls_add_head_rcu(&l_new->hash_node, head);
1196 hlist_nulls_del_rcu(&l_old->hash_node);
1197 if (!htab_is_prealloc(htab))
1198 free_htab_elem(htab, l_old);
1200 check_and_free_fields(htab, l_old);
1204 htab_unlock_bucket(htab, b, hash, flags);
1208 static void htab_lru_push_free(struct bpf_htab *htab, struct htab_elem *elem)
1210 check_and_free_fields(htab, elem);
1211 bpf_lru_push_free(&htab->lru, &elem->lru_node);
1214 static int htab_lru_map_update_elem(struct bpf_map *map, void *key, void *value,
1217 struct bpf_htab *htab = container_of(map, struct bpf_htab, map);
1218 struct htab_elem *l_new, *l_old = NULL;
1219 struct hlist_nulls_head *head;
1220 unsigned long flags;
1225 if (unlikely(map_flags > BPF_EXIST))
1229 WARN_ON_ONCE(!rcu_read_lock_held() && !rcu_read_lock_trace_held() &&
1230 !rcu_read_lock_bh_held());
1232 key_size = map->key_size;
1234 hash = htab_map_hash(key, key_size, htab->hashrnd);
1236 b = __select_bucket(htab, hash);
1239 /* For LRU, we need to alloc before taking bucket's
1240 * spinlock because getting free nodes from LRU may need
1241 * to remove older elements from htab and this removal
1242 * operation will need a bucket lock.
1244 l_new = prealloc_lru_pop(htab, key, hash);
1247 copy_map_value(&htab->map,
1248 l_new->key + round_up(map->key_size, 8), value);
1250 ret = htab_lock_bucket(htab, b, hash, &flags);
1254 l_old = lookup_elem_raw(head, hash, key, key_size);
1256 ret = check_flags(htab, l_old, map_flags);
1260 /* add new element to the head of the list, so that
1261 * concurrent search will find it before old elem
1263 hlist_nulls_add_head_rcu(&l_new->hash_node, head);
1265 bpf_lru_node_set_ref(&l_new->lru_node);
1266 hlist_nulls_del_rcu(&l_old->hash_node);
1271 htab_unlock_bucket(htab, b, hash, flags);
1274 htab_lru_push_free(htab, l_new);
1276 htab_lru_push_free(htab, l_old);
1281 static int __htab_percpu_map_update_elem(struct bpf_map *map, void *key,
1282 void *value, u64 map_flags,
1285 struct bpf_htab *htab = container_of(map, struct bpf_htab, map);
1286 struct htab_elem *l_new = NULL, *l_old;
1287 struct hlist_nulls_head *head;
1288 unsigned long flags;
1293 if (unlikely(map_flags > BPF_EXIST))
1297 WARN_ON_ONCE(!rcu_read_lock_held() && !rcu_read_lock_trace_held() &&
1298 !rcu_read_lock_bh_held());
1300 key_size = map->key_size;
1302 hash = htab_map_hash(key, key_size, htab->hashrnd);
1304 b = __select_bucket(htab, hash);
1307 ret = htab_lock_bucket(htab, b, hash, &flags);
1311 l_old = lookup_elem_raw(head, hash, key, key_size);
1313 ret = check_flags(htab, l_old, map_flags);
1318 /* per-cpu hash map can update value in-place */
1319 pcpu_copy_value(htab, htab_elem_get_ptr(l_old, key_size),
1322 l_new = alloc_htab_elem(htab, key, value, key_size,
1323 hash, true, onallcpus, NULL);
1324 if (IS_ERR(l_new)) {
1325 ret = PTR_ERR(l_new);
1328 hlist_nulls_add_head_rcu(&l_new->hash_node, head);
1332 htab_unlock_bucket(htab, b, hash, flags);
1336 static int __htab_lru_percpu_map_update_elem(struct bpf_map *map, void *key,
1337 void *value, u64 map_flags,
1340 struct bpf_htab *htab = container_of(map, struct bpf_htab, map);
1341 struct htab_elem *l_new = NULL, *l_old;
1342 struct hlist_nulls_head *head;
1343 unsigned long flags;
1348 if (unlikely(map_flags > BPF_EXIST))
1352 WARN_ON_ONCE(!rcu_read_lock_held() && !rcu_read_lock_trace_held() &&
1353 !rcu_read_lock_bh_held());
1355 key_size = map->key_size;
1357 hash = htab_map_hash(key, key_size, htab->hashrnd);
1359 b = __select_bucket(htab, hash);
1362 /* For LRU, we need to alloc before taking bucket's
1363 * spinlock because LRU's elem alloc may need
1364 * to remove older elem from htab and this removal
1365 * operation will need a bucket lock.
1367 if (map_flags != BPF_EXIST) {
1368 l_new = prealloc_lru_pop(htab, key, hash);
1373 ret = htab_lock_bucket(htab, b, hash, &flags);
1377 l_old = lookup_elem_raw(head, hash, key, key_size);
1379 ret = check_flags(htab, l_old, map_flags);
1384 bpf_lru_node_set_ref(&l_old->lru_node);
1386 /* per-cpu hash map can update value in-place */
1387 pcpu_copy_value(htab, htab_elem_get_ptr(l_old, key_size),
1390 pcpu_init_value(htab, htab_elem_get_ptr(l_new, key_size),
1392 hlist_nulls_add_head_rcu(&l_new->hash_node, head);
1397 htab_unlock_bucket(htab, b, hash, flags);
1399 bpf_lru_push_free(&htab->lru, &l_new->lru_node);
1403 static int htab_percpu_map_update_elem(struct bpf_map *map, void *key,
1404 void *value, u64 map_flags)
1406 return __htab_percpu_map_update_elem(map, key, value, map_flags, false);
1409 static int htab_lru_percpu_map_update_elem(struct bpf_map *map, void *key,
1410 void *value, u64 map_flags)
1412 return __htab_lru_percpu_map_update_elem(map, key, value, map_flags,
1416 /* Called from syscall or from eBPF program */
1417 static int htab_map_delete_elem(struct bpf_map *map, void *key)
1419 struct bpf_htab *htab = container_of(map, struct bpf_htab, map);
1420 struct hlist_nulls_head *head;
1422 struct htab_elem *l;
1423 unsigned long flags;
1427 WARN_ON_ONCE(!rcu_read_lock_held() && !rcu_read_lock_trace_held() &&
1428 !rcu_read_lock_bh_held());
1430 key_size = map->key_size;
1432 hash = htab_map_hash(key, key_size, htab->hashrnd);
1433 b = __select_bucket(htab, hash);
1436 ret = htab_lock_bucket(htab, b, hash, &flags);
1440 l = lookup_elem_raw(head, hash, key, key_size);
1443 hlist_nulls_del_rcu(&l->hash_node);
1444 free_htab_elem(htab, l);
1449 htab_unlock_bucket(htab, b, hash, flags);
1453 static int htab_lru_map_delete_elem(struct bpf_map *map, void *key)
1455 struct bpf_htab *htab = container_of(map, struct bpf_htab, map);
1456 struct hlist_nulls_head *head;
1458 struct htab_elem *l;
1459 unsigned long flags;
1463 WARN_ON_ONCE(!rcu_read_lock_held() && !rcu_read_lock_trace_held() &&
1464 !rcu_read_lock_bh_held());
1466 key_size = map->key_size;
1468 hash = htab_map_hash(key, key_size, htab->hashrnd);
1469 b = __select_bucket(htab, hash);
1472 ret = htab_lock_bucket(htab, b, hash, &flags);
1476 l = lookup_elem_raw(head, hash, key, key_size);
1479 hlist_nulls_del_rcu(&l->hash_node);
1483 htab_unlock_bucket(htab, b, hash, flags);
1485 htab_lru_push_free(htab, l);
1489 static void delete_all_elements(struct bpf_htab *htab)
1493 /* It's called from a worker thread, so disable migration here,
1494 * since bpf_mem_cache_free() relies on that.
1497 for (i = 0; i < htab->n_buckets; i++) {
1498 struct hlist_nulls_head *head = select_bucket(htab, i);
1499 struct hlist_nulls_node *n;
1500 struct htab_elem *l;
1502 hlist_nulls_for_each_entry_safe(l, n, head, hash_node) {
1503 hlist_nulls_del_rcu(&l->hash_node);
1504 htab_elem_free(htab, l);
1510 static void htab_free_malloced_timers(struct bpf_htab *htab)
1515 for (i = 0; i < htab->n_buckets; i++) {
1516 struct hlist_nulls_head *head = select_bucket(htab, i);
1517 struct hlist_nulls_node *n;
1518 struct htab_elem *l;
1520 hlist_nulls_for_each_entry(l, n, head, hash_node) {
1521 /* We don't reset or free kptr on uref dropping to zero,
1522 * hence just free timer.
1524 bpf_timer_cancel_and_free(l->key +
1525 round_up(htab->map.key_size, 8) +
1526 htab->map.timer_off);
1533 static void htab_map_free_timers(struct bpf_map *map)
1535 struct bpf_htab *htab = container_of(map, struct bpf_htab, map);
1537 /* We don't reset or free kptr on uref dropping to zero. */
1538 if (!map_value_has_timer(&htab->map))
1540 if (!htab_is_prealloc(htab))
1541 htab_free_malloced_timers(htab);
1543 htab_free_prealloced_timers(htab);
1546 /* Called when map->refcnt goes to zero, either from workqueue or from syscall */
1547 static void htab_map_free(struct bpf_map *map)
1549 struct bpf_htab *htab = container_of(map, struct bpf_htab, map);
1552 /* bpf_free_used_maps() or close(map_fd) will trigger this map_free callback.
1553 * bpf_free_used_maps() is called after bpf prog is no longer executing.
1554 * There is no need to synchronize_rcu() here to protect map elements.
1557 /* some of free_htab_elem() callbacks for elements of this map may
1558 * not have executed. Wait for them.
1561 if (!htab_is_prealloc(htab)) {
1562 delete_all_elements(htab);
1564 htab_free_prealloced_kptrs(htab);
1565 prealloc_destroy(htab);
1568 bpf_map_free_kptr_off_tab(map);
1569 free_percpu(htab->extra_elems);
1570 bpf_map_area_free(htab->buckets);
1571 bpf_mem_alloc_destroy(&htab->ma);
1572 if (htab->use_percpu_counter)
1573 percpu_counter_destroy(&htab->pcount);
1574 for (i = 0; i < HASHTAB_MAP_LOCK_COUNT; i++)
1575 free_percpu(htab->map_locked[i]);
1576 lockdep_unregister_key(&htab->lockdep_key);
1577 bpf_map_area_free(htab);
1580 static void htab_map_seq_show_elem(struct bpf_map *map, void *key,
1587 value = htab_map_lookup_elem(map, key);
1593 btf_type_seq_show(map->btf, map->btf_key_type_id, key, m);
1595 btf_type_seq_show(map->btf, map->btf_value_type_id, value, m);
1601 static int __htab_map_lookup_and_delete_elem(struct bpf_map *map, void *key,
1602 void *value, bool is_lru_map,
1603 bool is_percpu, u64 flags)
1605 struct bpf_htab *htab = container_of(map, struct bpf_htab, map);
1606 struct hlist_nulls_head *head;
1607 unsigned long bflags;
1608 struct htab_elem *l;
1613 key_size = map->key_size;
1615 hash = htab_map_hash(key, key_size, htab->hashrnd);
1616 b = __select_bucket(htab, hash);
1619 ret = htab_lock_bucket(htab, b, hash, &bflags);
1623 l = lookup_elem_raw(head, hash, key, key_size);
1628 u32 roundup_value_size = round_up(map->value_size, 8);
1629 void __percpu *pptr;
1632 pptr = htab_elem_get_ptr(l, key_size);
1633 for_each_possible_cpu(cpu) {
1634 bpf_long_memcpy(value + off,
1635 per_cpu_ptr(pptr, cpu),
1636 roundup_value_size);
1637 off += roundup_value_size;
1640 u32 roundup_key_size = round_up(map->key_size, 8);
1642 if (flags & BPF_F_LOCK)
1643 copy_map_value_locked(map, value, l->key +
1647 copy_map_value(map, value, l->key +
1649 check_and_init_map_value(map, value);
1652 hlist_nulls_del_rcu(&l->hash_node);
1654 free_htab_elem(htab, l);
1657 htab_unlock_bucket(htab, b, hash, bflags);
1659 if (is_lru_map && l)
1660 htab_lru_push_free(htab, l);
1665 static int htab_map_lookup_and_delete_elem(struct bpf_map *map, void *key,
1666 void *value, u64 flags)
1668 return __htab_map_lookup_and_delete_elem(map, key, value, false, false,
1672 static int htab_percpu_map_lookup_and_delete_elem(struct bpf_map *map,
1673 void *key, void *value,
1676 return __htab_map_lookup_and_delete_elem(map, key, value, false, true,
1680 static int htab_lru_map_lookup_and_delete_elem(struct bpf_map *map, void *key,
1681 void *value, u64 flags)
1683 return __htab_map_lookup_and_delete_elem(map, key, value, true, false,
1687 static int htab_lru_percpu_map_lookup_and_delete_elem(struct bpf_map *map,
1688 void *key, void *value,
1691 return __htab_map_lookup_and_delete_elem(map, key, value, true, true,
1696 __htab_map_lookup_and_delete_batch(struct bpf_map *map,
1697 const union bpf_attr *attr,
1698 union bpf_attr __user *uattr,
1699 bool do_delete, bool is_lru_map,
1702 struct bpf_htab *htab = container_of(map, struct bpf_htab, map);
1703 u32 bucket_cnt, total, key_size, value_size, roundup_key_size;
1704 void *keys = NULL, *values = NULL, *value, *dst_key, *dst_val;
1705 void __user *uvalues = u64_to_user_ptr(attr->batch.values);
1706 void __user *ukeys = u64_to_user_ptr(attr->batch.keys);
1707 void __user *ubatch = u64_to_user_ptr(attr->batch.in_batch);
1708 u32 batch, max_count, size, bucket_size, map_id;
1709 struct htab_elem *node_to_free = NULL;
1710 u64 elem_map_flags, map_flags;
1711 struct hlist_nulls_head *head;
1712 struct hlist_nulls_node *n;
1713 unsigned long flags = 0;
1714 bool locked = false;
1715 struct htab_elem *l;
1719 elem_map_flags = attr->batch.elem_flags;
1720 if ((elem_map_flags & ~BPF_F_LOCK) ||
1721 ((elem_map_flags & BPF_F_LOCK) && !map_value_has_spin_lock(map)))
1724 map_flags = attr->batch.flags;
1728 max_count = attr->batch.count;
1732 if (put_user(0, &uattr->batch.count))
1736 if (ubatch && copy_from_user(&batch, ubatch, sizeof(batch)))
1739 if (batch >= htab->n_buckets)
1742 key_size = htab->map.key_size;
1743 roundup_key_size = round_up(htab->map.key_size, 8);
1744 value_size = htab->map.value_size;
1745 size = round_up(value_size, 8);
1747 value_size = size * num_possible_cpus();
1749 /* while experimenting with hash tables with sizes ranging from 10 to
1750 * 1000, it was observed that a bucket can have up to 5 entries.
1755 /* We cannot do copy_from_user or copy_to_user inside
1756 * the rcu_read_lock. Allocate enough space here.
1758 keys = kvmalloc_array(key_size, bucket_size, GFP_USER | __GFP_NOWARN);
1759 values = kvmalloc_array(value_size, bucket_size, GFP_USER | __GFP_NOWARN);
1760 if (!keys || !values) {
1766 bpf_disable_instrumentation();
1771 b = &htab->buckets[batch];
1773 /* do not grab the lock unless need it (bucket_cnt > 0). */
1775 ret = htab_lock_bucket(htab, b, batch, &flags);
1778 bpf_enable_instrumentation();
1784 hlist_nulls_for_each_entry_rcu(l, n, head, hash_node)
1787 if (bucket_cnt && !locked) {
1792 if (bucket_cnt > (max_count - total)) {
1795 /* Note that since bucket_cnt > 0 here, it is implicit
1796 * that the locked was grabbed, so release it.
1798 htab_unlock_bucket(htab, b, batch, flags);
1800 bpf_enable_instrumentation();
1804 if (bucket_cnt > bucket_size) {
1805 bucket_size = bucket_cnt;
1806 /* Note that since bucket_cnt > 0 here, it is implicit
1807 * that the locked was grabbed, so release it.
1809 htab_unlock_bucket(htab, b, batch, flags);
1811 bpf_enable_instrumentation();
1817 /* Next block is only safe to run if you have grabbed the lock */
1821 hlist_nulls_for_each_entry_safe(l, n, head, hash_node) {
1822 memcpy(dst_key, l->key, key_size);
1826 void __percpu *pptr;
1828 pptr = htab_elem_get_ptr(l, map->key_size);
1829 for_each_possible_cpu(cpu) {
1830 bpf_long_memcpy(dst_val + off,
1831 per_cpu_ptr(pptr, cpu), size);
1835 value = l->key + roundup_key_size;
1836 if (map->map_type == BPF_MAP_TYPE_HASH_OF_MAPS) {
1837 struct bpf_map **inner_map = value;
1839 /* Actual value is the id of the inner map */
1840 map_id = map->ops->map_fd_sys_lookup_elem(*inner_map);
1844 if (elem_map_flags & BPF_F_LOCK)
1845 copy_map_value_locked(map, dst_val, value,
1848 copy_map_value(map, dst_val, value);
1849 check_and_init_map_value(map, dst_val);
1852 hlist_nulls_del_rcu(&l->hash_node);
1854 /* bpf_lru_push_free() will acquire lru_lock, which
1855 * may cause deadlock. See comments in function
1856 * prealloc_lru_pop(). Let us do bpf_lru_push_free()
1857 * after releasing the bucket lock.
1860 l->batch_flink = node_to_free;
1863 free_htab_elem(htab, l);
1866 dst_key += key_size;
1867 dst_val += value_size;
1870 htab_unlock_bucket(htab, b, batch, flags);
1873 while (node_to_free) {
1875 node_to_free = node_to_free->batch_flink;
1876 htab_lru_push_free(htab, l);
1880 /* If we are not copying data, we can go to next bucket and avoid
1881 * unlocking the rcu.
1883 if (!bucket_cnt && (batch + 1 < htab->n_buckets)) {
1889 bpf_enable_instrumentation();
1890 if (bucket_cnt && (copy_to_user(ukeys + total * key_size, keys,
1891 key_size * bucket_cnt) ||
1892 copy_to_user(uvalues + total * value_size, values,
1893 value_size * bucket_cnt))) {
1898 total += bucket_cnt;
1900 if (batch >= htab->n_buckets) {
1910 /* copy # of entries and next batch */
1911 ubatch = u64_to_user_ptr(attr->batch.out_batch);
1912 if (copy_to_user(ubatch, &batch, sizeof(batch)) ||
1913 put_user(total, &uattr->batch.count))
1923 htab_percpu_map_lookup_batch(struct bpf_map *map, const union bpf_attr *attr,
1924 union bpf_attr __user *uattr)
1926 return __htab_map_lookup_and_delete_batch(map, attr, uattr, false,
1931 htab_percpu_map_lookup_and_delete_batch(struct bpf_map *map,
1932 const union bpf_attr *attr,
1933 union bpf_attr __user *uattr)
1935 return __htab_map_lookup_and_delete_batch(map, attr, uattr, true,
1940 htab_map_lookup_batch(struct bpf_map *map, const union bpf_attr *attr,
1941 union bpf_attr __user *uattr)
1943 return __htab_map_lookup_and_delete_batch(map, attr, uattr, false,
1948 htab_map_lookup_and_delete_batch(struct bpf_map *map,
1949 const union bpf_attr *attr,
1950 union bpf_attr __user *uattr)
1952 return __htab_map_lookup_and_delete_batch(map, attr, uattr, true,
1957 htab_lru_percpu_map_lookup_batch(struct bpf_map *map,
1958 const union bpf_attr *attr,
1959 union bpf_attr __user *uattr)
1961 return __htab_map_lookup_and_delete_batch(map, attr, uattr, false,
1966 htab_lru_percpu_map_lookup_and_delete_batch(struct bpf_map *map,
1967 const union bpf_attr *attr,
1968 union bpf_attr __user *uattr)
1970 return __htab_map_lookup_and_delete_batch(map, attr, uattr, true,
1975 htab_lru_map_lookup_batch(struct bpf_map *map, const union bpf_attr *attr,
1976 union bpf_attr __user *uattr)
1978 return __htab_map_lookup_and_delete_batch(map, attr, uattr, false,
1983 htab_lru_map_lookup_and_delete_batch(struct bpf_map *map,
1984 const union bpf_attr *attr,
1985 union bpf_attr __user *uattr)
1987 return __htab_map_lookup_and_delete_batch(map, attr, uattr, true,
1991 struct bpf_iter_seq_hash_map_info {
1992 struct bpf_map *map;
1993 struct bpf_htab *htab;
1994 void *percpu_value_buf; // non-zero means percpu hash
1999 static struct htab_elem *
2000 bpf_hash_map_seq_find_next(struct bpf_iter_seq_hash_map_info *info,
2001 struct htab_elem *prev_elem)
2003 const struct bpf_htab *htab = info->htab;
2004 u32 skip_elems = info->skip_elems;
2005 u32 bucket_id = info->bucket_id;
2006 struct hlist_nulls_head *head;
2007 struct hlist_nulls_node *n;
2008 struct htab_elem *elem;
2012 if (bucket_id >= htab->n_buckets)
2015 /* try to find next elem in the same bucket */
2017 /* no update/deletion on this bucket, prev_elem should be still valid
2018 * and we won't skip elements.
2020 n = rcu_dereference_raw(hlist_nulls_next_rcu(&prev_elem->hash_node));
2021 elem = hlist_nulls_entry_safe(n, struct htab_elem, hash_node);
2025 /* not found, unlock and go to the next bucket */
2026 b = &htab->buckets[bucket_id++];
2031 for (i = bucket_id; i < htab->n_buckets; i++) {
2032 b = &htab->buckets[i];
2037 hlist_nulls_for_each_entry_rcu(elem, n, head, hash_node) {
2038 if (count >= skip_elems) {
2039 info->bucket_id = i;
2040 info->skip_elems = count;
2050 info->bucket_id = i;
2051 info->skip_elems = 0;
2055 static void *bpf_hash_map_seq_start(struct seq_file *seq, loff_t *pos)
2057 struct bpf_iter_seq_hash_map_info *info = seq->private;
2058 struct htab_elem *elem;
2060 elem = bpf_hash_map_seq_find_next(info, NULL);
2069 static void *bpf_hash_map_seq_next(struct seq_file *seq, void *v, loff_t *pos)
2071 struct bpf_iter_seq_hash_map_info *info = seq->private;
2075 return bpf_hash_map_seq_find_next(info, v);
2078 static int __bpf_hash_map_seq_show(struct seq_file *seq, struct htab_elem *elem)
2080 struct bpf_iter_seq_hash_map_info *info = seq->private;
2081 u32 roundup_key_size, roundup_value_size;
2082 struct bpf_iter__bpf_map_elem ctx = {};
2083 struct bpf_map *map = info->map;
2084 struct bpf_iter_meta meta;
2085 int ret = 0, off = 0, cpu;
2086 struct bpf_prog *prog;
2087 void __percpu *pptr;
2090 prog = bpf_iter_get_info(&meta, elem == NULL);
2093 ctx.map = info->map;
2095 roundup_key_size = round_up(map->key_size, 8);
2096 ctx.key = elem->key;
2097 if (!info->percpu_value_buf) {
2098 ctx.value = elem->key + roundup_key_size;
2100 roundup_value_size = round_up(map->value_size, 8);
2101 pptr = htab_elem_get_ptr(elem, map->key_size);
2102 for_each_possible_cpu(cpu) {
2103 bpf_long_memcpy(info->percpu_value_buf + off,
2104 per_cpu_ptr(pptr, cpu),
2105 roundup_value_size);
2106 off += roundup_value_size;
2108 ctx.value = info->percpu_value_buf;
2111 ret = bpf_iter_run_prog(prog, &ctx);
2117 static int bpf_hash_map_seq_show(struct seq_file *seq, void *v)
2119 return __bpf_hash_map_seq_show(seq, v);
2122 static void bpf_hash_map_seq_stop(struct seq_file *seq, void *v)
2125 (void)__bpf_hash_map_seq_show(seq, NULL);
2130 static int bpf_iter_init_hash_map(void *priv_data,
2131 struct bpf_iter_aux_info *aux)
2133 struct bpf_iter_seq_hash_map_info *seq_info = priv_data;
2134 struct bpf_map *map = aux->map;
2138 if (map->map_type == BPF_MAP_TYPE_PERCPU_HASH ||
2139 map->map_type == BPF_MAP_TYPE_LRU_PERCPU_HASH) {
2140 buf_size = round_up(map->value_size, 8) * num_possible_cpus();
2141 value_buf = kmalloc(buf_size, GFP_USER | __GFP_NOWARN);
2145 seq_info->percpu_value_buf = value_buf;
2148 bpf_map_inc_with_uref(map);
2149 seq_info->map = map;
2150 seq_info->htab = container_of(map, struct bpf_htab, map);
2154 static void bpf_iter_fini_hash_map(void *priv_data)
2156 struct bpf_iter_seq_hash_map_info *seq_info = priv_data;
2158 bpf_map_put_with_uref(seq_info->map);
2159 kfree(seq_info->percpu_value_buf);
2162 static const struct seq_operations bpf_hash_map_seq_ops = {
2163 .start = bpf_hash_map_seq_start,
2164 .next = bpf_hash_map_seq_next,
2165 .stop = bpf_hash_map_seq_stop,
2166 .show = bpf_hash_map_seq_show,
2169 static const struct bpf_iter_seq_info iter_seq_info = {
2170 .seq_ops = &bpf_hash_map_seq_ops,
2171 .init_seq_private = bpf_iter_init_hash_map,
2172 .fini_seq_private = bpf_iter_fini_hash_map,
2173 .seq_priv_size = sizeof(struct bpf_iter_seq_hash_map_info),
2176 static int bpf_for_each_hash_elem(struct bpf_map *map, bpf_callback_t callback_fn,
2177 void *callback_ctx, u64 flags)
2179 struct bpf_htab *htab = container_of(map, struct bpf_htab, map);
2180 struct hlist_nulls_head *head;
2181 struct hlist_nulls_node *n;
2182 struct htab_elem *elem;
2183 u32 roundup_key_size;
2184 int i, num_elems = 0;
2185 void __percpu *pptr;
2194 is_percpu = htab_is_percpu(htab);
2196 roundup_key_size = round_up(map->key_size, 8);
2197 /* disable migration so percpu value prepared here will be the
2198 * same as the one seen by the bpf program with bpf_map_lookup_elem().
2202 for (i = 0; i < htab->n_buckets; i++) {
2203 b = &htab->buckets[i];
2206 hlist_nulls_for_each_entry_rcu(elem, n, head, hash_node) {
2209 /* current cpu value for percpu map */
2210 pptr = htab_elem_get_ptr(elem, map->key_size);
2211 val = this_cpu_ptr(pptr);
2213 val = elem->key + roundup_key_size;
2216 ret = callback_fn((u64)(long)map, (u64)(long)key,
2217 (u64)(long)val, (u64)(long)callback_ctx, 0);
2218 /* return value: 0 - continue, 1 - stop and return */
2232 BTF_ID_LIST_SINGLE(htab_map_btf_ids, struct, bpf_htab)
2233 const struct bpf_map_ops htab_map_ops = {
2234 .map_meta_equal = bpf_map_meta_equal,
2235 .map_alloc_check = htab_map_alloc_check,
2236 .map_alloc = htab_map_alloc,
2237 .map_free = htab_map_free,
2238 .map_get_next_key = htab_map_get_next_key,
2239 .map_release_uref = htab_map_free_timers,
2240 .map_lookup_elem = htab_map_lookup_elem,
2241 .map_lookup_and_delete_elem = htab_map_lookup_and_delete_elem,
2242 .map_update_elem = htab_map_update_elem,
2243 .map_delete_elem = htab_map_delete_elem,
2244 .map_gen_lookup = htab_map_gen_lookup,
2245 .map_seq_show_elem = htab_map_seq_show_elem,
2246 .map_set_for_each_callback_args = map_set_for_each_callback_args,
2247 .map_for_each_callback = bpf_for_each_hash_elem,
2249 .map_btf_id = &htab_map_btf_ids[0],
2250 .iter_seq_info = &iter_seq_info,
2253 const struct bpf_map_ops htab_lru_map_ops = {
2254 .map_meta_equal = bpf_map_meta_equal,
2255 .map_alloc_check = htab_map_alloc_check,
2256 .map_alloc = htab_map_alloc,
2257 .map_free = htab_map_free,
2258 .map_get_next_key = htab_map_get_next_key,
2259 .map_release_uref = htab_map_free_timers,
2260 .map_lookup_elem = htab_lru_map_lookup_elem,
2261 .map_lookup_and_delete_elem = htab_lru_map_lookup_and_delete_elem,
2262 .map_lookup_elem_sys_only = htab_lru_map_lookup_elem_sys,
2263 .map_update_elem = htab_lru_map_update_elem,
2264 .map_delete_elem = htab_lru_map_delete_elem,
2265 .map_gen_lookup = htab_lru_map_gen_lookup,
2266 .map_seq_show_elem = htab_map_seq_show_elem,
2267 .map_set_for_each_callback_args = map_set_for_each_callback_args,
2268 .map_for_each_callback = bpf_for_each_hash_elem,
2269 BATCH_OPS(htab_lru),
2270 .map_btf_id = &htab_map_btf_ids[0],
2271 .iter_seq_info = &iter_seq_info,
2274 /* Called from eBPF program */
2275 static void *htab_percpu_map_lookup_elem(struct bpf_map *map, void *key)
2277 struct htab_elem *l = __htab_map_lookup_elem(map, key);
2280 return this_cpu_ptr(htab_elem_get_ptr(l, map->key_size));
2285 static void *htab_percpu_map_lookup_percpu_elem(struct bpf_map *map, void *key, u32 cpu)
2287 struct htab_elem *l;
2289 if (cpu >= nr_cpu_ids)
2292 l = __htab_map_lookup_elem(map, key);
2294 return per_cpu_ptr(htab_elem_get_ptr(l, map->key_size), cpu);
2299 static void *htab_lru_percpu_map_lookup_elem(struct bpf_map *map, void *key)
2301 struct htab_elem *l = __htab_map_lookup_elem(map, key);
2304 bpf_lru_node_set_ref(&l->lru_node);
2305 return this_cpu_ptr(htab_elem_get_ptr(l, map->key_size));
2311 static void *htab_lru_percpu_map_lookup_percpu_elem(struct bpf_map *map, void *key, u32 cpu)
2313 struct htab_elem *l;
2315 if (cpu >= nr_cpu_ids)
2318 l = __htab_map_lookup_elem(map, key);
2320 bpf_lru_node_set_ref(&l->lru_node);
2321 return per_cpu_ptr(htab_elem_get_ptr(l, map->key_size), cpu);
2327 int bpf_percpu_hash_copy(struct bpf_map *map, void *key, void *value)
2329 struct htab_elem *l;
2330 void __percpu *pptr;
2335 /* per_cpu areas are zero-filled and bpf programs can only
2336 * access 'value_size' of them, so copying rounded areas
2337 * will not leak any kernel data
2339 size = round_up(map->value_size, 8);
2341 l = __htab_map_lookup_elem(map, key);
2344 /* We do not mark LRU map element here in order to not mess up
2345 * eviction heuristics when user space does a map walk.
2347 pptr = htab_elem_get_ptr(l, map->key_size);
2348 for_each_possible_cpu(cpu) {
2349 bpf_long_memcpy(value + off,
2350 per_cpu_ptr(pptr, cpu), size);
2359 int bpf_percpu_hash_update(struct bpf_map *map, void *key, void *value,
2362 struct bpf_htab *htab = container_of(map, struct bpf_htab, map);
2366 if (htab_is_lru(htab))
2367 ret = __htab_lru_percpu_map_update_elem(map, key, value,
2370 ret = __htab_percpu_map_update_elem(map, key, value, map_flags,
2377 static void htab_percpu_map_seq_show_elem(struct bpf_map *map, void *key,
2380 struct htab_elem *l;
2381 void __percpu *pptr;
2386 l = __htab_map_lookup_elem(map, key);
2392 btf_type_seq_show(map->btf, map->btf_key_type_id, key, m);
2393 seq_puts(m, ": {\n");
2394 pptr = htab_elem_get_ptr(l, map->key_size);
2395 for_each_possible_cpu(cpu) {
2396 seq_printf(m, "\tcpu%d: ", cpu);
2397 btf_type_seq_show(map->btf, map->btf_value_type_id,
2398 per_cpu_ptr(pptr, cpu), m);
2406 const struct bpf_map_ops htab_percpu_map_ops = {
2407 .map_meta_equal = bpf_map_meta_equal,
2408 .map_alloc_check = htab_map_alloc_check,
2409 .map_alloc = htab_map_alloc,
2410 .map_free = htab_map_free,
2411 .map_get_next_key = htab_map_get_next_key,
2412 .map_lookup_elem = htab_percpu_map_lookup_elem,
2413 .map_lookup_and_delete_elem = htab_percpu_map_lookup_and_delete_elem,
2414 .map_update_elem = htab_percpu_map_update_elem,
2415 .map_delete_elem = htab_map_delete_elem,
2416 .map_lookup_percpu_elem = htab_percpu_map_lookup_percpu_elem,
2417 .map_seq_show_elem = htab_percpu_map_seq_show_elem,
2418 .map_set_for_each_callback_args = map_set_for_each_callback_args,
2419 .map_for_each_callback = bpf_for_each_hash_elem,
2420 BATCH_OPS(htab_percpu),
2421 .map_btf_id = &htab_map_btf_ids[0],
2422 .iter_seq_info = &iter_seq_info,
2425 const struct bpf_map_ops htab_lru_percpu_map_ops = {
2426 .map_meta_equal = bpf_map_meta_equal,
2427 .map_alloc_check = htab_map_alloc_check,
2428 .map_alloc = htab_map_alloc,
2429 .map_free = htab_map_free,
2430 .map_get_next_key = htab_map_get_next_key,
2431 .map_lookup_elem = htab_lru_percpu_map_lookup_elem,
2432 .map_lookup_and_delete_elem = htab_lru_percpu_map_lookup_and_delete_elem,
2433 .map_update_elem = htab_lru_percpu_map_update_elem,
2434 .map_delete_elem = htab_lru_map_delete_elem,
2435 .map_lookup_percpu_elem = htab_lru_percpu_map_lookup_percpu_elem,
2436 .map_seq_show_elem = htab_percpu_map_seq_show_elem,
2437 .map_set_for_each_callback_args = map_set_for_each_callback_args,
2438 .map_for_each_callback = bpf_for_each_hash_elem,
2439 BATCH_OPS(htab_lru_percpu),
2440 .map_btf_id = &htab_map_btf_ids[0],
2441 .iter_seq_info = &iter_seq_info,
2444 static int fd_htab_map_alloc_check(union bpf_attr *attr)
2446 if (attr->value_size != sizeof(u32))
2448 return htab_map_alloc_check(attr);
2451 static void fd_htab_map_free(struct bpf_map *map)
2453 struct bpf_htab *htab = container_of(map, struct bpf_htab, map);
2454 struct hlist_nulls_node *n;
2455 struct hlist_nulls_head *head;
2456 struct htab_elem *l;
2459 for (i = 0; i < htab->n_buckets; i++) {
2460 head = select_bucket(htab, i);
2462 hlist_nulls_for_each_entry_safe(l, n, head, hash_node) {
2463 void *ptr = fd_htab_map_get_ptr(map, l);
2465 map->ops->map_fd_put_ptr(ptr);
2472 /* only called from syscall */
2473 int bpf_fd_htab_map_lookup_elem(struct bpf_map *map, void *key, u32 *value)
2478 if (!map->ops->map_fd_sys_lookup_elem)
2482 ptr = htab_map_lookup_elem(map, key);
2484 *value = map->ops->map_fd_sys_lookup_elem(READ_ONCE(*ptr));
2492 /* only called from syscall */
2493 int bpf_fd_htab_map_update_elem(struct bpf_map *map, struct file *map_file,
2494 void *key, void *value, u64 map_flags)
2498 u32 ufd = *(u32 *)value;
2500 ptr = map->ops->map_fd_get_ptr(map, map_file, ufd);
2502 return PTR_ERR(ptr);
2504 ret = htab_map_update_elem(map, key, &ptr, map_flags);
2506 map->ops->map_fd_put_ptr(ptr);
2511 static struct bpf_map *htab_of_map_alloc(union bpf_attr *attr)
2513 struct bpf_map *map, *inner_map_meta;
2515 inner_map_meta = bpf_map_meta_alloc(attr->inner_map_fd);
2516 if (IS_ERR(inner_map_meta))
2517 return inner_map_meta;
2519 map = htab_map_alloc(attr);
2521 bpf_map_meta_free(inner_map_meta);
2525 map->inner_map_meta = inner_map_meta;
2530 static void *htab_of_map_lookup_elem(struct bpf_map *map, void *key)
2532 struct bpf_map **inner_map = htab_map_lookup_elem(map, key);
2537 return READ_ONCE(*inner_map);
2540 static int htab_of_map_gen_lookup(struct bpf_map *map,
2541 struct bpf_insn *insn_buf)
2543 struct bpf_insn *insn = insn_buf;
2544 const int ret = BPF_REG_0;
2546 BUILD_BUG_ON(!__same_type(&__htab_map_lookup_elem,
2547 (void *(*)(struct bpf_map *map, void *key))NULL));
2548 *insn++ = BPF_EMIT_CALL(__htab_map_lookup_elem);
2549 *insn++ = BPF_JMP_IMM(BPF_JEQ, ret, 0, 2);
2550 *insn++ = BPF_ALU64_IMM(BPF_ADD, ret,
2551 offsetof(struct htab_elem, key) +
2552 round_up(map->key_size, 8));
2553 *insn++ = BPF_LDX_MEM(BPF_DW, ret, ret, 0);
2555 return insn - insn_buf;
2558 static void htab_of_map_free(struct bpf_map *map)
2560 bpf_map_meta_free(map->inner_map_meta);
2561 fd_htab_map_free(map);
2564 const struct bpf_map_ops htab_of_maps_map_ops = {
2565 .map_alloc_check = fd_htab_map_alloc_check,
2566 .map_alloc = htab_of_map_alloc,
2567 .map_free = htab_of_map_free,
2568 .map_get_next_key = htab_map_get_next_key,
2569 .map_lookup_elem = htab_of_map_lookup_elem,
2570 .map_delete_elem = htab_map_delete_elem,
2571 .map_fd_get_ptr = bpf_map_fd_get_ptr,
2572 .map_fd_put_ptr = bpf_map_fd_put_ptr,
2573 .map_fd_sys_lookup_elem = bpf_map_fd_sys_lookup_elem,
2574 .map_gen_lookup = htab_of_map_gen_lookup,
2575 .map_check_btf = map_check_no_btf,
2577 .map_btf_id = &htab_map_btf_ids[0],
projects / platform / kernel / linux-rpi.git / blob