From patchwork Mon Jun 10 23:08:46 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexei Starovoitov X-Patchwork-Id: 13692538 X-Patchwork-Delegate: bpf@iogearbox.net Received: from mail-pg1-f180.google.com (mail-pg1-f180.google.com [209.85.215.180]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 817CC1BC39 for ; Mon, 10 Jun 2024 23:08:58 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.180 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1718060939; cv=none; b=JanImY7giBrZP/8w6wZNgcYhS8jMuRUmkh96Gur9z8AWzknsvC58tLeAITCNiDO+fTI9SDNqP1xAjh//51Yp3IKgQFL2WTqoPN7ANm2EtRkh6aGB6YPecbb/cz7njbneLOHVIPVdugftBKV/fCWRFnTgpB1WaYfYjGoxaS4Yo34= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1718060939; c=relaxed/simple; bh=cWQp9cpnIT6yOcrplMnFHgtQrgk7m+NU3FJ2xhMV748=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=NINfVaWd634GASPfAvnW1zyTH+nU4HGLPyRgXOC+CBqneatZ3q6QpvXNRpU4L1iktJb4HA8BR2xFd0YstQhPRLSnmG6pfI6OKQrRCgOUaKQ25Z3/xpcZ3pOHxAMPmwpFyyphouZdki4YWmz3HyB2DIUo7nrD//a5lwurBm00V6c= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=NLYTfxyX; arc=none smtp.client-ip=209.85.215.180 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="NLYTfxyX" Received: by mail-pg1-f180.google.com with SMTP id 41be03b00d2f7-6e7e23b42c3so1763904a12.1 for ; Mon, 10 Jun 2024 16:08:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1718060937; x=1718665737; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=wVntBV37zIxUp8fMqU7jbR4MhrS6IWwAY/8pSVV5tCI=; b=NLYTfxyXvdi6lvs1gveEVqrOboOZuMDulcyjbP+xscI2CFwkJvUczxCrKqF5NDgh1r 8o/H78ZZhJbWl9VIFhqwSrXxms7FFvLu+uskkzTEAOMTX1ZRtcdDc4b0AzoA3gE1PKQU XegwdjcPC9k5ZlAGLdwU4i7HH00EJUjcYdkLZDW5Cr97rKQOPqrOip+IfBy3xiyYD1G2 o9BrwppXez6ZKXLDlSOrP5xDqfrQgdTitfj7d/wyDWuKPzchYcJjNxA4+tqrWO90PqlB 9jQ18wXnxo7dvPNeVK+0Hvq1jkhPgFjmdCSXMiaeWT/LeB+dJKZ7f8PhvAAJs3SIg9I2 plKA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1718060937; x=1718665737; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=wVntBV37zIxUp8fMqU7jbR4MhrS6IWwAY/8pSVV5tCI=; b=MLSvMWf8+xaM0FIsCjIfZucaGuW5PPvSWkFdbP81vpSiVUTK6Rx03F1A2wSpdBx8Fs zU8D4/+hLWx7+iE51euwW0y1IgX7OZzt+E6ol3BzG0oWSTbwACO0yo2Is3cqUm+t10Uj TLu51vUnpw1cmMecrnWaPOBj1dK6I4A6laweI2Vi9omhX/NNTt4AMCtWwTOw/qfXY2EC Sonra57sl2NTQj5/bZTZQ5qQa4jbOa3ANSS36pGmPeAnv7JEuq12OGq1sGDlmUWwcgLD KTLakSV3PCQn283QqPK9ULMnkOnDfKvUpGSYhZ6MVpvsm45oyPIFvQMWqb5X9vY+/VeA pX5A== X-Gm-Message-State: AOJu0Yz2qAKhEXNnRg71zYXE38vwm7jEutPhtNS+Qsw/rNs+K7Eg/Lxd oBNZqizVSuP/zehNnLbGOgCest/u7OqRHs6vJdTrugR7vhPOB5bf+jS1qQ== X-Google-Smtp-Source: AGHT+IHoXjDDg3lx16qrVwcoOBRnYD+gPwoXKVOgrdJit4z2gVOhEx9+CpFUJQKKj1Dcg7ifUgJyEw== X-Received: by 2002:a17:902:fc50:b0:1f6:828e:8683 with SMTP id d9443c01a7336-1f6d0313772mr118894975ad.41.1718060936877; Mon, 10 Jun 2024 16:08:56 -0700 (PDT) Received: from localhost.localdomain ([2620:10d:c090:400::5:cfaa]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1f71b597072sm18447105ad.99.2024.06.10.16.08.55 (version=TLS1_3 cipher=TLS_CHACHA20_POLY1305_SHA256 bits=256/256); Mon, 10 Jun 2024 16:08:56 -0700 (PDT) From: Alexei Starovoitov To: bpf@vger.kernel.org Cc: daniel@iogearbox.net, andrii@kernel.org, martin.lau@kernel.org, memxor@gmail.com, eddyz87@gmail.com, kernel-team@fb.com Subject: [PATCH v2 bpf-next 1/4] bpf: Relax tuple len requirement for sk helpers. Date: Mon, 10 Jun 2024 16:08:46 -0700 Message-Id: <20240610230849.80820-2-alexei.starovoitov@gmail.com> X-Mailer: git-send-email 2.39.3 (Apple Git-146) In-Reply-To: <20240610230849.80820-1-alexei.starovoitov@gmail.com> References: <20240610230849.80820-1-alexei.starovoitov@gmail.com> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: bpf@iogearbox.net From: Alexei Starovoitov __bpf_skc_lookup() safely handles incorrect values of tuple len, hence we can allow zero to be passed as tuple len. This patch alone doesn't make an observable verifier difference. It's a trivial improvement that might simplify bpf programs. Signed-off-by: Alexei Starovoitov Acked-by: Eduard Zingerman --- net/core/filter.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/net/core/filter.c b/net/core/filter.c index 7c46ecba3b01..cb133232a887 100644 --- a/net/core/filter.c +++ b/net/core/filter.c @@ -6815,7 +6815,7 @@ static const struct bpf_func_proto bpf_skc_lookup_tcp_proto = { .ret_type = RET_PTR_TO_SOCK_COMMON_OR_NULL, .arg1_type = ARG_PTR_TO_CTX, .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY, - .arg3_type = ARG_CONST_SIZE, + .arg3_type = ARG_CONST_SIZE_OR_ZERO, .arg4_type = ARG_ANYTHING, .arg5_type = ARG_ANYTHING, }; @@ -6834,7 +6834,7 @@ static const struct bpf_func_proto bpf_sk_lookup_tcp_proto = { .ret_type = RET_PTR_TO_SOCKET_OR_NULL, .arg1_type = ARG_PTR_TO_CTX, .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY, - .arg3_type = ARG_CONST_SIZE, + .arg3_type = ARG_CONST_SIZE_OR_ZERO, .arg4_type = ARG_ANYTHING, .arg5_type = ARG_ANYTHING, }; @@ -6853,7 +6853,7 @@ static const struct bpf_func_proto bpf_sk_lookup_udp_proto = { .ret_type = RET_PTR_TO_SOCKET_OR_NULL, .arg1_type = ARG_PTR_TO_CTX, .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY, - .arg3_type = ARG_CONST_SIZE, + .arg3_type = ARG_CONST_SIZE_OR_ZERO, .arg4_type = ARG_ANYTHING, .arg5_type = ARG_ANYTHING, }; @@ -6877,7 +6877,7 @@ static const struct bpf_func_proto bpf_tc_skc_lookup_tcp_proto = { .ret_type = RET_PTR_TO_SOCK_COMMON_OR_NULL, .arg1_type = ARG_PTR_TO_CTX, .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY, - .arg3_type = ARG_CONST_SIZE, + .arg3_type = ARG_CONST_SIZE_OR_ZERO, .arg4_type = ARG_ANYTHING, .arg5_type = ARG_ANYTHING, }; @@ -6901,7 +6901,7 @@ static const struct bpf_func_proto bpf_tc_sk_lookup_tcp_proto = { .ret_type = RET_PTR_TO_SOCKET_OR_NULL, .arg1_type = ARG_PTR_TO_CTX, .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY, - .arg3_type = ARG_CONST_SIZE, + .arg3_type = ARG_CONST_SIZE_OR_ZERO, .arg4_type = ARG_ANYTHING, .arg5_type = ARG_ANYTHING, }; @@ -6925,7 +6925,7 @@ static const struct bpf_func_proto bpf_tc_sk_lookup_udp_proto = { .ret_type = RET_PTR_TO_SOCKET_OR_NULL, .arg1_type = ARG_PTR_TO_CTX, .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY, - .arg3_type = ARG_CONST_SIZE, + .arg3_type = ARG_CONST_SIZE_OR_ZERO, .arg4_type = ARG_ANYTHING, .arg5_type = ARG_ANYTHING, }; @@ -6963,7 +6963,7 @@ static const struct bpf_func_proto bpf_xdp_sk_lookup_udp_proto = { .ret_type = RET_PTR_TO_SOCKET_OR_NULL, .arg1_type = ARG_PTR_TO_CTX, .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY, - .arg3_type = ARG_CONST_SIZE, + .arg3_type = ARG_CONST_SIZE_OR_ZERO, .arg4_type = ARG_ANYTHING, .arg5_type = ARG_ANYTHING, }; @@ -6987,7 +6987,7 @@ static const struct bpf_func_proto bpf_xdp_skc_lookup_tcp_proto = { .ret_type = RET_PTR_TO_SOCK_COMMON_OR_NULL, .arg1_type = ARG_PTR_TO_CTX, .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY, - .arg3_type = ARG_CONST_SIZE, + .arg3_type = ARG_CONST_SIZE_OR_ZERO, .arg4_type = ARG_ANYTHING, .arg5_type = ARG_ANYTHING, }; @@ -7011,7 +7011,7 @@ static const struct bpf_func_proto bpf_xdp_sk_lookup_tcp_proto = { .ret_type = RET_PTR_TO_SOCKET_OR_NULL, .arg1_type = ARG_PTR_TO_CTX, .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY, - .arg3_type = ARG_CONST_SIZE, + .arg3_type = ARG_CONST_SIZE_OR_ZERO, .arg4_type = ARG_ANYTHING, .arg5_type = ARG_ANYTHING, }; @@ -7031,7 +7031,7 @@ static const struct bpf_func_proto bpf_sock_addr_skc_lookup_tcp_proto = { .ret_type = RET_PTR_TO_SOCK_COMMON_OR_NULL, .arg1_type = ARG_PTR_TO_CTX, .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY, - .arg3_type = ARG_CONST_SIZE, + .arg3_type = ARG_CONST_SIZE_OR_ZERO, .arg4_type = ARG_ANYTHING, .arg5_type = ARG_ANYTHING, }; @@ -7050,7 +7050,7 @@ static const struct bpf_func_proto bpf_sock_addr_sk_lookup_tcp_proto = { .ret_type = RET_PTR_TO_SOCKET_OR_NULL, .arg1_type = ARG_PTR_TO_CTX, .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY, - .arg3_type = ARG_CONST_SIZE, + .arg3_type = ARG_CONST_SIZE_OR_ZERO, .arg4_type = ARG_ANYTHING, .arg5_type = ARG_ANYTHING, }; @@ -7069,7 +7069,7 @@ static const struct bpf_func_proto bpf_sock_addr_sk_lookup_udp_proto = { .ret_type = RET_PTR_TO_SOCKET_OR_NULL, .arg1_type = ARG_PTR_TO_CTX, .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY, - .arg3_type = ARG_CONST_SIZE, + .arg3_type = ARG_CONST_SIZE_OR_ZERO, .arg4_type = ARG_ANYTHING, .arg5_type = ARG_ANYTHING, }; From patchwork Mon Jun 10 23:08:47 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexei Starovoitov X-Patchwork-Id: 13692539 X-Patchwork-Delegate: bpf@iogearbox.net Received: from mail-oo1-f41.google.com (mail-oo1-f41.google.com [209.85.161.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id EBD151BC39 for ; Mon, 10 Jun 2024 23:09:05 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.161.41 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1718060947; cv=none; b=mDy+rt7pB4fpbutpyYo+1wiT8AaoULarLJsC3VYyNP4bHCKP/DTvfB5U3ZMDLO5xwIjwSrx6ZY0jPyBGhL/be0HZmhBILnVJgdiYS36uGWZWMFecJ0noVbRlBjg/You2A4A7PWZhso+a6ClPtPqg7XjBqg3G7bS8qb0qrLvntQw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1718060947; c=relaxed/simple; bh=KNec9Zit4bjSuhTA/z+LM9H52JJyE0ka3/uhqHIcAFE=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=Rr/jdvmvBDAU0WliGxMqYUzaOMRjjuV8yUhKYZ83pV++szlZLI4Kyr6H8mzibzgvVZPVwd7v4PA+CE2JkpR4omg9LJFZrD72OgSh0qg+dNrifNsKBaN3WSFubHCbHTlpbIni++Nbszx+K6Av9JHFjOF2Tu0u/m9Pi1K/kluUKmA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=lR51NDiZ; arc=none smtp.client-ip=209.85.161.41 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="lR51NDiZ" Received: by mail-oo1-f41.google.com with SMTP id 006d021491bc7-5bad217c51aso1458754eaf.1 for ; Mon, 10 Jun 2024 16:09:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1718060944; x=1718665744; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=FgT1zkNiY0iAAS+b/L8aq/x21E4RdslfjECetyQOAzs=; b=lR51NDiZNOmNryA8w1EaROkjcjmRxy0dLDCTcyuvpEY2agfE++dbPIAvHX/a4AMCGl oldUwwcBlAtAR9m/W3HQXth7uplyeZB5sgbv+5J7C5Fjle+Put8c7ZtW2kylku+u/h6o BIOa3dljF/z2gdztgM0xZZ2j16wrB8ZMHlIR3exzkkx7eivh9e1/htjYuBKOwCNoK1xe bAclBQPCoAK0RXyS0sNUdu7OrNtV5Na+C4o6mhtmEEjWir6IhiqU7m8FpPhoh9KNIvq+ OMjVGN3q+4kpYDb4xiLFdLoB0kR6938WgVx3k9dEgeB7OAFZGHqYaHG8WuDkvsR1urb1 FpbA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1718060944; x=1718665744; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=FgT1zkNiY0iAAS+b/L8aq/x21E4RdslfjECetyQOAzs=; b=CX47MLVeZ1B89aMY2KaGCF8ZNrexTdE7W/ftyBq8J/FG/xmuaJMugerFto8EAghBhr rksQ3yLZL1MrPKZ7VvoUIz46fFTFJPGNAvdt6QkpU+DXFzoPefkHpkhvYL7q9ELCsCte 5/+W9Hq5tlZ4oJryf59XsLm4ggPxT3IEmMItSxc/DNHtvEes3RUaSTjJrLnJzv7I8NaZ im5xPgo9+d11tM5kkIUn0SzJF2DSvex7+srUqeY/kdxLRo3QCyvxgbs7cq67WUWGdI69 QSYEqxOYSUNwqQuZW1cottBUWiM0y0ncr+XgIRQaWvM7gquktoZzRjoFPHvr7JZl2nWN /qmQ== X-Gm-Message-State: AOJu0YwRnn98nR6mr8OrpLk2PqSoAO17UDPVWRT8BV1aIKNFtlywN/DE j/e40tngjhbsSN9pQZrV16O8vuhCnjmKPNkNsewXQiwZ5VUwGM/B1eT8Wg== X-Google-Smtp-Source: AGHT+IE2dUwnGOyQNiJ/M/WoRZ3gIiRzxaPCMBUB42b2nZ1fofWuezyxQy3FWakYzxD68CW1hh/E9Q== X-Received: by 2002:a05:6358:722:b0:19f:4be7:434c with SMTP id e5c5f4694b2df-19f4be75050mr582082355d.16.1718060940596; Mon, 10 Jun 2024 16:09:00 -0700 (PDT) Received: from localhost.localdomain ([2620:10d:c090:400::5:cfaa]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-6e925d13b6esm3701828a12.37.2024.06.10.16.08.59 (version=TLS1_3 cipher=TLS_CHACHA20_POLY1305_SHA256 bits=256/256); Mon, 10 Jun 2024 16:09:00 -0700 (PDT) From: Alexei Starovoitov To: bpf@vger.kernel.org Cc: daniel@iogearbox.net, andrii@kernel.org, martin.lau@kernel.org, memxor@gmail.com, eddyz87@gmail.com, kernel-team@fb.com Subject: [PATCH v2 bpf-next 2/4] bpf: Track delta between "linked" registers. Date: Mon, 10 Jun 2024 16:08:47 -0700 Message-Id: <20240610230849.80820-3-alexei.starovoitov@gmail.com> X-Mailer: git-send-email 2.39.3 (Apple Git-146) In-Reply-To: <20240610230849.80820-1-alexei.starovoitov@gmail.com> References: <20240610230849.80820-1-alexei.starovoitov@gmail.com> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: bpf@iogearbox.net From: Alexei Starovoitov Compilers can generate the code r1 = r2 r1 += 0x1 if r2 < 1000 goto ... use knowledge of r2 range in subsequent r1 operations So remember constant delta between r2 and r1 and update r1 after 'if' condition. Unfortunately LLVM still uses this pattern for loops with 'can_loop' construct: for (i = 0; i < 1000 && can_loop; i++) The "undo" pass was introduced in LLVM https://reviews.llvm.org/D121937 to prevent this optimization, but it cannot cover all cases. Instead of fighting middle end optimizer in BPF backend teach the verifier about this pattern. Signed-off-by: Alexei Starovoitov --- include/linux/bpf_verifier.h | 12 ++++- kernel/bpf/log.c | 4 +- kernel/bpf/verifier.c | 89 +++++++++++++++++++++++++++++++----- 3 files changed, 92 insertions(+), 13 deletions(-) diff --git a/include/linux/bpf_verifier.h b/include/linux/bpf_verifier.h index 50aa87f8d77f..2b54e25d2364 100644 --- a/include/linux/bpf_verifier.h +++ b/include/linux/bpf_verifier.h @@ -73,7 +73,10 @@ enum bpf_iter_state { struct bpf_reg_state { /* Ordering of fields matters. See states_equal() */ enum bpf_reg_type type; - /* Fixed part of pointer offset, pointer types only */ + /* + * Fixed part of pointer offset, pointer types only. + * Or constant delta between "linked" scalars with the same ID. + */ s32 off; union { /* valid when type == PTR_TO_PACKET */ @@ -167,6 +170,13 @@ struct bpf_reg_state { * Similarly to dynptrs, we use ID to track "belonging" of a reference * to a specific instance of bpf_iter. */ + /* + * Upper bit of ID is used to remember relationship between "linked" + * registers. Example: + * r1 = r2; both will have r1->id == r2->id == N + * r1 += 10; r1->id == N | BPF_ADD_CONST and r1->off == 10 + */ +#define BPF_ADD_CONST (1U << 31) u32 id; /* PTR_TO_SOCKET and PTR_TO_TCP_SOCK could be a ptr returned * from a pointer-cast helper, bpf_sk_fullsock() and diff --git a/kernel/bpf/log.c b/kernel/bpf/log.c index 4bd8f17a9f24..3f4ae92e549f 100644 --- a/kernel/bpf/log.c +++ b/kernel/bpf/log.c @@ -708,7 +708,9 @@ static void print_reg_state(struct bpf_verifier_env *env, verbose(env, "%s", btf_type_name(reg->btf, reg->btf_id)); verbose(env, "("); if (reg->id) - verbose_a("id=%d", reg->id); + verbose_a("id=%d", reg->id & ~BPF_ADD_CONST); + if (reg->id & BPF_ADD_CONST) + verbose(env, "%+d", reg->off); if (reg->ref_obj_id) verbose_a("ref_obj_id=%d", reg->ref_obj_id); if (type_is_non_owning_ref(reg->type)) diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c index 81a3d2ced78d..25c74ceddd42 100644 --- a/kernel/bpf/verifier.c +++ b/kernel/bpf/verifier.c @@ -3991,7 +3991,7 @@ static bool idset_contains(struct bpf_idset *s, u32 id) u32 i; for (i = 0; i < s->count; ++i) - if (s->ids[i] == id) + if (s->ids[i] == (id & ~BPF_ADD_CONST)) return true; return false; @@ -4001,7 +4001,7 @@ static int idset_push(struct bpf_idset *s, u32 id) { if (WARN_ON_ONCE(s->count >= ARRAY_SIZE(s->ids))) return -EFAULT; - s->ids[s->count++] = id; + s->ids[s->count++] = id & ~BPF_ADD_CONST; return 0; } @@ -4438,8 +4438,20 @@ static bool __is_pointer_value(bool allow_ptr_leaks, static void assign_scalar_id_before_mov(struct bpf_verifier_env *env, struct bpf_reg_state *src_reg) { - if (src_reg->type == SCALAR_VALUE && !src_reg->id && - !tnum_is_const(src_reg->var_off)) + if (src_reg->type != SCALAR_VALUE) + return; + + if (src_reg->id & BPF_ADD_CONST) { + /* + * The verifier is processing rX = rY insn and + * rY->id has special linked register already. + * Cleared it, since multiple rX += const are not supported. + */ + src_reg->id = 0; + src_reg->off = 0; + } + + if (!src_reg->id && !tnum_is_const(src_reg->var_off)) /* Ensure that src_reg has a valid ID that will be copied to * dst_reg and then will be used by find_equal_scalars() to * propagate min/max range. @@ -14026,6 +14038,7 @@ static int adjust_reg_min_max_vals(struct bpf_verifier_env *env, struct bpf_func_state *state = vstate->frame[vstate->curframe]; struct bpf_reg_state *regs = state->regs, *dst_reg, *src_reg; struct bpf_reg_state *ptr_reg = NULL, off_reg = {0}; + bool alu32 = (BPF_CLASS(insn->code) != BPF_ALU64); u8 opcode = BPF_OP(insn->code); int err; @@ -14048,11 +14061,7 @@ static int adjust_reg_min_max_vals(struct bpf_verifier_env *env, if (dst_reg->type != SCALAR_VALUE) ptr_reg = dst_reg; - else - /* Make sure ID is cleared otherwise dst_reg min/max could be - * incorrectly propagated into other registers by find_equal_scalars() - */ - dst_reg->id = 0; + if (BPF_SRC(insn->code) == BPF_X) { src_reg = ®s[insn->src_reg]; if (src_reg->type != SCALAR_VALUE) { @@ -14116,7 +14125,41 @@ static int adjust_reg_min_max_vals(struct bpf_verifier_env *env, verbose(env, "verifier internal error: no src_reg\n"); return -EINVAL; } - return adjust_scalar_min_max_vals(env, insn, dst_reg, *src_reg); + err = adjust_scalar_min_max_vals(env, insn, dst_reg, *src_reg); + if (err) + return err; + /* + * Compilers can generate the code + * r1 = r2 + * r1 += 0x1 + * if r2 < 1000 goto ... + * use r1 in memory access + * So remember constant delta between r2 and r1 and update r1 after + * 'if' condition. + */ + if (env->bpf_capable && BPF_OP(insn->code) == BPF_ADD && + dst_reg->id && is_reg_const(src_reg, alu32)) { + u64 val = reg_const_value(src_reg, alu32); + + if ((dst_reg->id & BPF_ADD_CONST) || val > (u32)S32_MAX) { + /* + * If the register already went through rX += val + * we cannot accumulate another val into rx->off. + */ + dst_reg->off = 0; + dst_reg->id = 0; + } else { + dst_reg->id |= BPF_ADD_CONST; + dst_reg->off = val; + } + } else { + /* + * Make sure ID is cleared otherwise dst_reg min/max could be + * incorrectly propagated into other registers by find_equal_scalars() + */ + dst_reg->id = 0; + } + return 0; } /* check validity of 32-bit and 64-bit arithmetic operations */ @@ -15088,12 +15131,36 @@ static bool try_match_pkt_pointers(const struct bpf_insn *insn, static void find_equal_scalars(struct bpf_verifier_state *vstate, struct bpf_reg_state *known_reg) { + struct bpf_reg_state fake_reg; struct bpf_func_state *state; struct bpf_reg_state *reg; bpf_for_each_reg_in_vstate(vstate, state, reg, ({ - if (reg->type == SCALAR_VALUE && reg->id == known_reg->id) + if (reg->type != SCALAR_VALUE || reg == known_reg) + continue; + if ((reg->id & ~BPF_ADD_CONST) != (known_reg->id & ~BPF_ADD_CONST)) + continue; + if ((!(reg->id & BPF_ADD_CONST) && !(known_reg->id & BPF_ADD_CONST)) || + reg->off == known_reg->off) { + copy_register_state(reg, known_reg); + } else { + s32 saved_off = reg->off; + + fake_reg.type = SCALAR_VALUE; + __mark_reg_known(&fake_reg, (s32)reg->off - (s32)known_reg->off); + + /* reg = known_reg; reg += delta */ copy_register_state(reg, known_reg); + /* + * Must preserve off, id and add_const flag, + * otherwise another find_equal_scalars() will be incorrect. + */ + reg->off = saved_off; + + scalar32_min_max_add(reg, &fake_reg); + scalar_min_max_add(reg, &fake_reg); + reg->var_off = tnum_add(reg->var_off, fake_reg.var_off); + } })); } From patchwork Mon Jun 10 23:08:48 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexei Starovoitov X-Patchwork-Id: 13692540 X-Patchwork-Delegate: bpf@iogearbox.net Received: from mail-pf1-f169.google.com (mail-pf1-f169.google.com [209.85.210.169]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 9407C1514DE for ; Mon, 10 Jun 2024 23:09:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.210.169 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1718060948; cv=none; b=NWXT6mNnzJFkT2L7TxBFYOJ35K/ytwKxdPxiL908SEo49G7n1+PfJY0HHMumVLyA/QYFHxeWcrAynx4ellXyWWB8TLWoTL4UlYp37izkpiu1gcJmGk73Y2gwWKGi7Rf/PM9/1gKNctC0whcI+mDr9vW5bUY1CYCmOQhdGpFNTLM= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1718060948; c=relaxed/simple; bh=Gm5gtUs7ESel2//jbT0TijXe29JcPEixmsWoeLbvHjg=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=C1nabHqPriajLEly8pR6cKPovIHKLriois1TYc3RDa5qoGdbQDrqBzqe2IbR6vnLd3fQC6OY5fi32DWtSlRX7Jb0wpakSgUg/b93rgnxrE6NZdGGutJEcW7xZF8cJ2KPx1Qr4ahzVpq9wxDZOYTmpZpPPBs6eKKkRMf3hALC4Nk= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=HOJJqOR9; arc=none smtp.client-ip=209.85.210.169 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="HOJJqOR9" Received: by mail-pf1-f169.google.com with SMTP id d2e1a72fcca58-70436ac872aso490549b3a.1 for ; Mon, 10 Jun 2024 16:09:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1718060946; x=1718665746; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Us1aqdKDZ5u/C9Le8gUMjYEff67H98STOGSj9ePhdrk=; b=HOJJqOR9TnXBsQrIViQn0JPmcRxEWaV33PEJwTiCHRtO4jkfKWROSuOt0XF5RaM7yf MUnv0Nme7koRlyoBJLo75CGKePdEyVzxdgE/AUadPxHmeU5zT4qneivJb5eoUmHD6lt7 aFZe7OiwuO14RaEHHQbI4bwbUm1D/70INHbVOcn9cipIVclFpwZd8lDVLBBy7Wx5GI5Q 90RpcRZjvX2ewPfk8XUT629t1CZFSnRrHzvFVoZ7Htf4pmRubulzK4AbDLVD715osu5b /MqNVukkkm/A5rk/8D+aUWaI4r5XO3c4qLteTLmWOcgKuvrI6g6TVF8f41ODu04w4eDy 2A2g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1718060946; x=1718665746; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Us1aqdKDZ5u/C9Le8gUMjYEff67H98STOGSj9ePhdrk=; b=pXgBdTU2V8SAU0uh7b/Rm87NB8G2EG78xUOCsRz4B7EMNAJvjx9MDdvwbU4RSaf+bK c7U/QiZuuk3IgkMhUDyNV9Y/YRHFFo2ValiIsH/WHtxF+CRr2BwrzcpTuK960jM1Ukf3 swWVpADf/abI95cDWjtKa86M2Zic4Wm9kHSIyHorKQmK9q9vbeaVlhPRuOzvDFiVWmiw efmGuJj5kF4WmwmRWYk+0LrjR4UuabwcCBq02eSK2cwhtk6PZI7efgYIGsNBxF6frjpb zk3zHnRizPAjnwyhs6FvBOoH97LJkWLIQx0iat8xeHqtyyX7b0Zn4VWNN+cMJIX28TxV uhuA== X-Gm-Message-State: AOJu0Yz13F4DGMoyl/NDznJlt3Sq4a4d2H9JVqzh+uC9X//bYDnQC7Qx JBTxg1dfp0p0mUOPgKALYgPw8tbLoeSbaq/LxngEBdN9SZbq8h/GRWsJsA== X-Google-Smtp-Source: AGHT+IEhTdI0vWSWc4npDBTdbwE7TgT/OKNsXY7gD7WOyoDQQodTMBoFskLhlWOeRfIhFO0eEEFGCA== X-Received: by 2002:a05:6a21:999e:b0:1b4:efbb:d1e1 with SMTP id adf61e73a8af0-1b4efbbd2e4mr10985552637.33.1718060946082; Mon, 10 Jun 2024 16:09:06 -0700 (PDT) Received: from localhost.localdomain ([2620:10d:c090:400::5:cfaa]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-704236597e8sm4681908b3a.141.2024.06.10.16.09.04 (version=TLS1_3 cipher=TLS_CHACHA20_POLY1305_SHA256 bits=256/256); Mon, 10 Jun 2024 16:09:05 -0700 (PDT) From: Alexei Starovoitov To: bpf@vger.kernel.org Cc: daniel@iogearbox.net, andrii@kernel.org, martin.lau@kernel.org, memxor@gmail.com, eddyz87@gmail.com, kernel-team@fb.com Subject: [PATCH v2 bpf-next 3/4] bpf: Support can_loop/cond_break on big endian Date: Mon, 10 Jun 2024 16:08:48 -0700 Message-Id: <20240610230849.80820-4-alexei.starovoitov@gmail.com> X-Mailer: git-send-email 2.39.3 (Apple Git-146) In-Reply-To: <20240610230849.80820-1-alexei.starovoitov@gmail.com> References: <20240610230849.80820-1-alexei.starovoitov@gmail.com> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: bpf@iogearbox.net From: Alexei Starovoitov Add big endian support for can_loop/cond_break macros. Acked-by: Yonghong Song Signed-off-by: Alexei Starovoitov --- .../testing/selftests/bpf/bpf_experimental.h | 28 +++++++++++++++++++ 1 file changed, 28 insertions(+) diff --git a/tools/testing/selftests/bpf/bpf_experimental.h b/tools/testing/selftests/bpf/bpf_experimental.h index 3d9e4b8c6b81..82b73c37b50b 100644 --- a/tools/testing/selftests/bpf/bpf_experimental.h +++ b/tools/testing/selftests/bpf/bpf_experimental.h @@ -351,6 +351,7 @@ l_true: \ l_continue:; \ }) #else +#if __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__ #define can_loop \ ({ __label__ l_break, l_continue; \ bool ret = true; \ @@ -376,6 +377,33 @@ l_true: \ l_break: break; \ l_continue:; \ }) +#else +#define can_loop \ + ({ __label__ l_break, l_continue; \ + bool ret = true; \ + asm volatile goto("1:.byte 0xe5; \ + .byte 0; \ + .long (((%l[l_break] - 1b - 8) / 8) & 0xffff) << 16; \ + .short 0" \ + :::: l_break); \ + goto l_continue; \ + l_break: ret = false; \ + l_continue:; \ + ret; \ + }) + +#define cond_break \ + ({ __label__ l_break, l_continue; \ + asm volatile goto("1:.byte 0xe5; \ + .byte 0; \ + .long (((%l[l_break] - 1b - 8) / 8) & 0xffff) << 16; \ + .short 0" \ + :::: l_break); \ + goto l_continue; \ + l_break: break; \ + l_continue:; \ + }) +#endif #endif #ifndef bpf_nop_mov From patchwork Mon Jun 10 23:08:49 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alexei Starovoitov X-Patchwork-Id: 13692541 X-Patchwork-Delegate: bpf@iogearbox.net Received: from mail-pg1-f179.google.com (mail-pg1-f179.google.com [209.85.215.179]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 4522E1514DA for ; Mon, 10 Jun 2024 23:09:11 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.215.179 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1718060952; cv=none; b=cHbAvlOpRzDJmshWpygB6mDGgvePNQ7OJK4DfautyL5QNO3QyPHroH2OtalkXL9xcGAxzFlJoDMRS4Ld/5I+fN3OsULpx4aaAbfNKTDh8VHYl10souHZPvDCJKeFg+qkJPydAfUCC7Mo2hjlrc3PeV5EXPHuY8/7lNw9PjKm6yA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1718060952; c=relaxed/simple; bh=CR6Vcz3d7+0UOj5jXKBGi2AQMLu9XLFckpySJup0ttU=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=LJwQQURHNFIdmIBE0YsG3wIFjKa4dfVP3PDmZbAw/VqNxgBFp4ef1VogZ9pTWV6FPAgY9b54Wf+E3e5cf/z6Sdzt0PoBr+0h61gvI/dbqo7vM5UKsjYv5NTIIZjJGhWstsWicpc4Tthr6RkZABBNyjFdpUKG32ZCxM3JZUrNXiA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=VafnmNlW; arc=none smtp.client-ip=209.85.215.179 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="VafnmNlW" Received: by mail-pg1-f179.google.com with SMTP id 41be03b00d2f7-6e620302b01so2018677a12.0 for ; Mon, 10 Jun 2024 16:09:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1718060950; x=1718665750; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=kV7xLjOpWeGHh8giULo8MXA150fQenV1ODSbku6laFg=; b=VafnmNlWjqrRm+zR0HqU04l7lhhgdODU80ahE9dZChbQAfh8DMNSWGIWgzLIVbWgVL U7bHgu1Hy/BPGXLv86v3Vfm+3t+PeVFL1HGpVGeVAPV24ysksD34HTiwGZKZdo/t4RHQ dX7o/MrVgv3NCgug0X1aV4USoaLd4bwP6gFet8ZtMGQoMrHnTvwefTnoKOMYikPLwrTw MUOan3IN4GgRGbZTAqYIkOQ/qmnvJvk2Pq4Pw0+MwTKlqIxkJz0dIdqlbzwMJmn/AeIU 0UDAjxQpAC0B8OKGdsC1HoW6QutofFV6Rs1sHW9HTIz1/qhi9xQdhqEnu4sgGVpzRvft ASMQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1718060950; x=1718665750; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=kV7xLjOpWeGHh8giULo8MXA150fQenV1ODSbku6laFg=; b=BdrKze0UVQpWtomJHvIyuoNke5D3HW5vhx/Xs0sYQniwJYsuPD5qGVJ+pnACNEiGLo EXdx/Qy53uDEqHnTbTQQCYe38dM0YGFgtx09mi0fOXQ7c66SQQimwy6o4x3QOEl8q5Bh JN3n0YKPmI+IrfhE5Z5LDcJ8594I+hXYEP8Z7/y4kAXeXwKhV8VmsQ7gc/w0IJVI481B Ltb0g9zb9L1bXEb7GSjdZ3eWQSIlSdrqRh6d1Qos4Pxe3w8BE+jR9E6LR6zJN8mqnqqi FDz8tcneLmtL6bwDGQOnk3X0mMXnZ0VZoeM/JQU9+wtTLSD6vjpzk64/6kh1OyRwC8t5 IbEA== X-Gm-Message-State: AOJu0YylyGoYhm7dX1cVtm14S9NaPHFFZpkLS3y426c9aaCcfTaeoYer TbOMZa06mx3nkaJlnhhpt9EasLXrdctRizMocqUmIqkLke1lmayGwa5Rig== X-Google-Smtp-Source: AGHT+IFNWrpnpPm74DZExxk/+SjsSMMj/XVHlnNIkGWuEzoGbMV8ys9F63yYz2uDuEl+5FCp6K3jrQ== X-Received: by 2002:a17:902:e802:b0:1f2:fbda:8671 with SMTP id d9443c01a7336-1f6d02d6275mr114340185ad.6.1718060949754; Mon, 10 Jun 2024 16:09:09 -0700 (PDT) Received: from localhost.localdomain ([2620:10d:c090:400::5:cfaa]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-1f6bd75f2e8sm89748925ad.25.2024.06.10.16.09.08 (version=TLS1_3 cipher=TLS_CHACHA20_POLY1305_SHA256 bits=256/256); Mon, 10 Jun 2024 16:09:09 -0700 (PDT) From: Alexei Starovoitov To: bpf@vger.kernel.org Cc: daniel@iogearbox.net, andrii@kernel.org, martin.lau@kernel.org, memxor@gmail.com, eddyz87@gmail.com, kernel-team@fb.com Subject: [PATCH v2 bpf-next 4/4] selftests/bpf: Add tests for add_const Date: Mon, 10 Jun 2024 16:08:49 -0700 Message-Id: <20240610230849.80820-5-alexei.starovoitov@gmail.com> X-Mailer: git-send-email 2.39.3 (Apple Git-146) In-Reply-To: <20240610230849.80820-1-alexei.starovoitov@gmail.com> References: <20240610230849.80820-1-alexei.starovoitov@gmail.com> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: bpf@iogearbox.net From: Alexei Starovoitov Improve arena based tests and add several C and asm tests with specific pattern. These tests would have failed without add_const verifier support. Also add several loop_inside_iter*() tests that are not related to add_const, but nice to have. Signed-off-by: Alexei Starovoitov --- .../testing/selftests/bpf/progs/arena_htab.c | 16 +- .../bpf/progs/verifier_iterating_callbacks.c | 208 ++++++++++++++++++ 2 files changed, 221 insertions(+), 3 deletions(-) diff --git a/tools/testing/selftests/bpf/progs/arena_htab.c b/tools/testing/selftests/bpf/progs/arena_htab.c index 1e6ac187a6a0..cd598348725e 100644 --- a/tools/testing/selftests/bpf/progs/arena_htab.c +++ b/tools/testing/selftests/bpf/progs/arena_htab.c @@ -18,25 +18,35 @@ void __arena *htab_for_user; bool skip = false; int zero = 0; +char __arena arr1[100000]; +char arr2[1000]; SEC("syscall") int arena_htab_llvm(void *ctx) { #if defined(__BPF_FEATURE_ADDR_SPACE_CAST) || defined(BPF_ARENA_FORCE_ASM) struct htab __arena *htab; + char __arena *arr = arr1; __u64 i; htab = bpf_alloc(sizeof(*htab)); cast_kern(htab); htab_init(htab); + cast_kern(arr); + /* first run. No old elems in the table */ - for (i = zero; i < 1000; i++) + for (i = zero; i < 100000 && can_loop; i++) { htab_update_elem(htab, i, i); + arr[i] = i; + } - /* should replace all elems with new ones */ - for (i = zero; i < 1000; i++) + /* should replace some elems with new ones */ + for (i = zero; i < 1000 && can_loop; i++) { htab_update_elem(htab, i, i); + /* Access mem to make the verifier use bounded loop logic */ + arr2[i] = i; + } cast_user(htab); htab_for_user = htab; #else diff --git a/tools/testing/selftests/bpf/progs/verifier_iterating_callbacks.c b/tools/testing/selftests/bpf/progs/verifier_iterating_callbacks.c index bd676d7e615f..627b7f0ca8e1 100644 --- a/tools/testing/selftests/bpf/progs/verifier_iterating_callbacks.c +++ b/tools/testing/selftests/bpf/progs/verifier_iterating_callbacks.c @@ -405,4 +405,212 @@ int cond_break5(const void *ctx) return cnt1 > 1 && cnt2 > 1 ? 1 : 0; } +#define ARR2_SZ 1000 +SEC(".data.arr2") +char arr2[ARR2_SZ]; + +SEC("socket") +__success __flag(BPF_F_TEST_STATE_FREQ) +int loop_inside_iter(const void *ctx) +{ + struct bpf_iter_num it; + int *v, sum = 0; + __u64 i = 0; + + bpf_iter_num_new(&it, 0, ARR2_SZ); + while ((v = bpf_iter_num_next(&it))) { + if (i < ARR2_SZ) + sum += arr2[i++]; + } + bpf_iter_num_destroy(&it); + return sum; +} + +SEC("socket") +__success __flag(BPF_F_TEST_STATE_FREQ) +int loop_inside_iter_signed(const void *ctx) +{ + struct bpf_iter_num it; + int *v, sum = 0; + long i = 0; + + bpf_iter_num_new(&it, 0, ARR2_SZ); + while ((v = bpf_iter_num_next(&it))) { + if (i < ARR2_SZ && i >= 0) + sum += arr2[i++]; + } + bpf_iter_num_destroy(&it); + return sum; +} + +volatile const int limit = ARR2_SZ; + +SEC("socket") +__success __flag(BPF_F_TEST_STATE_FREQ) +int loop_inside_iter_volatile_limit(const void *ctx) +{ + struct bpf_iter_num it; + int *v, sum = 0; + __u64 i = 0; + + bpf_iter_num_new(&it, 0, ARR2_SZ); + while ((v = bpf_iter_num_next(&it))) { + if (i < limit) + sum += arr2[i++]; + } + bpf_iter_num_destroy(&it); + return sum; +} + +#define ARR_LONG_SZ 1000 + +SEC(".data.arr_long") +long arr_long[ARR_LONG_SZ]; + +SEC("socket") +__success +int test1(const void *ctx) +{ + long i; + + for (i = 0; i < ARR_LONG_SZ && can_loop; i++) + arr_long[i] = i; + return 0; +} + +SEC("socket") +__success +int test2(const void *ctx) +{ + __u64 i; + + for (i = zero; i < ARR_LONG_SZ && can_loop; i++) { + barrier_var(i); + arr_long[i] = i; + } + return 0; +} + +SEC(".data.arr_foo") +struct { + int a; + int b; +} arr_foo[ARR_LONG_SZ]; + +SEC("socket") +__success +int test3(const void *ctx) +{ + __u64 i; + + for (i = zero; i < ARR_LONG_SZ && can_loop; i++) { + barrier_var(i); + arr_foo[i].a = i; + arr_foo[i].b = i; + } + return 0; +} + +SEC("socket") +__success +int test4(const void *ctx) +{ + long i; + + for (i = zero + ARR_LONG_SZ - 1; i < ARR_LONG_SZ && i >= 0 && can_loop; i--) { + barrier_var(i); + arr_foo[i].a = i; + arr_foo[i].b = i; + } + return 0; +} + +char buf[10] SEC(".data.buf"); + +SEC("socket") +__description("check add const") +__success +__naked void check_add_const(void) +{ + /* typical LLVM generated loop with may_goto */ + asm volatile (" \ + call %[bpf_ktime_get_ns]; \ + if r0 > 9 goto l1_%=; \ +l0_%=: r1 = %[buf]; \ + r2 = r0; \ + r1 += r2; \ + r3 = *(u8 *)(r1 +0); \ + .byte 0xe5; /* may_goto */ \ + .byte 0; /* regs */ \ + .short 4; /* off of l1_%=: */ \ + .long 0; /* imm */ \ + r0 = r2; \ + r0 += 1; \ + if r2 < 9 goto l0_%=; \ + exit; \ +l1_%=: r0 = 0; \ + exit; \ +" : + : __imm(bpf_ktime_get_ns), + __imm_ptr(buf) + : __clobber_common); +} + +SEC("socket") +__failure +__msg("*(u8 *)(r7 +0) = r0") +__msg("invalid access to map value, value_size=10 off=10 size=1") +__naked void check_add_const_3regs(void) +{ + asm volatile ( + "r6 = %[buf];" + "r7 = %[buf];" + "call %[bpf_ktime_get_ns];" + "r1 = r0;" /* link r0.id == r1.id == r2.id */ + "r2 = r0;" + "r1 += 1;" /* r1 == r0+1 */ + "r2 += 2;" /* r2 == r0+2 */ + "if r0 > 8 goto 1f;" /* r0 range [0, 8] */ + "r6 += r1;" /* r1 range [1, 9] */ + "r7 += r2;" /* r2 range [2, 10] */ + "*(u8 *)(r6 +0) = r0;" /* safe, within bounds */ + "*(u8 *)(r7 +0) = r0;" /* unsafe, out of bounds */ + "1: exit;" + : + : __imm(bpf_ktime_get_ns), + __imm_ptr(buf) + : __clobber_common); +} + +SEC("socket") +__failure +__msg("*(u8 *)(r8 -1) = r0") +__msg("invalid access to map value, value_size=10 off=10 size=1") +__naked void check_add_const_3regs_2if(void) +{ + asm volatile ( + "r6 = %[buf];" + "r7 = %[buf];" + "r8 = %[buf];" + "call %[bpf_ktime_get_ns];" + "if r0 < 2 goto 1f;" + "r1 = r0;" /* link r0.id == r1.id == r2.id */ + "r2 = r0;" + "r1 += 1;" /* r1 == r0+1 */ + "r2 += 2;" /* r2 == r0+2 */ + "if r2 > 11 goto 1f;" /* r2 range [0, 11] -> r0 range [-2, 9]; r1 range [-1, 10] */ + "if r0 s< 0 goto 1f;" /* r0 range [0, 9] -> r1 range [1, 10]; r2 range [2, 11]; */ + "r6 += r0;" /* r0 range [0, 9] */ + "r7 += r1;" /* r1 range [1, 10] */ + "r8 += r2;" /* r2 range [2, 11] */ + "*(u8 *)(r6 +0) = r0;" /* safe, within bounds */ + "*(u8 *)(r7 -1) = r0;" /* safe */ + "*(u8 *)(r8 -1) = r0;" /* unsafe */ + "1: exit;" + : + : __imm(bpf_ktime_get_ns), + __imm_ptr(buf) + : __clobber_common); +} + char _license[] SEC("license") = "GPL";