Dave Marchevsky [Mon, 21 Aug 2023 19:33:07 +0000 (12:33 -0700)]
bpf: Use bpf_mem_free_rcu when bpf_obj_dropping refcounted nodes
This is the final fix for the use-after-free scenario described in
commit
7793fc3babe9 ("bpf: Make bpf_refcount_acquire fallible for
non-owning refs"). That commit, by virtue of changing
bpf_refcount_acquire's refcount_inc to a refcount_inc_not_zero, fixed
the "refcount incr on 0" splat. The not_zero check in
refcount_inc_not_zero, though, still occurs on memory that could have
been free'd and reused, so the commit didn't properly fix the root
cause.
This patch actually fixes the issue by free'ing using the recently-added
bpf_mem_free_rcu, which ensures that the memory is not reused until
RCU grace period has elapsed. If that has happened then
there are no non-owning references alive that point to the
recently-free'd memory, so it can be safely reused.
Signed-off-by: Dave Marchevsky <davemarchevsky@fb.com>
Acked-by: Yonghong Song <yonghong.song@linux.dev>
Link: https://lore.kernel.org/r/20230821193311.3290257-4-davemarchevsky@fb.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Dave Marchevsky [Mon, 21 Aug 2023 19:33:06 +0000 (12:33 -0700)]
bpf: Consider non-owning refs trusted
Recent discussions around default kptr "trustedness" led to changes such
as commit
6fcd486b3a0a ("bpf: Refactor RCU enforcement in the
verifier."). One of the conclusions of those discussions, as expressed
in code and comments in that patch, is that we'd like to move away from
'raw' PTR_TO_BTF_ID without some type flag or other register state
indicating trustedness. Although PTR_TRUSTED and PTR_UNTRUSTED flags mark
this state explicitly, the verifier currently considers trustedness
implied by other register state. For example, owning refs to graph
collection nodes must have a nonzero ref_obj_id, so they pass the
is_trusted_reg check despite having no explicit PTR_{UN}TRUSTED flag.
This patch makes trustedness of non-owning refs to graph collection
nodes explicit as well.
By definition, non-owning refs are currently trusted. Although the ref
has no control over pointee lifetime, due to non-owning ref clobbering
rules (see invalidate_non_owning_refs) dereferencing a non-owning ref is
safe in the critical section controlled by bpf_spin_lock associated with
its owning collection.
Note that the previous statement does not hold true for nodes with shared
ownership due to the use-after-free issue that this series is
addressing. True shared ownership was disabled by commit
7deca5eae833
("bpf: Disable bpf_refcount_acquire kfunc calls until race conditions are fixed"),
though, so the statement holds for now. Further patches in the series will change
the trustedness state of non-owning refs before re-enabling
bpf_refcount_acquire.
Let's add NON_OWN_REF type flag to BPF_REG_TRUSTED_MODIFIERS such that a
non-owning ref reg state would pass is_trusted_reg check. Somewhat
surprisingly, this doesn't result in any change to user-visible
functionality elsewhere in the verifier: graph collection nodes are all
marked MEM_ALLOC, which tends to be handled in separate codepaths from
"raw" PTR_TO_BTF_ID. Regardless, let's be explicit here and document the
current state of things before changing it elsewhere in the series.
Signed-off-by: Dave Marchevsky <davemarchevsky@fb.com>
Acked-by: Yonghong Song <yonghong.song@linux.dev>
Link: https://lore.kernel.org/r/20230821193311.3290257-3-davemarchevsky@fb.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Dave Marchevsky [Mon, 21 Aug 2023 19:33:05 +0000 (12:33 -0700)]
bpf: Ensure kptr_struct_meta is non-NULL for collection insert and refcount_acquire
It's straightforward to prove that kptr_struct_meta must be non-NULL for
any valid call to these kfuncs:
* btf_parse_struct_metas in btf.c creates a btf_struct_meta for any
struct in user BTF with a special field (e.g. bpf_refcount,
{rb,list}_node). These are stored in that BTF's struct_meta_tab.
* __process_kf_arg_ptr_to_graph_node in verifier.c ensures that nodes
have {rb,list}_node field and that it's at the correct offset.
Similarly, check_kfunc_args ensures bpf_refcount field existence for
node param to bpf_refcount_acquire.
* So a btf_struct_meta must have been created for the struct type of
node param to these kfuncs
* That BTF and its struct_meta_tab are guaranteed to still be around.
Any arbitrary {rb,list} node the BPF program interacts with either:
came from bpf_obj_new or a collection removal kfunc in the same
program, in which case the BTF is associated with the program and
still around; or came from bpf_kptr_xchg, in which case the BTF was
associated with the map and is still around
Instead of silently continuing with NULL struct_meta, which caused
confusing bugs such as those addressed by commit
2140a6e3422d ("bpf: Set
kptr_struct_meta for node param to list and rbtree insert funcs"), let's
error out. Then, at runtime, we can confidently say that the
implementations of these kfuncs were given a non-NULL kptr_struct_meta,
meaning that special-field-specific functionality like
bpf_obj_free_fields and the bpf_obj_drop change introduced later in this
series are guaranteed to execute.
This patch doesn't change functionality, just makes it easier to reason
about existing functionality.
Signed-off-by: Dave Marchevsky <davemarchevsky@fb.com>
Acked-by: Yonghong Song <yonghong.song@linux.dev>
Link: https://lore.kernel.org/r/20230821193311.3290257-2-davemarchevsky@fb.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Alexei Starovoitov [Thu, 24 Aug 2023 16:13:08 +0000 (09:13 -0700)]
Merge branch 'add-support-cpu-v4-insns-for-rv64'
Pu Lehui says:
====================
Add support cpu v4 insns for RV64
Add support cpu v4 instructions for RV64. The relevant tests have passed as show bellow:
Summary: 6/166 PASSED, 0 SKIPPED, 0 FAILED
NOTE: ldsx_insn testcase uses fentry and needs to rely on ftrace direct call [0].
[0] https://lore.kernel.org/all/
20230627111612.761164-1-suagrfillet@gmail.com/
v2:
- Use temporary reg to avoid clobbering the source reg in movs_8/16 insns. (Björn)
- Add Acked-by
v1:
https://lore.kernel.org/bpf/
20230823231059.3363698-1-pulehui@huaweicloud.com
====================
Tested-by: Björn Töpel <bjorn@rivosinc.com>
Link: https://lore.kernel.org/r/20230824095001.3408573-1-pulehui@huaweicloud.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Pu Lehui [Thu, 24 Aug 2023 09:50:01 +0000 (09:50 +0000)]
selftests/bpf: Enable cpu v4 tests for RV64
Enable cpu v4 tests for RV64, and the relevant tests have passed.
Signed-off-by: Pu Lehui <pulehui@huawei.com>
Acked-by: Yonghong Song <yonghong.song@linux.dev>
Acked-by: Björn Töpel <bjorn@kernel.org>
Link: https://lore.kernel.org/r/20230824095001.3408573-8-pulehui@huaweicloud.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Pu Lehui [Thu, 24 Aug 2023 09:50:00 +0000 (09:50 +0000)]
riscv, bpf: Support unconditional bswap insn
Add support unconditional bswap instruction. Since riscv is always
little-endian, just treat the unconditional scenario the same as
big-endian conversion.
Signed-off-by: Pu Lehui <pulehui@huawei.com>
Acked-by: Björn Töpel <bjorn@kernel.org>
Link: https://lore.kernel.org/r/20230824095001.3408573-7-pulehui@huaweicloud.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Pu Lehui [Thu, 24 Aug 2023 09:49:59 +0000 (09:49 +0000)]
riscv, bpf: Support signed div/mod insns
Add support signed div/mod instructions for RV64.
Signed-off-by: Pu Lehui <pulehui@huawei.com>
Acked-by: Björn Töpel <bjorn@kernel.org>
Link: https://lore.kernel.org/r/20230824095001.3408573-6-pulehui@huaweicloud.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Pu Lehui [Thu, 24 Aug 2023 09:49:58 +0000 (09:49 +0000)]
riscv, bpf: Support 32-bit offset jmp insn
Add support 32-bit offset jmp instruction for RV64.
Signed-off-by: Pu Lehui <pulehui@huawei.com>
Acked-by: Björn Töpel <bjorn@kernel.org>
Link: https://lore.kernel.org/r/20230824095001.3408573-5-pulehui@huaweicloud.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Pu Lehui [Thu, 24 Aug 2023 09:49:57 +0000 (09:49 +0000)]
riscv, bpf: Support sign-extension mov insns
Add support sign-extension mov instructions for RV64.
Signed-off-by: Pu Lehui <pulehui@huawei.com>
Acked-by: Björn Töpel <bjorn@kernel.org>
Link: https://lore.kernel.org/r/20230824095001.3408573-4-pulehui@huaweicloud.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Pu Lehui [Thu, 24 Aug 2023 09:49:56 +0000 (09:49 +0000)]
riscv, bpf: Support sign-extension load insns
Add Support sign-extension load instructions for RV64.
Signed-off-by: Pu Lehui <pulehui@huawei.com>
Acked-by: Björn Töpel <bjorn@kernel.org>
Link: https://lore.kernel.org/r/20230824095001.3408573-3-pulehui@huaweicloud.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Pu Lehui [Thu, 24 Aug 2023 09:49:55 +0000 (09:49 +0000)]
riscv, bpf: Fix missing exception handling and redundant zext for LDX_B/H/W
For LDX_B/H/W, when zext has been inserted by verifier, it'll return 1,
and no exception handling will continue. Also, when the offset is 12-bit
value, the redundant zext inserted by the verifier is not removed. Fix
both scenarios by moving down the removal of redundant zext.
Signed-off-by: Pu Lehui <pulehui@huawei.com>
Link: https://lore.kernel.org/r/20230824095001.3408573-2-pulehui@huaweicloud.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Alexei Starovoitov [Thu, 24 Aug 2023 15:43:50 +0000 (08:43 -0700)]
Merge branch 'samples-bpf-remove-unmaintained-xdp-sample-utilities'
Toke Høiland-Jørgensen says:
====================
samples/bpf: Remove unmaintained XDP sample utilities
The samples/bpf directory in the kernel tree started out as a way of showcasing
different aspects of BPF functionality by writing small utility programs for
each feature. However, as the BPF subsystem has matured, the preferred way of
including userspace code with a feature has become the BPF selftests, which also
have the benefit of being consistently run as part of the BPF CI system.
As a result of this shift, the utilities in samples/bpf have seen little love,
and have slowly bitrotted. There have been sporadic cleanup patches over the
years, but it's clear that the utilities are far from maintained.
For XDP in particular, some of the utilities have been used as benchmarking aids
when implementing new kernel features, which seems to be the main reason they
have stuck around; any updates the utilities have seen have been targeted at
this use case. However, as the BPF subsystem as a whole has moved on, it has
become increasingly difficult to incorporate new features into these utilities
because they predate most of the modern BPF features (such as kfuncs and BTF).
Rather than try to update these utilities and keep maintaining them in the
kernel tree, we have ported the useful features of the utilities to the
xdp-tools package. In the porting process we also updated the utilities to take
advantage of modern BPF features, integrated them with libxdp, and polished the
user interface.
As these utilities are standalone tools, maintaining them out of tree is
simpler, and we plan to keep maintaining them in the xdp-tools repo. To direct
users of these utilities to the right place, this series removes the utilities
from samples/bpf, leaving in place only a couple of utilities whose
functionality have not yet been ported to xdp-tools.
The xdp-tools repository is located on Github at the following URL:
https://github.com/xdp-project/xdp-tools
The commits in the series removes one utility each, explaining how the
equivalent functionality can be obtained with xdp-tools.
v2:
- Add equivalent xdp-tools commands for each removed utility
v3:
- Add link to xdp-tools in the README
Toke Høiland-Jørgensen (7):
samples/bpf: Remove the xdp_monitor utility
samples/bpf: Remove the xdp_redirect* utilities
samples/bpf: Remove the xdp_rxq_info utility
samples/bpf: Remove the xdp1 and xdp2 utilities
samples/bpf: Remove the xdp_sample_pkts utility
samples/bpf: Cleanup .gitignore
samples/bpf: Add note to README about the XDP utilities moved to
xdp-tools
samples/bpf/.gitignore | 12 -
samples/bpf/Makefile | 48 +-
samples/bpf/README.rst | 6 +
samples/bpf/xdp1_kern.c | 100 ----
samples/bpf/xdp1_user.c | 166 ------
samples/bpf/xdp2_kern.c | 125 -----
samples/bpf/xdp_monitor.bpf.c | 8 -
samples/bpf/xdp_monitor_user.c | 118 -----
samples/bpf/xdp_redirect.bpf.c | 49 --
samples/bpf/xdp_redirect_cpu.bpf.c | 539 -------------------
samples/bpf/xdp_redirect_cpu_user.c | 559 --------------------
samples/bpf/xdp_redirect_map.bpf.c | 97 ----
samples/bpf/xdp_redirect_map_multi.bpf.c | 77 ---
samples/bpf/xdp_redirect_map_multi_user.c | 232 --------
samples/bpf/xdp_redirect_map_user.c | 228 --------
samples/bpf/xdp_redirect_user.c | 172 ------
samples/bpf/xdp_rxq_info_kern.c | 140 -----
samples/bpf/xdp_rxq_info_user.c | 614 ----------------------
samples/bpf/xdp_sample_pkts_kern.c | 57 --
samples/bpf/xdp_sample_pkts_user.c | 196 -------
20 files changed, 7 insertions(+), 3536 deletions(-)
delete mode 100644 samples/bpf/xdp1_kern.c
delete mode 100644 samples/bpf/xdp1_user.c
delete mode 100644 samples/bpf/xdp2_kern.c
delete mode 100644 samples/bpf/xdp_monitor.bpf.c
delete mode 100644 samples/bpf/xdp_monitor_user.c
delete mode 100644 samples/bpf/xdp_redirect.bpf.c
delete mode 100644 samples/bpf/xdp_redirect_cpu.bpf.c
delete mode 100644 samples/bpf/xdp_redirect_cpu_user.c
delete mode 100644 samples/bpf/xdp_redirect_map.bpf.c
delete mode 100644 samples/bpf/xdp_redirect_map_multi.bpf.c
delete mode 100644 samples/bpf/xdp_redirect_map_multi_user.c
delete mode 100644 samples/bpf/xdp_redirect_map_user.c
delete mode 100644 samples/bpf/xdp_redirect_user.c
delete mode 100644 samples/bpf/xdp_rxq_info_kern.c
delete mode 100644 samples/bpf/xdp_rxq_info_user.c
delete mode 100644 samples/bpf/xdp_sample_pkts_kern.c
delete mode 100644 samples/bpf/xdp_sample_pkts_user.c
====================
Link: https://lore.kernel.org/r/20230824102255.1561885-1-toke@redhat.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Toke Høiland-Jørgensen [Thu, 24 Aug 2023 10:22:50 +0000 (12:22 +0200)]
samples/bpf: Add note to README about the XDP utilities moved to xdp-tools
To help users find the XDP utilities, add a note to the README about the
new location and the conversion documentation in the commit messages.
Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
Link: https://lore.kernel.org/r/20230824102255.1561885-8-toke@redhat.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Toke Høiland-Jørgensen [Thu, 24 Aug 2023 10:22:49 +0000 (12:22 +0200)]
samples/bpf: Cleanup .gitignore
Remove no longer present XDP utilities from .gitignore. Apart from the
recently removed XDP utilities this also includes the previously removed
xdpsock and xsk utilities.
Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
Link: https://lore.kernel.org/r/20230824102255.1561885-7-toke@redhat.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Toke Høiland-Jørgensen [Thu, 24 Aug 2023 10:22:48 +0000 (12:22 +0200)]
samples/bpf: Remove the xdp_sample_pkts utility
The functionality of this utility is covered by the xdpdump utility in
xdp-tools.
There's a slight difference in usage as the xdpdump utility's main focus is
to dump packets before or after they are processed by an existing XDP
program. However, xdpdump also has the --load-xdp-program switch, which
will make it attach its own program if no existing program is loaded. With
this, xdp_sample_pkts usage can be converted as:
xdp_sample_pkts eth0
--> xdpdump --load-xdp-program eth0
To get roughly equivalent behaviour.
Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
Link: https://lore.kernel.org/r/20230824102255.1561885-6-toke@redhat.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Toke Høiland-Jørgensen [Thu, 24 Aug 2023 10:22:47 +0000 (12:22 +0200)]
samples/bpf: Remove the xdp1 and xdp2 utilities
The functionality of these utilities have been incorporated into the
xdp-bench utility in xdp-tools.
Equivalent functionality is:
xdp1 eth0
--> xdp-bench drop -p parse-ip -l load-bytes eth0
xdp2 eth0
--> xdp-bench drop -p swap-macs eth0
Note that there's a slight difference in behaviour of those examples: the
swap-macs operation of xdp-bench doesn't use the bpf_xdp_load_bytes()
helper to load the packet data, whereas the xdp2 utility did so
unconditionally. For the parse-ip action the use of bpf_xdp_load_bytes()
can be selected by the '-l load-bytes' switch, with the difference that the
xdp-bench utility will perform two separate calls to the helper, one to
load the ethernet header and another to load the IP header; where the xdp1
utility only performed one call always loading 60 bytes of data.
Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
Link: https://lore.kernel.org/r/20230824102255.1561885-5-toke@redhat.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Toke Høiland-Jørgensen [Thu, 24 Aug 2023 10:22:46 +0000 (12:22 +0200)]
samples/bpf: Remove the xdp_rxq_info utility
The functionality of this utility has been incorporated into the xdp-bench
utility in xdp-tools, by way of the --rxq-stats argument to the 'drop',
'pass' and 'tx' commands of xdp-bench.
Some examples of how to convert xdp_rxq_info invocations into equivalent
xdp-bench commands:
xdp_rxq_info -d eth0
--> xdp-bench pass --rxq-stats eth0
xdp_rxq_info -d eth0 -a XDP_DROP -m
--> xdp-bench drop --rxq-stats -p swap-macs eth0
Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
Link: https://lore.kernel.org/r/20230824102255.1561885-4-toke@redhat.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Toke Høiland-Jørgensen [Thu, 24 Aug 2023 10:22:45 +0000 (12:22 +0200)]
samples/bpf: Remove the xdp_redirect* utilities
These utilities have all been ported to xdp-tools as functions of the
xdp-bench utility. The four different utilities in samples are incorporated
as separate subcommands to xdp-bench, with most of the command line
parameters left intact, except that mandatory arguments are always
positional in xdp-bench. For full usage details see the --help output of
each command, or the xdp-bench man page.
Some examples of how to convert usage to xdp-bench are:
xdp_redirect eth0 eth1
--> xdp-bench redirect eth0 eth1
xdp_redirect_map eth0 eth1
--> xdp-bench redirect-map eth0 eth1
xdp_redirect_map_multi eth0 eth1 eth2 eth3
--> xdp-bench redirect-multi eth0 eth1 eth2 eth3
xdp_redirect_cpu -d eth0 -c 0 -c 1
--> xdp-bench redirect-cpu -c 0 -c 1 eth0
xdp_redirect_cpu -d eth0 -c 0 -c 1 -r eth1
--> xdp-bench redirect-cpu -c 0 -c 1 eth0 -r redirect -D eth1
Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
Link: https://lore.kernel.org/r/20230824102255.1561885-3-toke@redhat.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Toke Høiland-Jørgensen [Thu, 24 Aug 2023 10:22:44 +0000 (12:22 +0200)]
samples/bpf: Remove the xdp_monitor utility
This utility has been ported as-is to xdp-tools as 'xdp-monitor'. The only
difference in usage between the samples and xdp-tools versions is that the
'-v' command line parameter has been changed to '-e' in the xdp-tools
version for consistency with the other utilities.
Signed-off-by: Toke Høiland-Jørgensen <toke@redhat.com>
Link: https://lore.kernel.org/r/20230824102255.1561885-2-toke@redhat.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Yonghong Song [Thu, 24 Aug 2023 06:34:22 +0000 (23:34 -0700)]
selftests/bpf: Add a local kptr test with no special fields
Add a local kptr test with no special fields in the struct. Without the
previous patch, the following warning will hit:
[ 44.683877] WARNING: CPU: 3 PID: 485 at kernel/bpf/syscall.c:660 bpf_obj_free_fields+0x220/0x240
[ 44.684640] Modules linked in: bpf_testmod(OE)
[ 44.685044] CPU: 3 PID: 485 Comm: kworker/u8:5 Tainted: G OE 6.5.0-rc5-01703-g260d855e9b90 #248
[ 44.685827] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org 04/01/2014
[ 44.686693] Workqueue: events_unbound bpf_map_free_deferred
[ 44.687297] RIP: 0010:bpf_obj_free_fields+0x220/0x240
[ 44.687775] Code: e8 55 17 1f 00 49 8b 74 24 08 4c 89 ef e8 e8 14 05 00 e8 a3 da e2 ff e9 55 fe ff ff 0f 0b e9 4e fe ff
ff 0f 0b e9 47 fe ff ff <0f> 0b e8 d9 d9 e2 ff 31 f6 eb d5 48 83 c4 10 5b 41 5c e
[ 44.689353] RSP: 0018:
ffff888106467cb8 EFLAGS:
00010246
[ 44.689806] RAX:
0000000000000000 RBX:
ffff888112b3a200 RCX:
0000000000000001
[ 44.690433] RDX:
0000000000000000 RSI:
dffffc0000000000 RDI:
ffff8881128ad988
[ 44.691094] RBP:
0000000000000002 R08:
ffffffff81370bd0 R09:
1ffff110216231a5
[ 44.691643] R10:
dffffc0000000000 R11:
ffffed10216231a6 R12:
ffff88810d68a488
[ 44.692245] R13:
ffff88810767c288 R14:
ffff88810d68a400 R15:
ffff88810d68a418
[ 44.692829] FS:
0000000000000000(0000) GS:
ffff8881f7580000(0000) knlGS:
0000000000000000
[ 44.693484] CS: 0010 DS: 0000 ES: 0000 CR0:
0000000080050033
[ 44.693964] CR2:
000055c7f2afce28 CR3:
000000010fee4002 CR4:
0000000000370ee0
[ 44.694513] DR0:
0000000000000000 DR1:
0000000000000000 DR2:
0000000000000000
[ 44.695102] DR3:
0000000000000000 DR6:
00000000fffe0ff0 DR7:
0000000000000400
[ 44.695747] Call Trace:
[ 44.696001] <TASK>
[ 44.696183] ? __warn+0xfe/0x270
[ 44.696447] ? bpf_obj_free_fields+0x220/0x240
[ 44.696817] ? report_bug+0x220/0x2d0
[ 44.697180] ? handle_bug+0x3d/0x70
[ 44.697507] ? exc_invalid_op+0x1a/0x50
[ 44.697887] ? asm_exc_invalid_op+0x1a/0x20
[ 44.698282] ? btf_find_struct_meta+0xd0/0xd0
[ 44.698634] ? bpf_obj_free_fields+0x220/0x240
[ 44.699027] ? bpf_obj_free_fields+0x1e2/0x240
[ 44.699414] array_map_free+0x1a3/0x260
[ 44.699763] bpf_map_free_deferred+0x7b/0xe0
[ 44.700154] process_one_work+0x46d/0x750
[ 44.700523] worker_thread+0x49e/0x900
[ 44.700892] ? pr_cont_work+0x270/0x270
[ 44.701224] kthread+0x1ae/0x1d0
[ 44.701516] ? kthread_blkcg+0x50/0x50
[ 44.701860] ret_from_fork+0x34/0x50
[ 44.702178] ? kthread_blkcg+0x50/0x50
[ 44.702508] ret_from_fork_asm+0x11/0x20
[ 44.702880] </TASK>
With the previous patch, there is no warnings.
Signed-off-by: Yonghong Song <yonghong.song@linux.dev>
Link: https://lore.kernel.org/r/20230824063422.203097-1-yonghong.song@linux.dev
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Yonghong Song [Thu, 24 Aug 2023 06:34:17 +0000 (23:34 -0700)]
bpf: Remove a WARN_ON_ONCE warning related to local kptr
Currently, in function bpf_obj_free_fields(), for local kptr,
a warning will be issued if the struct does not contain any
special fields. But actually the kernel seems totally okay
with a local kptr without any special fields. Permitting
no special fields also aligns with future percpu kptr which
also allows no special fields.
Acked-by: Dave Marchevsky <davemarchevsky@fb.com>
Signed-off-by: Yonghong Song <yonghong.song@linux.dev>
Link: https://lore.kernel.org/r/20230824063417.201925-1-yonghong.song@linux.dev
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Andrii Nakryiko [Thu, 24 Aug 2023 00:00:16 +0000 (17:00 -0700)]
libbpf: fix signedness determination in CO-RE relo handling logic
Extracting btf_int_encoding() is only meaningful for BTF_KIND_INT, so we
need to check that first before inferring signedness.
Closes: https://github.com/libbpf/libbpf/issues/704
Reported-by: Lorenz Bauer <lmb@isovalent.com>
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Acked-by: Yonghong Song <yonghong.song@linux.dev>
Link: https://lore.kernel.org/r/20230824000016.2658017-2-andrii@kernel.org
Signed-off-by: Martin KaFai Lau <martin.lau@kernel.org>
Andrii Nakryiko [Thu, 24 Aug 2023 00:00:15 +0000 (17:00 -0700)]
selftests/bpf: add uprobe_multi test binary to .gitignore
It seems like it was forgotten to add uprobe_multi binary to .gitignore.
Fix this trivial omission.
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Acked-by: Yonghong Song <yonghong.song@linux.dev>
Link: https://lore.kernel.org/r/20230824000016.2658017-1-andrii@kernel.org
Signed-off-by: Martin KaFai Lau <martin.lau@kernel.org>
Daniel Xu [Wed, 23 Aug 2023 23:15:02 +0000 (17:15 -0600)]
libbpf: Add bpf_object__unpin()
For bpf_object__pin_programs() there is bpf_object__unpin_programs().
Likewise bpf_object__unpin_maps() for bpf_object__pin_maps().
But no bpf_object__unpin() for bpf_object__pin(). Adding the former adds
symmetry to the API.
It's also convenient for cleanup in application code. It's an API I
would've used if it was available for a repro I was writing earlier.
Signed-off-by: Daniel Xu <dxu@dxuuu.xyz>
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Reviewed-by: Song Liu <song@kernel.org>
Link: https://lore.kernel.org/bpf/b2f9d41da4a350281a0b53a804d11b68327e14e5.1692832478.git.dxu@dxuuu.xyz
Alexei Starovoitov [Wed, 23 Aug 2023 16:37:29 +0000 (09:37 -0700)]
Merge branch 'bpf-fix-an-issue-in-verifing-allow_ptr_leaks'
Yafang Shao says:
====================
bpf: Fix an issue in verifing allow_ptr_leaks
Patch #1: An issue found in our local 6.1 kernel.
This issue also exists in bpf-next.
Patch #2: Selftess for #1
v1->v2:
- Add acked-by from Eduard
- Fix build error reported by Alexei
====================
Link: https://lore.kernel.org/r/20230823020703.3790-1-laoar.shao@gmail.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Yafang Shao [Wed, 23 Aug 2023 02:07:03 +0000 (02:07 +0000)]
selftests/bpf: Add selftest for allow_ptr_leaks
- Without prev commit
$ tools/testing/selftests/bpf/test_progs --name=tc_bpf
#232/1 tc_bpf/tc_bpf_root:OK
test_tc_bpf_non_root:PASS:set_cap_bpf_cap_net_admin 0 nsec
test_tc_bpf_non_root:PASS:disable_cap_sys_admin 0 nsec
0: R1=ctx(off=0,imm=0) R10=fp0
; if ((long)(iph + 1) > (long)skb->data_end)
0: (61) r2 = *(u32 *)(r1 +80) ; R1=ctx(off=0,imm=0) R2_w=pkt_end(off=0,imm=0)
; struct iphdr *iph = (void *)(long)skb->data + sizeof(struct ethhdr);
1: (61) r1 = *(u32 *)(r1 +76) ; R1_w=pkt(off=0,r=0,imm=0)
; if ((long)(iph + 1) > (long)skb->data_end)
2: (07) r1 += 34 ; R1_w=pkt(off=34,r=0,imm=0)
3: (b4) w0 = 1 ; R0_w=1
4: (2d) if r1 > r2 goto pc+1
R2 pointer comparison prohibited
processed 5 insns (limit 1000000) max_states_per_insn 0 total_states 0 peak_states 0 mark_read 0
test_tc_bpf_non_root:FAIL:test_tc_bpf__open_and_load unexpected error: -13
#233/2 tc_bpf_non_root:FAIL
- With prev commit
$ tools/testing/selftests/bpf/test_progs --name=tc_bpf
#232/1 tc_bpf/tc_bpf_root:OK
#232/2 tc_bpf/tc_bpf_non_root:OK
#232 tc_bpf:OK
Summary: 1/2 PASSED, 0 SKIPPED, 0 FAILED
Signed-off-by: Yafang Shao <laoar.shao@gmail.com>
Link: https://lore.kernel.org/r/20230823020703.3790-3-laoar.shao@gmail.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Yafang Shao [Wed, 23 Aug 2023 02:07:02 +0000 (02:07 +0000)]
bpf: Fix issue in verifying allow_ptr_leaks
After we converted the capabilities of our networking-bpf program from
cap_sys_admin to cap_net_admin+cap_bpf, our networking-bpf program
failed to start. Because it failed the bpf verifier, and the error log
is "R3 pointer comparison prohibited".
A simple reproducer as follows,
SEC("cls-ingress")
int ingress(struct __sk_buff *skb)
{
struct iphdr *iph = (void *)(long)skb->data + sizeof(struct ethhdr);
if ((long)(iph + 1) > (long)skb->data_end)
return TC_ACT_STOLEN;
return TC_ACT_OK;
}
Per discussion with Yonghong and Alexei [1], comparison of two packet
pointers is not a pointer leak. This patch fixes it.
Our local kernel is 6.1.y and we expect this fix to be backported to
6.1.y, so stable is CCed.
[1]. https://lore.kernel.org/bpf/CAADnVQ+Nmspr7Si+pxWn8zkE7hX-7s93ugwC+94aXSy4uQ9vBg@mail.gmail.com/
Suggested-by: Yonghong Song <yonghong.song@linux.dev>
Suggested-by: Alexei Starovoitov <alexei.starovoitov@gmail.com>
Signed-off-by: Yafang Shao <laoar.shao@gmail.com>
Acked-by: Eduard Zingerman <eddyz87@gmail.com>
Cc: stable@vger.kernel.org
Link: https://lore.kernel.org/r/20230823020703.3790-2-laoar.shao@gmail.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Hao Luo [Tue, 22 Aug 2023 19:38:40 +0000 (12:38 -0700)]
libbpf: Free btf_vmlinux when closing bpf_object
I hit a memory leak when testing bpf_program__set_attach_target().
Basically, set_attach_target() may allocate btf_vmlinux, for example,
when setting attach target for bpf_iter programs. But btf_vmlinux
is freed only in bpf_object_load(), which means if we only open
bpf object but not load it, setting attach target may leak
btf_vmlinux.
So let's free btf_vmlinux in bpf_object__close() anyway.
Signed-off-by: Hao Luo <haoluo@google.com>
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Link: https://lore.kernel.org/bpf/20230822193840.1509809-1-haoluo@google.com
Alexei Starovoitov [Tue, 22 Aug 2023 19:52:48 +0000 (12:52 -0700)]
Merge branch 'fix-for-check_func_arg_reg_off'
Kumar Kartikeya Dwivedi says:
====================
Fix for check_func_arg_reg_off
Remove a leftover hunk in check_func_arg_reg_off that incorrectly
bypasses reg->off == 0 requirement for release kfuncs and helpers.
====================
Link: https://lore.kernel.org/r/20230822175140.1317749-1-memxor@gmail.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Kumar Kartikeya Dwivedi [Tue, 22 Aug 2023 17:51:40 +0000 (23:21 +0530)]
selftests/bpf: Add test for bpf_obj_drop with bad reg->off
Add a selftest for the fix provided in the previous commit. Without the
fix, the selftest passes the verifier while it should fail. The special
logic for detecting graph root or node for reg->off and bypassing
reg->off == 0 guarantee for release helpers/kfuncs has been dropped.
Signed-off-by: Kumar Kartikeya Dwivedi <memxor@gmail.com>
Link: https://lore.kernel.org/r/20230822175140.1317749-3-memxor@gmail.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Kumar Kartikeya Dwivedi [Tue, 22 Aug 2023 17:51:39 +0000 (23:21 +0530)]
bpf: Fix check_func_arg_reg_off bug for graph root/node
The commit being fixed introduced a hunk into check_func_arg_reg_off
that bypasses reg->off == 0 enforcement when offset points to a graph
node or root. This might possibly be done for treating bpf_rbtree_remove
and others as KF_RELEASE and then later check correct reg->off in helper
argument checks.
But this is not the case, those helpers are already not KF_RELEASE and
permit non-zero reg->off and verify it later to match the subobject in
BTF type.
However, this logic leads to bpf_obj_drop permitting free of register
arguments with non-zero offset when they point to a graph root or node
within them, which is not ok.
For instance:
struct foo {
int i;
int j;
struct bpf_rb_node node;
};
struct foo *f = bpf_obj_new(typeof(*f));
if (!f) ...
bpf_obj_drop(f); // OK
bpf_obj_drop(&f->i); // still ok from verifier PoV
bpf_obj_drop(&f->node); // Not OK, but permitted right now
Fix this by dropping the whole part of code altogether.
Fixes:
6a3cd3318ff6 ("bpf: Migrate release_on_unlock logic to non-owning ref semantics")
Signed-off-by: Kumar Kartikeya Dwivedi <memxor@gmail.com>
Link: https://lore.kernel.org/r/20230822175140.1317749-2-memxor@gmail.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Yonghong Song [Tue, 22 Aug 2023 05:00:58 +0000 (22:00 -0700)]
selftests/bpf: Add a failure test for bpf_kptr_xchg() with local kptr
For a bpf_kptr_xchg() with local kptr, if the map value kptr type and
allocated local obj type does not match, with the previous patch,
the below verifier error message will be logged:
R2 is of type <allocated local obj type> but <map value kptr type> is expected
Without the previous patch, the test will have unexpected success.
Signed-off-by: Yonghong Song <yonghong.song@linux.dev>
Acked-by: Kumar Kartikeya Dwivedi <memxor@gmail.com>
Link: https://lore.kernel.org/r/20230822050058.2887354-1-yonghong.song@linux.dev
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Yonghong Song [Tue, 22 Aug 2023 05:00:53 +0000 (22:00 -0700)]
bpf: Fix a bpf_kptr_xchg() issue with local kptr
When reviewing local percpu kptr support, Alexei discovered a bug
wherea bpf_kptr_xchg() may succeed even if the map value kptr type and
locally allocated obj type do not match ([1]). Missed struct btf_id
comparison is the reason for the bug. This patch added such struct btf_id
comparison and will flag verification failure if types do not match.
[1] https://lore.kernel.org/bpf/
20230819002907.io3iphmnuk43xblu@macbook-pro-8.dhcp.thefacebook.com/#t
Reported-by: Alexei Starovoitov <ast@kernel.org>
Fixes:
738c96d5e2e3 ("bpf: Allow local kptrs to be exchanged via bpf_kptr_xchg")
Signed-off-by: Yonghong Song <yonghong.song@linux.dev>
Acked-by: Kumar Kartikeya Dwivedi <memxor@gmail.com>
Link: https://lore.kernel.org/r/20230822050053.2886960-1-yonghong.song@linux.dev
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Alexei Starovoitov [Mon, 21 Aug 2023 22:51:28 +0000 (15:51 -0700)]
Merge branch 'bpf-add-multi-uprobe-link'
Jiri Olsa says:
====================
bpf: Add multi uprobe link
hi,
this patchset is adding support to attach multiple uprobes and usdt probes
through new uprobe_multi link.
The current uprobe is attached through the perf event and attaching many
uprobes takes a lot of time because of that.
The main reason is that we need to install perf event for each probed function
and profile shows perf event installation (perf_install_in_context) as culprit.
The new uprobe_multi link just creates raw uprobes and attaches the bpf
program to them without perf event being involved.
In addition to being faster we also save file descriptors. For the current
uprobe attach we use extra perf event fd for each probed function. The new
link just need one fd that covers all the functions we are attaching to.
v7 changes:
- fixed task release on error path and re-org the error
path to be more straightforward [Yonghong]
- re-organized uprobe_prog_run locking to follow general pattern
and removed might_fault check as it's not needed in uprobe/task
context [Yonghong]
There's support for bpftrace [2] and tetragon [1].
Also available at:
https://git.kernel.org/pub/scm/linux/kernel/git/jolsa/perf.git
uprobe_multi
thanks,
jirka
[1] https://github.com/cilium/tetragon/pull/936
[2] https://github.com/iovisor/bpftrace/compare/master...olsajiri:bpftrace:uprobe_multi
[3] https://lore.kernel.org/bpf/
20230628115329.248450-1-laoar.shao@gmail.com/
---
====================
Link: https://lore.kernel.org/r/20230809083440.3209381-1-jolsa@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Jiri Olsa [Wed, 9 Aug 2023 08:34:40 +0000 (10:34 +0200)]
selftests/bpf: Add extra link to uprobe_multi tests
Attaching extra program to same functions system wide for api
and link tests.
This way we can test the pid filter works properly when there's
extra system wide consumer on the same uprobe that will trigger
the original uprobe handler.
We expect to have the same counts as before.
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Link: https://lore.kernel.org/r/20230809083440.3209381-29-jolsa@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Jiri Olsa [Wed, 9 Aug 2023 08:34:39 +0000 (10:34 +0200)]
selftests/bpf: Add uprobe_multi pid filter tests
Running api and link tests also with pid filter and checking
the probe gets executed only for specific pid.
Spawning extra process to trigger attached uprobes and checking
we get correct counts from executed programs.
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Link: https://lore.kernel.org/r/20230809083440.3209381-28-jolsa@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Jiri Olsa [Wed, 9 Aug 2023 08:34:38 +0000 (10:34 +0200)]
selftests/bpf: Add uprobe_multi cookie test
Adding test for cookies setup/retrieval in uprobe_link uprobes
and making sure bpf_get_attach_cookie works properly.
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Link: https://lore.kernel.org/r/20230809083440.3209381-27-jolsa@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Jiri Olsa [Wed, 9 Aug 2023 08:34:37 +0000 (10:34 +0200)]
selftests/bpf: Add uprobe_multi usdt bench test
Adding test that attaches 50k usdt probes in usdt_multi binary.
After the attach is done we run the binary and make sure we get
proper amount of hits.
With current uprobes:
# perf stat --null ./test_progs -n 254/6
#254/6 uprobe_multi_test/bench_usdt:OK
#254 uprobe_multi_test:OK
Summary: 1/1 PASSED, 0 SKIPPED, 0 FAILED
Performance counter stats for './test_progs -n 254/6':
1353.
659680562 seconds time elapsed
With uprobe_multi link:
# perf stat --null ./test_progs -n 254/6
#254/6 uprobe_multi_test/bench_usdt:OK
#254 uprobe_multi_test:OK
Summary: 1/1 PASSED, 0 SKIPPED, 0 FAILED
Performance counter stats for './test_progs -n 254/6':
0.
322046364 seconds time elapsed
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Link: https://lore.kernel.org/r/20230809083440.3209381-26-jolsa@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Jiri Olsa [Wed, 9 Aug 2023 08:34:36 +0000 (10:34 +0200)]
selftests/bpf: Add uprobe_multi usdt test code
Adding code in uprobe_multi test binary that defines 50k usdts
and will serve as attach point for uprobe_multi usdt bench test
in following patch.
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Link: https://lore.kernel.org/r/20230809083440.3209381-25-jolsa@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Jiri Olsa [Wed, 9 Aug 2023 08:34:35 +0000 (10:34 +0200)]
selftests/bpf: Add uprobe_multi bench test
Adding test that attaches 50k uprobes in uprobe_multi binary.
After the attach is done we run the binary and make sure we
get proper amount of hits.
The resulting attach/detach times on my setup:
test_bench_attach_uprobe:PASS:uprobe_multi__open 0 nsec
test_bench_attach_uprobe:PASS:uprobe_multi__attach 0 nsec
test_bench_attach_uprobe:PASS:uprobes_count 0 nsec
test_bench_attach_uprobe: attached in 0.346s
test_bench_attach_uprobe: detached in 0.419s
#262/5 uprobe_multi_test/bench_uprobe:OK
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Link: https://lore.kernel.org/r/20230809083440.3209381-24-jolsa@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Jiri Olsa [Wed, 9 Aug 2023 08:34:34 +0000 (10:34 +0200)]
selftests/bpf: Add uprobe_multi test program
Adding uprobe_multi test program that defines 50k uprobe_multi_func_*
functions and will serve as attach point for uprobe_multi bench test
in following patch.
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Link: https://lore.kernel.org/r/20230809083440.3209381-23-jolsa@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Jiri Olsa [Wed, 9 Aug 2023 08:34:33 +0000 (10:34 +0200)]
selftests/bpf: Add uprobe_multi link test
Adding uprobe_multi test for bpf_link_create attach function.
Testing attachment using the struct bpf_link_create_opts.
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Link: https://lore.kernel.org/r/20230809083440.3209381-22-jolsa@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Jiri Olsa [Wed, 9 Aug 2023 08:34:32 +0000 (10:34 +0200)]
selftests/bpf: Add uprobe_multi api test
Adding uprobe_multi test for bpf_program__attach_uprobe_multi
attach function.
Testing attachment using glob patterns and via bpf_uprobe_multi_opts
paths/syms fields.
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Link: https://lore.kernel.org/r/20230809083440.3209381-21-jolsa@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Jiri Olsa [Wed, 9 Aug 2023 08:34:31 +0000 (10:34 +0200)]
selftests/bpf: Add uprobe_multi skel test
Adding uprobe_multi test for skeleton load/attach functions,
to test skeleton auto attach for uprobe_multi link.
Test that bpf_get_func_ip works properly for uprobe_multi
attachment.
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Link: https://lore.kernel.org/r/20230809083440.3209381-20-jolsa@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Jiri Olsa [Wed, 9 Aug 2023 08:34:30 +0000 (10:34 +0200)]
selftests/bpf: Move get_time_ns to testing_helpers.h
We'd like to have single copy of get_time_ns used b bench and test_progs,
but we can't just include bench.h, because of conflicting 'struct env'
objects.
Moving get_time_ns to testing_helpers.h which is being included by both
bench and test_progs objects.
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Link: https://lore.kernel.org/r/20230809083440.3209381-19-jolsa@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Jiri Olsa [Wed, 9 Aug 2023 08:34:29 +0000 (10:34 +0200)]
libbpf: Add uprobe multi link support to bpf_program__attach_usdt
Adding support for usdt_manager_attach_usdt to use uprobe_multi
link to attach to usdt probes.
The uprobe_multi support is detected before the usdt program is
loaded and its expected_attach_type is set accordingly.
If uprobe_multi support is detected the usdt_manager_attach_usdt
gathers uprobes info and calls bpf_program__attach_uprobe to
create all needed uprobes.
If uprobe_multi support is not detected the old behaviour stays.
Also adding usdt.s program section for sleepable usdt probes.
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Link: https://lore.kernel.org/r/20230809083440.3209381-18-jolsa@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Jiri Olsa [Wed, 9 Aug 2023 08:34:28 +0000 (10:34 +0200)]
libbpf: Add uprobe multi link detection
Adding uprobe-multi link detection. It will be used later in
bpf_program__attach_usdt function to check and use uprobe_multi
link over standard uprobe links.
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Link: https://lore.kernel.org/r/20230809083440.3209381-17-jolsa@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Jiri Olsa [Wed, 9 Aug 2023 08:34:27 +0000 (10:34 +0200)]
libbpf: Add support for u[ret]probe.multi[.s] program sections
Adding support for several uprobe_multi program sections
to allow auto attach of multi_uprobe programs.
Acked-by: Andrii Nakryiko <andrii@kernel.org>
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Link: https://lore.kernel.org/r/20230809083440.3209381-16-jolsa@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Jiri Olsa [Wed, 9 Aug 2023 08:34:26 +0000 (10:34 +0200)]
libbpf: Add bpf_program__attach_uprobe_multi function
Adding bpf_program__attach_uprobe_multi function that
allows to attach multiple uprobes with uprobe_multi link.
The user can specify uprobes with direct arguments:
binary_path/func_pattern/pid
or with struct bpf_uprobe_multi_opts opts argument fields:
const char **syms;
const unsigned long *offsets;
const unsigned long *ref_ctr_offsets;
const __u64 *cookies;
User can specify 2 mutually exclusive set of inputs:
1) use only path/func_pattern/pid arguments
2) use path/pid with allowed combinations of:
syms/offsets/ref_ctr_offsets/cookies/cnt
- syms and offsets are mutually exclusive
- ref_ctr_offsets and cookies are optional
Any other usage results in error.
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Link: https://lore.kernel.org/r/20230809083440.3209381-15-jolsa@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Jiri Olsa [Wed, 9 Aug 2023 08:34:25 +0000 (10:34 +0200)]
libbpf: Add bpf_link_create support for multi uprobes
Adding new uprobe_multi struct to bpf_link_create_opts object
to pass multiple uprobe data to link_create attr uapi.
Acked-by: Andrii Nakryiko <andrii@kernel.org>
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Link: https://lore.kernel.org/r/20230809083440.3209381-14-jolsa@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Jiri Olsa [Wed, 9 Aug 2023 08:34:24 +0000 (10:34 +0200)]
libbpf: Add elf_resolve_pattern_offsets function
Adding elf_resolve_pattern_offsets function that looks up
offsets for symbols specified by pattern argument.
The 'pattern' argument allows wildcards (*?' supported).
Offsets are returned in allocated array together with its
size and needs to be released by the caller.
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Link: https://lore.kernel.org/r/20230809083440.3209381-13-jolsa@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Jiri Olsa [Wed, 9 Aug 2023 08:34:23 +0000 (10:34 +0200)]
libbpf: Add elf_resolve_syms_offsets function
Adding elf_resolve_syms_offsets function that looks up
offsets for symbols specified in syms array argument.
Offsets are returned in allocated array with the 'cnt' size,
that needs to be released by the caller.
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Link: https://lore.kernel.org/r/20230809083440.3209381-12-jolsa@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Jiri Olsa [Wed, 9 Aug 2023 08:34:22 +0000 (10:34 +0200)]
libbpf: Add elf symbol iterator
Adding elf symbol iterator object (and some functions) that follow
open-coded iterator pattern and some functions to ease up iterating
elf object symbols.
The idea is to iterate single symbol section with:
struct elf_sym_iter iter;
struct elf_sym *sym;
if (elf_sym_iter_new(&iter, elf, binary_path, SHT_DYNSYM))
goto error;
while ((sym = elf_sym_iter_next(&iter))) {
...
}
I considered opening the elf inside the iterator and iterate all symbol
sections, but then it gets more complicated wrt user checks for when
the next section is processed.
Plus side is the we don't need 'exit' function, because caller/user is
in charge of that.
The returned iterated symbol object from elf_sym_iter_next function
is placed inside the struct elf_sym_iter, so no extra allocation or
argument is needed.
Suggested-by: Andrii Nakryiko <andrii@kernel.org>
Acked-by: Andrii Nakryiko <andrii@kernel.org>
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Link: https://lore.kernel.org/r/20230809083440.3209381-11-jolsa@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Jiri Olsa [Wed, 9 Aug 2023 08:34:21 +0000 (10:34 +0200)]
libbpf: Add elf_open/elf_close functions
Adding elf_open/elf_close functions and using it in
elf_find_func_offset_from_file function. It will be
used in following changes to save some common code.
Acked-by: Andrii Nakryiko <andrii@kernel.org>
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Link: https://lore.kernel.org/r/20230809083440.3209381-10-jolsa@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Jiri Olsa [Wed, 9 Aug 2023 08:34:20 +0000 (10:34 +0200)]
libbpf: Move elf_find_func_offset* functions to elf object
Adding new elf object that will contain elf related functions.
There's no functional change.
Suggested-by: Andrii Nakryiko <andrii@kernel.org>
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Link: https://lore.kernel.org/r/20230809083440.3209381-9-jolsa@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Jiri Olsa [Wed, 9 Aug 2023 08:34:19 +0000 (10:34 +0200)]
libbpf: Add uprobe_multi attach type and link names
Adding new uprobe_multi attach type and link names,
so the functions can resolve the new values.
Acked-by: Andrii Nakryiko <andrii@kernel.org>
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Link: https://lore.kernel.org/r/20230809083440.3209381-8-jolsa@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Jiri Olsa [Wed, 9 Aug 2023 08:34:18 +0000 (10:34 +0200)]
bpf: Add bpf_get_func_ip helper support for uprobe link
Adding support for bpf_get_func_ip helper being called from
ebpf program attached by uprobe_multi link.
It returns the ip of the uprobe.
Acked-by: Andrii Nakryiko <andrii@kernel.org>
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Acked-by: Yonghong Song <yonghong.song@linux.dev>
Link: https://lore.kernel.org/r/20230809083440.3209381-7-jolsa@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Jiri Olsa [Wed, 9 Aug 2023 08:34:17 +0000 (10:34 +0200)]
bpf: Add pid filter support for uprobe_multi link
Adding support to specify pid for uprobe_multi link and the uprobes
are created only for task with given pid value.
Using the consumer.filter filter callback for that, so the task gets
filtered during the uprobe installation.
We still need to check the task during runtime in the uprobe handler,
because the handler could get executed if there's another system
wide consumer on the same uprobe (thanks Oleg for the insight).
Cc: Oleg Nesterov <oleg@redhat.com>
Reviewed-by: Oleg Nesterov <oleg@redhat.com>
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Acked-by: Yonghong Song <yonghong.song@linux.dev>
Link: https://lore.kernel.org/r/20230809083440.3209381-6-jolsa@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Jiri Olsa [Wed, 9 Aug 2023 08:34:16 +0000 (10:34 +0200)]
bpf: Add cookies support for uprobe_multi link
Adding support to specify cookies array for uprobe_multi link.
The cookies array share indexes and length with other uprobe_multi
arrays (offsets/ref_ctr_offsets).
The cookies[i] value defines cookie for i-the uprobe and will be
returned by bpf_get_attach_cookie helper when called from ebpf
program hooked to that specific uprobe.
Acked-by: Andrii Nakryiko <andrii@kernel.org>
Acked-by: Yafang Shao <laoar.shao@gmail.com>
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Acked-by: Yonghong Song <yonghong.song@linux.dev>
Link: https://lore.kernel.org/r/20230809083440.3209381-5-jolsa@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Jiri Olsa [Wed, 9 Aug 2023 08:34:15 +0000 (10:34 +0200)]
bpf: Add multi uprobe link
Adding new multi uprobe link that allows to attach bpf program
to multiple uprobes.
Uprobes to attach are specified via new link_create uprobe_multi
union:
struct {
__aligned_u64 path;
__aligned_u64 offsets;
__aligned_u64 ref_ctr_offsets;
__u32 cnt;
__u32 flags;
} uprobe_multi;
Uprobes are defined for single binary specified in path and multiple
calling sites specified in offsets array with optional reference
counters specified in ref_ctr_offsets array. All specified arrays
have length of 'cnt'.
The 'flags' supports single bit for now that marks the uprobe as
return probe.
Acked-by: Andrii Nakryiko <andrii@kernel.org>
Acked-by: Yafang Shao <laoar.shao@gmail.com>
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Acked-by: Yonghong Song <yonghong.song@linux.dev>
Link: https://lore.kernel.org/r/20230809083440.3209381-4-jolsa@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Jiri Olsa [Wed, 9 Aug 2023 08:34:14 +0000 (10:34 +0200)]
bpf: Add attach_type checks under bpf_prog_attach_check_attach_type
Add extra attach_type checks from link_create under
bpf_prog_attach_check_attach_type.
Suggested-by: Andrii Nakryiko <andrii@kernel.org>
Acked-by: Andrii Nakryiko <andrii@kernel.org>
Acked-by: Yafang Shao <laoar.shao@gmail.com>
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Acked-by: Yonghong Song <yonghong.song@linux.dev>
Link: https://lore.kernel.org/r/20230809083440.3209381-3-jolsa@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Jiri Olsa [Wed, 9 Aug 2023 08:34:13 +0000 (10:34 +0200)]
bpf: Switch BPF_F_KPROBE_MULTI_RETURN macro to enum
Switching BPF_F_KPROBE_MULTI_RETURN macro to anonymous enum,
so it'd show up in vmlinux.h. There's not functional change
compared to having this as macro.
Acked-by: Yafang Shao <laoar.shao@gmail.com>
Suggested-by: Andrii Nakryiko <andrii@kernel.org>
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Acked-by: Yonghong Song <yonghong.song@linux.dev>
Link: https://lore.kernel.org/r/20230809083440.3209381-2-jolsa@kernel.org
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Alexei Starovoitov [Mon, 21 Aug 2023 22:39:10 +0000 (15:39 -0700)]
Merge branch 'samples-bpf-make-bpf-programs-more-libbpf-aware'
Daniel T. Lee says:
====================
samples/bpf: make BPF programs more libbpf aware
The existing tracing programs have been developed for a considerable
period of time and, as a result, do not properly incorporate the
features of the current libbpf, such as CO-RE. This is evident in
frequent usage of functions like PT_REGS* and the persistence of "hack"
methods using underscore-style bpf_probe_read_kernel from the past.
These programs are far behind the current level of libbpf and can
potentially confuse users.
The kernel has undergone significant changes, and some of these changes
have broken these programs, but on the other hand, more robust APIs have
been developed for increased stableness.
To list some of the kernel changes that this patch set is focusing on,
- symbol mismatch occurs due to compiler optimization [1]
- inline of blk_account_io* breaks BPF kprobe program [2]
- new tracepoints for the block_io_start/done are introduced [3]
- map lookup probes can't be triggered (bpf_disable_instrumentation)[4]
- BPF_KSYSCALL has been introduced to simplify argument fetching [5]
- convert to vmlinux.h and use tp argument structure within it
- make tracing programs to be more CO-RE centric
In this regard, this patch set aims not only to integrate the latest
features of libbpf into BPF programs but also to reduce confusion and
clarify the BPF programs. This will help with the potential confusion
among users and make the programs more intutitive.
[1]: https://github.com/iovisor/bcc/issues/1754
[2]: https://github.com/iovisor/bcc/issues/4261
[3]: commit
5a80bd075f3b ("block: introduce block_io_start/block_io_done tracepoints")
[4]: commit
7c4cd051add3 ("bpf: Fix syscall's stackmap lookup potential deadlock")
[5]: commit
6f5d467d55f0 ("libbpf: improve BPF_KPROBE_SYSCALL macro and rename it to BPF_KSYSCALL")
====================
Link: https://lore.kernel.org/r/20230818090119.477441-1-danieltimlee@gmail.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Daniel T. Lee [Fri, 18 Aug 2023 09:01:19 +0000 (18:01 +0900)]
samples/bpf: simplify spintest with kprobe.multi
With the introduction of kprobe.multi, it is now possible to attach
multiple kprobes to a single BPF program without the need for multiple
definitions. Additionally, this method supports wildcard-based
matching, allowing for further simplification of BPF programs. In here,
an asterisk (*) wildcard is used to map to all symbols relevant to
spin_{lock|unlock}.
Furthermore, since kprobe.multi handles symbol matching, this commit
eliminates the need for the previous logic of reading the ksym table to
verify the existence of symbols.
Signed-off-by: Daniel T. Lee <danieltimlee@gmail.com>
Link: https://lore.kernel.org/r/20230818090119.477441-10-danieltimlee@gmail.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Daniel T. Lee [Fri, 18 Aug 2023 09:01:18 +0000 (18:01 +0900)]
samples/bpf: refactor syscall tracing programs using BPF_KSYSCALL macro
This commit refactors the syscall tracing programs by adopting the
BPF_KSYSCALL macro. This change aims to enhance the clarity and
simplicity of the BPF programs by reducing the complexity of argument
parsing from pt_regs.
Signed-off-by: Daniel T. Lee <danieltimlee@gmail.com>
Link: https://lore.kernel.org/r/20230818090119.477441-9-danieltimlee@gmail.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Daniel T. Lee [Fri, 18 Aug 2023 09:01:17 +0000 (18:01 +0900)]
samples/bpf: fix broken map lookup probe
In the commit
7c4cd051add3 ("bpf: Fix syscall's stackmap lookup
potential deadlock"), a potential deadlock issue was addressed, which
resulted in *_map_lookup_elem not triggering BPF programs.
(prior to lookup, bpf_disable_instrumentation() is used)
To resolve the broken map lookup probe using "htab_map_lookup_elem",
this commit introduces an alternative approach. Instead, it utilize
"bpf_map_copy_value" and apply a filter specifically for the hash table
with map_type.
Signed-off-by: Daniel T. Lee <danieltimlee@gmail.com>
Fixes:
7c4cd051add3 ("bpf: Fix syscall's stackmap lookup potential deadlock")
Link: https://lore.kernel.org/r/20230818090119.477441-8-danieltimlee@gmail.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Daniel T. Lee [Fri, 18 Aug 2023 09:01:16 +0000 (18:01 +0900)]
samples/bpf: fix bio latency check with tracepoint
Recently, a new tracepoint for the block layer, specifically the
block_io_start/done tracepoints, was introduced in commit
5a80bd075f3b
("block: introduce block_io_start/block_io_done tracepoints").
Previously, the kprobe entry used for this purpose was quite unstable
and inherently broke relevant probes [1]. Now that a stable tracepoint
is available, this commit replaces the bio latency check with it.
One of the changes made during this replacement is the key used for the
hash table. Since 'struct request' cannot be used as a hash key, the
approach taken follows that which was implemented in bcc/biolatency [2].
(uses dev:sector for the key)
[1]: https://github.com/iovisor/bcc/issues/4261
[2]: https://github.com/iovisor/bcc/pull/4691
Fixes:
450b7879e345 ("block: move blk_account_io_{start,done} to blk-mq.c")
Signed-off-by: Daniel T. Lee <danieltimlee@gmail.com>
Link: https://lore.kernel.org/r/20230818090119.477441-7-danieltimlee@gmail.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Daniel T. Lee [Fri, 18 Aug 2023 09:01:15 +0000 (18:01 +0900)]
samples/bpf: make tracing programs to be more CO-RE centric
The existing tracing programs have been developed for a considerable
period of time and, as a result, do not properly incorporate the
features of the current libbpf, such as CO-RE. This is evident in
frequent usage of functions like PT_REGS* and the persistence of "hack"
methods using underscore-style bpf_probe_read_kernel from the past.
These programs are far behind the current level of libbpf and can
potentially confuse users. Therefore, this commit aims to convert the
outdated BPF programs to be more CO-RE centric.
Signed-off-by: Daniel T. Lee <danieltimlee@gmail.com>
Link: https://lore.kernel.org/r/20230818090119.477441-6-danieltimlee@gmail.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Daniel T. Lee [Fri, 18 Aug 2023 09:01:14 +0000 (18:01 +0900)]
samples/bpf: fix symbol mismatch by compiler optimization
Currently, multiple kprobe programs are suffering from symbol mismatch
due to compiler optimization. These optimizations might induce
additional suffix to the symbol name such as '.isra' or '.constprop'.
# egrep ' finish_task_switch| __netif_receive_skb_core' /proc/kallsyms
ffffffff81135e50 t finish_task_switch.isra.0
ffffffff81dd36d0 t __netif_receive_skb_core.constprop.0
ffffffff8205cc0e t finish_task_switch.isra.0.cold
ffffffff820b1aba t __netif_receive_skb_core.constprop.0.cold
To avoid this, this commit replaces the original kprobe section to
kprobe.multi in order to match symbol with wildcard characters. Here,
asterisk is used for avoiding symbol mismatch.
Signed-off-by: Daniel T. Lee <danieltimlee@gmail.com>
Link: https://lore.kernel.org/r/20230818090119.477441-5-danieltimlee@gmail.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Daniel T. Lee [Fri, 18 Aug 2023 09:01:13 +0000 (18:01 +0900)]
samples/bpf: unify bpf program suffix to .bpf with tracing programs
Currently, BPF programs typically have a suffix of .bpf.c. However,
some programs still utilize a mixture of _kern.c suffix alongside the
naming convention. In order to achieve consistency in the naming of
these programs, this commit unifies the inconsistency in the naming
convention of BPF kernel programs.
Signed-off-by: Daniel T. Lee <danieltimlee@gmail.com>
Link: https://lore.kernel.org/r/20230818090119.477441-4-danieltimlee@gmail.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Daniel T. Lee [Fri, 18 Aug 2023 09:01:12 +0000 (18:01 +0900)]
samples/bpf: convert to vmlinux.h with tracing programs
This commit replaces separate headers with a single vmlinux.h to
tracing programs. Thanks to that, we no longer need to define the
argument structure for tracing programs directly. For example, argument
for the sched_switch tracpepoint (sched_switch_args) can be replaced
with the vmlinux.h provided trace_event_raw_sched_switch.
Additional defines have been added to the BPF program either directly
or through the inclusion of net_shared.h. Defined values are
PERF_MAX_STACK_DEPTH, IFNAMSIZ constants and __stringify() macro. This
change enables the BPF program to access internal structures with BTF
generated "vmlinux.h" header.
Signed-off-by: Daniel T. Lee <danieltimlee@gmail.com>
Link: https://lore.kernel.org/r/20230818090119.477441-3-danieltimlee@gmail.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Daniel T. Lee [Fri, 18 Aug 2023 09:01:11 +0000 (18:01 +0900)]
samples/bpf: fix warning with ignored-attributes
Currently, compiling the bpf programs will result the warning with the
ignored attribute as follows. This commit fixes the warning by adding
cf-protection option.
In file included from ./arch/x86/include/asm/linkage.h:6:
./arch/x86/include/asm/ibt.h:77:8: warning: 'nocf_check' attribute ignored; use -fcf-protection to enable the attribute [-Wignored-attributes]
extern __noendbr u64 ibt_save(bool disable);
^
./arch/x86/include/asm/ibt.h:32:34: note: expanded from macro '__noendbr'
^
Signed-off-by: Daniel T. Lee <danieltimlee@gmail.com>
Link: https://lore.kernel.org/r/20230818090119.477441-2-danieltimlee@gmail.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Alexei Starovoitov [Mon, 21 Aug 2023 22:21:16 +0000 (15:21 -0700)]
Merge branch 'remove-unnecessary-synchronizations-in-cpumap'
Hou Tao says:
====================
Remove unnecessary synchronizations in cpumap
From: Hou Tao <houtao1@huawei.com>
Hi,
This is the formal patchset to remove unnecessary synchronizations in
cpu-map after address comments and collect Rvb tags from Toke
Høiland-Jørgensen (Big thanks to Toke). Patch #1 removes the unnecessary
rcu_barrier() when freeing bpf_cpu_map_entry and replaces it by
queue_rcu_work(). Patch #2 removes the unnecessary call_rcu() and
queue_work() when destroying cpu-map and does the freeing directly.
Test the patchset by using xdp_redirect_cpu and virtio-net. Both
xdp-mode and skb-mode have been exercised and no issues were reported.
As ususal, comments and suggestions are always welcome.
Change Log:
v1:
* address comments from Toke Høiland-Jørgensen
* add Rvb tags from Toke Høiland-Jørgensen
* update outdated comment in cpu_map_delete_elem()
RFC: https://lore.kernel.org/bpf/
20230728023030.1906124-1-houtao@huaweicloud.com
====================
Link: https://lore.kernel.org/r/20230816045959.358059-1-houtao@huaweicloud.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Hou Tao [Wed, 16 Aug 2023 04:59:58 +0000 (12:59 +0800)]
bpf, cpumask: Clean up bpf_cpu_map_entry directly in cpu_map_free
After synchronous_rcu(), both the dettached XDP program and
xdp_do_flush() are completed, and the only user of bpf_cpu_map_entry
will be cpu_map_kthread_run(), so instead of calling
__cpu_map_entry_replace() to stop kthread and cleanup entry after a RCU
grace period, do these things directly.
Signed-off-by: Hou Tao <houtao1@huawei.com>
Reviewed-by: Toke Høiland-Jørgensen <toke@redhat.com>
Link: https://lore.kernel.org/r/20230816045959.358059-3-houtao@huaweicloud.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Hou Tao [Wed, 16 Aug 2023 04:59:57 +0000 (12:59 +0800)]
bpf, cpumap: Use queue_rcu_work() to remove unnecessary rcu_barrier()
As for now __cpu_map_entry_replace() uses call_rcu() to wait for the
inflight xdp program to exit the RCU read critical section, and then
launch kworker cpu_map_kthread_stop() to call kthread_stop() to flush
all pending xdp frames or skbs.
But it is unnecessary to use rcu_barrier() in cpu_map_kthread_stop() to
wait for the completion of __cpu_map_entry_free(), because rcu_barrier()
will wait for all pending RCU callbacks and cpu_map_kthread_stop() only
needs to wait for the completion of a specific __cpu_map_entry_free().
So use queue_rcu_work() to replace call_rcu(), schedule_work() and
rcu_barrier(). queue_rcu_work() will queue a __cpu_map_entry_free()
kworker after a RCU grace period. Because __cpu_map_entry_free() is
running in a kworker context, so it is OK to do all of these freeing
procedures include kthread_stop() in it.
After the update, there is no need to do reference-counting for
bpf_cpu_map_entry, because bpf_cpu_map_entry is freed directly in
__cpu_map_entry_free(), so just remove it.
Signed-off-by: Hou Tao <houtao1@huawei.com>
Reviewed-by: Toke Høiland-Jørgensen <toke@redhat.com>
Link: https://lore.kernel.org/r/20230816045959.358059-2-houtao@huaweicloud.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Yonghong Song [Fri, 18 Aug 2023 17:43:12 +0000 (10:43 -0700)]
selftests/bpf: Fix a selftest compilation error
When building the kernel and selftest with clang compiler (llvm17 or llvm18),
I hit the following compilation failure:
In file included from progs/test_lwt_redirect.c:3:
In file included from /usr/include/linux/ip.h:21:
In file included from /usr/include/asm/byteorder.h:5:
In file included from /usr/include/linux/byteorder/little_endian.h:13:
/usr/include/linux/swab.h:136:8: error: unknown type name '__always_inline'
136 | static __always_inline unsigned long __swab(const unsigned long y)
| ^
/usr/include/linux/swab.h:171:8: error: unknown type name '__always_inline'
171 | static __always_inline __u16 __swab16p(const __u16 *p)
...
bpf_helpers.h file provided a definition for __always_inline.
Putting 'ip.h' after 'bpf_helpers.h' fixed the issue.
Fixes:
43a7c3ef8a15 ("selftests/bpf: Add lwt_xmit tests for BPF_REDIRECT")
Signed-off-by: Yonghong Song <yonghong.song@linux.dev>
Link: https://lore.kernel.org/r/20230818174312.1883381-1-yonghong.song@linux.dev
Signed-off-by: Martin KaFai Lau <martin.lau@kernel.org>
Dave Marchevsky [Thu, 17 Aug 2023 22:53:53 +0000 (15:53 -0700)]
selftests/bpf: Add CO-RE relocs kfunc flavors tests
This patch adds selftests that exercise kfunc flavor relocation
functionality added in the previous patch. The actual kfunc defined
in kernel/bpf/helpers.c is:
struct task_struct *bpf_task_acquire(struct task_struct *p)
The following relocation behaviors are checked:
struct task_struct *bpf_task_acquire___one(struct task_struct *name)
* Should succeed despite differing param name
struct task_struct *bpf_task_acquire___two(struct task_struct *p, void *ctx)
* Should fail because there is no two-param bpf_task_acquire
struct task_struct *bpf_task_acquire___three(void *ctx)
* Should fail because, despite vmlinux's bpf_task_acquire having one param,
the types don't match
Signed-off-by: Dave Marchevsky <davemarchevsky@fb.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: David Vernet <void@manifault.com>
Link: https://lore.kernel.org/bpf/20230817225353.2570845-2-davemarchevsky@fb.com
Dave Marchevsky [Thu, 17 Aug 2023 22:53:52 +0000 (15:53 -0700)]
libbpf: Support triple-underscore flavors for kfunc relocation
The function signature of kfuncs can change at any time due to their
intentional lack of stability guarantees. As kfuncs become more widely
used, BPF program writers will need facilities to support calling
different versions of a kfunc from a single BPF object. Consider this
simplified example based on a real scenario we ran into at Meta:
/* initial kfunc signature */
int some_kfunc(void *ptr)
/* Oops, we need to add some flag to modify behavior. No problem,
change the kfunc. flags = 0 retains original behavior */
int some_kfunc(void *ptr, long flags)
If the initial version of the kfunc is deployed on some portion of the
fleet and the new version on the rest, a fleetwide service that uses
some_kfunc will currently need to load different BPF programs depending
on which some_kfunc is available.
Luckily CO-RE provides a facility to solve a very similar problem,
struct definition changes, by allowing program writers to declare
my_struct___old and my_struct___new, with ___suffix being considered a
'flavor' of the non-suffixed name and being ignored by
bpf_core_type_exists and similar calls.
This patch extends the 'flavor' facility to the kfunc extern
relocation process. BPF program writers can now declare
extern int some_kfunc___old(void *ptr)
extern int some_kfunc___new(void *ptr, int flags)
then test which version of the kfunc exists with bpf_ksym_exists.
Relocation and verifier's dead code elimination will work in concert as
expected, allowing this pattern:
if (bpf_ksym_exists(some_kfunc___old))
some_kfunc___old(ptr);
else
some_kfunc___new(ptr, 0);
Signed-off-by: Dave Marchevsky <davemarchevsky@fb.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: David Vernet <void@manifault.com>
Acked-by: Jiri Olsa <jolsa@kernel.org>
Link: https://lore.kernel.org/bpf/20230817225353.2570845-1-davemarchevsky@fb.com
Helge Deller [Thu, 17 Aug 2023 22:02:40 +0000 (00:02 +0200)]
bpf/tests: Enhance output on error and fix typos
If a testcase returns a wrong (unexpected) value, print the expected and
returned value in hex notation in addition to the decimal notation.
This is very useful in tests which bit-shift hex values left or right and
helped me a lot while developing the JIT compiler for the hppa architecture.
Additionally fix two typos: dowrd -> dword, tall calls -> tail calls.
Signed-off-by: Helge Deller <deller@gmx.de>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Link: https://lore.kernel.org/bpf/ZN6ZAAVoWZpsD1Jf@p100
Yan Zhai [Fri, 18 Aug 2023 02:58:18 +0000 (19:58 -0700)]
selftests/bpf: Add lwt_xmit tests for BPF_REROUTE
There is no lwt test case for BPF_REROUTE yet. Add test cases for both
normal and abnormal situations. The abnormal situation is set up with an
fq qdisc on the reroute target device. Without proper fixes, overflow
this qdisc queue limit (to trigger a drop) would panic the kernel.
Signed-off-by: Yan Zhai <yan@cloudflare.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Link: https://lore.kernel.org/bpf/62c8ddc1e924269dcf80d2e8af1a1e632cee0b3a.1692326837.git.yan@cloudflare.com
Yan Zhai [Fri, 18 Aug 2023 02:58:16 +0000 (19:58 -0700)]
selftests/bpf: Add lwt_xmit tests for BPF_REDIRECT
There is no lwt_xmit test case for BPF_REDIRECT yet. Add test cases for
both normal and abnormal situations. For abnormal test cases, devices
are set down or have its carrier set down. Without proper fixes,
BPF_REDIRECT to either ingress or egress of such device would panic the
kernel.
Signed-off-by: Yan Zhai <yan@cloudflare.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Link: https://lore.kernel.org/bpf/96bf435243641939d9c9da329fab29cb45f7df22.1692326837.git.yan@cloudflare.com
Yan Zhai [Fri, 18 Aug 2023 02:58:14 +0000 (19:58 -0700)]
lwt: Check LWTUNNEL_XMIT_CONTINUE strictly
LWTUNNEL_XMIT_CONTINUE is implicitly assumed in ip(6)_finish_output2,
such that any positive return value from a xmit hook could cause
unexpected continue behavior, despite that related skb may have been
freed. This could be error-prone for future xmit hook ops. One of the
possible errors is to return statuses of dst_output directly.
To make the code safer, redefine LWTUNNEL_XMIT_CONTINUE value to
distinguish from dst_output statuses and check the continue
condition explicitly.
Fixes:
3a0af8fd61f9 ("bpf: BPF for lightweight tunnel infrastructure")
Suggested-by: Dan Carpenter <dan.carpenter@linaro.org>
Signed-off-by: Yan Zhai <yan@cloudflare.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Link: https://lore.kernel.org/bpf/96b939b85eda00e8df4f7c080f770970a4c5f698.1692326837.git.yan@cloudflare.com
Yan Zhai [Fri, 18 Aug 2023 02:58:11 +0000 (19:58 -0700)]
lwt: Fix return values of BPF xmit ops
BPF encap ops can return different types of positive values, such like
NET_RX_DROP, NET_XMIT_CN, NETDEV_TX_BUSY, and so on, from function
skb_do_redirect and bpf_lwt_xmit_reroute. At the xmit hook, such return
values would be treated implicitly as LWTUNNEL_XMIT_CONTINUE in
ip(6)_finish_output2. When this happens, skbs that have been freed would
continue to the neighbor subsystem, causing use-after-free bug and
kernel crashes.
To fix the incorrect behavior, skb_do_redirect return values can be
simply discarded, the same as tc-egress behavior. On the other hand,
bpf_lwt_xmit_reroute returns useful errors to local senders, e.g. PMTU
information. Thus convert its return values to avoid the conflict with
LWTUNNEL_XMIT_CONTINUE.
Fixes:
3a0af8fd61f9 ("bpf: BPF for lightweight tunnel infrastructure")
Reported-by: Jordan Griege <jgriege@cloudflare.com>
Suggested-by: Martin KaFai Lau <martin.lau@linux.dev>
Suggested-by: Stanislav Fomichev <sdf@google.com>
Signed-off-by: Yan Zhai <yan@cloudflare.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Link: https://lore.kernel.org/bpf/0d2b878186cfe215fec6b45769c1cd0591d3628d.1692326837.git.yan@cloudflare.com
Xu Kuohai [Tue, 15 Aug 2023 15:41:58 +0000 (11:41 -0400)]
selftests/bpf: Enable cpu v4 tests for arm64
Enable CPU v4 instruction tests for arm64. Below are the test results from
BPF test_progs selftests:
# ./test_progs -t ldsx_insn,verifier_sdiv,verifier_movsx,verifier_ldsx,verifier_gotol,verifier_bswap
#115/1 ldsx_insn/map_val and probed_memory:OK
#115/2 ldsx_insn/ctx_member_sign_ext:OK
#115/3 ldsx_insn/ctx_member_narrow_sign_ext:OK
#115 ldsx_insn:OK
#302/1 verifier_bswap/BSWAP, 16:OK
#302/2 verifier_bswap/BSWAP, 16 @unpriv:OK
#302/3 verifier_bswap/BSWAP, 32:OK
#302/4 verifier_bswap/BSWAP, 32 @unpriv:OK
#302/5 verifier_bswap/BSWAP, 64:OK
#302/6 verifier_bswap/BSWAP, 64 @unpriv:OK
#302 verifier_bswap:OK
#316/1 verifier_gotol/gotol, small_imm:OK
#316/2 verifier_gotol/gotol, small_imm @unpriv:OK
#316 verifier_gotol:OK
#324/1 verifier_ldsx/LDSX, S8:OK
#324/2 verifier_ldsx/LDSX, S8 @unpriv:OK
#324/3 verifier_ldsx/LDSX, S16:OK
#324/4 verifier_ldsx/LDSX, S16 @unpriv:OK
#324/5 verifier_ldsx/LDSX, S32:OK
#324/6 verifier_ldsx/LDSX, S32 @unpriv:OK
#324/7 verifier_ldsx/LDSX, S8 range checking, privileged:OK
#324/8 verifier_ldsx/LDSX, S16 range checking:OK
#324/9 verifier_ldsx/LDSX, S16 range checking @unpriv:OK
#324/10 verifier_ldsx/LDSX, S32 range checking:OK
#324/11 verifier_ldsx/LDSX, S32 range checking @unpriv:OK
#324 verifier_ldsx:OK
#335/1 verifier_movsx/MOV32SX, S8:OK
#335/2 verifier_movsx/MOV32SX, S8 @unpriv:OK
#335/3 verifier_movsx/MOV32SX, S16:OK
#335/4 verifier_movsx/MOV32SX, S16 @unpriv:OK
#335/5 verifier_movsx/MOV64SX, S8:OK
#335/6 verifier_movsx/MOV64SX, S8 @unpriv:OK
#335/7 verifier_movsx/MOV64SX, S16:OK
#335/8 verifier_movsx/MOV64SX, S16 @unpriv:OK
#335/9 verifier_movsx/MOV64SX, S32:OK
#335/10 verifier_movsx/MOV64SX, S32 @unpriv:OK
#335/11 verifier_movsx/MOV32SX, S8, range_check:OK
#335/12 verifier_movsx/MOV32SX, S8, range_check @unpriv:OK
#335/13 verifier_movsx/MOV32SX, S16, range_check:OK
#335/14 verifier_movsx/MOV32SX, S16, range_check @unpriv:OK
#335/15 verifier_movsx/MOV32SX, S16, range_check 2:OK
#335/16 verifier_movsx/MOV32SX, S16, range_check 2 @unpriv:OK
#335/17 verifier_movsx/MOV64SX, S8, range_check:OK
#335/18 verifier_movsx/MOV64SX, S8, range_check @unpriv:OK
#335/19 verifier_movsx/MOV64SX, S16, range_check:OK
#335/20 verifier_movsx/MOV64SX, S16, range_check @unpriv:OK
#335/21 verifier_movsx/MOV64SX, S32, range_check:OK
#335/22 verifier_movsx/MOV64SX, S32, range_check @unpriv:OK
#335/23 verifier_movsx/MOV64SX, S16, R10 Sign Extension:OK
#335/24 verifier_movsx/MOV64SX, S16, R10 Sign Extension @unpriv:OK
#335 verifier_movsx:OK
#347/1 verifier_sdiv/SDIV32, non-zero imm divisor, check 1:OK
#347/2 verifier_sdiv/SDIV32, non-zero imm divisor, check 1 @unpriv:OK
#347/3 verifier_sdiv/SDIV32, non-zero imm divisor, check 2:OK
#347/4 verifier_sdiv/SDIV32, non-zero imm divisor, check 2 @unpriv:OK
#347/5 verifier_sdiv/SDIV32, non-zero imm divisor, check 3:OK
#347/6 verifier_sdiv/SDIV32, non-zero imm divisor, check 3 @unpriv:OK
#347/7 verifier_sdiv/SDIV32, non-zero imm divisor, check 4:OK
#347/8 verifier_sdiv/SDIV32, non-zero imm divisor, check 4 @unpriv:OK
#347/9 verifier_sdiv/SDIV32, non-zero imm divisor, check 5:OK
#347/10 verifier_sdiv/SDIV32, non-zero imm divisor, check 5 @unpriv:OK
#347/11 verifier_sdiv/SDIV32, non-zero imm divisor, check 6:OK
#347/12 verifier_sdiv/SDIV32, non-zero imm divisor, check 6 @unpriv:OK
#347/13 verifier_sdiv/SDIV32, non-zero imm divisor, check 7:OK
#347/14 verifier_sdiv/SDIV32, non-zero imm divisor, check 7 @unpriv:OK
#347/15 verifier_sdiv/SDIV32, non-zero imm divisor, check 8:OK
#347/16 verifier_sdiv/SDIV32, non-zero imm divisor, check 8 @unpriv:OK
#347/17 verifier_sdiv/SDIV32, non-zero reg divisor, check 1:OK
#347/18 verifier_sdiv/SDIV32, non-zero reg divisor, check 1 @unpriv:OK
#347/19 verifier_sdiv/SDIV32, non-zero reg divisor, check 2:OK
#347/20 verifier_sdiv/SDIV32, non-zero reg divisor, check 2 @unpriv:OK
#347/21 verifier_sdiv/SDIV32, non-zero reg divisor, check 3:OK
#347/22 verifier_sdiv/SDIV32, non-zero reg divisor, check 3 @unpriv:OK
#347/23 verifier_sdiv/SDIV32, non-zero reg divisor, check 4:OK
#347/24 verifier_sdiv/SDIV32, non-zero reg divisor, check 4 @unpriv:OK
#347/25 verifier_sdiv/SDIV32, non-zero reg divisor, check 5:OK
#347/26 verifier_sdiv/SDIV32, non-zero reg divisor, check 5 @unpriv:OK
#347/27 verifier_sdiv/SDIV32, non-zero reg divisor, check 6:OK
#347/28 verifier_sdiv/SDIV32, non-zero reg divisor, check 6 @unpriv:OK
#347/29 verifier_sdiv/SDIV32, non-zero reg divisor, check 7:OK
#347/30 verifier_sdiv/SDIV32, non-zero reg divisor, check 7 @unpriv:OK
#347/31 verifier_sdiv/SDIV32, non-zero reg divisor, check 8:OK
#347/32 verifier_sdiv/SDIV32, non-zero reg divisor, check 8 @unpriv:OK
#347/33 verifier_sdiv/SDIV64, non-zero imm divisor, check 1:OK
#347/34 verifier_sdiv/SDIV64, non-zero imm divisor, check 1 @unpriv:OK
#347/35 verifier_sdiv/SDIV64, non-zero imm divisor, check 2:OK
#347/36 verifier_sdiv/SDIV64, non-zero imm divisor, check 2 @unpriv:OK
#347/37 verifier_sdiv/SDIV64, non-zero imm divisor, check 3:OK
#347/38 verifier_sdiv/SDIV64, non-zero imm divisor, check 3 @unpriv:OK
#347/39 verifier_sdiv/SDIV64, non-zero imm divisor, check 4:OK
#347/40 verifier_sdiv/SDIV64, non-zero imm divisor, check 4 @unpriv:OK
#347/41 verifier_sdiv/SDIV64, non-zero imm divisor, check 5:OK
#347/42 verifier_sdiv/SDIV64, non-zero imm divisor, check 5 @unpriv:OK
#347/43 verifier_sdiv/SDIV64, non-zero imm divisor, check 6:OK
#347/44 verifier_sdiv/SDIV64, non-zero imm divisor, check 6 @unpriv:OK
#347/45 verifier_sdiv/SDIV64, non-zero reg divisor, check 1:OK
#347/46 verifier_sdiv/SDIV64, non-zero reg divisor, check 1 @unpriv:OK
#347/47 verifier_sdiv/SDIV64, non-zero reg divisor, check 2:OK
#347/48 verifier_sdiv/SDIV64, non-zero reg divisor, check 2 @unpriv:OK
#347/49 verifier_sdiv/SDIV64, non-zero reg divisor, check 3:OK
#347/50 verifier_sdiv/SDIV64, non-zero reg divisor, check 3 @unpriv:OK
#347/51 verifier_sdiv/SDIV64, non-zero reg divisor, check 4:OK
#347/52 verifier_sdiv/SDIV64, non-zero reg divisor, check 4 @unpriv:OK
#347/53 verifier_sdiv/SDIV64, non-zero reg divisor, check 5:OK
#347/54 verifier_sdiv/SDIV64, non-zero reg divisor, check 5 @unpriv:OK
#347/55 verifier_sdiv/SDIV64, non-zero reg divisor, check 6:OK
#347/56 verifier_sdiv/SDIV64, non-zero reg divisor, check 6 @unpriv:OK
#347/57 verifier_sdiv/SMOD32, non-zero imm divisor, check 1:OK
#347/58 verifier_sdiv/SMOD32, non-zero imm divisor, check 1 @unpriv:OK
#347/59 verifier_sdiv/SMOD32, non-zero imm divisor, check 2:OK
#347/60 verifier_sdiv/SMOD32, non-zero imm divisor, check 2 @unpriv:OK
#347/61 verifier_sdiv/SMOD32, non-zero imm divisor, check 3:OK
#347/62 verifier_sdiv/SMOD32, non-zero imm divisor, check 3 @unpriv:OK
#347/63 verifier_sdiv/SMOD32, non-zero imm divisor, check 4:OK
#347/64 verifier_sdiv/SMOD32, non-zero imm divisor, check 4 @unpriv:OK
#347/65 verifier_sdiv/SMOD32, non-zero imm divisor, check 5:OK
#347/66 verifier_sdiv/SMOD32, non-zero imm divisor, check 5 @unpriv:OK
#347/67 verifier_sdiv/SMOD32, non-zero imm divisor, check 6:OK
#347/68 verifier_sdiv/SMOD32, non-zero imm divisor, check 6 @unpriv:OK
#347/69 verifier_sdiv/SMOD32, non-zero reg divisor, check 1:OK
#347/70 verifier_sdiv/SMOD32, non-zero reg divisor, check 1 @unpriv:OK
#347/71 verifier_sdiv/SMOD32, non-zero reg divisor, check 2:OK
#347/72 verifier_sdiv/SMOD32, non-zero reg divisor, check 2 @unpriv:OK
#347/73 verifier_sdiv/SMOD32, non-zero reg divisor, check 3:OK
#347/74 verifier_sdiv/SMOD32, non-zero reg divisor, check 3 @unpriv:OK
#347/75 verifier_sdiv/SMOD32, non-zero reg divisor, check 4:OK
#347/76 verifier_sdiv/SMOD32, non-zero reg divisor, check 4 @unpriv:OK
#347/77 verifier_sdiv/SMOD32, non-zero reg divisor, check 5:OK
#347/78 verifier_sdiv/SMOD32, non-zero reg divisor, check 5 @unpriv:OK
#347/79 verifier_sdiv/SMOD32, non-zero reg divisor, check 6:OK
#347/80 verifier_sdiv/SMOD32, non-zero reg divisor, check 6 @unpriv:OK
#347/81 verifier_sdiv/SMOD64, non-zero imm divisor, check 1:OK
#347/82 verifier_sdiv/SMOD64, non-zero imm divisor, check 1 @unpriv:OK
#347/83 verifier_sdiv/SMOD64, non-zero imm divisor, check 2:OK
#347/84 verifier_sdiv/SMOD64, non-zero imm divisor, check 2 @unpriv:OK
#347/85 verifier_sdiv/SMOD64, non-zero imm divisor, check 3:OK
#347/86 verifier_sdiv/SMOD64, non-zero imm divisor, check 3 @unpriv:OK
#347/87 verifier_sdiv/SMOD64, non-zero imm divisor, check 4:OK
#347/88 verifier_sdiv/SMOD64, non-zero imm divisor, check 4 @unpriv:OK
#347/89 verifier_sdiv/SMOD64, non-zero imm divisor, check 5:OK
#347/90 verifier_sdiv/SMOD64, non-zero imm divisor, check 5 @unpriv:OK
#347/91 verifier_sdiv/SMOD64, non-zero imm divisor, check 6:OK
#347/92 verifier_sdiv/SMOD64, non-zero imm divisor, check 6 @unpriv:OK
#347/93 verifier_sdiv/SMOD64, non-zero imm divisor, check 7:OK
#347/94 verifier_sdiv/SMOD64, non-zero imm divisor, check 7 @unpriv:OK
#347/95 verifier_sdiv/SMOD64, non-zero imm divisor, check 8:OK
#347/96 verifier_sdiv/SMOD64, non-zero imm divisor, check 8 @unpriv:OK
#347/97 verifier_sdiv/SMOD64, non-zero reg divisor, check 1:OK
#347/98 verifier_sdiv/SMOD64, non-zero reg divisor, check 1 @unpriv:OK
#347/99 verifier_sdiv/SMOD64, non-zero reg divisor, check 2:OK
#347/100 verifier_sdiv/SMOD64, non-zero reg divisor, check 2 @unpriv:OK
#347/101 verifier_sdiv/SMOD64, non-zero reg divisor, check 3:OK
#347/102 verifier_sdiv/SMOD64, non-zero reg divisor, check 3 @unpriv:OK
#347/103 verifier_sdiv/SMOD64, non-zero reg divisor, check 4:OK
#347/104 verifier_sdiv/SMOD64, non-zero reg divisor, check 4 @unpriv:OK
#347/105 verifier_sdiv/SMOD64, non-zero reg divisor, check 5:OK
#347/106 verifier_sdiv/SMOD64, non-zero reg divisor, check 5 @unpriv:OK
#347/107 verifier_sdiv/SMOD64, non-zero reg divisor, check 6:OK
#347/108 verifier_sdiv/SMOD64, non-zero reg divisor, check 6 @unpriv:OK
#347/109 verifier_sdiv/SMOD64, non-zero reg divisor, check 7:OK
#347/110 verifier_sdiv/SMOD64, non-zero reg divisor, check 7 @unpriv:OK
#347/111 verifier_sdiv/SMOD64, non-zero reg divisor, check 8:OK
#347/112 verifier_sdiv/SMOD64, non-zero reg divisor, check 8 @unpriv:OK
#347/113 verifier_sdiv/SDIV32, zero divisor:OK
#347/114 verifier_sdiv/SDIV32, zero divisor @unpriv:OK
#347/115 verifier_sdiv/SDIV64, zero divisor:OK
#347/116 verifier_sdiv/SDIV64, zero divisor @unpriv:OK
#347/117 verifier_sdiv/SMOD32, zero divisor:OK
#347/118 verifier_sdiv/SMOD32, zero divisor @unpriv:OK
#347/119 verifier_sdiv/SMOD64, zero divisor:OK
#347/120 verifier_sdiv/SMOD64, zero divisor @unpriv:OK
#347 verifier_sdiv:OK
Summary: 6/166 PASSED, 0 SKIPPED, 0 FAILED
Signed-off-by: Xu Kuohai <xukuohai@huawei.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Tested-by: Florent Revest <revest@chromium.org>
Acked-by: Yonghong Song <yonghong.song@linux.dev>
Acked-by: Florent Revest <revest@chromium.org>
Link: https://lore.kernel.org/bpf/20230815154158.717901-8-xukuohai@huaweicloud.com
Xu Kuohai [Tue, 15 Aug 2023 15:41:57 +0000 (11:41 -0400)]
bpf, arm64: Support signed div/mod instructions
Add JIT for signed div/mod instructions.
Signed-off-by: Xu Kuohai <xukuohai@huawei.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Tested-by: Florent Revest <revest@chromium.org>
Acked-by: Florent Revest <revest@chromium.org>
Link: https://lore.kernel.org/bpf/20230815154158.717901-7-xukuohai@huaweicloud.com
Xu Kuohai [Tue, 15 Aug 2023 15:41:56 +0000 (11:41 -0400)]
bpf, arm64: Support 32-bit offset jmp instruction
Add support for 32-bit offset jmp instructions. Given the arm64 direct jump
range is +-128MB, which is large enough for BPF prog, jumps beyond this range
are not supported.
Signed-off-by: Xu Kuohai <xukuohai@huawei.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Tested-by: Florent Revest <revest@chromium.org>
Acked-by: Florent Revest <revest@chromium.org>
Link: https://lore.kernel.org/bpf/20230815154158.717901-6-xukuohai@huaweicloud.com
Xu Kuohai [Tue, 15 Aug 2023 15:41:55 +0000 (11:41 -0400)]
bpf, arm64: Support unconditional bswap
Add JIT support for unconditional bswap instructions.
Signed-off-by: Xu Kuohai <xukuohai@huawei.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Tested-by: Florent Revest <revest@chromium.org>
Acked-by: Florent Revest <revest@chromium.org>
Link: https://lore.kernel.org/bpf/20230815154158.717901-5-xukuohai@huaweicloud.com
Xu Kuohai [Tue, 15 Aug 2023 15:41:54 +0000 (11:41 -0400)]
bpf, arm64: Support sign-extension mov instructions
Add JIT support for BPF sign-extension mov instructions with arm64
SXTB/SXTH/SXTW instructions.
Signed-off-by: Xu Kuohai <xukuohai@huawei.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Tested-by: Florent Revest <revest@chromium.org>
Acked-by: Florent Revest <revest@chromium.org>
Link: https://lore.kernel.org/bpf/20230815154158.717901-4-xukuohai@huaweicloud.com
Xu Kuohai [Tue, 15 Aug 2023 15:41:53 +0000 (11:41 -0400)]
bpf, arm64: Support sign-extension load instructions
Add JIT support for sign-extension load instructions.
Signed-off-by: Xu Kuohai <xukuohai@huawei.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Tested-by: Florent Revest <revest@chromium.org>
Acked-by: Florent Revest <revest@chromium.org>
Link: https://lore.kernel.org/bpf/20230815154158.717901-3-xukuohai@huaweicloud.com
Xu Kuohai [Tue, 15 Aug 2023 15:41:52 +0000 (11:41 -0400)]
arm64: insn: Add encoders for LDRSB/LDRSH/LDRSW
To support BPF sign-extend load instructions, add encoders for
LDRSB/LDRSH/LDRSW.
LDRSB/LDRSH/LDRSW (immediate) is encoded as follows:
3 2 2 2 2 1 0 0
0 7 6 4 2 0 5 0
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| sz|1 1 1|0|0 1|opc| imm12 | Rn | Rt |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
LDRSB/LDRSH/LDRSW (register) is encoded as follows:
3 2 2 2 2 2 1 1 1 1 0 0
0 7 6 4 2 1 6 3 2 0 5 0
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| sz|1 1 1|0|0 0|opc|1| Rm | opt |S|1 0| Rn | Rt |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
where:
- sz
indicates whether 8-bit, 16-bit or 32-bit data is to be loaded
- opc
opc[1] (bit 23) is always 1 and opc[0] == 1 indicates regsize
is 32-bit. Since BPF signed load instructions always exend the
sign bit to bit 63 regardless of whether it loads an 8-bit,
16-bit or 32-bit data. So only 64-bit register size is required.
That is, it's sufficient to set field opc fixed to 0x2.
- opt
Indicates whether to sign extend the offset register Rm and the
effective bits of Rm. We set opt to 0x7 (SXTX) since we'll use
Rm as a sgined 64-bit value in BPF.
- S
Optional only when opt field is 0x3 (LSL)
In short, the above fields are encoded to the values listed below.
sz opc opt S
LDRSB (immediate) 0x0 0x2 na na
LDRSH (immediate) 0x1 0x2 na na
LDRSW (immediate) 0x2 0x2 na na
LDRSB (register) 0x0 0x2 0x7 0
LDRSH (register) 0x1 0x2 0x7 0
LDRSW (register) 0x2 0x2 0x7 0
Signed-off-by: Xu Kuohai <xukuohai@huawei.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Tested-by: Florent Revest <revest@chromium.org>
Acked-by: Florent Revest <revest@chromium.org>
Link: https://lore.kernel.org/bpf/20230815154158.717901-2-xukuohai@huaweicloud.com
Jakub Kicinski [Fri, 18 Aug 2023 02:25:44 +0000 (19:25 -0700)]
Merge branch 'netconsole-enable-compile-time-configuration'
Breno Leitao says:
====================
netconsole: Enable compile time configuration
Enable netconsole features to be set at compilation time. Create two
Kconfig options that allow users to set extended logs and release
prepending features at compilation time.
The first patch de-duplicates the initialization code, and the second
patch adds the support in the de-duplicated code, avoiding touching two
different functions with the same change.
====================
Link: https://lore.kernel.org/r/20230811093158.1678322-1-leitao@debian.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Breno Leitao [Fri, 11 Aug 2023 09:31:58 +0000 (02:31 -0700)]
netconsole: Enable compile time configuration
Enable netconsole features to be set at compilation time. Create two
Kconfig options that allow users to set extended logs and release
prepending features at compilation time.
Right now, the user needs to pass command line parameters to netconsole,
such as "+"/"r" to enable extended logs and version prepending features.
With these two options, the user could set the default values for the
features at compile time, and don't need to pass it in the command line
to get them enabled, simplifying the command line.
Signed-off-by: Breno Leitao <leitao@debian.org>
Reviewed-by: Simon Horman <horms@kernel.org>
Link: https://lore.kernel.org/r/20230811093158.1678322-3-leitao@debian.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Breno Leitao [Fri, 11 Aug 2023 09:31:57 +0000 (02:31 -0700)]
netconsole: Create a allocation helper
De-duplicate the initialization and allocation code for struct
netconsole_target.
The same allocation and initialization code is duplicated in two
different places in the netconsole subsystem, when the netconsole target
is initialized by command line parameters (alloc_param_target()), and
dynamically by sysfs (make_netconsole_target()).
Create a helper function, and call it from the two different functions.
Suggested-by: Eric Dumazet <edumazet@google.com>
Signed-off-by: Breno Leitao <leitao@debian.org>
Reviewed-by: Simon Horman <horms@kernel.org>
Link: https://lore.kernel.org/r/20230811093158.1678322-2-leitao@debian.org
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Justin Stitt [Tue, 15 Aug 2023 20:35:59 +0000 (20:35 +0000)]
net: mdio: fix -Wvoid-pointer-to-enum-cast warning
When building with clang 18 I see the following warning:
| drivers/net/mdio/mdio-xgene.c:338:13: warning: cast to smaller integer
| type 'enum xgene_mdio_id' from 'const void *' [-Wvoid-pointer-to-enum-cast]
| 338 | mdio_id = (enum xgene_mdio_id)of_id->data;
This is due to the fact that `of_id->data` is a void* while `enum
xgene_mdio_id` has the size of an int. This leads to truncation and
possible data loss.
Link: https://github.com/ClangBuiltLinux/linux/issues/1910
Reported-by: Nathan Chancellor <nathan@kernel.org>
Signed-off-by: Justin Stitt <justinstitt@google.com>
Reviewed-by: Andrew Lunn <andrew@lunn.ch>
Reviewed-by: Russell King (Oracle) <rmk+kernel@armlinux.org.uk>
Link: https://lore.kernel.org/r/20230815-void-drivers-net-mdio-mdio-xgene-v1-1-5304342e0659@google.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Jakub Kicinski [Fri, 18 Aug 2023 02:15:07 +0000 (19:15 -0700)]
Merge branch 'netem-use-a-seeded-prng-for-loss-and-corruption-events'
François Michel says:
====================
netem: use a seeded PRNG for loss and corruption events
In order to reproduce bugs or performance evaluation of
network protocols and applications, it is useful to have
reproducible test suites and tools. This patch adds
a way to specify a PRNG seed through the
TCA_NETEM_PRNG_SEED attribute for generating netem
loss and corruption events. Initializing the qdisc
with the same seed leads to the exact same loss
and corruption patterns. If no seed is explicitly
specified, the qdisc generates a random seed using
get_random_u64().
This patch can be and has been tested using tc from
the following iproute2-next fork:
https://github.com/francoismichel/iproute2-next
For instance, setting the seed
42424242 on the loopback
with a loss rate of 10% will systematically drop the 5th,
12th and 24th packet when sending 25 packets.
====================
Link: https://lore.kernel.org/r/20230815092348.1449179-1-francois.michel@uclouvain.be
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
François Michel [Tue, 15 Aug 2023 09:23:40 +0000 (11:23 +0200)]
netem: use seeded PRNG for correlated loss events
Use prandom_u32_state() instead of get_random_u32() to generate
the correlated loss events of netem.
Signed-off-by: François Michel <francois.michel@uclouvain.be>
Reviewed-by: Simon Horman <horms@kernel.org>
Acked-by: Stephen Hemminger <stephen@networkplumber.org>
Link: https://lore.kernel.org/r/20230815092348.1449179-4-francois.michel@uclouvain.be
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
François Michel [Tue, 15 Aug 2023 09:23:39 +0000 (11:23 +0200)]
netem: use a seeded PRNG for generating random losses
Use prandom_u32_state() instead of get_random_u32() to generate
the random loss events of netem. The state of the prng is part
of the prng attribute of struct netem_sched_data.
Signed-off-by: François Michel <francois.michel@uclouvain.be>
Reviewed-by: Simon Horman <horms@kernel.org>
Acked-by: Stephen Hemminger <stephen@networkplumber.org>
Link: https://lore.kernel.org/r/20230815092348.1449179-3-francois.michel@uclouvain.be
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
François Michel [Tue, 15 Aug 2023 09:23:38 +0000 (11:23 +0200)]
netem: add prng attribute to netem_sched_data
Add prng attribute to struct netem_sched_data and
allows setting the seed of the PRNG through netlink
using the new TCA_NETEM_PRNG_SEED attribute.
The PRNG attribute is not actually used yet.
Signed-off-by: François Michel <francois.michel@uclouvain.be>
Reviewed-by: Simon Horman <horms@kernel.org>
Acked-by: Stephen Hemminger <stephen@networkplumber.org>
Link: https://lore.kernel.org/r/20230815092348.1449179-2-francois.michel@uclouvain.be
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Jialin Zhang [Tue, 15 Aug 2023 02:42:48 +0000 (10:42 +0800)]
net: ena: Use pci_dev_id() to simplify the code
PCI core API pci_dev_id() can be used to get the BDF number for a pci
device. We don't need to compose it manually. Use pci_dev_id() to
simplify the code a little bit.
Signed-off-by: Jialin Zhang <zhangjialin11@huawei.com>
Reviewed-by: Leon Romanovsky <leonro@nvidia.com>
Reviewed-by: Shay Agroskin <shayagr@amazon.com>
Link: https://lore.kernel.org/r/20230815024248.3519068-1-zhangjialin11@huawei.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
Ziyang Xuan [Mon, 14 Aug 2023 08:30:00 +0000 (16:30 +0800)]
tun: add __exit annotations to module exit func tun_cleanup()
Add missing __exit annotations to module exit func tun_cleanup().
Signed-off-by: Ziyang Xuan <william.xuanziyang@huawei.com>
Reviewed-by: Leon Romanovsky <leonro@nvidia.com>
Link: https://lore.kernel.org/r/20230814083000.3893589-1-william.xuanziyang@huawei.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
projects / platform / kernel / linux-rpi.git / log