Commit 1b2fd38d authored by Daniel Borkmann's avatar Daniel Borkmann
Browse files

Merge branch 'bpf-dynamic-relinking' 



Alexei Starovoitov says:

====================
The last few month BPF community has been discussing an approach to call
chaining, since exiting bpt_tail_call() mechanism used in production XDP
programs has plenty of downsides. The outcome of these discussion was a
conclusion to implement dynamic re-linking of BPF programs. Where rootlet XDP
program attached to a netdevice can programmatically define a policy of
execution of other XDP programs. Such rootlet would be compiled as normal XDP
program and provide a number of placeholder global functions which later can be
replaced with future XDP programs. BPF trampoline, function by function
verification were building blocks towards that goal. The patch 1 is a final
building block. It introduces dynamic program extensions. A number of
improvements like more flexible function by function verification and better
libbpf api will be implemented in future patches.

v1->v2:
- addressed Andrii's comments
- rebase
====================

Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
parents 2a67a6cc 7805fe84

include/linux/bpf.h

+9 −1
Original line number Diff line number Diff line
@@ -465,7 +465,8 @@ void notrace __bpf_prog_exit(struct bpf_prog *prog, u64 start); 
enum bpf_tramp_prog_type {

	BPF_TRAMP_FENTRY,

	BPF_TRAMP_FEXIT,

	BPF_TRAMP_MAX

	BPF_TRAMP_MAX,

	BPF_TRAMP_REPLACE, /* more than MAX */

};



struct bpf_trampoline {
@@ -480,6 +481,11 @@ struct bpf_trampoline { 
		void *addr;

		bool ftrace_managed;

	} func;

	/* if !NULL this is BPF_PROG_TYPE_EXT program that extends another BPF

	 * program by replacing one of its functions. func.addr is the address

	 * of the function it replaced.

	 */

	struct bpf_prog *extension_prog;

	/* list of BPF programs using this trampoline */

	struct hlist_head progs_hlist[BPF_TRAMP_MAX];

	/* Number of attached programs. A counter per kind. */
@@ -1107,6 +1113,8 @@ int btf_check_func_arg_match(struct bpf_verifier_env *env, int subprog, 
			     struct bpf_reg_state *regs);

int btf_prepare_func_args(struct bpf_verifier_env *env, int subprog,

			  struct bpf_reg_state *reg);

int btf_check_type_match(struct bpf_verifier_env *env, struct bpf_prog *prog,

			 struct btf *btf, const struct btf_type *t);



struct bpf_prog *bpf_prog_by_id(u32 id);

include/linux/bpf_types.h

+2 −0
Original line number Diff line number Diff line
@@ -68,6 +68,8 @@ BPF_PROG_TYPE(BPF_PROG_TYPE_SK_REUSEPORT, sk_reuseport, 
#if defined(CONFIG_BPF_JIT)

BPF_PROG_TYPE(BPF_PROG_TYPE_STRUCT_OPS, bpf_struct_ops,

	      void *, void *)

BPF_PROG_TYPE(BPF_PROG_TYPE_EXT, bpf_extension,

	      void *, void *)

#endif



BPF_MAP_TYPE(BPF_MAP_TYPE_ARRAY, array_map_ops)

include/linux/btf.h

+5 −0
Original line number Diff line number Diff line
@@ -107,6 +107,11 @@ static inline u16 btf_type_vlen(const struct btf_type *t) 
	return BTF_INFO_VLEN(t->info);

}



static inline u16 btf_func_linkage(const struct btf_type *t)

{

	return BTF_INFO_VLEN(t->info);

}



static inline bool btf_type_kflag(const struct btf_type *t)

{

	return BTF_INFO_KFLAG(t->info);

include/uapi/linux/bpf.h

+1 −0
Original line number Diff line number Diff line
@@ -180,6 +180,7 @@ enum bpf_prog_type { 
	BPF_PROG_TYPE_CGROUP_SOCKOPT,

	BPF_PROG_TYPE_TRACING,

	BPF_PROG_TYPE_STRUCT_OPS,

	BPF_PROG_TYPE_EXT,

};



enum bpf_attach_type {

kernel/bpf/btf.c

+151 −1
Original line number Diff line number Diff line
@@ -276,6 +276,11 @@ static const char * const btf_kind_str[NR_BTF_KINDS] = { 
	[BTF_KIND_DATASEC]	= "DATASEC",

};



static const char *btf_type_str(const struct btf_type *t)

{

	return btf_kind_str[BTF_INFO_KIND(t->info)];

}



struct btf_kind_operations {

	s32 (*check_meta)(struct btf_verifier_env *env,

			  const struct btf_type *t,
@@ -4115,6 +4120,148 @@ int btf_distill_func_proto(struct bpf_verifier_log *log, 
	return 0;

}



/* Compare BTFs of two functions assuming only scalars and pointers to context.

 * t1 points to BTF_KIND_FUNC in btf1

 * t2 points to BTF_KIND_FUNC in btf2

 * Returns:

 * EINVAL - function prototype mismatch

 * EFAULT - verifier bug

 * 0 - 99% match. The last 1% is validated by the verifier.

 */

int btf_check_func_type_match(struct bpf_verifier_log *log,

			      struct btf *btf1, const struct btf_type *t1,

			      struct btf *btf2, const struct btf_type *t2)

{

	const struct btf_param *args1, *args2;

	const char *fn1, *fn2, *s1, *s2;

	u32 nargs1, nargs2, i;



	fn1 = btf_name_by_offset(btf1, t1->name_off);

	fn2 = btf_name_by_offset(btf2, t2->name_off);



	if (btf_func_linkage(t1) != BTF_FUNC_GLOBAL) {

		bpf_log(log, "%s() is not a global function\n", fn1);

		return -EINVAL;

	}

	if (btf_func_linkage(t2) != BTF_FUNC_GLOBAL) {

		bpf_log(log, "%s() is not a global function\n", fn2);

		return -EINVAL;

	}



	t1 = btf_type_by_id(btf1, t1->type);

	if (!t1 || !btf_type_is_func_proto(t1))

		return -EFAULT;

	t2 = btf_type_by_id(btf2, t2->type);

	if (!t2 || !btf_type_is_func_proto(t2))

		return -EFAULT;



	args1 = (const struct btf_param *)(t1 + 1);

	nargs1 = btf_type_vlen(t1);

	args2 = (const struct btf_param *)(t2 + 1);

	nargs2 = btf_type_vlen(t2);



	if (nargs1 != nargs2) {

		bpf_log(log, "%s() has %d args while %s() has %d args\n",

			fn1, nargs1, fn2, nargs2);

		return -EINVAL;

	}



	t1 = btf_type_skip_modifiers(btf1, t1->type, NULL);

	t2 = btf_type_skip_modifiers(btf2, t2->type, NULL);

	if (t1->info != t2->info) {

		bpf_log(log,

			"Return type %s of %s() doesn't match type %s of %s()\n",

			btf_type_str(t1), fn1,

			btf_type_str(t2), fn2);

		return -EINVAL;

	}



	for (i = 0; i < nargs1; i++) {

		t1 = btf_type_skip_modifiers(btf1, args1[i].type, NULL);

		t2 = btf_type_skip_modifiers(btf2, args2[i].type, NULL);



		if (t1->info != t2->info) {

			bpf_log(log, "arg%d in %s() is %s while %s() has %s\n",

				i, fn1, btf_type_str(t1),

				fn2, btf_type_str(t2));

			return -EINVAL;

		}

		if (btf_type_has_size(t1) && t1->size != t2->size) {

			bpf_log(log,

				"arg%d in %s() has size %d while %s() has %d\n",

				i, fn1, t1->size,

				fn2, t2->size);

			return -EINVAL;

		}



		/* global functions are validated with scalars and pointers

		 * to context only. And only global functions can be replaced.

		 * Hence type check only those types.

		 */

		if (btf_type_is_int(t1) || btf_type_is_enum(t1))

			continue;

		if (!btf_type_is_ptr(t1)) {

			bpf_log(log,

				"arg%d in %s() has unrecognized type\n",

				i, fn1);

			return -EINVAL;

		}

		t1 = btf_type_skip_modifiers(btf1, t1->type, NULL);

		t2 = btf_type_skip_modifiers(btf2, t2->type, NULL);

		if (!btf_type_is_struct(t1)) {

			bpf_log(log,

				"arg%d in %s() is not a pointer to context\n",

				i, fn1);

			return -EINVAL;

		}

		if (!btf_type_is_struct(t2)) {

			bpf_log(log,

				"arg%d in %s() is not a pointer to context\n",

				i, fn2);

			return -EINVAL;

		}

		/* This is an optional check to make program writing easier.

		 * Compare names of structs and report an error to the user.

		 * btf_prepare_func_args() already checked that t2 struct

		 * is a context type. btf_prepare_func_args() will check

		 * later that t1 struct is a context type as well.

		 */

		s1 = btf_name_by_offset(btf1, t1->name_off);

		s2 = btf_name_by_offset(btf2, t2->name_off);

		if (strcmp(s1, s2)) {

			bpf_log(log,

				"arg%d %s(struct %s *) doesn't match %s(struct %s *)\n",

				i, fn1, s1, fn2, s2);

			return -EINVAL;

		}

	}

	return 0;

}



/* Compare BTFs of given program with BTF of target program */

int btf_check_type_match(struct bpf_verifier_env *env, struct bpf_prog *prog,

			 struct btf *btf2, const struct btf_type *t2)

{

	struct btf *btf1 = prog->aux->btf;

	const struct btf_type *t1;

	u32 btf_id = 0;



	if (!prog->aux->func_info) {

		bpf_log(&env->log, "Program extension requires BTF\n");

		return -EINVAL;

	}



	btf_id = prog->aux->func_info[0].type_id;

	if (!btf_id)

		return -EFAULT;



	t1 = btf_type_by_id(btf1, btf_id);

	if (!t1 || !btf_type_is_func(t1))

		return -EFAULT;



	return btf_check_func_type_match(&env->log, btf1, t1, btf2, t2);

}



/* Compare BTF of a function with given bpf_reg_state.

 * Returns:

 * EFAULT - there is a verifier bug. Abort verification.
@@ -4224,6 +4371,7 @@ int btf_prepare_func_args(struct bpf_verifier_env *env, int subprog, 
{

	struct bpf_verifier_log *log = &env->log;

	struct bpf_prog *prog = env->prog;

	enum bpf_prog_type prog_type = prog->type;

	struct btf *btf = prog->aux->btf;

	const struct btf_param *args;

	const struct btf_type *t;
@@ -4261,6 +4409,8 @@ int btf_prepare_func_args(struct bpf_verifier_env *env, int subprog, 
		bpf_log(log, "Verifier bug in function %s()\n", tname);

		return -EFAULT;

	}

	if (prog_type == BPF_PROG_TYPE_EXT)

		prog_type = prog->aux->linked_prog->type;



	t = btf_type_by_id(btf, t->type);

	if (!t || !btf_type_is_func_proto(t)) {
@@ -4296,7 +4446,7 @@ int btf_prepare_func_args(struct bpf_verifier_env *env, int subprog, 
			continue;

		}

		if (btf_type_is_ptr(t) &&

		    btf_get_prog_ctx_type(log, btf, t, prog->type, i)) {

		    btf_get_prog_ctx_type(log, btf, t, prog_type, i)) {

			reg[i + 1].type = PTR_TO_CTX;

			continue;

		}

CRA Git | Maintained and supported by SUSTech CRA and CCSE