1 /* SPDX-License-Identifier: GPL-2.0-only */ 2 /* Copyright (c) 2011-2014 PLUMgrid, http://plumgrid.com 3 */ 4 #ifndef _LINUX_BPF_H 5 #define _LINUX_BPF_H 1 6 7 #include <uapi/linux/bpf.h> 8 9 #include <linux/workqueue.h> 10 #include <linux/file.h> 11 #include <linux/percpu.h> 12 #include <linux/err.h> 13 #include <linux/rbtree_latch.h> 14 #include <linux/numa.h> 15 #include <linux/mm_types.h> 16 #include <linux/wait.h> 17 #include <linux/u64_stats_sync.h> 18 #include <linux/refcount.h> 19 #include <linux/mutex.h> 20 #include <linux/module.h> 21 #include <linux/kallsyms.h> 22 23 struct bpf_verifier_env; 24 struct bpf_verifier_log; 25 struct perf_event; 26 struct bpf_prog; 27 struct bpf_prog_aux; 28 struct bpf_map; 29 struct sock; 30 struct seq_file; 31 struct btf; 32 struct btf_type; 33 struct exception_table_entry; 34 35 extern struct idr btf_idr; 36 extern spinlock_t btf_idr_lock; 37 38 /* map is generic key/value storage optionally accesible by eBPF programs */ 39 struct bpf_map_ops { 40 /* funcs callable from userspace (via syscall) */ 41 int (*map_alloc_check)(union bpf_attr *attr); 42 struct bpf_map *(*map_alloc)(union bpf_attr *attr); 43 void (*map_release)(struct bpf_map *map, struct file *map_file); 44 void (*map_free)(struct bpf_map *map); 45 int (*map_get_next_key)(struct bpf_map *map, void *key, void *next_key); 46 void (*map_release_uref)(struct bpf_map *map); 47 void *(*map_lookup_elem_sys_only)(struct bpf_map *map, void *key); 48 int (*map_lookup_batch)(struct bpf_map *map, const union bpf_attr *attr, 49 union bpf_attr __user *uattr); 50 int (*map_lookup_and_delete_batch)(struct bpf_map *map, 51 const union bpf_attr *attr, 52 union bpf_attr __user *uattr); 53 int (*map_update_batch)(struct bpf_map *map, const union bpf_attr *attr, 54 union bpf_attr __user *uattr); 55 int (*map_delete_batch)(struct bpf_map *map, const union bpf_attr *attr, 56 union bpf_attr __user *uattr); 57 58 /* funcs callable from userspace and from eBPF programs */ 59 void *(*map_lookup_elem)(struct bpf_map *map, void *key); 60 int (*map_update_elem)(struct bpf_map *map, void *key, void *value, u64 flags); 61 int (*map_delete_elem)(struct bpf_map *map, void *key); 62 int (*map_push_elem)(struct bpf_map *map, void *value, u64 flags); 63 int (*map_pop_elem)(struct bpf_map *map, void *value); 64 int (*map_peek_elem)(struct bpf_map *map, void *value); 65 66 /* funcs called by prog_array and perf_event_array map */ 67 void *(*map_fd_get_ptr)(struct bpf_map *map, struct file *map_file, 68 int fd); 69 void (*map_fd_put_ptr)(void *ptr); 70 u32 (*map_gen_lookup)(struct bpf_map *map, struct bpf_insn *insn_buf); 71 u32 (*map_fd_sys_lookup_elem)(void *ptr); 72 void (*map_seq_show_elem)(struct bpf_map *map, void *key, 73 struct seq_file *m); 74 int (*map_check_btf)(const struct bpf_map *map, 75 const struct btf *btf, 76 const struct btf_type *key_type, 77 const struct btf_type *value_type); 78 79 /* Prog poke tracking helpers. */ 80 int (*map_poke_track)(struct bpf_map *map, struct bpf_prog_aux *aux); 81 void (*map_poke_untrack)(struct bpf_map *map, struct bpf_prog_aux *aux); 82 void (*map_poke_run)(struct bpf_map *map, u32 key, struct bpf_prog *old, 83 struct bpf_prog *new); 84 85 /* Direct value access helpers. */ 86 int (*map_direct_value_addr)(const struct bpf_map *map, 87 u64 *imm, u32 off); 88 int (*map_direct_value_meta)(const struct bpf_map *map, 89 u64 imm, u32 *off); 90 int (*map_mmap)(struct bpf_map *map, struct vm_area_struct *vma); 91 }; 92 93 struct bpf_map_memory { 94 u32 pages; 95 struct user_struct *user; 96 }; 97 98 struct bpf_map { 99 /* The first two cachelines with read-mostly members of which some 100 * are also accessed in fast-path (e.g. ops, max_entries). 101 */ 102 const struct bpf_map_ops *ops ____cacheline_aligned; 103 struct bpf_map *inner_map_meta; 104 #ifdef CONFIG_SECURITY 105 void *security; 106 #endif 107 enum bpf_map_type map_type; 108 u32 key_size; 109 u32 value_size; 110 u32 max_entries; 111 u32 map_flags; 112 int spin_lock_off; /* >=0 valid offset, <0 error */ 113 u32 id; 114 int numa_node; 115 u32 btf_key_type_id; 116 u32 btf_value_type_id; 117 struct btf *btf; 118 struct bpf_map_memory memory; 119 char name[BPF_OBJ_NAME_LEN]; 120 u32 btf_vmlinux_value_type_id; 121 bool unpriv_array; 122 bool frozen; /* write-once; write-protected by freeze_mutex */ 123 /* 22 bytes hole */ 124 125 /* The 3rd and 4th cacheline with misc members to avoid false sharing 126 * particularly with refcounting. 127 */ 128 atomic64_t refcnt ____cacheline_aligned; 129 atomic64_t usercnt; 130 struct work_struct work; 131 struct mutex freeze_mutex; 132 u64 writecnt; /* writable mmap cnt; protected by freeze_mutex */ 133 }; 134 135 static inline bool map_value_has_spin_lock(const struct bpf_map *map) 136 { 137 return map->spin_lock_off >= 0; 138 } 139 140 static inline void check_and_init_map_lock(struct bpf_map *map, void *dst) 141 { 142 if (likely(!map_value_has_spin_lock(map))) 143 return; 144 *(struct bpf_spin_lock *)(dst + map->spin_lock_off) = 145 (struct bpf_spin_lock){}; 146 } 147 148 /* copy everything but bpf_spin_lock */ 149 static inline void copy_map_value(struct bpf_map *map, void *dst, void *src) 150 { 151 if (unlikely(map_value_has_spin_lock(map))) { 152 u32 off = map->spin_lock_off; 153 154 memcpy(dst, src, off); 155 memcpy(dst + off + sizeof(struct bpf_spin_lock), 156 src + off + sizeof(struct bpf_spin_lock), 157 map->value_size - off - sizeof(struct bpf_spin_lock)); 158 } else { 159 memcpy(dst, src, map->value_size); 160 } 161 } 162 void copy_map_value_locked(struct bpf_map *map, void *dst, void *src, 163 bool lock_src); 164 165 struct bpf_offload_dev; 166 struct bpf_offloaded_map; 167 168 struct bpf_map_dev_ops { 169 int (*map_get_next_key)(struct bpf_offloaded_map *map, 170 void *key, void *next_key); 171 int (*map_lookup_elem)(struct bpf_offloaded_map *map, 172 void *key, void *value); 173 int (*map_update_elem)(struct bpf_offloaded_map *map, 174 void *key, void *value, u64 flags); 175 int (*map_delete_elem)(struct bpf_offloaded_map *map, void *key); 176 }; 177 178 struct bpf_offloaded_map { 179 struct bpf_map map; 180 struct net_device *netdev; 181 const struct bpf_map_dev_ops *dev_ops; 182 void *dev_priv; 183 struct list_head offloads; 184 }; 185 186 static inline struct bpf_offloaded_map *map_to_offmap(struct bpf_map *map) 187 { 188 return container_of(map, struct bpf_offloaded_map, map); 189 } 190 191 static inline bool bpf_map_offload_neutral(const struct bpf_map *map) 192 { 193 return map->map_type == BPF_MAP_TYPE_PERF_EVENT_ARRAY; 194 } 195 196 static inline bool bpf_map_support_seq_show(const struct bpf_map *map) 197 { 198 return (map->btf_value_type_id || map->btf_vmlinux_value_type_id) && 199 map->ops->map_seq_show_elem; 200 } 201 202 int map_check_no_btf(const struct bpf_map *map, 203 const struct btf *btf, 204 const struct btf_type *key_type, 205 const struct btf_type *value_type); 206 207 extern const struct bpf_map_ops bpf_map_offload_ops; 208 209 /* function argument constraints */ 210 enum bpf_arg_type { 211 ARG_DONTCARE = 0, /* unused argument in helper function */ 212 213 /* the following constraints used to prototype 214 * bpf_map_lookup/update/delete_elem() functions 215 */ 216 ARG_CONST_MAP_PTR, /* const argument used as pointer to bpf_map */ 217 ARG_PTR_TO_MAP_KEY, /* pointer to stack used as map key */ 218 ARG_PTR_TO_MAP_VALUE, /* pointer to stack used as map value */ 219 ARG_PTR_TO_UNINIT_MAP_VALUE, /* pointer to valid memory used to store a map value */ 220 ARG_PTR_TO_MAP_VALUE_OR_NULL, /* pointer to stack used as map value or NULL */ 221 222 /* the following constraints used to prototype bpf_memcmp() and other 223 * functions that access data on eBPF program stack 224 */ 225 ARG_PTR_TO_MEM, /* pointer to valid memory (stack, packet, map value) */ 226 ARG_PTR_TO_MEM_OR_NULL, /* pointer to valid memory or NULL */ 227 ARG_PTR_TO_UNINIT_MEM, /* pointer to memory does not need to be initialized, 228 * helper function must fill all bytes or clear 229 * them in error case. 230 */ 231 232 ARG_CONST_SIZE, /* number of bytes accessed from memory */ 233 ARG_CONST_SIZE_OR_ZERO, /* number of bytes accessed from memory or 0 */ 234 235 ARG_PTR_TO_CTX, /* pointer to context */ 236 ARG_PTR_TO_CTX_OR_NULL, /* pointer to context or NULL */ 237 ARG_ANYTHING, /* any (initialized) argument is ok */ 238 ARG_PTR_TO_SPIN_LOCK, /* pointer to bpf_spin_lock */ 239 ARG_PTR_TO_SOCK_COMMON, /* pointer to sock_common */ 240 ARG_PTR_TO_INT, /* pointer to int */ 241 ARG_PTR_TO_LONG, /* pointer to long */ 242 ARG_PTR_TO_SOCKET, /* pointer to bpf_sock (fullsock) */ 243 ARG_PTR_TO_BTF_ID, /* pointer to in-kernel struct */ 244 }; 245 246 /* type of values returned from helper functions */ 247 enum bpf_return_type { 248 RET_INTEGER, /* function returns integer */ 249 RET_VOID, /* function doesn't return anything */ 250 RET_PTR_TO_MAP_VALUE, /* returns a pointer to map elem value */ 251 RET_PTR_TO_MAP_VALUE_OR_NULL, /* returns a pointer to map elem value or NULL */ 252 RET_PTR_TO_SOCKET_OR_NULL, /* returns a pointer to a socket or NULL */ 253 RET_PTR_TO_TCP_SOCK_OR_NULL, /* returns a pointer to a tcp_sock or NULL */ 254 RET_PTR_TO_SOCK_COMMON_OR_NULL, /* returns a pointer to a sock_common or NULL */ 255 }; 256 257 /* eBPF function prototype used by verifier to allow BPF_CALLs from eBPF programs 258 * to in-kernel helper functions and for adjusting imm32 field in BPF_CALL 259 * instructions after verifying 260 */ 261 struct bpf_func_proto { 262 u64 (*func)(u64 r1, u64 r2, u64 r3, u64 r4, u64 r5); 263 bool gpl_only; 264 bool pkt_access; 265 enum bpf_return_type ret_type; 266 union { 267 struct { 268 enum bpf_arg_type arg1_type; 269 enum bpf_arg_type arg2_type; 270 enum bpf_arg_type arg3_type; 271 enum bpf_arg_type arg4_type; 272 enum bpf_arg_type arg5_type; 273 }; 274 enum bpf_arg_type arg_type[5]; 275 }; 276 int *btf_id; /* BTF ids of arguments */ 277 }; 278 279 /* bpf_context is intentionally undefined structure. Pointer to bpf_context is 280 * the first argument to eBPF programs. 281 * For socket filters: 'struct bpf_context *' == 'struct sk_buff *' 282 */ 283 struct bpf_context; 284 285 enum bpf_access_type { 286 BPF_READ = 1, 287 BPF_WRITE = 2 288 }; 289 290 /* types of values stored in eBPF registers */ 291 /* Pointer types represent: 292 * pointer 293 * pointer + imm 294 * pointer + (u16) var 295 * pointer + (u16) var + imm 296 * if (range > 0) then [ptr, ptr + range - off) is safe to access 297 * if (id > 0) means that some 'var' was added 298 * if (off > 0) means that 'imm' was added 299 */ 300 enum bpf_reg_type { 301 NOT_INIT = 0, /* nothing was written into register */ 302 SCALAR_VALUE, /* reg doesn't contain a valid pointer */ 303 PTR_TO_CTX, /* reg points to bpf_context */ 304 CONST_PTR_TO_MAP, /* reg points to struct bpf_map */ 305 PTR_TO_MAP_VALUE, /* reg points to map element value */ 306 PTR_TO_MAP_VALUE_OR_NULL,/* points to map elem value or NULL */ 307 PTR_TO_STACK, /* reg == frame_pointer + offset */ 308 PTR_TO_PACKET_META, /* skb->data - meta_len */ 309 PTR_TO_PACKET, /* reg points to skb->data */ 310 PTR_TO_PACKET_END, /* skb->data + headlen */ 311 PTR_TO_FLOW_KEYS, /* reg points to bpf_flow_keys */ 312 PTR_TO_SOCKET, /* reg points to struct bpf_sock */ 313 PTR_TO_SOCKET_OR_NULL, /* reg points to struct bpf_sock or NULL */ 314 PTR_TO_SOCK_COMMON, /* reg points to sock_common */ 315 PTR_TO_SOCK_COMMON_OR_NULL, /* reg points to sock_common or NULL */ 316 PTR_TO_TCP_SOCK, /* reg points to struct tcp_sock */ 317 PTR_TO_TCP_SOCK_OR_NULL, /* reg points to struct tcp_sock or NULL */ 318 PTR_TO_TP_BUFFER, /* reg points to a writable raw tp's buffer */ 319 PTR_TO_XDP_SOCK, /* reg points to struct xdp_sock */ 320 PTR_TO_BTF_ID, /* reg points to kernel struct */ 321 }; 322 323 /* The information passed from prog-specific *_is_valid_access 324 * back to the verifier. 325 */ 326 struct bpf_insn_access_aux { 327 enum bpf_reg_type reg_type; 328 union { 329 int ctx_field_size; 330 u32 btf_id; 331 }; 332 struct bpf_verifier_log *log; /* for verbose logs */ 333 }; 334 335 static inline void 336 bpf_ctx_record_field_size(struct bpf_insn_access_aux *aux, u32 size) 337 { 338 aux->ctx_field_size = size; 339 } 340 341 struct bpf_prog_ops { 342 int (*test_run)(struct bpf_prog *prog, const union bpf_attr *kattr, 343 union bpf_attr __user *uattr); 344 }; 345 346 struct bpf_verifier_ops { 347 /* return eBPF function prototype for verification */ 348 const struct bpf_func_proto * 349 (*get_func_proto)(enum bpf_func_id func_id, 350 const struct bpf_prog *prog); 351 352 /* return true if 'size' wide access at offset 'off' within bpf_context 353 * with 'type' (read or write) is allowed 354 */ 355 bool (*is_valid_access)(int off, int size, enum bpf_access_type type, 356 const struct bpf_prog *prog, 357 struct bpf_insn_access_aux *info); 358 int (*gen_prologue)(struct bpf_insn *insn, bool direct_write, 359 const struct bpf_prog *prog); 360 int (*gen_ld_abs)(const struct bpf_insn *orig, 361 struct bpf_insn *insn_buf); 362 u32 (*convert_ctx_access)(enum bpf_access_type type, 363 const struct bpf_insn *src, 364 struct bpf_insn *dst, 365 struct bpf_prog *prog, u32 *target_size); 366 int (*btf_struct_access)(struct bpf_verifier_log *log, 367 const struct btf_type *t, int off, int size, 368 enum bpf_access_type atype, 369 u32 *next_btf_id); 370 }; 371 372 struct bpf_prog_offload_ops { 373 /* verifier basic callbacks */ 374 int (*insn_hook)(struct bpf_verifier_env *env, 375 int insn_idx, int prev_insn_idx); 376 int (*finalize)(struct bpf_verifier_env *env); 377 /* verifier optimization callbacks (called after .finalize) */ 378 int (*replace_insn)(struct bpf_verifier_env *env, u32 off, 379 struct bpf_insn *insn); 380 int (*remove_insns)(struct bpf_verifier_env *env, u32 off, u32 cnt); 381 /* program management callbacks */ 382 int (*prepare)(struct bpf_prog *prog); 383 int (*translate)(struct bpf_prog *prog); 384 void (*destroy)(struct bpf_prog *prog); 385 }; 386 387 struct bpf_prog_offload { 388 struct bpf_prog *prog; 389 struct net_device *netdev; 390 struct bpf_offload_dev *offdev; 391 void *dev_priv; 392 struct list_head offloads; 393 bool dev_state; 394 bool opt_failed; 395 void *jited_image; 396 u32 jited_len; 397 }; 398 399 enum bpf_cgroup_storage_type { 400 BPF_CGROUP_STORAGE_SHARED, 401 BPF_CGROUP_STORAGE_PERCPU, 402 __BPF_CGROUP_STORAGE_MAX 403 }; 404 405 #define MAX_BPF_CGROUP_STORAGE_TYPE __BPF_CGROUP_STORAGE_MAX 406 407 /* The longest tracepoint has 12 args. 408 * See include/trace/bpf_probe.h 409 */ 410 #define MAX_BPF_FUNC_ARGS 12 411 412 struct bpf_prog_stats { 413 u64 cnt; 414 u64 nsecs; 415 struct u64_stats_sync syncp; 416 } __aligned(2 * sizeof(u64)); 417 418 struct btf_func_model { 419 u8 ret_size; 420 u8 nr_args; 421 u8 arg_size[MAX_BPF_FUNC_ARGS]; 422 }; 423 424 /* Restore arguments before returning from trampoline to let original function 425 * continue executing. This flag is used for fentry progs when there are no 426 * fexit progs. 427 */ 428 #define BPF_TRAMP_F_RESTORE_REGS BIT(0) 429 /* Call original function after fentry progs, but before fexit progs. 430 * Makes sense for fentry/fexit, normal calls and indirect calls. 431 */ 432 #define BPF_TRAMP_F_CALL_ORIG BIT(1) 433 /* Skip current frame and return to parent. Makes sense for fentry/fexit 434 * programs only. Should not be used with normal calls and indirect calls. 435 */ 436 #define BPF_TRAMP_F_SKIP_FRAME BIT(2) 437 438 /* Each call __bpf_prog_enter + call bpf_func + call __bpf_prog_exit is ~50 439 * bytes on x86. Pick a number to fit into BPF_IMAGE_SIZE / 2 440 */ 441 #define BPF_MAX_TRAMP_PROGS 40 442 443 struct bpf_tramp_progs { 444 struct bpf_prog *progs[BPF_MAX_TRAMP_PROGS]; 445 int nr_progs; 446 }; 447 448 /* Different use cases for BPF trampoline: 449 * 1. replace nop at the function entry (kprobe equivalent) 450 * flags = BPF_TRAMP_F_RESTORE_REGS 451 * fentry = a set of programs to run before returning from trampoline 452 * 453 * 2. replace nop at the function entry (kprobe + kretprobe equivalent) 454 * flags = BPF_TRAMP_F_CALL_ORIG | BPF_TRAMP_F_SKIP_FRAME 455 * orig_call = fentry_ip + MCOUNT_INSN_SIZE 456 * fentry = a set of program to run before calling original function 457 * fexit = a set of program to run after original function 458 * 459 * 3. replace direct call instruction anywhere in the function body 460 * or assign a function pointer for indirect call (like tcp_congestion_ops->cong_avoid) 461 * With flags = 0 462 * fentry = a set of programs to run before returning from trampoline 463 * With flags = BPF_TRAMP_F_CALL_ORIG 464 * orig_call = original callback addr or direct function addr 465 * fentry = a set of program to run before calling original function 466 * fexit = a set of program to run after original function 467 */ 468 int arch_prepare_bpf_trampoline(void *image, void *image_end, 469 const struct btf_func_model *m, u32 flags, 470 struct bpf_tramp_progs *tprogs, 471 void *orig_call); 472 /* these two functions are called from generated trampoline */ 473 u64 notrace __bpf_prog_enter(void); 474 void notrace __bpf_prog_exit(struct bpf_prog *prog, u64 start); 475 476 struct bpf_ksym { 477 unsigned long start; 478 unsigned long end; 479 char name[KSYM_NAME_LEN]; 480 struct list_head lnode; 481 struct latch_tree_node tnode; 482 bool prog; 483 }; 484 485 enum bpf_tramp_prog_type { 486 BPF_TRAMP_FENTRY, 487 BPF_TRAMP_FEXIT, 488 BPF_TRAMP_MODIFY_RETURN, 489 BPF_TRAMP_MAX, 490 BPF_TRAMP_REPLACE, /* more than MAX */ 491 }; 492 493 struct bpf_trampoline { 494 /* hlist for trampoline_table */ 495 struct hlist_node hlist; 496 /* serializes access to fields of this trampoline */ 497 struct mutex mutex; 498 refcount_t refcnt; 499 u64 key; 500 struct { 501 struct btf_func_model model; 502 void *addr; 503 bool ftrace_managed; 504 } func; 505 /* if !NULL this is BPF_PROG_TYPE_EXT program that extends another BPF 506 * program by replacing one of its functions. func.addr is the address 507 * of the function it replaced. 508 */ 509 struct bpf_prog *extension_prog; 510 /* list of BPF programs using this trampoline */ 511 struct hlist_head progs_hlist[BPF_TRAMP_MAX]; 512 /* Number of attached programs. A counter per kind. */ 513 int progs_cnt[BPF_TRAMP_MAX]; 514 /* Executable image of trampoline */ 515 void *image; 516 u64 selector; 517 struct bpf_ksym ksym; 518 }; 519 520 #define BPF_DISPATCHER_MAX 48 /* Fits in 2048B */ 521 522 struct bpf_dispatcher_prog { 523 struct bpf_prog *prog; 524 refcount_t users; 525 }; 526 527 struct bpf_dispatcher { 528 /* dispatcher mutex */ 529 struct mutex mutex; 530 void *func; 531 struct bpf_dispatcher_prog progs[BPF_DISPATCHER_MAX]; 532 int num_progs; 533 void *image; 534 u32 image_off; 535 struct bpf_ksym ksym; 536 }; 537 538 static __always_inline unsigned int bpf_dispatcher_nop_func( 539 const void *ctx, 540 const struct bpf_insn *insnsi, 541 unsigned int (*bpf_func)(const void *, 542 const struct bpf_insn *)) 543 { 544 return bpf_func(ctx, insnsi); 545 } 546 #ifdef CONFIG_BPF_JIT 547 struct bpf_trampoline *bpf_trampoline_lookup(u64 key); 548 int bpf_trampoline_link_prog(struct bpf_prog *prog); 549 int bpf_trampoline_unlink_prog(struct bpf_prog *prog); 550 void bpf_trampoline_put(struct bpf_trampoline *tr); 551 #define BPF_DISPATCHER_INIT(_name) { \ 552 .mutex = __MUTEX_INITIALIZER(_name.mutex), \ 553 .func = &_name##_func, \ 554 .progs = {}, \ 555 .num_progs = 0, \ 556 .image = NULL, \ 557 .image_off = 0, \ 558 .ksym = { \ 559 .name = #_name, \ 560 .lnode = LIST_HEAD_INIT(_name.ksym.lnode), \ 561 }, \ 562 } 563 564 #define DEFINE_BPF_DISPATCHER(name) \ 565 noinline unsigned int bpf_dispatcher_##name##_func( \ 566 const void *ctx, \ 567 const struct bpf_insn *insnsi, \ 568 unsigned int (*bpf_func)(const void *, \ 569 const struct bpf_insn *)) \ 570 { \ 571 return bpf_func(ctx, insnsi); \ 572 } \ 573 EXPORT_SYMBOL(bpf_dispatcher_##name##_func); \ 574 struct bpf_dispatcher bpf_dispatcher_##name = \ 575 BPF_DISPATCHER_INIT(bpf_dispatcher_##name); 576 #define DECLARE_BPF_DISPATCHER(name) \ 577 unsigned int bpf_dispatcher_##name##_func( \ 578 const void *ctx, \ 579 const struct bpf_insn *insnsi, \ 580 unsigned int (*bpf_func)(const void *, \ 581 const struct bpf_insn *)); \ 582 extern struct bpf_dispatcher bpf_dispatcher_##name; 583 #define BPF_DISPATCHER_FUNC(name) bpf_dispatcher_##name##_func 584 #define BPF_DISPATCHER_PTR(name) (&bpf_dispatcher_##name) 585 void bpf_dispatcher_change_prog(struct bpf_dispatcher *d, struct bpf_prog *from, 586 struct bpf_prog *to); 587 /* Called only from JIT-enabled code, so there's no need for stubs. */ 588 void *bpf_jit_alloc_exec_page(void); 589 void bpf_image_ksym_add(void *data, struct bpf_ksym *ksym); 590 void bpf_image_ksym_del(struct bpf_ksym *ksym); 591 void bpf_ksym_add(struct bpf_ksym *ksym); 592 void bpf_ksym_del(struct bpf_ksym *ksym); 593 #else 594 static inline struct bpf_trampoline *bpf_trampoline_lookup(u64 key) 595 { 596 return NULL; 597 } 598 static inline int bpf_trampoline_link_prog(struct bpf_prog *prog) 599 { 600 return -ENOTSUPP; 601 } 602 static inline int bpf_trampoline_unlink_prog(struct bpf_prog *prog) 603 { 604 return -ENOTSUPP; 605 } 606 static inline void bpf_trampoline_put(struct bpf_trampoline *tr) {} 607 #define DEFINE_BPF_DISPATCHER(name) 608 #define DECLARE_BPF_DISPATCHER(name) 609 #define BPF_DISPATCHER_FUNC(name) bpf_dispatcher_nop_func 610 #define BPF_DISPATCHER_PTR(name) NULL 611 static inline void bpf_dispatcher_change_prog(struct bpf_dispatcher *d, 612 struct bpf_prog *from, 613 struct bpf_prog *to) {} 614 static inline bool is_bpf_image_address(unsigned long address) 615 { 616 return false; 617 } 618 #endif 619 620 struct bpf_func_info_aux { 621 u16 linkage; 622 bool unreliable; 623 }; 624 625 enum bpf_jit_poke_reason { 626 BPF_POKE_REASON_TAIL_CALL, 627 }; 628 629 /* Descriptor of pokes pointing /into/ the JITed image. */ 630 struct bpf_jit_poke_descriptor { 631 void *ip; 632 union { 633 struct { 634 struct bpf_map *map; 635 u32 key; 636 } tail_call; 637 }; 638 bool ip_stable; 639 u8 adj_off; 640 u16 reason; 641 }; 642 643 struct bpf_prog_aux { 644 atomic64_t refcnt; 645 u32 used_map_cnt; 646 u32 max_ctx_offset; 647 u32 max_pkt_offset; 648 u32 max_tp_access; 649 u32 stack_depth; 650 u32 id; 651 u32 func_cnt; /* used by non-func prog as the number of func progs */ 652 u32 func_idx; /* 0 for non-func prog, the index in func array for func prog */ 653 u32 attach_btf_id; /* in-kernel BTF type id to attach to */ 654 struct bpf_prog *linked_prog; 655 bool verifier_zext; /* Zero extensions has been inserted by verifier. */ 656 bool offload_requested; 657 bool attach_btf_trace; /* true if attaching to BTF-enabled raw tp */ 658 bool func_proto_unreliable; 659 enum bpf_tramp_prog_type trampoline_prog_type; 660 struct bpf_trampoline *trampoline; 661 struct hlist_node tramp_hlist; 662 /* BTF_KIND_FUNC_PROTO for valid attach_btf_id */ 663 const struct btf_type *attach_func_proto; 664 /* function name for valid attach_btf_id */ 665 const char *attach_func_name; 666 struct bpf_prog **func; 667 void *jit_data; /* JIT specific data. arch dependent */ 668 struct bpf_jit_poke_descriptor *poke_tab; 669 u32 size_poke_tab; 670 struct bpf_ksym ksym; 671 const struct bpf_prog_ops *ops; 672 struct bpf_map **used_maps; 673 struct bpf_prog *prog; 674 struct user_struct *user; 675 u64 load_time; /* ns since boottime */ 676 struct bpf_map *cgroup_storage[MAX_BPF_CGROUP_STORAGE_TYPE]; 677 char name[BPF_OBJ_NAME_LEN]; 678 #ifdef CONFIG_SECURITY 679 void *security; 680 #endif 681 struct bpf_prog_offload *offload; 682 struct btf *btf; 683 struct bpf_func_info *func_info; 684 struct bpf_func_info_aux *func_info_aux; 685 /* bpf_line_info loaded from userspace. linfo->insn_off 686 * has the xlated insn offset. 687 * Both the main and sub prog share the same linfo. 688 * The subprog can access its first linfo by 689 * using the linfo_idx. 690 */ 691 struct bpf_line_info *linfo; 692 /* jited_linfo is the jited addr of the linfo. It has a 693 * one to one mapping to linfo: 694 * jited_linfo[i] is the jited addr for the linfo[i]->insn_off. 695 * Both the main and sub prog share the same jited_linfo. 696 * The subprog can access its first jited_linfo by 697 * using the linfo_idx. 698 */ 699 void **jited_linfo; 700 u32 func_info_cnt; 701 u32 nr_linfo; 702 /* subprog can use linfo_idx to access its first linfo and 703 * jited_linfo. 704 * main prog always has linfo_idx == 0 705 */ 706 u32 linfo_idx; 707 u32 num_exentries; 708 struct exception_table_entry *extable; 709 struct bpf_prog_stats __percpu *stats; 710 union { 711 struct work_struct work; 712 struct rcu_head rcu; 713 }; 714 }; 715 716 struct bpf_array_aux { 717 /* 'Ownership' of prog array is claimed by the first program that 718 * is going to use this map or by the first program which FD is 719 * stored in the map to make sure that all callers and callees have 720 * the same prog type and JITed flag. 721 */ 722 enum bpf_prog_type type; 723 bool jited; 724 /* Programs with direct jumps into programs part of this array. */ 725 struct list_head poke_progs; 726 struct bpf_map *map; 727 struct mutex poke_mutex; 728 struct work_struct work; 729 }; 730 731 struct bpf_struct_ops_value; 732 struct btf_type; 733 struct btf_member; 734 735 #define BPF_STRUCT_OPS_MAX_NR_MEMBERS 64 736 struct bpf_struct_ops { 737 const struct bpf_verifier_ops *verifier_ops; 738 int (*init)(struct btf *btf); 739 int (*check_member)(const struct btf_type *t, 740 const struct btf_member *member); 741 int (*init_member)(const struct btf_type *t, 742 const struct btf_member *member, 743 void *kdata, const void *udata); 744 int (*reg)(void *kdata); 745 void (*unreg)(void *kdata); 746 const struct btf_type *type; 747 const struct btf_type *value_type; 748 const char *name; 749 struct btf_func_model func_models[BPF_STRUCT_OPS_MAX_NR_MEMBERS]; 750 u32 type_id; 751 u32 value_id; 752 }; 753 754 #if defined(CONFIG_BPF_JIT) && defined(CONFIG_BPF_SYSCALL) 755 #define BPF_MODULE_OWNER ((void *)((0xeB9FUL << 2) + POISON_POINTER_DELTA)) 756 const struct bpf_struct_ops *bpf_struct_ops_find(u32 type_id); 757 void bpf_struct_ops_init(struct btf *btf, struct bpf_verifier_log *log); 758 bool bpf_struct_ops_get(const void *kdata); 759 void bpf_struct_ops_put(const void *kdata); 760 int bpf_struct_ops_map_sys_lookup_elem(struct bpf_map *map, void *key, 761 void *value); 762 static inline bool bpf_try_module_get(const void *data, struct module *owner) 763 { 764 if (owner == BPF_MODULE_OWNER) 765 return bpf_struct_ops_get(data); 766 else 767 return try_module_get(owner); 768 } 769 static inline void bpf_module_put(const void *data, struct module *owner) 770 { 771 if (owner == BPF_MODULE_OWNER) 772 bpf_struct_ops_put(data); 773 else 774 module_put(owner); 775 } 776 #else 777 static inline const struct bpf_struct_ops *bpf_struct_ops_find(u32 type_id) 778 { 779 return NULL; 780 } 781 static inline void bpf_struct_ops_init(struct btf *btf, 782 struct bpf_verifier_log *log) 783 { 784 } 785 static inline bool bpf_try_module_get(const void *data, struct module *owner) 786 { 787 return try_module_get(owner); 788 } 789 static inline void bpf_module_put(const void *data, struct module *owner) 790 { 791 module_put(owner); 792 } 793 static inline int bpf_struct_ops_map_sys_lookup_elem(struct bpf_map *map, 794 void *key, 795 void *value) 796 { 797 return -EINVAL; 798 } 799 #endif 800 801 struct bpf_array { 802 struct bpf_map map; 803 u32 elem_size; 804 u32 index_mask; 805 struct bpf_array_aux *aux; 806 union { 807 char value[0] __aligned(8); 808 void *ptrs[0] __aligned(8); 809 void __percpu *pptrs[0] __aligned(8); 810 }; 811 }; 812 813 #define BPF_COMPLEXITY_LIMIT_INSNS 1000000 /* yes. 1M insns */ 814 #define MAX_TAIL_CALL_CNT 32 815 816 #define BPF_F_ACCESS_MASK (BPF_F_RDONLY | \ 817 BPF_F_RDONLY_PROG | \ 818 BPF_F_WRONLY | \ 819 BPF_F_WRONLY_PROG) 820 821 #define BPF_MAP_CAN_READ BIT(0) 822 #define BPF_MAP_CAN_WRITE BIT(1) 823 824 static inline u32 bpf_map_flags_to_cap(struct bpf_map *map) 825 { 826 u32 access_flags = map->map_flags & (BPF_F_RDONLY_PROG | BPF_F_WRONLY_PROG); 827 828 /* Combination of BPF_F_RDONLY_PROG | BPF_F_WRONLY_PROG is 829 * not possible. 830 */ 831 if (access_flags & BPF_F_RDONLY_PROG) 832 return BPF_MAP_CAN_READ; 833 else if (access_flags & BPF_F_WRONLY_PROG) 834 return BPF_MAP_CAN_WRITE; 835 else 836 return BPF_MAP_CAN_READ | BPF_MAP_CAN_WRITE; 837 } 838 839 static inline bool bpf_map_flags_access_ok(u32 access_flags) 840 { 841 return (access_flags & (BPF_F_RDONLY_PROG | BPF_F_WRONLY_PROG)) != 842 (BPF_F_RDONLY_PROG | BPF_F_WRONLY_PROG); 843 } 844 845 struct bpf_event_entry { 846 struct perf_event *event; 847 struct file *perf_file; 848 struct file *map_file; 849 struct rcu_head rcu; 850 }; 851 852 bool bpf_prog_array_compatible(struct bpf_array *array, const struct bpf_prog *fp); 853 int bpf_prog_calc_tag(struct bpf_prog *fp); 854 const char *kernel_type_name(u32 btf_type_id); 855 856 const struct bpf_func_proto *bpf_get_trace_printk_proto(void); 857 858 typedef unsigned long (*bpf_ctx_copy_t)(void *dst, const void *src, 859 unsigned long off, unsigned long len); 860 typedef u32 (*bpf_convert_ctx_access_t)(enum bpf_access_type type, 861 const struct bpf_insn *src, 862 struct bpf_insn *dst, 863 struct bpf_prog *prog, 864 u32 *target_size); 865 866 u64 bpf_event_output(struct bpf_map *map, u64 flags, void *meta, u64 meta_size, 867 void *ctx, u64 ctx_size, bpf_ctx_copy_t ctx_copy); 868 869 /* an array of programs to be executed under rcu_lock. 870 * 871 * Typical usage: 872 * ret = BPF_PROG_RUN_ARRAY(&bpf_prog_array, ctx, BPF_PROG_RUN); 873 * 874 * the structure returned by bpf_prog_array_alloc() should be populated 875 * with program pointers and the last pointer must be NULL. 876 * The user has to keep refcnt on the program and make sure the program 877 * is removed from the array before bpf_prog_put(). 878 * The 'struct bpf_prog_array *' should only be replaced with xchg() 879 * since other cpus are walking the array of pointers in parallel. 880 */ 881 struct bpf_prog_array_item { 882 struct bpf_prog *prog; 883 struct bpf_cgroup_storage *cgroup_storage[MAX_BPF_CGROUP_STORAGE_TYPE]; 884 }; 885 886 struct bpf_prog_array { 887 struct rcu_head rcu; 888 struct bpf_prog_array_item items[]; 889 }; 890 891 struct bpf_prog_array *bpf_prog_array_alloc(u32 prog_cnt, gfp_t flags); 892 void bpf_prog_array_free(struct bpf_prog_array *progs); 893 int bpf_prog_array_length(struct bpf_prog_array *progs); 894 bool bpf_prog_array_is_empty(struct bpf_prog_array *array); 895 int bpf_prog_array_copy_to_user(struct bpf_prog_array *progs, 896 __u32 __user *prog_ids, u32 cnt); 897 898 void bpf_prog_array_delete_safe(struct bpf_prog_array *progs, 899 struct bpf_prog *old_prog); 900 int bpf_prog_array_copy_info(struct bpf_prog_array *array, 901 u32 *prog_ids, u32 request_cnt, 902 u32 *prog_cnt); 903 int bpf_prog_array_copy(struct bpf_prog_array *old_array, 904 struct bpf_prog *exclude_prog, 905 struct bpf_prog *include_prog, 906 struct bpf_prog_array **new_array); 907 908 #define __BPF_PROG_RUN_ARRAY(array, ctx, func, check_non_null) \ 909 ({ \ 910 struct bpf_prog_array_item *_item; \ 911 struct bpf_prog *_prog; \ 912 struct bpf_prog_array *_array; \ 913 u32 _ret = 1; \ 914 migrate_disable(); \ 915 rcu_read_lock(); \ 916 _array = rcu_dereference(array); \ 917 if (unlikely(check_non_null && !_array))\ 918 goto _out; \ 919 _item = &_array->items[0]; \ 920 while ((_prog = READ_ONCE(_item->prog))) { \ 921 bpf_cgroup_storage_set(_item->cgroup_storage); \ 922 _ret &= func(_prog, ctx); \ 923 _item++; \ 924 } \ 925 _out: \ 926 rcu_read_unlock(); \ 927 migrate_enable(); \ 928 _ret; \ 929 }) 930 931 /* To be used by __cgroup_bpf_run_filter_skb for EGRESS BPF progs 932 * so BPF programs can request cwr for TCP packets. 933 * 934 * Current cgroup skb programs can only return 0 or 1 (0 to drop the 935 * packet. This macro changes the behavior so the low order bit 936 * indicates whether the packet should be dropped (0) or not (1) 937 * and the next bit is a congestion notification bit. This could be 938 * used by TCP to call tcp_enter_cwr() 939 * 940 * Hence, new allowed return values of CGROUP EGRESS BPF programs are: 941 * 0: drop packet 942 * 1: keep packet 943 * 2: drop packet and cn 944 * 3: keep packet and cn 945 * 946 * This macro then converts it to one of the NET_XMIT or an error 947 * code that is then interpreted as drop packet (and no cn): 948 * 0: NET_XMIT_SUCCESS skb should be transmitted 949 * 1: NET_XMIT_DROP skb should be dropped and cn 950 * 2: NET_XMIT_CN skb should be transmitted and cn 951 * 3: -EPERM skb should be dropped 952 */ 953 #define BPF_PROG_CGROUP_INET_EGRESS_RUN_ARRAY(array, ctx, func) \ 954 ({ \ 955 struct bpf_prog_array_item *_item; \ 956 struct bpf_prog *_prog; \ 957 struct bpf_prog_array *_array; \ 958 u32 ret; \ 959 u32 _ret = 1; \ 960 u32 _cn = 0; \ 961 migrate_disable(); \ 962 rcu_read_lock(); \ 963 _array = rcu_dereference(array); \ 964 _item = &_array->items[0]; \ 965 while ((_prog = READ_ONCE(_item->prog))) { \ 966 bpf_cgroup_storage_set(_item->cgroup_storage); \ 967 ret = func(_prog, ctx); \ 968 _ret &= (ret & 1); \ 969 _cn |= (ret & 2); \ 970 _item++; \ 971 } \ 972 rcu_read_unlock(); \ 973 migrate_enable(); \ 974 if (_ret) \ 975 _ret = (_cn ? NET_XMIT_CN : NET_XMIT_SUCCESS); \ 976 else \ 977 _ret = (_cn ? NET_XMIT_DROP : -EPERM); \ 978 _ret; \ 979 }) 980 981 #define BPF_PROG_RUN_ARRAY(array, ctx, func) \ 982 __BPF_PROG_RUN_ARRAY(array, ctx, func, false) 983 984 #define BPF_PROG_RUN_ARRAY_CHECK(array, ctx, func) \ 985 __BPF_PROG_RUN_ARRAY(array, ctx, func, true) 986 987 #ifdef CONFIG_BPF_SYSCALL 988 DECLARE_PER_CPU(int, bpf_prog_active); 989 990 /* 991 * Block execution of BPF programs attached to instrumentation (perf, 992 * kprobes, tracepoints) to prevent deadlocks on map operations as any of 993 * these events can happen inside a region which holds a map bucket lock 994 * and can deadlock on it. 995 * 996 * Use the preemption safe inc/dec variants on RT because migrate disable 997 * is preemptible on RT and preemption in the middle of the RMW operation 998 * might lead to inconsistent state. Use the raw variants for non RT 999 * kernels as migrate_disable() maps to preempt_disable() so the slightly 1000 * more expensive save operation can be avoided. 1001 */ 1002 static inline void bpf_disable_instrumentation(void) 1003 { 1004 migrate_disable(); 1005 if (IS_ENABLED(CONFIG_PREEMPT_RT)) 1006 this_cpu_inc(bpf_prog_active); 1007 else 1008 __this_cpu_inc(bpf_prog_active); 1009 } 1010 1011 static inline void bpf_enable_instrumentation(void) 1012 { 1013 if (IS_ENABLED(CONFIG_PREEMPT_RT)) 1014 this_cpu_dec(bpf_prog_active); 1015 else 1016 __this_cpu_dec(bpf_prog_active); 1017 migrate_enable(); 1018 } 1019 1020 extern const struct file_operations bpf_map_fops; 1021 extern const struct file_operations bpf_prog_fops; 1022 1023 #define BPF_PROG_TYPE(_id, _name, prog_ctx_type, kern_ctx_type) \ 1024 extern const struct bpf_prog_ops _name ## _prog_ops; \ 1025 extern const struct bpf_verifier_ops _name ## _verifier_ops; 1026 #define BPF_MAP_TYPE(_id, _ops) \ 1027 extern const struct bpf_map_ops _ops; 1028 #include <linux/bpf_types.h> 1029 #undef BPF_PROG_TYPE 1030 #undef BPF_MAP_TYPE 1031 1032 extern const struct bpf_prog_ops bpf_offload_prog_ops; 1033 extern const struct bpf_verifier_ops tc_cls_act_analyzer_ops; 1034 extern const struct bpf_verifier_ops xdp_analyzer_ops; 1035 1036 struct bpf_prog *bpf_prog_get(u32 ufd); 1037 struct bpf_prog *bpf_prog_get_type_dev(u32 ufd, enum bpf_prog_type type, 1038 bool attach_drv); 1039 void bpf_prog_add(struct bpf_prog *prog, int i); 1040 void bpf_prog_sub(struct bpf_prog *prog, int i); 1041 void bpf_prog_inc(struct bpf_prog *prog); 1042 struct bpf_prog * __must_check bpf_prog_inc_not_zero(struct bpf_prog *prog); 1043 void bpf_prog_put(struct bpf_prog *prog); 1044 int __bpf_prog_charge(struct user_struct *user, u32 pages); 1045 void __bpf_prog_uncharge(struct user_struct *user, u32 pages); 1046 void __bpf_free_used_maps(struct bpf_prog_aux *aux, 1047 struct bpf_map **used_maps, u32 len); 1048 1049 void bpf_prog_free_id(struct bpf_prog *prog, bool do_idr_lock); 1050 void bpf_map_free_id(struct bpf_map *map, bool do_idr_lock); 1051 1052 struct bpf_map *bpf_map_get(u32 ufd); 1053 struct bpf_map *bpf_map_get_with_uref(u32 ufd); 1054 struct bpf_map *__bpf_map_get(struct fd f); 1055 void bpf_map_inc(struct bpf_map *map); 1056 void bpf_map_inc_with_uref(struct bpf_map *map); 1057 struct bpf_map * __must_check bpf_map_inc_not_zero(struct bpf_map *map); 1058 void bpf_map_put_with_uref(struct bpf_map *map); 1059 void bpf_map_put(struct bpf_map *map); 1060 int bpf_map_charge_memlock(struct bpf_map *map, u32 pages); 1061 void bpf_map_uncharge_memlock(struct bpf_map *map, u32 pages); 1062 int bpf_map_charge_init(struct bpf_map_memory *mem, u64 size); 1063 void bpf_map_charge_finish(struct bpf_map_memory *mem); 1064 void bpf_map_charge_move(struct bpf_map_memory *dst, 1065 struct bpf_map_memory *src); 1066 void *bpf_map_area_alloc(u64 size, int numa_node); 1067 void *bpf_map_area_mmapable_alloc(u64 size, int numa_node); 1068 void bpf_map_area_free(void *base); 1069 void bpf_map_init_from_attr(struct bpf_map *map, union bpf_attr *attr); 1070 int generic_map_lookup_batch(struct bpf_map *map, 1071 const union bpf_attr *attr, 1072 union bpf_attr __user *uattr); 1073 int generic_map_update_batch(struct bpf_map *map, 1074 const union bpf_attr *attr, 1075 union bpf_attr __user *uattr); 1076 int generic_map_delete_batch(struct bpf_map *map, 1077 const union bpf_attr *attr, 1078 union bpf_attr __user *uattr); 1079 1080 extern int sysctl_unprivileged_bpf_disabled; 1081 1082 int bpf_map_new_fd(struct bpf_map *map, int flags); 1083 int bpf_prog_new_fd(struct bpf_prog *prog); 1084 1085 struct bpf_link; 1086 1087 struct bpf_link_ops { 1088 void (*release)(struct bpf_link *link); 1089 void (*dealloc)(struct bpf_link *link); 1090 }; 1091 1092 void bpf_link_init(struct bpf_link *link, const struct bpf_link_ops *ops, 1093 struct bpf_prog *prog); 1094 void bpf_link_inc(struct bpf_link *link); 1095 void bpf_link_put(struct bpf_link *link); 1096 int bpf_link_new_fd(struct bpf_link *link); 1097 struct file *bpf_link_new_file(struct bpf_link *link, int *reserved_fd); 1098 struct bpf_link *bpf_link_get_from_fd(u32 ufd); 1099 1100 int bpf_obj_pin_user(u32 ufd, const char __user *pathname); 1101 int bpf_obj_get_user(const char __user *pathname, int flags); 1102 1103 int bpf_percpu_hash_copy(struct bpf_map *map, void *key, void *value); 1104 int bpf_percpu_array_copy(struct bpf_map *map, void *key, void *value); 1105 int bpf_percpu_hash_update(struct bpf_map *map, void *key, void *value, 1106 u64 flags); 1107 int bpf_percpu_array_update(struct bpf_map *map, void *key, void *value, 1108 u64 flags); 1109 1110 int bpf_stackmap_copy(struct bpf_map *map, void *key, void *value); 1111 1112 int bpf_fd_array_map_update_elem(struct bpf_map *map, struct file *map_file, 1113 void *key, void *value, u64 map_flags); 1114 int bpf_fd_array_map_lookup_elem(struct bpf_map *map, void *key, u32 *value); 1115 int bpf_fd_htab_map_update_elem(struct bpf_map *map, struct file *map_file, 1116 void *key, void *value, u64 map_flags); 1117 int bpf_fd_htab_map_lookup_elem(struct bpf_map *map, void *key, u32 *value); 1118 1119 int bpf_get_file_flag(int flags); 1120 int bpf_check_uarg_tail_zero(void __user *uaddr, size_t expected_size, 1121 size_t actual_size); 1122 1123 /* memcpy that is used with 8-byte aligned pointers, power-of-8 size and 1124 * forced to use 'long' read/writes to try to atomically copy long counters. 1125 * Best-effort only. No barriers here, since it _will_ race with concurrent 1126 * updates from BPF programs. Called from bpf syscall and mostly used with 1127 * size 8 or 16 bytes, so ask compiler to inline it. 1128 */ 1129 static inline void bpf_long_memcpy(void *dst, const void *src, u32 size) 1130 { 1131 const long *lsrc = src; 1132 long *ldst = dst; 1133 1134 size /= sizeof(long); 1135 while (size--) 1136 *ldst++ = *lsrc++; 1137 } 1138 1139 /* verify correctness of eBPF program */ 1140 int bpf_check(struct bpf_prog **fp, union bpf_attr *attr, 1141 union bpf_attr __user *uattr); 1142 void bpf_patch_call_args(struct bpf_insn *insn, u32 stack_depth); 1143 1144 /* Map specifics */ 1145 struct xdp_buff; 1146 struct sk_buff; 1147 1148 struct bpf_dtab_netdev *__dev_map_lookup_elem(struct bpf_map *map, u32 key); 1149 struct bpf_dtab_netdev *__dev_map_hash_lookup_elem(struct bpf_map *map, u32 key); 1150 void __dev_flush(void); 1151 int dev_xdp_enqueue(struct net_device *dev, struct xdp_buff *xdp, 1152 struct net_device *dev_rx); 1153 int dev_map_enqueue(struct bpf_dtab_netdev *dst, struct xdp_buff *xdp, 1154 struct net_device *dev_rx); 1155 int dev_map_generic_redirect(struct bpf_dtab_netdev *dst, struct sk_buff *skb, 1156 struct bpf_prog *xdp_prog); 1157 1158 struct bpf_cpu_map_entry *__cpu_map_lookup_elem(struct bpf_map *map, u32 key); 1159 void __cpu_map_flush(void); 1160 int cpu_map_enqueue(struct bpf_cpu_map_entry *rcpu, struct xdp_buff *xdp, 1161 struct net_device *dev_rx); 1162 1163 /* Return map's numa specified by userspace */ 1164 static inline int bpf_map_attr_numa_node(const union bpf_attr *attr) 1165 { 1166 return (attr->map_flags & BPF_F_NUMA_NODE) ? 1167 attr->numa_node : NUMA_NO_NODE; 1168 } 1169 1170 struct bpf_prog *bpf_prog_get_type_path(const char *name, enum bpf_prog_type type); 1171 int array_map_alloc_check(union bpf_attr *attr); 1172 1173 int bpf_prog_test_run_xdp(struct bpf_prog *prog, const union bpf_attr *kattr, 1174 union bpf_attr __user *uattr); 1175 int bpf_prog_test_run_skb(struct bpf_prog *prog, const union bpf_attr *kattr, 1176 union bpf_attr __user *uattr); 1177 int bpf_prog_test_run_tracing(struct bpf_prog *prog, 1178 const union bpf_attr *kattr, 1179 union bpf_attr __user *uattr); 1180 int bpf_prog_test_run_flow_dissector(struct bpf_prog *prog, 1181 const union bpf_attr *kattr, 1182 union bpf_attr __user *uattr); 1183 bool btf_ctx_access(int off, int size, enum bpf_access_type type, 1184 const struct bpf_prog *prog, 1185 struct bpf_insn_access_aux *info); 1186 int btf_struct_access(struct bpf_verifier_log *log, 1187 const struct btf_type *t, int off, int size, 1188 enum bpf_access_type atype, 1189 u32 *next_btf_id); 1190 int btf_resolve_helper_id(struct bpf_verifier_log *log, 1191 const struct bpf_func_proto *fn, int); 1192 1193 int btf_distill_func_proto(struct bpf_verifier_log *log, 1194 struct btf *btf, 1195 const struct btf_type *func_proto, 1196 const char *func_name, 1197 struct btf_func_model *m); 1198 1199 struct bpf_reg_state; 1200 int btf_check_func_arg_match(struct bpf_verifier_env *env, int subprog, 1201 struct bpf_reg_state *regs); 1202 int btf_prepare_func_args(struct bpf_verifier_env *env, int subprog, 1203 struct bpf_reg_state *reg); 1204 int btf_check_type_match(struct bpf_verifier_env *env, struct bpf_prog *prog, 1205 struct btf *btf, const struct btf_type *t); 1206 1207 struct bpf_prog *bpf_prog_by_id(u32 id); 1208 1209 #else /* !CONFIG_BPF_SYSCALL */ 1210 static inline struct bpf_prog *bpf_prog_get(u32 ufd) 1211 { 1212 return ERR_PTR(-EOPNOTSUPP); 1213 } 1214 1215 static inline struct bpf_prog *bpf_prog_get_type_dev(u32 ufd, 1216 enum bpf_prog_type type, 1217 bool attach_drv) 1218 { 1219 return ERR_PTR(-EOPNOTSUPP); 1220 } 1221 1222 static inline void bpf_prog_add(struct bpf_prog *prog, int i) 1223 { 1224 } 1225 1226 static inline void bpf_prog_sub(struct bpf_prog *prog, int i) 1227 { 1228 } 1229 1230 static inline void bpf_prog_put(struct bpf_prog *prog) 1231 { 1232 } 1233 1234 static inline void bpf_prog_inc(struct bpf_prog *prog) 1235 { 1236 } 1237 1238 static inline struct bpf_prog *__must_check 1239 bpf_prog_inc_not_zero(struct bpf_prog *prog) 1240 { 1241 return ERR_PTR(-EOPNOTSUPP); 1242 } 1243 1244 static inline int __bpf_prog_charge(struct user_struct *user, u32 pages) 1245 { 1246 return 0; 1247 } 1248 1249 static inline void __bpf_prog_uncharge(struct user_struct *user, u32 pages) 1250 { 1251 } 1252 1253 static inline int bpf_obj_get_user(const char __user *pathname, int flags) 1254 { 1255 return -EOPNOTSUPP; 1256 } 1257 1258 static inline struct net_device *__dev_map_lookup_elem(struct bpf_map *map, 1259 u32 key) 1260 { 1261 return NULL; 1262 } 1263 1264 static inline struct net_device *__dev_map_hash_lookup_elem(struct bpf_map *map, 1265 u32 key) 1266 { 1267 return NULL; 1268 } 1269 1270 static inline void __dev_flush(void) 1271 { 1272 } 1273 1274 struct xdp_buff; 1275 struct bpf_dtab_netdev; 1276 1277 static inline 1278 int dev_xdp_enqueue(struct net_device *dev, struct xdp_buff *xdp, 1279 struct net_device *dev_rx) 1280 { 1281 return 0; 1282 } 1283 1284 static inline 1285 int dev_map_enqueue(struct bpf_dtab_netdev *dst, struct xdp_buff *xdp, 1286 struct net_device *dev_rx) 1287 { 1288 return 0; 1289 } 1290 1291 struct sk_buff; 1292 1293 static inline int dev_map_generic_redirect(struct bpf_dtab_netdev *dst, 1294 struct sk_buff *skb, 1295 struct bpf_prog *xdp_prog) 1296 { 1297 return 0; 1298 } 1299 1300 static inline 1301 struct bpf_cpu_map_entry *__cpu_map_lookup_elem(struct bpf_map *map, u32 key) 1302 { 1303 return NULL; 1304 } 1305 1306 static inline void __cpu_map_flush(void) 1307 { 1308 } 1309 1310 static inline int cpu_map_enqueue(struct bpf_cpu_map_entry *rcpu, 1311 struct xdp_buff *xdp, 1312 struct net_device *dev_rx) 1313 { 1314 return 0; 1315 } 1316 1317 static inline struct bpf_prog *bpf_prog_get_type_path(const char *name, 1318 enum bpf_prog_type type) 1319 { 1320 return ERR_PTR(-EOPNOTSUPP); 1321 } 1322 1323 static inline int bpf_prog_test_run_xdp(struct bpf_prog *prog, 1324 const union bpf_attr *kattr, 1325 union bpf_attr __user *uattr) 1326 { 1327 return -ENOTSUPP; 1328 } 1329 1330 static inline int bpf_prog_test_run_skb(struct bpf_prog *prog, 1331 const union bpf_attr *kattr, 1332 union bpf_attr __user *uattr) 1333 { 1334 return -ENOTSUPP; 1335 } 1336 1337 static inline int bpf_prog_test_run_tracing(struct bpf_prog *prog, 1338 const union bpf_attr *kattr, 1339 union bpf_attr __user *uattr) 1340 { 1341 return -ENOTSUPP; 1342 } 1343 1344 static inline int bpf_prog_test_run_flow_dissector(struct bpf_prog *prog, 1345 const union bpf_attr *kattr, 1346 union bpf_attr __user *uattr) 1347 { 1348 return -ENOTSUPP; 1349 } 1350 1351 static inline void bpf_map_put(struct bpf_map *map) 1352 { 1353 } 1354 1355 static inline struct bpf_prog *bpf_prog_by_id(u32 id) 1356 { 1357 return ERR_PTR(-ENOTSUPP); 1358 } 1359 #endif /* CONFIG_BPF_SYSCALL */ 1360 1361 static inline struct bpf_prog *bpf_prog_get_type(u32 ufd, 1362 enum bpf_prog_type type) 1363 { 1364 return bpf_prog_get_type_dev(ufd, type, false); 1365 } 1366 1367 bool bpf_prog_get_ok(struct bpf_prog *, enum bpf_prog_type *, bool); 1368 1369 int bpf_prog_offload_compile(struct bpf_prog *prog); 1370 void bpf_prog_offload_destroy(struct bpf_prog *prog); 1371 int bpf_prog_offload_info_fill(struct bpf_prog_info *info, 1372 struct bpf_prog *prog); 1373 1374 int bpf_map_offload_info_fill(struct bpf_map_info *info, struct bpf_map *map); 1375 1376 int bpf_map_offload_lookup_elem(struct bpf_map *map, void *key, void *value); 1377 int bpf_map_offload_update_elem(struct bpf_map *map, 1378 void *key, void *value, u64 flags); 1379 int bpf_map_offload_delete_elem(struct bpf_map *map, void *key); 1380 int bpf_map_offload_get_next_key(struct bpf_map *map, 1381 void *key, void *next_key); 1382 1383 bool bpf_offload_prog_map_match(struct bpf_prog *prog, struct bpf_map *map); 1384 1385 struct bpf_offload_dev * 1386 bpf_offload_dev_create(const struct bpf_prog_offload_ops *ops, void *priv); 1387 void bpf_offload_dev_destroy(struct bpf_offload_dev *offdev); 1388 void *bpf_offload_dev_priv(struct bpf_offload_dev *offdev); 1389 int bpf_offload_dev_netdev_register(struct bpf_offload_dev *offdev, 1390 struct net_device *netdev); 1391 void bpf_offload_dev_netdev_unregister(struct bpf_offload_dev *offdev, 1392 struct net_device *netdev); 1393 bool bpf_offload_dev_match(struct bpf_prog *prog, struct net_device *netdev); 1394 1395 #if defined(CONFIG_NET) && defined(CONFIG_BPF_SYSCALL) 1396 int bpf_prog_offload_init(struct bpf_prog *prog, union bpf_attr *attr); 1397 1398 static inline bool bpf_prog_is_dev_bound(const struct bpf_prog_aux *aux) 1399 { 1400 return aux->offload_requested; 1401 } 1402 1403 static inline bool bpf_map_is_dev_bound(struct bpf_map *map) 1404 { 1405 return unlikely(map->ops == &bpf_map_offload_ops); 1406 } 1407 1408 struct bpf_map *bpf_map_offload_map_alloc(union bpf_attr *attr); 1409 void bpf_map_offload_map_free(struct bpf_map *map); 1410 #else 1411 static inline int bpf_prog_offload_init(struct bpf_prog *prog, 1412 union bpf_attr *attr) 1413 { 1414 return -EOPNOTSUPP; 1415 } 1416 1417 static inline bool bpf_prog_is_dev_bound(struct bpf_prog_aux *aux) 1418 { 1419 return false; 1420 } 1421 1422 static inline bool bpf_map_is_dev_bound(struct bpf_map *map) 1423 { 1424 return false; 1425 } 1426 1427 static inline struct bpf_map *bpf_map_offload_map_alloc(union bpf_attr *attr) 1428 { 1429 return ERR_PTR(-EOPNOTSUPP); 1430 } 1431 1432 static inline void bpf_map_offload_map_free(struct bpf_map *map) 1433 { 1434 } 1435 #endif /* CONFIG_NET && CONFIG_BPF_SYSCALL */ 1436 1437 #if defined(CONFIG_BPF_STREAM_PARSER) 1438 int sock_map_prog_update(struct bpf_map *map, struct bpf_prog *prog, u32 which); 1439 int sock_map_get_from_fd(const union bpf_attr *attr, struct bpf_prog *prog); 1440 void sock_map_unhash(struct sock *sk); 1441 void sock_map_close(struct sock *sk, long timeout); 1442 #else 1443 static inline int sock_map_prog_update(struct bpf_map *map, 1444 struct bpf_prog *prog, u32 which) 1445 { 1446 return -EOPNOTSUPP; 1447 } 1448 1449 static inline int sock_map_get_from_fd(const union bpf_attr *attr, 1450 struct bpf_prog *prog) 1451 { 1452 return -EINVAL; 1453 } 1454 #endif /* CONFIG_BPF_STREAM_PARSER */ 1455 1456 #if defined(CONFIG_INET) && defined(CONFIG_BPF_SYSCALL) 1457 void bpf_sk_reuseport_detach(struct sock *sk); 1458 int bpf_fd_reuseport_array_lookup_elem(struct bpf_map *map, void *key, 1459 void *value); 1460 int bpf_fd_reuseport_array_update_elem(struct bpf_map *map, void *key, 1461 void *value, u64 map_flags); 1462 #else 1463 static inline void bpf_sk_reuseport_detach(struct sock *sk) 1464 { 1465 } 1466 1467 #ifdef CONFIG_BPF_SYSCALL 1468 static inline int bpf_fd_reuseport_array_lookup_elem(struct bpf_map *map, 1469 void *key, void *value) 1470 { 1471 return -EOPNOTSUPP; 1472 } 1473 1474 static inline int bpf_fd_reuseport_array_update_elem(struct bpf_map *map, 1475 void *key, void *value, 1476 u64 map_flags) 1477 { 1478 return -EOPNOTSUPP; 1479 } 1480 #endif /* CONFIG_BPF_SYSCALL */ 1481 #endif /* defined(CONFIG_INET) && defined(CONFIG_BPF_SYSCALL) */ 1482 1483 /* verifier prototypes for helper functions called from eBPF programs */ 1484 extern const struct bpf_func_proto bpf_map_lookup_elem_proto; 1485 extern const struct bpf_func_proto bpf_map_update_elem_proto; 1486 extern const struct bpf_func_proto bpf_map_delete_elem_proto; 1487 extern const struct bpf_func_proto bpf_map_push_elem_proto; 1488 extern const struct bpf_func_proto bpf_map_pop_elem_proto; 1489 extern const struct bpf_func_proto bpf_map_peek_elem_proto; 1490 1491 extern const struct bpf_func_proto bpf_get_prandom_u32_proto; 1492 extern const struct bpf_func_proto bpf_get_smp_processor_id_proto; 1493 extern const struct bpf_func_proto bpf_get_numa_node_id_proto; 1494 extern const struct bpf_func_proto bpf_tail_call_proto; 1495 extern const struct bpf_func_proto bpf_ktime_get_ns_proto; 1496 extern const struct bpf_func_proto bpf_get_current_pid_tgid_proto; 1497 extern const struct bpf_func_proto bpf_get_current_uid_gid_proto; 1498 extern const struct bpf_func_proto bpf_get_current_comm_proto; 1499 extern const struct bpf_func_proto bpf_get_stackid_proto; 1500 extern const struct bpf_func_proto bpf_get_stack_proto; 1501 extern const struct bpf_func_proto bpf_sock_map_update_proto; 1502 extern const struct bpf_func_proto bpf_sock_hash_update_proto; 1503 extern const struct bpf_func_proto bpf_get_current_cgroup_id_proto; 1504 extern const struct bpf_func_proto bpf_get_current_ancestor_cgroup_id_proto; 1505 extern const struct bpf_func_proto bpf_msg_redirect_hash_proto; 1506 extern const struct bpf_func_proto bpf_msg_redirect_map_proto; 1507 extern const struct bpf_func_proto bpf_sk_redirect_hash_proto; 1508 extern const struct bpf_func_proto bpf_sk_redirect_map_proto; 1509 extern const struct bpf_func_proto bpf_spin_lock_proto; 1510 extern const struct bpf_func_proto bpf_spin_unlock_proto; 1511 extern const struct bpf_func_proto bpf_get_local_storage_proto; 1512 extern const struct bpf_func_proto bpf_strtol_proto; 1513 extern const struct bpf_func_proto bpf_strtoul_proto; 1514 extern const struct bpf_func_proto bpf_tcp_sock_proto; 1515 extern const struct bpf_func_proto bpf_jiffies64_proto; 1516 extern const struct bpf_func_proto bpf_get_ns_current_pid_tgid_proto; 1517 1518 const struct bpf_func_proto *bpf_tracing_func_proto( 1519 enum bpf_func_id func_id, const struct bpf_prog *prog); 1520 1521 /* Shared helpers among cBPF and eBPF. */ 1522 void bpf_user_rnd_init_once(void); 1523 u64 bpf_user_rnd_u32(u64 r1, u64 r2, u64 r3, u64 r4, u64 r5); 1524 1525 #if defined(CONFIG_NET) 1526 bool bpf_sock_common_is_valid_access(int off, int size, 1527 enum bpf_access_type type, 1528 struct bpf_insn_access_aux *info); 1529 bool bpf_sock_is_valid_access(int off, int size, enum bpf_access_type type, 1530 struct bpf_insn_access_aux *info); 1531 u32 bpf_sock_convert_ctx_access(enum bpf_access_type type, 1532 const struct bpf_insn *si, 1533 struct bpf_insn *insn_buf, 1534 struct bpf_prog *prog, 1535 u32 *target_size); 1536 #else 1537 static inline bool bpf_sock_common_is_valid_access(int off, int size, 1538 enum bpf_access_type type, 1539 struct bpf_insn_access_aux *info) 1540 { 1541 return false; 1542 } 1543 static inline bool bpf_sock_is_valid_access(int off, int size, 1544 enum bpf_access_type type, 1545 struct bpf_insn_access_aux *info) 1546 { 1547 return false; 1548 } 1549 static inline u32 bpf_sock_convert_ctx_access(enum bpf_access_type type, 1550 const struct bpf_insn *si, 1551 struct bpf_insn *insn_buf, 1552 struct bpf_prog *prog, 1553 u32 *target_size) 1554 { 1555 return 0; 1556 } 1557 #endif 1558 1559 #ifdef CONFIG_INET 1560 struct sk_reuseport_kern { 1561 struct sk_buff *skb; 1562 struct sock *sk; 1563 struct sock *selected_sk; 1564 void *data_end; 1565 u32 hash; 1566 u32 reuseport_id; 1567 bool bind_inany; 1568 }; 1569 bool bpf_tcp_sock_is_valid_access(int off, int size, enum bpf_access_type type, 1570 struct bpf_insn_access_aux *info); 1571 1572 u32 bpf_tcp_sock_convert_ctx_access(enum bpf_access_type type, 1573 const struct bpf_insn *si, 1574 struct bpf_insn *insn_buf, 1575 struct bpf_prog *prog, 1576 u32 *target_size); 1577 1578 bool bpf_xdp_sock_is_valid_access(int off, int size, enum bpf_access_type type, 1579 struct bpf_insn_access_aux *info); 1580 1581 u32 bpf_xdp_sock_convert_ctx_access(enum bpf_access_type type, 1582 const struct bpf_insn *si, 1583 struct bpf_insn *insn_buf, 1584 struct bpf_prog *prog, 1585 u32 *target_size); 1586 #else 1587 static inline bool bpf_tcp_sock_is_valid_access(int off, int size, 1588 enum bpf_access_type type, 1589 struct bpf_insn_access_aux *info) 1590 { 1591 return false; 1592 } 1593 1594 static inline u32 bpf_tcp_sock_convert_ctx_access(enum bpf_access_type type, 1595 const struct bpf_insn *si, 1596 struct bpf_insn *insn_buf, 1597 struct bpf_prog *prog, 1598 u32 *target_size) 1599 { 1600 return 0; 1601 } 1602 static inline bool bpf_xdp_sock_is_valid_access(int off, int size, 1603 enum bpf_access_type type, 1604 struct bpf_insn_access_aux *info) 1605 { 1606 return false; 1607 } 1608 1609 static inline u32 bpf_xdp_sock_convert_ctx_access(enum bpf_access_type type, 1610 const struct bpf_insn *si, 1611 struct bpf_insn *insn_buf, 1612 struct bpf_prog *prog, 1613 u32 *target_size) 1614 { 1615 return 0; 1616 } 1617 #endif /* CONFIG_INET */ 1618 1619 enum bpf_text_poke_type { 1620 BPF_MOD_CALL, 1621 BPF_MOD_JUMP, 1622 }; 1623 1624 int bpf_arch_text_poke(void *ip, enum bpf_text_poke_type t, 1625 void *addr1, void *addr2); 1626 1627 #endif /* _LINUX_BPF_H */ 1628