- 23 May, 2022 11 commits
-
-
Joanne Koong authored
This patch adds a new api bpf_dynptr_from_mem: long bpf_dynptr_from_mem(void *data, u32 size, u64 flags, struct bpf_dynptr *ptr); which initializes a dynptr to point to a bpf program's local memory. For now only local memory that is of reg type PTR_TO_MAP_VALUE is supported. Signed-off-by:
Joanne Koong <joannelkoong@gmail.com> Signed-off-by:
Andrii Nakryiko <andrii@kernel.org> Link: https://lore.kernel.org/bpf/20220523210712.3641569-3-joannelkoong@gmail.com
-
Joanne Koong authored
This patch adds the bulk of the verifier work for supporting dynamic pointers (dynptrs) in bpf. A bpf_dynptr is opaque to the bpf program. It is a 16-byte structure defined internally as: struct bpf_dynptr_kern { void *data; u32 size; u32 offset; } __aligned(8); The upper 8 bits of *size* is reserved (it contains extra metadata about read-only status and dynptr type). Consequently, a dynptr only supports memory less than 16 MB. There are different types of dynptrs (eg malloc, ringbuf, ...). In this patchset, the most basic one, dynptrs to a bpf program's local memory, is added. For now only local memory that is of reg type PTR_TO_MAP_VALUE is supported. In the verifier, dynptr state information will be tracked in stack slots. When the program passes in an uninitialized dynptr (ARG_PTR_TO_DYNPTR | MEM_UNINIT), the stack slots corresponding to the frame pointer where the dynptr resides at are marked STACK_DYNPTR. For helper functions that take in initialized dynptrs (eg bpf_dynptr_read + bpf_dynptr_write which are added later in this patchset), the verifier enforces that the dynptr has been initialized properly by checking that their corresponding stack slots have been marked as STACK_DYNPTR. The 6th patch in this patchset adds test cases that the verifier should successfully reject, such as for example attempting to use a dynptr after doing a direct write into it inside the bpf program. Signed-off-by:David Vernet <void@manifault.com> Link: https://lore.kernel.org/bpf/20220523210712.3641569-2-joannelkoong@gmail.com
-
Kumar Kartikeya Dwivedi authored
Kernel Test Robot complains about passing zero to PTR_ERR for the said line, suppress it by using PTR_ERR_OR_ZERO. Fixes: c0a5a21c ("bpf: Allow storing referenced kptr in map") Reported-by:
kernel test robot <lkp@intel.com> Signed-off-by:
Kumar Kartikeya Dwivedi <memxor@gmail.com> Signed-off-by:
Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20220521132620.1976921-1-memxor@gmail.com
-
Song Liu authored
Introduce bpf_arch_text_invalidate and use it to fill unused part of the bpf_prog_pack with illegal instructions when a BPF program is freed. Fixes: 57631054 ("bpf: Introduce bpf_prog_pack allocator") Fixes: 33c98058 ("bpf: Introduce bpf_jit_binary_pack_[alloc|finalize|free]") Reported-by:
Linus Torvalds <torvalds@linux-foundation.org> Signed-off-by:
Song Liu <song@kernel.org> Signed-off-by:
-
Song Liu authored
Introduce a memset like API for text_poke. This will be used to fill the unused RX memory with illegal instructions. Suggested-by:
Peter Zijlstra (Intel) <peterz@infradead.org> Signed-off-by:
-
Song Liu authored
bpf_prog_pack enables sharing huge pages among multiple BPF programs. These pages are marked as executable before the JIT engine fill it with BPF programs. To make these pages safe, fill the hole bpf_prog_pack with illegal instructions before making it executable. Fixes: 57631054 ("bpf: Introduce bpf_prog_pack allocator") Fixes: 33c98058 ("bpf: Introduce bpf_jit_binary_pack_[alloc|finalize|free]") Reported-by:
-
Colin Ian King authored
There are spelling mistakes in ASSERT messages. Fix these. Signed-off-by:
Colin Ian King <colin.i.king@gmail.com> Signed-off-by:
-
Yonghong Song authored
Latest llvm-project upstream had a change of behavior related to qualifiers on function return type ([1]). This caused selftests btf_dump/btf_dump failure. The following example shows what changed. $ cat t.c typedef const char * const (* const (* const fn_ptr_arr2_t[5])())(char * (*)(int)); struct t { int a; fn_ptr_arr2_t l; }; int foo(struct t *arg) { return arg->a; } Compiled with latest upstream llvm15, $ clang -O2 -g -target bpf -S -emit-llvm t.c The related generated debuginfo IR looks like: !16 = !DIDerivedType(tag: DW_TAG_typedef, name: "fn_ptr_arr2_t", file: !1, line: 1, baseType: !17) !17 = !DICompositeType(tag: DW_TAG_array_type, baseType: !18, size: 320, elements: !32) !18 = !DIDerivedType(tag: DW_TAG_const_type, baseType: !19) !19 = !DIDerivedType(tag: DW_TAG_pointer_type, baseType: !20, size: 64) !20 = !DISubroutineType(types: !21) !21 = !{!22, null} !22 = !DIDerivedType(tag: DW_TAG_pointer_type, baseType: !23, size: 64) !23 = !DISubroutineType(types: !24) !24 = !{!25, !28} !25 = !DIDerivedType(tag: DW_TAG_pointer_type, baseType: !26, size: 64) !26 = !DIDerivedType(tag: DW_TAG_const_type, baseType: !27) !27 = !DIBasicType(name: "char", size: 8, encoding: DW_ATE_signed_char) You can see two intermediate const qualifier to pointer are dropped in debuginfo IR. With llvm14, we have following debuginfo IR: !16 = !DIDerivedType(tag: DW_TAG_typedef, name: "fn_ptr_arr2_t", file: !1, line: 1, baseType: !17) !17 = !DICompositeType(tag: DW_TAG_array_type, baseType: !18, size: 320, elements: !34) !18 = !DIDerivedType(tag: DW_TAG_const_type, baseType: !19) !19 = !DIDerivedType(tag: DW_TAG_pointer_type, baseType: !20, size: 64) !20 = !DISubroutineType(types: !21) !21 = !{!22, null} !22 = !DIDerivedType(tag: DW_TAG_const_type, baseType: !23) !23 = !DIDerivedType(tag: DW_TAG_pointer_type, baseType: !24, size: 64) !24 = !DISubroutineType(types: !25) !25 = !{!26, !30} !26 = !DIDerivedType(tag: DW_TAG_const_type, baseType: !27) !27 = !DIDerivedType(tag: DW_TAG_pointer_type, baseType: !28, size: 64) !28 = !DIDerivedType(tag: DW_TAG_const_type, baseType: !29) !29 = !DIBasicType(name: "char", size: 8, encoding: DW_ATE_signed_char) All const qualifiers are preserved. To adapt the selftest to both old and new llvm, this patch removed the intermediate const qualifier in const-to-ptr types, to make the test succeed again. [1] https://reviews.llvm.org/D125919Reported-by:Mykola Lysenko <mykolal@fb.com> Signed-off-by:
Yonghong Song <yhs@fb.com> Link: https://lore.kernel.org/r/20220523152044.3905809-1-yhs@fb.comSigned-off-by:
Alexei Starovoitov <ast@kernel.org>
-
Julia Lawall authored
Spelling mistake (triple letters) in comment. Detected with the help of Coccinelle. Signed-off-by:
Julia Lawall <Julia.Lawall@inria.fr> Signed-off-by:
Ilya Leoshkevich <iii@linux.ibm.com> Link: https://lore.kernel.org/bpf/20220521111145.81697-84-Julia.Lawall@inria.fr
-
Julia Lawall authored
Spelling mistake (triple letters) in comment. Detected with the help of Coccinelle. Signed-off-by:
Daniel Müller <deso@posteo.net> Link: https://lore.kernel.org/bpf/20220521111145.81697-71-Julia.Lawall@inria.fr
-
Magnus Karlsson authored
Maciej Fijalkowski has gracefully accepted to become the third maintainer for the AF_XDP code. Thank you Maciej! Signed-off-by:
Magnus Karlsson <magnus.karlsson@gmail.com> Signed-off-by:
Björn Töpel <bjorn@kernel.org> Acked-by:
Maciej Fijalkowski <maciej.fijalkowski@intel.com> Link: https://lore.kernel.org/bpf/20220523083254.32285-1-magnus.karlsson@gmail.com
-
- 21 May, 2022 4 commits
-
-
Alexei Starovoitov authored
Alan Maguire says: ==================== Unprivileged BPF disabled (kernel.unprivileged_bpf_disabled >= 1) is the default in most cases now; when set, the BPF system call is blocked for users without CAP_BPF/CAP_SYS_ADMIN. In some cases however, it makes sense to split activities between capability-requiring ones - such as program load/attach - and those that might not require capabilities such as reading perf/ringbuf events, reading or updating BPF map configuration etc. One example of this sort of approach is a service that loads a BPF program, and a user-space program that interacts with it. Here - rather than blocking all BPF syscall commands - unprivileged BPF disabled blocks the key object-creating commands (prog load, map load). Discussion has alluded to this idea in the past [1], and Alexei mentioned it was also discussed at LSF/MM/BPF this year. Changes since v3 [2]: - added acks to patch 1 - CI was failing on Ubuntu; I suspect the issue was an old capability.h file which specified CAP_LAST_CAP as < CAP_BPF, leading to the logic disabling all caps not disabling CAP_BPF. Use CAP_BPF as basis for "all caps" bitmap instead as we explicitly define it in cap_helpers.h if not already found in capabilities.h - made global variables arguments to subtests instead (Andrii, patch 2) Changes since v2 [3]: - added acks from Yonghong - clang compilation issue in selftest with bpf_prog_query() (Alexei, patch 2) - disable all capabilities for test (Yonghong, patch 2) - add assertions that size of perf/ringbuf data matches expectations (Yonghong, patch 2) - add map array size definition, remove unneeded whitespace (Yonghong, patch 2) Changes since RFC [4]: - widened scope of commands unprivileged BPF disabled allows (Alexei, patch 1) - removed restrictions on map types for lookup, update, delete (Alexei, patch 1) - removed kernel CONFIG parameter controlling unprivileged bpf disabled change (Alexei, patch 1) - widened test scope to cover most BPF syscall commands, with positive and negative subtests [1] https://lore.kernel.org/bpf/CAADnVQLTBhCTAx1a_nev7CgMZxv1Bb7ecz1AFRin8tHmjPREJA@mail.gmail.com/ [2] https://lore.kernel.org/bpf/1652880861-27373-1-git-send-email-alan.maguire@oracle.com/T/ [3] https://lore.kernel.org/bpf/1652788780-25520-1-git-send-email-alan.maguire@oracle.com/T/#t [4] https://lore.kernel.org/bpf/20220511163604.5kuczj6jx3ec5qv6@MBP-98dd607d3435.dhcp.thefacebook.com/T/#mae65f35a193279e718f37686da636094d69b96ee ==================== Signed-off-by:
-
Alan Maguire authored
tests load/attach bpf prog with maps, perfbuf and ringbuf, pinning them. Then effective caps are dropped and we verify we can - pick up the pin - create ringbuf/perfbuf - get ringbuf/perfbuf events, carry out map update, lookup and delete - create a link Negative testing also ensures - BPF prog load fails - BPF map create fails - get fd by id fails - get next id fails - query fails - BTF load fails Signed-off-by:
Alan Maguire <alan.maguire@oracle.com> Acked-by:
-
Alan Maguire authored
With unprivileged BPF disabled, all cmds associated with the BPF syscall are blocked to users without CAP_BPF/CAP_SYS_ADMIN. However there are use cases where we may wish to allow interactions with BPF programs without being able to load and attach them. So for example, a process with required capabilities loads/attaches a BPF program, and a process with less capabilities interacts with it; retrieving perf/ring buffer events, modifying map-specified config etc. With all BPF syscall commands blocked as a result of unprivileged BPF being disabled, this mode of interaction becomes impossible for processes without CAP_BPF. As Alexei notes "The bpf ACL model is the same as traditional file's ACL. The creds and ACLs are checked at open(). Then during file's write/read additional checks might be performed. BPF has such functionality already. Different map_creates have capability checks while map_lookup has: map_get_sys_perms(map, f) & FMODE_CAN_READ. In other words it's enough to gate FD-receiving parts of bpf with unprivileged_bpf_disabled sysctl. The rest is handled by availability of FD and access to files in bpffs." So key fd creation syscall commands BPF_PROG_LOAD and BPF_MAP_CREATE are blocked with unprivileged BPF disabled and no CAP_BPF. And as Alexei notes, map creation with unprivileged BPF disabled off blocks creation of maps aside from array, hash and ringbuf maps. Programs responsible for loading and attaching the BPF program can still control access to its pinned representation by restricting permissions on the pin path, as with normal files. Signed-off-by:
Shung-Hsi Yu <shung-hsi.yu@suse.com> Acked-by:
KP Singh <kpsingh@kernel.org> Link: https://lore.kernel.org/r/1652970334-30510-2-git-send-email-alan.maguire@oracle.comSigned-off-by:
-
Benjamin Tissoires authored
Tracing and syscall BPF program types are very convenient to add BPF capabilities to subsystem otherwise not BPF capable. When we add kfuncs capabilities to those program types, we can add BPF features to subsystems without having to touch BPF core. Signed-off-by:
Benjamin Tissoires <benjamin.tissoires@redhat.com> Link: https://lore.kernel.org/r/20220518205924.399291-2-benjamin.tissoires@redhat.comSigned-off-by:
-
- 20 May, 2022 12 commits
-
-
Mykola Lysenko authored
Currently filtered subtests show up in the output as skipped. Before: $ sudo ./test_progs -t log_fixup/missing_map #94 /1 log_fixup/bad_core_relo_trunc_none:SKIP #94 /2 log_fixup/bad_core_relo_trunc_partial:SKIP #94 /3 log_fixup/bad_core_relo_trunc_full:SKIP #94 /4 log_fixup/bad_core_relo_subprog:SKIP #94 /5 log_fixup/missing_map:OK #94 log_fixup:OK Summary: 1/1 PASSED, 0 SKIPPED, 0 FAILED After: $ sudo ./test_progs -t log_fixup/missing_map #94 /5 log_fixup/missing_map:OK #94 log_fixup:OK Summary: 1/1 PASSED, 0 SKIPPED, 0 FAILED Signed-off-by:
-
Mykola Lysenko authored
Remove weird spaces around / while preserving proper indentation Signed-off-by:
-
Yuntao Wang authored
Currently the trampoline_count test doesn't include any fmod_ret bpf programs, fix it to make the test cover all possible trampoline program types. Since fmod_ret bpf programs can't be attached to __set_task_comm function, as it's neither whitelisted for error injection nor a security hook, change it to bpf_modify_return_test. This patch also does some other cleanups such as removing duplicate code, dropping inconsistent comments, etc. Signed-off-by:
Yuntao Wang <ytcoode@gmail.com> Signed-off-by:
-
Andrii Nakryiko authored
Mat Martineau says: ==================== This patch set adds BPF access to mptcp_sock structures, along with associated self tests. You may recognize some of the code from earlier (https://lore.kernel.org/bpf/20200918121046.190240-6-nicolas.rybowski@tessares.net/) but it has been reworked quite a bit. v1 -> v2: Emit BTF type, add func_id checks in verifier.c and bpf_trace.c, remove build check for CONFIG_BPF_JIT, add selftest check for CONFIG_MPTCP, and add a patch to include CONFIG_IKCONFIG/CONFIG_IKCONFIG_PROC for the BPF self tests. v2 -> v3: Access sysctl through the filesystem to work around CI use of the more limited busybox sysctl command. v3 -> v4: Dropped special case kernel code for tcp_sock is_mptcp, use existing bpf_tcp_helpers.h, and add check for 'ip mptcp monitor' support. v4 -> v5: Use BPF test skeleton, more consistent use of ASSERT macros, drop some unnecessary parameters / checks, and use tracing to acquire MPTCP token. Geliang Tang (6): bpf: add bpf_skc_to_mptcp_sock_proto selftests/bpf: Enable CONFIG_IKCONFIG_PROC in config selftests/bpf: test bpf_skc_to_mptcp_sock selftests/bpf: verify token of struct mptcp_sock selftests/bpf: verify ca_name of struct mptcp_sock selftests/bpf: verify first of struct mptcp_sock ==================== Signed-off-by:
-
Geliang Tang authored
This patch verifies the 'first' struct member of struct mptcp_sock, which points to the first subflow of msk. Save 'sk' in mptcp_storage, and verify it with 'first' in verify_msk(). v5: - Use ASSERT_EQ() instead of a manual comparison + log (Andrii). Signed-off-by:
Geliang Tang <geliang.tang@suse.com> Signed-off-by:
Mat Martineau <mathew.j.martineau@linux.intel.com> Signed-off-by:
Matthieu Baerts <matthieu.baerts@tessares.net> Link: https://lore.kernel.org/bpf/20220519233016.105670-8-mathew.j.martineau@linux.intel.com
-
Geliang Tang authored
This patch verifies another member of struct mptcp_sock, ca_name. Add a new function get_msk_ca_name() to read the sysctl tcp_congestion_control and verify it in verify_msk(). v3: Access the sysctl through the filesystem to avoid compatibility issues with the busybox sysctl command. v4: use ASSERT_* instead of CHECK_FAIL (Andrii) v5: use ASSERT_STRNEQ() instead of strncmp() (Andrii) Signed-off-by: -
Geliang Tang authored
This patch verifies the struct member token of struct mptcp_sock. Add a new member token in struct mptcp_storage to store the token value of the msk socket got by bpf_skc_to_mptcp_sock(). Trace the kernel function mptcp_pm_new_connection() by using bpf fentry prog to obtain the msk token and save it in a global bpf variable. Pass the variable to verify_msk() to verify it with the token saved in socket_storage_map. v4: - use ASSERT_* instead of CHECK_FAIL (Andrii) - skip the test if 'ip mptcp monitor' is not supported (Mat) v5: - Drop 'ip mptcp monitor', trace mptcp_pm_new_connection instead (Martin) - Use ASSERT_EQ (Andrii) Signed-off-by:
-
Geliang Tang authored
This patch extends the MPTCP test base, to test the new helper bpf_skc_to_mptcp_sock(). Define struct mptcp_sock in bpf_tcp_helpers.h, use bpf_skc_to_mptcp_sock to get the msk socket in progs/mptcp_sock.c and store the infos in socket_storage_map. Get the infos from socket_storage_map in prog_tests/mptcp.c. Add a new function verify_msk() to verify the infos of MPTCP socket, and rename verify_sk() to verify_tsk() to verify TCP socket only. v2: Add CONFIG_MPTCP check for clearer error messages v4: - use ASSERT_* instead of CHECK_FAIL (Andrii) - drop bpf_mptcp_helpers.h (Andrii) v5: - some 'ASSERT_*' were replaced in the next commit by mistake. - Drop CONFIG_MPTCP (Martin) - Use ASSERT_EQ (Andrii) Signed-off-by:
-
Nicolas Rybowski authored
This patch adds a base for MPTCP specific tests. It is currently limited to the is_mptcp field in case of plain TCP connection because there is no easy way to get the subflow sk from a msk in userspace. This implies that we cannot lookup the sk_storage attached to the subflow sk in the sockops program. v4: - add copyright 2022 (Andrii) - use ASSERT_* instead of CHECK_FAIL (Andrii) - drop SEC("version") (Andrii) - use is_mptcp in tcp_sock, instead of bpf_tcp_sock (Martin & Andrii) v5: - Drop connect_to_mptcp_fd (Martin) - Use BPF test skeleton (Andrii) - Use ASSERT_EQ (Andrii) - Drop the 'msg' parameter of verify_sk Co-developed-by:Nicolas Rybowski <nicolas.rybowski@tessares.net> Signed-off-by:
-
Geliang Tang authored
CONFIG_IKCONFIG_PROC is required by BPF selftests, otherwise we get errors like this: libbpf: failed to open system Kconfig libbpf: failed to load object 'kprobe_multi' libbpf: failed to load BPF skeleton 'kprobe_multi': -22 It's because /proc/config.gz is opened in bpf_object__read_kconfig_file() in tools/lib/bpf/libbpf.c: file = gzopen("/proc/config.gz", "r"); So this patch enables CONFIG_IKCONFIG and CONFIG_IKCONFIG_PROC in tools/testing/selftests/bpf/config. Suggested-by: -
Geliang Tang authored
This patch implements a new struct bpf_func_proto, named bpf_skc_to_mptcp_sock_proto. Define a new bpf_id BTF_SOCK_TYPE_MPTCP, and a new helper bpf_skc_to_mptcp_sock(), which invokes another new helper bpf_mptcp_sock_from_subflow() in net/mptcp/bpf.c to get struct mptcp_sock from a given subflow socket. v2: Emit BTF type, add func_id checks in verifier.c and bpf_trace.c, remove build check for CONFIG_BPF_JIT v5: Drop EXPORT_SYMBOL (Martin) Co-developed-by:
-
Feng Zhou authored
comments from Andrii Nakryiko, details in here: https://lore.kernel.org/lkml/20220511093854.411-1-zhoufeng.zf@bytedance.com/T/ use /* */ instead of // use libbpf_num_possible_cpus() instead of sysconf(_SC_NPROCESSORS_ONLN) use 8 bytes for value size fix memory leak use ASSERT_EQ instead of ASSERT_OK add bpf_loop to fetch values on each possible CPU Fixes: ed7c1377 ("selftests/bpf: add test case for bpf_map_lookup_percpu_elem") Signed-off-by:
Feng Zhou <zhoufeng.zf@bytedance.com> Signed-off-by:
-
- 19 May, 2022 5 commits
-
-
Alexei Starovoitov authored
Andrii Nakryiko says: ==================== Start preparations for libbpf 1.0 release and as a first test remove bpf_create_map*() APIs. ==================== Acked-by:
-
Andrii Nakryiko authored
To test API removal, get rid of bpf_create_map*() APIs. Perf defines __weak implementation of bpf_map_create() that redirects to old bpf_create_map() and that seems to compile and run fine. Cc: Jiri Olsa <jolsa@kernel.org> Cc: Arnaldo Carvalho de Melo <acme@redhat.com> Signed-off-by:
-
Andrii Nakryiko authored
Start libbpf 1.0 development cycle by adding LIBBPF_1.0.0 section to libbpf.map file and marking all current symbols as local. As we remove all the deprecated APIs we'll populate global list before the final 1.0 release. Signed-off-by:
-
Andrii Nakryiko authored
Add the same negative ABS filter that we use in VERSIONED_SYM_COUNT to filter out ABS symbols like LIBBPF_0.8.0. Signed-off-by:
-
Hangbin Liu authored
When build bpf test and install it to another folder, e.g. make -j10 install -C tools/testing/selftests/ TARGETS="bpf" \ SKIP_TARGETS="" INSTALL_PATH=/tmp/kselftests The ima_setup.sh is missed in target folder, which makes test_ima failed. Fix it by adding ima_setup.sh to TEST_PROGS_EXTENDED. Fixes: 34b82d3a ("bpf: Add a selftest for bpf_ima_inode_hash") Signed-off-by:
Hangbin Liu <liuhangbin@gmail.com> Signed-off-by:
-
- 16 May, 2022 2 commits
-
-
Yosry Ahmed authored
bpf selftests can no longer be built with CFLAGS=-static with liburandom_read.so and its dependent target. Filter out -static for liburandom_read.so and its dependent target. When building statically, this leaves urandom_read relying on system-wide shared libraries. Signed-off-by:
Yosry Ahmed <yosryahmed@google.com> Signed-off-by:
-
Andrii Nakryiko authored
Fix sec_name memory leak if user defines target-less SEC("tp"). Fixes: 9af8efc4 ("libbpf: Allow "incomplete" basic tracing SEC() definitions") Signed-off-by:
-
- 13 May, 2022 6 commits
-
-
Larysa Zaremba authored
Currently, dumping almost all BTFs specified by id requires using the -B option to pass the base BTF. For kernel module BTFs the vmlinux BTF sysfs path should work. This patch simplifies dumping by ID usage by loading vmlinux BTF from sysfs as base, if base BTF was not specified and the ID corresponds to a kernel module BTF. Signed-off-by:
Larysa Zaremba <larysa.zaremba@intel.com> Signed-off-by:
Alexander Lobakin <alexandr.lobakin@intel.com> Link: https://lore.kernel.org/bpf/20220513121743.12411-1-larysa.zaremba@intel.com
-
Joanne Koong authored
Instead of having uninitialized versions of arguments as separate bpf_arg_types (eg ARG_PTR_TO_UNINIT_MEM as the uninitialized version of ARG_PTR_TO_MEM), we can instead use MEM_UNINIT as a bpf_type_flag modifier to denote that the argument is uninitialized. Doing so cleans up some of the logic in the verifier. We no longer need to do two checks against an argument type (eg "if (base_type(arg_type) == ARG_PTR_TO_MEM || base_type(arg_type) == ARG_PTR_TO_UNINIT_MEM)"), since uninitialized and initialized versions of the same argument type will now share the same base type. In the near future, MEM_UNINIT will be used by dynptr helper functions as well. Signed-off-by:
-
Andrii Nakryiko authored
usdt_400 test case relies on compiler using the same arg spec for usdt_400 USDT. This assumption breaks with Clang (Clang generates different arg specs with varying offsets relative to %rbp), so simplify this further and hard-code the constant which will guarantee that arg spec is the same across all 400 inlinings. Fixes: 630301b0 ("selftests/bpf: Add basic USDT selftests") Reported-by:
-
Andrii Nakryiko authored
Convert a bunch of selftests to using newly added high-level BPF map APIs. This change exposed that map_kptr selftests allocated too big buffer, which is fixed in this patch as well. Signed-off-by:
-
Andrii Nakryiko authored
Add high-level API wrappers for most common and typical BPF map operations that works directly on instances of struct bpf_map * (so you don't have to call bpf_map__fd()) and validate key/value size expectations. These helpers require users to specify key (and value, where appropriate) sizes when performing lookup/update/delete/etc. This forces user to actually think and validate (for themselves) those. This is a good thing as user is expected by kernel to implicitly provide correct key/value buffer sizes and kernel will just read/write necessary amount of data. If it so happens that user doesn't set up buffers correctly (which bit people for per-CPU maps especially) kernel either randomly overwrites stack data or return -EFAULT, depending on user's luck and circumstances. These high-level APIs are meant to prevent such unpleasant and hard to debug bugs. This patch also adds bpf_map_delete_elem_flags() low-level API and requires passing flags to bpf_map__delete_elem() API for consistency across all similar APIs, even though currently kernel doesn't expect any extra flags for BPF_MAP_DELETE_ELEM operation. List of map operations that get these high-level APIs: - bpf_map_lookup_elem; - bpf_map_update_elem; - bpf_map_delete_elem; - bpf_map_lookup_and_delete_elem; - bpf_map_get_next_key. Signed-off-by:
-
Alexei Starovoitov authored
Check that ld_imm64 with src_reg=1 (aka BPF_PSEUDO_FUNC) works with jit_blinding. Signed-off-by:
Martin KaFai Lau <kafai@fb.com> Link: https://lore.kernel.org/bpf/20220513011025.13344-2-alexei.starovoitov@gmail.com
-
