Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next
authorDavid S. Miller <davem@davemloft.net>
Fri, 21 Dec 2018 01:31:36 +0000 (17:31 -0800)
committerDavid S. Miller <davem@davemloft.net>
Fri, 21 Dec 2018 01:31:36 +0000 (17:31 -0800)
Daniel Borkmann says:

====================
pull-request: bpf-next 2018-12-21

The following pull-request contains BPF updates for your *net-next* tree.

There is a merge conflict in test_verifier.c. Result looks as follows:

        [...]
        },
        {
                "calls: cross frame pruning",
                .insns = {
                [...]
                .prog_type = BPF_PROG_TYPE_SOCKET_FILTER,
                .errstr_unpriv = "function calls to other bpf functions are allowed for root only",
                .result_unpriv = REJECT,
                .errstr = "!read_ok",
                .result = REJECT,
},
        {
                "jset: functional",
                .insns = {
        [...]
        {
                "jset: unknown const compare not taken",
                .insns = {
                        BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0,
                                     BPF_FUNC_get_prandom_u32),
                        BPF_JMP_IMM(BPF_JSET, BPF_REG_0, 1, 1),
                        BPF_LDX_MEM(BPF_B, BPF_REG_8, BPF_REG_9, 0),
                        BPF_EXIT_INSN(),
                },
                .prog_type = BPF_PROG_TYPE_SOCKET_FILTER,
                .errstr_unpriv = "!read_ok",
                .result_unpriv = REJECT,
                .errstr = "!read_ok",
                .result = REJECT,
        },
        [...]
        {
                "jset: range",
                .insns = {
                [...]
                },
                .prog_type = BPF_PROG_TYPE_SOCKET_FILTER,
                .result_unpriv = ACCEPT,
                .result = ACCEPT,
        },

The main changes are:

1) Various BTF related improvements in order to get line info
   working. Meaning, verifier will now annotate the corresponding
   BPF C code to the error log, from Martin and Yonghong.

2) Implement support for raw BPF tracepoints in modules, from Matt.

3) Add several improvements to verifier state logic, namely speeding
   up stacksafe check, optimizations for stack state equivalence
   test and safety checks for liveness analysis, from Alexei.

4) Teach verifier to make use of BPF_JSET instruction, add several
   test cases to kselftests and remove nfp specific JSET optimization
   now that verifier has awareness, from Jakub.

5) Improve BPF verifier's slot_type marking logic in order to
   allow more stack slot sharing, from Jiong.

6) Add sk_msg->size member for context access and add set of fixes
   and improvements to make sock_map with kTLS usable with openssl
   based applications, from John.

7) Several cleanups and documentation updates in bpftool as well as
   auto-mount of tracefs for "bpftool prog tracelog" command,
   from Quentin.

8) Include sub-program tags from now on in bpf_prog_info in order to
   have a reliable way for user space to get all tags of the program
   e.g. needed for kallsyms correlation, from Song.

9) Add BTF annotations for cgroup_local_storage BPF maps and
   implement bpf fs pretty print support, from Roman.

10) Fix bpftool in order to allow for cross-compilation, from Ivan.

11) Update of bpftool license to GPLv2-only + BSD-2-Clause in order
    to be compatible with libbfd and allow for Debian packaging,
    from Jakub.

12) Remove an obsolete prog->aux sanitation in dump and get rid of
    version check for prog load, from Daniel.

13) Fix a memory leak in libbpf's line info handling, from Prashant.

14) Fix cpumap's frame alignment for build_skb() so that skb_shared_info
    does not get unaligned, from Jesper.

15) Fix test_progs kselftest to work with older compilers which are less
    smart in optimizing (and thus throwing build error), from Stanislav.

16) Cleanup and simplify AF_XDP socket teardown, from Björn.

17) Fix sk lookup in BPF kselftest's test_sock_addr with regards
    to netns_id argument, from Andrey.
====================

Signed-off-by: David S. Miller <davem@davemloft.net>
1  2 
include/net/tls.h
kernel/bpf/verifier.c
net/tls/tls_main.c
tools/testing/selftests/bpf/test_verifier.c

Simple merge
Simple merge
index 28887cf628b82321d2eab5bea38f9994d82d3fef,acff12999c06e2167d60601b96df9a073230ba47..78cb4a5840809801508844d2ee51d1ddeea3da82
@@@ -55,8 -55,10 +55,10 @@@ enum 
  
  static struct proto *saved_tcpv6_prot;
  static DEFINE_MUTEX(tcpv6_prot_mutex);
+ static struct proto *saved_tcpv4_prot;
+ static DEFINE_MUTEX(tcpv4_prot_mutex);
  static LIST_HEAD(device_list);
 -static DEFINE_MUTEX(device_mutex);
 +static DEFINE_SPINLOCK(device_spinlock);
  static struct proto tls_prots[TLS_NUM_PROTS][TLS_NUM_CONFIG][TLS_NUM_CONFIG];
  static struct proto_ops tls_sw_proto_ops;
  
index c3b799c1ee97923c0835516607953803de43825b,dbd31750b2141dc8fc775c8c7ac74199773045a6..baafe5c76aca2eb5108ea56d12c89b90cb46ebb4
@@@ -14099,29 -14170,156 +14170,182 @@@ static struct bpf_test tests[] = 
                .errstr_unpriv = "R1 leaks addr",
                .result = REJECT,
        },
++      {
 +              "calls: cross frame pruning",
 +              .insns = {
 +                      /* r8 = !!random();
 +                       * call pruner()
 +                       * if (r8)
 +                       *     do something bad;
 +                       */
 +                      BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0,
 +                                   BPF_FUNC_get_prandom_u32),
 +                      BPF_MOV64_IMM(BPF_REG_8, 0),
 +                      BPF_JMP_IMM(BPF_JNE, BPF_REG_0, 0, 1),
 +                      BPF_MOV64_IMM(BPF_REG_8, 1),
 +                      BPF_MOV64_REG(BPF_REG_1, BPF_REG_8),
 +                      BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 1, 0, 4),
 +                      BPF_JMP_IMM(BPF_JEQ, BPF_REG_8, 1, 1),
 +                      BPF_LDX_MEM(BPF_B, BPF_REG_9, BPF_REG_1, 0),
 +                      BPF_MOV64_IMM(BPF_REG_0, 0),
 +                      BPF_EXIT_INSN(),
 +                      BPF_JMP_IMM(BPF_JEQ, BPF_REG_1, 0, 0),
 +                      BPF_EXIT_INSN(),
 +              },
 +              .prog_type = BPF_PROG_TYPE_SOCKET_FILTER,
 +              .errstr_unpriv = "function calls to other bpf functions are allowed for root only",
++                .result = REJECT,
++      },
+       {
+               "jset: functional",
+               .insns = {
+                       /* r0 = 0 */
+                       BPF_MOV64_IMM(BPF_REG_0, 0),
+                       /* prep for direct packet access via r2 */
+                       BPF_LDX_MEM(BPF_W, BPF_REG_2, BPF_REG_1,
+                                   offsetof(struct __sk_buff, data)),
+                       BPF_LDX_MEM(BPF_W, BPF_REG_3, BPF_REG_1,
+                                   offsetof(struct __sk_buff, data_end)),
+                       BPF_MOV64_REG(BPF_REG_4, BPF_REG_2),
+                       BPF_ALU64_IMM(BPF_ADD, BPF_REG_4, 8),
+                       BPF_JMP_REG(BPF_JLE, BPF_REG_4, BPF_REG_3, 1),
+                       BPF_EXIT_INSN(),
+                       BPF_LDX_MEM(BPF_DW, BPF_REG_7, BPF_REG_2, 0),
+                       /* reg, bit 63 or bit 0 set, taken */
+                       BPF_LD_IMM64(BPF_REG_8, 0x8000000000000001),
+                       BPF_JMP_REG(BPF_JSET, BPF_REG_7, BPF_REG_8, 1),
+                       BPF_EXIT_INSN(),
+                       /* reg, bit 62, not taken */
+                       BPF_LD_IMM64(BPF_REG_8, 0x4000000000000000),
+                       BPF_JMP_REG(BPF_JSET, BPF_REG_7, BPF_REG_8, 1),
+                       BPF_JMP_IMM(BPF_JA, 0, 0, 1),
+                       BPF_EXIT_INSN(),
+                       /* imm, any bit set, taken */
+                       BPF_JMP_IMM(BPF_JSET, BPF_REG_7, -1, 1),
+                       BPF_EXIT_INSN(),
+                       /* imm, bit 31 set, taken */
+                       BPF_JMP_IMM(BPF_JSET, BPF_REG_7, 0x80000000, 1),
+                       BPF_EXIT_INSN(),
+                       /* all good - return r0 == 2 */
+                       BPF_MOV64_IMM(BPF_REG_0, 2),
+                       BPF_EXIT_INSN(),
+               },
+               .prog_type = BPF_PROG_TYPE_SCHED_CLS,
+               .result = ACCEPT,
+               .runs = 7,
+               .retvals = {
+                       { .retval = 2,
+                         .data64 = { (1ULL << 63) | (1U << 31) | (1U << 0), }
+                       },
+                       { .retval = 2,
+                         .data64 = { (1ULL << 63) | (1U << 31), }
+                       },
+                       { .retval = 2,
+                         .data64 = { (1ULL << 31) | (1U << 0), }
+                       },
+                       { .retval = 2,
+                         .data64 = { (__u32)-1, }
+                       },
+                       { .retval = 2,
+                         .data64 = { ~0x4000000000000000ULL, }
+                       },
+                       { .retval = 0,
+                         .data64 = { 0, }
+                       },
+                       { .retval = 0,
+                         .data64 = { ~0ULL, }
+                       },
+               },
+       },
+       {
+               "jset: sign-extend",
+               .insns = {
+                       /* r0 = 0 */
+                       BPF_MOV64_IMM(BPF_REG_0, 0),
+                       /* prep for direct packet access via r2 */
+                       BPF_LDX_MEM(BPF_W, BPF_REG_2, BPF_REG_1,
+                                   offsetof(struct __sk_buff, data)),
+                       BPF_LDX_MEM(BPF_W, BPF_REG_3, BPF_REG_1,
+                                   offsetof(struct __sk_buff, data_end)),
+                       BPF_MOV64_REG(BPF_REG_4, BPF_REG_2),
+                       BPF_ALU64_IMM(BPF_ADD, BPF_REG_4, 8),
+                       BPF_JMP_REG(BPF_JLE, BPF_REG_4, BPF_REG_3, 1),
+                       BPF_EXIT_INSN(),
+                       BPF_LDX_MEM(BPF_DW, BPF_REG_7, BPF_REG_2, 0),
+                       BPF_JMP_IMM(BPF_JSET, BPF_REG_7, 0x80000000, 1),
+                       BPF_EXIT_INSN(),
+                       BPF_MOV64_IMM(BPF_REG_0, 2),
+                       BPF_EXIT_INSN(),
+               },
+               .prog_type = BPF_PROG_TYPE_SCHED_CLS,
+               .result = ACCEPT,
+               .retval = 2,
+               .data = { 1, 0, 0, 0, 0, 0, 0, 1, },
+       },
+       {
+               "jset: known const compare",
+               .insns = {
+                       BPF_MOV64_IMM(BPF_REG_0, 1),
+                       BPF_JMP_IMM(BPF_JSET, BPF_REG_0, 1, 1),
+                       BPF_LDX_MEM(BPF_B, BPF_REG_8, BPF_REG_9, 0),
+                       BPF_EXIT_INSN(),
+               },
+               .prog_type = BPF_PROG_TYPE_SOCKET_FILTER,
+               .retval_unpriv = 1,
+               .result_unpriv = ACCEPT,
+               .retval = 1,
+               .result = ACCEPT,
+       },
+       {
+               "jset: known const compare bad",
+               .insns = {
+                       BPF_MOV64_IMM(BPF_REG_0, 0),
+                       BPF_JMP_IMM(BPF_JSET, BPF_REG_0, 1, 1),
+                       BPF_LDX_MEM(BPF_B, BPF_REG_8, BPF_REG_9, 0),
+                       BPF_EXIT_INSN(),
+               },
+               .prog_type = BPF_PROG_TYPE_SOCKET_FILTER,
+               .errstr_unpriv = "!read_ok",
+               .result_unpriv = REJECT,
+               .errstr = "!read_ok",
+               .result = REJECT,
+       },
+       {
+               "jset: unknown const compare taken",
+               .insns = {
+                       BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0,
+                                    BPF_FUNC_get_prandom_u32),
+                       BPF_JMP_IMM(BPF_JSET, BPF_REG_0, 1, 1),
+                       BPF_JMP_IMM(BPF_JA, 0, 0, 1),
+                       BPF_LDX_MEM(BPF_B, BPF_REG_8, BPF_REG_9, 0),
+                       BPF_EXIT_INSN(),
+               },
+               .prog_type = BPF_PROG_TYPE_SOCKET_FILTER,
+               .errstr_unpriv = "!read_ok",
+               .result_unpriv = REJECT,
+               .errstr = "!read_ok",
+               .result = REJECT,
+       },
+       {
+               "jset: unknown const compare not taken",
+               .insns = {
+                       BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0,
+                                    BPF_FUNC_get_prandom_u32),
+                       BPF_JMP_IMM(BPF_JSET, BPF_REG_0, 1, 1),
+                       BPF_LDX_MEM(BPF_B, BPF_REG_8, BPF_REG_9, 0),
+                       BPF_EXIT_INSN(),
+               },
+               .prog_type = BPF_PROG_TYPE_SOCKET_FILTER,
+               .errstr_unpriv = "!read_ok",
                .result_unpriv = REJECT,
                .errstr = "!read_ok",
                .result = REJECT,