tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

bpf: Add support for BTF pointers to interpreter

Pointer to BTF object is a pointer to kernel object or NULL.
The memory access in the interpreter has to be done via probe_kernel_read
to avoid page faults.

Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Andrii Nakryiko <andriin@fb.com>
Acked-by: Martin KaFai Lau <kafai@fb.com>
Link: https://lore.kernel.org/bpf/20191016032505.2089704-9-ast@kernel.org

authored by

Alexei Starovoitov and committed by
Daniel Borkmann 2a02759e ac4414b5

+30
+3
include/linux/filter.h
··· 65 65 /* unused opcode to mark special call to bpf_tail_call() helper */ 66 66 #define BPF_TAIL_CALL 0xf0 67 67 68 + /* unused opcode to mark special load instruction. Same as BPF_ABS */ 69 + #define BPF_PROBE_MEM 0x20 70 + 68 71 /* unused opcode to mark call to interpreter with arguments */ 69 72 #define BPF_CALL_ARGS 0xe0 70 73
+19
kernel/bpf/core.c
··· 1291 1291 } 1292 1292 1293 1293 #ifndef CONFIG_BPF_JIT_ALWAYS_ON 1294 + u64 __weak bpf_probe_read(void * dst, u32 size, const void * unsafe_ptr) 1295 + { 1296 + memset(dst, 0, size); 1297 + return -EFAULT; 1298 + } 1294 1299 /** 1295 1300 * __bpf_prog_run - run eBPF program on a given context 1296 1301 * @regs: is the array of MAX_BPF_EXT_REG eBPF pseudo-registers ··· 1315 1310 /* Non-UAPI available opcodes. */ 1316 1311 [BPF_JMP | BPF_CALL_ARGS] = &&JMP_CALL_ARGS, 1317 1312 [BPF_JMP | BPF_TAIL_CALL] = &&JMP_TAIL_CALL, 1313 + [BPF_LDX | BPF_PROBE_MEM | BPF_B] = &&LDX_PROBE_MEM_B, 1314 + [BPF_LDX | BPF_PROBE_MEM | BPF_H] = &&LDX_PROBE_MEM_H, 1315 + [BPF_LDX | BPF_PROBE_MEM | BPF_W] = &&LDX_PROBE_MEM_W, 1316 + [BPF_LDX | BPF_PROBE_MEM | BPF_DW] = &&LDX_PROBE_MEM_DW, 1318 1317 }; 1319 1318 #undef BPF_INSN_3_LBL 1320 1319 #undef BPF_INSN_2_LBL ··· 1551 1542 LDST(W, u32) 1552 1543 LDST(DW, u64) 1553 1544 #undef LDST 1545 + #define LDX_PROBE(SIZEOP, SIZE) \ 1546 + LDX_PROBE_MEM_##SIZEOP: \ 1547 + bpf_probe_read(&DST, SIZE, (const void *)(long) SRC); \ 1548 + CONT; 1549 + LDX_PROBE(B, 1) 1550 + LDX_PROBE(H, 2) 1551 + LDX_PROBE(W, 4) 1552 + LDX_PROBE(DW, 8) 1553 + #undef LDX_PROBE 1554 + 1554 1555 STX_XADD_W: /* lock xadd *(u32 *)(dst_reg + off16) += src_reg */ 1555 1556 atomic_add((u32) SRC, (atomic_t *)(unsigned long) 1556 1557 (DST + insn->off));
+8
kernel/bpf/verifier.c
··· 7581 7581 case PTR_TO_TCP_SOCK: 7582 7582 case PTR_TO_TCP_SOCK_OR_NULL: 7583 7583 case PTR_TO_XDP_SOCK: 7584 + case PTR_TO_BTF_ID: 7584 7585 return false; 7585 7586 default: 7586 7587 return true; ··· 8723 8722 case PTR_TO_XDP_SOCK: 8724 8723 convert_ctx_access = bpf_xdp_sock_convert_ctx_access; 8725 8724 break; 8725 + case PTR_TO_BTF_ID: 8726 + if (type == BPF_WRITE) { 8727 + verbose(env, "Writes through BTF pointers are not allowed\n"); 8728 + return -EINVAL; 8729 + } 8730 + insn->code = BPF_LDX | BPF_PROBE_MEM | BPF_SIZE((insn)->code); 8731 + continue; 8726 8732 default: 8727 8733 continue; 8728 8734 }