From patchwork Fri Nov 15 00:46:03 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Protopopov X-Patchwork-Id: 13875794 X-Patchwork-Delegate: bpf@iogearbox.net Received: from mail-wm1-f49.google.com (mail-wm1-f49.google.com [209.85.128.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 30C041DFFD for ; Fri, 15 Nov 2024 00:43:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.49 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731631402; cv=none; b=grQakW5kD2fPxpCT9V5G3EGiP2HnWu5IsDxr0g4cdJ8RpTI8wF7SOfNzPQg69CXLhaqWs1nwE66RB717K1nGMA3GUAr+3F8DgJ/7fZt1/9W+HWGuD6uMTBvCAqeHC8QtgZW4GwKD0vpQVNzbr4nI0Hq7HBmP83w8JgaLzQqz9y8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731631402; c=relaxed/simple; bh=G3wa07rZYgN6CVGveQn2J5nSIZh5i+vLZIp5qLRAfWo=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=qc/Ql9r4wzAsBMgMuq4IzXZDzfeVONPT7TrBqCOtsIeOz6zohqBJhZezKhbXb+bVu8Fk0l+xO4rmY+a0eyTLqdflEE4rHHg0HFJc25GsSSfQvggKLd/ykbx6DHMcAdMPSeQmgxzU4Ewb6WoWVbxLVIQStLV9UVORxTOyhqNxoT4= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=isovalent.com; spf=pass smtp.mailfrom=isovalent.com; dkim=pass (2048-bit key) header.d=isovalent.com header.i=@isovalent.com header.b=MUxikb1S; arc=none smtp.client-ip=209.85.128.49 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=isovalent.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=isovalent.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=isovalent.com header.i=@isovalent.com header.b="MUxikb1S" Received: by mail-wm1-f49.google.com with SMTP id 5b1f17b1804b1-4315839a7c9so10881235e9.3 for ; Thu, 14 Nov 2024 16:43:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=isovalent.com; s=google; t=1731631398; x=1732236198; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=uoG5JO9syP1TPphV80q7oHvJ3++/Z/0Nk/f2xqd8VJ8=; b=MUxikb1Sct1lLXAOLIaAtYhc3tmot/RVMq5FlvXdQr/9kCKL5IDD5Jb6lj//LJfEH+ W0IWtrBL0eSHo3us+gO3/WksRMaZSr6lQxCSagihdxmWcDBtoDxktwlEos7QAXMVeOxp wY/Y+QpzRCU4ERj2WumxVMEsGZOCQnns1IomEmiIWqb53dkhwpxgA/UThA38pxRJYeT0 mKLjaW1N0x+mCnHgVmMAt1f0tZk/XnvkYu/FOfMXdGnQRXQXdrQjFWoDvLMukr4PKgcQ w4/w1LjRX7tYCQ9I7CHs5dMGm+pjdS1G1BOagr1vbdtapMFFMev1NjcL0Sf7m+Fp//UD bh+Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1731631398; x=1732236198; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=uoG5JO9syP1TPphV80q7oHvJ3++/Z/0Nk/f2xqd8VJ8=; b=sl0IHIMgU3FsQusINXqml+BFP6wC9zS2njao0ei3t1iSkVhN0J6G/zrWiGtzHKKAF/ CXPiMyOaKEOA0ci83vPjH/tiXyDKxOEnnYMKky8eC6LoIdF7aqmCBMp9Az0HfGCsRX/X 4c568LkXhWck9HGiwQr+CItnGwNB2Ooe3yjufiuvAeHkzpz6010t0u/QPWdzl+ZOgqKH cqQzASVWdPfymP3zieotumRJspODsIXppdnS2+0CKDMiGB0qJK2mDUkBPzm/FH9iU2jJ wYW7pPwhSiqFtsTJ49bfmP9BOY7jDDwjOmba83EiEaMzrRSdYPmBzCliakgGXH7AGvF/ UaGg== X-Gm-Message-State: AOJu0Yx2xnScOXuC5efqW6HFpGcV8hBqQNr5jJ3AnUxhIDREQhILgozO 1IgX/snway79WTW5AEFZS3qpAD/TIU3EEcc5ud6sXcaZEvnJVDsIl3eoBIzzhXr033hn4YE9px2 FKCM= X-Google-Smtp-Source: AGHT+IF6p/Yd0VBysfQgFmlV6dZiXEHkaH/Zq2elZQEHUUuEOYJd0iP3nYhYddUb0DHqt1m7hpwSYw== X-Received: by 2002:a05:600c:35d0:b0:432:dc5a:b305 with SMTP id 5b1f17b1804b1-432df72a2ccmr5747275e9.12.1731631397497; Thu, 14 Nov 2024 16:43:17 -0800 (PST) Received: from localhost.localdomain ([2a04:ee41:4:b2de:1ac0:4dff:fe0f:3782]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-432dab78783sm36781975e9.12.2024.11.14.16.43.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 14 Nov 2024 16:43:17 -0800 (PST) From: Anton Protopopov To: bpf@vger.kernel.org Cc: Anton Protopopov Subject: [PATCH bpf-next 1/5] bpf: add a __btf_get_by_fd helper Date: Fri, 15 Nov 2024 00:46:03 +0000 Message-Id: <20241115004607.3144806-2-aspsk@isovalent.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20241115004607.3144806-1-aspsk@isovalent.com> References: <20241115004607.3144806-1-aspsk@isovalent.com> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: bpf@iogearbox.net Add a new helper to get a pointer to a struct btf from a file descriptor which doesn't increase a refcount. Signed-off-by: Anton Protopopov --- include/linux/btf.h | 13 +++++++++++++ kernel/bpf/btf.c | 13 ++++--------- 2 files changed, 17 insertions(+), 9 deletions(-) diff --git a/include/linux/btf.h b/include/linux/btf.h index 4214e76c9168..050051a578a8 100644 --- a/include/linux/btf.h +++ b/include/linux/btf.h @@ -4,6 +4,7 @@ #ifndef _LINUX_BTF_H #define _LINUX_BTF_H 1 +#include #include #include #include @@ -143,6 +144,18 @@ void btf_get(struct btf *btf); void btf_put(struct btf *btf); const struct btf_header *btf_header(const struct btf *btf); int btf_new_fd(const union bpf_attr *attr, bpfptr_t uattr, u32 uattr_sz); + +static inline struct btf *__btf_get_by_fd(struct fd f) +{ + if (fd_empty(f)) + return ERR_PTR(-EBADF); + + if (unlikely(fd_file(f)->f_op != &btf_fops)) + return ERR_PTR(-EINVAL); + + return fd_file(f)->private_data; +} + struct btf *btf_get_by_fd(int fd); int btf_get_info_by_fd(const struct btf *btf, const union bpf_attr *attr, diff --git a/kernel/bpf/btf.c b/kernel/bpf/btf.c index e7a59e6462a9..ad5310fa1d3b 100644 --- a/kernel/bpf/btf.c +++ b/kernel/bpf/btf.c @@ -7743,17 +7743,12 @@ int btf_new_fd(const union bpf_attr *attr, bpfptr_t uattr, u32 uattr_size) struct btf *btf_get_by_fd(int fd) { - struct btf *btf; CLASS(fd, f)(fd); + struct btf *btf; - if (fd_empty(f)) - return ERR_PTR(-EBADF); - - if (fd_file(f)->f_op != &btf_fops) - return ERR_PTR(-EINVAL); - - btf = fd_file(f)->private_data; - refcount_inc(&btf->refcnt); + btf = __btf_get_by_fd(f); + if (!IS_ERR(btf)) + refcount_inc(&btf->refcnt); return btf; } From patchwork Fri Nov 15 00:46:04 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Protopopov X-Patchwork-Id: 13875795 X-Patchwork-Delegate: bpf@iogearbox.net Received: from mail-wm1-f54.google.com (mail-wm1-f54.google.com [209.85.128.54]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 933EB1E517 for ; Fri, 15 Nov 2024 00:43:20 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.54 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731631402; cv=none; b=sfU7R6ASBJ0475rn2V7jpIGJZJXEA4juRbJKavkJPh38fQtxWt3VLUmuU/5Vi4owV9ZKNeapOi7vzG7CHmg5tW1Y2x2JumWprxA+/ttuwPocEsh9SrrciXhhTXkT3ZNJubd3dvhxFLNrStHjW0xQUj0NTd3tYeGSW/KS17Uv8qo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731631402; c=relaxed/simple; bh=VPzxKVFgPVPNxgNE+A/5EyvwReLr+YyIuKkIQH9akm4=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=qryiQY87fAMheCw4E2+nrqhg57ia23l8ksDFM3UMoT9X7Ou0RzWCcx8/qK1+ItlLw5tg2xdLbzrVhLlw4g2k9wYDrjfkxerXKSUO9Khl35GNrJoZZhVR7sZzNVBd55TM2E7JcV+ezi5gyofyv53FU+n9R4RYY45Wgc8f+VyPAZY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=isovalent.com; spf=pass smtp.mailfrom=isovalent.com; dkim=pass (2048-bit key) header.d=isovalent.com header.i=@isovalent.com header.b=KfGiLjLn; arc=none smtp.client-ip=209.85.128.54 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=isovalent.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=isovalent.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=isovalent.com header.i=@isovalent.com header.b="KfGiLjLn" Received: by mail-wm1-f54.google.com with SMTP id 5b1f17b1804b1-43152b79d25so1352695e9.1 for ; Thu, 14 Nov 2024 16:43:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=isovalent.com; s=google; t=1731631398; x=1732236198; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=twsYQYJUhS5jQIpb92rTVnGqOSwWYxFzpMN8AsEtZVw=; b=KfGiLjLn3mmGNhXAJiUZv33DO9MCU0QYzCWMSq8QLwitmCoZlCB1YZTaAmiXgj/Hfa VD3MiR074UjYGAZmpgNbuiUpl+yur0/n9a3PuejbRiSfqQkMcdhPuO1q7yYj1kB4X50E 5jyFK3NgB6NoVx+nuriamr1qNWgv1AXJJypDbdkjO6clIvX503QHBvy5X0qcO5+73Pvw RTr/VaoaSwB2E5mck6SYrtD8v2/yDd8OuzyIyqx9BVoUwwxGUGZlc44rHRyHIefBqv6m 3xIDrRgqAFMVulrvA3eypR7Rt0g5EnYHsFRg7pSBSf4VFjtNxIOceJJ/uxYOa9DgkYbN L/YQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1731631398; x=1732236198; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=twsYQYJUhS5jQIpb92rTVnGqOSwWYxFzpMN8AsEtZVw=; b=P5Yqqed4NGC55e3GGyo/IVBvc1BMPcjM8ig1Bw6rnlwW1pUjn60Kn36ZSQQ0SC3jGY joQYuM+4ef4HeGDtZKEudAUe/x0AD1U4EU6qtCegPTDweCtpGcq+9xWOQqpQ/Bv6r9Rb YJV9wgkA2SkBFqmV7mzjVoGYvQHogti3D1W2TOurEy6Rar8iCMVDh3c9d7fDaKNY9qUI 1WijmcpZwARk/uYbejU9r549wYKyMKcBPSn1hzWb3PlgjR+D6mYw2xyKmbANRW+ZNqbe NAyMcquPJTsWCCYe9vUDpquw3uUt301gLDJA/9mPHdQlSdnfEWYJUiFqHnPPjVBtoWud 7plQ== X-Gm-Message-State: AOJu0YyCiDx9hjQV+GWCcqcUFLM59DbA8DN8RzxtxicYqqYZtqiHGj83 U7B1eVTkDECU6U1aJ0ylw0dpdcCI9LPaxML3Bl7IcaaRWj0duRtseI6pDz9TIjn2xOpDmUaLtv/ G6tw= X-Google-Smtp-Source: AGHT+IFvXADUxQfWNszd8tmz8c54z10bvWZA4+Zv0rgekK7K5Kr2Cub6+RK6uaOyTfr+QF1P62pvtQ== X-Received: by 2002:a05:600c:510b:b0:431:58b3:affa with SMTP id 5b1f17b1804b1-432df72c886mr5329725e9.9.1731631398224; Thu, 14 Nov 2024 16:43:18 -0800 (PST) Received: from localhost.localdomain ([2a04:ee41:4:b2de:1ac0:4dff:fe0f:3782]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-432dab78783sm36781975e9.12.2024.11.14.16.43.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 14 Nov 2024 16:43:17 -0800 (PST) From: Anton Protopopov To: bpf@vger.kernel.org Cc: Anton Protopopov Subject: [PATCH bpf-next 2/5] bpf: move map/prog compatibility checks Date: Fri, 15 Nov 2024 00:46:04 +0000 Message-Id: <20241115004607.3144806-3-aspsk@isovalent.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20241115004607.3144806-1-aspsk@isovalent.com> References: <20241115004607.3144806-1-aspsk@isovalent.com> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: bpf@iogearbox.net Move some inlined map/prog compatibility checks from the resolve_pseudo_ldimm64() function to the dedicated check_map_prog_compatibility() function. Call the latter function from the add_used_map_from_fd() function directly. This simplifies code and optimizes logic a bit, as before these changes the check_map_prog_compatibility() function was executed on every map usage, which doesn't make sense, as it doesn't include any per-instruction checks, only map type vs. prog type. (This patch also simplifies a consequent patch which will call the add_used_map_from_fd() function from another code path.) Signed-off-by: Anton Protopopov --- kernel/bpf/verifier.c | 101 +++++++++++++++++++----------------------- 1 file changed, 46 insertions(+), 55 deletions(-) diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c index f4c39bb50511..45c11d9cee60 100644 --- a/kernel/bpf/verifier.c +++ b/kernel/bpf/verifier.c @@ -19075,6 +19075,12 @@ static bool is_tracing_prog_type(enum bpf_prog_type type) } } +static bool bpf_map_is_cgroup_storage(struct bpf_map *map) +{ + return (map->map_type == BPF_MAP_TYPE_CGROUP_STORAGE || + map->map_type == BPF_MAP_TYPE_PERCPU_CGROUP_STORAGE); +} + static int check_map_prog_compatibility(struct bpf_verifier_env *env, struct bpf_map *map, struct bpf_prog *prog) @@ -19153,25 +19159,48 @@ static int check_map_prog_compatibility(struct bpf_verifier_env *env, return -EINVAL; } - return 0; -} + if (bpf_map_is_cgroup_storage(map) && + bpf_cgroup_storage_assign(env->prog->aux, map)) { + verbose(env, "only one cgroup storage of each type is allowed\n"); + return -EBUSY; + } -static bool bpf_map_is_cgroup_storage(struct bpf_map *map) -{ - return (map->map_type == BPF_MAP_TYPE_CGROUP_STORAGE || - map->map_type == BPF_MAP_TYPE_PERCPU_CGROUP_STORAGE); + if (map->map_type == BPF_MAP_TYPE_ARENA) { + if (env->prog->aux->arena) { + verbose(env, "Only one arena per program\n"); + return -EBUSY; + } + if (!env->allow_ptr_leaks || !env->bpf_capable) { + verbose(env, "CAP_BPF and CAP_PERFMON are required to use arena\n"); + return -EPERM; + } + if (!env->prog->jit_requested) { + verbose(env, "JIT is required to use arena\n"); + return -EOPNOTSUPP; + } + if (!bpf_jit_supports_arena()) { + verbose(env, "JIT doesn't support arena\n"); + return -EOPNOTSUPP; + } + env->prog->aux->arena = (void *)map; + if (!bpf_arena_get_user_vm_start(env->prog->aux->arena)) { + verbose(env, "arena's user address must be set via map_extra or mmap()\n"); + return -EINVAL; + } + } + + return 0; } /* Add map behind fd to used maps list, if it's not already there, and return - * its index. Also set *reused to true if this map was already in the list of - * used maps. + * its index. * Returns <0 on error, or >= 0 index, on success. */ -static int add_used_map_from_fd(struct bpf_verifier_env *env, int fd, bool *reused) +static int add_used_map_from_fd(struct bpf_verifier_env *env, int fd) { CLASS(fd, f)(fd); struct bpf_map *map; - int i; + int i, err; map = __bpf_map_get(f); if (IS_ERR(map)) { @@ -19180,12 +19209,9 @@ static int add_used_map_from_fd(struct bpf_verifier_env *env, int fd, bool *reus } /* check whether we recorded this map already */ - for (i = 0; i < env->used_map_cnt; i++) { - if (env->used_maps[i] == map) { - *reused = true; + for (i = 0; i < env->used_map_cnt; i++) + if (env->used_maps[i] == map) return i; - } - } if (env->used_map_cnt >= MAX_USED_MAPS) { verbose(env, "The total number of maps per program has reached the limit of %u\n", @@ -19193,6 +19219,10 @@ static int add_used_map_from_fd(struct bpf_verifier_env *env, int fd, bool *reus return -E2BIG; } + err = check_map_prog_compatibility(env, map, env->prog); + if (err) + return err; + if (env->prog->sleepable) atomic64_inc(&map->sleepable_refcnt); @@ -19203,7 +19233,6 @@ static int add_used_map_from_fd(struct bpf_verifier_env *env, int fd, bool *reus */ bpf_map_inc(map); - *reused = false; env->used_maps[env->used_map_cnt++] = map; return env->used_map_cnt - 1; @@ -19240,7 +19269,6 @@ static int resolve_pseudo_ldimm64(struct bpf_verifier_env *env) int map_idx; u64 addr; u32 fd; - bool reused; if (i == insn_cnt - 1 || insn[1].code != 0 || insn[1].dst_reg != 0 || insn[1].src_reg != 0 || @@ -19301,7 +19329,7 @@ static int resolve_pseudo_ldimm64(struct bpf_verifier_env *env) break; } - map_idx = add_used_map_from_fd(env, fd, &reused); + map_idx = add_used_map_from_fd(env, fd); if (map_idx < 0) return map_idx; map = env->used_maps[map_idx]; @@ -19309,10 +19337,6 @@ static int resolve_pseudo_ldimm64(struct bpf_verifier_env *env) aux = &env->insn_aux_data[i]; aux->map_index = map_idx; - err = check_map_prog_compatibility(env, map, env->prog); - if (err) - return err; - if (insn[0].src_reg == BPF_PSEUDO_MAP_FD || insn[0].src_reg == BPF_PSEUDO_MAP_IDX) { addr = (unsigned long)map; @@ -19343,39 +19367,6 @@ static int resolve_pseudo_ldimm64(struct bpf_verifier_env *env) insn[0].imm = (u32)addr; insn[1].imm = addr >> 32; - /* proceed with extra checks only if its newly added used map */ - if (reused) - goto next_insn; - - if (bpf_map_is_cgroup_storage(map) && - bpf_cgroup_storage_assign(env->prog->aux, map)) { - verbose(env, "only one cgroup storage of each type is allowed\n"); - return -EBUSY; - } - if (map->map_type == BPF_MAP_TYPE_ARENA) { - if (env->prog->aux->arena) { - verbose(env, "Only one arena per program\n"); - return -EBUSY; - } - if (!env->allow_ptr_leaks || !env->bpf_capable) { - verbose(env, "CAP_BPF and CAP_PERFMON are required to use arena\n"); - return -EPERM; - } - if (!env->prog->jit_requested) { - verbose(env, "JIT is required to use arena\n"); - return -EOPNOTSUPP; - } - if (!bpf_jit_supports_arena()) { - verbose(env, "JIT doesn't support arena\n"); - return -EOPNOTSUPP; - } - env->prog->aux->arena = (void *)map; - if (!bpf_arena_get_user_vm_start(env->prog->aux->arena)) { - verbose(env, "arena's user address must be set via map_extra or mmap()\n"); - return -EINVAL; - } - } - next_insn: insn++; i++; From patchwork Fri Nov 15 00:46:05 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Protopopov X-Patchwork-Id: 13875796 X-Patchwork-Delegate: bpf@iogearbox.net Received: from mail-wm1-f46.google.com (mail-wm1-f46.google.com [209.85.128.46]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 8420238396 for ; Fri, 15 Nov 2024 00:43:21 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.46 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731631403; cv=none; b=ecVrKOlTq0LOc0EQ6O2puCk8JYlPLHo89xpuz2dGC+mnJbrpmhK66g8EYOM38pE/vKiNUQzQ3kVNqDfWuWGFm74etdM9pTFC7m1df7UqPB0QFmqhocx52/7wJMFpV3l+riuctFBmTKYAi6/wpy/WAUcSLO3BQ/N+0yerYNRrUUs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731631403; c=relaxed/simple; bh=+6OLw5K8Bf4GKSjye7JUIAL1lRH7cPsOfdmllJEcBCk=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=eRhlVXuZIiL/KVJSgm7jtKrVJAONw0ZMU+tQRdn+Txm3tvwIUc2q+Cxf4HOuY/jVGnYCRAguhIHxCngKyKEAoLuO1hJ+4I2OpFs6GC/bYrYbUrK5emN4FxyvF3S6N6oOItz7x8AGAddlmeIF8inP0JZiaC9sl4JpkeJeFu/cfog= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=isovalent.com; spf=pass smtp.mailfrom=isovalent.com; dkim=pass (2048-bit key) header.d=isovalent.com header.i=@isovalent.com header.b=NWU2du67; arc=none smtp.client-ip=209.85.128.46 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=isovalent.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=isovalent.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=isovalent.com header.i=@isovalent.com header.b="NWU2du67" Received: by mail-wm1-f46.google.com with SMTP id 5b1f17b1804b1-4315f24a6bbso10042835e9.1 for ; Thu, 14 Nov 2024 16:43:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=isovalent.com; s=google; t=1731631399; x=1732236199; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=/X54+OTdQi66H+SUwmv0s93eKKGcMlzhNPqaaV/aQnM=; b=NWU2du67z9OecTYd4b/wKSQ+l6Ll+XuI5H7qCLJwtLwaOp7GcRGXgvWXToU5Kminb7 mxDS+XDjhB408WYR67OW7cr1F28txXc7vQ3SI2/Z9o3Y5QUSfyRDvv4glRCCC2l8qZ0c ac6RiB0vBOEu124la7WpI5Vh1Lh4saw0UahWDS24wae6qRAJ4NadXOHhnhvCi3UR5sAH gGlOB7AHD1TApelL2wWpQEF243maXqG/ItfMi3EqfY1/UkE6JKdfzhL24qjL7nU83k/j AYMQ69WrVPk1FOU30UxrvGEXFWRkukhnkYonKpVanITJw0AY/5voLeFWjpqaRPDbGwhi 9iGw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1731631399; x=1732236199; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=/X54+OTdQi66H+SUwmv0s93eKKGcMlzhNPqaaV/aQnM=; b=t1oRaA8XmmMeFLvP94Bqia3MU8ebeezgoFHervym0EzvX8/21CLQ/NfP36Oo8Kpso5 tvTZo8OsdALzZR/JuXasZ9pR7qQ8rmPgPLxMl/swPJQt1izjy5/pF93nl0/d8bwC55aJ 2xa75ZB3AfK+OHruQWzsDsj6Nc0qM/nT1hPhmj8QduOuMSO2ENIJneUTBNj7qDnpB0wR ZveQls2j+tIaOqtK1kxf+NtSdU3VocmL5pNh0msdKSHqfHCu9UfEhCTRvMlNKAElJ0WD FC/uJbK3M7GqvB1MIfBuvIxRVONeTTVk2pOF8dN+SMgzUDwpAs50ePO/p8dnogn3i+66 FLvA== X-Gm-Message-State: AOJu0Yw2RIeb+uFuaJKqQEjiQZqgCytA8FYnUX15uZIPUOUOwfNTJlkb esl8t3GU8n67U9G9yfN4zdMokfUHGShamgfg573l5sG/CHQxYnxFLyh1GR4ygM7d6x0OGsDCehk hY28= X-Google-Smtp-Source: AGHT+IExa6JFHRZ5J5S+xZrzQfDhVy4bNu9HeVkUJLIpgMMvmyRroVB31C9Qyeu45y1MAThlxsruLw== X-Received: by 2002:a05:600c:34d0:b0:42f:823d:dde9 with SMTP id 5b1f17b1804b1-432df77c758mr4327965e9.21.1731631399554; Thu, 14 Nov 2024 16:43:19 -0800 (PST) Received: from localhost.localdomain ([2a04:ee41:4:b2de:1ac0:4dff:fe0f:3782]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-432dab78783sm36781975e9.12.2024.11.14.16.43.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 14 Nov 2024 16:43:18 -0800 (PST) From: Anton Protopopov To: bpf@vger.kernel.org Cc: Anton Protopopov Subject: [PATCH bpf-next 3/5] bpf: add fd_array_cnt attribute for prog_load Date: Fri, 15 Nov 2024 00:46:05 +0000 Message-Id: <20241115004607.3144806-4-aspsk@isovalent.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20241115004607.3144806-1-aspsk@isovalent.com> References: <20241115004607.3144806-1-aspsk@isovalent.com> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: bpf@iogearbox.net The fd_array attribute of the BPF_PROG_LOAD syscall may contain a set of file descriptors: maps or btfs. This field was introduced as a sparse array. Introduce a new attribute, fd_array_cnt, which, if present, indicates that the fd_array is a continuous array of the corresponding length. If fd_array_cnt is non-zero, then every map in the fd_array will be bound to the program, as if it was used by the program. This functionality is similar to the BPF_PROG_BIND_MAP syscall, but such maps can be used by the verifier during the program load. Signed-off-by: Anton Protopopov --- include/uapi/linux/bpf.h | 10 +++ kernel/bpf/syscall.c | 2 +- kernel/bpf/verifier.c | 107 ++++++++++++++++++++++++++++----- tools/include/uapi/linux/bpf.h | 10 +++ 4 files changed, 114 insertions(+), 15 deletions(-) diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h index 4162afc6b5d0..2acf9b336371 100644 --- a/include/uapi/linux/bpf.h +++ b/include/uapi/linux/bpf.h @@ -1573,6 +1573,16 @@ union bpf_attr { * If provided, prog_flags should have BPF_F_TOKEN_FD flag set. */ __s32 prog_token_fd; + /* The fd_array_cnt can be used to pass the length of the + * fd_array array. In this case all the [map] file descriptors + * passed in this array will be bound to the program, even if + * the maps are not referenced directly. The functionality is + * similar to the BPF_PROG_BIND_MAP syscall, but maps can be + * used by the verifier during the program load. If provided, + * then the fd_array[0,...,fd_array_cnt-1] is expected to be + * continuous. + */ + __u32 fd_array_cnt; }; struct { /* anonymous struct used by BPF_OBJ_* commands */ diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c index 58190ca724a2..7e3fbc23c742 100644 --- a/kernel/bpf/syscall.c +++ b/kernel/bpf/syscall.c @@ -2729,7 +2729,7 @@ static bool is_perfmon_prog_type(enum bpf_prog_type prog_type) } /* last field in 'union bpf_attr' used by this command */ -#define BPF_PROG_LOAD_LAST_FIELD prog_token_fd +#define BPF_PROG_LOAD_LAST_FIELD fd_array_cnt static int bpf_prog_load(union bpf_attr *attr, bpfptr_t uattr, u32 uattr_size) { diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c index 45c11d9cee60..2e262f6516b3 100644 --- a/kernel/bpf/verifier.c +++ b/kernel/bpf/verifier.c @@ -19192,22 +19192,10 @@ static int check_map_prog_compatibility(struct bpf_verifier_env *env, return 0; } -/* Add map behind fd to used maps list, if it's not already there, and return - * its index. - * Returns <0 on error, or >= 0 index, on success. - */ -static int add_used_map_from_fd(struct bpf_verifier_env *env, int fd) +static int add_used_map(struct bpf_verifier_env *env, struct bpf_map *map) { - CLASS(fd, f)(fd); - struct bpf_map *map; int i, err; - map = __bpf_map_get(f); - if (IS_ERR(map)) { - verbose(env, "fd %d is not pointing to valid bpf_map\n", fd); - return PTR_ERR(map); - } - /* check whether we recorded this map already */ for (i = 0; i < env->used_map_cnt; i++) if (env->used_maps[i] == map) @@ -19238,6 +19226,24 @@ static int add_used_map_from_fd(struct bpf_verifier_env *env, int fd) return env->used_map_cnt - 1; } +/* Add map behind fd to used maps list, if it's not already there, and return + * its index. + * Returns <0 on error, or >= 0 index, on success. + */ +static int add_used_map_from_fd(struct bpf_verifier_env *env, int fd) +{ + struct bpf_map *map; + CLASS(fd, f)(fd); + + map = __bpf_map_get(f); + if (IS_ERR(map)) { + verbose(env, "fd %d is not pointing to valid bpf_map\n", fd); + return PTR_ERR(map); + } + + return add_used_map(env, map); +} + /* find and rewrite pseudo imm in ld_imm64 instructions: * * 1. if it accesses map FD, replace it with actual map pointer. @@ -22537,6 +22543,76 @@ struct btf *bpf_get_btf_vmlinux(void) return btf_vmlinux; } +/* + * The add_fd_from_fd_array() is executed only if fd_array_cnt is given. In + * this case expect that every file descriptor in the array is either a map or + * a BTF, or a hole (0). Everything else is considered to be trash. + */ +static int add_fd_from_fd_array(struct bpf_verifier_env *env, int fd) +{ + struct bpf_map *map; + CLASS(fd, f)(fd); + int ret; + + map = __bpf_map_get(f); + if (IS_ERR(map)) { + if (!IS_ERR(__btf_get_by_fd(f))) + return 0; + + /* allow holes */ + if (!fd) + return 0; + + verbose(env, "fd %d is not pointing to valid bpf_map or btf\n", fd); + return PTR_ERR(map); + } + + ret = add_used_map(env, map); + if (ret < 0) + return ret; + return 0; +} + +static int env_init_fd_array(struct bpf_verifier_env *env, union bpf_attr *attr, bpfptr_t uattr) +{ + int size = sizeof(int) * attr->fd_array_cnt; + int *copy; + int ret; + int i; + + if (attr->fd_array_cnt >= MAX_USED_MAPS) + return -E2BIG; + + env->fd_array = make_bpfptr(attr->fd_array, uattr.is_kernel); + + /* + * The only difference between old (no fd_array_cnt is given) and new + * APIs is that in the latter case the fd_array is expected to be + * continuous and is scanned for map fds right away + */ + if (!size) + return 0; + + copy = kzalloc(size, GFP_KERNEL); + if (!copy) + return -ENOMEM; + + if (copy_from_bpfptr_offset(copy, env->fd_array, 0, size)) { + ret = -EFAULT; + goto free_copy; + } + + for (i = 0; i < attr->fd_array_cnt; i++) { + ret = add_fd_from_fd_array(env, copy[i]); + if (ret) + goto free_copy; + } + +free_copy: + kfree(copy); + return ret; +} + int bpf_check(struct bpf_prog **prog, union bpf_attr *attr, bpfptr_t uattr, __u32 uattr_size) { u64 start_time = ktime_get_ns(); @@ -22568,7 +22644,9 @@ int bpf_check(struct bpf_prog **prog, union bpf_attr *attr, bpfptr_t uattr, __u3 env->insn_aux_data[i].orig_idx = i; env->prog = *prog; env->ops = bpf_verifier_ops[env->prog->type]; - env->fd_array = make_bpfptr(attr->fd_array, uattr.is_kernel); + ret = env_init_fd_array(env, attr, uattr); + if (ret) + goto err_free_aux_data; env->allow_ptr_leaks = bpf_allow_ptr_leaks(env->prog->aux->token); env->allow_uninit_stack = bpf_allow_uninit_stack(env->prog->aux->token); @@ -22786,6 +22864,7 @@ int bpf_check(struct bpf_prog **prog, union bpf_attr *attr, bpfptr_t uattr, __u3 err_unlock: if (!is_priv) mutex_unlock(&bpf_verifier_lock); +err_free_aux_data: vfree(env->insn_aux_data); err_free_env: kvfree(env); diff --git a/tools/include/uapi/linux/bpf.h b/tools/include/uapi/linux/bpf.h index 4162afc6b5d0..2acf9b336371 100644 --- a/tools/include/uapi/linux/bpf.h +++ b/tools/include/uapi/linux/bpf.h @@ -1573,6 +1573,16 @@ union bpf_attr { * If provided, prog_flags should have BPF_F_TOKEN_FD flag set. */ __s32 prog_token_fd; + /* The fd_array_cnt can be used to pass the length of the + * fd_array array. In this case all the [map] file descriptors + * passed in this array will be bound to the program, even if + * the maps are not referenced directly. The functionality is + * similar to the BPF_PROG_BIND_MAP syscall, but maps can be + * used by the verifier during the program load. If provided, + * then the fd_array[0,...,fd_array_cnt-1] is expected to be + * continuous. + */ + __u32 fd_array_cnt; }; struct { /* anonymous struct used by BPF_OBJ_* commands */ From patchwork Fri Nov 15 00:46:06 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Protopopov X-Patchwork-Id: 13875797 X-Patchwork-Delegate: bpf@iogearbox.net Received: from mail-wm1-f49.google.com (mail-wm1-f49.google.com [209.85.128.49]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 2929C44C8F for ; Fri, 15 Nov 2024 00:43:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.49 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731631405; cv=none; b=t6Iq1lPUk/AU4VUBubcUFd5Zg2UETfP8QAyvEPz8u6k8d6YNV2+Dwy/hWWt5dU1/aZH1wSDpKJrmzcy8NHZQRF8UxgGPoe9MXr3jV7R7tYeacvdiyqV3lYpqwPwYLBTxtJ1Ocwp61uv8bhR4O2I5kZt/SLowYb4FzIJCjMyTiBg= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731631405; c=relaxed/simple; bh=lU+iuvKnm7+OjeVWEy6UnpIGC0sX/rGqXsBj9rvrF+U=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=ZOZBkqOxcjfK6IdSYhitpzkfAOCrIIuz0r/g3EF3sqCcCPOLDw1V1kWHk0qX9V01zkYuuHmVZvE12PDeS4KcEdTF9nMpE+j3Wq3bgRYxcfL6Kzp3Sko2Mb99HguEZI4owHjAA1LqmkQvZDg0VGlFx4bbCWTjqnyILpJ/WxpekIo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=isovalent.com; spf=pass smtp.mailfrom=isovalent.com; dkim=pass (2048-bit key) header.d=isovalent.com header.i=@isovalent.com header.b=b8eEk/Te; arc=none smtp.client-ip=209.85.128.49 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=isovalent.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=isovalent.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=isovalent.com header.i=@isovalent.com header.b="b8eEk/Te" Received: by mail-wm1-f49.google.com with SMTP id 5b1f17b1804b1-43168d9c6c9so10573105e9.3 for ; Thu, 14 Nov 2024 16:43:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=isovalent.com; s=google; t=1731631400; x=1732236200; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=13+7zj8nUGoxZxrNueuSdC9gY3OOPGsTGPkfDm8gcV8=; b=b8eEk/TeJoTr+zZGHeGmckrUoRLFCO0T11QnqQREXRaofGdesaYv57PG/rxXuGXIDF XYUViZ2hC/JKQpy3Y++RP5b63HUgSakjAxsTo17GF8PBxTZZQb9SeOlvJnT18qO4WdNR lNGhcu9stQwqsmBz9gOdhPtiRonREOW1Pwn5R8gNPOkB/wHln5ZohKvxn7f8Lg7wLL0j W5ewE1VAN5K8uWZz6AFKYM7m9nnfOtuKKkuNjjsSc6HOY5dF5CMFDONdmtu/IQkPxBQ2 pTDPofFHxWusH1q+U86GF+wVYwElWcEAKIYWrACLdGNLlXdZK8vJNI56dgdjhc/SPw+2 cyqQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1731631400; x=1732236200; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=13+7zj8nUGoxZxrNueuSdC9gY3OOPGsTGPkfDm8gcV8=; b=GGDxpefyDUPFHRQZGQWNxrEt1qlr1ejx+gtcW3+t/Ai2Icdw6Ssq5N8GAr92KC5qDp /vroHKDQXALlhU7XFczyUlIvY1xIjpqG2xDumdNhpiSbBnAY0idzPUO9UWkRVy0n8BfJ HcjQzQhIaL+8oEH0fqinA2B7iCk3iRD9dtPs87BlGNCb5CHC0A6OY7XCcM1Y0+tgzKtm rkPL6kgRqnFtLYnvTxxtcWb2D6uYAdQ79egluRMvyThmpb/VjQjEmHEjQYsLCxSVuNVJ AsvN3Ccam5h5SykjwOmH9UDMpQZEizbMqLMD3gt2cH9iF68AzCmYawEK8M8zHkoxNcVI Gbiw== X-Gm-Message-State: AOJu0Yz8CRPV3qYDZwV+hMDuB4EZoosor0WX2x6P0BgAgV+EZLcxWZdu hxB8wgpFV1gSe5WNPz3/Kw5+SN7FmCkg4iQ58Kng5jwb2pjafsRv1/yIXGAmyTDAFFsonP3bsCA 03Dw= X-Google-Smtp-Source: AGHT+IEKo72UmCu6zSE409BkSeQyNVgP2EVG4cU/bR8feGve8/VZFFQwyYIJNwdy2QPZxk8ps++AsQ== X-Received: by 2002:a05:600c:3ca3:b0:42c:de34:34be with SMTP id 5b1f17b1804b1-432df72127fmr5552895e9.3.1731631400448; Thu, 14 Nov 2024 16:43:20 -0800 (PST) Received: from localhost.localdomain ([2a04:ee41:4:b2de:1ac0:4dff:fe0f:3782]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-432dab78783sm36781975e9.12.2024.11.14.16.43.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 14 Nov 2024 16:43:19 -0800 (PST) From: Anton Protopopov To: bpf@vger.kernel.org Cc: Anton Protopopov Subject: [PATCH bpf-next 4/5] selftests/bpf: Add tests for fd_array_cnt Date: Fri, 15 Nov 2024 00:46:06 +0000 Message-Id: <20241115004607.3144806-5-aspsk@isovalent.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20241115004607.3144806-1-aspsk@isovalent.com> References: <20241115004607.3144806-1-aspsk@isovalent.com> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: bpf@iogearbox.net Add a new set of tests to test the new field in PROG_LOAD-related part of bpf_attr: fd_array_cnt. Add the following test cases: * fd_array_cnt/no-fd-array: program is loaded in a normal way, without any fd_array present * fd_array_cnt/fd-array-ok: pass two extra non-used maps, check that they're bound to the program * fd_array_cnt/fd-array-dup-input: pass a few extra maps, only two of which are unique * fd_array_cnt/fd-array-ref-maps-in-array: pass a map in fd_array which is also referenced from within the program * fd_array_cnt/fd-array-trash-input: pass array with some trash * fd_array_cnt/fd-array-with-holes: pass an array with holes (fd=0) * fd_array_cnt/fd-array-2big: pass too large array All the tests above are using the bpf(2) syscall directly, no libbpf involved. Signed-off-by: Anton Protopopov --- .../selftests/bpf/prog_tests/fd_array.c | 374 ++++++++++++++++++ 1 file changed, 374 insertions(+) create mode 100644 tools/testing/selftests/bpf/prog_tests/fd_array.c diff --git a/tools/testing/selftests/bpf/prog_tests/fd_array.c b/tools/testing/selftests/bpf/prog_tests/fd_array.c new file mode 100644 index 000000000000..8b091b428e31 --- /dev/null +++ b/tools/testing/selftests/bpf/prog_tests/fd_array.c @@ -0,0 +1,374 @@ +// SPDX-License-Identifier: GPL-2.0 + +#include + +#include +#include +#include + +static inline int _bpf_map_create(void) +{ + static union bpf_attr attr = { + .map_type = BPF_MAP_TYPE_ARRAY, + .key_size = 4, + .value_size = 8, + .max_entries = 1, + }; + + return syscall(__NR_bpf, BPF_MAP_CREATE, &attr, sizeof(attr)); +} + +#define BTF_INFO_ENC(kind, kind_flag, vlen) \ + ((!!(kind_flag) << 31) | ((kind) << 24) | ((vlen) & BTF_MAX_VLEN)) +#define BTF_TYPE_ENC(name, info, size_or_type) (name), (info), (size_or_type) +#define BTF_INT_ENC(encoding, bits_offset, nr_bits) \ + ((encoding) << 24 | (bits_offset) << 16 | (nr_bits)) +#define BTF_TYPE_INT_ENC(name, encoding, bits_offset, bits, sz) \ + BTF_TYPE_ENC(name, BTF_INFO_ENC(BTF_KIND_INT, 0, 0), sz), \ + BTF_INT_ENC(encoding, bits_offset, bits) + +static int _btf_create(void) +{ + struct btf_blob { + struct btf_header btf_hdr; + __u32 types[8]; + __u32 str; + } raw_btf = { + .btf_hdr = { + .magic = BTF_MAGIC, + .version = BTF_VERSION, + .hdr_len = sizeof(struct btf_header), + .type_len = sizeof(__u32) * 8, + .str_off = sizeof(__u32) * 8, + .str_len = sizeof(__u32), + }, + .types = { + /* long */ + BTF_TYPE_INT_ENC(0, BTF_INT_SIGNED, 0, 64, 8), /* [1] */ + /* unsigned long */ + BTF_TYPE_INT_ENC(0, 0, 0, 64, 8), /* [2] */ + }, + }; + static union bpf_attr attr = { + .btf_size = sizeof(raw_btf), + }; + + attr.btf = (long)&raw_btf; + + return syscall(__NR_bpf, BPF_BTF_LOAD, &attr, sizeof(attr)); +} + +static bool map_exists(__u32 id) +{ + int fd; + + fd = bpf_map_get_fd_by_id(id); + if (fd >= 0) { + close(fd); + return true; + } + return false; +} + +static inline int bpf_prog_get_map_ids(int prog_fd, __u32 *nr_map_ids, __u32 *map_ids) +{ + __u32 len = sizeof(struct bpf_prog_info); + struct bpf_prog_info info = { + .nr_map_ids = *nr_map_ids, + .map_ids = ptr_to_u64(map_ids), + }; + int err; + + err = bpf_prog_get_info_by_fd(prog_fd, &info, &len); + if (!ASSERT_OK(err, "bpf_prog_get_info_by_fd")) + return -1; + + *nr_map_ids = info.nr_map_ids; + + return 0; +} + +static int __load_test_prog(int map_fd, int *fd_array, int fd_array_cnt) +{ + /* A trivial program which uses one map */ + struct bpf_insn insns[] = { + BPF_LD_MAP_FD(BPF_REG_1, map_fd), + BPF_ST_MEM(BPF_DW, BPF_REG_10, -8, 0), + BPF_MOV64_REG(BPF_REG_2, BPF_REG_10), + BPF_ALU64_IMM(BPF_ADD, BPF_REG_2, -8), + BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_map_lookup_elem), + BPF_MOV64_IMM(BPF_REG_0, 0), + BPF_EXIT_INSN(), + }; + union bpf_attr attr = { + .prog_type = BPF_PROG_TYPE_XDP, /* we don't care */ + .insns = ptr_to_u64(insns), + .insn_cnt = ARRAY_SIZE(insns), + .license = ptr_to_u64("GPL"), + .fd_array = ptr_to_u64(fd_array), + .fd_array_cnt = fd_array_cnt, + }; + + return syscall(__NR_bpf, BPF_PROG_LOAD, &attr, sizeof(attr)); +} + +static int load_test_prog(int *fd_array, int fd_array_cnt) +{ + int map_fd; + int ret; + + map_fd = _bpf_map_create(); + if (!ASSERT_GE(map_fd, 0, "_bpf_map_create")) + return map_fd; + + ret = __load_test_prog(map_fd, fd_array, fd_array_cnt); + close(map_fd); + + /* switch back to returning the actual value */ + if (ret < 0) + return -errno; + return ret; +} + +static bool check_expected_map_ids(int prog_fd, int expected, __u32 *map_ids, __u32 *nr_map_ids) +{ + int err; + + err = bpf_prog_get_map_ids(prog_fd, nr_map_ids, map_ids); + if (!ASSERT_OK(err, "bpf_prog_get_map_ids")) + return false; + if (!ASSERT_EQ(*nr_map_ids, expected, "unexpected nr_map_ids")) + return false; + + return true; +} + +/* + * Load a program, which uses one map. No fd_array maps are present. + * On return only one map is expected to be bound to prog. + */ +static void check_fd_array_cnt__no_fd_array(void) +{ + __u32 map_ids[16]; + __u32 nr_map_ids; + int prog_fd; + + prog_fd = load_test_prog(NULL, 0); + if (!ASSERT_GE(prog_fd, 0, "BPF_PROG_LOAD")) + return; + nr_map_ids = ARRAY_SIZE(map_ids); + check_expected_map_ids(prog_fd, 1, map_ids, &nr_map_ids); + close(prog_fd); +} + +/* + * Load a program, which uses one map, and pass two extra, non-equal, maps in + * fd_array with fd_array_cnt=2. On return three maps are expected to be bound + * to the program. + */ +static void check_fd_array_cnt__fd_array_ok(void) +{ + int extra_fds[128]; + __u32 map_ids[16]; + __u32 nr_map_ids; + int prog_fd; + + extra_fds[0] = _bpf_map_create(); + if (!ASSERT_GE(extra_fds[0], 0, "_bpf_map_create")) + return; + extra_fds[1] = _bpf_map_create(); + if (!ASSERT_GE(extra_fds[1], 0, "_bpf_map_create")) + return; + prog_fd = load_test_prog(extra_fds, 2); + if (!ASSERT_GE(prog_fd, 0, "BPF_PROG_LOAD")) + return; + nr_map_ids = ARRAY_SIZE(map_ids); + if (!check_expected_map_ids(prog_fd, 3, map_ids, &nr_map_ids)) + return; + + /* maps should still exist when original file descriptors are closed */ + close(extra_fds[0]); + close(extra_fds[1]); + if (!ASSERT_EQ(map_exists(map_ids[0]), true, "map_ids[0] should exist")) + return; + if (!ASSERT_EQ(map_exists(map_ids[1]), true, "map_ids[1] should exist")) + return; + + close(prog_fd); +} + +/* + * Load a program with a few extra maps duplicated in the fd_array. + * After the load maps should only be referenced once. + */ +static void check_fd_array_cnt__duplicated_maps(void) +{ + int extra_fds[128]; + __u32 map_ids[16]; + __u32 nr_map_ids; + int prog_fd; + + extra_fds[0] = extra_fds[2] = _bpf_map_create(); + if (!ASSERT_GE(extra_fds[0], 0, "_bpf_map_create")) + return; + extra_fds[1] = extra_fds[3] = _bpf_map_create(); + if (!ASSERT_GE(extra_fds[1], 0, "_bpf_map_create")) + return; + prog_fd = load_test_prog(extra_fds, 4); + if (!ASSERT_GE(prog_fd, 0, "BPF_PROG_LOAD")) + return; + nr_map_ids = ARRAY_SIZE(map_ids); + if (!check_expected_map_ids(prog_fd, 3, map_ids, &nr_map_ids)) + return; + + /* maps should still exist when original file descriptors are closed */ + close(extra_fds[0]); + close(extra_fds[1]); + if (!ASSERT_EQ(map_exists(map_ids[0]), true, "map should exist")) + return; + if (!ASSERT_EQ(map_exists(map_ids[1]), true, "map should exist")) + return; + + close(prog_fd); +} + +/* + * Check that if maps which are referenced by a program are + * passed in fd_array, then they will be referenced only once + */ +static void check_fd_array_cnt__referenced_maps_in_fd_array(void) +{ + int extra_fds[128]; + __u32 map_ids[16]; + __u32 nr_map_ids; + int prog_fd; + + extra_fds[0] = _bpf_map_create(); + if (!ASSERT_GE(extra_fds[0], 0, "_bpf_map_create")) + return; + prog_fd = __load_test_prog(extra_fds[0], extra_fds, 1); + if (!ASSERT_GE(prog_fd, 0, "BPF_PROG_LOAD")) + return; + nr_map_ids = ARRAY_SIZE(map_ids); + if (!check_expected_map_ids(prog_fd, 1, map_ids, &nr_map_ids)) + return; + + /* map should still exist when original file descriptor is closed */ + close(extra_fds[0]); + if (!ASSERT_EQ(map_exists(map_ids[0]), true, "map should exist")) + return; + + /* map should disappear when the program is closed */ + close(prog_fd); +} + +/* + * Test that a program with trash in fd_array can't be loaded: + * only map and BTF file descriptors should be accepted. + */ +static void check_fd_array_cnt__fd_array_with_trash(void) +{ + int extra_fds[128]; + int prog_fd; + + extra_fds[0] = _bpf_map_create(); + if (!ASSERT_GE(extra_fds[0], 0, "_bpf_map_create")) + return; + extra_fds[1] = _btf_create(); + if (!ASSERT_GE(extra_fds[1], 0, "_btf_create")) + return; + + /* trash 1: not a file descriptor */ + extra_fds[2] = 0xbeef; + prog_fd = load_test_prog(extra_fds, 3); + if (!ASSERT_EQ(prog_fd, -EBADF, "prog should have been rejected with -EBADF")) + return; + + /* trash 2: not a map or btf */ + extra_fds[2] = socket(AF_INET, SOCK_STREAM, 0); + if (!ASSERT_GE(extra_fds[2], 0, "socket")) + return; + + prog_fd = load_test_prog(extra_fds, 3); + if (!ASSERT_EQ(prog_fd, -EINVAL, "prog should have been rejected with -EINVAL")) + return; + + close(extra_fds[2]); + close(extra_fds[1]); + close(extra_fds[0]); +} + +/* + * Test that a program with zeroes (= holes) in fd_array can be loaded: + * only map and BTF file descriptors should be accepted. + */ +static void check_fd_array_cnt__fd_array_with_holes(void) +{ + int extra_fds[128]; + int prog_fd; + + extra_fds[0] = _bpf_map_create(); + if (!ASSERT_GE(extra_fds[0], 0, "_bpf_map_create")) + return; + /* punch a hole*/ + extra_fds[1] = 0; + extra_fds[2] = _btf_create(); + if (!ASSERT_GE(extra_fds[1], 0, "_btf_create")) + return; + /* punch a hole*/ + extra_fds[3] = 0; + + prog_fd = load_test_prog(extra_fds, 4); + ASSERT_GE(prog_fd, 0, "prog with holes should have been loaded"); + + close(extra_fds[2]); + close(extra_fds[0]); +} + + +/* + * Test that a program with too big fd_array can't be loaded. + */ +static void check_fd_array_cnt__fd_array_too_big(void) +{ + int extra_fds[128]; + int prog_fd; + int i; + + for (i = 0; i < 65; i++) { + extra_fds[i] = _bpf_map_create(); + if (!ASSERT_GE(extra_fds[i], 0, "_bpf_map_create")) + goto cleanup_fds; + } + + prog_fd = load_test_prog(extra_fds, 65); + ASSERT_EQ(prog_fd, -E2BIG, "prog should have been rejected with -E2BIG"); + +cleanup_fds: + while (i > 0) + close(extra_fds[--i]); +} + +void test_fd_array_cnt(void) +{ + if (test__start_subtest("no-fd-array")) + check_fd_array_cnt__no_fd_array(); + + if (test__start_subtest("fd-array-ok")) + check_fd_array_cnt__fd_array_ok(); + + if (test__start_subtest("fd-array-dup-input")) + check_fd_array_cnt__duplicated_maps(); + + if (test__start_subtest("fd-array-ref-maps-in-array")) + check_fd_array_cnt__referenced_maps_in_fd_array(); + + if (test__start_subtest("fd-array-trash-input")) + check_fd_array_cnt__fd_array_with_trash(); + + if (test__start_subtest("fd-array-with-holes")) + check_fd_array_cnt__fd_array_with_holes(); + + if (test__start_subtest("fd-array-2big")) + check_fd_array_cnt__fd_array_too_big(); +} From patchwork Fri Nov 15 00:46:07 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anton Protopopov X-Patchwork-Id: 13875798 X-Patchwork-Delegate: bpf@iogearbox.net Received: from mail-wr1-f48.google.com (mail-wr1-f48.google.com [209.85.221.48]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 1862A4F8A0 for ; Fri, 15 Nov 2024 00:43:23 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.221.48 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731631405; cv=none; b=BuZjW+wlY3U93gZ5WHo/89c+tuhU06N8Ze3UTQXt1sUZnG/1mpA6Q/t6UKHwvMZKq6FXPHdQE+CzsfNrpEWpd/M7XWgX3/E7Iic23Io1LdvnKHQiZ+uAJMw6Lq1E5qvp32oFUooa5WeAf4viuYzpvr/HQUKo53uYzyV0MYZWfWw= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1731631405; c=relaxed/simple; bh=+leBIfGTx3qYqG0qr3EMc/+ailKE10I/dQRiyX0z0CA=; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References: MIME-Version; b=TLN1bUD3DFLwtS9hRGdl/4g7yzYctfWEEm9ZBJnddaMruTBxwLVfiosPsR202CE4baPZIy426lutMNBxq1auQyn3/fN8i2oSfk0xzxNZcOOc8Xog4Jul1VKdTQTRrcPrNMJtFhQ0WeewUJyakoM/VJJCRxcLnZqRo9ElOrJexyw= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=isovalent.com; spf=pass smtp.mailfrom=isovalent.com; dkim=pass (2048-bit key) header.d=isovalent.com header.i=@isovalent.com header.b=DPfL32rr; arc=none smtp.client-ip=209.85.221.48 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=isovalent.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=isovalent.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=isovalent.com header.i=@isovalent.com header.b="DPfL32rr" Received: by mail-wr1-f48.google.com with SMTP id ffacd0b85a97d-37d63a79bb6so120611f8f.0 for ; Thu, 14 Nov 2024 16:43:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=isovalent.com; s=google; t=1731631402; x=1732236202; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=G329gGS4RBx9EPCJNPCJhs4+g77tte1wqZgFhLBI2LE=; b=DPfL32rr/EP+Oq/VdWeQWRNkmZDeiM8eV7sw2V1dGHtKUY8G4ozMgMtzbsAF/TSjsk qqAfS9KNuDPzWMupbcarr4Y73mw82IoboldufakFwIA0G7nOXddlKqRTs5xVXJ+WN0sE ejwi9bKdR4HrFrWVGuu+1wfFrnBq4KQpQUGwqZPmiWgaoe2uSTS0cj08HwCumV4FSHBS +eSjvxHR6xIfQDhnqFIKqYfM7c5nB9QSP0rGxULUDAXwtmTrvJQuyoExwL2vA1Ys7Sh6 8TDJz1w9IutXlpLDEAhMNK3gAmcqwCBCEvEE73Rn5fqjqLblFAfQ2ZyBZUF/nD8AZal4 BVqw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1731631402; x=1732236202; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=G329gGS4RBx9EPCJNPCJhs4+g77tte1wqZgFhLBI2LE=; b=w4tE3rA/mae18X7qLIUc/8vTbvkAJG1sJL9t3s5nBIJV03XHhnhFVSnJ2WlTiIr+M+ Pe2PWOaTQgioSQg+xYyoju0OLMopQzZVvYlk8sm8dCbPbTq1I4HcwfepCt/iwFd8iWfk ygGb7VqUYm43DZunaBTwFD6JJbbiRYQRW8Vx3DRvk4XuPpVxoaegTfwPSpnWsK0LyRmy oH16IXY0+ohRk79pguhDXHot1kcYy6xhWXimuOzHJuk1xLCirhH0VbhYq1nBMNi2Felp Yytg5uHsivKXKQnQdgcMRRiYgPd+PXGa+P/wVeUc9ZDz8lq4OAiFkxpN1uj6OjWcOsCZ BwoQ== X-Gm-Message-State: AOJu0YwTj22TSDC5KAwnGfRH55aSUPqkW1sOeqz/yeaLFpRMYhMQu5JU Re29K2m4bTkUpeKPdJlLoRC28y/+zxM0svF/1kMUoMKlxoZBMGIDRuKjqMukK9ag1vv+VaUEDFB fZgM= X-Google-Smtp-Source: AGHT+IGZ+NDCXZrcnuKyG16OR19KVrggceWJ991Sv5SI+7lDy3fsd0zjvB3Q3N1NXPo7pcVNoouKaw== X-Received: by 2002:a5d:6d01:0:b0:37d:4d80:34ae with SMTP id ffacd0b85a97d-38225901fe2mr451606f8f.4.1731631402211; Thu, 14 Nov 2024 16:43:22 -0800 (PST) Received: from localhost.localdomain ([2a04:ee41:4:b2de:1ac0:4dff:fe0f:3782]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-432dab78783sm36781975e9.12.2024.11.14.16.43.20 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 14 Nov 2024 16:43:20 -0800 (PST) From: Anton Protopopov To: bpf@vger.kernel.org Cc: Anton Protopopov , Jiri Olsa Subject: [PATCH bpf-next 5/5] bpf: fix potential error return Date: Fri, 15 Nov 2024 00:46:07 +0000 Message-Id: <20241115004607.3144806-6-aspsk@isovalent.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: <20241115004607.3144806-1-aspsk@isovalent.com> References: <20241115004607.3144806-1-aspsk@isovalent.com> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Patchwork-Delegate: bpf@iogearbox.net The bpf_remove_insns() function returns WARN_ON_ONCE(error), where error is a result of bpf_adj_branches(), and thus should be always 0 However, if for any reason it is not 0, then it will be converted to boolean by WARN_ON_ONCE and returned to user space as 1, not an actual error value. Fix this by returning the original err after the WARN check. Signed-off-by: Anton Protopopov Acked-by: Jiri Olsa --- kernel/bpf/core.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c index 14d9288441f2..a15059918768 100644 --- a/kernel/bpf/core.c +++ b/kernel/bpf/core.c @@ -539,6 +539,8 @@ struct bpf_prog *bpf_patch_insn_single(struct bpf_prog *prog, u32 off, int bpf_remove_insns(struct bpf_prog *prog, u32 off, u32 cnt) { + int err; + /* Branch offsets can't overflow when program is shrinking, no need * to call bpf_adj_branches(..., true) here */ @@ -546,7 +548,12 @@ int bpf_remove_insns(struct bpf_prog *prog, u32 off, u32 cnt) sizeof(struct bpf_insn) * (prog->len - off - cnt)); prog->len -= cnt; - return WARN_ON_ONCE(bpf_adj_branches(prog, off, off + cnt, off, false)); + err = bpf_adj_branches(prog, off, off + cnt, off, false); + WARN_ON_ONCE(err); + if (err) + return err; + + return 0; } static void bpf_prog_kallsyms_del_subprogs(struct bpf_prog *fp)