1. 08 Oct, 2021 27 commits
  2. 07 Oct, 2021 4 commits
  3. 06 Oct, 2021 9 commits
    • Andrii Nakryiko's avatar
      Merge branch 'libbpf: Deprecate bpf_{map,program}__{prev,next} APIs since v0.7' · 0e545dba
      Andrii Nakryiko authored
      Hengqi Chen says:
      
      ====================
      
      bpf_{map,program}__{prev,next} don't follow the libbpf API naming
      convention. Deprecate them and replace them with a new set of APIs
      named bpf_object__{prev,next}_{program,map}.
      
      v1->v2: [0]
        * Addressed Andrii's comments
      
        [0]: https://patchwork.kernel.org/project/netdevbpf/patch/20210906165456.325999-1-hengqi.chen@gmail.com/
      ====================
      Signed-off-by: default avatarAndrii Nakryiko <andrii@kernel.org>
      0e545dba
    • Hengqi Chen's avatar
      libbpf: Deprecate bpf_object__unload() API since v0.6 · 4a404a7e
      Hengqi Chen authored
      BPF objects are not reloadable after unload. Users are expected to use
      bpf_object__close() to unload and free up resources in one operation.
      No need to expose bpf_object__unload() as a public API, deprecate it
      ([0]).  Add bpf_object__unload() as an alias to internal
      bpf_object_unload() and replace all bpf_object__unload() uses to avoid
      compilation errors.
      
        [0] Closes: https://github.com/libbpf/libbpf/issues/290Signed-off-by: default avatarHengqi Chen <hengqi.chen@gmail.com>
      Signed-off-by: default avatarAndrii Nakryiko <andrii@kernel.org>
      Acked-by: default avatarSong Liu <songliubraving@fb.com>
      Link: https://lore.kernel.org/bpf/20211002161000.3854559-1-hengqi.chen@gmail.com
      4a404a7e
    • Hengqi Chen's avatar
      selftests/bpf: Switch to new bpf_object__next_{map,program} APIs · 6f2b219b
      Hengqi Chen authored
      Replace deprecated bpf_{map,program}__next APIs with newly added
      bpf_object__next_{map,program} APIs, so that no compilation warnings
      emit.
      Signed-off-by: default avatarHengqi Chen <hengqi.chen@gmail.com>
      Signed-off-by: default avatarAndrii Nakryiko <andrii@kernel.org>
      Acked-by: default avatarSong Liu <songliubraving@fb.com>
      Link: https://lore.kernel.org/bpf/20211003165844.4054931-3-hengqi.chen@gmail.com
      6f2b219b
    • Grant Seltzer's avatar
      libbpf: Add API documentation convention guidelines · 93303034
      Grant Seltzer authored
      This adds a section to the documentation for libbpf
      naming convention which describes how to document
      API features in libbpf, specifically the format of
      which API doc comments need to conform to.
      Signed-off-by: default avatarGrant Seltzer <grantseltzer@gmail.com>
      Signed-off-by: default avatarAndrii Nakryiko <andrii@kernel.org>
      Acked-by: default avatarSong Liu <songliubraving@fb.com>
      Link: https://lore.kernel.org/bpf/20211004215644.497327-1-grantseltzer@gmail.com
      93303034
    • Hengqi Chen's avatar
      libbpf: Deprecate bpf_{map,program}__{prev,next} APIs since v0.7 · 2088a3a7
      Hengqi Chen authored
      Deprecate bpf_{map,program}__{prev,next} APIs. Replace them with
      a new set of APIs named bpf_object__{prev,next}_{program,map} which
      follow the libbpf API naming convention ([0]). No functionality changes.
      
        [0] Closes: https://github.com/libbpf/libbpf/issues/296Signed-off-by: default avatarHengqi Chen <hengqi.chen@gmail.com>
      Signed-off-by: default avatarAndrii Nakryiko <andrii@kernel.org>
      Acked-by: default avatarSong Liu <songliubraving@fb.com>
      Link: https://lore.kernel.org/bpf/20211003165844.4054931-2-hengqi.chen@gmail.com
      2088a3a7
    • Jiri Olsa's avatar
      selftest/bpf: Switch recursion test to use htab_map_delete_elem · 189c83bd
      Jiri Olsa authored
      Currently the recursion test is hooking __htab_map_lookup_elem
      function, which is invoked both from bpf_prog and bpf syscall.
      
      But in our kernel build, the __htab_map_lookup_elem gets inlined
      within the htab_map_lookup_elem, so it's not trigered and the
      test fails.
      
      Fixing this by using htab_map_delete_elem, which is not inlined
      for bpf_prog calls (like htab_map_lookup_elem is) and is used
      directly as pointer for map_delete_elem, so it won't disappear
      by inlining.
      Signed-off-by: default avatarJiri Olsa <jolsa@kernel.org>
      Signed-off-by: default avatarAndrii Nakryiko <andrii@kernel.org>
      Acked-by: default avatarSong Liu <songliubraving@fb.com>
      Link: https://lore.kernel.org/bpf/YVnfFTL/3T6jOwHI@krava
      189c83bd
    • Quentin Monnet's avatar
      bpf: Use $(pound) instead of \# in Makefiles · 929bef46
      Quentin Monnet authored
      Recent-ish versions of make do no longer consider number signs ("#") as
      comment symbols when they are inserted inside of a macro reference or in
      a function invocation. In such cases, the symbols should not be escaped.
      
      There are a few occurrences of "\#" in libbpf's and samples' Makefiles.
      In the former, the backslash is harmless, because grep associates no
      particular meaning to the escaped symbol and reads it as a regular "#".
      In samples' Makefile, recent versions of make will pass the backslash
      down to the compiler, making the probe fail all the time and resulting
      in the display of a warning about "make headers_install" being required,
      even after headers have been installed.
      
      A similar issue has been addressed at some other locations by commit
      9564a8cf ("Kbuild: fix # escaping in .cmd files for future Make").
      Let's address it for libbpf's and samples' Makefiles in the same
      fashion, by using a "$(pound)" variable (pulled from
      tools/scripts/Makefile.include for libbpf, or re-defined for the
      samples).
      
      Reference for the change in make:
      https://git.savannah.gnu.org/cgit/make.git/commit/?id=c6966b323811c37acedff05b57
      
      Fixes: 2f383041 ("libbpf: Make libbpf_version.h non-auto-generated")
      Fixes: 07c3bbdb ("samples: bpf: print a warning about headers_install")
      Signed-off-by: default avatarQuentin Monnet <quentin@isovalent.com>
      Signed-off-by: default avatarAndrii Nakryiko <andrii@kernel.org>
      Link: https://lore.kernel.org/bpf/20211006111049.20708-1-quentin@isovalent.com
      929bef46
    • Daniel Borkmann's avatar
      bpf, arm: Remove dummy bpf_jit_compile stub · 90982e13
      Daniel Borkmann authored
      The BPF core defines a __weak bpf_jit_compile() dummy function already
      which should only be overridden by JITs if they actually implement a
      legacy cBPF JIT. Given arm implements an eBPF JIT, this stub is not
      needed.
      
      Now that MIPS cBPF JIT is finally gone, the only JIT left that is still
      implementing bpf_jit_compile() is the sparc32 one.
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      Signed-off-by: default avatarAndrii Nakryiko <andrii@kernel.org>
      90982e13
    • Daniel Borkmann's avatar
      Merge branch 'bpf-mips-jit' · f438ee21
      Daniel Borkmann authored
      Johan Almbladh says:
      
      ====================
      This is an implementation of an eBPF JIT for MIPS I-V and MIPS32/64 r1-r6.
      The new JIT is written from scratch, but uses the same overall structure
      as other eBPF JITs.
      
      Before, the MIPS JIT situation looked like this.
      
        - 32-bit: MIPS32, cBPF-only, tests fail
        - 64-bit: MIPS64r2-r6, eBPF, tests fail, incomplete eBPF ISA support
      
      The new JIT implementation raises the bar to the following level.
      
        - 32/64-bit: all MIPS ISA, eBPF, all tests pass, full eBPF ISA support
      
      Overview
      --------
      The implementation supports all 32-bit and 64-bit eBPF instructions
      defined as of this writing, including the recently-added atomics. It is
      intended to provide good performance for native word size operations,
      while also being complete so the JIT never has to fall back to the
      interpreter. The new JIT replaces the current cBPF and eBPF JITs for MIPS.
      
      The implementation is divided into separate files as follows. The source
      files contains comments describing internal mechanisms and details on
      things like eBPF-to-CPU register mappings, so I won't repeat that here.
      
        - jit_comp.[ch]    code shared between 32-bit and 64-bit JITs
        - jit_comp32.c     32-bit JIT implementation
        - jit_comp64.c     64-bit JIT implementation
      
      Both the 32-bit and 64-bit versions map all eBPF registers to native MIPS
      CPU registers. There are also enough unmapped CPU registers available to
      allow all eBPF operations implemented natively by the JIT to use only CPU
      registers without having to resort to stack scratch space.
      
      Some operations are deemed too complex to implement natively in the JIT.
      Those are instead implemented as a function call to a helper that performs
      the operation. This is done in the following cases.
      
        - 64-bit div and mod on a 32-bit CPU
        - 64-bit atomics on a 32-bit CPU
        - 32-bit atomics on a 32-bit CPU that lacks ll/sc instructions
      
      CPU errata workarounds
      ----------------------
      The JIT implements workarounds for R10000, Loongson-2F and Loongson-3 CPU
      errata. For the Loongson workarounds, I have used the public information
      available on the matter.
      
      Link: https://sourceware.org/legacy-ml/binutils/2009-11/msg00387.html
      
      Testing
      -------
      During the development of the JIT, I have added a number of new test cases
      to the test_bpf.ko test suite to be able to verify correctness of JIT
      implementations in a more systematic way. The new additions increase the
      test suite roughly three-fold, with many of the new tests being very
      extensive and even exhaustive when feasible.
      
      Link: https://lore.kernel.org/bpf/20211001130348.3670534-1-johan.almbladh@anyfinetworks.com/
      Link: https://lore.kernel.org/bpf/20210914091842.4186267-1-johan.almbladh@anyfinetworks.com/
      Link: https://lore.kernel.org/bpf/20210809091829.810076-1-johan.almbladh@anyfinetworks.com/
      
      The JIT has been tested by running the test_bpf.ko test suite in QEMU with
      the following MIPS ISAs, in both big and little endian mode, with and
      without JIT hardening enabled.
      
        MIPS32r2, MIPS32r6, MIPS64r2, MIPS64r6
      
      For the QEMU r2 targets, the correctness of pre-r2 code emitted has been
      tested by manually overriding each of the following macros with 0.
      
        cpu_has_llsc, cpu_has_mips_2, cpu_has_mips_r1, cpu_has_mips_r2
      
      Similarly, CPU errata workaround code has been tested by enabling the
      each of the following configurations for the MIPS64r2 targets.
      
        CONFIG_WAR_R10000
        CONFIG_CPU_LOONGSON3_WORKAROUNDS
        CONFIG_CPU_NOP_WORKAROUNDS
        CONFIG_CPU_JUMP_WORKAROUNDS
      
      The JIT passes all tests in all configurations. Below is the summary for
      MIPS32r2 in little endian mode.
      
        test_bpf: Summary: 1006 PASSED, 0 FAILED, [994/994 JIT'ed]
        test_bpf: test_tail_calls: Summary: 8 PASSED, 0 FAILED, [8/8 JIT'ed]
        test_bpf: test_skb_segment: Summary: 2 PASSED, 0 FAILED
      
      According to MIPS ISA reference documentation, the result of a 32-bit ALU
      arithmetic operation on a 64-bit CPU is unpredictable if an operand
      register value is not properly sign-extended to 64 bits. To verify the
      code emitted by the JIT, the code generation engine in QEMU was modifed to
      flip all low 32 bits if the above condition was not met. With this
      trip-wire installed, the kernel booted properly in qemu-system-mips64el
      and all test_bpf.ko tests passed.
      
      Remaining features
      ------------------
      While the JIT is complete is terms of eBPF ISA support, this series does
      not include support for BPF-to-BPF calls and BPF trampolines. Those
      features are planned to be added in another patch series.
      
      The BPF_ST | BPF_NOSPEC instruction currently emits nothing. This is
      consistent with the behavior if the MIPS interpreter and the existing
      eBPF JIT.
      
      Why not build on the existing eBPF JIT?
      ---------------------------------------
      The existing eBPF JIT was originally written for MIPS64. An effort was
      made to add MIPS32 support to it in commit 716850ab ("MIPS: eBPF:
      Initial eBPF support for MIPS32 architecture."). That turned out to
      contain a number of flaws, so eBPF support for MIPS32 was disabled in
      commit 36366e36 ("MIPS: BPF: Restore MIPS32 cBPF JIT").
      
      Link: https://lore.kernel.org/bpf/5deaa994.1c69fb81.97561.647e@mx.google.com/
      
      The current eBPF JIT for MIPS64 lacks a lot of functionality regarding
      ALU32, JMP32 and atomic operations. It also lacks 32-bit CPU support on a
      fundamental level, for example 32-bit CPU register mappings and o32 ABI
      calling conventions. For optimization purposes, it tracks register usage
      through the program control flow in order to do zero-extension and sign-
      extension only when necessary, a static analysis of sorts. In my opinion,
      having this kind of complexity in JITs, and for which there is not
      adequate test coverage, is a problem. Such analysis should be done by the
      verifier, if needed at all. Finally, when I run the BPF test suite
      test_bpf.ko on the current JIT, there are errors and warnings.
      
      I believe that an eBPF JIT should strive to be correct, complete and
      optimized, and in that order. The JIT runs after the verifer has audited
      the program and given its approval. If the JIT then emits code that does
      something else, it will undermine the eBPF security model. A simple
      implementation is easier to get correct than a complex one. Furthermore,
      the real performance hit is not an extra CPU instruction here and there,
      but when the JIT bails on an unimplemented eBPF instruction and cause the
      whole program to fall back to the interpreter. My reasoning here boils
      down to the following.
      
      * The JIT should not contain a static analyzer that tracks branches.
      
      * It is acceptable to emit possibly superfluous sign-/zero-extensions for
        ALU32 and JMP32 operations on a 64-bit MIPS to guarantee correctness.
      
      * The JIT should handle all eBPF instructions on all MIPS CPUs.
      
      I conclude that the current eBPF MIPS JIT is complex, incomplete and
      incorrect. For the reasons stated above, I decided to not use the existing
      JIT implementation.
      ====================
      Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
      Signed-off-by: default avatarAndrii Nakryiko <andrii@kernel.org>
      f438ee21