1 // SPDX-License-Identifier: GPL-2.0 2 /* Copyright (c) 2020 Facebook */ 3 #include <linux/bpf.h> 4 #include <linux/btf.h> 5 #include <linux/btf_ids.h> 6 #include <linux/delay.h> 7 #include <linux/error-injection.h> 8 #include <linux/init.h> 9 #include <linux/module.h> 10 #include <linux/percpu-defs.h> 11 #include <linux/sysfs.h> 12 #include <linux/tracepoint.h> 13 #include <linux/net.h> 14 #include <linux/socket.h> 15 #include <linux/nsproxy.h> 16 #include <linux/inet.h> 17 #include <linux/in.h> 18 #include <linux/in6.h> 19 #include <linux/un.h> 20 #include <linux/filter.h> 21 #include <linux/rcupdate_trace.h> 22 #include <net/sock.h> 23 #include <linux/namei.h> 24 #include "bpf_testmod.h" 25 #include "bpf_testmod_kfunc.h" 26 27 #define CREATE_TRACE_POINTS 28 #include "bpf_testmod-events.h" 29 30 #define CONNECT_TIMEOUT_SEC 1 31 32 typedef int (*func_proto_typedef)(long); 33 typedef int (*func_proto_typedef_nested1)(func_proto_typedef); 34 typedef int (*func_proto_typedef_nested2)(func_proto_typedef_nested1); 35 36 DEFINE_PER_CPU(int, bpf_testmod_ksym_percpu) = 123; 37 long bpf_testmod_test_struct_arg_result; 38 static DEFINE_MUTEX(sock_lock); 39 static struct socket *sock; 40 41 struct bpf_testmod_struct_arg_1 { 42 int a; 43 }; 44 struct bpf_testmod_struct_arg_2 { 45 long a; 46 long b; 47 }; 48 49 struct bpf_testmod_struct_arg_3 { 50 int a; 51 int b[]; 52 }; 53 54 struct bpf_testmod_struct_arg_4 { 55 u64 a; 56 int b; 57 }; 58 59 struct bpf_testmod_struct_arg_5 { 60 char a; 61 short b; 62 int c; 63 long d; 64 }; 65 66 union bpf_testmod_union_arg_1 { 67 char a; 68 short b; 69 struct bpf_testmod_struct_arg_1 arg; 70 }; 71 72 union bpf_testmod_union_arg_2 { 73 int a; 74 long b; 75 struct bpf_testmod_struct_arg_2 arg; 76 }; 77 78 __bpf_hook_start(); 79 80 noinline int 81 bpf_testmod_test_struct_arg_1(struct bpf_testmod_struct_arg_2 a, int b, int c) { 82 bpf_testmod_test_struct_arg_result = a.a + a.b + b + c; 83 return bpf_testmod_test_struct_arg_result; 84 } 85 86 noinline int 87 bpf_testmod_test_struct_arg_2(int a, struct bpf_testmod_struct_arg_2 b, int c) { 88 bpf_testmod_test_struct_arg_result = a + b.a + b.b + c; 89 return bpf_testmod_test_struct_arg_result; 90 } 91 92 noinline int 93 bpf_testmod_test_struct_arg_3(int a, int b, struct bpf_testmod_struct_arg_2 c) { 94 bpf_testmod_test_struct_arg_result = a + b + c.a + c.b; 95 return bpf_testmod_test_struct_arg_result; 96 } 97 98 noinline int 99 bpf_testmod_test_struct_arg_4(struct bpf_testmod_struct_arg_1 a, int b, 100 int c, int d, struct bpf_testmod_struct_arg_2 e) { 101 bpf_testmod_test_struct_arg_result = a.a + b + c + d + e.a + e.b; 102 return bpf_testmod_test_struct_arg_result; 103 } 104 105 noinline int 106 bpf_testmod_test_struct_arg_5(void) { 107 bpf_testmod_test_struct_arg_result = 1; 108 return bpf_testmod_test_struct_arg_result; 109 } 110 111 noinline int 112 bpf_testmod_test_struct_arg_6(struct bpf_testmod_struct_arg_3 *a) { 113 bpf_testmod_test_struct_arg_result = a->b[0]; 114 return bpf_testmod_test_struct_arg_result; 115 } 116 117 noinline int 118 bpf_testmod_test_struct_arg_7(u64 a, void *b, short c, int d, void *e, 119 struct bpf_testmod_struct_arg_4 f) 120 { 121 bpf_testmod_test_struct_arg_result = a + (long)b + c + d + 122 (long)e + f.a + f.b; 123 return bpf_testmod_test_struct_arg_result; 124 } 125 126 noinline int 127 bpf_testmod_test_struct_arg_8(u64 a, void *b, short c, int d, void *e, 128 struct bpf_testmod_struct_arg_4 f, int g) 129 { 130 bpf_testmod_test_struct_arg_result = a + (long)b + c + d + 131 (long)e + f.a + f.b + g; 132 return bpf_testmod_test_struct_arg_result; 133 } 134 135 noinline int 136 bpf_testmod_test_struct_arg_9(u64 a, void *b, short c, int d, void *e, char f, 137 short g, struct bpf_testmod_struct_arg_5 h, long i) 138 { 139 bpf_testmod_test_struct_arg_result = a + (long)b + c + d + (long)e + 140 f + g + h.a + h.b + h.c + h.d + i; 141 return bpf_testmod_test_struct_arg_result; 142 } 143 144 noinline int 145 bpf_testmod_test_union_arg_1(union bpf_testmod_union_arg_1 a, int b, int c) 146 { 147 bpf_testmod_test_struct_arg_result = a.arg.a + b + c; 148 return bpf_testmod_test_struct_arg_result; 149 } 150 151 noinline int 152 bpf_testmod_test_union_arg_2(int a, union bpf_testmod_union_arg_2 b) 153 { 154 bpf_testmod_test_struct_arg_result = a + b.arg.a + b.arg.b; 155 return bpf_testmod_test_struct_arg_result; 156 } 157 158 noinline int 159 bpf_testmod_test_arg_ptr_to_struct(struct bpf_testmod_struct_arg_1 *a) { 160 bpf_testmod_test_struct_arg_result = a->a; 161 return bpf_testmod_test_struct_arg_result; 162 } 163 164 __weak noinline void bpf_testmod_looooooooooooooooooooooooooooooong_name(void) 165 { 166 } 167 168 __bpf_kfunc void 169 bpf_testmod_test_mod_kfunc(int i) 170 { 171 *(int *)this_cpu_ptr(&bpf_testmod_ksym_percpu) = i; 172 } 173 174 __bpf_kfunc int bpf_iter_testmod_seq_new(struct bpf_iter_testmod_seq *it, s64 value, int cnt) 175 { 176 it->cnt = cnt; 177 178 if (cnt < 0) 179 return -EINVAL; 180 181 it->value = value; 182 183 return 0; 184 } 185 186 __bpf_kfunc s64 *bpf_iter_testmod_seq_next(struct bpf_iter_testmod_seq* it) 187 { 188 if (it->cnt <= 0) 189 return NULL; 190 191 it->cnt--; 192 193 return &it->value; 194 } 195 196 __bpf_kfunc s64 bpf_iter_testmod_seq_value(int val, struct bpf_iter_testmod_seq* it__iter) 197 { 198 if (it__iter->cnt < 0) 199 return 0; 200 201 return val + it__iter->value; 202 } 203 204 __bpf_kfunc void bpf_iter_testmod_seq_destroy(struct bpf_iter_testmod_seq *it) 205 { 206 it->cnt = 0; 207 } 208 209 __bpf_kfunc void bpf_kfunc_common_test(void) 210 { 211 } 212 213 __bpf_kfunc void bpf_kfunc_dynptr_test(struct bpf_dynptr *ptr, 214 struct bpf_dynptr *ptr__nullable) 215 { 216 } 217 218 __bpf_kfunc struct sk_buff *bpf_kfunc_nested_acquire_nonzero_offset_test(struct sk_buff_head *ptr) 219 { 220 return NULL; 221 } 222 223 __bpf_kfunc struct sk_buff *bpf_kfunc_nested_acquire_zero_offset_test(struct sock_common *ptr) 224 { 225 return NULL; 226 } 227 228 __bpf_kfunc void bpf_kfunc_nested_release_test(struct sk_buff *ptr) 229 { 230 } 231 232 __bpf_kfunc void bpf_kfunc_trusted_vma_test(struct vm_area_struct *ptr) 233 { 234 } 235 236 __bpf_kfunc void bpf_kfunc_trusted_task_test(struct task_struct *ptr) 237 { 238 } 239 240 __bpf_kfunc void bpf_kfunc_trusted_num_test(int *ptr) 241 { 242 } 243 244 __bpf_kfunc void bpf_kfunc_rcu_task_test(struct task_struct *ptr) 245 { 246 } 247 248 __bpf_kfunc struct task_struct *bpf_kfunc_ret_rcu_test(void) 249 { 250 return NULL; 251 } 252 253 __bpf_kfunc int *bpf_kfunc_ret_rcu_test_nostruct(int rdonly_buf_size) 254 { 255 return NULL; 256 } 257 258 static struct prog_test_member trusted_ptr; 259 260 __bpf_kfunc struct prog_test_member *bpf_kfunc_get_default_trusted_ptr_test(void) 261 { 262 return &trusted_ptr; 263 } 264 265 __bpf_kfunc void bpf_kfunc_put_default_trusted_ptr_test(struct prog_test_member *trusted_ptr) 266 { 267 /* 268 * This BPF kfunc doesn't actually have any put/KF_ACQUIRE 269 * semantics. We're simply wanting to simulate a BPF kfunc that takes a 270 * struct prog_test_member pointer as an argument. 271 */ 272 } 273 274 __bpf_kfunc struct bpf_testmod_ctx * 275 bpf_testmod_ctx_create(int *err) 276 { 277 struct bpf_testmod_ctx *ctx; 278 279 ctx = kzalloc(sizeof(*ctx), GFP_ATOMIC); 280 if (!ctx) { 281 *err = -ENOMEM; 282 return NULL; 283 } 284 refcount_set(&ctx->usage, 1); 285 286 return ctx; 287 } 288 289 static void testmod_free_cb(struct rcu_head *head) 290 { 291 struct bpf_testmod_ctx *ctx; 292 293 ctx = container_of(head, struct bpf_testmod_ctx, rcu); 294 kfree(ctx); 295 } 296 297 __bpf_kfunc void bpf_testmod_ctx_release(struct bpf_testmod_ctx *ctx) 298 { 299 if (!ctx) 300 return; 301 if (refcount_dec_and_test(&ctx->usage)) 302 call_rcu(&ctx->rcu, testmod_free_cb); 303 } 304 305 __bpf_kfunc void bpf_testmod_ctx_release_dtor(void *ctx) 306 { 307 bpf_testmod_ctx_release(ctx); 308 } 309 CFI_NOSEAL(bpf_testmod_ctx_release_dtor); 310 311 static struct bpf_testmod_ops3 *st_ops3; 312 313 static int bpf_testmod_test_3(void) 314 { 315 return 0; 316 } 317 318 static int bpf_testmod_test_4(void) 319 { 320 return 0; 321 } 322 323 static struct bpf_testmod_ops3 __bpf_testmod_ops3 = { 324 .test_1 = bpf_testmod_test_3, 325 .test_2 = bpf_testmod_test_4, 326 }; 327 328 static void bpf_testmod_test_struct_ops3(void) 329 { 330 if (st_ops3) 331 st_ops3->test_1(); 332 } 333 334 __bpf_kfunc void bpf_testmod_ops3_call_test_1(void) 335 { 336 st_ops3->test_1(); 337 } 338 339 __bpf_kfunc void bpf_testmod_ops3_call_test_2(void) 340 { 341 st_ops3->test_2(); 342 } 343 344 struct bpf_testmod_btf_type_tag_1 { 345 int a; 346 }; 347 348 struct bpf_testmod_btf_type_tag_2 { 349 struct bpf_testmod_btf_type_tag_1 __user *p; 350 }; 351 352 struct bpf_testmod_btf_type_tag_3 { 353 struct bpf_testmod_btf_type_tag_1 __percpu *p; 354 }; 355 356 noinline int 357 bpf_testmod_test_btf_type_tag_user_1(struct bpf_testmod_btf_type_tag_1 __user *arg) { 358 BTF_TYPE_EMIT(func_proto_typedef); 359 BTF_TYPE_EMIT(func_proto_typedef_nested1); 360 BTF_TYPE_EMIT(func_proto_typedef_nested2); 361 return arg->a; 362 } 363 364 noinline int 365 bpf_testmod_test_btf_type_tag_user_2(struct bpf_testmod_btf_type_tag_2 *arg) { 366 return arg->p->a; 367 } 368 369 noinline int 370 bpf_testmod_test_btf_type_tag_percpu_1(struct bpf_testmod_btf_type_tag_1 __percpu *arg) { 371 return arg->a; 372 } 373 374 noinline int 375 bpf_testmod_test_btf_type_tag_percpu_2(struct bpf_testmod_btf_type_tag_3 *arg) { 376 return arg->p->a; 377 } 378 379 noinline int bpf_testmod_loop_test(int n) 380 { 381 /* Make sum volatile, so smart compilers, such as clang, will not 382 * optimize the code by removing the loop. 383 */ 384 volatile int sum = 0; 385 int i; 386 387 /* the primary goal of this test is to test LBR. Create a lot of 388 * branches in the function, so we can catch it easily. 389 */ 390 for (i = 0; i < n; i++) 391 sum += i; 392 return sum; 393 } 394 395 __weak noinline struct file *bpf_testmod_return_ptr(int arg) 396 { 397 static struct file f = {}; 398 399 switch (arg) { 400 case 1: return (void *)EINVAL; /* user addr */ 401 case 2: return (void *)0xcafe4a11; /* user addr */ 402 case 3: return (void *)-EINVAL; /* canonical, but invalid */ 403 case 4: return (void *)(1ull << 60); /* non-canonical and invalid */ 404 case 5: return (void *)~(1ull << 30); /* trigger extable */ 405 case 6: return &f; /* valid addr */ 406 case 7: return (void *)((long)&f | 1); /* kernel tricks */ 407 #ifdef CONFIG_X86_64 408 case 8: return (void *)VSYSCALL_ADDR; /* vsyscall page address */ 409 #endif 410 default: return NULL; 411 } 412 } 413 414 noinline int bpf_testmod_fentry_test1(int a) 415 { 416 trace_bpf_testmod_fentry_test1_tp(a); 417 418 return a + 1; 419 } 420 421 noinline int bpf_testmod_fentry_test2(int a, u64 b) 422 { 423 trace_bpf_testmod_fentry_test2_tp(a, b); 424 425 return a + b; 426 } 427 428 noinline int bpf_testmod_fentry_test3(char a, int b, u64 c) 429 { 430 return a + b + c; 431 } 432 433 noinline int bpf_testmod_fentry_test7(u64 a, void *b, short c, int d, 434 void *e, char f, int g) 435 { 436 return a + (long)b + c + d + (long)e + f + g; 437 } 438 439 noinline int bpf_testmod_fentry_test11(u64 a, void *b, short c, int d, 440 void *e, char f, int g, 441 unsigned int h, long i, __u64 j, 442 unsigned long k) 443 { 444 return a + (long)b + c + d + (long)e + f + g + h + i + j + k; 445 } 446 447 noinline void bpf_testmod_stacktrace_test(void) 448 { 449 /* used for stacktrace test as attach function */ 450 asm volatile (""); 451 } 452 453 noinline void bpf_testmod_stacktrace_test_3(void) 454 { 455 bpf_testmod_stacktrace_test(); 456 asm volatile (""); 457 } 458 459 noinline void bpf_testmod_stacktrace_test_2(void) 460 { 461 bpf_testmod_stacktrace_test_3(); 462 asm volatile (""); 463 } 464 465 noinline void bpf_testmod_stacktrace_test_1(void) 466 { 467 bpf_testmod_stacktrace_test_2(); 468 asm volatile (""); 469 } 470 471 int bpf_testmod_fentry_ok; 472 473 noinline int bpf_testmod_trampoline_count_test(void) 474 { 475 return 0; 476 } 477 478 noinline ssize_t 479 bpf_testmod_test_read(struct file *file, struct kobject *kobj, 480 const struct bin_attribute *bin_attr, 481 char *buf, loff_t off, size_t len) 482 { 483 struct bpf_testmod_test_read_ctx ctx = { 484 .buf = buf, 485 .off = off, 486 .len = len, 487 }; 488 struct bpf_testmod_struct_arg_1 struct_arg1 = {10}, struct_arg1_2 = {-1}; 489 struct bpf_testmod_struct_arg_2 struct_arg2 = {2, 3}; 490 struct bpf_testmod_struct_arg_3 *struct_arg3; 491 struct bpf_testmod_struct_arg_4 struct_arg4 = {21, 22}; 492 struct bpf_testmod_struct_arg_5 struct_arg5 = {23, 24, 25, 26}; 493 union bpf_testmod_union_arg_1 union_arg1 = { .arg = {1} }; 494 union bpf_testmod_union_arg_2 union_arg2 = { .arg = {2, 3} }; 495 int i = 1; 496 497 while (bpf_testmod_return_ptr(i)) 498 i++; 499 500 (void)bpf_testmod_test_struct_arg_1(struct_arg2, 1, 4); 501 (void)bpf_testmod_test_struct_arg_2(1, struct_arg2, 4); 502 (void)bpf_testmod_test_struct_arg_3(1, 4, struct_arg2); 503 (void)bpf_testmod_test_struct_arg_4(struct_arg1, 1, 2, 3, struct_arg2); 504 (void)bpf_testmod_test_struct_arg_5(); 505 (void)bpf_testmod_test_struct_arg_7(16, (void *)17, 18, 19, 506 (void *)20, struct_arg4); 507 (void)bpf_testmod_test_struct_arg_8(16, (void *)17, 18, 19, 508 (void *)20, struct_arg4, 23); 509 (void)bpf_testmod_test_struct_arg_9(16, (void *)17, 18, 19, (void *)20, 510 21, 22, struct_arg5, 27); 511 512 (void)bpf_testmod_test_union_arg_1(union_arg1, 4, 5); 513 (void)bpf_testmod_test_union_arg_2(6, union_arg2); 514 515 (void)bpf_testmod_test_arg_ptr_to_struct(&struct_arg1_2); 516 517 (void)trace_bpf_testmod_test_raw_tp_null_tp(NULL); 518 519 bpf_testmod_test_struct_ops3(); 520 521 struct_arg3 = kmalloc((sizeof(struct bpf_testmod_struct_arg_3) + 522 sizeof(int)), GFP_KERNEL); 523 if (struct_arg3 != NULL) { 524 struct_arg3->b[0] = 1; 525 (void)bpf_testmod_test_struct_arg_6(struct_arg3); 526 kfree(struct_arg3); 527 } 528 529 /* This is always true. Use the check to make sure the compiler 530 * doesn't remove bpf_testmod_loop_test. 531 */ 532 if (bpf_testmod_loop_test(101) > 100) 533 trace_bpf_testmod_test_read(current, &ctx); 534 535 trace_bpf_testmod_test_nullable_bare_tp(NULL); 536 537 /* Magic number to enable writable tp */ 538 if (len == 64) { 539 struct bpf_testmod_test_writable_ctx writable = { 540 .val = 1024, 541 }; 542 trace_bpf_testmod_test_writable_bare_tp(&writable); 543 if (writable.early_ret) 544 return snprintf(buf, len, "%d\n", writable.val); 545 } 546 547 if (bpf_testmod_fentry_test1(1) != 2 || 548 bpf_testmod_fentry_test2(2, 3) != 5 || 549 bpf_testmod_fentry_test3(4, 5, 6) != 15 || 550 bpf_testmod_fentry_test7(16, (void *)17, 18, 19, (void *)20, 551 21, 22) != 133 || 552 bpf_testmod_fentry_test11(16, (void *)17, 18, 19, (void *)20, 553 21, 22, 23, 24, 25, 26) != 231) 554 goto out; 555 556 bpf_testmod_trampoline_count_test(); 557 558 bpf_testmod_stacktrace_test_1(); 559 560 bpf_testmod_fentry_ok = 1; 561 out: 562 return -EIO; /* always fail */ 563 } 564 EXPORT_SYMBOL(bpf_testmod_test_read); 565 ALLOW_ERROR_INJECTION(bpf_testmod_test_read, ERRNO); 566 567 noinline ssize_t 568 bpf_testmod_test_write(struct file *file, struct kobject *kobj, 569 const struct bin_attribute *bin_attr, 570 char *buf, loff_t off, size_t len) 571 { 572 struct bpf_testmod_test_write_ctx ctx = { 573 .buf = buf, 574 .off = off, 575 .len = len, 576 }; 577 578 trace_bpf_testmod_test_write_bare_tp(current, &ctx); 579 580 return -EIO; /* always fail */ 581 } 582 EXPORT_SYMBOL(bpf_testmod_test_write); 583 ALLOW_ERROR_INJECTION(bpf_testmod_test_write, ERRNO); 584 585 noinline int bpf_fentry_shadow_test(int a) 586 { 587 return a + 2; 588 } 589 EXPORT_SYMBOL_GPL(bpf_fentry_shadow_test); 590 591 __bpf_hook_end(); 592 593 static struct bin_attribute bin_attr_bpf_testmod_file __ro_after_init = { 594 .attr = { .name = "bpf_testmod", .mode = 0666, }, 595 .read = bpf_testmod_test_read, 596 .write = bpf_testmod_test_write, 597 }; 598 599 /* bpf_testmod_uprobe sysfs attribute is so far enabled for x86_64 only, 600 * please see test_uretprobe_regs_change test 601 */ 602 #ifdef __x86_64__ 603 604 static int 605 uprobe_handler(struct uprobe_consumer *self, struct pt_regs *regs, __u64 *data) 606 { 607 regs->cx = 0x87654321feebdaed; 608 return 0; 609 } 610 611 static int 612 uprobe_ret_handler(struct uprobe_consumer *self, unsigned long func, 613 struct pt_regs *regs, __u64 *data) 614 615 { 616 regs->ax = 0x12345678deadbeef; 617 regs->r11 = (u64) -1; 618 return 0; 619 } 620 621 struct testmod_uprobe { 622 struct path path; 623 struct uprobe *uprobe; 624 struct uprobe_consumer consumer; 625 }; 626 627 static DEFINE_MUTEX(testmod_uprobe_mutex); 628 629 static struct testmod_uprobe uprobe = { 630 .consumer.handler = uprobe_handler, 631 .consumer.ret_handler = uprobe_ret_handler, 632 }; 633 634 static int testmod_register_uprobe(loff_t offset) 635 { 636 int err = -EBUSY; 637 638 if (uprobe.uprobe) 639 return -EBUSY; 640 641 mutex_lock(&testmod_uprobe_mutex); 642 643 if (uprobe.uprobe) 644 goto out; 645 646 err = kern_path("/proc/self/exe", LOOKUP_FOLLOW, &uprobe.path); 647 if (err) 648 goto out; 649 650 uprobe.uprobe = uprobe_register(d_real_inode(uprobe.path.dentry), 651 offset, 0, &uprobe.consumer); 652 if (IS_ERR(uprobe.uprobe)) { 653 err = PTR_ERR(uprobe.uprobe); 654 path_put(&uprobe.path); 655 uprobe.uprobe = NULL; 656 } 657 out: 658 mutex_unlock(&testmod_uprobe_mutex); 659 return err; 660 } 661 662 static void testmod_unregister_uprobe(void) 663 { 664 mutex_lock(&testmod_uprobe_mutex); 665 666 if (uprobe.uprobe) { 667 uprobe_unregister_nosync(uprobe.uprobe, &uprobe.consumer); 668 uprobe_unregister_sync(); 669 path_put(&uprobe.path); 670 uprobe.uprobe = NULL; 671 } 672 673 mutex_unlock(&testmod_uprobe_mutex); 674 } 675 676 static ssize_t 677 bpf_testmod_uprobe_write(struct file *file, struct kobject *kobj, 678 const struct bin_attribute *bin_attr, 679 char *buf, loff_t off, size_t len) 680 { 681 unsigned long offset = 0; 682 int err = 0; 683 684 if (kstrtoul(buf, 0, &offset)) 685 return -EINVAL; 686 687 if (offset) 688 err = testmod_register_uprobe(offset); 689 else 690 testmod_unregister_uprobe(); 691 692 return err ?: strlen(buf); 693 } 694 695 static struct bin_attribute bin_attr_bpf_testmod_uprobe_file __ro_after_init = { 696 .attr = { .name = "bpf_testmod_uprobe", .mode = 0666, }, 697 .write = bpf_testmod_uprobe_write, 698 }; 699 700 static int register_bpf_testmod_uprobe(void) 701 { 702 return sysfs_create_bin_file(kernel_kobj, &bin_attr_bpf_testmod_uprobe_file); 703 } 704 705 static void unregister_bpf_testmod_uprobe(void) 706 { 707 testmod_unregister_uprobe(); 708 sysfs_remove_bin_file(kernel_kobj, &bin_attr_bpf_testmod_uprobe_file); 709 } 710 711 #else 712 static int register_bpf_testmod_uprobe(void) 713 { 714 return 0; 715 } 716 717 static void unregister_bpf_testmod_uprobe(void) { } 718 #endif 719 720 BTF_KFUNCS_START(bpf_testmod_common_kfunc_ids) 721 BTF_ID_FLAGS(func, bpf_iter_testmod_seq_new, KF_ITER_NEW) 722 BTF_ID_FLAGS(func, bpf_iter_testmod_seq_next, KF_ITER_NEXT | KF_RET_NULL) 723 BTF_ID_FLAGS(func, bpf_iter_testmod_seq_destroy, KF_ITER_DESTROY) 724 BTF_ID_FLAGS(func, bpf_iter_testmod_seq_value) 725 BTF_ID_FLAGS(func, bpf_kfunc_common_test) 726 BTF_ID_FLAGS(func, bpf_kfunc_call_test_mem_len_pass1) 727 BTF_ID_FLAGS(func, bpf_kfunc_dynptr_test) 728 BTF_ID_FLAGS(func, bpf_kfunc_nested_acquire_nonzero_offset_test, KF_ACQUIRE) 729 BTF_ID_FLAGS(func, bpf_kfunc_nested_acquire_zero_offset_test, KF_ACQUIRE) 730 BTF_ID_FLAGS(func, bpf_kfunc_nested_release_test, KF_RELEASE) 731 BTF_ID_FLAGS(func, bpf_kfunc_trusted_vma_test) 732 BTF_ID_FLAGS(func, bpf_kfunc_trusted_task_test) 733 BTF_ID_FLAGS(func, bpf_kfunc_trusted_num_test) 734 BTF_ID_FLAGS(func, bpf_kfunc_rcu_task_test, KF_RCU) 735 BTF_ID_FLAGS(func, bpf_kfunc_ret_rcu_test, KF_RET_NULL | KF_RCU_PROTECTED) 736 BTF_ID_FLAGS(func, bpf_kfunc_ret_rcu_test_nostruct, KF_RET_NULL | KF_RCU_PROTECTED) 737 BTF_ID_FLAGS(func, bpf_testmod_ctx_create, KF_ACQUIRE | KF_RET_NULL) 738 BTF_ID_FLAGS(func, bpf_testmod_ctx_release, KF_RELEASE) 739 BTF_ID_FLAGS(func, bpf_testmod_ops3_call_test_1) 740 BTF_ID_FLAGS(func, bpf_testmod_ops3_call_test_2) 741 BTF_ID_FLAGS(func, bpf_kfunc_get_default_trusted_ptr_test); 742 BTF_ID_FLAGS(func, bpf_kfunc_put_default_trusted_ptr_test); 743 BTF_KFUNCS_END(bpf_testmod_common_kfunc_ids) 744 745 BTF_ID_LIST(bpf_testmod_dtor_ids) 746 BTF_ID(struct, bpf_testmod_ctx) 747 BTF_ID(func, bpf_testmod_ctx_release_dtor) 748 749 static const struct btf_kfunc_id_set bpf_testmod_common_kfunc_set = { 750 .owner = THIS_MODULE, 751 .set = &bpf_testmod_common_kfunc_ids, 752 }; 753 754 __bpf_kfunc u64 bpf_kfunc_call_test1(struct sock *sk, u32 a, u64 b, u32 c, u64 d) 755 { 756 return a + b + c + d; 757 } 758 759 __bpf_kfunc int bpf_kfunc_call_test2(struct sock *sk, u32 a, u32 b) 760 { 761 return a + b; 762 } 763 764 __bpf_kfunc struct sock *bpf_kfunc_call_test3(struct sock *sk) 765 { 766 return sk; 767 } 768 769 __bpf_kfunc long noinline bpf_kfunc_call_test4(signed char a, short b, int c, long d) 770 { 771 /* 772 * Make val as volatile to avoid compiler optimizations. 773 * Verify that negative signed values remain negative after 774 * sign-extension (JIT must sign-extend, not zero-extend). 775 */ 776 volatile long val; 777 778 /* val will be positive, if JIT does zero-extension instead of sign-extension */ 779 val = a; 780 if (val >= 0) 781 return 1; 782 783 val = b; 784 if (val >= 0) 785 return 2; 786 787 val = c; 788 if (val >= 0) 789 return 3; 790 791 /* 792 * Provoke the compiler to assume that the caller has sign-extended a, 793 * b and c on platforms where this is required (e.g. s390x). 794 */ 795 return (long)a + (long)b + (long)c + d; 796 } 797 798 __bpf_kfunc int bpf_kfunc_call_test5(u8 a, u16 b, u32 c) 799 { 800 /* 801 * Make val as volatile to avoid compiler optimizations on the below checks 802 * In C, assigning u8/u16/u32 to long performs zero-extension. 803 */ 804 volatile long val = a; 805 806 /* Check zero-extension */ 807 if (val != (unsigned long)a) 808 return 1; 809 /* Check no sign-extension */ 810 if (val < 0) 811 return 2; 812 813 val = b; 814 if (val != (unsigned long)b) 815 return 3; 816 if (val < 0) 817 return 4; 818 819 val = c; 820 if (val != (unsigned long)c) 821 return 5; 822 if (val < 0) 823 return 6; 824 825 return 0; 826 } 827 828 __bpf_kfunc u64 bpf_kfunc_call_stack_arg(u64 a, u64 b, u64 c, u64 d, 829 u64 e, u64 f, u64 g, u64 h, 830 u64 i, u64 j) 831 { 832 return a + b + c + d + e + f + g + h + i + j; 833 } 834 835 __bpf_kfunc u64 bpf_kfunc_call_stack_arg_ptr(u64 a, u64 b, u64 c, u64 d, u64 e, 836 u64 f, u64 g, u64 h, u64 i, 837 struct prog_test_pass1 *p) 838 { 839 return a + b + c + d + e + f + g + h + i + p->x0 + p->x1; 840 } 841 842 __bpf_kfunc u64 bpf_kfunc_call_stack_arg_mix(u64 a, u64 b, u64 c, u64 d, u64 e, 843 u64 f, u64 g, 844 struct prog_test_pass1 *p, u64 h, 845 struct prog_test_pass1 *q) 846 { 847 return a + b + c + d + e + f + g + p->x0 + h + q->x1; 848 } 849 850 __bpf_kfunc u64 bpf_kfunc_call_stack_arg_dynptr(u64 a, u64 b, u64 c, u64 d, u64 e, 851 u64 f, u64 g, u64 h, u64 i, 852 struct bpf_dynptr *ptr) 853 { 854 const struct bpf_dynptr_kern *kern_ptr = (void *)ptr; 855 856 return a + b + c + d + e + f + g + h + i + (kern_ptr->size & 0xFFFFFF); 857 } 858 859 __bpf_kfunc u64 bpf_kfunc_call_stack_arg_mem(u64 a, u64 b, u64 c, u64 d, u64 e, 860 void *mem, int mem__sz) 861 { 862 const unsigned char *p = mem; 863 u64 sum = a + b + c + d + e; 864 int i; 865 866 for (i = 0; i < mem__sz; i++) 867 sum += p[i]; 868 return sum; 869 } 870 871 __bpf_kfunc u64 bpf_kfunc_call_stack_arg_iter(u64 a, u64 b, u64 c, u64 d, u64 e, 872 u64 f, u64 g, u64 h, u64 i, 873 struct bpf_iter_testmod_seq *it__iter) 874 { 875 return a + b + c + d + e + f + g + h + i + it__iter->value; 876 } 877 878 __bpf_kfunc u64 bpf_kfunc_call_stack_arg_const_str(u64 a, u64 b, u64 c, u64 d, u64 e, 879 u64 f, u64 g, u64 h, u64 i, 880 const char *str__str) 881 { 882 return a + b + c + d + e + f + g + h + i; 883 } 884 885 __bpf_kfunc u64 bpf_kfunc_call_stack_arg_timer(u64 a, u64 b, u64 c, u64 d, u64 e, 886 u64 f, u64 g, u64 h, u64 i, 887 struct bpf_timer *timer) 888 { 889 return a + b + c + d + e + f + g + h + i; 890 } 891 892 __bpf_kfunc u64 bpf_kfunc_call_stack_arg_big(u64 a, u64 b, u64 c, u64 d, u64 e, 893 struct prog_test_big_arg s) 894 { 895 return a + b + c + d + e + s.a + s.b; 896 } 897 898 static struct prog_test_ref_kfunc prog_test_struct = { 899 .a = 42, 900 .b = 108, 901 .next = &prog_test_struct, 902 .cnt = REFCOUNT_INIT(1), 903 }; 904 905 __bpf_kfunc struct prog_test_ref_kfunc * 906 bpf_kfunc_call_test_acquire(unsigned long *scalar_ptr) 907 { 908 refcount_inc(&prog_test_struct.cnt); 909 return &prog_test_struct; 910 } 911 912 __bpf_kfunc void bpf_kfunc_call_test_offset(struct prog_test_ref_kfunc *p) 913 { 914 WARN_ON_ONCE(1); 915 } 916 917 __bpf_kfunc struct prog_test_member * 918 bpf_kfunc_call_memb_acquire(void) 919 { 920 WARN_ON_ONCE(1); 921 return NULL; 922 } 923 924 __bpf_kfunc void bpf_kfunc_call_memb1_release(struct prog_test_member1 *p) 925 { 926 WARN_ON_ONCE(1); 927 } 928 929 static int *__bpf_kfunc_call_test_get_mem(struct prog_test_ref_kfunc *p, const int size) 930 { 931 if (size > 2 * sizeof(int)) 932 return NULL; 933 934 return (int *)p; 935 } 936 937 __bpf_kfunc int *bpf_kfunc_call_test_get_rdwr_mem(struct prog_test_ref_kfunc *p, 938 const int rdwr_buf_size) 939 { 940 return __bpf_kfunc_call_test_get_mem(p, rdwr_buf_size); 941 } 942 943 __bpf_kfunc int *bpf_kfunc_call_test_get_rdonly_mem(struct prog_test_ref_kfunc *p, 944 const int rdonly_buf_size) 945 { 946 return __bpf_kfunc_call_test_get_mem(p, rdonly_buf_size); 947 } 948 949 /* the next 2 ones can't be really used for testing expect to ensure 950 * that the verifier rejects the call. 951 * Acquire functions must return struct pointers, so these ones are 952 * failing. 953 */ 954 __bpf_kfunc int *bpf_kfunc_call_test_acq_rdonly_mem(struct prog_test_ref_kfunc *p, 955 const int rdonly_buf_size) 956 { 957 return __bpf_kfunc_call_test_get_mem(p, rdonly_buf_size); 958 } 959 960 __bpf_kfunc void bpf_kfunc_call_int_mem_release(int *p) 961 { 962 } 963 964 __bpf_kfunc void bpf_kfunc_call_test_pass_ctx(struct __sk_buff *skb) 965 { 966 } 967 968 __bpf_kfunc void bpf_kfunc_call_test_pass1(struct prog_test_pass1 *p) 969 { 970 } 971 972 __bpf_kfunc void bpf_kfunc_call_test_pass2(struct prog_test_pass2 *p) 973 { 974 } 975 976 __bpf_kfunc void bpf_kfunc_call_test_fail1(struct prog_test_fail1 *p) 977 { 978 } 979 980 __bpf_kfunc void bpf_kfunc_call_test_fail2(struct prog_test_fail2 *p) 981 { 982 } 983 984 __bpf_kfunc void bpf_kfunc_call_test_fail3(struct prog_test_fail3 *p) 985 { 986 } 987 988 __bpf_kfunc void bpf_kfunc_call_test_mem_len_pass1(void *mem, int mem__sz) 989 { 990 } 991 992 __bpf_kfunc void bpf_kfunc_call_test_mem_len_fail1(void *mem, int len) 993 { 994 } 995 996 __bpf_kfunc void bpf_kfunc_call_test_mem_len_fail2(u64 *mem, int len) 997 { 998 } 999 1000 __bpf_kfunc void bpf_kfunc_call_test_ref(struct prog_test_ref_kfunc *p) 1001 { 1002 /* p != NULL, but p->cnt could be 0 */ 1003 } 1004 1005 __bpf_kfunc void bpf_kfunc_call_test_destructive(void) 1006 { 1007 } 1008 1009 __bpf_kfunc static u32 bpf_kfunc_call_test_static_unused_arg(u32 arg, u32 unused) 1010 { 1011 return arg; 1012 } 1013 1014 __bpf_kfunc void bpf_kfunc_call_test_sleepable(void) 1015 { 1016 } 1017 1018 struct bpf_kfunc_rcu_tasks_trace_data { 1019 struct rcu_head rcu; 1020 int *done; 1021 }; 1022 1023 static void bpf_kfunc_rcu_tasks_trace_cb(struct rcu_head *rhp) 1024 { 1025 struct bpf_kfunc_rcu_tasks_trace_data *data; 1026 1027 data = container_of(rhp, struct bpf_kfunc_rcu_tasks_trace_data, rcu); 1028 WRITE_ONCE(*data->done, 1); 1029 kfree(data); 1030 } 1031 1032 __bpf_kfunc int bpf_kfunc_call_test_call_rcu_tasks_trace(int *done) 1033 { 1034 struct bpf_kfunc_rcu_tasks_trace_data *data; 1035 1036 data = kmalloc(sizeof(*data), GFP_ATOMIC); 1037 if (!data) 1038 return -ENOMEM; 1039 data->done = done; 1040 call_rcu_tasks_trace(&data->rcu, bpf_kfunc_rcu_tasks_trace_cb); 1041 return 0; 1042 } 1043 1044 __bpf_kfunc int bpf_kfunc_init_sock(struct init_sock_args *args) 1045 { 1046 int proto; 1047 int err; 1048 1049 mutex_lock(&sock_lock); 1050 1051 if (sock) { 1052 pr_err("%s called without releasing old sock", __func__); 1053 err = -EPERM; 1054 goto out; 1055 } 1056 1057 switch (args->af) { 1058 case AF_INET: 1059 case AF_INET6: 1060 proto = args->type == SOCK_STREAM ? IPPROTO_TCP : IPPROTO_UDP; 1061 break; 1062 case AF_UNIX: 1063 proto = PF_UNIX; 1064 break; 1065 default: 1066 pr_err("invalid address family %d\n", args->af); 1067 err = -EINVAL; 1068 goto out; 1069 } 1070 1071 err = sock_create_kern(current->nsproxy->net_ns, args->af, args->type, 1072 proto, &sock); 1073 1074 if (!err) 1075 /* Set timeout for call to kernel_connect() to prevent it from hanging, 1076 * and consider the connection attempt failed if it returns 1077 * -EINPROGRESS. 1078 */ 1079 sock->sk->sk_sndtimeo = CONNECT_TIMEOUT_SEC * HZ; 1080 out: 1081 mutex_unlock(&sock_lock); 1082 1083 return err; 1084 } 1085 1086 __bpf_kfunc void bpf_kfunc_close_sock(void) 1087 { 1088 mutex_lock(&sock_lock); 1089 1090 if (sock) { 1091 sock_release(sock); 1092 sock = NULL; 1093 } 1094 1095 mutex_unlock(&sock_lock); 1096 } 1097 1098 __bpf_kfunc int bpf_kfunc_call_kernel_connect(struct addr_args *args) 1099 { 1100 int err; 1101 1102 if (args->addrlen > sizeof(args->addr)) 1103 return -EINVAL; 1104 1105 mutex_lock(&sock_lock); 1106 1107 if (!sock) { 1108 pr_err("%s called without initializing sock", __func__); 1109 err = -EPERM; 1110 goto out; 1111 } 1112 1113 err = kernel_connect(sock, (struct sockaddr_unsized *)&args->addr, 1114 args->addrlen, 0); 1115 out: 1116 mutex_unlock(&sock_lock); 1117 1118 return err; 1119 } 1120 1121 __bpf_kfunc int bpf_kfunc_call_kernel_bind(struct addr_args *args) 1122 { 1123 int err; 1124 1125 if (args->addrlen > sizeof(args->addr)) 1126 return -EINVAL; 1127 1128 mutex_lock(&sock_lock); 1129 1130 if (!sock) { 1131 pr_err("%s called without initializing sock", __func__); 1132 err = -EPERM; 1133 goto out; 1134 } 1135 1136 err = kernel_bind(sock, (struct sockaddr_unsized *)&args->addr, args->addrlen); 1137 out: 1138 mutex_unlock(&sock_lock); 1139 1140 return err; 1141 } 1142 1143 __bpf_kfunc int bpf_kfunc_call_kernel_listen(void) 1144 { 1145 int err; 1146 1147 mutex_lock(&sock_lock); 1148 1149 if (!sock) { 1150 pr_err("%s called without initializing sock", __func__); 1151 err = -EPERM; 1152 goto out; 1153 } 1154 1155 err = kernel_listen(sock, 128); 1156 out: 1157 mutex_unlock(&sock_lock); 1158 1159 return err; 1160 } 1161 1162 __bpf_kfunc int bpf_kfunc_call_kernel_sendmsg(struct sendmsg_args *args) 1163 { 1164 struct msghdr msg = { 1165 .msg_name = &args->addr.addr, 1166 .msg_namelen = args->addr.addrlen, 1167 }; 1168 struct kvec iov; 1169 int err; 1170 1171 if (args->addr.addrlen > sizeof(args->addr.addr) || 1172 args->msglen > sizeof(args->msg)) 1173 return -EINVAL; 1174 1175 iov.iov_base = args->msg; 1176 iov.iov_len = args->msglen; 1177 1178 mutex_lock(&sock_lock); 1179 1180 if (!sock) { 1181 pr_err("%s called without initializing sock", __func__); 1182 err = -EPERM; 1183 goto out; 1184 } 1185 1186 err = kernel_sendmsg(sock, &msg, &iov, 1, args->msglen); 1187 args->addr.addrlen = msg.msg_namelen; 1188 out: 1189 mutex_unlock(&sock_lock); 1190 1191 return err; 1192 } 1193 1194 __bpf_kfunc int bpf_kfunc_call_sock_sendmsg(struct sendmsg_args *args) 1195 { 1196 struct msghdr msg = { 1197 .msg_name = &args->addr.addr, 1198 .msg_namelen = args->addr.addrlen, 1199 }; 1200 struct kvec iov; 1201 int err; 1202 1203 if (args->addr.addrlen > sizeof(args->addr.addr) || 1204 args->msglen > sizeof(args->msg)) 1205 return -EINVAL; 1206 1207 iov.iov_base = args->msg; 1208 iov.iov_len = args->msglen; 1209 1210 iov_iter_kvec(&msg.msg_iter, ITER_SOURCE, &iov, 1, args->msglen); 1211 mutex_lock(&sock_lock); 1212 1213 if (!sock) { 1214 pr_err("%s called without initializing sock", __func__); 1215 err = -EPERM; 1216 goto out; 1217 } 1218 1219 err = sock_sendmsg(sock, &msg); 1220 args->addr.addrlen = msg.msg_namelen; 1221 out: 1222 mutex_unlock(&sock_lock); 1223 1224 return err; 1225 } 1226 1227 __bpf_kfunc int bpf_kfunc_call_kernel_getsockname(struct addr_args *args) 1228 { 1229 int err; 1230 1231 mutex_lock(&sock_lock); 1232 1233 if (!sock) { 1234 pr_err("%s called without initializing sock", __func__); 1235 err = -EPERM; 1236 goto out; 1237 } 1238 1239 err = kernel_getsockname(sock, (struct sockaddr *)&args->addr); 1240 if (err < 0) 1241 goto out; 1242 1243 args->addrlen = err; 1244 err = 0; 1245 out: 1246 mutex_unlock(&sock_lock); 1247 1248 return err; 1249 } 1250 1251 __bpf_kfunc int bpf_kfunc_call_kernel_getpeername(struct addr_args *args) 1252 { 1253 int err; 1254 1255 mutex_lock(&sock_lock); 1256 1257 if (!sock) { 1258 pr_err("%s called without initializing sock", __func__); 1259 err = -EPERM; 1260 goto out; 1261 } 1262 1263 err = kernel_getpeername(sock, (struct sockaddr *)&args->addr); 1264 if (err < 0) 1265 goto out; 1266 1267 args->addrlen = err; 1268 err = 0; 1269 out: 1270 mutex_unlock(&sock_lock); 1271 1272 return err; 1273 } 1274 1275 static DEFINE_MUTEX(st_ops_mutex); 1276 static struct bpf_testmod_st_ops *st_ops; 1277 1278 __bpf_kfunc int bpf_kfunc_st_ops_test_prologue(struct st_ops_args *args) 1279 { 1280 int ret = -1; 1281 1282 mutex_lock(&st_ops_mutex); 1283 if (st_ops && st_ops->test_prologue) 1284 ret = st_ops->test_prologue(args); 1285 mutex_unlock(&st_ops_mutex); 1286 1287 return ret; 1288 } 1289 1290 __bpf_kfunc int bpf_kfunc_st_ops_test_epilogue(struct st_ops_args *args) 1291 { 1292 int ret = -1; 1293 1294 mutex_lock(&st_ops_mutex); 1295 if (st_ops && st_ops->test_epilogue) 1296 ret = st_ops->test_epilogue(args); 1297 mutex_unlock(&st_ops_mutex); 1298 1299 return ret; 1300 } 1301 1302 __bpf_kfunc int bpf_kfunc_st_ops_test_pro_epilogue(struct st_ops_args *args) 1303 { 1304 int ret = -1; 1305 1306 mutex_lock(&st_ops_mutex); 1307 if (st_ops && st_ops->test_pro_epilogue) 1308 ret = st_ops->test_pro_epilogue(args); 1309 mutex_unlock(&st_ops_mutex); 1310 1311 return ret; 1312 } 1313 1314 __bpf_kfunc int bpf_kfunc_st_ops_inc10(struct st_ops_args *args) 1315 { 1316 args->a += 10; 1317 return args->a; 1318 } 1319 1320 __bpf_kfunc int bpf_kfunc_multi_st_ops_test_1(struct st_ops_args *args, u32 id); 1321 __bpf_kfunc int bpf_kfunc_multi_st_ops_test_1_assoc(struct st_ops_args *args, struct bpf_prog_aux *aux); 1322 1323 __bpf_kfunc int bpf_kfunc_implicit_arg(int a, struct bpf_prog_aux *aux); 1324 __bpf_kfunc int bpf_kfunc_implicit_arg_legacy(int a, int b, struct bpf_prog_aux *aux); 1325 __bpf_kfunc int bpf_kfunc_implicit_arg_legacy_impl(int a, int b, struct bpf_prog_aux *aux); 1326 1327 /* hook targets */ 1328 noinline void bpf_testmod_test_hardirq_fn(void) { barrier(); } 1329 noinline void bpf_testmod_test_softirq_fn(void) { barrier(); } 1330 1331 /* Tasklet for SoftIRQ context */ 1332 static void ctx_check_tasklet_fn(struct tasklet_struct *t) 1333 { 1334 bpf_testmod_test_softirq_fn(); 1335 } 1336 1337 DECLARE_TASKLET(ctx_check_tasklet, ctx_check_tasklet_fn); 1338 1339 /* IRQ Work for HardIRQ context */ 1340 static void ctx_check_irq_fn(struct irq_work *work) 1341 { 1342 bpf_testmod_test_hardirq_fn(); 1343 tasklet_schedule(&ctx_check_tasklet); 1344 } 1345 1346 static struct irq_work ctx_check_irq = IRQ_WORK_INIT_HARD(ctx_check_irq_fn); 1347 1348 /* The kfunc trigger */ 1349 __bpf_kfunc void bpf_kfunc_trigger_ctx_check(void) 1350 { 1351 irq_work_queue(&ctx_check_irq); 1352 } 1353 1354 BTF_KFUNCS_START(bpf_testmod_check_kfunc_ids) 1355 BTF_ID_FLAGS(func, bpf_testmod_test_mod_kfunc) 1356 BTF_ID_FLAGS(func, bpf_kfunc_call_test1) 1357 BTF_ID_FLAGS(func, bpf_kfunc_call_test2) 1358 BTF_ID_FLAGS(func, bpf_kfunc_call_test3) 1359 BTF_ID_FLAGS(func, bpf_kfunc_call_test4) 1360 BTF_ID_FLAGS(func, bpf_kfunc_call_test5) 1361 BTF_ID_FLAGS(func, bpf_kfunc_call_stack_arg) 1362 BTF_ID_FLAGS(func, bpf_kfunc_call_stack_arg_ptr) 1363 BTF_ID_FLAGS(func, bpf_kfunc_call_stack_arg_mix) 1364 BTF_ID_FLAGS(func, bpf_kfunc_call_stack_arg_dynptr) 1365 BTF_ID_FLAGS(func, bpf_kfunc_call_stack_arg_mem) 1366 BTF_ID_FLAGS(func, bpf_kfunc_call_stack_arg_iter) 1367 BTF_ID_FLAGS(func, bpf_kfunc_call_stack_arg_const_str) 1368 BTF_ID_FLAGS(func, bpf_kfunc_call_stack_arg_timer) 1369 BTF_ID_FLAGS(func, bpf_kfunc_call_stack_arg_big) 1370 BTF_ID_FLAGS(func, bpf_kfunc_call_test_mem_len_fail1) 1371 BTF_ID_FLAGS(func, bpf_kfunc_call_test_mem_len_fail2) 1372 BTF_ID_FLAGS(func, bpf_kfunc_call_test_acquire, KF_ACQUIRE | KF_RET_NULL) 1373 BTF_ID_FLAGS(func, bpf_kfunc_call_memb_acquire, KF_ACQUIRE | KF_RET_NULL) 1374 BTF_ID_FLAGS(func, bpf_kfunc_call_memb1_release, KF_RELEASE) 1375 BTF_ID_FLAGS(func, bpf_kfunc_call_test_get_rdwr_mem, KF_RET_NULL) 1376 BTF_ID_FLAGS(func, bpf_kfunc_call_test_get_rdonly_mem, KF_RET_NULL) 1377 BTF_ID_FLAGS(func, bpf_kfunc_call_test_acq_rdonly_mem, KF_ACQUIRE | KF_RET_NULL) 1378 BTF_ID_FLAGS(func, bpf_kfunc_call_int_mem_release, KF_RELEASE) 1379 BTF_ID_FLAGS(func, bpf_kfunc_call_test_pass_ctx) 1380 BTF_ID_FLAGS(func, bpf_kfunc_call_test_pass1) 1381 BTF_ID_FLAGS(func, bpf_kfunc_call_test_pass2) 1382 BTF_ID_FLAGS(func, bpf_kfunc_call_test_fail1) 1383 BTF_ID_FLAGS(func, bpf_kfunc_call_test_fail2) 1384 BTF_ID_FLAGS(func, bpf_kfunc_call_test_fail3) 1385 BTF_ID_FLAGS(func, bpf_kfunc_call_test_ref, KF_RCU) 1386 BTF_ID_FLAGS(func, bpf_kfunc_call_test_destructive, KF_DESTRUCTIVE) 1387 BTF_ID_FLAGS(func, bpf_kfunc_call_test_static_unused_arg) 1388 BTF_ID_FLAGS(func, bpf_kfunc_call_test_offset) 1389 BTF_ID_FLAGS(func, bpf_kfunc_call_test_sleepable, KF_SLEEPABLE) 1390 BTF_ID_FLAGS(func, bpf_kfunc_call_test_call_rcu_tasks_trace) 1391 BTF_ID_FLAGS(func, bpf_kfunc_init_sock, KF_SLEEPABLE) 1392 BTF_ID_FLAGS(func, bpf_kfunc_close_sock, KF_SLEEPABLE) 1393 BTF_ID_FLAGS(func, bpf_kfunc_call_kernel_connect, KF_SLEEPABLE) 1394 BTF_ID_FLAGS(func, bpf_kfunc_call_kernel_bind, KF_SLEEPABLE) 1395 BTF_ID_FLAGS(func, bpf_kfunc_call_kernel_listen, KF_SLEEPABLE) 1396 BTF_ID_FLAGS(func, bpf_kfunc_call_kernel_sendmsg, KF_SLEEPABLE) 1397 BTF_ID_FLAGS(func, bpf_kfunc_call_sock_sendmsg, KF_SLEEPABLE) 1398 BTF_ID_FLAGS(func, bpf_kfunc_call_kernel_getsockname, KF_SLEEPABLE) 1399 BTF_ID_FLAGS(func, bpf_kfunc_call_kernel_getpeername, KF_SLEEPABLE) 1400 BTF_ID_FLAGS(func, bpf_kfunc_st_ops_test_prologue, KF_SLEEPABLE) 1401 BTF_ID_FLAGS(func, bpf_kfunc_st_ops_test_epilogue, KF_SLEEPABLE) 1402 BTF_ID_FLAGS(func, bpf_kfunc_st_ops_test_pro_epilogue, KF_SLEEPABLE) 1403 BTF_ID_FLAGS(func, bpf_kfunc_st_ops_inc10) 1404 BTF_ID_FLAGS(func, bpf_kfunc_multi_st_ops_test_1) 1405 BTF_ID_FLAGS(func, bpf_kfunc_multi_st_ops_test_1_assoc, KF_IMPLICIT_ARGS) 1406 BTF_ID_FLAGS(func, bpf_kfunc_implicit_arg, KF_IMPLICIT_ARGS) 1407 BTF_ID_FLAGS(func, bpf_kfunc_implicit_arg_legacy, KF_IMPLICIT_ARGS) 1408 BTF_ID_FLAGS(func, bpf_kfunc_implicit_arg_legacy_impl) 1409 BTF_ID_FLAGS(func, bpf_kfunc_trigger_ctx_check) 1410 BTF_KFUNCS_END(bpf_testmod_check_kfunc_ids) 1411 1412 static int bpf_testmod_ops_init(struct btf *btf) 1413 { 1414 return 0; 1415 } 1416 1417 static bool bpf_testmod_ops_is_valid_access(int off, int size, 1418 enum bpf_access_type type, 1419 const struct bpf_prog *prog, 1420 struct bpf_insn_access_aux *info) 1421 { 1422 return bpf_tracing_btf_ctx_access(off, size, type, prog, info); 1423 } 1424 1425 static int bpf_testmod_ops_init_member(const struct btf_type *t, 1426 const struct btf_member *member, 1427 void *kdata, const void *udata) 1428 { 1429 if (member->offset == offsetof(struct bpf_testmod_ops, data) * 8) { 1430 /* For data fields, this function has to copy it and return 1431 * 1 to indicate that the data has been handled by the 1432 * struct_ops type, or the verifier will reject the map if 1433 * the value of the data field is not zero. 1434 */ 1435 ((struct bpf_testmod_ops *)kdata)->data = ((struct bpf_testmod_ops *)udata)->data; 1436 return 1; 1437 } 1438 return 0; 1439 } 1440 1441 static const struct btf_kfunc_id_set bpf_testmod_kfunc_set = { 1442 .owner = THIS_MODULE, 1443 .set = &bpf_testmod_check_kfunc_ids, 1444 }; 1445 1446 static const struct bpf_verifier_ops bpf_testmod_verifier_ops = { 1447 .get_func_proto = bpf_base_func_proto, 1448 .is_valid_access = bpf_testmod_ops_is_valid_access, 1449 }; 1450 1451 static const struct bpf_verifier_ops bpf_testmod_verifier_ops3 = { 1452 .is_valid_access = bpf_testmod_ops_is_valid_access, 1453 }; 1454 1455 static int bpf_dummy_reg(void *kdata, struct bpf_link *link) 1456 { 1457 struct bpf_testmod_ops *ops = kdata; 1458 1459 if (ops->test_1) 1460 ops->test_1(); 1461 /* Some test cases (ex. struct_ops_maybe_null) may not have test_2 1462 * initialized, so we need to check for NULL. 1463 */ 1464 if (ops->test_2) 1465 ops->test_2(4, ops->data); 1466 1467 return 0; 1468 } 1469 1470 static void bpf_dummy_unreg(void *kdata, struct bpf_link *link) 1471 { 1472 } 1473 1474 static int bpf_testmod_test_1(void) 1475 { 1476 return 0; 1477 } 1478 1479 static void bpf_testmod_test_2(int a, int b) 1480 { 1481 } 1482 1483 static int bpf_testmod_tramp(int value) 1484 { 1485 return 0; 1486 } 1487 1488 static int bpf_testmod_ops__test_maybe_null(int dummy, 1489 struct task_struct *task__nullable) 1490 { 1491 return 0; 1492 } 1493 1494 static int bpf_testmod_ops__test_refcounted(int dummy, 1495 struct task_struct *task__ref) 1496 { 1497 return 0; 1498 } 1499 1500 static int bpf_testmod_ops__test_refcounted_multi(int dummy, struct task_struct *task__nullable, 1501 struct task_struct *task__ref) 1502 { 1503 return 0; 1504 } 1505 1506 static struct task_struct * 1507 bpf_testmod_ops__test_return_ref_kptr(int dummy, struct task_struct *task__ref, 1508 struct cgroup *cgrp) 1509 { 1510 return NULL; 1511 } 1512 1513 static struct bpf_testmod_ops __bpf_testmod_ops = { 1514 .test_1 = bpf_testmod_test_1, 1515 .test_2 = bpf_testmod_test_2, 1516 .test_maybe_null = bpf_testmod_ops__test_maybe_null, 1517 .test_refcounted = bpf_testmod_ops__test_refcounted, 1518 .test_refcounted_multi = bpf_testmod_ops__test_refcounted_multi, 1519 .test_return_ref_kptr = bpf_testmod_ops__test_return_ref_kptr, 1520 }; 1521 1522 struct bpf_struct_ops bpf_bpf_testmod_ops = { 1523 .verifier_ops = &bpf_testmod_verifier_ops, 1524 .init = bpf_testmod_ops_init, 1525 .init_member = bpf_testmod_ops_init_member, 1526 .reg = bpf_dummy_reg, 1527 .unreg = bpf_dummy_unreg, 1528 .cfi_stubs = &__bpf_testmod_ops, 1529 .name = "bpf_testmod_ops", 1530 .owner = THIS_MODULE, 1531 }; 1532 1533 static int bpf_dummy_reg2(void *kdata, struct bpf_link *link) 1534 { 1535 struct bpf_testmod_ops2 *ops = kdata; 1536 1537 ops->test_1(); 1538 return 0; 1539 } 1540 1541 static struct bpf_testmod_ops2 __bpf_testmod_ops2 = { 1542 .test_1 = bpf_testmod_test_1, 1543 }; 1544 1545 struct bpf_struct_ops bpf_testmod_ops2 = { 1546 .verifier_ops = &bpf_testmod_verifier_ops, 1547 .init = bpf_testmod_ops_init, 1548 .init_member = bpf_testmod_ops_init_member, 1549 .reg = bpf_dummy_reg2, 1550 .unreg = bpf_dummy_unreg, 1551 .cfi_stubs = &__bpf_testmod_ops2, 1552 .name = "bpf_testmod_ops2", 1553 .owner = THIS_MODULE, 1554 }; 1555 1556 static int st_ops3_reg(void *kdata, struct bpf_link *link) 1557 { 1558 int err = 0; 1559 1560 mutex_lock(&st_ops_mutex); 1561 if (st_ops3) { 1562 pr_err("st_ops has already been registered\n"); 1563 err = -EEXIST; 1564 goto unlock; 1565 } 1566 st_ops3 = kdata; 1567 1568 unlock: 1569 mutex_unlock(&st_ops_mutex); 1570 return err; 1571 } 1572 1573 static void st_ops3_unreg(void *kdata, struct bpf_link *link) 1574 { 1575 mutex_lock(&st_ops_mutex); 1576 st_ops3 = NULL; 1577 mutex_unlock(&st_ops_mutex); 1578 } 1579 1580 static void test_1_recursion_detected(struct bpf_prog *prog) 1581 { 1582 struct bpf_prog_stats *stats; 1583 1584 stats = this_cpu_ptr(prog->stats); 1585 printk("bpf_testmod: oh no, recursing into test_1, recursion_misses %llu", 1586 u64_stats_read(&stats->misses)); 1587 } 1588 1589 static int st_ops3_check_member(const struct btf_type *t, 1590 const struct btf_member *member, 1591 const struct bpf_prog *prog) 1592 { 1593 u32 moff = __btf_member_bit_offset(t, member) / 8; 1594 1595 switch (moff) { 1596 case offsetof(struct bpf_testmod_ops3, test_1): 1597 prog->aux->priv_stack_requested = true; 1598 prog->aux->recursion_detected = test_1_recursion_detected; 1599 fallthrough; 1600 default: 1601 break; 1602 } 1603 return 0; 1604 } 1605 1606 struct bpf_struct_ops bpf_testmod_ops3 = { 1607 .verifier_ops = &bpf_testmod_verifier_ops3, 1608 .init = bpf_testmod_ops_init, 1609 .init_member = bpf_testmod_ops_init_member, 1610 .reg = st_ops3_reg, 1611 .unreg = st_ops3_unreg, 1612 .check_member = st_ops3_check_member, 1613 .cfi_stubs = &__bpf_testmod_ops3, 1614 .name = "bpf_testmod_ops3", 1615 .owner = THIS_MODULE, 1616 }; 1617 1618 static int bpf_test_mod_st_ops__test_prologue(struct st_ops_args *args) 1619 { 1620 return 0; 1621 } 1622 1623 static int bpf_test_mod_st_ops__test_epilogue(struct st_ops_args *args) 1624 { 1625 return 0; 1626 } 1627 1628 static int bpf_test_mod_st_ops__test_pro_epilogue(struct st_ops_args *args) 1629 { 1630 return 0; 1631 } 1632 1633 static int bpf_cgroup_from_id_id; 1634 static int bpf_cgroup_release_id; 1635 1636 static int st_ops_gen_prologue_with_kfunc(struct bpf_insn *insn_buf, bool direct_write, 1637 const struct bpf_prog *prog) 1638 { 1639 struct bpf_insn *insn = insn_buf; 1640 1641 /* r8 = r1; // r8 will be "u64 *ctx". 1642 * r1 = 0; 1643 * r0 = bpf_cgroup_from_id(r1); 1644 * if r0 != 0 goto pc+5; 1645 * r6 = r8[0]; // r6 will be "struct st_ops *args". 1646 * r7 = r6->a; 1647 * r7 += 1000; 1648 * r6->a = r7; 1649 * goto pc+2; 1650 * r1 = r0; 1651 * bpf_cgroup_release(r1); 1652 * r1 = r8; 1653 */ 1654 *insn++ = BPF_MOV64_REG(BPF_REG_8, BPF_REG_1); 1655 *insn++ = BPF_MOV64_IMM(BPF_REG_1, 0); 1656 *insn++ = BPF_CALL_KFUNC(0, bpf_cgroup_from_id_id); 1657 *insn++ = BPF_JMP_IMM(BPF_JNE, BPF_REG_0, 0, 5); 1658 *insn++ = BPF_LDX_MEM(BPF_DW, BPF_REG_6, BPF_REG_8, 0); 1659 *insn++ = BPF_LDX_MEM(BPF_DW, BPF_REG_7, BPF_REG_6, offsetof(struct st_ops_args, a)); 1660 *insn++ = BPF_ALU64_IMM(BPF_ADD, BPF_REG_7, 1000); 1661 *insn++ = BPF_STX_MEM(BPF_DW, BPF_REG_6, BPF_REG_7, offsetof(struct st_ops_args, a)); 1662 *insn++ = BPF_JMP_IMM(BPF_JA, 0, 0, 2); 1663 *insn++ = BPF_MOV64_REG(BPF_REG_1, BPF_REG_0); 1664 *insn++ = BPF_CALL_KFUNC(0, bpf_cgroup_release_id); 1665 *insn++ = BPF_MOV64_REG(BPF_REG_1, BPF_REG_8); 1666 *insn++ = prog->insnsi[0]; 1667 1668 return insn - insn_buf; 1669 } 1670 1671 static int st_ops_gen_epilogue_with_kfunc(struct bpf_insn *insn_buf, const struct bpf_prog *prog, 1672 s16 ctx_stack_off) 1673 { 1674 struct bpf_insn *insn = insn_buf; 1675 1676 /* r1 = 0; 1677 * r6 = 0; 1678 * r0 = bpf_cgroup_from_id(r1); 1679 * if r0 != 0 goto pc+6; 1680 * r1 = stack[ctx_stack_off]; // r1 will be "u64 *ctx" 1681 * r1 = r1[0]; // r1 will be "struct st_ops *args" 1682 * r6 = r1->a; 1683 * r6 += 10000; 1684 * r1->a = r6; 1685 * goto pc+2 1686 * r1 = r0; 1687 * bpf_cgroup_release(r1); 1688 * r0 = r6; 1689 * r0 *= 2; 1690 * BPF_EXIT; 1691 */ 1692 *insn++ = BPF_MOV64_IMM(BPF_REG_1, 0); 1693 *insn++ = BPF_MOV64_IMM(BPF_REG_6, 0); 1694 *insn++ = BPF_CALL_KFUNC(0, bpf_cgroup_from_id_id); 1695 *insn++ = BPF_JMP_IMM(BPF_JNE, BPF_REG_0, 0, 6); 1696 *insn++ = BPF_LDX_MEM(BPF_DW, BPF_REG_1, BPF_REG_FP, ctx_stack_off); 1697 *insn++ = BPF_LDX_MEM(BPF_DW, BPF_REG_1, BPF_REG_1, 0); 1698 *insn++ = BPF_LDX_MEM(BPF_DW, BPF_REG_6, BPF_REG_1, offsetof(struct st_ops_args, a)); 1699 *insn++ = BPF_ALU64_IMM(BPF_ADD, BPF_REG_6, 10000); 1700 *insn++ = BPF_STX_MEM(BPF_DW, BPF_REG_1, BPF_REG_6, offsetof(struct st_ops_args, a)); 1701 *insn++ = BPF_JMP_IMM(BPF_JA, 0, 0, 2); 1702 *insn++ = BPF_MOV64_REG(BPF_REG_1, BPF_REG_0); 1703 *insn++ = BPF_CALL_KFUNC(0, bpf_cgroup_release_id); 1704 *insn++ = BPF_MOV64_REG(BPF_REG_0, BPF_REG_6); 1705 *insn++ = BPF_ALU64_IMM(BPF_MUL, BPF_REG_0, 2); 1706 *insn++ = BPF_EXIT_INSN(); 1707 1708 return insn - insn_buf; 1709 } 1710 1711 #define KFUNC_PRO_EPI_PREFIX "test_kfunc_" 1712 static int st_ops_gen_prologue(struct bpf_insn *insn_buf, bool direct_write, 1713 const struct bpf_prog *prog) 1714 { 1715 struct bpf_insn *insn = insn_buf; 1716 1717 if (strcmp(prog->aux->attach_func_name, "test_prologue") && 1718 strcmp(prog->aux->attach_func_name, "test_pro_epilogue")) 1719 return 0; 1720 1721 if (!strncmp(prog->aux->name, KFUNC_PRO_EPI_PREFIX, strlen(KFUNC_PRO_EPI_PREFIX))) 1722 return st_ops_gen_prologue_with_kfunc(insn_buf, direct_write, prog); 1723 1724 /* r6 = r1[0]; // r6 will be "struct st_ops *args". r1 is "u64 *ctx". 1725 * r7 = r6->a; 1726 * r7 += 1000; 1727 * r6->a = r7; 1728 */ 1729 *insn++ = BPF_LDX_MEM(BPF_DW, BPF_REG_6, BPF_REG_1, 0); 1730 *insn++ = BPF_LDX_MEM(BPF_DW, BPF_REG_7, BPF_REG_6, offsetof(struct st_ops_args, a)); 1731 *insn++ = BPF_ALU64_IMM(BPF_ADD, BPF_REG_7, 1000); 1732 *insn++ = BPF_STX_MEM(BPF_DW, BPF_REG_6, BPF_REG_7, offsetof(struct st_ops_args, a)); 1733 *insn++ = prog->insnsi[0]; 1734 1735 return insn - insn_buf; 1736 } 1737 1738 static int st_ops_gen_epilogue(struct bpf_insn *insn_buf, const struct bpf_prog *prog, 1739 s16 ctx_stack_off) 1740 { 1741 struct bpf_insn *insn = insn_buf; 1742 1743 if (strcmp(prog->aux->attach_func_name, "test_epilogue") && 1744 strcmp(prog->aux->attach_func_name, "test_pro_epilogue")) 1745 return 0; 1746 1747 if (!strncmp(prog->aux->name, KFUNC_PRO_EPI_PREFIX, strlen(KFUNC_PRO_EPI_PREFIX))) 1748 return st_ops_gen_epilogue_with_kfunc(insn_buf, prog, ctx_stack_off); 1749 1750 /* r1 = stack[ctx_stack_off]; // r1 will be "u64 *ctx" 1751 * r1 = r1[0]; // r1 will be "struct st_ops *args" 1752 * r6 = r1->a; 1753 * r6 += 10000; 1754 * r1->a = r6; 1755 * r0 = r6; 1756 * r0 *= 2; 1757 * BPF_EXIT; 1758 */ 1759 *insn++ = BPF_LDX_MEM(BPF_DW, BPF_REG_1, BPF_REG_FP, ctx_stack_off); 1760 *insn++ = BPF_LDX_MEM(BPF_DW, BPF_REG_1, BPF_REG_1, 0); 1761 *insn++ = BPF_LDX_MEM(BPF_DW, BPF_REG_6, BPF_REG_1, offsetof(struct st_ops_args, a)); 1762 *insn++ = BPF_ALU64_IMM(BPF_ADD, BPF_REG_6, 10000); 1763 *insn++ = BPF_STX_MEM(BPF_DW, BPF_REG_1, BPF_REG_6, offsetof(struct st_ops_args, a)); 1764 *insn++ = BPF_MOV64_REG(BPF_REG_0, BPF_REG_6); 1765 *insn++ = BPF_ALU64_IMM(BPF_MUL, BPF_REG_0, 2); 1766 *insn++ = BPF_EXIT_INSN(); 1767 1768 return insn - insn_buf; 1769 } 1770 1771 static int st_ops_btf_struct_access(struct bpf_verifier_log *log, 1772 const struct bpf_reg_state *reg, 1773 int off, int size) 1774 { 1775 if (off < 0 || off + size > sizeof(struct st_ops_args)) 1776 return -EACCES; 1777 return 0; 1778 } 1779 1780 static const struct bpf_verifier_ops st_ops_verifier_ops = { 1781 .is_valid_access = bpf_testmod_ops_is_valid_access, 1782 .btf_struct_access = st_ops_btf_struct_access, 1783 .gen_prologue = st_ops_gen_prologue, 1784 .gen_epilogue = st_ops_gen_epilogue, 1785 .get_func_proto = bpf_base_func_proto, 1786 }; 1787 1788 static struct bpf_testmod_st_ops st_ops_cfi_stubs = { 1789 .test_prologue = bpf_test_mod_st_ops__test_prologue, 1790 .test_epilogue = bpf_test_mod_st_ops__test_epilogue, 1791 .test_pro_epilogue = bpf_test_mod_st_ops__test_pro_epilogue, 1792 }; 1793 1794 static int st_ops_reg(void *kdata, struct bpf_link *link) 1795 { 1796 int err = 0; 1797 1798 mutex_lock(&st_ops_mutex); 1799 if (st_ops) { 1800 pr_err("st_ops has already been registered\n"); 1801 err = -EEXIST; 1802 goto unlock; 1803 } 1804 st_ops = kdata; 1805 1806 unlock: 1807 mutex_unlock(&st_ops_mutex); 1808 return err; 1809 } 1810 1811 static void st_ops_unreg(void *kdata, struct bpf_link *link) 1812 { 1813 mutex_lock(&st_ops_mutex); 1814 st_ops = NULL; 1815 mutex_unlock(&st_ops_mutex); 1816 } 1817 1818 static int st_ops_init(struct btf *btf) 1819 { 1820 struct btf *kfunc_btf; 1821 1822 bpf_cgroup_from_id_id = bpf_find_btf_id("bpf_cgroup_from_id", BTF_KIND_FUNC, &kfunc_btf); 1823 bpf_cgroup_release_id = bpf_find_btf_id("bpf_cgroup_release", BTF_KIND_FUNC, &kfunc_btf); 1824 if (bpf_cgroup_from_id_id < 0 || bpf_cgroup_release_id < 0) 1825 return -EINVAL; 1826 1827 return 0; 1828 } 1829 1830 static int st_ops_init_member(const struct btf_type *t, 1831 const struct btf_member *member, 1832 void *kdata, const void *udata) 1833 { 1834 return 0; 1835 } 1836 1837 static struct bpf_struct_ops testmod_st_ops = { 1838 .verifier_ops = &st_ops_verifier_ops, 1839 .init = st_ops_init, 1840 .init_member = st_ops_init_member, 1841 .reg = st_ops_reg, 1842 .unreg = st_ops_unreg, 1843 .cfi_stubs = &st_ops_cfi_stubs, 1844 .name = "bpf_testmod_st_ops", 1845 .owner = THIS_MODULE, 1846 }; 1847 1848 struct hlist_head multi_st_ops_list; 1849 static DEFINE_SPINLOCK(multi_st_ops_lock); 1850 1851 static int multi_st_ops_init(struct btf *btf) 1852 { 1853 spin_lock_init(&multi_st_ops_lock); 1854 INIT_HLIST_HEAD(&multi_st_ops_list); 1855 1856 return 0; 1857 } 1858 1859 static int multi_st_ops_init_member(const struct btf_type *t, 1860 const struct btf_member *member, 1861 void *kdata, const void *udata) 1862 { 1863 return 0; 1864 } 1865 1866 static struct bpf_testmod_multi_st_ops *multi_st_ops_find_nolock(u32 id) 1867 { 1868 struct bpf_testmod_multi_st_ops *st_ops; 1869 1870 hlist_for_each_entry(st_ops, &multi_st_ops_list, node) { 1871 if (st_ops->id == id) 1872 return st_ops; 1873 } 1874 1875 return NULL; 1876 } 1877 1878 /* Call test_1() of the struct_ops map identified by the id */ 1879 int bpf_kfunc_multi_st_ops_test_1(struct st_ops_args *args, u32 id) 1880 { 1881 struct bpf_testmod_multi_st_ops *st_ops; 1882 unsigned long flags; 1883 int ret = -1; 1884 1885 spin_lock_irqsave(&multi_st_ops_lock, flags); 1886 st_ops = multi_st_ops_find_nolock(id); 1887 if (st_ops) 1888 ret = st_ops->test_1(args); 1889 spin_unlock_irqrestore(&multi_st_ops_lock, flags); 1890 1891 return ret; 1892 } 1893 1894 /* Call test_1() of the associated struct_ops map */ 1895 int bpf_kfunc_multi_st_ops_test_1_assoc(struct st_ops_args *args, struct bpf_prog_aux *aux) 1896 { 1897 struct bpf_testmod_multi_st_ops *st_ops; 1898 int ret = -1; 1899 1900 st_ops = (struct bpf_testmod_multi_st_ops *)bpf_prog_get_assoc_struct_ops(aux); 1901 if (st_ops) 1902 ret = st_ops->test_1(args); 1903 1904 return ret; 1905 } 1906 1907 int bpf_kfunc_implicit_arg(int a, struct bpf_prog_aux *aux) 1908 { 1909 if (aux && a > 0) 1910 return a; 1911 return -EINVAL; 1912 } 1913 1914 int bpf_kfunc_implicit_arg_legacy(int a, int b, struct bpf_prog_aux *aux) 1915 { 1916 if (aux) 1917 return a + b; 1918 return -EINVAL; 1919 } 1920 1921 int bpf_kfunc_implicit_arg_legacy_impl(int a, int b, struct bpf_prog_aux *aux) 1922 { 1923 return bpf_kfunc_implicit_arg_legacy(a, b, aux); 1924 } 1925 1926 static int multi_st_ops_reg(void *kdata, struct bpf_link *link) 1927 { 1928 struct bpf_testmod_multi_st_ops *st_ops = 1929 (struct bpf_testmod_multi_st_ops *)kdata; 1930 unsigned long flags; 1931 int err = 0; 1932 u32 id; 1933 1934 if (!st_ops->test_1) 1935 return -EINVAL; 1936 1937 id = bpf_struct_ops_id(kdata); 1938 1939 spin_lock_irqsave(&multi_st_ops_lock, flags); 1940 if (multi_st_ops_find_nolock(id)) { 1941 pr_err("multi_st_ops(id:%d) has already been registered\n", id); 1942 err = -EEXIST; 1943 goto unlock; 1944 } 1945 1946 st_ops->id = id; 1947 hlist_add_head(&st_ops->node, &multi_st_ops_list); 1948 unlock: 1949 spin_unlock_irqrestore(&multi_st_ops_lock, flags); 1950 1951 return err; 1952 } 1953 1954 static void multi_st_ops_unreg(void *kdata, struct bpf_link *link) 1955 { 1956 struct bpf_testmod_multi_st_ops *st_ops; 1957 unsigned long flags; 1958 u32 id; 1959 1960 id = bpf_struct_ops_id(kdata); 1961 1962 spin_lock_irqsave(&multi_st_ops_lock, flags); 1963 st_ops = multi_st_ops_find_nolock(id); 1964 if (st_ops) 1965 hlist_del(&st_ops->node); 1966 spin_unlock_irqrestore(&multi_st_ops_lock, flags); 1967 } 1968 1969 static int bpf_testmod_multi_st_ops__test_1(struct st_ops_args *args) 1970 { 1971 return 0; 1972 } 1973 1974 static struct bpf_testmod_multi_st_ops multi_st_ops_cfi_stubs = { 1975 .test_1 = bpf_testmod_multi_st_ops__test_1, 1976 }; 1977 1978 struct bpf_struct_ops testmod_multi_st_ops = { 1979 .verifier_ops = &bpf_testmod_verifier_ops, 1980 .init = multi_st_ops_init, 1981 .init_member = multi_st_ops_init_member, 1982 .reg = multi_st_ops_reg, 1983 .unreg = multi_st_ops_unreg, 1984 .cfi_stubs = &multi_st_ops_cfi_stubs, 1985 .name = "bpf_testmod_multi_st_ops", 1986 .owner = THIS_MODULE, 1987 }; 1988 1989 extern int bpf_fentry_test1(int a); 1990 1991 BTF_KFUNCS_START(bpf_testmod_trampoline_count_ids) 1992 BTF_ID_FLAGS(func, bpf_testmod_trampoline_count_test) 1993 BTF_KFUNCS_END(bpf_testmod_trampoline_count_ids) 1994 1995 static const struct 1996 btf_kfunc_id_set bpf_testmod_trampoline_count_fmodret_set = { 1997 .owner = THIS_MODULE, 1998 .set = &bpf_testmod_trampoline_count_ids, 1999 }; 2000 2001 static int bpf_testmod_init(void) 2002 { 2003 const struct btf_id_dtor_kfunc bpf_testmod_dtors[] = { 2004 { 2005 .btf_id = bpf_testmod_dtor_ids[0], 2006 .kfunc_btf_id = bpf_testmod_dtor_ids[1] 2007 }, 2008 }; 2009 void **tramp; 2010 int ret; 2011 2012 ret = register_btf_kfunc_id_set(BPF_PROG_TYPE_UNSPEC, &bpf_testmod_common_kfunc_set); 2013 ret = ret ?: register_btf_kfunc_id_set(BPF_PROG_TYPE_SCHED_CLS, &bpf_testmod_kfunc_set); 2014 ret = ret ?: register_btf_kfunc_id_set(BPF_PROG_TYPE_TRACING, &bpf_testmod_kfunc_set); 2015 ret = ret ?: register_btf_kfunc_id_set(BPF_PROG_TYPE_SYSCALL, &bpf_testmod_kfunc_set); 2016 ret = ret ?: register_btf_kfunc_id_set(BPF_PROG_TYPE_STRUCT_OPS, &bpf_testmod_kfunc_set); 2017 ret = ret ?: register_btf_fmodret_id_set(&bpf_testmod_trampoline_count_fmodret_set); 2018 ret = ret ?: register_bpf_struct_ops(&bpf_bpf_testmod_ops, bpf_testmod_ops); 2019 ret = ret ?: register_bpf_struct_ops(&bpf_testmod_ops2, bpf_testmod_ops2); 2020 ret = ret ?: register_bpf_struct_ops(&bpf_testmod_ops3, bpf_testmod_ops3); 2021 ret = ret ?: register_bpf_struct_ops(&testmod_st_ops, bpf_testmod_st_ops); 2022 ret = ret ?: register_bpf_struct_ops(&testmod_multi_st_ops, bpf_testmod_multi_st_ops); 2023 ret = ret ?: register_btf_id_dtor_kfuncs(bpf_testmod_dtors, 2024 ARRAY_SIZE(bpf_testmod_dtors), 2025 THIS_MODULE); 2026 if (ret < 0) 2027 return ret; 2028 if (bpf_fentry_test1(0) < 0) 2029 return -EINVAL; 2030 sock = NULL; 2031 mutex_init(&sock_lock); 2032 ret = sysfs_create_bin_file(kernel_kobj, &bin_attr_bpf_testmod_file); 2033 if (ret < 0) 2034 return ret; 2035 ret = register_bpf_testmod_uprobe(); 2036 if (ret < 0) 2037 return ret; 2038 2039 /* Ensure nothing is between tramp_1..tramp_40 */ 2040 BUILD_BUG_ON(offsetof(struct bpf_testmod_ops, tramp_1) + 40 * sizeof(long) != 2041 offsetofend(struct bpf_testmod_ops, tramp_40)); 2042 tramp = (void **)&__bpf_testmod_ops.tramp_1; 2043 while (tramp <= (void **)&__bpf_testmod_ops.tramp_40) 2044 *tramp++ = bpf_testmod_tramp; 2045 2046 return 0; 2047 } 2048 2049 static void bpf_testmod_exit(void) 2050 { 2051 /* Need to wait for all references to be dropped because 2052 * bpf_kfunc_call_test_release() which currently resides in kernel can 2053 * be called after bpf_testmod is unloaded. Once release function is 2054 * moved into the module this wait can be removed. 2055 */ 2056 while (refcount_read(&prog_test_struct.cnt) > 1) 2057 msleep(20); 2058 2059 /* Clean up irqwork and tasklet */ 2060 irq_work_sync(&ctx_check_irq); 2061 tasklet_kill(&ctx_check_tasklet); 2062 2063 bpf_kfunc_close_sock(); 2064 sysfs_remove_bin_file(kernel_kobj, &bin_attr_bpf_testmod_file); 2065 unregister_bpf_testmod_uprobe(); 2066 } 2067 2068 module_init(bpf_testmod_init); 2069 module_exit(bpf_testmod_exit); 2070 2071 MODULE_AUTHOR("Andrii Nakryiko"); 2072 MODULE_DESCRIPTION("BPF selftests module"); 2073 MODULE_LICENSE("Dual BSD/GPL"); 2074