15b497af4SThomas Gleixner // SPDX-License-Identifier: GPL-2.0-only 299c55f7dSAlexei Starovoitov /* Copyright (c) 2011-2014 PLUMgrid, http://plumgrid.com 399c55f7dSAlexei Starovoitov */ 499c55f7dSAlexei Starovoitov #include <linux/bpf.h> 5aef2fedaSJakub Kicinski #include <linux/bpf-cgroup.h> 6a67edbf4SDaniel Borkmann #include <linux/bpf_trace.h> 7f4364dcfSSean Young #include <linux/bpf_lirc.h> 84a1e7c0cSToke Høiland-Jørgensen #include <linux/bpf_verifier.h> 961df10c7SKumar Kartikeya Dwivedi #include <linux/bsearch.h> 10f56a653cSMartin KaFai Lau #include <linux/btf.h> 1199c55f7dSAlexei Starovoitov #include <linux/syscalls.h> 1299c55f7dSAlexei Starovoitov #include <linux/slab.h> 133f07c014SIngo Molnar #include <linux/sched/signal.h> 14d407bd25SDaniel Borkmann #include <linux/vmalloc.h> 15d407bd25SDaniel Borkmann #include <linux/mmzone.h> 1699c55f7dSAlexei Starovoitov #include <linux/anon_inodes.h> 1741bdc4b4SYonghong Song #include <linux/fdtable.h> 18db20fd2bSAlexei Starovoitov #include <linux/file.h> 1941bdc4b4SYonghong Song #include <linux/fs.h> 2009756af4SAlexei Starovoitov #include <linux/license.h> 2109756af4SAlexei Starovoitov #include <linux/filter.h> 22535e7b4bSMickaël Salaün #include <linux/kernel.h> 23dc4bb0e2SMartin KaFai Lau #include <linux/idr.h> 24cb4d2b3fSMartin KaFai Lau #include <linux/cred.h> 25cb4d2b3fSMartin KaFai Lau #include <linux/timekeeping.h> 26cb4d2b3fSMartin KaFai Lau #include <linux/ctype.h> 279ef09e35SMark Rutland #include <linux/nospec.h> 28bae141f5SDaniel Borkmann #include <linux/audit.h> 29ccfe29ebSAlexei Starovoitov #include <uapi/linux/btf.h> 30ca5999fdSMike Rapoport #include <linux/pgtable.h> 319e4e01dfSKP Singh #include <linux/bpf_lsm.h> 32457f4436SAndrii Nakryiko #include <linux/poll.h> 334d7d7f69SKumar Kartikeya Dwivedi #include <linux/sort.h> 34a3fd7ceeSJakub Sitnicki #include <linux/bpf-netns.h> 351e6c62a8SAlexei Starovoitov #include <linux/rcupdate_trace.h> 3648edc1f7SRoman Gushchin #include <linux/memcontrol.h> 370dcac272SJiri Olsa #include <linux/trace_events.h> 3884601d6eSFlorian Westphal #include <net/netfilter/nf_bpf_link.h> 3999c55f7dSAlexei Starovoitov 40da765a2fSDaniel Borkmann #define IS_FD_ARRAY(map) ((map)->map_type == BPF_MAP_TYPE_PERF_EVENT_ARRAY || \ 4114dc6f04SMartin KaFai Lau (map)->map_type == BPF_MAP_TYPE_CGROUP_ARRAY || \ 4214dc6f04SMartin KaFai Lau (map)->map_type == BPF_MAP_TYPE_ARRAY_OF_MAPS) 43da765a2fSDaniel Borkmann #define IS_FD_PROG_ARRAY(map) ((map)->map_type == BPF_MAP_TYPE_PROG_ARRAY) 4414dc6f04SMartin KaFai Lau #define IS_FD_HASH(map) ((map)->map_type == BPF_MAP_TYPE_HASH_OF_MAPS) 45da765a2fSDaniel Borkmann #define IS_FD_MAP(map) (IS_FD_ARRAY(map) || IS_FD_PROG_ARRAY(map) || \ 46da765a2fSDaniel Borkmann IS_FD_HASH(map)) 4714dc6f04SMartin KaFai Lau 486e71b04aSChenbo Feng #define BPF_OBJ_FLAG_MASK (BPF_F_RDONLY | BPF_F_WRONLY) 496e71b04aSChenbo Feng 50b121d1e7SAlexei Starovoitov DEFINE_PER_CPU(int, bpf_prog_active); 51dc4bb0e2SMartin KaFai Lau static DEFINE_IDR(prog_idr); 52dc4bb0e2SMartin KaFai Lau static DEFINE_SPINLOCK(prog_idr_lock); 53f3f1c054SMartin KaFai Lau static DEFINE_IDR(map_idr); 54f3f1c054SMartin KaFai Lau static DEFINE_SPINLOCK(map_idr_lock); 55a3b80e10SAndrii Nakryiko static DEFINE_IDR(link_idr); 56a3b80e10SAndrii Nakryiko static DEFINE_SPINLOCK(link_idr_lock); 57b121d1e7SAlexei Starovoitov 5808389d88SDaniel Borkmann int sysctl_unprivileged_bpf_disabled __read_mostly = 5908389d88SDaniel Borkmann IS_BUILTIN(CONFIG_BPF_UNPRIV_DEFAULT_OFF) ? 2 : 0; 601be7f75dSAlexei Starovoitov 6140077e0cSJohannes Berg static const struct bpf_map_ops * const bpf_map_types[] = { 6291cc1a99SAlexei Starovoitov #define BPF_PROG_TYPE(_id, _name, prog_ctx_type, kern_ctx_type) 6340077e0cSJohannes Berg #define BPF_MAP_TYPE(_id, _ops) \ 6440077e0cSJohannes Berg [_id] = &_ops, 65f2e10bffSAndrii Nakryiko #define BPF_LINK_TYPE(_id, _name) 6640077e0cSJohannes Berg #include <linux/bpf_types.h> 6740077e0cSJohannes Berg #undef BPF_PROG_TYPE 6840077e0cSJohannes Berg #undef BPF_MAP_TYPE 69f2e10bffSAndrii Nakryiko #undef BPF_LINK_TYPE 7040077e0cSJohannes Berg }; 7199c55f7dSAlexei Starovoitov 72752ba56fSMickaël Salaün /* 73752ba56fSMickaël Salaün * If we're handed a bigger struct than we know of, ensure all the unknown bits 74752ba56fSMickaël Salaün * are 0 - i.e. new user-space does not rely on any kernel feature extensions 75752ba56fSMickaël Salaün * we don't know about yet. 76752ba56fSMickaël Salaün * 77752ba56fSMickaël Salaün * There is a ToCToU between this function call and the following 78752ba56fSMickaël Salaün * copy_from_user() call. However, this is not a concern since this function is 79752ba56fSMickaël Salaün * meant to be a future-proofing of bits. 80752ba56fSMickaël Salaün */ 81af2ac3e1SAlexei Starovoitov int bpf_check_uarg_tail_zero(bpfptr_t uaddr, 8258291a74SMickaël Salaün size_t expected_size, 8358291a74SMickaël Salaün size_t actual_size) 8458291a74SMickaël Salaün { 85b7e4b65fSAl Viro int res; 8658291a74SMickaël Salaün 87752ba56fSMickaël Salaün if (unlikely(actual_size > PAGE_SIZE)) /* silly large */ 88752ba56fSMickaël Salaün return -E2BIG; 89752ba56fSMickaël Salaün 9058291a74SMickaël Salaün if (actual_size <= expected_size) 9158291a74SMickaël Salaün return 0; 9258291a74SMickaël Salaün 93af2ac3e1SAlexei Starovoitov if (uaddr.is_kernel) 94af2ac3e1SAlexei Starovoitov res = memchr_inv(uaddr.kernel + expected_size, 0, 95af2ac3e1SAlexei Starovoitov actual_size - expected_size) == NULL; 96af2ac3e1SAlexei Starovoitov else 97af2ac3e1SAlexei Starovoitov res = check_zeroed_user(uaddr.user + expected_size, 98af2ac3e1SAlexei Starovoitov actual_size - expected_size); 99b7e4b65fSAl Viro if (res < 0) 100b7e4b65fSAl Viro return res; 101b7e4b65fSAl Viro return res ? 0 : -E2BIG; 10258291a74SMickaël Salaün } 10358291a74SMickaël Salaün 104a3884572SJakub Kicinski const struct bpf_map_ops bpf_map_offload_ops = { 105f4d05259SMartin KaFai Lau .map_meta_equal = bpf_map_meta_equal, 106a3884572SJakub Kicinski .map_alloc = bpf_map_offload_map_alloc, 107a3884572SJakub Kicinski .map_free = bpf_map_offload_map_free, 108e8d2bec0SDaniel Borkmann .map_check_btf = map_check_no_btf, 1099629363cSYafang Shao .map_mem_usage = bpf_map_offload_map_mem_usage, 110a3884572SJakub Kicinski }; 111a3884572SJakub Kicinski 11299c55f7dSAlexei Starovoitov static struct bpf_map *find_and_alloc_map(union bpf_attr *attr) 11399c55f7dSAlexei Starovoitov { 1141110f3a9SJakub Kicinski const struct bpf_map_ops *ops; 1159ef09e35SMark Rutland u32 type = attr->map_type; 11699c55f7dSAlexei Starovoitov struct bpf_map *map; 1171110f3a9SJakub Kicinski int err; 11899c55f7dSAlexei Starovoitov 1199ef09e35SMark Rutland if (type >= ARRAY_SIZE(bpf_map_types)) 1201110f3a9SJakub Kicinski return ERR_PTR(-EINVAL); 1219ef09e35SMark Rutland type = array_index_nospec(type, ARRAY_SIZE(bpf_map_types)); 1229ef09e35SMark Rutland ops = bpf_map_types[type]; 1231110f3a9SJakub Kicinski if (!ops) 12440077e0cSJohannes Berg return ERR_PTR(-EINVAL); 12540077e0cSJohannes Berg 1261110f3a9SJakub Kicinski if (ops->map_alloc_check) { 1271110f3a9SJakub Kicinski err = ops->map_alloc_check(attr); 1281110f3a9SJakub Kicinski if (err) 1291110f3a9SJakub Kicinski return ERR_PTR(err); 1301110f3a9SJakub Kicinski } 131a3884572SJakub Kicinski if (attr->map_ifindex) 132a3884572SJakub Kicinski ops = &bpf_map_offload_ops; 1336b4a6ea2SYafang Shao if (!ops->map_mem_usage) 1346b4a6ea2SYafang Shao return ERR_PTR(-EINVAL); 1351110f3a9SJakub Kicinski map = ops->map_alloc(attr); 13699c55f7dSAlexei Starovoitov if (IS_ERR(map)) 13799c55f7dSAlexei Starovoitov return map; 1381110f3a9SJakub Kicinski map->ops = ops; 1399ef09e35SMark Rutland map->map_type = type; 14099c55f7dSAlexei Starovoitov return map; 14199c55f7dSAlexei Starovoitov } 14299c55f7dSAlexei Starovoitov 143353050beSDaniel Borkmann static void bpf_map_write_active_inc(struct bpf_map *map) 144353050beSDaniel Borkmann { 145353050beSDaniel Borkmann atomic64_inc(&map->writecnt); 146353050beSDaniel Borkmann } 147353050beSDaniel Borkmann 148353050beSDaniel Borkmann static void bpf_map_write_active_dec(struct bpf_map *map) 149353050beSDaniel Borkmann { 150353050beSDaniel Borkmann atomic64_dec(&map->writecnt); 151353050beSDaniel Borkmann } 152353050beSDaniel Borkmann 153353050beSDaniel Borkmann bool bpf_map_write_active(const struct bpf_map *map) 154353050beSDaniel Borkmann { 155353050beSDaniel Borkmann return atomic64_read(&map->writecnt) != 0; 156353050beSDaniel Borkmann } 157353050beSDaniel Borkmann 15880ee81e0SRoman Gushchin static u32 bpf_map_value_size(const struct bpf_map *map) 15915c14a3dSBrian Vazquez { 16015c14a3dSBrian Vazquez if (map->map_type == BPF_MAP_TYPE_PERCPU_HASH || 16115c14a3dSBrian Vazquez map->map_type == BPF_MAP_TYPE_LRU_PERCPU_HASH || 16215c14a3dSBrian Vazquez map->map_type == BPF_MAP_TYPE_PERCPU_ARRAY || 16315c14a3dSBrian Vazquez map->map_type == BPF_MAP_TYPE_PERCPU_CGROUP_STORAGE) 16415c14a3dSBrian Vazquez return round_up(map->value_size, 8) * num_possible_cpus(); 16515c14a3dSBrian Vazquez else if (IS_FD_MAP(map)) 16615c14a3dSBrian Vazquez return sizeof(u32); 16715c14a3dSBrian Vazquez else 16815c14a3dSBrian Vazquez return map->value_size; 16915c14a3dSBrian Vazquez } 17015c14a3dSBrian Vazquez 17115c14a3dSBrian Vazquez static void maybe_wait_bpf_programs(struct bpf_map *map) 17215c14a3dSBrian Vazquez { 17315c14a3dSBrian Vazquez /* Wait for any running BPF programs to complete so that 17415c14a3dSBrian Vazquez * userspace, when we return to it, knows that all programs 17515c14a3dSBrian Vazquez * that could be running use the new map value. 17615c14a3dSBrian Vazquez */ 17715c14a3dSBrian Vazquez if (map->map_type == BPF_MAP_TYPE_HASH_OF_MAPS || 17815c14a3dSBrian Vazquez map->map_type == BPF_MAP_TYPE_ARRAY_OF_MAPS) 17915c14a3dSBrian Vazquez synchronize_rcu(); 18015c14a3dSBrian Vazquez } 18115c14a3dSBrian Vazquez 1823af43ba4SHou Tao static int bpf_map_update_value(struct bpf_map *map, struct file *map_file, 1833af43ba4SHou Tao void *key, void *value, __u64 flags) 18415c14a3dSBrian Vazquez { 18515c14a3dSBrian Vazquez int err; 18615c14a3dSBrian Vazquez 18715c14a3dSBrian Vazquez /* Need to create a kthread, thus must support schedule */ 1889d03ebc7SStanislav Fomichev if (bpf_map_is_offloaded(map)) { 18915c14a3dSBrian Vazquez return bpf_map_offload_update_elem(map, key, value, flags); 19015c14a3dSBrian Vazquez } else if (map->map_type == BPF_MAP_TYPE_CPUMAP || 19115c14a3dSBrian Vazquez map->map_type == BPF_MAP_TYPE_STRUCT_OPS) { 19215c14a3dSBrian Vazquez return map->ops->map_update_elem(map, key, value, flags); 19313b79d3fSLorenz Bauer } else if (map->map_type == BPF_MAP_TYPE_SOCKHASH || 19413b79d3fSLorenz Bauer map->map_type == BPF_MAP_TYPE_SOCKMAP) { 19513b79d3fSLorenz Bauer return sock_map_update_elem_sys(map, key, value, flags); 19615c14a3dSBrian Vazquez } else if (IS_FD_PROG_ARRAY(map)) { 1973af43ba4SHou Tao return bpf_fd_array_map_update_elem(map, map_file, key, value, 19815c14a3dSBrian Vazquez flags); 19915c14a3dSBrian Vazquez } 20015c14a3dSBrian Vazquez 201b6e5dae1SThomas Gleixner bpf_disable_instrumentation(); 20215c14a3dSBrian Vazquez if (map->map_type == BPF_MAP_TYPE_PERCPU_HASH || 20315c14a3dSBrian Vazquez map->map_type == BPF_MAP_TYPE_LRU_PERCPU_HASH) { 20415c14a3dSBrian Vazquez err = bpf_percpu_hash_update(map, key, value, flags); 20515c14a3dSBrian Vazquez } else if (map->map_type == BPF_MAP_TYPE_PERCPU_ARRAY) { 20615c14a3dSBrian Vazquez err = bpf_percpu_array_update(map, key, value, flags); 20715c14a3dSBrian Vazquez } else if (map->map_type == BPF_MAP_TYPE_PERCPU_CGROUP_STORAGE) { 20815c14a3dSBrian Vazquez err = bpf_percpu_cgroup_storage_update(map, key, value, 20915c14a3dSBrian Vazquez flags); 21015c14a3dSBrian Vazquez } else if (IS_FD_ARRAY(map)) { 21115c14a3dSBrian Vazquez rcu_read_lock(); 2123af43ba4SHou Tao err = bpf_fd_array_map_update_elem(map, map_file, key, value, 21315c14a3dSBrian Vazquez flags); 21415c14a3dSBrian Vazquez rcu_read_unlock(); 21515c14a3dSBrian Vazquez } else if (map->map_type == BPF_MAP_TYPE_HASH_OF_MAPS) { 21615c14a3dSBrian Vazquez rcu_read_lock(); 2173af43ba4SHou Tao err = bpf_fd_htab_map_update_elem(map, map_file, key, value, 21815c14a3dSBrian Vazquez flags); 21915c14a3dSBrian Vazquez rcu_read_unlock(); 22015c14a3dSBrian Vazquez } else if (map->map_type == BPF_MAP_TYPE_REUSEPORT_SOCKARRAY) { 22115c14a3dSBrian Vazquez /* rcu_read_lock() is not needed */ 22215c14a3dSBrian Vazquez err = bpf_fd_reuseport_array_update_elem(map, key, value, 22315c14a3dSBrian Vazquez flags); 22415c14a3dSBrian Vazquez } else if (map->map_type == BPF_MAP_TYPE_QUEUE || 2259330986cSJoanne Koong map->map_type == BPF_MAP_TYPE_STACK || 2269330986cSJoanne Koong map->map_type == BPF_MAP_TYPE_BLOOM_FILTER) { 22715c14a3dSBrian Vazquez err = map->ops->map_push_elem(map, value, flags); 22815c14a3dSBrian Vazquez } else { 22915c14a3dSBrian Vazquez rcu_read_lock(); 23015c14a3dSBrian Vazquez err = map->ops->map_update_elem(map, key, value, flags); 23115c14a3dSBrian Vazquez rcu_read_unlock(); 23215c14a3dSBrian Vazquez } 233b6e5dae1SThomas Gleixner bpf_enable_instrumentation(); 23415c14a3dSBrian Vazquez maybe_wait_bpf_programs(map); 23515c14a3dSBrian Vazquez 23615c14a3dSBrian Vazquez return err; 23715c14a3dSBrian Vazquez } 23815c14a3dSBrian Vazquez 23915c14a3dSBrian Vazquez static int bpf_map_copy_value(struct bpf_map *map, void *key, void *value, 24015c14a3dSBrian Vazquez __u64 flags) 24115c14a3dSBrian Vazquez { 24215c14a3dSBrian Vazquez void *ptr; 24315c14a3dSBrian Vazquez int err; 24415c14a3dSBrian Vazquez 2459d03ebc7SStanislav Fomichev if (bpf_map_is_offloaded(map)) 246cb4d03abSBrian Vazquez return bpf_map_offload_lookup_elem(map, key, value); 24715c14a3dSBrian Vazquez 248b6e5dae1SThomas Gleixner bpf_disable_instrumentation(); 24915c14a3dSBrian Vazquez if (map->map_type == BPF_MAP_TYPE_PERCPU_HASH || 25015c14a3dSBrian Vazquez map->map_type == BPF_MAP_TYPE_LRU_PERCPU_HASH) { 25115c14a3dSBrian Vazquez err = bpf_percpu_hash_copy(map, key, value); 25215c14a3dSBrian Vazquez } else if (map->map_type == BPF_MAP_TYPE_PERCPU_ARRAY) { 25315c14a3dSBrian Vazquez err = bpf_percpu_array_copy(map, key, value); 25415c14a3dSBrian Vazquez } else if (map->map_type == BPF_MAP_TYPE_PERCPU_CGROUP_STORAGE) { 25515c14a3dSBrian Vazquez err = bpf_percpu_cgroup_storage_copy(map, key, value); 25615c14a3dSBrian Vazquez } else if (map->map_type == BPF_MAP_TYPE_STACK_TRACE) { 25715c14a3dSBrian Vazquez err = bpf_stackmap_copy(map, key, value); 25815c14a3dSBrian Vazquez } else if (IS_FD_ARRAY(map) || IS_FD_PROG_ARRAY(map)) { 25915c14a3dSBrian Vazquez err = bpf_fd_array_map_lookup_elem(map, key, value); 26015c14a3dSBrian Vazquez } else if (IS_FD_HASH(map)) { 26115c14a3dSBrian Vazquez err = bpf_fd_htab_map_lookup_elem(map, key, value); 26215c14a3dSBrian Vazquez } else if (map->map_type == BPF_MAP_TYPE_REUSEPORT_SOCKARRAY) { 26315c14a3dSBrian Vazquez err = bpf_fd_reuseport_array_lookup_elem(map, key, value); 26415c14a3dSBrian Vazquez } else if (map->map_type == BPF_MAP_TYPE_QUEUE || 2659330986cSJoanne Koong map->map_type == BPF_MAP_TYPE_STACK || 2669330986cSJoanne Koong map->map_type == BPF_MAP_TYPE_BLOOM_FILTER) { 26715c14a3dSBrian Vazquez err = map->ops->map_peek_elem(map, value); 26815c14a3dSBrian Vazquez } else if (map->map_type == BPF_MAP_TYPE_STRUCT_OPS) { 26915c14a3dSBrian Vazquez /* struct_ops map requires directly updating "value" */ 27015c14a3dSBrian Vazquez err = bpf_struct_ops_map_sys_lookup_elem(map, key, value); 27115c14a3dSBrian Vazquez } else { 27215c14a3dSBrian Vazquez rcu_read_lock(); 27315c14a3dSBrian Vazquez if (map->ops->map_lookup_elem_sys_only) 27415c14a3dSBrian Vazquez ptr = map->ops->map_lookup_elem_sys_only(map, key); 27515c14a3dSBrian Vazquez else 27615c14a3dSBrian Vazquez ptr = map->ops->map_lookup_elem(map, key); 27715c14a3dSBrian Vazquez if (IS_ERR(ptr)) { 27815c14a3dSBrian Vazquez err = PTR_ERR(ptr); 27915c14a3dSBrian Vazquez } else if (!ptr) { 28015c14a3dSBrian Vazquez err = -ENOENT; 28115c14a3dSBrian Vazquez } else { 28215c14a3dSBrian Vazquez err = 0; 28315c14a3dSBrian Vazquez if (flags & BPF_F_LOCK) 28415c14a3dSBrian Vazquez /* lock 'ptr' and copy everything but lock */ 28515c14a3dSBrian Vazquez copy_map_value_locked(map, value, ptr, true); 28615c14a3dSBrian Vazquez else 28715c14a3dSBrian Vazquez copy_map_value(map, value, ptr); 28868134668SAlexei Starovoitov /* mask lock and timer, since value wasn't zero inited */ 28968134668SAlexei Starovoitov check_and_init_map_value(map, value); 29015c14a3dSBrian Vazquez } 29115c14a3dSBrian Vazquez rcu_read_unlock(); 29215c14a3dSBrian Vazquez } 29315c14a3dSBrian Vazquez 294b6e5dae1SThomas Gleixner bpf_enable_instrumentation(); 29515c14a3dSBrian Vazquez maybe_wait_bpf_programs(map); 29615c14a3dSBrian Vazquez 29715c14a3dSBrian Vazquez return err; 29815c14a3dSBrian Vazquez } 29915c14a3dSBrian Vazquez 300d5299b67SRoman Gushchin /* Please, do not use this function outside from the map creation path 301d5299b67SRoman Gushchin * (e.g. in map update path) without taking care of setting the active 302d5299b67SRoman Gushchin * memory cgroup (see at bpf_map_kmalloc_node() for example). 303d5299b67SRoman Gushchin */ 304196e8ca7SDaniel Borkmann static void *__bpf_map_area_alloc(u64 size, int numa_node, bool mmapable) 305d407bd25SDaniel Borkmann { 306f01a7dbeSMartynas Pumputis /* We really just want to fail instead of triggering OOM killer 307f01a7dbeSMartynas Pumputis * under memory pressure, therefore we set __GFP_NORETRY to kmalloc, 308f01a7dbeSMartynas Pumputis * which is used for lower order allocation requests. 309f01a7dbeSMartynas Pumputis * 310f01a7dbeSMartynas Pumputis * It has been observed that higher order allocation requests done by 311f01a7dbeSMartynas Pumputis * vmalloc with __GFP_NORETRY being set might fail due to not trying 312f01a7dbeSMartynas Pumputis * to reclaim memory from the page cache, thus we set 313f01a7dbeSMartynas Pumputis * __GFP_RETRY_MAYFAIL to avoid such situations. 314d407bd25SDaniel Borkmann */ 315f01a7dbeSMartynas Pumputis 316ee53cbfbSYafang Shao gfp_t gfp = bpf_memcg_flags(__GFP_NOWARN | __GFP_ZERO); 317041de93fSChristoph Hellwig unsigned int flags = 0; 318041de93fSChristoph Hellwig unsigned long align = 1; 319d407bd25SDaniel Borkmann void *area; 320d407bd25SDaniel Borkmann 321196e8ca7SDaniel Borkmann if (size >= SIZE_MAX) 322196e8ca7SDaniel Borkmann return NULL; 323196e8ca7SDaniel Borkmann 324fc970227SAndrii Nakryiko /* kmalloc()'ed memory can't be mmap()'ed */ 325041de93fSChristoph Hellwig if (mmapable) { 326041de93fSChristoph Hellwig BUG_ON(!PAGE_ALIGNED(size)); 327041de93fSChristoph Hellwig align = SHMLBA; 328041de93fSChristoph Hellwig flags = VM_USERMAP; 329041de93fSChristoph Hellwig } else if (size <= (PAGE_SIZE << PAGE_ALLOC_COSTLY_ORDER)) { 330041de93fSChristoph Hellwig area = kmalloc_node(size, gfp | GFP_USER | __GFP_NORETRY, 331f01a7dbeSMartynas Pumputis numa_node); 332d407bd25SDaniel Borkmann if (area != NULL) 333d407bd25SDaniel Borkmann return area; 334d407bd25SDaniel Borkmann } 335041de93fSChristoph Hellwig 336041de93fSChristoph Hellwig return __vmalloc_node_range(size, align, VMALLOC_START, VMALLOC_END, 337041de93fSChristoph Hellwig gfp | GFP_KERNEL | __GFP_RETRY_MAYFAIL, PAGE_KERNEL, 338041de93fSChristoph Hellwig flags, numa_node, __builtin_return_address(0)); 339d407bd25SDaniel Borkmann } 340d407bd25SDaniel Borkmann 341196e8ca7SDaniel Borkmann void *bpf_map_area_alloc(u64 size, int numa_node) 342fc970227SAndrii Nakryiko { 343fc970227SAndrii Nakryiko return __bpf_map_area_alloc(size, numa_node, false); 344fc970227SAndrii Nakryiko } 345fc970227SAndrii Nakryiko 346196e8ca7SDaniel Borkmann void *bpf_map_area_mmapable_alloc(u64 size, int numa_node) 347fc970227SAndrii Nakryiko { 348fc970227SAndrii Nakryiko return __bpf_map_area_alloc(size, numa_node, true); 349fc970227SAndrii Nakryiko } 350fc970227SAndrii Nakryiko 351d407bd25SDaniel Borkmann void bpf_map_area_free(void *area) 352d407bd25SDaniel Borkmann { 353d407bd25SDaniel Borkmann kvfree(area); 354d407bd25SDaniel Borkmann } 355d407bd25SDaniel Borkmann 356be70bcd5SDaniel Borkmann static u32 bpf_map_flags_retain_permanent(u32 flags) 357be70bcd5SDaniel Borkmann { 358be70bcd5SDaniel Borkmann /* Some map creation flags are not tied to the map object but 359be70bcd5SDaniel Borkmann * rather to the map fd instead, so they have no meaning upon 360be70bcd5SDaniel Borkmann * map object inspection since multiple file descriptors with 361be70bcd5SDaniel Borkmann * different (access) properties can exist here. Thus, given 362be70bcd5SDaniel Borkmann * this has zero meaning for the map itself, lets clear these 363be70bcd5SDaniel Borkmann * from here. 364be70bcd5SDaniel Borkmann */ 365be70bcd5SDaniel Borkmann return flags & ~(BPF_F_RDONLY | BPF_F_WRONLY); 366be70bcd5SDaniel Borkmann } 367be70bcd5SDaniel Borkmann 368bd475643SJakub Kicinski void bpf_map_init_from_attr(struct bpf_map *map, union bpf_attr *attr) 369bd475643SJakub Kicinski { 370bd475643SJakub Kicinski map->map_type = attr->map_type; 371bd475643SJakub Kicinski map->key_size = attr->key_size; 372bd475643SJakub Kicinski map->value_size = attr->value_size; 373bd475643SJakub Kicinski map->max_entries = attr->max_entries; 374be70bcd5SDaniel Borkmann map->map_flags = bpf_map_flags_retain_permanent(attr->map_flags); 375bd475643SJakub Kicinski map->numa_node = bpf_map_attr_numa_node(attr); 3769330986cSJoanne Koong map->map_extra = attr->map_extra; 377bd475643SJakub Kicinski } 378bd475643SJakub Kicinski 379f3f1c054SMartin KaFai Lau static int bpf_map_alloc_id(struct bpf_map *map) 380f3f1c054SMartin KaFai Lau { 381f3f1c054SMartin KaFai Lau int id; 382f3f1c054SMartin KaFai Lau 383b76354cdSShaohua Li idr_preload(GFP_KERNEL); 384f3f1c054SMartin KaFai Lau spin_lock_bh(&map_idr_lock); 385f3f1c054SMartin KaFai Lau id = idr_alloc_cyclic(&map_idr, map, 1, INT_MAX, GFP_ATOMIC); 386f3f1c054SMartin KaFai Lau if (id > 0) 387f3f1c054SMartin KaFai Lau map->id = id; 388f3f1c054SMartin KaFai Lau spin_unlock_bh(&map_idr_lock); 389b76354cdSShaohua Li idr_preload_end(); 390f3f1c054SMartin KaFai Lau 391f3f1c054SMartin KaFai Lau if (WARN_ON_ONCE(!id)) 392f3f1c054SMartin KaFai Lau return -ENOSPC; 393f3f1c054SMartin KaFai Lau 394f3f1c054SMartin KaFai Lau return id > 0 ? 0 : id; 395f3f1c054SMartin KaFai Lau } 396f3f1c054SMartin KaFai Lau 397158e5e9eSTobias Klauser void bpf_map_free_id(struct bpf_map *map) 398f3f1c054SMartin KaFai Lau { 399930651a7SEric Dumazet unsigned long flags; 400930651a7SEric Dumazet 401a3884572SJakub Kicinski /* Offloaded maps are removed from the IDR store when their device 402a3884572SJakub Kicinski * disappears - even if someone holds an fd to them they are unusable, 403a3884572SJakub Kicinski * the memory is gone, all ops will fail; they are simply waiting for 404a3884572SJakub Kicinski * refcnt to drop to be freed. 405a3884572SJakub Kicinski */ 406a3884572SJakub Kicinski if (!map->id) 407a3884572SJakub Kicinski return; 408a3884572SJakub Kicinski 409930651a7SEric Dumazet spin_lock_irqsave(&map_idr_lock, flags); 410bd5f5f4eSMartin KaFai Lau 411f3f1c054SMartin KaFai Lau idr_remove(&map_idr, map->id); 412a3884572SJakub Kicinski map->id = 0; 413bd5f5f4eSMartin KaFai Lau 414930651a7SEric Dumazet spin_unlock_irqrestore(&map_idr_lock, flags); 415f3f1c054SMartin KaFai Lau } 416f3f1c054SMartin KaFai Lau 41748edc1f7SRoman Gushchin #ifdef CONFIG_MEMCG_KMEM 41848edc1f7SRoman Gushchin static void bpf_map_save_memcg(struct bpf_map *map) 41948edc1f7SRoman Gushchin { 4204201d9abSRoman Gushchin /* Currently if a map is created by a process belonging to the root 4214201d9abSRoman Gushchin * memory cgroup, get_obj_cgroup_from_current() will return NULL. 4224201d9abSRoman Gushchin * So we have to check map->objcg for being NULL each time it's 4234201d9abSRoman Gushchin * being used. 4244201d9abSRoman Gushchin */ 425ee53cbfbSYafang Shao if (memcg_bpf_enabled()) 4264201d9abSRoman Gushchin map->objcg = get_obj_cgroup_from_current(); 42748edc1f7SRoman Gushchin } 42848edc1f7SRoman Gushchin 42948edc1f7SRoman Gushchin static void bpf_map_release_memcg(struct bpf_map *map) 43048edc1f7SRoman Gushchin { 4314201d9abSRoman Gushchin if (map->objcg) 4324201d9abSRoman Gushchin obj_cgroup_put(map->objcg); 4334201d9abSRoman Gushchin } 4344201d9abSRoman Gushchin 4354201d9abSRoman Gushchin static struct mem_cgroup *bpf_map_get_memcg(const struct bpf_map *map) 4364201d9abSRoman Gushchin { 4374201d9abSRoman Gushchin if (map->objcg) 4384201d9abSRoman Gushchin return get_mem_cgroup_from_objcg(map->objcg); 4394201d9abSRoman Gushchin 4404201d9abSRoman Gushchin return root_mem_cgroup; 44148edc1f7SRoman Gushchin } 44248edc1f7SRoman Gushchin 44348edc1f7SRoman Gushchin void *bpf_map_kmalloc_node(const struct bpf_map *map, size_t size, gfp_t flags, 44448edc1f7SRoman Gushchin int node) 44548edc1f7SRoman Gushchin { 4464201d9abSRoman Gushchin struct mem_cgroup *memcg, *old_memcg; 44748edc1f7SRoman Gushchin void *ptr; 44848edc1f7SRoman Gushchin 4494201d9abSRoman Gushchin memcg = bpf_map_get_memcg(map); 4504201d9abSRoman Gushchin old_memcg = set_active_memcg(memcg); 45148edc1f7SRoman Gushchin ptr = kmalloc_node(size, flags | __GFP_ACCOUNT, node); 45248edc1f7SRoman Gushchin set_active_memcg(old_memcg); 4534201d9abSRoman Gushchin mem_cgroup_put(memcg); 45448edc1f7SRoman Gushchin 45548edc1f7SRoman Gushchin return ptr; 45648edc1f7SRoman Gushchin } 45748edc1f7SRoman Gushchin 45848edc1f7SRoman Gushchin void *bpf_map_kzalloc(const struct bpf_map *map, size_t size, gfp_t flags) 45948edc1f7SRoman Gushchin { 4604201d9abSRoman Gushchin struct mem_cgroup *memcg, *old_memcg; 46148edc1f7SRoman Gushchin void *ptr; 46248edc1f7SRoman Gushchin 4634201d9abSRoman Gushchin memcg = bpf_map_get_memcg(map); 4644201d9abSRoman Gushchin old_memcg = set_active_memcg(memcg); 46548edc1f7SRoman Gushchin ptr = kzalloc(size, flags | __GFP_ACCOUNT); 46648edc1f7SRoman Gushchin set_active_memcg(old_memcg); 4674201d9abSRoman Gushchin mem_cgroup_put(memcg); 46848edc1f7SRoman Gushchin 46948edc1f7SRoman Gushchin return ptr; 47048edc1f7SRoman Gushchin } 47148edc1f7SRoman Gushchin 472ddef81b5SYafang Shao void *bpf_map_kvcalloc(struct bpf_map *map, size_t n, size_t size, 473ddef81b5SYafang Shao gfp_t flags) 474ddef81b5SYafang Shao { 475ddef81b5SYafang Shao struct mem_cgroup *memcg, *old_memcg; 476ddef81b5SYafang Shao void *ptr; 477ddef81b5SYafang Shao 478ddef81b5SYafang Shao memcg = bpf_map_get_memcg(map); 479ddef81b5SYafang Shao old_memcg = set_active_memcg(memcg); 480ddef81b5SYafang Shao ptr = kvcalloc(n, size, flags | __GFP_ACCOUNT); 481ddef81b5SYafang Shao set_active_memcg(old_memcg); 482ddef81b5SYafang Shao mem_cgroup_put(memcg); 483ddef81b5SYafang Shao 484ddef81b5SYafang Shao return ptr; 485ddef81b5SYafang Shao } 486ddef81b5SYafang Shao 48748edc1f7SRoman Gushchin void __percpu *bpf_map_alloc_percpu(const struct bpf_map *map, size_t size, 48848edc1f7SRoman Gushchin size_t align, gfp_t flags) 48948edc1f7SRoman Gushchin { 4904201d9abSRoman Gushchin struct mem_cgroup *memcg, *old_memcg; 49148edc1f7SRoman Gushchin void __percpu *ptr; 49248edc1f7SRoman Gushchin 4934201d9abSRoman Gushchin memcg = bpf_map_get_memcg(map); 4944201d9abSRoman Gushchin old_memcg = set_active_memcg(memcg); 49548edc1f7SRoman Gushchin ptr = __alloc_percpu_gfp(size, align, flags | __GFP_ACCOUNT); 49648edc1f7SRoman Gushchin set_active_memcg(old_memcg); 4974201d9abSRoman Gushchin mem_cgroup_put(memcg); 49848edc1f7SRoman Gushchin 49948edc1f7SRoman Gushchin return ptr; 50048edc1f7SRoman Gushchin } 50148edc1f7SRoman Gushchin 50248edc1f7SRoman Gushchin #else 50348edc1f7SRoman Gushchin static void bpf_map_save_memcg(struct bpf_map *map) 50448edc1f7SRoman Gushchin { 50548edc1f7SRoman Gushchin } 50648edc1f7SRoman Gushchin 50748edc1f7SRoman Gushchin static void bpf_map_release_memcg(struct bpf_map *map) 50848edc1f7SRoman Gushchin { 50948edc1f7SRoman Gushchin } 51048edc1f7SRoman Gushchin #endif 51148edc1f7SRoman Gushchin 512aa3496acSKumar Kartikeya Dwivedi static int btf_field_cmp(const void *a, const void *b) 51361df10c7SKumar Kartikeya Dwivedi { 514aa3496acSKumar Kartikeya Dwivedi const struct btf_field *f1 = a, *f2 = b; 51561df10c7SKumar Kartikeya Dwivedi 516aa3496acSKumar Kartikeya Dwivedi if (f1->offset < f2->offset) 51761df10c7SKumar Kartikeya Dwivedi return -1; 518aa3496acSKumar Kartikeya Dwivedi else if (f1->offset > f2->offset) 51961df10c7SKumar Kartikeya Dwivedi return 1; 52061df10c7SKumar Kartikeya Dwivedi return 0; 52161df10c7SKumar Kartikeya Dwivedi } 52261df10c7SKumar Kartikeya Dwivedi 523aa3496acSKumar Kartikeya Dwivedi struct btf_field *btf_record_find(const struct btf_record *rec, u32 offset, 52474843b57SDave Marchevsky u32 field_mask) 52561df10c7SKumar Kartikeya Dwivedi { 526aa3496acSKumar Kartikeya Dwivedi struct btf_field *field; 52761df10c7SKumar Kartikeya Dwivedi 52874843b57SDave Marchevsky if (IS_ERR_OR_NULL(rec) || !(rec->field_mask & field_mask)) 52961df10c7SKumar Kartikeya Dwivedi return NULL; 530aa3496acSKumar Kartikeya Dwivedi field = bsearch(&offset, rec->fields, rec->cnt, sizeof(rec->fields[0]), btf_field_cmp); 53174843b57SDave Marchevsky if (!field || !(field->type & field_mask)) 532aa3496acSKumar Kartikeya Dwivedi return NULL; 533aa3496acSKumar Kartikeya Dwivedi return field; 53461df10c7SKumar Kartikeya Dwivedi } 53561df10c7SKumar Kartikeya Dwivedi 536aa3496acSKumar Kartikeya Dwivedi void btf_record_free(struct btf_record *rec) 53761df10c7SKumar Kartikeya Dwivedi { 53861df10c7SKumar Kartikeya Dwivedi int i; 53961df10c7SKumar Kartikeya Dwivedi 540aa3496acSKumar Kartikeya Dwivedi if (IS_ERR_OR_NULL(rec)) 54161df10c7SKumar Kartikeya Dwivedi return; 542aa3496acSKumar Kartikeya Dwivedi for (i = 0; i < rec->cnt; i++) { 543aa3496acSKumar Kartikeya Dwivedi switch (rec->fields[i].type) { 544aa3496acSKumar Kartikeya Dwivedi case BPF_KPTR_UNREF: 545aa3496acSKumar Kartikeya Dwivedi case BPF_KPTR_REF: 546aa3496acSKumar Kartikeya Dwivedi if (rec->fields[i].kptr.module) 547aa3496acSKumar Kartikeya Dwivedi module_put(rec->fields[i].kptr.module); 548aa3496acSKumar Kartikeya Dwivedi btf_put(rec->fields[i].kptr.btf); 549aa3496acSKumar Kartikeya Dwivedi break; 550f0c5941fSKumar Kartikeya Dwivedi case BPF_LIST_HEAD: 5518ffa5cc1SKumar Kartikeya Dwivedi case BPF_LIST_NODE: 5529c395c1bSDave Marchevsky case BPF_RB_ROOT: 5539c395c1bSDave Marchevsky case BPF_RB_NODE: 5549c395c1bSDave Marchevsky case BPF_SPIN_LOCK: 5559c395c1bSDave Marchevsky case BPF_TIMER: 556d54730b5SDave Marchevsky case BPF_REFCOUNT: 5579c395c1bSDave Marchevsky /* Nothing to release */ 558f0c5941fSKumar Kartikeya Dwivedi break; 559aa3496acSKumar Kartikeya Dwivedi default: 560aa3496acSKumar Kartikeya Dwivedi WARN_ON_ONCE(1); 56114a324f6SKumar Kartikeya Dwivedi continue; 56214a324f6SKumar Kartikeya Dwivedi } 563aa3496acSKumar Kartikeya Dwivedi } 564aa3496acSKumar Kartikeya Dwivedi kfree(rec); 565aa3496acSKumar Kartikeya Dwivedi } 566aa3496acSKumar Kartikeya Dwivedi 567aa3496acSKumar Kartikeya Dwivedi void bpf_map_free_record(struct bpf_map *map) 568aa3496acSKumar Kartikeya Dwivedi { 569aa3496acSKumar Kartikeya Dwivedi btf_record_free(map->record); 570aa3496acSKumar Kartikeya Dwivedi map->record = NULL; 571aa3496acSKumar Kartikeya Dwivedi } 572aa3496acSKumar Kartikeya Dwivedi 573aa3496acSKumar Kartikeya Dwivedi struct btf_record *btf_record_dup(const struct btf_record *rec) 574aa3496acSKumar Kartikeya Dwivedi { 575aa3496acSKumar Kartikeya Dwivedi const struct btf_field *fields; 576aa3496acSKumar Kartikeya Dwivedi struct btf_record *new_rec; 577aa3496acSKumar Kartikeya Dwivedi int ret, size, i; 578aa3496acSKumar Kartikeya Dwivedi 579aa3496acSKumar Kartikeya Dwivedi if (IS_ERR_OR_NULL(rec)) 580aa3496acSKumar Kartikeya Dwivedi return NULL; 581aa3496acSKumar Kartikeya Dwivedi size = offsetof(struct btf_record, fields[rec->cnt]); 582aa3496acSKumar Kartikeya Dwivedi new_rec = kmemdup(rec, size, GFP_KERNEL | __GFP_NOWARN); 583aa3496acSKumar Kartikeya Dwivedi if (!new_rec) 584aa3496acSKumar Kartikeya Dwivedi return ERR_PTR(-ENOMEM); 585aa3496acSKumar Kartikeya Dwivedi /* Do a deep copy of the btf_record */ 586aa3496acSKumar Kartikeya Dwivedi fields = rec->fields; 587aa3496acSKumar Kartikeya Dwivedi new_rec->cnt = 0; 588aa3496acSKumar Kartikeya Dwivedi for (i = 0; i < rec->cnt; i++) { 589aa3496acSKumar Kartikeya Dwivedi switch (fields[i].type) { 590aa3496acSKumar Kartikeya Dwivedi case BPF_KPTR_UNREF: 591aa3496acSKumar Kartikeya Dwivedi case BPF_KPTR_REF: 592aa3496acSKumar Kartikeya Dwivedi btf_get(fields[i].kptr.btf); 593aa3496acSKumar Kartikeya Dwivedi if (fields[i].kptr.module && !try_module_get(fields[i].kptr.module)) { 594aa3496acSKumar Kartikeya Dwivedi ret = -ENXIO; 595aa3496acSKumar Kartikeya Dwivedi goto free; 596aa3496acSKumar Kartikeya Dwivedi } 597aa3496acSKumar Kartikeya Dwivedi break; 598f0c5941fSKumar Kartikeya Dwivedi case BPF_LIST_HEAD: 5998ffa5cc1SKumar Kartikeya Dwivedi case BPF_LIST_NODE: 6009c395c1bSDave Marchevsky case BPF_RB_ROOT: 6019c395c1bSDave Marchevsky case BPF_RB_NODE: 6029c395c1bSDave Marchevsky case BPF_SPIN_LOCK: 6039c395c1bSDave Marchevsky case BPF_TIMER: 604d54730b5SDave Marchevsky case BPF_REFCOUNT: 6059c395c1bSDave Marchevsky /* Nothing to acquire */ 606f0c5941fSKumar Kartikeya Dwivedi break; 607aa3496acSKumar Kartikeya Dwivedi default: 608aa3496acSKumar Kartikeya Dwivedi ret = -EFAULT; 609aa3496acSKumar Kartikeya Dwivedi WARN_ON_ONCE(1); 610aa3496acSKumar Kartikeya Dwivedi goto free; 611aa3496acSKumar Kartikeya Dwivedi } 612aa3496acSKumar Kartikeya Dwivedi new_rec->cnt++; 613aa3496acSKumar Kartikeya Dwivedi } 614aa3496acSKumar Kartikeya Dwivedi return new_rec; 615aa3496acSKumar Kartikeya Dwivedi free: 616aa3496acSKumar Kartikeya Dwivedi btf_record_free(new_rec); 617aa3496acSKumar Kartikeya Dwivedi return ERR_PTR(ret); 618aa3496acSKumar Kartikeya Dwivedi } 619aa3496acSKumar Kartikeya Dwivedi 620aa3496acSKumar Kartikeya Dwivedi bool btf_record_equal(const struct btf_record *rec_a, const struct btf_record *rec_b) 621aa3496acSKumar Kartikeya Dwivedi { 622aa3496acSKumar Kartikeya Dwivedi bool a_has_fields = !IS_ERR_OR_NULL(rec_a), b_has_fields = !IS_ERR_OR_NULL(rec_b); 623aa3496acSKumar Kartikeya Dwivedi int size; 624aa3496acSKumar Kartikeya Dwivedi 625aa3496acSKumar Kartikeya Dwivedi if (!a_has_fields && !b_has_fields) 626aa3496acSKumar Kartikeya Dwivedi return true; 627aa3496acSKumar Kartikeya Dwivedi if (a_has_fields != b_has_fields) 628aa3496acSKumar Kartikeya Dwivedi return false; 629aa3496acSKumar Kartikeya Dwivedi if (rec_a->cnt != rec_b->cnt) 630aa3496acSKumar Kartikeya Dwivedi return false; 631aa3496acSKumar Kartikeya Dwivedi size = offsetof(struct btf_record, fields[rec_a->cnt]); 632c22dfdd2SKumar Kartikeya Dwivedi /* btf_parse_fields uses kzalloc to allocate a btf_record, so unused 633c22dfdd2SKumar Kartikeya Dwivedi * members are zeroed out. So memcmp is safe to do without worrying 634c22dfdd2SKumar Kartikeya Dwivedi * about padding/unused fields. 635c22dfdd2SKumar Kartikeya Dwivedi * 636c22dfdd2SKumar Kartikeya Dwivedi * While spin_lock, timer, and kptr have no relation to map BTF, 637c22dfdd2SKumar Kartikeya Dwivedi * list_head metadata is specific to map BTF, the btf and value_rec 638c22dfdd2SKumar Kartikeya Dwivedi * members in particular. btf is the map BTF, while value_rec points to 639c22dfdd2SKumar Kartikeya Dwivedi * btf_record in that map BTF. 640c22dfdd2SKumar Kartikeya Dwivedi * 641c22dfdd2SKumar Kartikeya Dwivedi * So while by default, we don't rely on the map BTF (which the records 642c22dfdd2SKumar Kartikeya Dwivedi * were parsed from) matching for both records, which is not backwards 643c22dfdd2SKumar Kartikeya Dwivedi * compatible, in case list_head is part of it, we implicitly rely on 644c22dfdd2SKumar Kartikeya Dwivedi * that by way of depending on memcmp succeeding for it. 645c22dfdd2SKumar Kartikeya Dwivedi */ 646aa3496acSKumar Kartikeya Dwivedi return !memcmp(rec_a, rec_b, size); 647aa3496acSKumar Kartikeya Dwivedi } 648aa3496acSKumar Kartikeya Dwivedi 649db559117SKumar Kartikeya Dwivedi void bpf_obj_free_timer(const struct btf_record *rec, void *obj) 650db559117SKumar Kartikeya Dwivedi { 651db559117SKumar Kartikeya Dwivedi if (WARN_ON_ONCE(!btf_record_has_field(rec, BPF_TIMER))) 652db559117SKumar Kartikeya Dwivedi return; 653db559117SKumar Kartikeya Dwivedi bpf_timer_cancel_and_free(obj + rec->timer_off); 654db559117SKumar Kartikeya Dwivedi } 655db559117SKumar Kartikeya Dwivedi 6569e36a204SDave Marchevsky extern void __bpf_obj_drop_impl(void *p, const struct btf_record *rec); 6579e36a204SDave Marchevsky 658aa3496acSKumar Kartikeya Dwivedi void bpf_obj_free_fields(const struct btf_record *rec, void *obj) 659aa3496acSKumar Kartikeya Dwivedi { 660aa3496acSKumar Kartikeya Dwivedi const struct btf_field *fields; 661aa3496acSKumar Kartikeya Dwivedi int i; 662aa3496acSKumar Kartikeya Dwivedi 663aa3496acSKumar Kartikeya Dwivedi if (IS_ERR_OR_NULL(rec)) 664aa3496acSKumar Kartikeya Dwivedi return; 665aa3496acSKumar Kartikeya Dwivedi fields = rec->fields; 666aa3496acSKumar Kartikeya Dwivedi for (i = 0; i < rec->cnt; i++) { 667c8e18754SDave Marchevsky struct btf_struct_meta *pointee_struct_meta; 668aa3496acSKumar Kartikeya Dwivedi const struct btf_field *field = &fields[i]; 669aa3496acSKumar Kartikeya Dwivedi void *field_ptr = obj + field->offset; 670c8e18754SDave Marchevsky void *xchgd_field; 671aa3496acSKumar Kartikeya Dwivedi 672aa3496acSKumar Kartikeya Dwivedi switch (fields[i].type) { 673db559117SKumar Kartikeya Dwivedi case BPF_SPIN_LOCK: 674db559117SKumar Kartikeya Dwivedi break; 675db559117SKumar Kartikeya Dwivedi case BPF_TIMER: 676db559117SKumar Kartikeya Dwivedi bpf_timer_cancel_and_free(field_ptr); 677db559117SKumar Kartikeya Dwivedi break; 678aa3496acSKumar Kartikeya Dwivedi case BPF_KPTR_UNREF: 679aa3496acSKumar Kartikeya Dwivedi WRITE_ONCE(*(u64 *)field_ptr, 0); 680aa3496acSKumar Kartikeya Dwivedi break; 681aa3496acSKumar Kartikeya Dwivedi case BPF_KPTR_REF: 682c8e18754SDave Marchevsky xchgd_field = (void *)xchg((unsigned long *)field_ptr, 0); 6831431d0b5SDavid Vernet if (!xchgd_field) 6841431d0b5SDavid Vernet break; 6851431d0b5SDavid Vernet 686c8e18754SDave Marchevsky if (!btf_is_kernel(field->kptr.btf)) { 687c8e18754SDave Marchevsky pointee_struct_meta = btf_find_struct_meta(field->kptr.btf, 688c8e18754SDave Marchevsky field->kptr.btf_id); 689c8e18754SDave Marchevsky WARN_ON_ONCE(!pointee_struct_meta); 6909e36a204SDave Marchevsky migrate_disable(); 6919e36a204SDave Marchevsky __bpf_obj_drop_impl(xchgd_field, pointee_struct_meta ? 692c8e18754SDave Marchevsky pointee_struct_meta->record : 693c8e18754SDave Marchevsky NULL); 6949e36a204SDave Marchevsky migrate_enable(); 695c8e18754SDave Marchevsky } else { 696c8e18754SDave Marchevsky field->kptr.dtor(xchgd_field); 697c8e18754SDave Marchevsky } 698aa3496acSKumar Kartikeya Dwivedi break; 699f0c5941fSKumar Kartikeya Dwivedi case BPF_LIST_HEAD: 700f0c5941fSKumar Kartikeya Dwivedi if (WARN_ON_ONCE(rec->spin_lock_off < 0)) 701f0c5941fSKumar Kartikeya Dwivedi continue; 702f0c5941fSKumar Kartikeya Dwivedi bpf_list_head_free(field, field_ptr, obj + rec->spin_lock_off); 703f0c5941fSKumar Kartikeya Dwivedi break; 7049c395c1bSDave Marchevsky case BPF_RB_ROOT: 7059c395c1bSDave Marchevsky if (WARN_ON_ONCE(rec->spin_lock_off < 0)) 7069c395c1bSDave Marchevsky continue; 7079c395c1bSDave Marchevsky bpf_rb_root_free(field, field_ptr, obj + rec->spin_lock_off); 7089c395c1bSDave Marchevsky break; 7098ffa5cc1SKumar Kartikeya Dwivedi case BPF_LIST_NODE: 7109c395c1bSDave Marchevsky case BPF_RB_NODE: 711d54730b5SDave Marchevsky case BPF_REFCOUNT: 7128ffa5cc1SKumar Kartikeya Dwivedi break; 713aa3496acSKumar Kartikeya Dwivedi default: 714aa3496acSKumar Kartikeya Dwivedi WARN_ON_ONCE(1); 715aa3496acSKumar Kartikeya Dwivedi continue; 716aa3496acSKumar Kartikeya Dwivedi } 71714a324f6SKumar Kartikeya Dwivedi } 71814a324f6SKumar Kartikeya Dwivedi } 71914a324f6SKumar Kartikeya Dwivedi 72099c55f7dSAlexei Starovoitov /* called from workqueue */ 72199c55f7dSAlexei Starovoitov static void bpf_map_free_deferred(struct work_struct *work) 72299c55f7dSAlexei Starovoitov { 72399c55f7dSAlexei Starovoitov struct bpf_map *map = container_of(work, struct bpf_map, work); 724d7f5ef65SKumar Kartikeya Dwivedi struct btf_record *rec = map->record; 72599c55f7dSAlexei Starovoitov 726afdb09c7SChenbo Feng security_bpf_map_free(map); 72748edc1f7SRoman Gushchin bpf_map_release_memcg(map); 728d7f5ef65SKumar Kartikeya Dwivedi /* implementation dependent freeing */ 72999c55f7dSAlexei Starovoitov map->ops->map_free(map); 730cd2a8079SDave Marchevsky /* Delay freeing of btf_record for maps, as map_free 731d7f5ef65SKumar Kartikeya Dwivedi * callback usually needs access to them. It is better to do it here 732d7f5ef65SKumar Kartikeya Dwivedi * than require each callback to do the free itself manually. 733d7f5ef65SKumar Kartikeya Dwivedi * 734d7f5ef65SKumar Kartikeya Dwivedi * Note that the btf_record stashed in map->inner_map_meta->record was 735d7f5ef65SKumar Kartikeya Dwivedi * already freed using the map_free callback for map in map case which 736d7f5ef65SKumar Kartikeya Dwivedi * eventually calls bpf_map_free_meta, since inner_map_meta is only a 737d7f5ef65SKumar Kartikeya Dwivedi * template bpf_map struct used during verification. 738d7f5ef65SKumar Kartikeya Dwivedi */ 739d7f5ef65SKumar Kartikeya Dwivedi btf_record_free(rec); 74099c55f7dSAlexei Starovoitov } 74199c55f7dSAlexei Starovoitov 742c9da161cSDaniel Borkmann static void bpf_map_put_uref(struct bpf_map *map) 743c9da161cSDaniel Borkmann { 7441e0bd5a0SAndrii Nakryiko if (atomic64_dec_and_test(&map->usercnt)) { 745ba6b8de4SJohn Fastabend if (map->ops->map_release_uref) 746ba6b8de4SJohn Fastabend map->ops->map_release_uref(map); 747c9da161cSDaniel Borkmann } 748c9da161cSDaniel Borkmann } 749c9da161cSDaniel Borkmann 75099c55f7dSAlexei Starovoitov /* decrement map refcnt and schedule it for freeing via workqueue 751158e5e9eSTobias Klauser * (underlying map implementation ops->map_free() might sleep) 75299c55f7dSAlexei Starovoitov */ 753158e5e9eSTobias Klauser void bpf_map_put(struct bpf_map *map) 75499c55f7dSAlexei Starovoitov { 7551e0bd5a0SAndrii Nakryiko if (atomic64_dec_and_test(&map->refcnt)) { 75634ad5580SMartin KaFai Lau /* bpf_map_free_id() must be called first */ 757158e5e9eSTobias Klauser bpf_map_free_id(map); 75878958fcaSMartin KaFai Lau btf_put(map->btf); 75999c55f7dSAlexei Starovoitov INIT_WORK(&map->work, bpf_map_free_deferred); 7608d5a8011SAlexei Starovoitov /* Avoid spawning kworkers, since they all might contend 7618d5a8011SAlexei Starovoitov * for the same mutex like slab_mutex. 7628d5a8011SAlexei Starovoitov */ 7638d5a8011SAlexei Starovoitov queue_work(system_unbound_wq, &map->work); 76499c55f7dSAlexei Starovoitov } 76599c55f7dSAlexei Starovoitov } 766630a4d38SJakub Kicinski EXPORT_SYMBOL_GPL(bpf_map_put); 767bd5f5f4eSMartin KaFai Lau 768c9da161cSDaniel Borkmann void bpf_map_put_with_uref(struct bpf_map *map) 769c9da161cSDaniel Borkmann { 770c9da161cSDaniel Borkmann bpf_map_put_uref(map); 771c9da161cSDaniel Borkmann bpf_map_put(map); 772c9da161cSDaniel Borkmann } 773c9da161cSDaniel Borkmann 77499c55f7dSAlexei Starovoitov static int bpf_map_release(struct inode *inode, struct file *filp) 77599c55f7dSAlexei Starovoitov { 77661d1b6a4SDaniel Borkmann struct bpf_map *map = filp->private_data; 77761d1b6a4SDaniel Borkmann 77861d1b6a4SDaniel Borkmann if (map->ops->map_release) 77961d1b6a4SDaniel Borkmann map->ops->map_release(map, filp); 78061d1b6a4SDaniel Borkmann 78161d1b6a4SDaniel Borkmann bpf_map_put_with_uref(map); 78299c55f7dSAlexei Starovoitov return 0; 78399c55f7dSAlexei Starovoitov } 78499c55f7dSAlexei Starovoitov 78587df15deSDaniel Borkmann static fmode_t map_get_sys_perms(struct bpf_map *map, struct fd f) 78687df15deSDaniel Borkmann { 78787df15deSDaniel Borkmann fmode_t mode = f.file->f_mode; 78887df15deSDaniel Borkmann 78987df15deSDaniel Borkmann /* Our file permissions may have been overridden by global 79087df15deSDaniel Borkmann * map permissions facing syscall side. 79187df15deSDaniel Borkmann */ 79287df15deSDaniel Borkmann if (READ_ONCE(map->frozen)) 79387df15deSDaniel Borkmann mode &= ~FMODE_CAN_WRITE; 79487df15deSDaniel Borkmann return mode; 79587df15deSDaniel Borkmann } 79687df15deSDaniel Borkmann 797f99bf205SDaniel Borkmann #ifdef CONFIG_PROC_FS 79890a5527dSYafang Shao /* Show the memory usage of a bpf map */ 79990a5527dSYafang Shao static u64 bpf_map_memory_usage(const struct bpf_map *map) 80080ee81e0SRoman Gushchin { 80190a5527dSYafang Shao return map->ops->map_mem_usage(map); 80280ee81e0SRoman Gushchin } 80380ee81e0SRoman Gushchin 804f99bf205SDaniel Borkmann static void bpf_map_show_fdinfo(struct seq_file *m, struct file *filp) 805f99bf205SDaniel Borkmann { 806f45d5b6cSToke Hoiland-Jorgensen struct bpf_map *map = filp->private_data; 8072beee5f5SDaniel Borkmann u32 type = 0, jited = 0; 80821116b70SDaniel Borkmann 809f45d5b6cSToke Hoiland-Jorgensen if (map_type_contains_progs(map)) { 810f45d5b6cSToke Hoiland-Jorgensen spin_lock(&map->owner.lock); 811f45d5b6cSToke Hoiland-Jorgensen type = map->owner.type; 812f45d5b6cSToke Hoiland-Jorgensen jited = map->owner.jited; 813f45d5b6cSToke Hoiland-Jorgensen spin_unlock(&map->owner.lock); 81421116b70SDaniel Borkmann } 815f99bf205SDaniel Borkmann 816f99bf205SDaniel Borkmann seq_printf(m, 817f99bf205SDaniel Borkmann "map_type:\t%u\n" 818f99bf205SDaniel Borkmann "key_size:\t%u\n" 819f99bf205SDaniel Borkmann "value_size:\t%u\n" 820322cea2fSDaniel Borkmann "max_entries:\t%u\n" 82121116b70SDaniel Borkmann "map_flags:\t%#x\n" 8229330986cSJoanne Koong "map_extra:\t%#llx\n" 82390a5527dSYafang Shao "memlock:\t%llu\n" 82487df15deSDaniel Borkmann "map_id:\t%u\n" 82587df15deSDaniel Borkmann "frozen:\t%u\n", 826f99bf205SDaniel Borkmann map->map_type, 827f99bf205SDaniel Borkmann map->key_size, 828f99bf205SDaniel Borkmann map->value_size, 829322cea2fSDaniel Borkmann map->max_entries, 83021116b70SDaniel Borkmann map->map_flags, 8319330986cSJoanne Koong (unsigned long long)map->map_extra, 83290a5527dSYafang Shao bpf_map_memory_usage(map), 83387df15deSDaniel Borkmann map->id, 83487df15deSDaniel Borkmann READ_ONCE(map->frozen)); 8352beee5f5SDaniel Borkmann if (type) { 8362beee5f5SDaniel Borkmann seq_printf(m, "owner_prog_type:\t%u\n", type); 8372beee5f5SDaniel Borkmann seq_printf(m, "owner_jited:\t%u\n", jited); 8389780c0abSDaniel Borkmann } 839f99bf205SDaniel Borkmann } 840f99bf205SDaniel Borkmann #endif 841f99bf205SDaniel Borkmann 8426e71b04aSChenbo Feng static ssize_t bpf_dummy_read(struct file *filp, char __user *buf, size_t siz, 8436e71b04aSChenbo Feng loff_t *ppos) 8446e71b04aSChenbo Feng { 8456e71b04aSChenbo Feng /* We need this handler such that alloc_file() enables 8466e71b04aSChenbo Feng * f_mode with FMODE_CAN_READ. 8476e71b04aSChenbo Feng */ 8486e71b04aSChenbo Feng return -EINVAL; 8496e71b04aSChenbo Feng } 8506e71b04aSChenbo Feng 8516e71b04aSChenbo Feng static ssize_t bpf_dummy_write(struct file *filp, const char __user *buf, 8526e71b04aSChenbo Feng size_t siz, loff_t *ppos) 8536e71b04aSChenbo Feng { 8546e71b04aSChenbo Feng /* We need this handler such that alloc_file() enables 8556e71b04aSChenbo Feng * f_mode with FMODE_CAN_WRITE. 8566e71b04aSChenbo Feng */ 8576e71b04aSChenbo Feng return -EINVAL; 8586e71b04aSChenbo Feng } 8596e71b04aSChenbo Feng 860fc970227SAndrii Nakryiko /* called for any extra memory-mapped regions (except initial) */ 861fc970227SAndrii Nakryiko static void bpf_map_mmap_open(struct vm_area_struct *vma) 862fc970227SAndrii Nakryiko { 863fc970227SAndrii Nakryiko struct bpf_map *map = vma->vm_file->private_data; 864fc970227SAndrii Nakryiko 865353050beSDaniel Borkmann if (vma->vm_flags & VM_MAYWRITE) 866353050beSDaniel Borkmann bpf_map_write_active_inc(map); 867fc970227SAndrii Nakryiko } 868fc970227SAndrii Nakryiko 869fc970227SAndrii Nakryiko /* called for all unmapped memory region (including initial) */ 870fc970227SAndrii Nakryiko static void bpf_map_mmap_close(struct vm_area_struct *vma) 871fc970227SAndrii Nakryiko { 872fc970227SAndrii Nakryiko struct bpf_map *map = vma->vm_file->private_data; 873fc970227SAndrii Nakryiko 874353050beSDaniel Borkmann if (vma->vm_flags & VM_MAYWRITE) 875353050beSDaniel Borkmann bpf_map_write_active_dec(map); 876fc970227SAndrii Nakryiko } 877fc970227SAndrii Nakryiko 878fc970227SAndrii Nakryiko static const struct vm_operations_struct bpf_map_default_vmops = { 879fc970227SAndrii Nakryiko .open = bpf_map_mmap_open, 880fc970227SAndrii Nakryiko .close = bpf_map_mmap_close, 881fc970227SAndrii Nakryiko }; 882fc970227SAndrii Nakryiko 883fc970227SAndrii Nakryiko static int bpf_map_mmap(struct file *filp, struct vm_area_struct *vma) 884fc970227SAndrii Nakryiko { 885fc970227SAndrii Nakryiko struct bpf_map *map = filp->private_data; 886fc970227SAndrii Nakryiko int err; 887fc970227SAndrii Nakryiko 888db559117SKumar Kartikeya Dwivedi if (!map->ops->map_mmap || !IS_ERR_OR_NULL(map->record)) 889fc970227SAndrii Nakryiko return -ENOTSUPP; 890fc970227SAndrii Nakryiko 891fc970227SAndrii Nakryiko if (!(vma->vm_flags & VM_SHARED)) 892fc970227SAndrii Nakryiko return -EINVAL; 893fc970227SAndrii Nakryiko 894fc970227SAndrii Nakryiko mutex_lock(&map->freeze_mutex); 895fc970227SAndrii Nakryiko 896dfeb376dSAndrii Nakryiko if (vma->vm_flags & VM_WRITE) { 897dfeb376dSAndrii Nakryiko if (map->frozen) { 898fc970227SAndrii Nakryiko err = -EPERM; 899fc970227SAndrii Nakryiko goto out; 900fc970227SAndrii Nakryiko } 901dfeb376dSAndrii Nakryiko /* map is meant to be read-only, so do not allow mapping as 902dfeb376dSAndrii Nakryiko * writable, because it's possible to leak a writable page 903dfeb376dSAndrii Nakryiko * reference and allows user-space to still modify it after 904dfeb376dSAndrii Nakryiko * freezing, while verifier will assume contents do not change 905dfeb376dSAndrii Nakryiko */ 906dfeb376dSAndrii Nakryiko if (map->map_flags & BPF_F_RDONLY_PROG) { 907dfeb376dSAndrii Nakryiko err = -EACCES; 908dfeb376dSAndrii Nakryiko goto out; 909dfeb376dSAndrii Nakryiko } 910dfeb376dSAndrii Nakryiko } 911fc970227SAndrii Nakryiko 912fc970227SAndrii Nakryiko /* set default open/close callbacks */ 913fc970227SAndrii Nakryiko vma->vm_ops = &bpf_map_default_vmops; 914fc970227SAndrii Nakryiko vma->vm_private_data = map; 9151c71222eSSuren Baghdasaryan vm_flags_clear(vma, VM_MAYEXEC); 9161f6cb19bSAndrii Nakryiko if (!(vma->vm_flags & VM_WRITE)) 9171f6cb19bSAndrii Nakryiko /* disallow re-mapping with PROT_WRITE */ 9181c71222eSSuren Baghdasaryan vm_flags_clear(vma, VM_MAYWRITE); 919fc970227SAndrii Nakryiko 920fc970227SAndrii Nakryiko err = map->ops->map_mmap(map, vma); 921fc970227SAndrii Nakryiko if (err) 922fc970227SAndrii Nakryiko goto out; 923fc970227SAndrii Nakryiko 9241f6cb19bSAndrii Nakryiko if (vma->vm_flags & VM_MAYWRITE) 925353050beSDaniel Borkmann bpf_map_write_active_inc(map); 926fc970227SAndrii Nakryiko out: 927fc970227SAndrii Nakryiko mutex_unlock(&map->freeze_mutex); 928fc970227SAndrii Nakryiko return err; 929fc970227SAndrii Nakryiko } 930fc970227SAndrii Nakryiko 931457f4436SAndrii Nakryiko static __poll_t bpf_map_poll(struct file *filp, struct poll_table_struct *pts) 932457f4436SAndrii Nakryiko { 933457f4436SAndrii Nakryiko struct bpf_map *map = filp->private_data; 934457f4436SAndrii Nakryiko 935457f4436SAndrii Nakryiko if (map->ops->map_poll) 936457f4436SAndrii Nakryiko return map->ops->map_poll(map, filp, pts); 937457f4436SAndrii Nakryiko 938457f4436SAndrii Nakryiko return EPOLLERR; 939457f4436SAndrii Nakryiko } 940457f4436SAndrii Nakryiko 941f66e448cSChenbo Feng const struct file_operations bpf_map_fops = { 942f99bf205SDaniel Borkmann #ifdef CONFIG_PROC_FS 943f99bf205SDaniel Borkmann .show_fdinfo = bpf_map_show_fdinfo, 944f99bf205SDaniel Borkmann #endif 94599c55f7dSAlexei Starovoitov .release = bpf_map_release, 9466e71b04aSChenbo Feng .read = bpf_dummy_read, 9476e71b04aSChenbo Feng .write = bpf_dummy_write, 948fc970227SAndrii Nakryiko .mmap = bpf_map_mmap, 949457f4436SAndrii Nakryiko .poll = bpf_map_poll, 95099c55f7dSAlexei Starovoitov }; 95199c55f7dSAlexei Starovoitov 9526e71b04aSChenbo Feng int bpf_map_new_fd(struct bpf_map *map, int flags) 953aa79781bSDaniel Borkmann { 954afdb09c7SChenbo Feng int ret; 955afdb09c7SChenbo Feng 956afdb09c7SChenbo Feng ret = security_bpf_map(map, OPEN_FMODE(flags)); 957afdb09c7SChenbo Feng if (ret < 0) 958afdb09c7SChenbo Feng return ret; 959afdb09c7SChenbo Feng 960aa79781bSDaniel Borkmann return anon_inode_getfd("bpf-map", &bpf_map_fops, map, 9616e71b04aSChenbo Feng flags | O_CLOEXEC); 9626e71b04aSChenbo Feng } 9636e71b04aSChenbo Feng 9646e71b04aSChenbo Feng int bpf_get_file_flag(int flags) 9656e71b04aSChenbo Feng { 9666e71b04aSChenbo Feng if ((flags & BPF_F_RDONLY) && (flags & BPF_F_WRONLY)) 9676e71b04aSChenbo Feng return -EINVAL; 9686e71b04aSChenbo Feng if (flags & BPF_F_RDONLY) 9696e71b04aSChenbo Feng return O_RDONLY; 9706e71b04aSChenbo Feng if (flags & BPF_F_WRONLY) 9716e71b04aSChenbo Feng return O_WRONLY; 9726e71b04aSChenbo Feng return O_RDWR; 973aa79781bSDaniel Borkmann } 974aa79781bSDaniel Borkmann 97599c55f7dSAlexei Starovoitov /* helper macro to check that unused fields 'union bpf_attr' are zero */ 97699c55f7dSAlexei Starovoitov #define CHECK_ATTR(CMD) \ 97799c55f7dSAlexei Starovoitov memchr_inv((void *) &attr->CMD##_LAST_FIELD + \ 97899c55f7dSAlexei Starovoitov sizeof(attr->CMD##_LAST_FIELD), 0, \ 97999c55f7dSAlexei Starovoitov sizeof(*attr) - \ 98099c55f7dSAlexei Starovoitov offsetof(union bpf_attr, CMD##_LAST_FIELD) - \ 98199c55f7dSAlexei Starovoitov sizeof(attr->CMD##_LAST_FIELD)) != NULL 98299c55f7dSAlexei Starovoitov 9838e7ae251SMartin KaFai Lau /* dst and src must have at least "size" number of bytes. 9848e7ae251SMartin KaFai Lau * Return strlen on success and < 0 on error. 985cb4d2b3fSMartin KaFai Lau */ 9868e7ae251SMartin KaFai Lau int bpf_obj_name_cpy(char *dst, const char *src, unsigned int size) 987cb4d2b3fSMartin KaFai Lau { 9888e7ae251SMartin KaFai Lau const char *end = src + size; 9898e7ae251SMartin KaFai Lau const char *orig_src = src; 990cb4d2b3fSMartin KaFai Lau 9918e7ae251SMartin KaFai Lau memset(dst, 0, size); 9923e0ddc4fSDaniel Borkmann /* Copy all isalnum(), '_' and '.' chars. */ 993cb4d2b3fSMartin KaFai Lau while (src < end && *src) { 9943e0ddc4fSDaniel Borkmann if (!isalnum(*src) && 9953e0ddc4fSDaniel Borkmann *src != '_' && *src != '.') 996cb4d2b3fSMartin KaFai Lau return -EINVAL; 997cb4d2b3fSMartin KaFai Lau *dst++ = *src++; 998cb4d2b3fSMartin KaFai Lau } 999cb4d2b3fSMartin KaFai Lau 10008e7ae251SMartin KaFai Lau /* No '\0' found in "size" number of bytes */ 1001cb4d2b3fSMartin KaFai Lau if (src == end) 1002cb4d2b3fSMartin KaFai Lau return -EINVAL; 1003cb4d2b3fSMartin KaFai Lau 10048e7ae251SMartin KaFai Lau return src - orig_src; 1005cb4d2b3fSMartin KaFai Lau } 1006cb4d2b3fSMartin KaFai Lau 1007e8d2bec0SDaniel Borkmann int map_check_no_btf(const struct bpf_map *map, 10081b2b234bSRoman Gushchin const struct btf *btf, 1009e8d2bec0SDaniel Borkmann const struct btf_type *key_type, 1010e8d2bec0SDaniel Borkmann const struct btf_type *value_type) 1011e8d2bec0SDaniel Borkmann { 1012e8d2bec0SDaniel Borkmann return -ENOTSUPP; 1013e8d2bec0SDaniel Borkmann } 1014e8d2bec0SDaniel Borkmann 1015d83525caSAlexei Starovoitov static int map_check_btf(struct bpf_map *map, const struct btf *btf, 1016e8d2bec0SDaniel Borkmann u32 btf_key_id, u32 btf_value_id) 1017e8d2bec0SDaniel Borkmann { 1018e8d2bec0SDaniel Borkmann const struct btf_type *key_type, *value_type; 1019e8d2bec0SDaniel Borkmann u32 key_size, value_size; 1020e8d2bec0SDaniel Borkmann int ret = 0; 1021e8d2bec0SDaniel Borkmann 10222824ecb7SDaniel Borkmann /* Some maps allow key to be unspecified. */ 10232824ecb7SDaniel Borkmann if (btf_key_id) { 1024e8d2bec0SDaniel Borkmann key_type = btf_type_id_size(btf, &btf_key_id, &key_size); 1025e8d2bec0SDaniel Borkmann if (!key_type || key_size != map->key_size) 1026e8d2bec0SDaniel Borkmann return -EINVAL; 10272824ecb7SDaniel Borkmann } else { 10282824ecb7SDaniel Borkmann key_type = btf_type_by_id(btf, 0); 10292824ecb7SDaniel Borkmann if (!map->ops->map_check_btf) 10302824ecb7SDaniel Borkmann return -EINVAL; 10312824ecb7SDaniel Borkmann } 1032e8d2bec0SDaniel Borkmann 1033e8d2bec0SDaniel Borkmann value_type = btf_type_id_size(btf, &btf_value_id, &value_size); 1034e8d2bec0SDaniel Borkmann if (!value_type || value_size != map->value_size) 1035e8d2bec0SDaniel Borkmann return -EINVAL; 1036e8d2bec0SDaniel Borkmann 1037f0c5941fSKumar Kartikeya Dwivedi map->record = btf_parse_fields(btf, value_type, 10389c395c1bSDave Marchevsky BPF_SPIN_LOCK | BPF_TIMER | BPF_KPTR | BPF_LIST_HEAD | 1039d54730b5SDave Marchevsky BPF_RB_ROOT | BPF_REFCOUNT, 1040db559117SKumar Kartikeya Dwivedi map->value_size); 1041aa3496acSKumar Kartikeya Dwivedi if (!IS_ERR_OR_NULL(map->record)) { 1042aa3496acSKumar Kartikeya Dwivedi int i; 1043aa3496acSKumar Kartikeya Dwivedi 104461df10c7SKumar Kartikeya Dwivedi if (!bpf_capable()) { 104561df10c7SKumar Kartikeya Dwivedi ret = -EPERM; 104661df10c7SKumar Kartikeya Dwivedi goto free_map_tab; 104761df10c7SKumar Kartikeya Dwivedi } 104861df10c7SKumar Kartikeya Dwivedi if (map->map_flags & (BPF_F_RDONLY_PROG | BPF_F_WRONLY_PROG)) { 104961df10c7SKumar Kartikeya Dwivedi ret = -EACCES; 105061df10c7SKumar Kartikeya Dwivedi goto free_map_tab; 105161df10c7SKumar Kartikeya Dwivedi } 1052aa3496acSKumar Kartikeya Dwivedi for (i = 0; i < sizeof(map->record->field_mask) * 8; i++) { 1053aa3496acSKumar Kartikeya Dwivedi switch (map->record->field_mask & (1 << i)) { 1054aa3496acSKumar Kartikeya Dwivedi case 0: 1055aa3496acSKumar Kartikeya Dwivedi continue; 1056db559117SKumar Kartikeya Dwivedi case BPF_SPIN_LOCK: 1057db559117SKumar Kartikeya Dwivedi if (map->map_type != BPF_MAP_TYPE_HASH && 1058db559117SKumar Kartikeya Dwivedi map->map_type != BPF_MAP_TYPE_ARRAY && 1059db559117SKumar Kartikeya Dwivedi map->map_type != BPF_MAP_TYPE_CGROUP_STORAGE && 1060db559117SKumar Kartikeya Dwivedi map->map_type != BPF_MAP_TYPE_SK_STORAGE && 1061db559117SKumar Kartikeya Dwivedi map->map_type != BPF_MAP_TYPE_INODE_STORAGE && 1062db559117SKumar Kartikeya Dwivedi map->map_type != BPF_MAP_TYPE_TASK_STORAGE && 1063db559117SKumar Kartikeya Dwivedi map->map_type != BPF_MAP_TYPE_CGRP_STORAGE) { 1064db559117SKumar Kartikeya Dwivedi ret = -EOPNOTSUPP; 1065db559117SKumar Kartikeya Dwivedi goto free_map_tab; 1066db559117SKumar Kartikeya Dwivedi } 1067db559117SKumar Kartikeya Dwivedi break; 1068db559117SKumar Kartikeya Dwivedi case BPF_TIMER: 1069db559117SKumar Kartikeya Dwivedi if (map->map_type != BPF_MAP_TYPE_HASH && 1070db559117SKumar Kartikeya Dwivedi map->map_type != BPF_MAP_TYPE_LRU_HASH && 1071db559117SKumar Kartikeya Dwivedi map->map_type != BPF_MAP_TYPE_ARRAY) { 1072c237bfa5SKumar Kartikeya Dwivedi ret = -EOPNOTSUPP; 1073db559117SKumar Kartikeya Dwivedi goto free_map_tab; 1074db559117SKumar Kartikeya Dwivedi } 1075db559117SKumar Kartikeya Dwivedi break; 1076aa3496acSKumar Kartikeya Dwivedi case BPF_KPTR_UNREF: 1077aa3496acSKumar Kartikeya Dwivedi case BPF_KPTR_REF: 1078d54730b5SDave Marchevsky case BPF_REFCOUNT: 107961df10c7SKumar Kartikeya Dwivedi if (map->map_type != BPF_MAP_TYPE_HASH && 108065334e64SKumar Kartikeya Dwivedi map->map_type != BPF_MAP_TYPE_PERCPU_HASH && 108161df10c7SKumar Kartikeya Dwivedi map->map_type != BPF_MAP_TYPE_LRU_HASH && 108265334e64SKumar Kartikeya Dwivedi map->map_type != BPF_MAP_TYPE_LRU_PERCPU_HASH && 10836df4ea1fSKumar Kartikeya Dwivedi map->map_type != BPF_MAP_TYPE_ARRAY && 10849db44fddSKumar Kartikeya Dwivedi map->map_type != BPF_MAP_TYPE_PERCPU_ARRAY && 10859db44fddSKumar Kartikeya Dwivedi map->map_type != BPF_MAP_TYPE_SK_STORAGE && 10869db44fddSKumar Kartikeya Dwivedi map->map_type != BPF_MAP_TYPE_INODE_STORAGE && 10879db44fddSKumar Kartikeya Dwivedi map->map_type != BPF_MAP_TYPE_TASK_STORAGE && 10889db44fddSKumar Kartikeya Dwivedi map->map_type != BPF_MAP_TYPE_CGRP_STORAGE) { 108961df10c7SKumar Kartikeya Dwivedi ret = -EOPNOTSUPP; 109061df10c7SKumar Kartikeya Dwivedi goto free_map_tab; 109161df10c7SKumar Kartikeya Dwivedi } 1092aa3496acSKumar Kartikeya Dwivedi break; 1093f0c5941fSKumar Kartikeya Dwivedi case BPF_LIST_HEAD: 10949c395c1bSDave Marchevsky case BPF_RB_ROOT: 1095f0c5941fSKumar Kartikeya Dwivedi if (map->map_type != BPF_MAP_TYPE_HASH && 1096f0c5941fSKumar Kartikeya Dwivedi map->map_type != BPF_MAP_TYPE_LRU_HASH && 1097f0c5941fSKumar Kartikeya Dwivedi map->map_type != BPF_MAP_TYPE_ARRAY) { 1098f0c5941fSKumar Kartikeya Dwivedi ret = -EOPNOTSUPP; 1099f0c5941fSKumar Kartikeya Dwivedi goto free_map_tab; 1100f0c5941fSKumar Kartikeya Dwivedi } 1101f0c5941fSKumar Kartikeya Dwivedi break; 1102aa3496acSKumar Kartikeya Dwivedi default: 1103aa3496acSKumar Kartikeya Dwivedi /* Fail if map_type checks are missing for a field type */ 1104aa3496acSKumar Kartikeya Dwivedi ret = -EOPNOTSUPP; 1105aa3496acSKumar Kartikeya Dwivedi goto free_map_tab; 1106aa3496acSKumar Kartikeya Dwivedi } 1107aa3496acSKumar Kartikeya Dwivedi } 110861df10c7SKumar Kartikeya Dwivedi } 1109e8d2bec0SDaniel Borkmann 1110865ce09aSKumar Kartikeya Dwivedi ret = btf_check_and_fixup_fields(btf, map->record); 1111865ce09aSKumar Kartikeya Dwivedi if (ret < 0) 1112865ce09aSKumar Kartikeya Dwivedi goto free_map_tab; 1113865ce09aSKumar Kartikeya Dwivedi 111461df10c7SKumar Kartikeya Dwivedi if (map->ops->map_check_btf) { 111561df10c7SKumar Kartikeya Dwivedi ret = map->ops->map_check_btf(map, btf, key_type, value_type); 111661df10c7SKumar Kartikeya Dwivedi if (ret < 0) 111761df10c7SKumar Kartikeya Dwivedi goto free_map_tab; 111861df10c7SKumar Kartikeya Dwivedi } 111961df10c7SKumar Kartikeya Dwivedi 112061df10c7SKumar Kartikeya Dwivedi return ret; 112161df10c7SKumar Kartikeya Dwivedi free_map_tab: 1122aa3496acSKumar Kartikeya Dwivedi bpf_map_free_record(map); 1123e8d2bec0SDaniel Borkmann return ret; 1124e8d2bec0SDaniel Borkmann } 1125e8d2bec0SDaniel Borkmann 11269330986cSJoanne Koong #define BPF_MAP_CREATE_LAST_FIELD map_extra 112799c55f7dSAlexei Starovoitov /* called via syscall */ 112899c55f7dSAlexei Starovoitov static int map_create(union bpf_attr *attr) 112999c55f7dSAlexei Starovoitov { 113096eabe7aSMartin KaFai Lau int numa_node = bpf_map_attr_numa_node(attr); 113199c55f7dSAlexei Starovoitov struct bpf_map *map; 11326e71b04aSChenbo Feng int f_flags; 113399c55f7dSAlexei Starovoitov int err; 113499c55f7dSAlexei Starovoitov 113599c55f7dSAlexei Starovoitov err = CHECK_ATTR(BPF_MAP_CREATE); 113699c55f7dSAlexei Starovoitov if (err) 113799c55f7dSAlexei Starovoitov return -EINVAL; 113899c55f7dSAlexei Starovoitov 113985d33df3SMartin KaFai Lau if (attr->btf_vmlinux_value_type_id) { 114085d33df3SMartin KaFai Lau if (attr->map_type != BPF_MAP_TYPE_STRUCT_OPS || 114185d33df3SMartin KaFai Lau attr->btf_key_type_id || attr->btf_value_type_id) 114285d33df3SMartin KaFai Lau return -EINVAL; 114385d33df3SMartin KaFai Lau } else if (attr->btf_key_type_id && !attr->btf_value_type_id) { 114485d33df3SMartin KaFai Lau return -EINVAL; 114585d33df3SMartin KaFai Lau } 114685d33df3SMartin KaFai Lau 11479330986cSJoanne Koong if (attr->map_type != BPF_MAP_TYPE_BLOOM_FILTER && 11489330986cSJoanne Koong attr->map_extra != 0) 11499330986cSJoanne Koong return -EINVAL; 11509330986cSJoanne Koong 11516e71b04aSChenbo Feng f_flags = bpf_get_file_flag(attr->map_flags); 11526e71b04aSChenbo Feng if (f_flags < 0) 11536e71b04aSChenbo Feng return f_flags; 11546e71b04aSChenbo Feng 115596eabe7aSMartin KaFai Lau if (numa_node != NUMA_NO_NODE && 115696e5ae4eSEric Dumazet ((unsigned int)numa_node >= nr_node_ids || 115796e5ae4eSEric Dumazet !node_online(numa_node))) 115896eabe7aSMartin KaFai Lau return -EINVAL; 115996eabe7aSMartin KaFai Lau 116099c55f7dSAlexei Starovoitov /* find map type and init map: hashtable vs rbtree vs bloom vs ... */ 116199c55f7dSAlexei Starovoitov map = find_and_alloc_map(attr); 116299c55f7dSAlexei Starovoitov if (IS_ERR(map)) 116399c55f7dSAlexei Starovoitov return PTR_ERR(map); 116499c55f7dSAlexei Starovoitov 11658e7ae251SMartin KaFai Lau err = bpf_obj_name_cpy(map->name, attr->map_name, 11668e7ae251SMartin KaFai Lau sizeof(attr->map_name)); 11678e7ae251SMartin KaFai Lau if (err < 0) 1168b936ca64SRoman Gushchin goto free_map; 1169ad5b177bSMartin KaFai Lau 11701e0bd5a0SAndrii Nakryiko atomic64_set(&map->refcnt, 1); 11711e0bd5a0SAndrii Nakryiko atomic64_set(&map->usercnt, 1); 1172fc970227SAndrii Nakryiko mutex_init(&map->freeze_mutex); 1173f45d5b6cSToke Hoiland-Jorgensen spin_lock_init(&map->owner.lock); 117499c55f7dSAlexei Starovoitov 117585d33df3SMartin KaFai Lau if (attr->btf_key_type_id || attr->btf_value_type_id || 117685d33df3SMartin KaFai Lau /* Even the map's value is a kernel's struct, 117785d33df3SMartin KaFai Lau * the bpf_prog.o must have BTF to begin with 117885d33df3SMartin KaFai Lau * to figure out the corresponding kernel's 117985d33df3SMartin KaFai Lau * counter part. Thus, attr->btf_fd has 118085d33df3SMartin KaFai Lau * to be valid also. 118185d33df3SMartin KaFai Lau */ 118285d33df3SMartin KaFai Lau attr->btf_vmlinux_value_type_id) { 1183a26ca7c9SMartin KaFai Lau struct btf *btf; 1184a26ca7c9SMartin KaFai Lau 1185a26ca7c9SMartin KaFai Lau btf = btf_get_by_fd(attr->btf_fd); 1186a26ca7c9SMartin KaFai Lau if (IS_ERR(btf)) { 1187a26ca7c9SMartin KaFai Lau err = PTR_ERR(btf); 1188b936ca64SRoman Gushchin goto free_map; 1189a26ca7c9SMartin KaFai Lau } 1190350a5c4dSAlexei Starovoitov if (btf_is_kernel(btf)) { 1191350a5c4dSAlexei Starovoitov btf_put(btf); 1192350a5c4dSAlexei Starovoitov err = -EACCES; 1193350a5c4dSAlexei Starovoitov goto free_map; 1194350a5c4dSAlexei Starovoitov } 119585d33df3SMartin KaFai Lau map->btf = btf; 1196a26ca7c9SMartin KaFai Lau 119785d33df3SMartin KaFai Lau if (attr->btf_value_type_id) { 1198e8d2bec0SDaniel Borkmann err = map_check_btf(map, btf, attr->btf_key_type_id, 11999b2cf328SMartin KaFai Lau attr->btf_value_type_id); 120085d33df3SMartin KaFai Lau if (err) 1201b936ca64SRoman Gushchin goto free_map; 1202a26ca7c9SMartin KaFai Lau } 1203a26ca7c9SMartin KaFai Lau 12049b2cf328SMartin KaFai Lau map->btf_key_type_id = attr->btf_key_type_id; 12059b2cf328SMartin KaFai Lau map->btf_value_type_id = attr->btf_value_type_id; 120685d33df3SMartin KaFai Lau map->btf_vmlinux_value_type_id = 120785d33df3SMartin KaFai Lau attr->btf_vmlinux_value_type_id; 1208a26ca7c9SMartin KaFai Lau } 1209a26ca7c9SMartin KaFai Lau 12104d7d7f69SKumar Kartikeya Dwivedi err = security_bpf_map_alloc(map); 12114d7d7f69SKumar Kartikeya Dwivedi if (err) 1212cd2a8079SDave Marchevsky goto free_map; 12134d7d7f69SKumar Kartikeya Dwivedi 1214f3f1c054SMartin KaFai Lau err = bpf_map_alloc_id(map); 1215f3f1c054SMartin KaFai Lau if (err) 1216b936ca64SRoman Gushchin goto free_map_sec; 1217f3f1c054SMartin KaFai Lau 121848edc1f7SRoman Gushchin bpf_map_save_memcg(map); 121948edc1f7SRoman Gushchin 12206e71b04aSChenbo Feng err = bpf_map_new_fd(map, f_flags); 1221bd5f5f4eSMartin KaFai Lau if (err < 0) { 1222bd5f5f4eSMartin KaFai Lau /* failed to allocate fd. 1223352d20d6SPeng Sun * bpf_map_put_with_uref() is needed because the above 1224bd5f5f4eSMartin KaFai Lau * bpf_map_alloc_id() has published the map 1225bd5f5f4eSMartin KaFai Lau * to the userspace and the userspace may 1226bd5f5f4eSMartin KaFai Lau * have refcnt-ed it through BPF_MAP_GET_FD_BY_ID. 1227bd5f5f4eSMartin KaFai Lau */ 1228352d20d6SPeng Sun bpf_map_put_with_uref(map); 1229bd5f5f4eSMartin KaFai Lau return err; 1230bd5f5f4eSMartin KaFai Lau } 123199c55f7dSAlexei Starovoitov 123299c55f7dSAlexei Starovoitov return err; 123399c55f7dSAlexei Starovoitov 1234afdb09c7SChenbo Feng free_map_sec: 1235afdb09c7SChenbo Feng security_bpf_map_free(map); 1236b936ca64SRoman Gushchin free_map: 1237a26ca7c9SMartin KaFai Lau btf_put(map->btf); 123899c55f7dSAlexei Starovoitov map->ops->map_free(map); 123999c55f7dSAlexei Starovoitov return err; 124099c55f7dSAlexei Starovoitov } 124199c55f7dSAlexei Starovoitov 1242db20fd2bSAlexei Starovoitov /* if error is returned, fd is released. 1243db20fd2bSAlexei Starovoitov * On success caller should complete fd access with matching fdput() 1244db20fd2bSAlexei Starovoitov */ 1245c2101297SDaniel Borkmann struct bpf_map *__bpf_map_get(struct fd f) 1246db20fd2bSAlexei Starovoitov { 1247db20fd2bSAlexei Starovoitov if (!f.file) 1248db20fd2bSAlexei Starovoitov return ERR_PTR(-EBADF); 1249db20fd2bSAlexei Starovoitov if (f.file->f_op != &bpf_map_fops) { 1250db20fd2bSAlexei Starovoitov fdput(f); 1251db20fd2bSAlexei Starovoitov return ERR_PTR(-EINVAL); 1252db20fd2bSAlexei Starovoitov } 1253db20fd2bSAlexei Starovoitov 1254c2101297SDaniel Borkmann return f.file->private_data; 1255c2101297SDaniel Borkmann } 1256c2101297SDaniel Borkmann 12571e0bd5a0SAndrii Nakryiko void bpf_map_inc(struct bpf_map *map) 1258c9da161cSDaniel Borkmann { 12591e0bd5a0SAndrii Nakryiko atomic64_inc(&map->refcnt); 1260c9da161cSDaniel Borkmann } 1261630a4d38SJakub Kicinski EXPORT_SYMBOL_GPL(bpf_map_inc); 1262c9da161cSDaniel Borkmann 12631e0bd5a0SAndrii Nakryiko void bpf_map_inc_with_uref(struct bpf_map *map) 12641e0bd5a0SAndrii Nakryiko { 12651e0bd5a0SAndrii Nakryiko atomic64_inc(&map->refcnt); 12661e0bd5a0SAndrii Nakryiko atomic64_inc(&map->usercnt); 12671e0bd5a0SAndrii Nakryiko } 12681e0bd5a0SAndrii Nakryiko EXPORT_SYMBOL_GPL(bpf_map_inc_with_uref); 12691e0bd5a0SAndrii Nakryiko 12701ed4d924SMartin KaFai Lau struct bpf_map *bpf_map_get(u32 ufd) 12711ed4d924SMartin KaFai Lau { 12721ed4d924SMartin KaFai Lau struct fd f = fdget(ufd); 12731ed4d924SMartin KaFai Lau struct bpf_map *map; 12741ed4d924SMartin KaFai Lau 12751ed4d924SMartin KaFai Lau map = __bpf_map_get(f); 12761ed4d924SMartin KaFai Lau if (IS_ERR(map)) 12771ed4d924SMartin KaFai Lau return map; 12781ed4d924SMartin KaFai Lau 12791ed4d924SMartin KaFai Lau bpf_map_inc(map); 12801ed4d924SMartin KaFai Lau fdput(f); 12811ed4d924SMartin KaFai Lau 12821ed4d924SMartin KaFai Lau return map; 12831ed4d924SMartin KaFai Lau } 1284b1d18a75SAlexei Starovoitov EXPORT_SYMBOL(bpf_map_get); 12851ed4d924SMartin KaFai Lau 1286c9da161cSDaniel Borkmann struct bpf_map *bpf_map_get_with_uref(u32 ufd) 1287c2101297SDaniel Borkmann { 1288c2101297SDaniel Borkmann struct fd f = fdget(ufd); 1289c2101297SDaniel Borkmann struct bpf_map *map; 1290c2101297SDaniel Borkmann 1291c2101297SDaniel Borkmann map = __bpf_map_get(f); 1292c2101297SDaniel Borkmann if (IS_ERR(map)) 1293c2101297SDaniel Borkmann return map; 1294c2101297SDaniel Borkmann 12951e0bd5a0SAndrii Nakryiko bpf_map_inc_with_uref(map); 1296c2101297SDaniel Borkmann fdput(f); 1297db20fd2bSAlexei Starovoitov 1298db20fd2bSAlexei Starovoitov return map; 1299db20fd2bSAlexei Starovoitov } 1300db20fd2bSAlexei Starovoitov 1301b671c206SKui-Feng Lee /* map_idr_lock should have been held or the map should have been 1302b671c206SKui-Feng Lee * protected by rcu read lock. 1303b671c206SKui-Feng Lee */ 1304b671c206SKui-Feng Lee struct bpf_map *__bpf_map_inc_not_zero(struct bpf_map *map, bool uref) 1305bd5f5f4eSMartin KaFai Lau { 1306bd5f5f4eSMartin KaFai Lau int refold; 1307bd5f5f4eSMartin KaFai Lau 13081e0bd5a0SAndrii Nakryiko refold = atomic64_fetch_add_unless(&map->refcnt, 1, 0); 1309bd5f5f4eSMartin KaFai Lau if (!refold) 1310bd5f5f4eSMartin KaFai Lau return ERR_PTR(-ENOENT); 1311bd5f5f4eSMartin KaFai Lau if (uref) 13121e0bd5a0SAndrii Nakryiko atomic64_inc(&map->usercnt); 1313bd5f5f4eSMartin KaFai Lau 1314bd5f5f4eSMartin KaFai Lau return map; 1315bd5f5f4eSMartin KaFai Lau } 1316bd5f5f4eSMartin KaFai Lau 13171e0bd5a0SAndrii Nakryiko struct bpf_map *bpf_map_inc_not_zero(struct bpf_map *map) 1318b0e4701cSStanislav Fomichev { 1319b0e4701cSStanislav Fomichev spin_lock_bh(&map_idr_lock); 13201e0bd5a0SAndrii Nakryiko map = __bpf_map_inc_not_zero(map, false); 1321b0e4701cSStanislav Fomichev spin_unlock_bh(&map_idr_lock); 1322b0e4701cSStanislav Fomichev 1323b0e4701cSStanislav Fomichev return map; 1324b0e4701cSStanislav Fomichev } 1325b0e4701cSStanislav Fomichev EXPORT_SYMBOL_GPL(bpf_map_inc_not_zero); 1326b0e4701cSStanislav Fomichev 1327b8cdc051SAlexei Starovoitov int __weak bpf_stackmap_copy(struct bpf_map *map, void *key, void *value) 1328b8cdc051SAlexei Starovoitov { 1329b8cdc051SAlexei Starovoitov return -ENOTSUPP; 1330b8cdc051SAlexei Starovoitov } 1331b8cdc051SAlexei Starovoitov 1332c9d29f46SMauricio Vasquez B static void *__bpf_copy_key(void __user *ukey, u64 key_size) 1333c9d29f46SMauricio Vasquez B { 1334c9d29f46SMauricio Vasquez B if (key_size) 133544779a4bSStanislav Fomichev return vmemdup_user(ukey, key_size); 1336c9d29f46SMauricio Vasquez B 1337c9d29f46SMauricio Vasquez B if (ukey) 1338c9d29f46SMauricio Vasquez B return ERR_PTR(-EINVAL); 1339c9d29f46SMauricio Vasquez B 1340c9d29f46SMauricio Vasquez B return NULL; 1341c9d29f46SMauricio Vasquez B } 1342c9d29f46SMauricio Vasquez B 1343af2ac3e1SAlexei Starovoitov static void *___bpf_copy_key(bpfptr_t ukey, u64 key_size) 1344af2ac3e1SAlexei Starovoitov { 1345af2ac3e1SAlexei Starovoitov if (key_size) 134644779a4bSStanislav Fomichev return kvmemdup_bpfptr(ukey, key_size); 1347af2ac3e1SAlexei Starovoitov 1348af2ac3e1SAlexei Starovoitov if (!bpfptr_is_null(ukey)) 1349af2ac3e1SAlexei Starovoitov return ERR_PTR(-EINVAL); 1350af2ac3e1SAlexei Starovoitov 1351af2ac3e1SAlexei Starovoitov return NULL; 1352af2ac3e1SAlexei Starovoitov } 1353af2ac3e1SAlexei Starovoitov 1354db20fd2bSAlexei Starovoitov /* last field in 'union bpf_attr' used by this command */ 135596049f3aSAlexei Starovoitov #define BPF_MAP_LOOKUP_ELEM_LAST_FIELD flags 1356db20fd2bSAlexei Starovoitov 1357db20fd2bSAlexei Starovoitov static int map_lookup_elem(union bpf_attr *attr) 1358db20fd2bSAlexei Starovoitov { 1359535e7b4bSMickaël Salaün void __user *ukey = u64_to_user_ptr(attr->key); 1360535e7b4bSMickaël Salaün void __user *uvalue = u64_to_user_ptr(attr->value); 1361db20fd2bSAlexei Starovoitov int ufd = attr->map_fd; 1362db20fd2bSAlexei Starovoitov struct bpf_map *map; 136315c14a3dSBrian Vazquez void *key, *value; 136415a07b33SAlexei Starovoitov u32 value_size; 1365592867bfSDaniel Borkmann struct fd f; 1366db20fd2bSAlexei Starovoitov int err; 1367db20fd2bSAlexei Starovoitov 1368db20fd2bSAlexei Starovoitov if (CHECK_ATTR(BPF_MAP_LOOKUP_ELEM)) 1369db20fd2bSAlexei Starovoitov return -EINVAL; 1370db20fd2bSAlexei Starovoitov 137196049f3aSAlexei Starovoitov if (attr->flags & ~BPF_F_LOCK) 137296049f3aSAlexei Starovoitov return -EINVAL; 137396049f3aSAlexei Starovoitov 1374592867bfSDaniel Borkmann f = fdget(ufd); 1375c2101297SDaniel Borkmann map = __bpf_map_get(f); 1376db20fd2bSAlexei Starovoitov if (IS_ERR(map)) 1377db20fd2bSAlexei Starovoitov return PTR_ERR(map); 137887df15deSDaniel Borkmann if (!(map_get_sys_perms(map, f) & FMODE_CAN_READ)) { 13796e71b04aSChenbo Feng err = -EPERM; 13806e71b04aSChenbo Feng goto err_put; 13816e71b04aSChenbo Feng } 13826e71b04aSChenbo Feng 138396049f3aSAlexei Starovoitov if ((attr->flags & BPF_F_LOCK) && 1384db559117SKumar Kartikeya Dwivedi !btf_record_has_field(map->record, BPF_SPIN_LOCK)) { 138596049f3aSAlexei Starovoitov err = -EINVAL; 138696049f3aSAlexei Starovoitov goto err_put; 138796049f3aSAlexei Starovoitov } 138896049f3aSAlexei Starovoitov 1389c9d29f46SMauricio Vasquez B key = __bpf_copy_key(ukey, map->key_size); 1390e4448ed8SAl Viro if (IS_ERR(key)) { 1391e4448ed8SAl Viro err = PTR_ERR(key); 1392db20fd2bSAlexei Starovoitov goto err_put; 1393e4448ed8SAl Viro } 1394db20fd2bSAlexei Starovoitov 139515c14a3dSBrian Vazquez value_size = bpf_map_value_size(map); 139615a07b33SAlexei Starovoitov 13978ebe667cSAlexei Starovoitov err = -ENOMEM; 1398f0dce1d9SStanislav Fomichev value = kvmalloc(value_size, GFP_USER | __GFP_NOWARN); 1399db20fd2bSAlexei Starovoitov if (!value) 14008ebe667cSAlexei Starovoitov goto free_key; 14018ebe667cSAlexei Starovoitov 14029330986cSJoanne Koong if (map->map_type == BPF_MAP_TYPE_BLOOM_FILTER) { 14039330986cSJoanne Koong if (copy_from_user(value, uvalue, value_size)) 14049330986cSJoanne Koong err = -EFAULT; 14059330986cSJoanne Koong else 14069330986cSJoanne Koong err = bpf_map_copy_value(map, key, value, attr->flags); 14079330986cSJoanne Koong goto free_value; 14089330986cSJoanne Koong } 14099330986cSJoanne Koong 141015c14a3dSBrian Vazquez err = bpf_map_copy_value(map, key, value, attr->flags); 141115a07b33SAlexei Starovoitov if (err) 14128ebe667cSAlexei Starovoitov goto free_value; 1413db20fd2bSAlexei Starovoitov 1414db20fd2bSAlexei Starovoitov err = -EFAULT; 141515a07b33SAlexei Starovoitov if (copy_to_user(uvalue, value, value_size) != 0) 14168ebe667cSAlexei Starovoitov goto free_value; 1417db20fd2bSAlexei Starovoitov 1418db20fd2bSAlexei Starovoitov err = 0; 1419db20fd2bSAlexei Starovoitov 14208ebe667cSAlexei Starovoitov free_value: 1421f0dce1d9SStanislav Fomichev kvfree(value); 1422db20fd2bSAlexei Starovoitov free_key: 142344779a4bSStanislav Fomichev kvfree(key); 1424db20fd2bSAlexei Starovoitov err_put: 1425db20fd2bSAlexei Starovoitov fdput(f); 1426db20fd2bSAlexei Starovoitov return err; 1427db20fd2bSAlexei Starovoitov } 1428db20fd2bSAlexei Starovoitov 14291ae80cf3SDaniel Colascione 14303274f520SAlexei Starovoitov #define BPF_MAP_UPDATE_ELEM_LAST_FIELD flags 1431db20fd2bSAlexei Starovoitov 1432af2ac3e1SAlexei Starovoitov static int map_update_elem(union bpf_attr *attr, bpfptr_t uattr) 1433db20fd2bSAlexei Starovoitov { 1434af2ac3e1SAlexei Starovoitov bpfptr_t ukey = make_bpfptr(attr->key, uattr.is_kernel); 1435af2ac3e1SAlexei Starovoitov bpfptr_t uvalue = make_bpfptr(attr->value, uattr.is_kernel); 1436db20fd2bSAlexei Starovoitov int ufd = attr->map_fd; 1437db20fd2bSAlexei Starovoitov struct bpf_map *map; 1438db20fd2bSAlexei Starovoitov void *key, *value; 143915a07b33SAlexei Starovoitov u32 value_size; 1440592867bfSDaniel Borkmann struct fd f; 1441db20fd2bSAlexei Starovoitov int err; 1442db20fd2bSAlexei Starovoitov 1443db20fd2bSAlexei Starovoitov if (CHECK_ATTR(BPF_MAP_UPDATE_ELEM)) 1444db20fd2bSAlexei Starovoitov return -EINVAL; 1445db20fd2bSAlexei Starovoitov 1446592867bfSDaniel Borkmann f = fdget(ufd); 1447c2101297SDaniel Borkmann map = __bpf_map_get(f); 1448db20fd2bSAlexei Starovoitov if (IS_ERR(map)) 1449db20fd2bSAlexei Starovoitov return PTR_ERR(map); 1450353050beSDaniel Borkmann bpf_map_write_active_inc(map); 145187df15deSDaniel Borkmann if (!(map_get_sys_perms(map, f) & FMODE_CAN_WRITE)) { 14526e71b04aSChenbo Feng err = -EPERM; 14536e71b04aSChenbo Feng goto err_put; 14546e71b04aSChenbo Feng } 14556e71b04aSChenbo Feng 145696049f3aSAlexei Starovoitov if ((attr->flags & BPF_F_LOCK) && 1457db559117SKumar Kartikeya Dwivedi !btf_record_has_field(map->record, BPF_SPIN_LOCK)) { 145896049f3aSAlexei Starovoitov err = -EINVAL; 145996049f3aSAlexei Starovoitov goto err_put; 146096049f3aSAlexei Starovoitov } 146196049f3aSAlexei Starovoitov 1462af2ac3e1SAlexei Starovoitov key = ___bpf_copy_key(ukey, map->key_size); 1463e4448ed8SAl Viro if (IS_ERR(key)) { 1464e4448ed8SAl Viro err = PTR_ERR(key); 1465db20fd2bSAlexei Starovoitov goto err_put; 1466e4448ed8SAl Viro } 1467db20fd2bSAlexei Starovoitov 1468f0dce1d9SStanislav Fomichev value_size = bpf_map_value_size(map); 1469a02c118eSWang Yufen value = kvmemdup_bpfptr(uvalue, value_size); 1470a02c118eSWang Yufen if (IS_ERR(value)) { 1471a02c118eSWang Yufen err = PTR_ERR(value); 1472db20fd2bSAlexei Starovoitov goto free_key; 1473a02c118eSWang Yufen } 1474db20fd2bSAlexei Starovoitov 14753af43ba4SHou Tao err = bpf_map_update_value(map, f.file, key, value, attr->flags); 14766710e112SJesper Dangaard Brouer 1477f0dce1d9SStanislav Fomichev kvfree(value); 1478db20fd2bSAlexei Starovoitov free_key: 147944779a4bSStanislav Fomichev kvfree(key); 1480db20fd2bSAlexei Starovoitov err_put: 1481353050beSDaniel Borkmann bpf_map_write_active_dec(map); 1482db20fd2bSAlexei Starovoitov fdput(f); 1483db20fd2bSAlexei Starovoitov return err; 1484db20fd2bSAlexei Starovoitov } 1485db20fd2bSAlexei Starovoitov 1486db20fd2bSAlexei Starovoitov #define BPF_MAP_DELETE_ELEM_LAST_FIELD key 1487db20fd2bSAlexei Starovoitov 1488b88df697SBenjamin Tissoires static int map_delete_elem(union bpf_attr *attr, bpfptr_t uattr) 1489db20fd2bSAlexei Starovoitov { 1490b88df697SBenjamin Tissoires bpfptr_t ukey = make_bpfptr(attr->key, uattr.is_kernel); 1491db20fd2bSAlexei Starovoitov int ufd = attr->map_fd; 1492db20fd2bSAlexei Starovoitov struct bpf_map *map; 1493592867bfSDaniel Borkmann struct fd f; 1494db20fd2bSAlexei Starovoitov void *key; 1495db20fd2bSAlexei Starovoitov int err; 1496db20fd2bSAlexei Starovoitov 1497db20fd2bSAlexei Starovoitov if (CHECK_ATTR(BPF_MAP_DELETE_ELEM)) 1498db20fd2bSAlexei Starovoitov return -EINVAL; 1499db20fd2bSAlexei Starovoitov 1500592867bfSDaniel Borkmann f = fdget(ufd); 1501c2101297SDaniel Borkmann map = __bpf_map_get(f); 1502db20fd2bSAlexei Starovoitov if (IS_ERR(map)) 1503db20fd2bSAlexei Starovoitov return PTR_ERR(map); 1504353050beSDaniel Borkmann bpf_map_write_active_inc(map); 150587df15deSDaniel Borkmann if (!(map_get_sys_perms(map, f) & FMODE_CAN_WRITE)) { 15066e71b04aSChenbo Feng err = -EPERM; 15076e71b04aSChenbo Feng goto err_put; 15086e71b04aSChenbo Feng } 15096e71b04aSChenbo Feng 1510b88df697SBenjamin Tissoires key = ___bpf_copy_key(ukey, map->key_size); 1511e4448ed8SAl Viro if (IS_ERR(key)) { 1512e4448ed8SAl Viro err = PTR_ERR(key); 1513db20fd2bSAlexei Starovoitov goto err_put; 1514e4448ed8SAl Viro } 1515db20fd2bSAlexei Starovoitov 15169d03ebc7SStanislav Fomichev if (bpf_map_is_offloaded(map)) { 1517a3884572SJakub Kicinski err = bpf_map_offload_delete_elem(map, key); 1518a3884572SJakub Kicinski goto out; 151985d33df3SMartin KaFai Lau } else if (IS_FD_PROG_ARRAY(map) || 152085d33df3SMartin KaFai Lau map->map_type == BPF_MAP_TYPE_STRUCT_OPS) { 152185d33df3SMartin KaFai Lau /* These maps require sleepable context */ 1522da765a2fSDaniel Borkmann err = map->ops->map_delete_elem(map, key); 1523da765a2fSDaniel Borkmann goto out; 1524a3884572SJakub Kicinski } 1525a3884572SJakub Kicinski 1526b6e5dae1SThomas Gleixner bpf_disable_instrumentation(); 1527db20fd2bSAlexei Starovoitov rcu_read_lock(); 1528db20fd2bSAlexei Starovoitov err = map->ops->map_delete_elem(map, key); 1529db20fd2bSAlexei Starovoitov rcu_read_unlock(); 1530b6e5dae1SThomas Gleixner bpf_enable_instrumentation(); 15311ae80cf3SDaniel Colascione maybe_wait_bpf_programs(map); 1532a3884572SJakub Kicinski out: 153344779a4bSStanislav Fomichev kvfree(key); 1534db20fd2bSAlexei Starovoitov err_put: 1535353050beSDaniel Borkmann bpf_map_write_active_dec(map); 1536db20fd2bSAlexei Starovoitov fdput(f); 1537db20fd2bSAlexei Starovoitov return err; 1538db20fd2bSAlexei Starovoitov } 1539db20fd2bSAlexei Starovoitov 1540db20fd2bSAlexei Starovoitov /* last field in 'union bpf_attr' used by this command */ 1541db20fd2bSAlexei Starovoitov #define BPF_MAP_GET_NEXT_KEY_LAST_FIELD next_key 1542db20fd2bSAlexei Starovoitov 1543db20fd2bSAlexei Starovoitov static int map_get_next_key(union bpf_attr *attr) 1544db20fd2bSAlexei Starovoitov { 1545535e7b4bSMickaël Salaün void __user *ukey = u64_to_user_ptr(attr->key); 1546535e7b4bSMickaël Salaün void __user *unext_key = u64_to_user_ptr(attr->next_key); 1547db20fd2bSAlexei Starovoitov int ufd = attr->map_fd; 1548db20fd2bSAlexei Starovoitov struct bpf_map *map; 1549db20fd2bSAlexei Starovoitov void *key, *next_key; 1550592867bfSDaniel Borkmann struct fd f; 1551db20fd2bSAlexei Starovoitov int err; 1552db20fd2bSAlexei Starovoitov 1553db20fd2bSAlexei Starovoitov if (CHECK_ATTR(BPF_MAP_GET_NEXT_KEY)) 1554db20fd2bSAlexei Starovoitov return -EINVAL; 1555db20fd2bSAlexei Starovoitov 1556592867bfSDaniel Borkmann f = fdget(ufd); 1557c2101297SDaniel Borkmann map = __bpf_map_get(f); 1558db20fd2bSAlexei Starovoitov if (IS_ERR(map)) 1559db20fd2bSAlexei Starovoitov return PTR_ERR(map); 156087df15deSDaniel Borkmann if (!(map_get_sys_perms(map, f) & FMODE_CAN_READ)) { 15616e71b04aSChenbo Feng err = -EPERM; 15626e71b04aSChenbo Feng goto err_put; 15636e71b04aSChenbo Feng } 15646e71b04aSChenbo Feng 15658fe45924STeng Qin if (ukey) { 1566c9d29f46SMauricio Vasquez B key = __bpf_copy_key(ukey, map->key_size); 1567e4448ed8SAl Viro if (IS_ERR(key)) { 1568e4448ed8SAl Viro err = PTR_ERR(key); 1569db20fd2bSAlexei Starovoitov goto err_put; 1570e4448ed8SAl Viro } 15718fe45924STeng Qin } else { 15728fe45924STeng Qin key = NULL; 15738fe45924STeng Qin } 1574db20fd2bSAlexei Starovoitov 1575db20fd2bSAlexei Starovoitov err = -ENOMEM; 157644779a4bSStanislav Fomichev next_key = kvmalloc(map->key_size, GFP_USER); 1577db20fd2bSAlexei Starovoitov if (!next_key) 1578db20fd2bSAlexei Starovoitov goto free_key; 1579db20fd2bSAlexei Starovoitov 15809d03ebc7SStanislav Fomichev if (bpf_map_is_offloaded(map)) { 1581a3884572SJakub Kicinski err = bpf_map_offload_get_next_key(map, key, next_key); 1582a3884572SJakub Kicinski goto out; 1583a3884572SJakub Kicinski } 1584a3884572SJakub Kicinski 1585db20fd2bSAlexei Starovoitov rcu_read_lock(); 1586db20fd2bSAlexei Starovoitov err = map->ops->map_get_next_key(map, key, next_key); 1587db20fd2bSAlexei Starovoitov rcu_read_unlock(); 1588a3884572SJakub Kicinski out: 1589db20fd2bSAlexei Starovoitov if (err) 1590db20fd2bSAlexei Starovoitov goto free_next_key; 1591db20fd2bSAlexei Starovoitov 1592db20fd2bSAlexei Starovoitov err = -EFAULT; 1593db20fd2bSAlexei Starovoitov if (copy_to_user(unext_key, next_key, map->key_size) != 0) 1594db20fd2bSAlexei Starovoitov goto free_next_key; 1595db20fd2bSAlexei Starovoitov 1596db20fd2bSAlexei Starovoitov err = 0; 1597db20fd2bSAlexei Starovoitov 1598db20fd2bSAlexei Starovoitov free_next_key: 159944779a4bSStanislav Fomichev kvfree(next_key); 1600db20fd2bSAlexei Starovoitov free_key: 160144779a4bSStanislav Fomichev kvfree(key); 1602db20fd2bSAlexei Starovoitov err_put: 1603db20fd2bSAlexei Starovoitov fdput(f); 1604db20fd2bSAlexei Starovoitov return err; 1605db20fd2bSAlexei Starovoitov } 1606db20fd2bSAlexei Starovoitov 1607aa2e93b8SBrian Vazquez int generic_map_delete_batch(struct bpf_map *map, 1608aa2e93b8SBrian Vazquez const union bpf_attr *attr, 1609aa2e93b8SBrian Vazquez union bpf_attr __user *uattr) 1610aa2e93b8SBrian Vazquez { 1611aa2e93b8SBrian Vazquez void __user *keys = u64_to_user_ptr(attr->batch.keys); 1612aa2e93b8SBrian Vazquez u32 cp, max_count; 1613aa2e93b8SBrian Vazquez int err = 0; 1614aa2e93b8SBrian Vazquez void *key; 1615aa2e93b8SBrian Vazquez 1616aa2e93b8SBrian Vazquez if (attr->batch.elem_flags & ~BPF_F_LOCK) 1617aa2e93b8SBrian Vazquez return -EINVAL; 1618aa2e93b8SBrian Vazquez 1619aa2e93b8SBrian Vazquez if ((attr->batch.elem_flags & BPF_F_LOCK) && 1620db559117SKumar Kartikeya Dwivedi !btf_record_has_field(map->record, BPF_SPIN_LOCK)) { 1621aa2e93b8SBrian Vazquez return -EINVAL; 1622aa2e93b8SBrian Vazquez } 1623aa2e93b8SBrian Vazquez 1624aa2e93b8SBrian Vazquez max_count = attr->batch.count; 1625aa2e93b8SBrian Vazquez if (!max_count) 1626aa2e93b8SBrian Vazquez return 0; 1627aa2e93b8SBrian Vazquez 162844779a4bSStanislav Fomichev key = kvmalloc(map->key_size, GFP_USER | __GFP_NOWARN); 16292e3a94aaSBrian Vazquez if (!key) 16302e3a94aaSBrian Vazquez return -ENOMEM; 16312e3a94aaSBrian Vazquez 1632aa2e93b8SBrian Vazquez for (cp = 0; cp < max_count; cp++) { 16332e3a94aaSBrian Vazquez err = -EFAULT; 16342e3a94aaSBrian Vazquez if (copy_from_user(key, keys + cp * map->key_size, 16352e3a94aaSBrian Vazquez map->key_size)) 1636aa2e93b8SBrian Vazquez break; 1637aa2e93b8SBrian Vazquez 16389d03ebc7SStanislav Fomichev if (bpf_map_is_offloaded(map)) { 1639aa2e93b8SBrian Vazquez err = bpf_map_offload_delete_elem(map, key); 1640aa2e93b8SBrian Vazquez break; 1641aa2e93b8SBrian Vazquez } 1642aa2e93b8SBrian Vazquez 1643b6e5dae1SThomas Gleixner bpf_disable_instrumentation(); 1644aa2e93b8SBrian Vazquez rcu_read_lock(); 1645aa2e93b8SBrian Vazquez err = map->ops->map_delete_elem(map, key); 1646aa2e93b8SBrian Vazquez rcu_read_unlock(); 1647b6e5dae1SThomas Gleixner bpf_enable_instrumentation(); 1648aa2e93b8SBrian Vazquez if (err) 1649aa2e93b8SBrian Vazquez break; 165075134f16SEric Dumazet cond_resched(); 1651aa2e93b8SBrian Vazquez } 1652aa2e93b8SBrian Vazquez if (copy_to_user(&uattr->batch.count, &cp, sizeof(cp))) 1653aa2e93b8SBrian Vazquez err = -EFAULT; 16542e3a94aaSBrian Vazquez 165544779a4bSStanislav Fomichev kvfree(key); 16569087c6ffSEric Dumazet 16579087c6ffSEric Dumazet maybe_wait_bpf_programs(map); 1658aa2e93b8SBrian Vazquez return err; 1659aa2e93b8SBrian Vazquez } 1660aa2e93b8SBrian Vazquez 16613af43ba4SHou Tao int generic_map_update_batch(struct bpf_map *map, struct file *map_file, 1662aa2e93b8SBrian Vazquez const union bpf_attr *attr, 1663aa2e93b8SBrian Vazquez union bpf_attr __user *uattr) 1664aa2e93b8SBrian Vazquez { 1665aa2e93b8SBrian Vazquez void __user *values = u64_to_user_ptr(attr->batch.values); 1666aa2e93b8SBrian Vazquez void __user *keys = u64_to_user_ptr(attr->batch.keys); 1667aa2e93b8SBrian Vazquez u32 value_size, cp, max_count; 1668aa2e93b8SBrian Vazquez void *key, *value; 1669aa2e93b8SBrian Vazquez int err = 0; 1670aa2e93b8SBrian Vazquez 1671aa2e93b8SBrian Vazquez if (attr->batch.elem_flags & ~BPF_F_LOCK) 1672aa2e93b8SBrian Vazquez return -EINVAL; 1673aa2e93b8SBrian Vazquez 1674aa2e93b8SBrian Vazquez if ((attr->batch.elem_flags & BPF_F_LOCK) && 1675db559117SKumar Kartikeya Dwivedi !btf_record_has_field(map->record, BPF_SPIN_LOCK)) { 1676aa2e93b8SBrian Vazquez return -EINVAL; 1677aa2e93b8SBrian Vazquez } 1678aa2e93b8SBrian Vazquez 1679aa2e93b8SBrian Vazquez value_size = bpf_map_value_size(map); 1680aa2e93b8SBrian Vazquez 1681aa2e93b8SBrian Vazquez max_count = attr->batch.count; 1682aa2e93b8SBrian Vazquez if (!max_count) 1683aa2e93b8SBrian Vazquez return 0; 1684aa2e93b8SBrian Vazquez 168544779a4bSStanislav Fomichev key = kvmalloc(map->key_size, GFP_USER | __GFP_NOWARN); 16862e3a94aaSBrian Vazquez if (!key) 1687aa2e93b8SBrian Vazquez return -ENOMEM; 1688aa2e93b8SBrian Vazquez 1689f0dce1d9SStanislav Fomichev value = kvmalloc(value_size, GFP_USER | __GFP_NOWARN); 16902e3a94aaSBrian Vazquez if (!value) { 169144779a4bSStanislav Fomichev kvfree(key); 16922e3a94aaSBrian Vazquez return -ENOMEM; 1693aa2e93b8SBrian Vazquez } 16942e3a94aaSBrian Vazquez 16952e3a94aaSBrian Vazquez for (cp = 0; cp < max_count; cp++) { 1696aa2e93b8SBrian Vazquez err = -EFAULT; 16972e3a94aaSBrian Vazquez if (copy_from_user(key, keys + cp * map->key_size, 16982e3a94aaSBrian Vazquez map->key_size) || 16992e3a94aaSBrian Vazquez copy_from_user(value, values + cp * value_size, value_size)) 1700aa2e93b8SBrian Vazquez break; 1701aa2e93b8SBrian Vazquez 17023af43ba4SHou Tao err = bpf_map_update_value(map, map_file, key, value, 1703aa2e93b8SBrian Vazquez attr->batch.elem_flags); 1704aa2e93b8SBrian Vazquez 1705aa2e93b8SBrian Vazquez if (err) 1706aa2e93b8SBrian Vazquez break; 170775134f16SEric Dumazet cond_resched(); 1708aa2e93b8SBrian Vazquez } 1709aa2e93b8SBrian Vazquez 1710aa2e93b8SBrian Vazquez if (copy_to_user(&uattr->batch.count, &cp, sizeof(cp))) 1711aa2e93b8SBrian Vazquez err = -EFAULT; 1712aa2e93b8SBrian Vazquez 1713f0dce1d9SStanislav Fomichev kvfree(value); 171444779a4bSStanislav Fomichev kvfree(key); 1715aa2e93b8SBrian Vazquez return err; 1716aa2e93b8SBrian Vazquez } 1717aa2e93b8SBrian Vazquez 1718cb4d03abSBrian Vazquez #define MAP_LOOKUP_RETRIES 3 1719cb4d03abSBrian Vazquez 1720cb4d03abSBrian Vazquez int generic_map_lookup_batch(struct bpf_map *map, 1721cb4d03abSBrian Vazquez const union bpf_attr *attr, 1722cb4d03abSBrian Vazquez union bpf_attr __user *uattr) 1723cb4d03abSBrian Vazquez { 1724cb4d03abSBrian Vazquez void __user *uobatch = u64_to_user_ptr(attr->batch.out_batch); 1725cb4d03abSBrian Vazquez void __user *ubatch = u64_to_user_ptr(attr->batch.in_batch); 1726cb4d03abSBrian Vazquez void __user *values = u64_to_user_ptr(attr->batch.values); 1727cb4d03abSBrian Vazquez void __user *keys = u64_to_user_ptr(attr->batch.keys); 1728cb4d03abSBrian Vazquez void *buf, *buf_prevkey, *prev_key, *key, *value; 1729cb4d03abSBrian Vazquez int err, retry = MAP_LOOKUP_RETRIES; 1730cb4d03abSBrian Vazquez u32 value_size, cp, max_count; 1731cb4d03abSBrian Vazquez 1732cb4d03abSBrian Vazquez if (attr->batch.elem_flags & ~BPF_F_LOCK) 1733cb4d03abSBrian Vazquez return -EINVAL; 1734cb4d03abSBrian Vazquez 1735cb4d03abSBrian Vazquez if ((attr->batch.elem_flags & BPF_F_LOCK) && 1736db559117SKumar Kartikeya Dwivedi !btf_record_has_field(map->record, BPF_SPIN_LOCK)) 1737cb4d03abSBrian Vazquez return -EINVAL; 1738cb4d03abSBrian Vazquez 1739cb4d03abSBrian Vazquez value_size = bpf_map_value_size(map); 1740cb4d03abSBrian Vazquez 1741cb4d03abSBrian Vazquez max_count = attr->batch.count; 1742cb4d03abSBrian Vazquez if (!max_count) 1743cb4d03abSBrian Vazquez return 0; 1744cb4d03abSBrian Vazquez 1745cb4d03abSBrian Vazquez if (put_user(0, &uattr->batch.count)) 1746cb4d03abSBrian Vazquez return -EFAULT; 1747cb4d03abSBrian Vazquez 174844779a4bSStanislav Fomichev buf_prevkey = kvmalloc(map->key_size, GFP_USER | __GFP_NOWARN); 1749cb4d03abSBrian Vazquez if (!buf_prevkey) 1750cb4d03abSBrian Vazquez return -ENOMEM; 1751cb4d03abSBrian Vazquez 1752f0dce1d9SStanislav Fomichev buf = kvmalloc(map->key_size + value_size, GFP_USER | __GFP_NOWARN); 1753cb4d03abSBrian Vazquez if (!buf) { 175444779a4bSStanislav Fomichev kvfree(buf_prevkey); 1755cb4d03abSBrian Vazquez return -ENOMEM; 1756cb4d03abSBrian Vazquez } 1757cb4d03abSBrian Vazquez 1758cb4d03abSBrian Vazquez err = -EFAULT; 1759cb4d03abSBrian Vazquez prev_key = NULL; 1760cb4d03abSBrian Vazquez if (ubatch && copy_from_user(buf_prevkey, ubatch, map->key_size)) 1761cb4d03abSBrian Vazquez goto free_buf; 1762cb4d03abSBrian Vazquez key = buf; 1763cb4d03abSBrian Vazquez value = key + map->key_size; 1764cb4d03abSBrian Vazquez if (ubatch) 1765cb4d03abSBrian Vazquez prev_key = buf_prevkey; 1766cb4d03abSBrian Vazquez 1767cb4d03abSBrian Vazquez for (cp = 0; cp < max_count;) { 1768cb4d03abSBrian Vazquez rcu_read_lock(); 1769cb4d03abSBrian Vazquez err = map->ops->map_get_next_key(map, prev_key, key); 1770cb4d03abSBrian Vazquez rcu_read_unlock(); 1771cb4d03abSBrian Vazquez if (err) 1772cb4d03abSBrian Vazquez break; 1773cb4d03abSBrian Vazquez err = bpf_map_copy_value(map, key, value, 1774cb4d03abSBrian Vazquez attr->batch.elem_flags); 1775cb4d03abSBrian Vazquez 1776cb4d03abSBrian Vazquez if (err == -ENOENT) { 1777cb4d03abSBrian Vazquez if (retry) { 1778cb4d03abSBrian Vazquez retry--; 1779cb4d03abSBrian Vazquez continue; 1780cb4d03abSBrian Vazquez } 1781cb4d03abSBrian Vazquez err = -EINTR; 1782cb4d03abSBrian Vazquez break; 1783cb4d03abSBrian Vazquez } 1784cb4d03abSBrian Vazquez 1785cb4d03abSBrian Vazquez if (err) 1786cb4d03abSBrian Vazquez goto free_buf; 1787cb4d03abSBrian Vazquez 1788cb4d03abSBrian Vazquez if (copy_to_user(keys + cp * map->key_size, key, 1789cb4d03abSBrian Vazquez map->key_size)) { 1790cb4d03abSBrian Vazquez err = -EFAULT; 1791cb4d03abSBrian Vazquez goto free_buf; 1792cb4d03abSBrian Vazquez } 1793cb4d03abSBrian Vazquez if (copy_to_user(values + cp * value_size, value, value_size)) { 1794cb4d03abSBrian Vazquez err = -EFAULT; 1795cb4d03abSBrian Vazquez goto free_buf; 1796cb4d03abSBrian Vazquez } 1797cb4d03abSBrian Vazquez 1798cb4d03abSBrian Vazquez if (!prev_key) 1799cb4d03abSBrian Vazquez prev_key = buf_prevkey; 1800cb4d03abSBrian Vazquez 1801cb4d03abSBrian Vazquez swap(prev_key, key); 1802cb4d03abSBrian Vazquez retry = MAP_LOOKUP_RETRIES; 1803cb4d03abSBrian Vazquez cp++; 180475134f16SEric Dumazet cond_resched(); 1805cb4d03abSBrian Vazquez } 1806cb4d03abSBrian Vazquez 1807cb4d03abSBrian Vazquez if (err == -EFAULT) 1808cb4d03abSBrian Vazquez goto free_buf; 1809cb4d03abSBrian Vazquez 1810cb4d03abSBrian Vazquez if ((copy_to_user(&uattr->batch.count, &cp, sizeof(cp)) || 1811cb4d03abSBrian Vazquez (cp && copy_to_user(uobatch, prev_key, map->key_size)))) 1812cb4d03abSBrian Vazquez err = -EFAULT; 1813cb4d03abSBrian Vazquez 1814cb4d03abSBrian Vazquez free_buf: 181544779a4bSStanislav Fomichev kvfree(buf_prevkey); 1816f0dce1d9SStanislav Fomichev kvfree(buf); 1817cb4d03abSBrian Vazquez return err; 1818cb4d03abSBrian Vazquez } 1819cb4d03abSBrian Vazquez 18203e87f192SDenis Salopek #define BPF_MAP_LOOKUP_AND_DELETE_ELEM_LAST_FIELD flags 1821bd513cd0SMauricio Vasquez B 1822bd513cd0SMauricio Vasquez B static int map_lookup_and_delete_elem(union bpf_attr *attr) 1823bd513cd0SMauricio Vasquez B { 1824bd513cd0SMauricio Vasquez B void __user *ukey = u64_to_user_ptr(attr->key); 1825bd513cd0SMauricio Vasquez B void __user *uvalue = u64_to_user_ptr(attr->value); 1826bd513cd0SMauricio Vasquez B int ufd = attr->map_fd; 1827bd513cd0SMauricio Vasquez B struct bpf_map *map; 1828540fefc0SAlexei Starovoitov void *key, *value; 1829bd513cd0SMauricio Vasquez B u32 value_size; 1830bd513cd0SMauricio Vasquez B struct fd f; 1831bd513cd0SMauricio Vasquez B int err; 1832bd513cd0SMauricio Vasquez B 1833bd513cd0SMauricio Vasquez B if (CHECK_ATTR(BPF_MAP_LOOKUP_AND_DELETE_ELEM)) 1834bd513cd0SMauricio Vasquez B return -EINVAL; 1835bd513cd0SMauricio Vasquez B 18363e87f192SDenis Salopek if (attr->flags & ~BPF_F_LOCK) 18373e87f192SDenis Salopek return -EINVAL; 18383e87f192SDenis Salopek 1839bd513cd0SMauricio Vasquez B f = fdget(ufd); 1840bd513cd0SMauricio Vasquez B map = __bpf_map_get(f); 1841bd513cd0SMauricio Vasquez B if (IS_ERR(map)) 1842bd513cd0SMauricio Vasquez B return PTR_ERR(map); 1843353050beSDaniel Borkmann bpf_map_write_active_inc(map); 18441ea0f912SAnton Protopopov if (!(map_get_sys_perms(map, f) & FMODE_CAN_READ) || 18451ea0f912SAnton Protopopov !(map_get_sys_perms(map, f) & FMODE_CAN_WRITE)) { 1846bd513cd0SMauricio Vasquez B err = -EPERM; 1847bd513cd0SMauricio Vasquez B goto err_put; 1848bd513cd0SMauricio Vasquez B } 1849bd513cd0SMauricio Vasquez B 18503e87f192SDenis Salopek if (attr->flags && 18513e87f192SDenis Salopek (map->map_type == BPF_MAP_TYPE_QUEUE || 18523e87f192SDenis Salopek map->map_type == BPF_MAP_TYPE_STACK)) { 18533e87f192SDenis Salopek err = -EINVAL; 18543e87f192SDenis Salopek goto err_put; 18553e87f192SDenis Salopek } 18563e87f192SDenis Salopek 18573e87f192SDenis Salopek if ((attr->flags & BPF_F_LOCK) && 1858db559117SKumar Kartikeya Dwivedi !btf_record_has_field(map->record, BPF_SPIN_LOCK)) { 18593e87f192SDenis Salopek err = -EINVAL; 18603e87f192SDenis Salopek goto err_put; 18613e87f192SDenis Salopek } 18623e87f192SDenis Salopek 1863bd513cd0SMauricio Vasquez B key = __bpf_copy_key(ukey, map->key_size); 1864bd513cd0SMauricio Vasquez B if (IS_ERR(key)) { 1865bd513cd0SMauricio Vasquez B err = PTR_ERR(key); 1866bd513cd0SMauricio Vasquez B goto err_put; 1867bd513cd0SMauricio Vasquez B } 1868bd513cd0SMauricio Vasquez B 18693e87f192SDenis Salopek value_size = bpf_map_value_size(map); 1870bd513cd0SMauricio Vasquez B 1871bd513cd0SMauricio Vasquez B err = -ENOMEM; 1872f0dce1d9SStanislav Fomichev value = kvmalloc(value_size, GFP_USER | __GFP_NOWARN); 1873bd513cd0SMauricio Vasquez B if (!value) 1874bd513cd0SMauricio Vasquez B goto free_key; 1875bd513cd0SMauricio Vasquez B 18763e87f192SDenis Salopek err = -ENOTSUPP; 1877bd513cd0SMauricio Vasquez B if (map->map_type == BPF_MAP_TYPE_QUEUE || 1878bd513cd0SMauricio Vasquez B map->map_type == BPF_MAP_TYPE_STACK) { 1879bd513cd0SMauricio Vasquez B err = map->ops->map_pop_elem(map, value); 18803e87f192SDenis Salopek } else if (map->map_type == BPF_MAP_TYPE_HASH || 18813e87f192SDenis Salopek map->map_type == BPF_MAP_TYPE_PERCPU_HASH || 18823e87f192SDenis Salopek map->map_type == BPF_MAP_TYPE_LRU_HASH || 18833e87f192SDenis Salopek map->map_type == BPF_MAP_TYPE_LRU_PERCPU_HASH) { 18849d03ebc7SStanislav Fomichev if (!bpf_map_is_offloaded(map)) { 18853e87f192SDenis Salopek bpf_disable_instrumentation(); 18863e87f192SDenis Salopek rcu_read_lock(); 18873e87f192SDenis Salopek err = map->ops->map_lookup_and_delete_elem(map, key, value, attr->flags); 18883e87f192SDenis Salopek rcu_read_unlock(); 18893e87f192SDenis Salopek bpf_enable_instrumentation(); 18903e87f192SDenis Salopek } 1891bd513cd0SMauricio Vasquez B } 1892bd513cd0SMauricio Vasquez B 1893bd513cd0SMauricio Vasquez B if (err) 1894bd513cd0SMauricio Vasquez B goto free_value; 1895bd513cd0SMauricio Vasquez B 18967f645462SWei Yongjun if (copy_to_user(uvalue, value, value_size) != 0) { 18977f645462SWei Yongjun err = -EFAULT; 1898bd513cd0SMauricio Vasquez B goto free_value; 18997f645462SWei Yongjun } 1900bd513cd0SMauricio Vasquez B 1901bd513cd0SMauricio Vasquez B err = 0; 1902bd513cd0SMauricio Vasquez B 1903bd513cd0SMauricio Vasquez B free_value: 1904f0dce1d9SStanislav Fomichev kvfree(value); 1905bd513cd0SMauricio Vasquez B free_key: 190644779a4bSStanislav Fomichev kvfree(key); 1907bd513cd0SMauricio Vasquez B err_put: 1908353050beSDaniel Borkmann bpf_map_write_active_dec(map); 1909bd513cd0SMauricio Vasquez B fdput(f); 1910bd513cd0SMauricio Vasquez B return err; 1911bd513cd0SMauricio Vasquez B } 1912bd513cd0SMauricio Vasquez B 191387df15deSDaniel Borkmann #define BPF_MAP_FREEZE_LAST_FIELD map_fd 191487df15deSDaniel Borkmann 191587df15deSDaniel Borkmann static int map_freeze(const union bpf_attr *attr) 191687df15deSDaniel Borkmann { 191787df15deSDaniel Borkmann int err = 0, ufd = attr->map_fd; 191887df15deSDaniel Borkmann struct bpf_map *map; 191987df15deSDaniel Borkmann struct fd f; 192087df15deSDaniel Borkmann 192187df15deSDaniel Borkmann if (CHECK_ATTR(BPF_MAP_FREEZE)) 192287df15deSDaniel Borkmann return -EINVAL; 192387df15deSDaniel Borkmann 192487df15deSDaniel Borkmann f = fdget(ufd); 192587df15deSDaniel Borkmann map = __bpf_map_get(f); 192687df15deSDaniel Borkmann if (IS_ERR(map)) 192787df15deSDaniel Borkmann return PTR_ERR(map); 1928fc970227SAndrii Nakryiko 1929db559117SKumar Kartikeya Dwivedi if (map->map_type == BPF_MAP_TYPE_STRUCT_OPS || !IS_ERR_OR_NULL(map->record)) { 1930849b4d94SMartin KaFai Lau fdput(f); 1931849b4d94SMartin KaFai Lau return -ENOTSUPP; 1932849b4d94SMartin KaFai Lau } 1933849b4d94SMartin KaFai Lau 1934*c4c84f6fSAndrii Nakryiko if (!(map_get_sys_perms(map, f) & FMODE_CAN_WRITE)) { 1935*c4c84f6fSAndrii Nakryiko err = -EPERM; 1936*c4c84f6fSAndrii Nakryiko goto err_put; 1937*c4c84f6fSAndrii Nakryiko } 1938*c4c84f6fSAndrii Nakryiko 1939fc970227SAndrii Nakryiko mutex_lock(&map->freeze_mutex); 1940353050beSDaniel Borkmann if (bpf_map_write_active(map)) { 1941fc970227SAndrii Nakryiko err = -EBUSY; 1942fc970227SAndrii Nakryiko goto err_put; 1943fc970227SAndrii Nakryiko } 194487df15deSDaniel Borkmann if (READ_ONCE(map->frozen)) { 194587df15deSDaniel Borkmann err = -EBUSY; 194687df15deSDaniel Borkmann goto err_put; 194787df15deSDaniel Borkmann } 194887df15deSDaniel Borkmann 194987df15deSDaniel Borkmann WRITE_ONCE(map->frozen, true); 195087df15deSDaniel Borkmann err_put: 1951fc970227SAndrii Nakryiko mutex_unlock(&map->freeze_mutex); 195287df15deSDaniel Borkmann fdput(f); 195387df15deSDaniel Borkmann return err; 195487df15deSDaniel Borkmann } 195587df15deSDaniel Borkmann 19567de16e3aSJakub Kicinski static const struct bpf_prog_ops * const bpf_prog_types[] = { 195791cc1a99SAlexei Starovoitov #define BPF_PROG_TYPE(_id, _name, prog_ctx_type, kern_ctx_type) \ 19587de16e3aSJakub Kicinski [_id] = & _name ## _prog_ops, 19597de16e3aSJakub Kicinski #define BPF_MAP_TYPE(_id, _ops) 1960f2e10bffSAndrii Nakryiko #define BPF_LINK_TYPE(_id, _name) 19617de16e3aSJakub Kicinski #include <linux/bpf_types.h> 19627de16e3aSJakub Kicinski #undef BPF_PROG_TYPE 19637de16e3aSJakub Kicinski #undef BPF_MAP_TYPE 1964f2e10bffSAndrii Nakryiko #undef BPF_LINK_TYPE 19657de16e3aSJakub Kicinski }; 19667de16e3aSJakub Kicinski 196709756af4SAlexei Starovoitov static int find_prog_type(enum bpf_prog_type type, struct bpf_prog *prog) 196809756af4SAlexei Starovoitov { 1969d0f1a451SDaniel Borkmann const struct bpf_prog_ops *ops; 1970d0f1a451SDaniel Borkmann 1971d0f1a451SDaniel Borkmann if (type >= ARRAY_SIZE(bpf_prog_types)) 1972d0f1a451SDaniel Borkmann return -EINVAL; 1973d0f1a451SDaniel Borkmann type = array_index_nospec(type, ARRAY_SIZE(bpf_prog_types)); 1974d0f1a451SDaniel Borkmann ops = bpf_prog_types[type]; 1975d0f1a451SDaniel Borkmann if (!ops) 1976be9370a7SJohannes Berg return -EINVAL; 197709756af4SAlexei Starovoitov 19789d03ebc7SStanislav Fomichev if (!bpf_prog_is_offloaded(prog->aux)) 1979d0f1a451SDaniel Borkmann prog->aux->ops = ops; 1980ab3f0063SJakub Kicinski else 1981ab3f0063SJakub Kicinski prog->aux->ops = &bpf_offload_prog_ops; 198224701eceSDaniel Borkmann prog->type = type; 198309756af4SAlexei Starovoitov return 0; 198409756af4SAlexei Starovoitov } 198509756af4SAlexei Starovoitov 1986bae141f5SDaniel Borkmann enum bpf_audit { 1987bae141f5SDaniel Borkmann BPF_AUDIT_LOAD, 1988bae141f5SDaniel Borkmann BPF_AUDIT_UNLOAD, 1989bae141f5SDaniel Borkmann BPF_AUDIT_MAX, 1990bae141f5SDaniel Borkmann }; 1991bae141f5SDaniel Borkmann 1992bae141f5SDaniel Borkmann static const char * const bpf_audit_str[BPF_AUDIT_MAX] = { 1993bae141f5SDaniel Borkmann [BPF_AUDIT_LOAD] = "LOAD", 1994bae141f5SDaniel Borkmann [BPF_AUDIT_UNLOAD] = "UNLOAD", 1995bae141f5SDaniel Borkmann }; 1996bae141f5SDaniel Borkmann 1997bae141f5SDaniel Borkmann static void bpf_audit_prog(const struct bpf_prog *prog, unsigned int op) 1998bae141f5SDaniel Borkmann { 1999bae141f5SDaniel Borkmann struct audit_context *ctx = NULL; 2000bae141f5SDaniel Borkmann struct audit_buffer *ab; 2001bae141f5SDaniel Borkmann 2002bae141f5SDaniel Borkmann if (WARN_ON_ONCE(op >= BPF_AUDIT_MAX)) 2003bae141f5SDaniel Borkmann return; 2004bae141f5SDaniel Borkmann if (audit_enabled == AUDIT_OFF) 2005bae141f5SDaniel Borkmann return; 2006ef01f4e2SPaul Moore if (!in_irq() && !irqs_disabled()) 2007bae141f5SDaniel Borkmann ctx = audit_context(); 2008bae141f5SDaniel Borkmann ab = audit_log_start(ctx, GFP_ATOMIC, AUDIT_BPF); 2009bae141f5SDaniel Borkmann if (unlikely(!ab)) 2010bae141f5SDaniel Borkmann return; 2011bae141f5SDaniel Borkmann audit_log_format(ab, "prog-id=%u op=%s", 2012bae141f5SDaniel Borkmann prog->aux->id, bpf_audit_str[op]); 2013bae141f5SDaniel Borkmann audit_log_end(ab); 2014bae141f5SDaniel Borkmann } 2015bae141f5SDaniel Borkmann 2016dc4bb0e2SMartin KaFai Lau static int bpf_prog_alloc_id(struct bpf_prog *prog) 2017dc4bb0e2SMartin KaFai Lau { 2018dc4bb0e2SMartin KaFai Lau int id; 2019dc4bb0e2SMartin KaFai Lau 2020b76354cdSShaohua Li idr_preload(GFP_KERNEL); 2021dc4bb0e2SMartin KaFai Lau spin_lock_bh(&prog_idr_lock); 2022dc4bb0e2SMartin KaFai Lau id = idr_alloc_cyclic(&prog_idr, prog, 1, INT_MAX, GFP_ATOMIC); 2023dc4bb0e2SMartin KaFai Lau if (id > 0) 2024dc4bb0e2SMartin KaFai Lau prog->aux->id = id; 2025dc4bb0e2SMartin KaFai Lau spin_unlock_bh(&prog_idr_lock); 2026b76354cdSShaohua Li idr_preload_end(); 2027dc4bb0e2SMartin KaFai Lau 2028dc4bb0e2SMartin KaFai Lau /* id is in [1, INT_MAX) */ 2029dc4bb0e2SMartin KaFai Lau if (WARN_ON_ONCE(!id)) 2030dc4bb0e2SMartin KaFai Lau return -ENOSPC; 2031dc4bb0e2SMartin KaFai Lau 2032dc4bb0e2SMartin KaFai Lau return id > 0 ? 0 : id; 2033dc4bb0e2SMartin KaFai Lau } 2034dc4bb0e2SMartin KaFai Lau 2035e7895f01SPaul Moore void bpf_prog_free_id(struct bpf_prog *prog) 2036dc4bb0e2SMartin KaFai Lau { 2037d809e134SAlexei Starovoitov unsigned long flags; 2038d809e134SAlexei Starovoitov 2039ad8ad79fSJakub Kicinski /* cBPF to eBPF migrations are currently not in the idr store. 2040ad8ad79fSJakub Kicinski * Offloaded programs are removed from the store when their device 2041ad8ad79fSJakub Kicinski * disappears - even if someone grabs an fd to them they are unusable, 2042ad8ad79fSJakub Kicinski * simply waiting for refcnt to drop to be freed. 2043ad8ad79fSJakub Kicinski */ 2044dc4bb0e2SMartin KaFai Lau if (!prog->aux->id) 2045dc4bb0e2SMartin KaFai Lau return; 2046dc4bb0e2SMartin KaFai Lau 2047d809e134SAlexei Starovoitov spin_lock_irqsave(&prog_idr_lock, flags); 2048dc4bb0e2SMartin KaFai Lau idr_remove(&prog_idr, prog->aux->id); 2049ad8ad79fSJakub Kicinski prog->aux->id = 0; 2050d809e134SAlexei Starovoitov spin_unlock_irqrestore(&prog_idr_lock, flags); 2051dc4bb0e2SMartin KaFai Lau } 2052dc4bb0e2SMartin KaFai Lau 20531aacde3dSDaniel Borkmann static void __bpf_prog_put_rcu(struct rcu_head *rcu) 2054abf2e7d6SAlexei Starovoitov { 2055abf2e7d6SAlexei Starovoitov struct bpf_prog_aux *aux = container_of(rcu, struct bpf_prog_aux, rcu); 2056abf2e7d6SAlexei Starovoitov 20573b4d9eb2SDaniel Borkmann kvfree(aux->func_info); 20588c1b6e69SAlexei Starovoitov kfree(aux->func_info_aux); 20593ac1f01bSRoman Gushchin free_uid(aux->user); 2060afdb09c7SChenbo Feng security_bpf_prog_free(aux); 2061abf2e7d6SAlexei Starovoitov bpf_prog_free(aux->prog); 2062abf2e7d6SAlexei Starovoitov } 2063abf2e7d6SAlexei Starovoitov 2064cd7455f1SDaniel Borkmann static void __bpf_prog_put_noref(struct bpf_prog *prog, bool deferred) 2065cd7455f1SDaniel Borkmann { 2066cd7455f1SDaniel Borkmann bpf_prog_kallsyms_del_all(prog); 2067cd7455f1SDaniel Borkmann btf_put(prog->aux->btf); 206831bf1dbcSViktor Malik module_put(prog->aux->mod); 2069e16301fbSMartin KaFai Lau kvfree(prog->aux->jited_linfo); 2070e16301fbSMartin KaFai Lau kvfree(prog->aux->linfo); 2071e6ac2450SMartin KaFai Lau kfree(prog->aux->kfunc_tab); 207222dc4a0fSAndrii Nakryiko if (prog->aux->attach_btf) 207322dc4a0fSAndrii Nakryiko btf_put(prog->aux->attach_btf); 2074cd7455f1SDaniel Borkmann 20751e6c62a8SAlexei Starovoitov if (deferred) { 20761e6c62a8SAlexei Starovoitov if (prog->aux->sleepable) 20771e6c62a8SAlexei Starovoitov call_rcu_tasks_trace(&prog->aux->rcu, __bpf_prog_put_rcu); 2078cd7455f1SDaniel Borkmann else 20791e6c62a8SAlexei Starovoitov call_rcu(&prog->aux->rcu, __bpf_prog_put_rcu); 20801e6c62a8SAlexei Starovoitov } else { 2081cd7455f1SDaniel Borkmann __bpf_prog_put_rcu(&prog->aux->rcu); 2082cd7455f1SDaniel Borkmann } 20831e6c62a8SAlexei Starovoitov } 2084cd7455f1SDaniel Borkmann 2085d809e134SAlexei Starovoitov static void bpf_prog_put_deferred(struct work_struct *work) 208609756af4SAlexei Starovoitov { 2087d809e134SAlexei Starovoitov struct bpf_prog_aux *aux; 2088d809e134SAlexei Starovoitov struct bpf_prog *prog; 2089d809e134SAlexei Starovoitov 2090d809e134SAlexei Starovoitov aux = container_of(work, struct bpf_prog_aux, work); 2091d809e134SAlexei Starovoitov prog = aux->prog; 20926ee52e2aSSong Liu perf_event_bpf_event(prog, PERF_BPF_EVENT_PROG_UNLOAD, 0); 2093bae141f5SDaniel Borkmann bpf_audit_prog(prog, BPF_AUDIT_UNLOAD); 2094e7895f01SPaul Moore bpf_prog_free_id(prog); 2095d809e134SAlexei Starovoitov __bpf_prog_put_noref(prog, true); 2096d809e134SAlexei Starovoitov } 2097d809e134SAlexei Starovoitov 2098e7895f01SPaul Moore static void __bpf_prog_put(struct bpf_prog *prog) 2099d809e134SAlexei Starovoitov { 2100d809e134SAlexei Starovoitov struct bpf_prog_aux *aux = prog->aux; 2101d809e134SAlexei Starovoitov 2102d809e134SAlexei Starovoitov if (atomic64_dec_and_test(&aux->refcnt)) { 2103d809e134SAlexei Starovoitov if (in_irq() || irqs_disabled()) { 2104d809e134SAlexei Starovoitov INIT_WORK(&aux->work, bpf_prog_put_deferred); 2105d809e134SAlexei Starovoitov schedule_work(&aux->work); 2106d809e134SAlexei Starovoitov } else { 2107d809e134SAlexei Starovoitov bpf_prog_put_deferred(&aux->work); 2108d809e134SAlexei Starovoitov } 210909756af4SAlexei Starovoitov } 2110a67edbf4SDaniel Borkmann } 2111b16d9aa4SMartin KaFai Lau 2112b16d9aa4SMartin KaFai Lau void bpf_prog_put(struct bpf_prog *prog) 2113b16d9aa4SMartin KaFai Lau { 2114e7895f01SPaul Moore __bpf_prog_put(prog); 2115b16d9aa4SMartin KaFai Lau } 2116e2e9b654SDaniel Borkmann EXPORT_SYMBOL_GPL(bpf_prog_put); 211709756af4SAlexei Starovoitov 211809756af4SAlexei Starovoitov static int bpf_prog_release(struct inode *inode, struct file *filp) 211909756af4SAlexei Starovoitov { 212009756af4SAlexei Starovoitov struct bpf_prog *prog = filp->private_data; 212109756af4SAlexei Starovoitov 21221aacde3dSDaniel Borkmann bpf_prog_put(prog); 212309756af4SAlexei Starovoitov return 0; 212409756af4SAlexei Starovoitov } 212509756af4SAlexei Starovoitov 212661a0abaeSEric Dumazet struct bpf_prog_kstats { 212761a0abaeSEric Dumazet u64 nsecs; 212861a0abaeSEric Dumazet u64 cnt; 212961a0abaeSEric Dumazet u64 misses; 213061a0abaeSEric Dumazet }; 213161a0abaeSEric Dumazet 213205b24ff9SJiri Olsa void notrace bpf_prog_inc_misses_counter(struct bpf_prog *prog) 213305b24ff9SJiri Olsa { 213405b24ff9SJiri Olsa struct bpf_prog_stats *stats; 213505b24ff9SJiri Olsa unsigned int flags; 213605b24ff9SJiri Olsa 213705b24ff9SJiri Olsa stats = this_cpu_ptr(prog->stats); 213805b24ff9SJiri Olsa flags = u64_stats_update_begin_irqsave(&stats->syncp); 213905b24ff9SJiri Olsa u64_stats_inc(&stats->misses); 214005b24ff9SJiri Olsa u64_stats_update_end_irqrestore(&stats->syncp, flags); 214105b24ff9SJiri Olsa } 214205b24ff9SJiri Olsa 2143492ecee8SAlexei Starovoitov static void bpf_prog_get_stats(const struct bpf_prog *prog, 214461a0abaeSEric Dumazet struct bpf_prog_kstats *stats) 2145492ecee8SAlexei Starovoitov { 21469ed9e9baSAlexei Starovoitov u64 nsecs = 0, cnt = 0, misses = 0; 2147492ecee8SAlexei Starovoitov int cpu; 2148492ecee8SAlexei Starovoitov 2149492ecee8SAlexei Starovoitov for_each_possible_cpu(cpu) { 2150492ecee8SAlexei Starovoitov const struct bpf_prog_stats *st; 2151492ecee8SAlexei Starovoitov unsigned int start; 21529ed9e9baSAlexei Starovoitov u64 tnsecs, tcnt, tmisses; 2153492ecee8SAlexei Starovoitov 2154700d4796SAlexei Starovoitov st = per_cpu_ptr(prog->stats, cpu); 2155492ecee8SAlexei Starovoitov do { 215697c4090bSThomas Gleixner start = u64_stats_fetch_begin(&st->syncp); 215761a0abaeSEric Dumazet tnsecs = u64_stats_read(&st->nsecs); 215861a0abaeSEric Dumazet tcnt = u64_stats_read(&st->cnt); 215961a0abaeSEric Dumazet tmisses = u64_stats_read(&st->misses); 216097c4090bSThomas Gleixner } while (u64_stats_fetch_retry(&st->syncp, start)); 2161492ecee8SAlexei Starovoitov nsecs += tnsecs; 2162492ecee8SAlexei Starovoitov cnt += tcnt; 21639ed9e9baSAlexei Starovoitov misses += tmisses; 2164492ecee8SAlexei Starovoitov } 2165492ecee8SAlexei Starovoitov stats->nsecs = nsecs; 2166492ecee8SAlexei Starovoitov stats->cnt = cnt; 21679ed9e9baSAlexei Starovoitov stats->misses = misses; 2168492ecee8SAlexei Starovoitov } 2169492ecee8SAlexei Starovoitov 21707bd509e3SDaniel Borkmann #ifdef CONFIG_PROC_FS 21717bd509e3SDaniel Borkmann static void bpf_prog_show_fdinfo(struct seq_file *m, struct file *filp) 21727bd509e3SDaniel Borkmann { 21737bd509e3SDaniel Borkmann const struct bpf_prog *prog = filp->private_data; 2174f1f7714eSDaniel Borkmann char prog_tag[sizeof(prog->tag) * 2 + 1] = { }; 217561a0abaeSEric Dumazet struct bpf_prog_kstats stats; 21767bd509e3SDaniel Borkmann 2177492ecee8SAlexei Starovoitov bpf_prog_get_stats(prog, &stats); 2178f1f7714eSDaniel Borkmann bin2hex(prog_tag, prog->tag, sizeof(prog->tag)); 21797bd509e3SDaniel Borkmann seq_printf(m, 21807bd509e3SDaniel Borkmann "prog_type:\t%u\n" 21817bd509e3SDaniel Borkmann "prog_jited:\t%u\n" 2182f1f7714eSDaniel Borkmann "prog_tag:\t%s\n" 21834316b409SDaniel Borkmann "memlock:\t%llu\n" 2184492ecee8SAlexei Starovoitov "prog_id:\t%u\n" 2185492ecee8SAlexei Starovoitov "run_time_ns:\t%llu\n" 21869ed9e9baSAlexei Starovoitov "run_cnt:\t%llu\n" 2187aba64c7dSDave Marchevsky "recursion_misses:\t%llu\n" 2188aba64c7dSDave Marchevsky "verified_insns:\t%u\n", 21897bd509e3SDaniel Borkmann prog->type, 21907bd509e3SDaniel Borkmann prog->jited, 2191f1f7714eSDaniel Borkmann prog_tag, 21924316b409SDaniel Borkmann prog->pages * 1ULL << PAGE_SHIFT, 2193492ecee8SAlexei Starovoitov prog->aux->id, 2194492ecee8SAlexei Starovoitov stats.nsecs, 21959ed9e9baSAlexei Starovoitov stats.cnt, 2196aba64c7dSDave Marchevsky stats.misses, 2197aba64c7dSDave Marchevsky prog->aux->verified_insns); 21987bd509e3SDaniel Borkmann } 21997bd509e3SDaniel Borkmann #endif 22007bd509e3SDaniel Borkmann 2201f66e448cSChenbo Feng const struct file_operations bpf_prog_fops = { 22027bd509e3SDaniel Borkmann #ifdef CONFIG_PROC_FS 22037bd509e3SDaniel Borkmann .show_fdinfo = bpf_prog_show_fdinfo, 22047bd509e3SDaniel Borkmann #endif 220509756af4SAlexei Starovoitov .release = bpf_prog_release, 22066e71b04aSChenbo Feng .read = bpf_dummy_read, 22076e71b04aSChenbo Feng .write = bpf_dummy_write, 220809756af4SAlexei Starovoitov }; 220909756af4SAlexei Starovoitov 2210b2197755SDaniel Borkmann int bpf_prog_new_fd(struct bpf_prog *prog) 2211aa79781bSDaniel Borkmann { 2212afdb09c7SChenbo Feng int ret; 2213afdb09c7SChenbo Feng 2214afdb09c7SChenbo Feng ret = security_bpf_prog(prog); 2215afdb09c7SChenbo Feng if (ret < 0) 2216afdb09c7SChenbo Feng return ret; 2217afdb09c7SChenbo Feng 2218aa79781bSDaniel Borkmann return anon_inode_getfd("bpf-prog", &bpf_prog_fops, prog, 2219aa79781bSDaniel Borkmann O_RDWR | O_CLOEXEC); 2220aa79781bSDaniel Borkmann } 2221aa79781bSDaniel Borkmann 2222113214beSDaniel Borkmann static struct bpf_prog *____bpf_prog_get(struct fd f) 222309756af4SAlexei Starovoitov { 222409756af4SAlexei Starovoitov if (!f.file) 222509756af4SAlexei Starovoitov return ERR_PTR(-EBADF); 222609756af4SAlexei Starovoitov if (f.file->f_op != &bpf_prog_fops) { 222709756af4SAlexei Starovoitov fdput(f); 222809756af4SAlexei Starovoitov return ERR_PTR(-EINVAL); 222909756af4SAlexei Starovoitov } 223009756af4SAlexei Starovoitov 2231c2101297SDaniel Borkmann return f.file->private_data; 223209756af4SAlexei Starovoitov } 223309756af4SAlexei Starovoitov 223485192dbfSAndrii Nakryiko void bpf_prog_add(struct bpf_prog *prog, int i) 223592117d84SAlexei Starovoitov { 223685192dbfSAndrii Nakryiko atomic64_add(i, &prog->aux->refcnt); 223792117d84SAlexei Starovoitov } 223859d3656dSBrenden Blanco EXPORT_SYMBOL_GPL(bpf_prog_add); 223959d3656dSBrenden Blanco 2240c540594fSDaniel Borkmann void bpf_prog_sub(struct bpf_prog *prog, int i) 2241c540594fSDaniel Borkmann { 2242c540594fSDaniel Borkmann /* Only to be used for undoing previous bpf_prog_add() in some 2243c540594fSDaniel Borkmann * error path. We still know that another entity in our call 2244c540594fSDaniel Borkmann * path holds a reference to the program, thus atomic_sub() can 2245c540594fSDaniel Borkmann * be safely used in such cases! 2246c540594fSDaniel Borkmann */ 224785192dbfSAndrii Nakryiko WARN_ON(atomic64_sub_return(i, &prog->aux->refcnt) == 0); 2248c540594fSDaniel Borkmann } 2249c540594fSDaniel Borkmann EXPORT_SYMBOL_GPL(bpf_prog_sub); 2250c540594fSDaniel Borkmann 225185192dbfSAndrii Nakryiko void bpf_prog_inc(struct bpf_prog *prog) 225259d3656dSBrenden Blanco { 225385192dbfSAndrii Nakryiko atomic64_inc(&prog->aux->refcnt); 225459d3656dSBrenden Blanco } 225597bc402dSDaniel Borkmann EXPORT_SYMBOL_GPL(bpf_prog_inc); 225692117d84SAlexei Starovoitov 2257b16d9aa4SMartin KaFai Lau /* prog_idr_lock should have been held */ 2258a6f6df69SJohn Fastabend struct bpf_prog *bpf_prog_inc_not_zero(struct bpf_prog *prog) 2259b16d9aa4SMartin KaFai Lau { 2260b16d9aa4SMartin KaFai Lau int refold; 2261b16d9aa4SMartin KaFai Lau 226285192dbfSAndrii Nakryiko refold = atomic64_fetch_add_unless(&prog->aux->refcnt, 1, 0); 2263b16d9aa4SMartin KaFai Lau 2264b16d9aa4SMartin KaFai Lau if (!refold) 2265b16d9aa4SMartin KaFai Lau return ERR_PTR(-ENOENT); 2266b16d9aa4SMartin KaFai Lau 2267b16d9aa4SMartin KaFai Lau return prog; 2268b16d9aa4SMartin KaFai Lau } 2269a6f6df69SJohn Fastabend EXPORT_SYMBOL_GPL(bpf_prog_inc_not_zero); 2270b16d9aa4SMartin KaFai Lau 2271040ee692SAl Viro bool bpf_prog_get_ok(struct bpf_prog *prog, 2272288b3de5SJakub Kicinski enum bpf_prog_type *attach_type, bool attach_drv) 2273248f346fSJakub Kicinski { 2274288b3de5SJakub Kicinski /* not an attachment, just a refcount inc, always allow */ 2275288b3de5SJakub Kicinski if (!attach_type) 2276288b3de5SJakub Kicinski return true; 2277248f346fSJakub Kicinski 2278248f346fSJakub Kicinski if (prog->type != *attach_type) 2279248f346fSJakub Kicinski return false; 22809d03ebc7SStanislav Fomichev if (bpf_prog_is_offloaded(prog->aux) && !attach_drv) 2281248f346fSJakub Kicinski return false; 2282248f346fSJakub Kicinski 2283248f346fSJakub Kicinski return true; 2284248f346fSJakub Kicinski } 2285248f346fSJakub Kicinski 2286248f346fSJakub Kicinski static struct bpf_prog *__bpf_prog_get(u32 ufd, enum bpf_prog_type *attach_type, 2287288b3de5SJakub Kicinski bool attach_drv) 228809756af4SAlexei Starovoitov { 228909756af4SAlexei Starovoitov struct fd f = fdget(ufd); 229009756af4SAlexei Starovoitov struct bpf_prog *prog; 229109756af4SAlexei Starovoitov 2292113214beSDaniel Borkmann prog = ____bpf_prog_get(f); 229309756af4SAlexei Starovoitov if (IS_ERR(prog)) 229409756af4SAlexei Starovoitov return prog; 2295288b3de5SJakub Kicinski if (!bpf_prog_get_ok(prog, attach_type, attach_drv)) { 2296113214beSDaniel Borkmann prog = ERR_PTR(-EINVAL); 2297113214beSDaniel Borkmann goto out; 2298113214beSDaniel Borkmann } 229909756af4SAlexei Starovoitov 230085192dbfSAndrii Nakryiko bpf_prog_inc(prog); 2301113214beSDaniel Borkmann out: 230209756af4SAlexei Starovoitov fdput(f); 230309756af4SAlexei Starovoitov return prog; 230409756af4SAlexei Starovoitov } 2305113214beSDaniel Borkmann 2306113214beSDaniel Borkmann struct bpf_prog *bpf_prog_get(u32 ufd) 2307113214beSDaniel Borkmann { 2308288b3de5SJakub Kicinski return __bpf_prog_get(ufd, NULL, false); 2309113214beSDaniel Borkmann } 2310113214beSDaniel Borkmann 2311248f346fSJakub Kicinski struct bpf_prog *bpf_prog_get_type_dev(u32 ufd, enum bpf_prog_type type, 2312288b3de5SJakub Kicinski bool attach_drv) 2313248f346fSJakub Kicinski { 23144d220ed0SAlexei Starovoitov return __bpf_prog_get(ufd, &type, attach_drv); 2315248f346fSJakub Kicinski } 23166c8dfe21SJakub Kicinski EXPORT_SYMBOL_GPL(bpf_prog_get_type_dev); 2317248f346fSJakub Kicinski 2318aac3fc32SAndrey Ignatov /* Initially all BPF programs could be loaded w/o specifying 2319aac3fc32SAndrey Ignatov * expected_attach_type. Later for some of them specifying expected_attach_type 2320aac3fc32SAndrey Ignatov * at load time became required so that program could be validated properly. 2321aac3fc32SAndrey Ignatov * Programs of types that are allowed to be loaded both w/ and w/o (for 2322aac3fc32SAndrey Ignatov * backward compatibility) expected_attach_type, should have the default attach 2323aac3fc32SAndrey Ignatov * type assigned to expected_attach_type for the latter case, so that it can be 2324aac3fc32SAndrey Ignatov * validated later at attach time. 2325aac3fc32SAndrey Ignatov * 2326aac3fc32SAndrey Ignatov * bpf_prog_load_fixup_attach_type() sets expected_attach_type in @attr if 2327aac3fc32SAndrey Ignatov * prog type requires it but has some attach types that have to be backward 2328aac3fc32SAndrey Ignatov * compatible. 2329aac3fc32SAndrey Ignatov */ 2330aac3fc32SAndrey Ignatov static void bpf_prog_load_fixup_attach_type(union bpf_attr *attr) 2331aac3fc32SAndrey Ignatov { 2332aac3fc32SAndrey Ignatov switch (attr->prog_type) { 2333aac3fc32SAndrey Ignatov case BPF_PROG_TYPE_CGROUP_SOCK: 2334aac3fc32SAndrey Ignatov /* Unfortunately BPF_ATTACH_TYPE_UNSPEC enumeration doesn't 2335aac3fc32SAndrey Ignatov * exist so checking for non-zero is the way to go here. 2336aac3fc32SAndrey Ignatov */ 2337aac3fc32SAndrey Ignatov if (!attr->expected_attach_type) 2338aac3fc32SAndrey Ignatov attr->expected_attach_type = 2339aac3fc32SAndrey Ignatov BPF_CGROUP_INET_SOCK_CREATE; 2340aac3fc32SAndrey Ignatov break; 2341d5e4ddaeSKuniyuki Iwashima case BPF_PROG_TYPE_SK_REUSEPORT: 2342d5e4ddaeSKuniyuki Iwashima if (!attr->expected_attach_type) 2343d5e4ddaeSKuniyuki Iwashima attr->expected_attach_type = 2344d5e4ddaeSKuniyuki Iwashima BPF_SK_REUSEPORT_SELECT; 2345d5e4ddaeSKuniyuki Iwashima break; 2346aac3fc32SAndrey Ignatov } 2347aac3fc32SAndrey Ignatov } 2348aac3fc32SAndrey Ignatov 23495e43f899SAndrey Ignatov static int 2350ccfe29ebSAlexei Starovoitov bpf_prog_load_check_attach(enum bpf_prog_type prog_type, 2351ccfe29ebSAlexei Starovoitov enum bpf_attach_type expected_attach_type, 2352290248a5SAndrii Nakryiko struct btf *attach_btf, u32 btf_id, 2353290248a5SAndrii Nakryiko struct bpf_prog *dst_prog) 23545e43f899SAndrey Ignatov { 235527ae7997SMartin KaFai Lau if (btf_id) { 2356c108e3c1SAlexei Starovoitov if (btf_id > BTF_MAX_TYPE) 2357c108e3c1SAlexei Starovoitov return -EINVAL; 235827ae7997SMartin KaFai Lau 2359290248a5SAndrii Nakryiko if (!attach_btf && !dst_prog) 2360290248a5SAndrii Nakryiko return -EINVAL; 2361290248a5SAndrii Nakryiko 236227ae7997SMartin KaFai Lau switch (prog_type) { 236327ae7997SMartin KaFai Lau case BPF_PROG_TYPE_TRACING: 23649e4e01dfSKP Singh case BPF_PROG_TYPE_LSM: 236527ae7997SMartin KaFai Lau case BPF_PROG_TYPE_STRUCT_OPS: 2366be8704ffSAlexei Starovoitov case BPF_PROG_TYPE_EXT: 2367c108e3c1SAlexei Starovoitov break; 2368c108e3c1SAlexei Starovoitov default: 2369c108e3c1SAlexei Starovoitov return -EINVAL; 2370c108e3c1SAlexei Starovoitov } 237127ae7997SMartin KaFai Lau } 237227ae7997SMartin KaFai Lau 2373290248a5SAndrii Nakryiko if (attach_btf && (!btf_id || dst_prog)) 2374290248a5SAndrii Nakryiko return -EINVAL; 2375290248a5SAndrii Nakryiko 2376290248a5SAndrii Nakryiko if (dst_prog && prog_type != BPF_PROG_TYPE_TRACING && 2377be8704ffSAlexei Starovoitov prog_type != BPF_PROG_TYPE_EXT) 237827ae7997SMartin KaFai Lau return -EINVAL; 2379c108e3c1SAlexei Starovoitov 2380c108e3c1SAlexei Starovoitov switch (prog_type) { 2381aac3fc32SAndrey Ignatov case BPF_PROG_TYPE_CGROUP_SOCK: 2382aac3fc32SAndrey Ignatov switch (expected_attach_type) { 2383aac3fc32SAndrey Ignatov case BPF_CGROUP_INET_SOCK_CREATE: 2384f5836749SStanislav Fomichev case BPF_CGROUP_INET_SOCK_RELEASE: 2385aac3fc32SAndrey Ignatov case BPF_CGROUP_INET4_POST_BIND: 2386aac3fc32SAndrey Ignatov case BPF_CGROUP_INET6_POST_BIND: 2387aac3fc32SAndrey Ignatov return 0; 2388aac3fc32SAndrey Ignatov default: 2389aac3fc32SAndrey Ignatov return -EINVAL; 2390aac3fc32SAndrey Ignatov } 23914fbac77dSAndrey Ignatov case BPF_PROG_TYPE_CGROUP_SOCK_ADDR: 23924fbac77dSAndrey Ignatov switch (expected_attach_type) { 23934fbac77dSAndrey Ignatov case BPF_CGROUP_INET4_BIND: 23944fbac77dSAndrey Ignatov case BPF_CGROUP_INET6_BIND: 2395d74bad4eSAndrey Ignatov case BPF_CGROUP_INET4_CONNECT: 2396d74bad4eSAndrey Ignatov case BPF_CGROUP_INET6_CONNECT: 23971b66d253SDaniel Borkmann case BPF_CGROUP_INET4_GETPEERNAME: 23981b66d253SDaniel Borkmann case BPF_CGROUP_INET6_GETPEERNAME: 23991b66d253SDaniel Borkmann case BPF_CGROUP_INET4_GETSOCKNAME: 24001b66d253SDaniel Borkmann case BPF_CGROUP_INET6_GETSOCKNAME: 24011cedee13SAndrey Ignatov case BPF_CGROUP_UDP4_SENDMSG: 24021cedee13SAndrey Ignatov case BPF_CGROUP_UDP6_SENDMSG: 2403983695faSDaniel Borkmann case BPF_CGROUP_UDP4_RECVMSG: 2404983695faSDaniel Borkmann case BPF_CGROUP_UDP6_RECVMSG: 24055e43f899SAndrey Ignatov return 0; 24064fbac77dSAndrey Ignatov default: 24074fbac77dSAndrey Ignatov return -EINVAL; 24084fbac77dSAndrey Ignatov } 24095cf1e914Sbrakmo case BPF_PROG_TYPE_CGROUP_SKB: 24105cf1e914Sbrakmo switch (expected_attach_type) { 24115cf1e914Sbrakmo case BPF_CGROUP_INET_INGRESS: 24125cf1e914Sbrakmo case BPF_CGROUP_INET_EGRESS: 24135cf1e914Sbrakmo return 0; 24145cf1e914Sbrakmo default: 24155cf1e914Sbrakmo return -EINVAL; 24165cf1e914Sbrakmo } 24170d01da6aSStanislav Fomichev case BPF_PROG_TYPE_CGROUP_SOCKOPT: 24180d01da6aSStanislav Fomichev switch (expected_attach_type) { 24190d01da6aSStanislav Fomichev case BPF_CGROUP_SETSOCKOPT: 24200d01da6aSStanislav Fomichev case BPF_CGROUP_GETSOCKOPT: 24210d01da6aSStanislav Fomichev return 0; 24220d01da6aSStanislav Fomichev default: 24230d01da6aSStanislav Fomichev return -EINVAL; 24240d01da6aSStanislav Fomichev } 2425e9ddbb77SJakub Sitnicki case BPF_PROG_TYPE_SK_LOOKUP: 2426e9ddbb77SJakub Sitnicki if (expected_attach_type == BPF_SK_LOOKUP) 2427e9ddbb77SJakub Sitnicki return 0; 2428e9ddbb77SJakub Sitnicki return -EINVAL; 2429d5e4ddaeSKuniyuki Iwashima case BPF_PROG_TYPE_SK_REUSEPORT: 2430d5e4ddaeSKuniyuki Iwashima switch (expected_attach_type) { 2431d5e4ddaeSKuniyuki Iwashima case BPF_SK_REUSEPORT_SELECT: 2432d5e4ddaeSKuniyuki Iwashima case BPF_SK_REUSEPORT_SELECT_OR_MIGRATE: 2433d5e4ddaeSKuniyuki Iwashima return 0; 2434d5e4ddaeSKuniyuki Iwashima default: 2435d5e4ddaeSKuniyuki Iwashima return -EINVAL; 2436d5e4ddaeSKuniyuki Iwashima } 243779a7f8bdSAlexei Starovoitov case BPF_PROG_TYPE_SYSCALL: 2438be8704ffSAlexei Starovoitov case BPF_PROG_TYPE_EXT: 2439be8704ffSAlexei Starovoitov if (expected_attach_type) 2440be8704ffSAlexei Starovoitov return -EINVAL; 2441df561f66SGustavo A. R. Silva fallthrough; 24424fbac77dSAndrey Ignatov default: 24434fbac77dSAndrey Ignatov return 0; 24444fbac77dSAndrey Ignatov } 24455e43f899SAndrey Ignatov } 24465e43f899SAndrey Ignatov 24472c78ee89SAlexei Starovoitov static bool is_net_admin_prog_type(enum bpf_prog_type prog_type) 24482c78ee89SAlexei Starovoitov { 24492c78ee89SAlexei Starovoitov switch (prog_type) { 24502c78ee89SAlexei Starovoitov case BPF_PROG_TYPE_SCHED_CLS: 24512c78ee89SAlexei Starovoitov case BPF_PROG_TYPE_SCHED_ACT: 24522c78ee89SAlexei Starovoitov case BPF_PROG_TYPE_XDP: 24532c78ee89SAlexei Starovoitov case BPF_PROG_TYPE_LWT_IN: 24542c78ee89SAlexei Starovoitov case BPF_PROG_TYPE_LWT_OUT: 24552c78ee89SAlexei Starovoitov case BPF_PROG_TYPE_LWT_XMIT: 24562c78ee89SAlexei Starovoitov case BPF_PROG_TYPE_LWT_SEG6LOCAL: 24572c78ee89SAlexei Starovoitov case BPF_PROG_TYPE_SK_SKB: 24582c78ee89SAlexei Starovoitov case BPF_PROG_TYPE_SK_MSG: 24592c78ee89SAlexei Starovoitov case BPF_PROG_TYPE_FLOW_DISSECTOR: 24602c78ee89SAlexei Starovoitov case BPF_PROG_TYPE_CGROUP_DEVICE: 24612c78ee89SAlexei Starovoitov case BPF_PROG_TYPE_CGROUP_SOCK: 24622c78ee89SAlexei Starovoitov case BPF_PROG_TYPE_CGROUP_SOCK_ADDR: 24632c78ee89SAlexei Starovoitov case BPF_PROG_TYPE_CGROUP_SOCKOPT: 24642c78ee89SAlexei Starovoitov case BPF_PROG_TYPE_CGROUP_SYSCTL: 24652c78ee89SAlexei Starovoitov case BPF_PROG_TYPE_SOCK_OPS: 24662c78ee89SAlexei Starovoitov case BPF_PROG_TYPE_EXT: /* extends any prog */ 246784601d6eSFlorian Westphal case BPF_PROG_TYPE_NETFILTER: 24682c78ee89SAlexei Starovoitov return true; 24692c78ee89SAlexei Starovoitov case BPF_PROG_TYPE_CGROUP_SKB: 24702c78ee89SAlexei Starovoitov /* always unpriv */ 24712c78ee89SAlexei Starovoitov case BPF_PROG_TYPE_SK_REUSEPORT: 24722c78ee89SAlexei Starovoitov /* equivalent to SOCKET_FILTER. need CAP_BPF only */ 24732c78ee89SAlexei Starovoitov default: 24742c78ee89SAlexei Starovoitov return false; 24752c78ee89SAlexei Starovoitov } 24762c78ee89SAlexei Starovoitov } 24772c78ee89SAlexei Starovoitov 24782c78ee89SAlexei Starovoitov static bool is_perfmon_prog_type(enum bpf_prog_type prog_type) 24792c78ee89SAlexei Starovoitov { 24802c78ee89SAlexei Starovoitov switch (prog_type) { 24812c78ee89SAlexei Starovoitov case BPF_PROG_TYPE_KPROBE: 24822c78ee89SAlexei Starovoitov case BPF_PROG_TYPE_TRACEPOINT: 24832c78ee89SAlexei Starovoitov case BPF_PROG_TYPE_PERF_EVENT: 24842c78ee89SAlexei Starovoitov case BPF_PROG_TYPE_RAW_TRACEPOINT: 24852c78ee89SAlexei Starovoitov case BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE: 24862c78ee89SAlexei Starovoitov case BPF_PROG_TYPE_TRACING: 24872c78ee89SAlexei Starovoitov case BPF_PROG_TYPE_LSM: 24882c78ee89SAlexei Starovoitov case BPF_PROG_TYPE_STRUCT_OPS: /* has access to struct sock */ 24892c78ee89SAlexei Starovoitov case BPF_PROG_TYPE_EXT: /* extends any prog */ 24902c78ee89SAlexei Starovoitov return true; 24912c78ee89SAlexei Starovoitov default: 24922c78ee89SAlexei Starovoitov return false; 24932c78ee89SAlexei Starovoitov } 24942c78ee89SAlexei Starovoitov } 24952c78ee89SAlexei Starovoitov 249609756af4SAlexei Starovoitov /* last field in 'union bpf_attr' used by this command */ 249747a71c1fSAndrii Nakryiko #define BPF_PROG_LOAD_LAST_FIELD log_true_size 249809756af4SAlexei Starovoitov 249947a71c1fSAndrii Nakryiko static int bpf_prog_load(union bpf_attr *attr, bpfptr_t uattr, u32 uattr_size) 250009756af4SAlexei Starovoitov { 250109756af4SAlexei Starovoitov enum bpf_prog_type type = attr->prog_type; 2502290248a5SAndrii Nakryiko struct bpf_prog *prog, *dst_prog = NULL; 2503290248a5SAndrii Nakryiko struct btf *attach_btf = NULL; 250409756af4SAlexei Starovoitov int err; 250509756af4SAlexei Starovoitov char license[128]; 250609756af4SAlexei Starovoitov bool is_gpl; 250709756af4SAlexei Starovoitov 250809756af4SAlexei Starovoitov if (CHECK_ATTR(BPF_PROG_LOAD)) 250909756af4SAlexei Starovoitov return -EINVAL; 251009756af4SAlexei Starovoitov 2511c240eff6SJiong Wang if (attr->prog_flags & ~(BPF_F_STRICT_ALIGNMENT | 2512c240eff6SJiong Wang BPF_F_ANY_ALIGNMENT | 251310d274e8SAlexei Starovoitov BPF_F_TEST_STATE_FREQ | 25141e6c62a8SAlexei Starovoitov BPF_F_SLEEPABLE | 2515c2f2cdbeSLorenzo Bianconi BPF_F_TEST_RND_HI32 | 25162b3486bcSStanislav Fomichev BPF_F_XDP_HAS_FRAGS | 25172b3486bcSStanislav Fomichev BPF_F_XDP_DEV_BOUND_ONLY)) 2518e07b98d9SDavid S. Miller return -EINVAL; 2519e07b98d9SDavid S. Miller 2520e9ee9efcSDavid Miller if (!IS_ENABLED(CONFIG_HAVE_EFFICIENT_UNALIGNED_ACCESS) && 2521e9ee9efcSDavid Miller (attr->prog_flags & BPF_F_ANY_ALIGNMENT) && 25222c78ee89SAlexei Starovoitov !bpf_capable()) 2523e9ee9efcSDavid Miller return -EPERM; 2524e9ee9efcSDavid Miller 252509756af4SAlexei Starovoitov /* copy eBPF program license from user space */ 2526af2ac3e1SAlexei Starovoitov if (strncpy_from_bpfptr(license, 2527af2ac3e1SAlexei Starovoitov make_bpfptr(attr->license, uattr.is_kernel), 252809756af4SAlexei Starovoitov sizeof(license) - 1) < 0) 252909756af4SAlexei Starovoitov return -EFAULT; 253009756af4SAlexei Starovoitov license[sizeof(license) - 1] = 0; 253109756af4SAlexei Starovoitov 253209756af4SAlexei Starovoitov /* eBPF programs must be GPL compatible to use GPL-ed functions */ 253309756af4SAlexei Starovoitov is_gpl = license_is_gpl_compatible(license); 253409756af4SAlexei Starovoitov 2535c04c0d2bSAlexei Starovoitov if (attr->insn_cnt == 0 || 25362c78ee89SAlexei Starovoitov attr->insn_cnt > (bpf_capable() ? BPF_COMPLEXITY_LIMIT_INSNS : BPF_MAXINSNS)) 2537ef0915caSDaniel Borkmann return -E2BIG; 253880b7d819SChenbo Feng if (type != BPF_PROG_TYPE_SOCKET_FILTER && 253980b7d819SChenbo Feng type != BPF_PROG_TYPE_CGROUP_SKB && 25402c78ee89SAlexei Starovoitov !bpf_capable()) 25412c78ee89SAlexei Starovoitov return -EPERM; 25422c78ee89SAlexei Starovoitov 2543b338cb92SMaciej Żenczykowski if (is_net_admin_prog_type(type) && !capable(CAP_NET_ADMIN) && !capable(CAP_SYS_ADMIN)) 25442c78ee89SAlexei Starovoitov return -EPERM; 25452c78ee89SAlexei Starovoitov if (is_perfmon_prog_type(type) && !perfmon_capable()) 25461be7f75dSAlexei Starovoitov return -EPERM; 25471be7f75dSAlexei Starovoitov 2548290248a5SAndrii Nakryiko /* attach_prog_fd/attach_btf_obj_fd can specify fd of either bpf_prog 2549290248a5SAndrii Nakryiko * or btf, we need to check which one it is 2550290248a5SAndrii Nakryiko */ 2551290248a5SAndrii Nakryiko if (attr->attach_prog_fd) { 2552290248a5SAndrii Nakryiko dst_prog = bpf_prog_get(attr->attach_prog_fd); 2553290248a5SAndrii Nakryiko if (IS_ERR(dst_prog)) { 2554290248a5SAndrii Nakryiko dst_prog = NULL; 2555290248a5SAndrii Nakryiko attach_btf = btf_get_by_fd(attr->attach_btf_obj_fd); 2556290248a5SAndrii Nakryiko if (IS_ERR(attach_btf)) 2557290248a5SAndrii Nakryiko return -EINVAL; 2558290248a5SAndrii Nakryiko if (!btf_is_kernel(attach_btf)) { 25598bdd8e27SAndrii Nakryiko /* attaching through specifying bpf_prog's BTF 25608bdd8e27SAndrii Nakryiko * objects directly might be supported eventually 25618bdd8e27SAndrii Nakryiko */ 2562290248a5SAndrii Nakryiko btf_put(attach_btf); 25638bdd8e27SAndrii Nakryiko return -ENOTSUPP; 2564290248a5SAndrii Nakryiko } 2565290248a5SAndrii Nakryiko } 2566290248a5SAndrii Nakryiko } else if (attr->attach_btf_id) { 2567290248a5SAndrii Nakryiko /* fall back to vmlinux BTF, if BTF type ID is specified */ 2568290248a5SAndrii Nakryiko attach_btf = bpf_get_btf_vmlinux(); 2569290248a5SAndrii Nakryiko if (IS_ERR(attach_btf)) 2570290248a5SAndrii Nakryiko return PTR_ERR(attach_btf); 2571290248a5SAndrii Nakryiko if (!attach_btf) 2572290248a5SAndrii Nakryiko return -EINVAL; 2573290248a5SAndrii Nakryiko btf_get(attach_btf); 2574290248a5SAndrii Nakryiko } 2575290248a5SAndrii Nakryiko 2576aac3fc32SAndrey Ignatov bpf_prog_load_fixup_attach_type(attr); 2577ccfe29ebSAlexei Starovoitov if (bpf_prog_load_check_attach(type, attr->expected_attach_type, 2578290248a5SAndrii Nakryiko attach_btf, attr->attach_btf_id, 2579290248a5SAndrii Nakryiko dst_prog)) { 2580290248a5SAndrii Nakryiko if (dst_prog) 2581290248a5SAndrii Nakryiko bpf_prog_put(dst_prog); 2582290248a5SAndrii Nakryiko if (attach_btf) 2583290248a5SAndrii Nakryiko btf_put(attach_btf); 25845e43f899SAndrey Ignatov return -EINVAL; 2585290248a5SAndrii Nakryiko } 25865e43f899SAndrey Ignatov 258709756af4SAlexei Starovoitov /* plain bpf_prog allocation */ 258809756af4SAlexei Starovoitov prog = bpf_prog_alloc(bpf_prog_size(attr->insn_cnt), GFP_USER); 2589290248a5SAndrii Nakryiko if (!prog) { 2590290248a5SAndrii Nakryiko if (dst_prog) 2591290248a5SAndrii Nakryiko bpf_prog_put(dst_prog); 2592290248a5SAndrii Nakryiko if (attach_btf) 2593290248a5SAndrii Nakryiko btf_put(attach_btf); 259409756af4SAlexei Starovoitov return -ENOMEM; 2595290248a5SAndrii Nakryiko } 259609756af4SAlexei Starovoitov 25975e43f899SAndrey Ignatov prog->expected_attach_type = attr->expected_attach_type; 2598290248a5SAndrii Nakryiko prog->aux->attach_btf = attach_btf; 2599ccfe29ebSAlexei Starovoitov prog->aux->attach_btf_id = attr->attach_btf_id; 26003aac1eadSToke Høiland-Jørgensen prog->aux->dst_prog = dst_prog; 26012b3486bcSStanislav Fomichev prog->aux->dev_bound = !!attr->prog_ifindex; 26021e6c62a8SAlexei Starovoitov prog->aux->sleepable = attr->prog_flags & BPF_F_SLEEPABLE; 2603c2f2cdbeSLorenzo Bianconi prog->aux->xdp_has_frags = attr->prog_flags & BPF_F_XDP_HAS_FRAGS; 26049a18eedbSJakub Kicinski 2605afdb09c7SChenbo Feng err = security_bpf_prog_alloc(prog->aux); 2606aaac3ba9SAlexei Starovoitov if (err) 26073ac1f01bSRoman Gushchin goto free_prog; 2608aaac3ba9SAlexei Starovoitov 26093ac1f01bSRoman Gushchin prog->aux->user = get_current_user(); 261009756af4SAlexei Starovoitov prog->len = attr->insn_cnt; 261109756af4SAlexei Starovoitov 261209756af4SAlexei Starovoitov err = -EFAULT; 2613af2ac3e1SAlexei Starovoitov if (copy_from_bpfptr(prog->insns, 2614af2ac3e1SAlexei Starovoitov make_bpfptr(attr->insns, uattr.is_kernel), 2615aafe6ae9SDaniel Borkmann bpf_prog_insn_size(prog)) != 0) 26163ac1f01bSRoman Gushchin goto free_prog_sec; 261709756af4SAlexei Starovoitov 261809756af4SAlexei Starovoitov prog->orig_prog = NULL; 2619a91263d5SDaniel Borkmann prog->jited = 0; 262009756af4SAlexei Starovoitov 262185192dbfSAndrii Nakryiko atomic64_set(&prog->aux->refcnt, 1); 2622a91263d5SDaniel Borkmann prog->gpl_compatible = is_gpl ? 1 : 0; 262309756af4SAlexei Starovoitov 26249a18eedbSJakub Kicinski if (bpf_prog_is_dev_bound(prog->aux)) { 26252b3486bcSStanislav Fomichev err = bpf_prog_dev_bound_init(prog, attr); 2626ab3f0063SJakub Kicinski if (err) 26273ac1f01bSRoman Gushchin goto free_prog_sec; 2628ab3f0063SJakub Kicinski } 2629ab3f0063SJakub Kicinski 2630fd7c211dSToke Høiland-Jørgensen if (type == BPF_PROG_TYPE_EXT && dst_prog && 2631fd7c211dSToke Høiland-Jørgensen bpf_prog_is_dev_bound(dst_prog->aux)) { 2632fd7c211dSToke Høiland-Jørgensen err = bpf_prog_dev_bound_inherit(prog, dst_prog); 2633cb4d2b3fSMartin KaFai Lau if (err) 2634cb4d2b3fSMartin KaFai Lau goto free_prog_sec; 2635cb4d2b3fSMartin KaFai Lau } 2636cb4d2b3fSMartin KaFai Lau 2637cb4d2b3fSMartin KaFai Lau /* find program type: socket_filter vs tracing_filter */ 263809756af4SAlexei Starovoitov err = find_prog_type(type, prog); 26399bac3d6dSAlexei Starovoitov if (err < 0) 26403ac1f01bSRoman Gushchin goto free_prog_sec; 264109756af4SAlexei Starovoitov 26429285ec4cSJason A. Donenfeld prog->aux->load_time = ktime_get_boottime_ns(); 26438e7ae251SMartin KaFai Lau err = bpf_obj_name_cpy(prog->aux->name, attr->prog_name, 26448e7ae251SMartin KaFai Lau sizeof(attr->prog_name)); 26458e7ae251SMartin KaFai Lau if (err < 0) 26463ac1f01bSRoman Gushchin goto free_prog_sec; 264709756af4SAlexei Starovoitov 264851580e79SAlexei Starovoitov /* run eBPF verifier */ 264947a71c1fSAndrii Nakryiko err = bpf_check(&prog, attr, uattr, uattr_size); 265009756af4SAlexei Starovoitov if (err < 0) 265109756af4SAlexei Starovoitov goto free_used_maps; 265209756af4SAlexei Starovoitov 2653d1c55ab5SDaniel Borkmann prog = bpf_prog_select_runtime(prog, &err); 265404fd61abSAlexei Starovoitov if (err < 0) 265504fd61abSAlexei Starovoitov goto free_used_maps; 265609756af4SAlexei Starovoitov 2657dc4bb0e2SMartin KaFai Lau err = bpf_prog_alloc_id(prog); 2658dc4bb0e2SMartin KaFai Lau if (err) 2659dc4bb0e2SMartin KaFai Lau goto free_used_maps; 2660dc4bb0e2SMartin KaFai Lau 2661c751798aSDaniel Borkmann /* Upon success of bpf_prog_alloc_id(), the BPF prog is 2662c751798aSDaniel Borkmann * effectively publicly exposed. However, retrieving via 2663c751798aSDaniel Borkmann * bpf_prog_get_fd_by_id() will take another reference, 2664c751798aSDaniel Borkmann * therefore it cannot be gone underneath us. 2665c751798aSDaniel Borkmann * 2666c751798aSDaniel Borkmann * Only for the time /after/ successful bpf_prog_new_fd() 2667c751798aSDaniel Borkmann * and before returning to userspace, we might just hold 2668c751798aSDaniel Borkmann * one reference and any parallel close on that fd could 2669c751798aSDaniel Borkmann * rip everything out. Hence, below notifications must 2670c751798aSDaniel Borkmann * happen before bpf_prog_new_fd(). 2671c751798aSDaniel Borkmann * 2672c751798aSDaniel Borkmann * Also, any failure handling from this point onwards must 2673c751798aSDaniel Borkmann * be using bpf_prog_put() given the program is exposed. 2674b16d9aa4SMartin KaFai Lau */ 267574451e66SDaniel Borkmann bpf_prog_kallsyms_add(prog); 26766ee52e2aSSong Liu perf_event_bpf_event(prog, PERF_BPF_EVENT_PROG_LOAD, 0); 2677bae141f5SDaniel Borkmann bpf_audit_prog(prog, BPF_AUDIT_LOAD); 2678c751798aSDaniel Borkmann 2679c751798aSDaniel Borkmann err = bpf_prog_new_fd(prog); 2680c751798aSDaniel Borkmann if (err < 0) 2681c751798aSDaniel Borkmann bpf_prog_put(prog); 268209756af4SAlexei Starovoitov return err; 268309756af4SAlexei Starovoitov 268409756af4SAlexei Starovoitov free_used_maps: 2685cd7455f1SDaniel Borkmann /* In case we have subprogs, we need to wait for a grace 2686cd7455f1SDaniel Borkmann * period before we can tear down JIT memory since symbols 2687cd7455f1SDaniel Borkmann * are already exposed under kallsyms. 2688cd7455f1SDaniel Borkmann */ 2689cd7455f1SDaniel Borkmann __bpf_prog_put_noref(prog, prog->aux->func_cnt); 2690cd7455f1SDaniel Borkmann return err; 2691afdb09c7SChenbo Feng free_prog_sec: 26923ac1f01bSRoman Gushchin free_uid(prog->aux->user); 2693afdb09c7SChenbo Feng security_bpf_prog_free(prog->aux); 26943ac1f01bSRoman Gushchin free_prog: 269522dc4a0fSAndrii Nakryiko if (prog->aux->attach_btf) 269622dc4a0fSAndrii Nakryiko btf_put(prog->aux->attach_btf); 269709756af4SAlexei Starovoitov bpf_prog_free(prog); 269809756af4SAlexei Starovoitov return err; 269909756af4SAlexei Starovoitov } 270009756af4SAlexei Starovoitov 2701cb8edce2SAndrii Nakryiko #define BPF_OBJ_LAST_FIELD path_fd 2702b2197755SDaniel Borkmann 2703b2197755SDaniel Borkmann static int bpf_obj_pin(const union bpf_attr *attr) 2704b2197755SDaniel Borkmann { 2705cb8edce2SAndrii Nakryiko int path_fd; 2706cb8edce2SAndrii Nakryiko 2707cb8edce2SAndrii Nakryiko if (CHECK_ATTR(BPF_OBJ) || attr->file_flags & ~BPF_F_PATH_FD) 2708b2197755SDaniel Borkmann return -EINVAL; 2709b2197755SDaniel Borkmann 2710cb8edce2SAndrii Nakryiko /* path_fd has to be accompanied by BPF_F_PATH_FD flag */ 2711cb8edce2SAndrii Nakryiko if (!(attr->file_flags & BPF_F_PATH_FD) && attr->path_fd) 2712cb8edce2SAndrii Nakryiko return -EINVAL; 2713cb8edce2SAndrii Nakryiko 2714cb8edce2SAndrii Nakryiko path_fd = attr->file_flags & BPF_F_PATH_FD ? attr->path_fd : AT_FDCWD; 2715cb8edce2SAndrii Nakryiko return bpf_obj_pin_user(attr->bpf_fd, path_fd, 2716cb8edce2SAndrii Nakryiko u64_to_user_ptr(attr->pathname)); 2717b2197755SDaniel Borkmann } 2718b2197755SDaniel Borkmann 2719b2197755SDaniel Borkmann static int bpf_obj_get(const union bpf_attr *attr) 2720b2197755SDaniel Borkmann { 2721cb8edce2SAndrii Nakryiko int path_fd; 2722cb8edce2SAndrii Nakryiko 27236e71b04aSChenbo Feng if (CHECK_ATTR(BPF_OBJ) || attr->bpf_fd != 0 || 2724cb8edce2SAndrii Nakryiko attr->file_flags & ~(BPF_OBJ_FLAG_MASK | BPF_F_PATH_FD)) 2725b2197755SDaniel Borkmann return -EINVAL; 2726b2197755SDaniel Borkmann 2727cb8edce2SAndrii Nakryiko /* path_fd has to be accompanied by BPF_F_PATH_FD flag */ 2728cb8edce2SAndrii Nakryiko if (!(attr->file_flags & BPF_F_PATH_FD) && attr->path_fd) 2729cb8edce2SAndrii Nakryiko return -EINVAL; 2730cb8edce2SAndrii Nakryiko 2731cb8edce2SAndrii Nakryiko path_fd = attr->file_flags & BPF_F_PATH_FD ? attr->path_fd : AT_FDCWD; 2732cb8edce2SAndrii Nakryiko return bpf_obj_get_user(path_fd, u64_to_user_ptr(attr->pathname), 27336e71b04aSChenbo Feng attr->file_flags); 2734b2197755SDaniel Borkmann } 2735b2197755SDaniel Borkmann 2736f2e10bffSAndrii Nakryiko void bpf_link_init(struct bpf_link *link, enum bpf_link_type type, 2737a3b80e10SAndrii Nakryiko const struct bpf_link_ops *ops, struct bpf_prog *prog) 273870ed506cSAndrii Nakryiko { 273970ed506cSAndrii Nakryiko atomic64_set(&link->refcnt, 1); 2740f2e10bffSAndrii Nakryiko link->type = type; 2741a3b80e10SAndrii Nakryiko link->id = 0; 274270ed506cSAndrii Nakryiko link->ops = ops; 274370ed506cSAndrii Nakryiko link->prog = prog; 274470ed506cSAndrii Nakryiko } 274570ed506cSAndrii Nakryiko 2746a3b80e10SAndrii Nakryiko static void bpf_link_free_id(int id) 2747a3b80e10SAndrii Nakryiko { 2748a3b80e10SAndrii Nakryiko if (!id) 2749a3b80e10SAndrii Nakryiko return; 2750a3b80e10SAndrii Nakryiko 2751a3b80e10SAndrii Nakryiko spin_lock_bh(&link_idr_lock); 2752a3b80e10SAndrii Nakryiko idr_remove(&link_idr, id); 2753a3b80e10SAndrii Nakryiko spin_unlock_bh(&link_idr_lock); 2754a3b80e10SAndrii Nakryiko } 2755a3b80e10SAndrii Nakryiko 275698868668SAndrii Nakryiko /* Clean up bpf_link and corresponding anon_inode file and FD. After 275798868668SAndrii Nakryiko * anon_inode is created, bpf_link can't be just kfree()'d due to deferred 2758a3b80e10SAndrii Nakryiko * anon_inode's release() call. This helper marksbpf_link as 2759a3b80e10SAndrii Nakryiko * defunct, releases anon_inode file and puts reserved FD. bpf_prog's refcnt 2760a3b80e10SAndrii Nakryiko * is not decremented, it's the responsibility of a calling code that failed 2761a3b80e10SAndrii Nakryiko * to complete bpf_link initialization. 276298868668SAndrii Nakryiko */ 2763a3b80e10SAndrii Nakryiko void bpf_link_cleanup(struct bpf_link_primer *primer) 2764babf3164SAndrii Nakryiko { 2765a3b80e10SAndrii Nakryiko primer->link->prog = NULL; 2766a3b80e10SAndrii Nakryiko bpf_link_free_id(primer->id); 2767a3b80e10SAndrii Nakryiko fput(primer->file); 2768a3b80e10SAndrii Nakryiko put_unused_fd(primer->fd); 2769babf3164SAndrii Nakryiko } 2770babf3164SAndrii Nakryiko 277170ed506cSAndrii Nakryiko void bpf_link_inc(struct bpf_link *link) 277270ed506cSAndrii Nakryiko { 277370ed506cSAndrii Nakryiko atomic64_inc(&link->refcnt); 277470ed506cSAndrii Nakryiko } 277570ed506cSAndrii Nakryiko 277670ed506cSAndrii Nakryiko /* bpf_link_free is guaranteed to be called from process context */ 277770ed506cSAndrii Nakryiko static void bpf_link_free(struct bpf_link *link) 277870ed506cSAndrii Nakryiko { 2779a3b80e10SAndrii Nakryiko bpf_link_free_id(link->id); 2780babf3164SAndrii Nakryiko if (link->prog) { 2781babf3164SAndrii Nakryiko /* detach BPF program, clean up used resources */ 278270ed506cSAndrii Nakryiko link->ops->release(link); 2783babf3164SAndrii Nakryiko bpf_prog_put(link->prog); 2784babf3164SAndrii Nakryiko } 2785babf3164SAndrii Nakryiko /* free bpf_link and its containing memory */ 2786babf3164SAndrii Nakryiko link->ops->dealloc(link); 278770ed506cSAndrii Nakryiko } 278870ed506cSAndrii Nakryiko 278970ed506cSAndrii Nakryiko static void bpf_link_put_deferred(struct work_struct *work) 279070ed506cSAndrii Nakryiko { 279170ed506cSAndrii Nakryiko struct bpf_link *link = container_of(work, struct bpf_link, work); 279270ed506cSAndrii Nakryiko 279370ed506cSAndrii Nakryiko bpf_link_free(link); 279470ed506cSAndrii Nakryiko } 279570ed506cSAndrii Nakryiko 279670ed506cSAndrii Nakryiko /* bpf_link_put can be called from atomic context, but ensures that resources 279770ed506cSAndrii Nakryiko * are freed from process context 279870ed506cSAndrii Nakryiko */ 279970ed506cSAndrii Nakryiko void bpf_link_put(struct bpf_link *link) 280070ed506cSAndrii Nakryiko { 280170ed506cSAndrii Nakryiko if (!atomic64_dec_and_test(&link->refcnt)) 280270ed506cSAndrii Nakryiko return; 280370ed506cSAndrii Nakryiko 2804f00f2f7fSAlexei Starovoitov if (in_atomic()) { 280570ed506cSAndrii Nakryiko INIT_WORK(&link->work, bpf_link_put_deferred); 280670ed506cSAndrii Nakryiko schedule_work(&link->work); 2807f00f2f7fSAlexei Starovoitov } else { 2808f00f2f7fSAlexei Starovoitov bpf_link_free(link); 2809f00f2f7fSAlexei Starovoitov } 281070ed506cSAndrii Nakryiko } 2811cb80ddc6SAlexei Starovoitov EXPORT_SYMBOL(bpf_link_put); 281270ed506cSAndrii Nakryiko 281370ed506cSAndrii Nakryiko static int bpf_link_release(struct inode *inode, struct file *filp) 281470ed506cSAndrii Nakryiko { 281570ed506cSAndrii Nakryiko struct bpf_link *link = filp->private_data; 281670ed506cSAndrii Nakryiko 281770ed506cSAndrii Nakryiko bpf_link_put(link); 2818fec56f58SAlexei Starovoitov return 0; 2819fec56f58SAlexei Starovoitov } 2820fec56f58SAlexei Starovoitov 282170ed506cSAndrii Nakryiko #ifdef CONFIG_PROC_FS 2822f2e10bffSAndrii Nakryiko #define BPF_PROG_TYPE(_id, _name, prog_ctx_type, kern_ctx_type) 2823f2e10bffSAndrii Nakryiko #define BPF_MAP_TYPE(_id, _ops) 2824f2e10bffSAndrii Nakryiko #define BPF_LINK_TYPE(_id, _name) [_id] = #_name, 2825f2e10bffSAndrii Nakryiko static const char *bpf_link_type_strs[] = { 2826f2e10bffSAndrii Nakryiko [BPF_LINK_TYPE_UNSPEC] = "<invalid>", 2827f2e10bffSAndrii Nakryiko #include <linux/bpf_types.h> 2828f2e10bffSAndrii Nakryiko }; 2829f2e10bffSAndrii Nakryiko #undef BPF_PROG_TYPE 2830f2e10bffSAndrii Nakryiko #undef BPF_MAP_TYPE 2831f2e10bffSAndrii Nakryiko #undef BPF_LINK_TYPE 283270ed506cSAndrii Nakryiko 283370ed506cSAndrii Nakryiko static void bpf_link_show_fdinfo(struct seq_file *m, struct file *filp) 283470ed506cSAndrii Nakryiko { 283570ed506cSAndrii Nakryiko const struct bpf_link *link = filp->private_data; 283670ed506cSAndrii Nakryiko const struct bpf_prog *prog = link->prog; 283770ed506cSAndrii Nakryiko char prog_tag[sizeof(prog->tag) * 2 + 1] = { }; 283870ed506cSAndrii Nakryiko 283970ed506cSAndrii Nakryiko seq_printf(m, 284070ed506cSAndrii Nakryiko "link_type:\t%s\n" 284168b04864SKui-Feng Lee "link_id:\t%u\n", 284268b04864SKui-Feng Lee bpf_link_type_strs[link->type], 284368b04864SKui-Feng Lee link->id); 284468b04864SKui-Feng Lee if (prog) { 284568b04864SKui-Feng Lee bin2hex(prog_tag, prog->tag, sizeof(prog->tag)); 284668b04864SKui-Feng Lee seq_printf(m, 284770ed506cSAndrii Nakryiko "prog_tag:\t%s\n" 284870ed506cSAndrii Nakryiko "prog_id:\t%u\n", 284970ed506cSAndrii Nakryiko prog_tag, 285070ed506cSAndrii Nakryiko prog->aux->id); 285168b04864SKui-Feng Lee } 2852f2e10bffSAndrii Nakryiko if (link->ops->show_fdinfo) 2853f2e10bffSAndrii Nakryiko link->ops->show_fdinfo(link, m); 285470ed506cSAndrii Nakryiko } 285570ed506cSAndrii Nakryiko #endif 285670ed506cSAndrii Nakryiko 28576f302bfbSZou Wei static const struct file_operations bpf_link_fops = { 285870ed506cSAndrii Nakryiko #ifdef CONFIG_PROC_FS 285970ed506cSAndrii Nakryiko .show_fdinfo = bpf_link_show_fdinfo, 286070ed506cSAndrii Nakryiko #endif 286170ed506cSAndrii Nakryiko .release = bpf_link_release, 2862fec56f58SAlexei Starovoitov .read = bpf_dummy_read, 2863fec56f58SAlexei Starovoitov .write = bpf_dummy_write, 2864fec56f58SAlexei Starovoitov }; 2865fec56f58SAlexei Starovoitov 2866a3b80e10SAndrii Nakryiko static int bpf_link_alloc_id(struct bpf_link *link) 286770ed506cSAndrii Nakryiko { 2868a3b80e10SAndrii Nakryiko int id; 2869a3b80e10SAndrii Nakryiko 2870a3b80e10SAndrii Nakryiko idr_preload(GFP_KERNEL); 2871a3b80e10SAndrii Nakryiko spin_lock_bh(&link_idr_lock); 2872a3b80e10SAndrii Nakryiko id = idr_alloc_cyclic(&link_idr, link, 1, INT_MAX, GFP_ATOMIC); 2873a3b80e10SAndrii Nakryiko spin_unlock_bh(&link_idr_lock); 2874a3b80e10SAndrii Nakryiko idr_preload_end(); 2875a3b80e10SAndrii Nakryiko 2876a3b80e10SAndrii Nakryiko return id; 287770ed506cSAndrii Nakryiko } 287870ed506cSAndrii Nakryiko 2879a3b80e10SAndrii Nakryiko /* Prepare bpf_link to be exposed to user-space by allocating anon_inode file, 2880a3b80e10SAndrii Nakryiko * reserving unused FD and allocating ID from link_idr. This is to be paired 2881a3b80e10SAndrii Nakryiko * with bpf_link_settle() to install FD and ID and expose bpf_link to 2882a3b80e10SAndrii Nakryiko * user-space, if bpf_link is successfully attached. If not, bpf_link and 2883a3b80e10SAndrii Nakryiko * pre-allocated resources are to be freed with bpf_cleanup() call. All the 2884a3b80e10SAndrii Nakryiko * transient state is passed around in struct bpf_link_primer. 2885a3b80e10SAndrii Nakryiko * This is preferred way to create and initialize bpf_link, especially when 2886a3b80e10SAndrii Nakryiko * there are complicated and expensive operations in between creating bpf_link 2887a3b80e10SAndrii Nakryiko * itself and attaching it to BPF hook. By using bpf_link_prime() and 2888a3b80e10SAndrii Nakryiko * bpf_link_settle() kernel code using bpf_link doesn't have to perform 2889a3b80e10SAndrii Nakryiko * expensive (and potentially failing) roll back operations in a rare case 2890a3b80e10SAndrii Nakryiko * that file, FD, or ID can't be allocated. 2891babf3164SAndrii Nakryiko */ 2892a3b80e10SAndrii Nakryiko int bpf_link_prime(struct bpf_link *link, struct bpf_link_primer *primer) 2893babf3164SAndrii Nakryiko { 2894babf3164SAndrii Nakryiko struct file *file; 2895a3b80e10SAndrii Nakryiko int fd, id; 2896babf3164SAndrii Nakryiko 2897babf3164SAndrii Nakryiko fd = get_unused_fd_flags(O_CLOEXEC); 2898babf3164SAndrii Nakryiko if (fd < 0) 2899a3b80e10SAndrii Nakryiko return fd; 2900babf3164SAndrii Nakryiko 2901babf3164SAndrii Nakryiko 2902a3b80e10SAndrii Nakryiko id = bpf_link_alloc_id(link); 2903a3b80e10SAndrii Nakryiko if (id < 0) { 2904a3b80e10SAndrii Nakryiko put_unused_fd(fd); 2905a3b80e10SAndrii Nakryiko return id; 2906a3b80e10SAndrii Nakryiko } 2907babf3164SAndrii Nakryiko 2908babf3164SAndrii Nakryiko file = anon_inode_getfile("bpf_link", &bpf_link_fops, link, O_CLOEXEC); 2909babf3164SAndrii Nakryiko if (IS_ERR(file)) { 2910138c6767SAndrii Nakryiko bpf_link_free_id(id); 2911babf3164SAndrii Nakryiko put_unused_fd(fd); 2912138c6767SAndrii Nakryiko return PTR_ERR(file); 2913babf3164SAndrii Nakryiko } 2914babf3164SAndrii Nakryiko 2915a3b80e10SAndrii Nakryiko primer->link = link; 2916a3b80e10SAndrii Nakryiko primer->file = file; 2917a3b80e10SAndrii Nakryiko primer->fd = fd; 2918a3b80e10SAndrii Nakryiko primer->id = id; 2919a3b80e10SAndrii Nakryiko return 0; 2920a3b80e10SAndrii Nakryiko } 2921a3b80e10SAndrii Nakryiko 2922a3b80e10SAndrii Nakryiko int bpf_link_settle(struct bpf_link_primer *primer) 2923a3b80e10SAndrii Nakryiko { 2924a3b80e10SAndrii Nakryiko /* make bpf_link fetchable by ID */ 2925a3b80e10SAndrii Nakryiko spin_lock_bh(&link_idr_lock); 2926a3b80e10SAndrii Nakryiko primer->link->id = primer->id; 2927a3b80e10SAndrii Nakryiko spin_unlock_bh(&link_idr_lock); 2928a3b80e10SAndrii Nakryiko /* make bpf_link fetchable by FD */ 2929a3b80e10SAndrii Nakryiko fd_install(primer->fd, primer->file); 2930a3b80e10SAndrii Nakryiko /* pass through installed FD */ 2931a3b80e10SAndrii Nakryiko return primer->fd; 2932a3b80e10SAndrii Nakryiko } 2933a3b80e10SAndrii Nakryiko 2934a3b80e10SAndrii Nakryiko int bpf_link_new_fd(struct bpf_link *link) 2935a3b80e10SAndrii Nakryiko { 2936a3b80e10SAndrii Nakryiko return anon_inode_getfd("bpf-link", &bpf_link_fops, link, O_CLOEXEC); 2937babf3164SAndrii Nakryiko } 2938babf3164SAndrii Nakryiko 293970ed506cSAndrii Nakryiko struct bpf_link *bpf_link_get_from_fd(u32 ufd) 294070ed506cSAndrii Nakryiko { 294170ed506cSAndrii Nakryiko struct fd f = fdget(ufd); 294270ed506cSAndrii Nakryiko struct bpf_link *link; 294370ed506cSAndrii Nakryiko 294470ed506cSAndrii Nakryiko if (!f.file) 294570ed506cSAndrii Nakryiko return ERR_PTR(-EBADF); 294670ed506cSAndrii Nakryiko if (f.file->f_op != &bpf_link_fops) { 294770ed506cSAndrii Nakryiko fdput(f); 294870ed506cSAndrii Nakryiko return ERR_PTR(-EINVAL); 294970ed506cSAndrii Nakryiko } 295070ed506cSAndrii Nakryiko 295170ed506cSAndrii Nakryiko link = f.file->private_data; 295270ed506cSAndrii Nakryiko bpf_link_inc(link); 295370ed506cSAndrii Nakryiko fdput(f); 295470ed506cSAndrii Nakryiko 295570ed506cSAndrii Nakryiko return link; 295670ed506cSAndrii Nakryiko } 2957cb80ddc6SAlexei Starovoitov EXPORT_SYMBOL(bpf_link_get_from_fd); 295870ed506cSAndrii Nakryiko 295970ed506cSAndrii Nakryiko static void bpf_tracing_link_release(struct bpf_link *link) 296070ed506cSAndrii Nakryiko { 29613aac1eadSToke Høiland-Jørgensen struct bpf_tracing_link *tr_link = 2962f7e0beafSKui-Feng Lee container_of(link, struct bpf_tracing_link, link.link); 29633aac1eadSToke Høiland-Jørgensen 2964f7e0beafSKui-Feng Lee WARN_ON_ONCE(bpf_trampoline_unlink_prog(&tr_link->link, 29653aac1eadSToke Høiland-Jørgensen tr_link->trampoline)); 29663aac1eadSToke Høiland-Jørgensen 29673aac1eadSToke Høiland-Jørgensen bpf_trampoline_put(tr_link->trampoline); 29683aac1eadSToke Høiland-Jørgensen 29693aac1eadSToke Høiland-Jørgensen /* tgt_prog is NULL if target is a kernel function */ 29703aac1eadSToke Høiland-Jørgensen if (tr_link->tgt_prog) 29713aac1eadSToke Høiland-Jørgensen bpf_prog_put(tr_link->tgt_prog); 2972babf3164SAndrii Nakryiko } 2973babf3164SAndrii Nakryiko 2974babf3164SAndrii Nakryiko static void bpf_tracing_link_dealloc(struct bpf_link *link) 2975babf3164SAndrii Nakryiko { 297670ed506cSAndrii Nakryiko struct bpf_tracing_link *tr_link = 2977f7e0beafSKui-Feng Lee container_of(link, struct bpf_tracing_link, link.link); 297870ed506cSAndrii Nakryiko 297970ed506cSAndrii Nakryiko kfree(tr_link); 298070ed506cSAndrii Nakryiko } 298170ed506cSAndrii Nakryiko 2982f2e10bffSAndrii Nakryiko static void bpf_tracing_link_show_fdinfo(const struct bpf_link *link, 2983f2e10bffSAndrii Nakryiko struct seq_file *seq) 2984f2e10bffSAndrii Nakryiko { 2985f2e10bffSAndrii Nakryiko struct bpf_tracing_link *tr_link = 2986f7e0beafSKui-Feng Lee container_of(link, struct bpf_tracing_link, link.link); 2987e859e429SYafang Shao u32 target_btf_id, target_obj_id; 2988f2e10bffSAndrii Nakryiko 2989e859e429SYafang Shao bpf_trampoline_unpack_key(tr_link->trampoline->key, 2990e859e429SYafang Shao &target_obj_id, &target_btf_id); 2991f2e10bffSAndrii Nakryiko seq_printf(seq, 2992e859e429SYafang Shao "attach_type:\t%d\n" 2993e859e429SYafang Shao "target_obj_id:\t%u\n" 2994e859e429SYafang Shao "target_btf_id:\t%u\n", 2995e859e429SYafang Shao tr_link->attach_type, 2996e859e429SYafang Shao target_obj_id, 2997e859e429SYafang Shao target_btf_id); 2998f2e10bffSAndrii Nakryiko } 2999f2e10bffSAndrii Nakryiko 3000f2e10bffSAndrii Nakryiko static int bpf_tracing_link_fill_link_info(const struct bpf_link *link, 3001f2e10bffSAndrii Nakryiko struct bpf_link_info *info) 3002f2e10bffSAndrii Nakryiko { 3003f2e10bffSAndrii Nakryiko struct bpf_tracing_link *tr_link = 3004f7e0beafSKui-Feng Lee container_of(link, struct bpf_tracing_link, link.link); 3005f2e10bffSAndrii Nakryiko 3006f2e10bffSAndrii Nakryiko info->tracing.attach_type = tr_link->attach_type; 3007441e8c66SToke Høiland-Jørgensen bpf_trampoline_unpack_key(tr_link->trampoline->key, 3008441e8c66SToke Høiland-Jørgensen &info->tracing.target_obj_id, 3009441e8c66SToke Høiland-Jørgensen &info->tracing.target_btf_id); 3010f2e10bffSAndrii Nakryiko 3011f2e10bffSAndrii Nakryiko return 0; 3012f2e10bffSAndrii Nakryiko } 3013f2e10bffSAndrii Nakryiko 301470ed506cSAndrii Nakryiko static const struct bpf_link_ops bpf_tracing_link_lops = { 301570ed506cSAndrii Nakryiko .release = bpf_tracing_link_release, 3016babf3164SAndrii Nakryiko .dealloc = bpf_tracing_link_dealloc, 3017f2e10bffSAndrii Nakryiko .show_fdinfo = bpf_tracing_link_show_fdinfo, 3018f2e10bffSAndrii Nakryiko .fill_link_info = bpf_tracing_link_fill_link_info, 301970ed506cSAndrii Nakryiko }; 302070ed506cSAndrii Nakryiko 30214a1e7c0cSToke Høiland-Jørgensen static int bpf_tracing_prog_attach(struct bpf_prog *prog, 30224a1e7c0cSToke Høiland-Jørgensen int tgt_prog_fd, 30232fcc8241SKui-Feng Lee u32 btf_id, 30242fcc8241SKui-Feng Lee u64 bpf_cookie) 3025fec56f58SAlexei Starovoitov { 3026a3b80e10SAndrii Nakryiko struct bpf_link_primer link_primer; 30273aac1eadSToke Høiland-Jørgensen struct bpf_prog *tgt_prog = NULL; 30284a1e7c0cSToke Høiland-Jørgensen struct bpf_trampoline *tr = NULL; 302970ed506cSAndrii Nakryiko struct bpf_tracing_link *link; 30304a1e7c0cSToke Høiland-Jørgensen u64 key = 0; 3031a3b80e10SAndrii Nakryiko int err; 3032fec56f58SAlexei Starovoitov 30339e4e01dfSKP Singh switch (prog->type) { 30349e4e01dfSKP Singh case BPF_PROG_TYPE_TRACING: 3035fec56f58SAlexei Starovoitov if (prog->expected_attach_type != BPF_TRACE_FENTRY && 3036be8704ffSAlexei Starovoitov prog->expected_attach_type != BPF_TRACE_FEXIT && 30379e4e01dfSKP Singh prog->expected_attach_type != BPF_MODIFY_RETURN) { 30389e4e01dfSKP Singh err = -EINVAL; 30399e4e01dfSKP Singh goto out_put_prog; 30409e4e01dfSKP Singh } 30419e4e01dfSKP Singh break; 30429e4e01dfSKP Singh case BPF_PROG_TYPE_EXT: 30439e4e01dfSKP Singh if (prog->expected_attach_type != 0) { 30449e4e01dfSKP Singh err = -EINVAL; 30459e4e01dfSKP Singh goto out_put_prog; 30469e4e01dfSKP Singh } 30479e4e01dfSKP Singh break; 30489e4e01dfSKP Singh case BPF_PROG_TYPE_LSM: 30499e4e01dfSKP Singh if (prog->expected_attach_type != BPF_LSM_MAC) { 30509e4e01dfSKP Singh err = -EINVAL; 30519e4e01dfSKP Singh goto out_put_prog; 30529e4e01dfSKP Singh } 30539e4e01dfSKP Singh break; 30549e4e01dfSKP Singh default: 3055fec56f58SAlexei Starovoitov err = -EINVAL; 3056fec56f58SAlexei Starovoitov goto out_put_prog; 3057fec56f58SAlexei Starovoitov } 3058fec56f58SAlexei Starovoitov 30594a1e7c0cSToke Høiland-Jørgensen if (!!tgt_prog_fd != !!btf_id) { 30604a1e7c0cSToke Høiland-Jørgensen err = -EINVAL; 30614a1e7c0cSToke Høiland-Jørgensen goto out_put_prog; 30624a1e7c0cSToke Høiland-Jørgensen } 30634a1e7c0cSToke Høiland-Jørgensen 30644a1e7c0cSToke Høiland-Jørgensen if (tgt_prog_fd) { 30654a1e7c0cSToke Høiland-Jørgensen /* For now we only allow new targets for BPF_PROG_TYPE_EXT */ 30664a1e7c0cSToke Høiland-Jørgensen if (prog->type != BPF_PROG_TYPE_EXT) { 30674a1e7c0cSToke Høiland-Jørgensen err = -EINVAL; 30684a1e7c0cSToke Høiland-Jørgensen goto out_put_prog; 30694a1e7c0cSToke Høiland-Jørgensen } 30704a1e7c0cSToke Høiland-Jørgensen 30714a1e7c0cSToke Høiland-Jørgensen tgt_prog = bpf_prog_get(tgt_prog_fd); 30724a1e7c0cSToke Høiland-Jørgensen if (IS_ERR(tgt_prog)) { 30734a1e7c0cSToke Høiland-Jørgensen err = PTR_ERR(tgt_prog); 30744a1e7c0cSToke Høiland-Jørgensen tgt_prog = NULL; 30754a1e7c0cSToke Høiland-Jørgensen goto out_put_prog; 30764a1e7c0cSToke Høiland-Jørgensen } 30774a1e7c0cSToke Høiland-Jørgensen 307822dc4a0fSAndrii Nakryiko key = bpf_trampoline_compute_key(tgt_prog, NULL, btf_id); 30794a1e7c0cSToke Høiland-Jørgensen } 30804a1e7c0cSToke Høiland-Jørgensen 308170ed506cSAndrii Nakryiko link = kzalloc(sizeof(*link), GFP_USER); 308270ed506cSAndrii Nakryiko if (!link) { 308370ed506cSAndrii Nakryiko err = -ENOMEM; 3084fec56f58SAlexei Starovoitov goto out_put_prog; 3085fec56f58SAlexei Starovoitov } 3086f7e0beafSKui-Feng Lee bpf_link_init(&link->link.link, BPF_LINK_TYPE_TRACING, 3087f2e10bffSAndrii Nakryiko &bpf_tracing_link_lops, prog); 3088f2e10bffSAndrii Nakryiko link->attach_type = prog->expected_attach_type; 30892fcc8241SKui-Feng Lee link->link.cookie = bpf_cookie; 3090fec56f58SAlexei Starovoitov 30913aac1eadSToke Høiland-Jørgensen mutex_lock(&prog->aux->dst_mutex); 3092babf3164SAndrii Nakryiko 30934a1e7c0cSToke Høiland-Jørgensen /* There are a few possible cases here: 30944a1e7c0cSToke Høiland-Jørgensen * 30954a1e7c0cSToke Høiland-Jørgensen * - if prog->aux->dst_trampoline is set, the program was just loaded 30964a1e7c0cSToke Høiland-Jørgensen * and not yet attached to anything, so we can use the values stored 30974a1e7c0cSToke Høiland-Jørgensen * in prog->aux 30984a1e7c0cSToke Høiland-Jørgensen * 30994a1e7c0cSToke Høiland-Jørgensen * - if prog->aux->dst_trampoline is NULL, the program has already been 31004a1e7c0cSToke Høiland-Jørgensen * attached to a target and its initial target was cleared (below) 31014a1e7c0cSToke Høiland-Jørgensen * 31024a1e7c0cSToke Høiland-Jørgensen * - if tgt_prog != NULL, the caller specified tgt_prog_fd + 31034a1e7c0cSToke Høiland-Jørgensen * target_btf_id using the link_create API. 31044a1e7c0cSToke Høiland-Jørgensen * 31054a1e7c0cSToke Høiland-Jørgensen * - if tgt_prog == NULL when this function was called using the old 31064a1e7c0cSToke Høiland-Jørgensen * raw_tracepoint_open API, and we need a target from prog->aux 31074a1e7c0cSToke Høiland-Jørgensen * 3108f3a95075SJiri Olsa * - if prog->aux->dst_trampoline and tgt_prog is NULL, the program 3109f3a95075SJiri Olsa * was detached and is going for re-attachment. 31104a1e7c0cSToke Høiland-Jørgensen */ 31114a1e7c0cSToke Høiland-Jørgensen if (!prog->aux->dst_trampoline && !tgt_prog) { 3112f3a95075SJiri Olsa /* 3113f3a95075SJiri Olsa * Allow re-attach for TRACING and LSM programs. If it's 3114f3a95075SJiri Olsa * currently linked, bpf_trampoline_link_prog will fail. 3115f3a95075SJiri Olsa * EXT programs need to specify tgt_prog_fd, so they 3116f3a95075SJiri Olsa * re-attach in separate code path. 3117f3a95075SJiri Olsa */ 3118f3a95075SJiri Olsa if (prog->type != BPF_PROG_TYPE_TRACING && 3119f3a95075SJiri Olsa prog->type != BPF_PROG_TYPE_LSM) { 3120f3a95075SJiri Olsa err = -EINVAL; 31213aac1eadSToke Høiland-Jørgensen goto out_unlock; 31223aac1eadSToke Høiland-Jørgensen } 3123f3a95075SJiri Olsa btf_id = prog->aux->attach_btf_id; 3124f3a95075SJiri Olsa key = bpf_trampoline_compute_key(NULL, prog->aux->attach_btf, btf_id); 3125f3a95075SJiri Olsa } 31264a1e7c0cSToke Høiland-Jørgensen 31274a1e7c0cSToke Høiland-Jørgensen if (!prog->aux->dst_trampoline || 31284a1e7c0cSToke Høiland-Jørgensen (key && key != prog->aux->dst_trampoline->key)) { 31294a1e7c0cSToke Høiland-Jørgensen /* If there is no saved target, or the specified target is 31304a1e7c0cSToke Høiland-Jørgensen * different from the destination specified at load time, we 31314a1e7c0cSToke Høiland-Jørgensen * need a new trampoline and a check for compatibility 31324a1e7c0cSToke Høiland-Jørgensen */ 31334a1e7c0cSToke Høiland-Jørgensen struct bpf_attach_target_info tgt_info = {}; 31344a1e7c0cSToke Høiland-Jørgensen 31354a1e7c0cSToke Høiland-Jørgensen err = bpf_check_attach_target(NULL, prog, tgt_prog, btf_id, 31364a1e7c0cSToke Høiland-Jørgensen &tgt_info); 31374a1e7c0cSToke Høiland-Jørgensen if (err) 31384a1e7c0cSToke Høiland-Jørgensen goto out_unlock; 31394a1e7c0cSToke Høiland-Jørgensen 314031bf1dbcSViktor Malik if (tgt_info.tgt_mod) { 314131bf1dbcSViktor Malik module_put(prog->aux->mod); 314231bf1dbcSViktor Malik prog->aux->mod = tgt_info.tgt_mod; 314331bf1dbcSViktor Malik } 314431bf1dbcSViktor Malik 31454a1e7c0cSToke Høiland-Jørgensen tr = bpf_trampoline_get(key, &tgt_info); 31464a1e7c0cSToke Høiland-Jørgensen if (!tr) { 31474a1e7c0cSToke Høiland-Jørgensen err = -ENOMEM; 31484a1e7c0cSToke Høiland-Jørgensen goto out_unlock; 31494a1e7c0cSToke Høiland-Jørgensen } 31504a1e7c0cSToke Høiland-Jørgensen } else { 31514a1e7c0cSToke Høiland-Jørgensen /* The caller didn't specify a target, or the target was the 31524a1e7c0cSToke Høiland-Jørgensen * same as the destination supplied during program load. This 31534a1e7c0cSToke Høiland-Jørgensen * means we can reuse the trampoline and reference from program 31544a1e7c0cSToke Høiland-Jørgensen * load time, and there is no need to allocate a new one. This 31554a1e7c0cSToke Høiland-Jørgensen * can only happen once for any program, as the saved values in 31564a1e7c0cSToke Høiland-Jørgensen * prog->aux are cleared below. 31574a1e7c0cSToke Høiland-Jørgensen */ 31583aac1eadSToke Høiland-Jørgensen tr = prog->aux->dst_trampoline; 31593aac1eadSToke Høiland-Jørgensen tgt_prog = prog->aux->dst_prog; 31604a1e7c0cSToke Høiland-Jørgensen } 31613aac1eadSToke Høiland-Jørgensen 3162f7e0beafSKui-Feng Lee err = bpf_link_prime(&link->link.link, &link_primer); 31633aac1eadSToke Høiland-Jørgensen if (err) 31643aac1eadSToke Høiland-Jørgensen goto out_unlock; 31653aac1eadSToke Høiland-Jørgensen 3166f7e0beafSKui-Feng Lee err = bpf_trampoline_link_prog(&link->link, tr); 3167babf3164SAndrii Nakryiko if (err) { 3168a3b80e10SAndrii Nakryiko bpf_link_cleanup(&link_primer); 31693aac1eadSToke Høiland-Jørgensen link = NULL; 31703aac1eadSToke Høiland-Jørgensen goto out_unlock; 3171babf3164SAndrii Nakryiko } 3172babf3164SAndrii Nakryiko 31733aac1eadSToke Høiland-Jørgensen link->tgt_prog = tgt_prog; 31743aac1eadSToke Høiland-Jørgensen link->trampoline = tr; 31753aac1eadSToke Høiland-Jørgensen 31764a1e7c0cSToke Høiland-Jørgensen /* Always clear the trampoline and target prog from prog->aux to make 31774a1e7c0cSToke Høiland-Jørgensen * sure the original attach destination is not kept alive after a 31784a1e7c0cSToke Høiland-Jørgensen * program is (re-)attached to another target. 31794a1e7c0cSToke Høiland-Jørgensen */ 31804a1e7c0cSToke Høiland-Jørgensen if (prog->aux->dst_prog && 31814a1e7c0cSToke Høiland-Jørgensen (tgt_prog_fd || tr != prog->aux->dst_trampoline)) 31824a1e7c0cSToke Høiland-Jørgensen /* got extra prog ref from syscall, or attaching to different prog */ 31834a1e7c0cSToke Høiland-Jørgensen bpf_prog_put(prog->aux->dst_prog); 31844a1e7c0cSToke Høiland-Jørgensen if (prog->aux->dst_trampoline && tr != prog->aux->dst_trampoline) 31854a1e7c0cSToke Høiland-Jørgensen /* we allocated a new trampoline, so free the old one */ 31864a1e7c0cSToke Høiland-Jørgensen bpf_trampoline_put(prog->aux->dst_trampoline); 31874a1e7c0cSToke Høiland-Jørgensen 31883aac1eadSToke Høiland-Jørgensen prog->aux->dst_prog = NULL; 31893aac1eadSToke Høiland-Jørgensen prog->aux->dst_trampoline = NULL; 31903aac1eadSToke Høiland-Jørgensen mutex_unlock(&prog->aux->dst_mutex); 31913aac1eadSToke Høiland-Jørgensen 3192a3b80e10SAndrii Nakryiko return bpf_link_settle(&link_primer); 31933aac1eadSToke Høiland-Jørgensen out_unlock: 31944a1e7c0cSToke Høiland-Jørgensen if (tr && tr != prog->aux->dst_trampoline) 31954a1e7c0cSToke Høiland-Jørgensen bpf_trampoline_put(tr); 31963aac1eadSToke Høiland-Jørgensen mutex_unlock(&prog->aux->dst_mutex); 31973aac1eadSToke Høiland-Jørgensen kfree(link); 3198fec56f58SAlexei Starovoitov out_put_prog: 31994a1e7c0cSToke Høiland-Jørgensen if (tgt_prog_fd && tgt_prog) 32004a1e7c0cSToke Høiland-Jørgensen bpf_prog_put(tgt_prog); 3201fec56f58SAlexei Starovoitov return err; 3202fec56f58SAlexei Starovoitov } 3203fec56f58SAlexei Starovoitov 320470ed506cSAndrii Nakryiko struct bpf_raw_tp_link { 320570ed506cSAndrii Nakryiko struct bpf_link link; 3206c4f6699dSAlexei Starovoitov struct bpf_raw_event_map *btp; 3207c4f6699dSAlexei Starovoitov }; 3208c4f6699dSAlexei Starovoitov 320970ed506cSAndrii Nakryiko static void bpf_raw_tp_link_release(struct bpf_link *link) 3210c4f6699dSAlexei Starovoitov { 321170ed506cSAndrii Nakryiko struct bpf_raw_tp_link *raw_tp = 321270ed506cSAndrii Nakryiko container_of(link, struct bpf_raw_tp_link, link); 3213c4f6699dSAlexei Starovoitov 321470ed506cSAndrii Nakryiko bpf_probe_unregister(raw_tp->btp, raw_tp->link.prog); 3215a38d1107SMatt Mullins bpf_put_raw_tracepoint(raw_tp->btp); 3216babf3164SAndrii Nakryiko } 3217babf3164SAndrii Nakryiko 3218babf3164SAndrii Nakryiko static void bpf_raw_tp_link_dealloc(struct bpf_link *link) 3219babf3164SAndrii Nakryiko { 3220babf3164SAndrii Nakryiko struct bpf_raw_tp_link *raw_tp = 3221babf3164SAndrii Nakryiko container_of(link, struct bpf_raw_tp_link, link); 3222babf3164SAndrii Nakryiko 3223c4f6699dSAlexei Starovoitov kfree(raw_tp); 3224c4f6699dSAlexei Starovoitov } 3225c4f6699dSAlexei Starovoitov 3226f2e10bffSAndrii Nakryiko static void bpf_raw_tp_link_show_fdinfo(const struct bpf_link *link, 3227f2e10bffSAndrii Nakryiko struct seq_file *seq) 3228f2e10bffSAndrii Nakryiko { 3229f2e10bffSAndrii Nakryiko struct bpf_raw_tp_link *raw_tp_link = 3230f2e10bffSAndrii Nakryiko container_of(link, struct bpf_raw_tp_link, link); 3231f2e10bffSAndrii Nakryiko 3232f2e10bffSAndrii Nakryiko seq_printf(seq, 3233f2e10bffSAndrii Nakryiko "tp_name:\t%s\n", 3234f2e10bffSAndrii Nakryiko raw_tp_link->btp->tp->name); 3235f2e10bffSAndrii Nakryiko } 3236f2e10bffSAndrii Nakryiko 3237f2e10bffSAndrii Nakryiko static int bpf_raw_tp_link_fill_link_info(const struct bpf_link *link, 3238f2e10bffSAndrii Nakryiko struct bpf_link_info *info) 3239f2e10bffSAndrii Nakryiko { 3240f2e10bffSAndrii Nakryiko struct bpf_raw_tp_link *raw_tp_link = 3241f2e10bffSAndrii Nakryiko container_of(link, struct bpf_raw_tp_link, link); 3242f2e10bffSAndrii Nakryiko char __user *ubuf = u64_to_user_ptr(info->raw_tracepoint.tp_name); 3243f2e10bffSAndrii Nakryiko const char *tp_name = raw_tp_link->btp->tp->name; 3244f2e10bffSAndrii Nakryiko u32 ulen = info->raw_tracepoint.tp_name_len; 3245f2e10bffSAndrii Nakryiko size_t tp_len = strlen(tp_name); 3246f2e10bffSAndrii Nakryiko 3247b474959dSYonghong Song if (!ulen ^ !ubuf) 3248f2e10bffSAndrii Nakryiko return -EINVAL; 3249f2e10bffSAndrii Nakryiko 3250f2e10bffSAndrii Nakryiko info->raw_tracepoint.tp_name_len = tp_len + 1; 3251f2e10bffSAndrii Nakryiko 3252f2e10bffSAndrii Nakryiko if (!ubuf) 3253f2e10bffSAndrii Nakryiko return 0; 3254f2e10bffSAndrii Nakryiko 3255f2e10bffSAndrii Nakryiko if (ulen >= tp_len + 1) { 3256f2e10bffSAndrii Nakryiko if (copy_to_user(ubuf, tp_name, tp_len + 1)) 3257f2e10bffSAndrii Nakryiko return -EFAULT; 3258f2e10bffSAndrii Nakryiko } else { 3259f2e10bffSAndrii Nakryiko char zero = '\0'; 3260f2e10bffSAndrii Nakryiko 3261f2e10bffSAndrii Nakryiko if (copy_to_user(ubuf, tp_name, ulen - 1)) 3262f2e10bffSAndrii Nakryiko return -EFAULT; 3263f2e10bffSAndrii Nakryiko if (put_user(zero, ubuf + ulen - 1)) 3264f2e10bffSAndrii Nakryiko return -EFAULT; 3265f2e10bffSAndrii Nakryiko return -ENOSPC; 3266f2e10bffSAndrii Nakryiko } 3267f2e10bffSAndrii Nakryiko 3268f2e10bffSAndrii Nakryiko return 0; 3269f2e10bffSAndrii Nakryiko } 3270f2e10bffSAndrii Nakryiko 3271a3b80e10SAndrii Nakryiko static const struct bpf_link_ops bpf_raw_tp_link_lops = { 327270ed506cSAndrii Nakryiko .release = bpf_raw_tp_link_release, 3273babf3164SAndrii Nakryiko .dealloc = bpf_raw_tp_link_dealloc, 3274f2e10bffSAndrii Nakryiko .show_fdinfo = bpf_raw_tp_link_show_fdinfo, 3275f2e10bffSAndrii Nakryiko .fill_link_info = bpf_raw_tp_link_fill_link_info, 3276c4f6699dSAlexei Starovoitov }; 3277c4f6699dSAlexei Starovoitov 3278b89fbfbbSAndrii Nakryiko #ifdef CONFIG_PERF_EVENTS 3279b89fbfbbSAndrii Nakryiko struct bpf_perf_link { 3280b89fbfbbSAndrii Nakryiko struct bpf_link link; 3281b89fbfbbSAndrii Nakryiko struct file *perf_file; 3282b89fbfbbSAndrii Nakryiko }; 3283b89fbfbbSAndrii Nakryiko 3284b89fbfbbSAndrii Nakryiko static void bpf_perf_link_release(struct bpf_link *link) 3285b89fbfbbSAndrii Nakryiko { 3286b89fbfbbSAndrii Nakryiko struct bpf_perf_link *perf_link = container_of(link, struct bpf_perf_link, link); 3287b89fbfbbSAndrii Nakryiko struct perf_event *event = perf_link->perf_file->private_data; 3288b89fbfbbSAndrii Nakryiko 3289b89fbfbbSAndrii Nakryiko perf_event_free_bpf_prog(event); 3290b89fbfbbSAndrii Nakryiko fput(perf_link->perf_file); 3291b89fbfbbSAndrii Nakryiko } 3292b89fbfbbSAndrii Nakryiko 3293b89fbfbbSAndrii Nakryiko static void bpf_perf_link_dealloc(struct bpf_link *link) 3294b89fbfbbSAndrii Nakryiko { 3295b89fbfbbSAndrii Nakryiko struct bpf_perf_link *perf_link = container_of(link, struct bpf_perf_link, link); 3296b89fbfbbSAndrii Nakryiko 3297b89fbfbbSAndrii Nakryiko kfree(perf_link); 3298b89fbfbbSAndrii Nakryiko } 3299b89fbfbbSAndrii Nakryiko 3300b89fbfbbSAndrii Nakryiko static const struct bpf_link_ops bpf_perf_link_lops = { 3301b89fbfbbSAndrii Nakryiko .release = bpf_perf_link_release, 3302b89fbfbbSAndrii Nakryiko .dealloc = bpf_perf_link_dealloc, 3303b89fbfbbSAndrii Nakryiko }; 3304b89fbfbbSAndrii Nakryiko 3305b89fbfbbSAndrii Nakryiko static int bpf_perf_link_attach(const union bpf_attr *attr, struct bpf_prog *prog) 3306b89fbfbbSAndrii Nakryiko { 3307b89fbfbbSAndrii Nakryiko struct bpf_link_primer link_primer; 3308b89fbfbbSAndrii Nakryiko struct bpf_perf_link *link; 3309b89fbfbbSAndrii Nakryiko struct perf_event *event; 3310b89fbfbbSAndrii Nakryiko struct file *perf_file; 3311b89fbfbbSAndrii Nakryiko int err; 3312b89fbfbbSAndrii Nakryiko 3313b89fbfbbSAndrii Nakryiko if (attr->link_create.flags) 3314b89fbfbbSAndrii Nakryiko return -EINVAL; 3315b89fbfbbSAndrii Nakryiko 3316b89fbfbbSAndrii Nakryiko perf_file = perf_event_get(attr->link_create.target_fd); 3317b89fbfbbSAndrii Nakryiko if (IS_ERR(perf_file)) 3318b89fbfbbSAndrii Nakryiko return PTR_ERR(perf_file); 3319b89fbfbbSAndrii Nakryiko 3320b89fbfbbSAndrii Nakryiko link = kzalloc(sizeof(*link), GFP_USER); 3321b89fbfbbSAndrii Nakryiko if (!link) { 3322b89fbfbbSAndrii Nakryiko err = -ENOMEM; 3323b89fbfbbSAndrii Nakryiko goto out_put_file; 3324b89fbfbbSAndrii Nakryiko } 3325b89fbfbbSAndrii Nakryiko bpf_link_init(&link->link, BPF_LINK_TYPE_PERF_EVENT, &bpf_perf_link_lops, prog); 3326b89fbfbbSAndrii Nakryiko link->perf_file = perf_file; 3327b89fbfbbSAndrii Nakryiko 3328b89fbfbbSAndrii Nakryiko err = bpf_link_prime(&link->link, &link_primer); 3329b89fbfbbSAndrii Nakryiko if (err) { 3330b89fbfbbSAndrii Nakryiko kfree(link); 3331b89fbfbbSAndrii Nakryiko goto out_put_file; 3332b89fbfbbSAndrii Nakryiko } 3333b89fbfbbSAndrii Nakryiko 3334b89fbfbbSAndrii Nakryiko event = perf_file->private_data; 333582e6b1eeSAndrii Nakryiko err = perf_event_set_bpf_prog(event, prog, attr->link_create.perf_event.bpf_cookie); 3336b89fbfbbSAndrii Nakryiko if (err) { 3337b89fbfbbSAndrii Nakryiko bpf_link_cleanup(&link_primer); 3338b89fbfbbSAndrii Nakryiko goto out_put_file; 3339b89fbfbbSAndrii Nakryiko } 3340b89fbfbbSAndrii Nakryiko /* perf_event_set_bpf_prog() doesn't take its own refcnt on prog */ 3341b89fbfbbSAndrii Nakryiko bpf_prog_inc(prog); 3342b89fbfbbSAndrii Nakryiko 3343b89fbfbbSAndrii Nakryiko return bpf_link_settle(&link_primer); 3344b89fbfbbSAndrii Nakryiko 3345b89fbfbbSAndrii Nakryiko out_put_file: 3346b89fbfbbSAndrii Nakryiko fput(perf_file); 3347b89fbfbbSAndrii Nakryiko return err; 3348b89fbfbbSAndrii Nakryiko } 33490dcac272SJiri Olsa #else 33500dcac272SJiri Olsa static int bpf_perf_link_attach(const union bpf_attr *attr, struct bpf_prog *prog) 33510dcac272SJiri Olsa { 33520dcac272SJiri Olsa return -EOPNOTSUPP; 33530dcac272SJiri Olsa } 3354b89fbfbbSAndrii Nakryiko #endif /* CONFIG_PERF_EVENTS */ 3355b89fbfbbSAndrii Nakryiko 3356df86ca0dSAndrii Nakryiko static int bpf_raw_tp_link_attach(struct bpf_prog *prog, 3357df86ca0dSAndrii Nakryiko const char __user *user_tp_name) 3358c4f6699dSAlexei Starovoitov { 3359a3b80e10SAndrii Nakryiko struct bpf_link_primer link_primer; 3360babf3164SAndrii Nakryiko struct bpf_raw_tp_link *link; 3361c4f6699dSAlexei Starovoitov struct bpf_raw_event_map *btp; 3362ac4414b5SAlexei Starovoitov const char *tp_name; 3363ac4414b5SAlexei Starovoitov char buf[128]; 3364a3b80e10SAndrii Nakryiko int err; 3365c4f6699dSAlexei Starovoitov 33669e4e01dfSKP Singh switch (prog->type) { 33679e4e01dfSKP Singh case BPF_PROG_TYPE_TRACING: 33689e4e01dfSKP Singh case BPF_PROG_TYPE_EXT: 33699e4e01dfSKP Singh case BPF_PROG_TYPE_LSM: 3370df86ca0dSAndrii Nakryiko if (user_tp_name) 3371fec56f58SAlexei Starovoitov /* The attach point for this category of programs 3372fec56f58SAlexei Starovoitov * should be specified via btf_id during program load. 3373ac4414b5SAlexei Starovoitov */ 3374df86ca0dSAndrii Nakryiko return -EINVAL; 33759e4e01dfSKP Singh if (prog->type == BPF_PROG_TYPE_TRACING && 33769e4e01dfSKP Singh prog->expected_attach_type == BPF_TRACE_RAW_TP) { 337738207291SMartin KaFai Lau tp_name = prog->aux->attach_func_name; 33789e4e01dfSKP Singh break; 33799e4e01dfSKP Singh } 33802fcc8241SKui-Feng Lee return bpf_tracing_prog_attach(prog, 0, 0, 0); 33819e4e01dfSKP Singh case BPF_PROG_TYPE_RAW_TRACEPOINT: 33829e4e01dfSKP Singh case BPF_PROG_TYPE_RAW_TRACEPOINT_WRITABLE: 3383df86ca0dSAndrii Nakryiko if (strncpy_from_user(buf, user_tp_name, sizeof(buf) - 1) < 0) 3384df86ca0dSAndrii Nakryiko return -EFAULT; 3385ac4414b5SAlexei Starovoitov buf[sizeof(buf) - 1] = 0; 3386ac4414b5SAlexei Starovoitov tp_name = buf; 33879e4e01dfSKP Singh break; 33889e4e01dfSKP Singh default: 3389df86ca0dSAndrii Nakryiko return -EINVAL; 3390ac4414b5SAlexei Starovoitov } 3391c4f6699dSAlexei Starovoitov 3392a38d1107SMatt Mullins btp = bpf_get_raw_tracepoint(tp_name); 3393df86ca0dSAndrii Nakryiko if (!btp) 3394df86ca0dSAndrii Nakryiko return -ENOENT; 3395c4f6699dSAlexei Starovoitov 3396babf3164SAndrii Nakryiko link = kzalloc(sizeof(*link), GFP_USER); 3397babf3164SAndrii Nakryiko if (!link) { 3398a38d1107SMatt Mullins err = -ENOMEM; 3399a38d1107SMatt Mullins goto out_put_btp; 3400a38d1107SMatt Mullins } 3401f2e10bffSAndrii Nakryiko bpf_link_init(&link->link, BPF_LINK_TYPE_RAW_TRACEPOINT, 3402f2e10bffSAndrii Nakryiko &bpf_raw_tp_link_lops, prog); 3403babf3164SAndrii Nakryiko link->btp = btp; 3404c4f6699dSAlexei Starovoitov 3405a3b80e10SAndrii Nakryiko err = bpf_link_prime(&link->link, &link_primer); 3406a3b80e10SAndrii Nakryiko if (err) { 3407babf3164SAndrii Nakryiko kfree(link); 3408babf3164SAndrii Nakryiko goto out_put_btp; 3409c4f6699dSAlexei Starovoitov } 3410babf3164SAndrii Nakryiko 3411babf3164SAndrii Nakryiko err = bpf_probe_register(link->btp, prog); 3412babf3164SAndrii Nakryiko if (err) { 3413a3b80e10SAndrii Nakryiko bpf_link_cleanup(&link_primer); 3414babf3164SAndrii Nakryiko goto out_put_btp; 3415babf3164SAndrii Nakryiko } 3416babf3164SAndrii Nakryiko 3417a3b80e10SAndrii Nakryiko return bpf_link_settle(&link_primer); 3418c4f6699dSAlexei Starovoitov 3419a38d1107SMatt Mullins out_put_btp: 3420a38d1107SMatt Mullins bpf_put_raw_tracepoint(btp); 3421c4f6699dSAlexei Starovoitov return err; 3422c4f6699dSAlexei Starovoitov } 3423c4f6699dSAlexei Starovoitov 3424df86ca0dSAndrii Nakryiko #define BPF_RAW_TRACEPOINT_OPEN_LAST_FIELD raw_tracepoint.prog_fd 3425df86ca0dSAndrii Nakryiko 3426df86ca0dSAndrii Nakryiko static int bpf_raw_tracepoint_open(const union bpf_attr *attr) 3427df86ca0dSAndrii Nakryiko { 3428df86ca0dSAndrii Nakryiko struct bpf_prog *prog; 3429df86ca0dSAndrii Nakryiko int fd; 3430df86ca0dSAndrii Nakryiko 3431df86ca0dSAndrii Nakryiko if (CHECK_ATTR(BPF_RAW_TRACEPOINT_OPEN)) 3432df86ca0dSAndrii Nakryiko return -EINVAL; 3433df86ca0dSAndrii Nakryiko 3434df86ca0dSAndrii Nakryiko prog = bpf_prog_get(attr->raw_tracepoint.prog_fd); 3435df86ca0dSAndrii Nakryiko if (IS_ERR(prog)) 3436df86ca0dSAndrii Nakryiko return PTR_ERR(prog); 3437df86ca0dSAndrii Nakryiko 3438df86ca0dSAndrii Nakryiko fd = bpf_raw_tp_link_attach(prog, u64_to_user_ptr(attr->raw_tracepoint.name)); 3439df86ca0dSAndrii Nakryiko if (fd < 0) 3440df86ca0dSAndrii Nakryiko bpf_prog_put(prog); 3441df86ca0dSAndrii Nakryiko return fd; 3442df86ca0dSAndrii Nakryiko } 3443df86ca0dSAndrii Nakryiko 344433491588SAnders Roxell static int bpf_prog_attach_check_attach_type(const struct bpf_prog *prog, 344533491588SAnders Roxell enum bpf_attach_type attach_type) 344633491588SAnders Roxell { 344733491588SAnders Roxell switch (prog->type) { 344833491588SAnders Roxell case BPF_PROG_TYPE_CGROUP_SOCK: 344933491588SAnders Roxell case BPF_PROG_TYPE_CGROUP_SOCK_ADDR: 34500d01da6aSStanislav Fomichev case BPF_PROG_TYPE_CGROUP_SOCKOPT: 3451e9ddbb77SJakub Sitnicki case BPF_PROG_TYPE_SK_LOOKUP: 345233491588SAnders Roxell return attach_type == prog->expected_attach_type ? 0 : -EINVAL; 34535cf1e914Sbrakmo case BPF_PROG_TYPE_CGROUP_SKB: 34542c78ee89SAlexei Starovoitov if (!capable(CAP_NET_ADMIN)) 34552c78ee89SAlexei Starovoitov /* cg-skb progs can be loaded by unpriv user. 34562c78ee89SAlexei Starovoitov * check permissions at attach time. 34572c78ee89SAlexei Starovoitov */ 34582c78ee89SAlexei Starovoitov return -EPERM; 34595cf1e914Sbrakmo return prog->enforce_expected_attach_type && 34605cf1e914Sbrakmo prog->expected_attach_type != attach_type ? 34615cf1e914Sbrakmo -EINVAL : 0; 346233491588SAnders Roxell default: 346333491588SAnders Roxell return 0; 346433491588SAnders Roxell } 346533491588SAnders Roxell } 346633491588SAnders Roxell 3467e28784e3SAndrii Nakryiko static enum bpf_prog_type 3468e28784e3SAndrii Nakryiko attach_type_to_prog_type(enum bpf_attach_type attach_type) 3469e28784e3SAndrii Nakryiko { 3470e28784e3SAndrii Nakryiko switch (attach_type) { 3471e28784e3SAndrii Nakryiko case BPF_CGROUP_INET_INGRESS: 3472e28784e3SAndrii Nakryiko case BPF_CGROUP_INET_EGRESS: 3473e28784e3SAndrii Nakryiko return BPF_PROG_TYPE_CGROUP_SKB; 3474e28784e3SAndrii Nakryiko case BPF_CGROUP_INET_SOCK_CREATE: 3475f5836749SStanislav Fomichev case BPF_CGROUP_INET_SOCK_RELEASE: 3476e28784e3SAndrii Nakryiko case BPF_CGROUP_INET4_POST_BIND: 3477e28784e3SAndrii Nakryiko case BPF_CGROUP_INET6_POST_BIND: 3478e28784e3SAndrii Nakryiko return BPF_PROG_TYPE_CGROUP_SOCK; 3479e28784e3SAndrii Nakryiko case BPF_CGROUP_INET4_BIND: 3480e28784e3SAndrii Nakryiko case BPF_CGROUP_INET6_BIND: 3481e28784e3SAndrii Nakryiko case BPF_CGROUP_INET4_CONNECT: 3482e28784e3SAndrii Nakryiko case BPF_CGROUP_INET6_CONNECT: 34831b66d253SDaniel Borkmann case BPF_CGROUP_INET4_GETPEERNAME: 34841b66d253SDaniel Borkmann case BPF_CGROUP_INET6_GETPEERNAME: 34851b66d253SDaniel Borkmann case BPF_CGROUP_INET4_GETSOCKNAME: 34861b66d253SDaniel Borkmann case BPF_CGROUP_INET6_GETSOCKNAME: 3487e28784e3SAndrii Nakryiko case BPF_CGROUP_UDP4_SENDMSG: 3488e28784e3SAndrii Nakryiko case BPF_CGROUP_UDP6_SENDMSG: 3489e28784e3SAndrii Nakryiko case BPF_CGROUP_UDP4_RECVMSG: 3490e28784e3SAndrii Nakryiko case BPF_CGROUP_UDP6_RECVMSG: 3491e28784e3SAndrii Nakryiko return BPF_PROG_TYPE_CGROUP_SOCK_ADDR; 3492e28784e3SAndrii Nakryiko case BPF_CGROUP_SOCK_OPS: 3493e28784e3SAndrii Nakryiko return BPF_PROG_TYPE_SOCK_OPS; 3494e28784e3SAndrii Nakryiko case BPF_CGROUP_DEVICE: 3495e28784e3SAndrii Nakryiko return BPF_PROG_TYPE_CGROUP_DEVICE; 3496e28784e3SAndrii Nakryiko case BPF_SK_MSG_VERDICT: 3497e28784e3SAndrii Nakryiko return BPF_PROG_TYPE_SK_MSG; 3498e28784e3SAndrii Nakryiko case BPF_SK_SKB_STREAM_PARSER: 3499e28784e3SAndrii Nakryiko case BPF_SK_SKB_STREAM_VERDICT: 3500a7ba4558SCong Wang case BPF_SK_SKB_VERDICT: 3501e28784e3SAndrii Nakryiko return BPF_PROG_TYPE_SK_SKB; 3502e28784e3SAndrii Nakryiko case BPF_LIRC_MODE2: 3503e28784e3SAndrii Nakryiko return BPF_PROG_TYPE_LIRC_MODE2; 3504e28784e3SAndrii Nakryiko case BPF_FLOW_DISSECTOR: 3505e28784e3SAndrii Nakryiko return BPF_PROG_TYPE_FLOW_DISSECTOR; 3506e28784e3SAndrii Nakryiko case BPF_CGROUP_SYSCTL: 3507e28784e3SAndrii Nakryiko return BPF_PROG_TYPE_CGROUP_SYSCTL; 3508e28784e3SAndrii Nakryiko case BPF_CGROUP_GETSOCKOPT: 3509e28784e3SAndrii Nakryiko case BPF_CGROUP_SETSOCKOPT: 3510e28784e3SAndrii Nakryiko return BPF_PROG_TYPE_CGROUP_SOCKOPT; 3511de4e05caSYonghong Song case BPF_TRACE_ITER: 3512df86ca0dSAndrii Nakryiko case BPF_TRACE_RAW_TP: 3513df86ca0dSAndrii Nakryiko case BPF_TRACE_FENTRY: 3514df86ca0dSAndrii Nakryiko case BPF_TRACE_FEXIT: 3515df86ca0dSAndrii Nakryiko case BPF_MODIFY_RETURN: 3516de4e05caSYonghong Song return BPF_PROG_TYPE_TRACING; 3517df86ca0dSAndrii Nakryiko case BPF_LSM_MAC: 3518df86ca0dSAndrii Nakryiko return BPF_PROG_TYPE_LSM; 3519e9ddbb77SJakub Sitnicki case BPF_SK_LOOKUP: 3520e9ddbb77SJakub Sitnicki return BPF_PROG_TYPE_SK_LOOKUP; 3521aa8d3a71SAndrii Nakryiko case BPF_XDP: 3522aa8d3a71SAndrii Nakryiko return BPF_PROG_TYPE_XDP; 352369fd337aSStanislav Fomichev case BPF_LSM_CGROUP: 352469fd337aSStanislav Fomichev return BPF_PROG_TYPE_LSM; 3525e28784e3SAndrii Nakryiko default: 3526e28784e3SAndrii Nakryiko return BPF_PROG_TYPE_UNSPEC; 3527e28784e3SAndrii Nakryiko } 3528e28784e3SAndrii Nakryiko } 3529e28784e3SAndrii Nakryiko 35307dd68b32SAndrey Ignatov #define BPF_PROG_ATTACH_LAST_FIELD replace_bpf_fd 3531174a79ffSJohn Fastabend 3532324bda9eSAlexei Starovoitov #define BPF_F_ATTACH_MASK \ 35337dd68b32SAndrey Ignatov (BPF_F_ALLOW_OVERRIDE | BPF_F_ALLOW_MULTI | BPF_F_REPLACE) 3534324bda9eSAlexei Starovoitov 3535f4324551SDaniel Mack static int bpf_prog_attach(const union bpf_attr *attr) 3536f4324551SDaniel Mack { 35377f677633SAlexei Starovoitov enum bpf_prog_type ptype; 3538f4324551SDaniel Mack struct bpf_prog *prog; 35397f677633SAlexei Starovoitov int ret; 3540f4324551SDaniel Mack 3541f4324551SDaniel Mack if (CHECK_ATTR(BPF_PROG_ATTACH)) 3542f4324551SDaniel Mack return -EINVAL; 3543f4324551SDaniel Mack 3544324bda9eSAlexei Starovoitov if (attr->attach_flags & ~BPF_F_ATTACH_MASK) 35457f677633SAlexei Starovoitov return -EINVAL; 35467f677633SAlexei Starovoitov 3547e28784e3SAndrii Nakryiko ptype = attach_type_to_prog_type(attr->attach_type); 3548e28784e3SAndrii Nakryiko if (ptype == BPF_PROG_TYPE_UNSPEC) 3549b2cd1257SDavid Ahern return -EINVAL; 3550b2cd1257SDavid Ahern 3551b2cd1257SDavid Ahern prog = bpf_prog_get_type(attr->attach_bpf_fd, ptype); 3552f4324551SDaniel Mack if (IS_ERR(prog)) 3553f4324551SDaniel Mack return PTR_ERR(prog); 3554f4324551SDaniel Mack 35555e43f899SAndrey Ignatov if (bpf_prog_attach_check_attach_type(prog, attr->attach_type)) { 35565e43f899SAndrey Ignatov bpf_prog_put(prog); 35575e43f899SAndrey Ignatov return -EINVAL; 35585e43f899SAndrey Ignatov } 35595e43f899SAndrey Ignatov 3560fdb5c453SSean Young switch (ptype) { 3561fdb5c453SSean Young case BPF_PROG_TYPE_SK_SKB: 3562fdb5c453SSean Young case BPF_PROG_TYPE_SK_MSG: 3563604326b4SDaniel Borkmann ret = sock_map_get_from_fd(attr, prog); 3564fdb5c453SSean Young break; 3565fdb5c453SSean Young case BPF_PROG_TYPE_LIRC_MODE2: 3566fdb5c453SSean Young ret = lirc_prog_attach(attr, prog); 3567fdb5c453SSean Young break; 3568d58e468bSPetar Penkov case BPF_PROG_TYPE_FLOW_DISSECTOR: 3569a3fd7ceeSJakub Sitnicki ret = netns_bpf_prog_attach(attr, prog); 3570d58e468bSPetar Penkov break; 3571e28784e3SAndrii Nakryiko case BPF_PROG_TYPE_CGROUP_DEVICE: 3572e28784e3SAndrii Nakryiko case BPF_PROG_TYPE_CGROUP_SKB: 3573e28784e3SAndrii Nakryiko case BPF_PROG_TYPE_CGROUP_SOCK: 3574e28784e3SAndrii Nakryiko case BPF_PROG_TYPE_CGROUP_SOCK_ADDR: 3575e28784e3SAndrii Nakryiko case BPF_PROG_TYPE_CGROUP_SOCKOPT: 3576e28784e3SAndrii Nakryiko case BPF_PROG_TYPE_CGROUP_SYSCTL: 3577e28784e3SAndrii Nakryiko case BPF_PROG_TYPE_SOCK_OPS: 357869fd337aSStanislav Fomichev case BPF_PROG_TYPE_LSM: 357969fd337aSStanislav Fomichev if (ptype == BPF_PROG_TYPE_LSM && 358069fd337aSStanislav Fomichev prog->expected_attach_type != BPF_LSM_CGROUP) 3581e89f3edfSMilan Landaverde ret = -EINVAL; 3582e89f3edfSMilan Landaverde else 3583fdb5c453SSean Young ret = cgroup_bpf_prog_attach(attr, ptype, prog); 3584e28784e3SAndrii Nakryiko break; 3585e28784e3SAndrii Nakryiko default: 3586e28784e3SAndrii Nakryiko ret = -EINVAL; 3587f4324551SDaniel Mack } 3588f4324551SDaniel Mack 35897f677633SAlexei Starovoitov if (ret) 35907f677633SAlexei Starovoitov bpf_prog_put(prog); 35917f677633SAlexei Starovoitov return ret; 3592f4324551SDaniel Mack } 3593f4324551SDaniel Mack 3594f4324551SDaniel Mack #define BPF_PROG_DETACH_LAST_FIELD attach_type 3595f4324551SDaniel Mack 3596f4324551SDaniel Mack static int bpf_prog_detach(const union bpf_attr *attr) 3597f4324551SDaniel Mack { 3598324bda9eSAlexei Starovoitov enum bpf_prog_type ptype; 3599f4324551SDaniel Mack 3600f4324551SDaniel Mack if (CHECK_ATTR(BPF_PROG_DETACH)) 3601f4324551SDaniel Mack return -EINVAL; 3602f4324551SDaniel Mack 3603e28784e3SAndrii Nakryiko ptype = attach_type_to_prog_type(attr->attach_type); 3604e28784e3SAndrii Nakryiko 3605e28784e3SAndrii Nakryiko switch (ptype) { 3606e28784e3SAndrii Nakryiko case BPF_PROG_TYPE_SK_MSG: 3607e28784e3SAndrii Nakryiko case BPF_PROG_TYPE_SK_SKB: 3608bb0de313SLorenz Bauer return sock_map_prog_detach(attr, ptype); 3609e28784e3SAndrii Nakryiko case BPF_PROG_TYPE_LIRC_MODE2: 3610f4364dcfSSean Young return lirc_prog_detach(attr); 3611e28784e3SAndrii Nakryiko case BPF_PROG_TYPE_FLOW_DISSECTOR: 36124ac2add6SLorenz Bauer return netns_bpf_prog_detach(attr, ptype); 3613e28784e3SAndrii Nakryiko case BPF_PROG_TYPE_CGROUP_DEVICE: 3614e28784e3SAndrii Nakryiko case BPF_PROG_TYPE_CGROUP_SKB: 3615e28784e3SAndrii Nakryiko case BPF_PROG_TYPE_CGROUP_SOCK: 3616e28784e3SAndrii Nakryiko case BPF_PROG_TYPE_CGROUP_SOCK_ADDR: 3617e28784e3SAndrii Nakryiko case BPF_PROG_TYPE_CGROUP_SOCKOPT: 3618e28784e3SAndrii Nakryiko case BPF_PROG_TYPE_CGROUP_SYSCTL: 3619e28784e3SAndrii Nakryiko case BPF_PROG_TYPE_SOCK_OPS: 362069fd337aSStanislav Fomichev case BPF_PROG_TYPE_LSM: 3621e28784e3SAndrii Nakryiko return cgroup_bpf_prog_detach(attr, ptype); 3622f4324551SDaniel Mack default: 3623f4324551SDaniel Mack return -EINVAL; 3624f4324551SDaniel Mack } 3625f4324551SDaniel Mack } 362640304b2aSLawrence Brakmo 3627b79c9fc9SStanislav Fomichev #define BPF_PROG_QUERY_LAST_FIELD query.prog_attach_flags 3628468e2f64SAlexei Starovoitov 3629468e2f64SAlexei Starovoitov static int bpf_prog_query(const union bpf_attr *attr, 3630468e2f64SAlexei Starovoitov union bpf_attr __user *uattr) 3631468e2f64SAlexei Starovoitov { 3632468e2f64SAlexei Starovoitov if (!capable(CAP_NET_ADMIN)) 3633468e2f64SAlexei Starovoitov return -EPERM; 3634468e2f64SAlexei Starovoitov if (CHECK_ATTR(BPF_PROG_QUERY)) 3635468e2f64SAlexei Starovoitov return -EINVAL; 3636468e2f64SAlexei Starovoitov if (attr->query.query_flags & ~BPF_F_QUERY_EFFECTIVE) 3637468e2f64SAlexei Starovoitov return -EINVAL; 3638468e2f64SAlexei Starovoitov 3639468e2f64SAlexei Starovoitov switch (attr->query.attach_type) { 3640468e2f64SAlexei Starovoitov case BPF_CGROUP_INET_INGRESS: 3641468e2f64SAlexei Starovoitov case BPF_CGROUP_INET_EGRESS: 3642468e2f64SAlexei Starovoitov case BPF_CGROUP_INET_SOCK_CREATE: 3643f5836749SStanislav Fomichev case BPF_CGROUP_INET_SOCK_RELEASE: 36444fbac77dSAndrey Ignatov case BPF_CGROUP_INET4_BIND: 36454fbac77dSAndrey Ignatov case BPF_CGROUP_INET6_BIND: 3646aac3fc32SAndrey Ignatov case BPF_CGROUP_INET4_POST_BIND: 3647aac3fc32SAndrey Ignatov case BPF_CGROUP_INET6_POST_BIND: 3648d74bad4eSAndrey Ignatov case BPF_CGROUP_INET4_CONNECT: 3649d74bad4eSAndrey Ignatov case BPF_CGROUP_INET6_CONNECT: 36501b66d253SDaniel Borkmann case BPF_CGROUP_INET4_GETPEERNAME: 36511b66d253SDaniel Borkmann case BPF_CGROUP_INET6_GETPEERNAME: 36521b66d253SDaniel Borkmann case BPF_CGROUP_INET4_GETSOCKNAME: 36531b66d253SDaniel Borkmann case BPF_CGROUP_INET6_GETSOCKNAME: 36541cedee13SAndrey Ignatov case BPF_CGROUP_UDP4_SENDMSG: 36551cedee13SAndrey Ignatov case BPF_CGROUP_UDP6_SENDMSG: 3656983695faSDaniel Borkmann case BPF_CGROUP_UDP4_RECVMSG: 3657983695faSDaniel Borkmann case BPF_CGROUP_UDP6_RECVMSG: 3658468e2f64SAlexei Starovoitov case BPF_CGROUP_SOCK_OPS: 3659ebc614f6SRoman Gushchin case BPF_CGROUP_DEVICE: 36607b146cebSAndrey Ignatov case BPF_CGROUP_SYSCTL: 36610d01da6aSStanislav Fomichev case BPF_CGROUP_GETSOCKOPT: 36620d01da6aSStanislav Fomichev case BPF_CGROUP_SETSOCKOPT: 3663b79c9fc9SStanislav Fomichev case BPF_LSM_CGROUP: 3664e28784e3SAndrii Nakryiko return cgroup_bpf_prog_query(attr, uattr); 3665f4364dcfSSean Young case BPF_LIRC_MODE2: 3666f4364dcfSSean Young return lirc_prog_query(attr, uattr); 3667118c8e9aSStanislav Fomichev case BPF_FLOW_DISSECTOR: 3668e9ddbb77SJakub Sitnicki case BPF_SK_LOOKUP: 3669a3fd7ceeSJakub Sitnicki return netns_bpf_prog_query(attr, uattr); 3670748cd572SDi Zhu case BPF_SK_SKB_STREAM_PARSER: 3671748cd572SDi Zhu case BPF_SK_SKB_STREAM_VERDICT: 3672748cd572SDi Zhu case BPF_SK_MSG_VERDICT: 3673748cd572SDi Zhu case BPF_SK_SKB_VERDICT: 3674748cd572SDi Zhu return sock_map_bpf_prog_query(attr, uattr); 3675468e2f64SAlexei Starovoitov default: 3676468e2f64SAlexei Starovoitov return -EINVAL; 3677468e2f64SAlexei Starovoitov } 3678468e2f64SAlexei Starovoitov } 3679f4324551SDaniel Mack 3680b530e9e1SToke Høiland-Jørgensen #define BPF_PROG_TEST_RUN_LAST_FIELD test.batch_size 36811cf1cae9SAlexei Starovoitov 36821cf1cae9SAlexei Starovoitov static int bpf_prog_test_run(const union bpf_attr *attr, 36831cf1cae9SAlexei Starovoitov union bpf_attr __user *uattr) 36841cf1cae9SAlexei Starovoitov { 36851cf1cae9SAlexei Starovoitov struct bpf_prog *prog; 36861cf1cae9SAlexei Starovoitov int ret = -ENOTSUPP; 36871cf1cae9SAlexei Starovoitov 36881cf1cae9SAlexei Starovoitov if (CHECK_ATTR(BPF_PROG_TEST_RUN)) 36891cf1cae9SAlexei Starovoitov return -EINVAL; 36901cf1cae9SAlexei Starovoitov 3691b0b9395dSStanislav Fomichev if ((attr->test.ctx_size_in && !attr->test.ctx_in) || 3692b0b9395dSStanislav Fomichev (!attr->test.ctx_size_in && attr->test.ctx_in)) 3693b0b9395dSStanislav Fomichev return -EINVAL; 3694b0b9395dSStanislav Fomichev 3695b0b9395dSStanislav Fomichev if ((attr->test.ctx_size_out && !attr->test.ctx_out) || 3696b0b9395dSStanislav Fomichev (!attr->test.ctx_size_out && attr->test.ctx_out)) 3697b0b9395dSStanislav Fomichev return -EINVAL; 3698b0b9395dSStanislav Fomichev 36991cf1cae9SAlexei Starovoitov prog = bpf_prog_get(attr->test.prog_fd); 37001cf1cae9SAlexei Starovoitov if (IS_ERR(prog)) 37011cf1cae9SAlexei Starovoitov return PTR_ERR(prog); 37021cf1cae9SAlexei Starovoitov 37031cf1cae9SAlexei Starovoitov if (prog->aux->ops->test_run) 37041cf1cae9SAlexei Starovoitov ret = prog->aux->ops->test_run(prog, attr, uattr); 37051cf1cae9SAlexei Starovoitov 37061cf1cae9SAlexei Starovoitov bpf_prog_put(prog); 37071cf1cae9SAlexei Starovoitov return ret; 37081cf1cae9SAlexei Starovoitov } 37091cf1cae9SAlexei Starovoitov 371034ad5580SMartin KaFai Lau #define BPF_OBJ_GET_NEXT_ID_LAST_FIELD next_id 371134ad5580SMartin KaFai Lau 371234ad5580SMartin KaFai Lau static int bpf_obj_get_next_id(const union bpf_attr *attr, 371334ad5580SMartin KaFai Lau union bpf_attr __user *uattr, 371434ad5580SMartin KaFai Lau struct idr *idr, 371534ad5580SMartin KaFai Lau spinlock_t *lock) 371634ad5580SMartin KaFai Lau { 371734ad5580SMartin KaFai Lau u32 next_id = attr->start_id; 371834ad5580SMartin KaFai Lau int err = 0; 371934ad5580SMartin KaFai Lau 372034ad5580SMartin KaFai Lau if (CHECK_ATTR(BPF_OBJ_GET_NEXT_ID) || next_id >= INT_MAX) 372134ad5580SMartin KaFai Lau return -EINVAL; 372234ad5580SMartin KaFai Lau 372334ad5580SMartin KaFai Lau if (!capable(CAP_SYS_ADMIN)) 372434ad5580SMartin KaFai Lau return -EPERM; 372534ad5580SMartin KaFai Lau 372634ad5580SMartin KaFai Lau next_id++; 372734ad5580SMartin KaFai Lau spin_lock_bh(lock); 372834ad5580SMartin KaFai Lau if (!idr_get_next(idr, &next_id)) 372934ad5580SMartin KaFai Lau err = -ENOENT; 373034ad5580SMartin KaFai Lau spin_unlock_bh(lock); 373134ad5580SMartin KaFai Lau 373234ad5580SMartin KaFai Lau if (!err) 373334ad5580SMartin KaFai Lau err = put_user(next_id, &uattr->next_id); 373434ad5580SMartin KaFai Lau 373534ad5580SMartin KaFai Lau return err; 373634ad5580SMartin KaFai Lau } 373734ad5580SMartin KaFai Lau 37386086d29dSYonghong Song struct bpf_map *bpf_map_get_curr_or_next(u32 *id) 37396086d29dSYonghong Song { 37406086d29dSYonghong Song struct bpf_map *map; 37416086d29dSYonghong Song 37426086d29dSYonghong Song spin_lock_bh(&map_idr_lock); 37436086d29dSYonghong Song again: 37446086d29dSYonghong Song map = idr_get_next(&map_idr, id); 37456086d29dSYonghong Song if (map) { 37466086d29dSYonghong Song map = __bpf_map_inc_not_zero(map, false); 37476086d29dSYonghong Song if (IS_ERR(map)) { 37486086d29dSYonghong Song (*id)++; 37496086d29dSYonghong Song goto again; 37506086d29dSYonghong Song } 37516086d29dSYonghong Song } 37526086d29dSYonghong Song spin_unlock_bh(&map_idr_lock); 37536086d29dSYonghong Song 37546086d29dSYonghong Song return map; 37556086d29dSYonghong Song } 37566086d29dSYonghong Song 3757a228a64fSAlexei Starovoitov struct bpf_prog *bpf_prog_get_curr_or_next(u32 *id) 3758a228a64fSAlexei Starovoitov { 3759a228a64fSAlexei Starovoitov struct bpf_prog *prog; 3760a228a64fSAlexei Starovoitov 3761a228a64fSAlexei Starovoitov spin_lock_bh(&prog_idr_lock); 3762a228a64fSAlexei Starovoitov again: 3763a228a64fSAlexei Starovoitov prog = idr_get_next(&prog_idr, id); 3764a228a64fSAlexei Starovoitov if (prog) { 3765a228a64fSAlexei Starovoitov prog = bpf_prog_inc_not_zero(prog); 3766a228a64fSAlexei Starovoitov if (IS_ERR(prog)) { 3767a228a64fSAlexei Starovoitov (*id)++; 3768a228a64fSAlexei Starovoitov goto again; 3769a228a64fSAlexei Starovoitov } 3770a228a64fSAlexei Starovoitov } 3771a228a64fSAlexei Starovoitov spin_unlock_bh(&prog_idr_lock); 3772a228a64fSAlexei Starovoitov 3773a228a64fSAlexei Starovoitov return prog; 3774a228a64fSAlexei Starovoitov } 3775a228a64fSAlexei Starovoitov 3776b16d9aa4SMartin KaFai Lau #define BPF_PROG_GET_FD_BY_ID_LAST_FIELD prog_id 3777b16d9aa4SMartin KaFai Lau 37787e6897f9SBjörn Töpel struct bpf_prog *bpf_prog_by_id(u32 id) 37797e6897f9SBjörn Töpel { 37807e6897f9SBjörn Töpel struct bpf_prog *prog; 37817e6897f9SBjörn Töpel 37827e6897f9SBjörn Töpel if (!id) 37837e6897f9SBjörn Töpel return ERR_PTR(-ENOENT); 37847e6897f9SBjörn Töpel 37857e6897f9SBjörn Töpel spin_lock_bh(&prog_idr_lock); 37867e6897f9SBjörn Töpel prog = idr_find(&prog_idr, id); 37877e6897f9SBjörn Töpel if (prog) 37887e6897f9SBjörn Töpel prog = bpf_prog_inc_not_zero(prog); 37897e6897f9SBjörn Töpel else 37907e6897f9SBjörn Töpel prog = ERR_PTR(-ENOENT); 37917e6897f9SBjörn Töpel spin_unlock_bh(&prog_idr_lock); 37927e6897f9SBjörn Töpel return prog; 37937e6897f9SBjörn Töpel } 37947e6897f9SBjörn Töpel 3795b16d9aa4SMartin KaFai Lau static int bpf_prog_get_fd_by_id(const union bpf_attr *attr) 3796b16d9aa4SMartin KaFai Lau { 3797b16d9aa4SMartin KaFai Lau struct bpf_prog *prog; 3798b16d9aa4SMartin KaFai Lau u32 id = attr->prog_id; 3799b16d9aa4SMartin KaFai Lau int fd; 3800b16d9aa4SMartin KaFai Lau 3801b16d9aa4SMartin KaFai Lau if (CHECK_ATTR(BPF_PROG_GET_FD_BY_ID)) 3802b16d9aa4SMartin KaFai Lau return -EINVAL; 3803b16d9aa4SMartin KaFai Lau 3804b16d9aa4SMartin KaFai Lau if (!capable(CAP_SYS_ADMIN)) 3805b16d9aa4SMartin KaFai Lau return -EPERM; 3806b16d9aa4SMartin KaFai Lau 38077e6897f9SBjörn Töpel prog = bpf_prog_by_id(id); 3808b16d9aa4SMartin KaFai Lau if (IS_ERR(prog)) 3809b16d9aa4SMartin KaFai Lau return PTR_ERR(prog); 3810b16d9aa4SMartin KaFai Lau 3811b16d9aa4SMartin KaFai Lau fd = bpf_prog_new_fd(prog); 3812b16d9aa4SMartin KaFai Lau if (fd < 0) 3813b16d9aa4SMartin KaFai Lau bpf_prog_put(prog); 3814b16d9aa4SMartin KaFai Lau 3815b16d9aa4SMartin KaFai Lau return fd; 3816b16d9aa4SMartin KaFai Lau } 3817b16d9aa4SMartin KaFai Lau 38186e71b04aSChenbo Feng #define BPF_MAP_GET_FD_BY_ID_LAST_FIELD open_flags 3819bd5f5f4eSMartin KaFai Lau 3820bd5f5f4eSMartin KaFai Lau static int bpf_map_get_fd_by_id(const union bpf_attr *attr) 3821bd5f5f4eSMartin KaFai Lau { 3822bd5f5f4eSMartin KaFai Lau struct bpf_map *map; 3823bd5f5f4eSMartin KaFai Lau u32 id = attr->map_id; 38246e71b04aSChenbo Feng int f_flags; 3825bd5f5f4eSMartin KaFai Lau int fd; 3826bd5f5f4eSMartin KaFai Lau 38276e71b04aSChenbo Feng if (CHECK_ATTR(BPF_MAP_GET_FD_BY_ID) || 38286e71b04aSChenbo Feng attr->open_flags & ~BPF_OBJ_FLAG_MASK) 3829bd5f5f4eSMartin KaFai Lau return -EINVAL; 3830bd5f5f4eSMartin KaFai Lau 3831bd5f5f4eSMartin KaFai Lau if (!capable(CAP_SYS_ADMIN)) 3832bd5f5f4eSMartin KaFai Lau return -EPERM; 3833bd5f5f4eSMartin KaFai Lau 38346e71b04aSChenbo Feng f_flags = bpf_get_file_flag(attr->open_flags); 38356e71b04aSChenbo Feng if (f_flags < 0) 38366e71b04aSChenbo Feng return f_flags; 38376e71b04aSChenbo Feng 3838bd5f5f4eSMartin KaFai Lau spin_lock_bh(&map_idr_lock); 3839bd5f5f4eSMartin KaFai Lau map = idr_find(&map_idr, id); 3840bd5f5f4eSMartin KaFai Lau if (map) 3841b0e4701cSStanislav Fomichev map = __bpf_map_inc_not_zero(map, true); 3842bd5f5f4eSMartin KaFai Lau else 3843bd5f5f4eSMartin KaFai Lau map = ERR_PTR(-ENOENT); 3844bd5f5f4eSMartin KaFai Lau spin_unlock_bh(&map_idr_lock); 3845bd5f5f4eSMartin KaFai Lau 3846bd5f5f4eSMartin KaFai Lau if (IS_ERR(map)) 3847bd5f5f4eSMartin KaFai Lau return PTR_ERR(map); 3848bd5f5f4eSMartin KaFai Lau 38496e71b04aSChenbo Feng fd = bpf_map_new_fd(map, f_flags); 3850bd5f5f4eSMartin KaFai Lau if (fd < 0) 3851781e6282SPeng Sun bpf_map_put_with_uref(map); 3852bd5f5f4eSMartin KaFai Lau 3853bd5f5f4eSMartin KaFai Lau return fd; 3854bd5f5f4eSMartin KaFai Lau } 3855bd5f5f4eSMartin KaFai Lau 38567105e828SDaniel Borkmann static const struct bpf_map *bpf_map_from_imm(const struct bpf_prog *prog, 3857d8eca5bbSDaniel Borkmann unsigned long addr, u32 *off, 3858d8eca5bbSDaniel Borkmann u32 *type) 38597105e828SDaniel Borkmann { 3860d8eca5bbSDaniel Borkmann const struct bpf_map *map; 38617105e828SDaniel Borkmann int i; 38627105e828SDaniel Borkmann 3863984fe94fSYiFei Zhu mutex_lock(&prog->aux->used_maps_mutex); 3864d8eca5bbSDaniel Borkmann for (i = 0, *off = 0; i < prog->aux->used_map_cnt; i++) { 3865d8eca5bbSDaniel Borkmann map = prog->aux->used_maps[i]; 3866d8eca5bbSDaniel Borkmann if (map == (void *)addr) { 3867d8eca5bbSDaniel Borkmann *type = BPF_PSEUDO_MAP_FD; 3868984fe94fSYiFei Zhu goto out; 3869d8eca5bbSDaniel Borkmann } 3870d8eca5bbSDaniel Borkmann if (!map->ops->map_direct_value_meta) 3871d8eca5bbSDaniel Borkmann continue; 3872d8eca5bbSDaniel Borkmann if (!map->ops->map_direct_value_meta(map, addr, off)) { 3873d8eca5bbSDaniel Borkmann *type = BPF_PSEUDO_MAP_VALUE; 3874984fe94fSYiFei Zhu goto out; 3875d8eca5bbSDaniel Borkmann } 3876d8eca5bbSDaniel Borkmann } 3877984fe94fSYiFei Zhu map = NULL; 3878d8eca5bbSDaniel Borkmann 3879984fe94fSYiFei Zhu out: 3880984fe94fSYiFei Zhu mutex_unlock(&prog->aux->used_maps_mutex); 3881984fe94fSYiFei Zhu return map; 38827105e828SDaniel Borkmann } 38837105e828SDaniel Borkmann 388463960260SKees Cook static struct bpf_insn *bpf_insn_prepare_dump(const struct bpf_prog *prog, 388563960260SKees Cook const struct cred *f_cred) 38867105e828SDaniel Borkmann { 38877105e828SDaniel Borkmann const struct bpf_map *map; 38887105e828SDaniel Borkmann struct bpf_insn *insns; 3889d8eca5bbSDaniel Borkmann u32 off, type; 38907105e828SDaniel Borkmann u64 imm; 389129fcb05bSAndrii Nakryiko u8 code; 38927105e828SDaniel Borkmann int i; 38937105e828SDaniel Borkmann 38947105e828SDaniel Borkmann insns = kmemdup(prog->insnsi, bpf_prog_insn_size(prog), 38957105e828SDaniel Borkmann GFP_USER); 38967105e828SDaniel Borkmann if (!insns) 38977105e828SDaniel Borkmann return insns; 38987105e828SDaniel Borkmann 38997105e828SDaniel Borkmann for (i = 0; i < prog->len; i++) { 390029fcb05bSAndrii Nakryiko code = insns[i].code; 390129fcb05bSAndrii Nakryiko 390229fcb05bSAndrii Nakryiko if (code == (BPF_JMP | BPF_TAIL_CALL)) { 39037105e828SDaniel Borkmann insns[i].code = BPF_JMP | BPF_CALL; 39047105e828SDaniel Borkmann insns[i].imm = BPF_FUNC_tail_call; 39057105e828SDaniel Borkmann /* fall-through */ 39067105e828SDaniel Borkmann } 390729fcb05bSAndrii Nakryiko if (code == (BPF_JMP | BPF_CALL) || 390829fcb05bSAndrii Nakryiko code == (BPF_JMP | BPF_CALL_ARGS)) { 390929fcb05bSAndrii Nakryiko if (code == (BPF_JMP | BPF_CALL_ARGS)) 39107105e828SDaniel Borkmann insns[i].code = BPF_JMP | BPF_CALL; 391163960260SKees Cook if (!bpf_dump_raw_ok(f_cred)) 39127105e828SDaniel Borkmann insns[i].imm = 0; 39137105e828SDaniel Borkmann continue; 39147105e828SDaniel Borkmann } 391529fcb05bSAndrii Nakryiko if (BPF_CLASS(code) == BPF_LDX && BPF_MODE(code) == BPF_PROBE_MEM) { 391629fcb05bSAndrii Nakryiko insns[i].code = BPF_LDX | BPF_SIZE(code) | BPF_MEM; 391729fcb05bSAndrii Nakryiko continue; 391829fcb05bSAndrii Nakryiko } 39197105e828SDaniel Borkmann 392029fcb05bSAndrii Nakryiko if (code != (BPF_LD | BPF_IMM | BPF_DW)) 39217105e828SDaniel Borkmann continue; 39227105e828SDaniel Borkmann 39237105e828SDaniel Borkmann imm = ((u64)insns[i + 1].imm << 32) | (u32)insns[i].imm; 3924d8eca5bbSDaniel Borkmann map = bpf_map_from_imm(prog, imm, &off, &type); 39257105e828SDaniel Borkmann if (map) { 3926d8eca5bbSDaniel Borkmann insns[i].src_reg = type; 39277105e828SDaniel Borkmann insns[i].imm = map->id; 3928d8eca5bbSDaniel Borkmann insns[i + 1].imm = off; 39297105e828SDaniel Borkmann continue; 39307105e828SDaniel Borkmann } 39317105e828SDaniel Borkmann } 39327105e828SDaniel Borkmann 39337105e828SDaniel Borkmann return insns; 39347105e828SDaniel Borkmann } 39357105e828SDaniel Borkmann 3936c454a46bSMartin KaFai Lau static int set_info_rec_size(struct bpf_prog_info *info) 3937c454a46bSMartin KaFai Lau { 3938c454a46bSMartin KaFai Lau /* 3939c454a46bSMartin KaFai Lau * Ensure info.*_rec_size is the same as kernel expected size 3940c454a46bSMartin KaFai Lau * 3941c454a46bSMartin KaFai Lau * or 3942c454a46bSMartin KaFai Lau * 3943c454a46bSMartin KaFai Lau * Only allow zero *_rec_size if both _rec_size and _cnt are 3944c454a46bSMartin KaFai Lau * zero. In this case, the kernel will set the expected 3945c454a46bSMartin KaFai Lau * _rec_size back to the info. 3946c454a46bSMartin KaFai Lau */ 3947c454a46bSMartin KaFai Lau 394811d8b82dSYonghong Song if ((info->nr_func_info || info->func_info_rec_size) && 3949c454a46bSMartin KaFai Lau info->func_info_rec_size != sizeof(struct bpf_func_info)) 3950c454a46bSMartin KaFai Lau return -EINVAL; 3951c454a46bSMartin KaFai Lau 395211d8b82dSYonghong Song if ((info->nr_line_info || info->line_info_rec_size) && 3953c454a46bSMartin KaFai Lau info->line_info_rec_size != sizeof(struct bpf_line_info)) 3954c454a46bSMartin KaFai Lau return -EINVAL; 3955c454a46bSMartin KaFai Lau 395611d8b82dSYonghong Song if ((info->nr_jited_line_info || info->jited_line_info_rec_size) && 3957c454a46bSMartin KaFai Lau info->jited_line_info_rec_size != sizeof(__u64)) 3958c454a46bSMartin KaFai Lau return -EINVAL; 3959c454a46bSMartin KaFai Lau 3960c454a46bSMartin KaFai Lau info->func_info_rec_size = sizeof(struct bpf_func_info); 3961c454a46bSMartin KaFai Lau info->line_info_rec_size = sizeof(struct bpf_line_info); 3962c454a46bSMartin KaFai Lau info->jited_line_info_rec_size = sizeof(__u64); 3963c454a46bSMartin KaFai Lau 3964c454a46bSMartin KaFai Lau return 0; 3965c454a46bSMartin KaFai Lau } 3966c454a46bSMartin KaFai Lau 396763960260SKees Cook static int bpf_prog_get_info_by_fd(struct file *file, 396863960260SKees Cook struct bpf_prog *prog, 39691e270976SMartin KaFai Lau const union bpf_attr *attr, 39701e270976SMartin KaFai Lau union bpf_attr __user *uattr) 39711e270976SMartin KaFai Lau { 39721e270976SMartin KaFai Lau struct bpf_prog_info __user *uinfo = u64_to_user_ptr(attr->info.info); 39736644aabbSStanislav Fomichev struct btf *attach_btf = bpf_prog_get_target_btf(prog); 39745c6f2588SGreg Kroah-Hartman struct bpf_prog_info info; 39751e270976SMartin KaFai Lau u32 info_len = attr->info.info_len; 397661a0abaeSEric Dumazet struct bpf_prog_kstats stats; 39771e270976SMartin KaFai Lau char __user *uinsns; 39781e270976SMartin KaFai Lau u32 ulen; 39791e270976SMartin KaFai Lau int err; 39801e270976SMartin KaFai Lau 3981af2ac3e1SAlexei Starovoitov err = bpf_check_uarg_tail_zero(USER_BPFPTR(uinfo), sizeof(info), info_len); 39821e270976SMartin KaFai Lau if (err) 39831e270976SMartin KaFai Lau return err; 39841e270976SMartin KaFai Lau info_len = min_t(u32, sizeof(info), info_len); 39851e270976SMartin KaFai Lau 39865c6f2588SGreg Kroah-Hartman memset(&info, 0, sizeof(info)); 39871e270976SMartin KaFai Lau if (copy_from_user(&info, uinfo, info_len)) 398889b09689SDaniel Borkmann return -EFAULT; 39891e270976SMartin KaFai Lau 39901e270976SMartin KaFai Lau info.type = prog->type; 39911e270976SMartin KaFai Lau info.id = prog->aux->id; 3992cb4d2b3fSMartin KaFai Lau info.load_time = prog->aux->load_time; 3993cb4d2b3fSMartin KaFai Lau info.created_by_uid = from_kuid_munged(current_user_ns(), 3994cb4d2b3fSMartin KaFai Lau prog->aux->user->uid); 3995b85fab0eSJiri Olsa info.gpl_compatible = prog->gpl_compatible; 39961e270976SMartin KaFai Lau 39971e270976SMartin KaFai Lau memcpy(info.tag, prog->tag, sizeof(prog->tag)); 3998cb4d2b3fSMartin KaFai Lau memcpy(info.name, prog->aux->name, sizeof(prog->aux->name)); 3999cb4d2b3fSMartin KaFai Lau 4000984fe94fSYiFei Zhu mutex_lock(&prog->aux->used_maps_mutex); 4001cb4d2b3fSMartin KaFai Lau ulen = info.nr_map_ids; 4002cb4d2b3fSMartin KaFai Lau info.nr_map_ids = prog->aux->used_map_cnt; 4003cb4d2b3fSMartin KaFai Lau ulen = min_t(u32, info.nr_map_ids, ulen); 4004cb4d2b3fSMartin KaFai Lau if (ulen) { 4005721e08daSMartin KaFai Lau u32 __user *user_map_ids = u64_to_user_ptr(info.map_ids); 4006cb4d2b3fSMartin KaFai Lau u32 i; 4007cb4d2b3fSMartin KaFai Lau 4008cb4d2b3fSMartin KaFai Lau for (i = 0; i < ulen; i++) 4009cb4d2b3fSMartin KaFai Lau if (put_user(prog->aux->used_maps[i]->id, 4010984fe94fSYiFei Zhu &user_map_ids[i])) { 4011984fe94fSYiFei Zhu mutex_unlock(&prog->aux->used_maps_mutex); 4012cb4d2b3fSMartin KaFai Lau return -EFAULT; 4013cb4d2b3fSMartin KaFai Lau } 4014984fe94fSYiFei Zhu } 4015984fe94fSYiFei Zhu mutex_unlock(&prog->aux->used_maps_mutex); 40161e270976SMartin KaFai Lau 4017c454a46bSMartin KaFai Lau err = set_info_rec_size(&info); 4018c454a46bSMartin KaFai Lau if (err) 4019c454a46bSMartin KaFai Lau return err; 40207337224fSMartin KaFai Lau 40215f8f8b93SAlexei Starovoitov bpf_prog_get_stats(prog, &stats); 40225f8f8b93SAlexei Starovoitov info.run_time_ns = stats.nsecs; 40235f8f8b93SAlexei Starovoitov info.run_cnt = stats.cnt; 40249ed9e9baSAlexei Starovoitov info.recursion_misses = stats.misses; 40255f8f8b93SAlexei Starovoitov 4026aba64c7dSDave Marchevsky info.verified_insns = prog->aux->verified_insns; 4027aba64c7dSDave Marchevsky 40282c78ee89SAlexei Starovoitov if (!bpf_capable()) { 40291e270976SMartin KaFai Lau info.jited_prog_len = 0; 40301e270976SMartin KaFai Lau info.xlated_prog_len = 0; 4031dbecd738SSandipan Das info.nr_jited_ksyms = 0; 403228c2fae7SDaniel Borkmann info.nr_jited_func_lens = 0; 403311d8b82dSYonghong Song info.nr_func_info = 0; 403411d8b82dSYonghong Song info.nr_line_info = 0; 403511d8b82dSYonghong Song info.nr_jited_line_info = 0; 40361e270976SMartin KaFai Lau goto done; 40371e270976SMartin KaFai Lau } 40381e270976SMartin KaFai Lau 40391e270976SMartin KaFai Lau ulen = info.xlated_prog_len; 40409975a54bSDaniel Borkmann info.xlated_prog_len = bpf_prog_insn_size(prog); 40411e270976SMartin KaFai Lau if (info.xlated_prog_len && ulen) { 40427105e828SDaniel Borkmann struct bpf_insn *insns_sanitized; 40437105e828SDaniel Borkmann bool fault; 40447105e828SDaniel Borkmann 404563960260SKees Cook if (prog->blinded && !bpf_dump_raw_ok(file->f_cred)) { 40467105e828SDaniel Borkmann info.xlated_prog_insns = 0; 40477105e828SDaniel Borkmann goto done; 40487105e828SDaniel Borkmann } 404963960260SKees Cook insns_sanitized = bpf_insn_prepare_dump(prog, file->f_cred); 40507105e828SDaniel Borkmann if (!insns_sanitized) 40517105e828SDaniel Borkmann return -ENOMEM; 40521e270976SMartin KaFai Lau uinsns = u64_to_user_ptr(info.xlated_prog_insns); 40531e270976SMartin KaFai Lau ulen = min_t(u32, info.xlated_prog_len, ulen); 40547105e828SDaniel Borkmann fault = copy_to_user(uinsns, insns_sanitized, ulen); 40557105e828SDaniel Borkmann kfree(insns_sanitized); 40567105e828SDaniel Borkmann if (fault) 40571e270976SMartin KaFai Lau return -EFAULT; 40581e270976SMartin KaFai Lau } 40591e270976SMartin KaFai Lau 40609d03ebc7SStanislav Fomichev if (bpf_prog_is_offloaded(prog->aux)) { 4061675fc275SJakub Kicinski err = bpf_prog_offload_info_fill(&info, prog); 4062675fc275SJakub Kicinski if (err) 4063675fc275SJakub Kicinski return err; 4064fcfb126dSJiong Wang goto done; 4065fcfb126dSJiong Wang } 4066fcfb126dSJiong Wang 4067fcfb126dSJiong Wang /* NOTE: the following code is supposed to be skipped for offload. 4068fcfb126dSJiong Wang * bpf_prog_offload_info_fill() is the place to fill similar fields 4069fcfb126dSJiong Wang * for offload. 4070fcfb126dSJiong Wang */ 4071fcfb126dSJiong Wang ulen = info.jited_prog_len; 40724d56a76eSSandipan Das if (prog->aux->func_cnt) { 40734d56a76eSSandipan Das u32 i; 40744d56a76eSSandipan Das 40754d56a76eSSandipan Das info.jited_prog_len = 0; 40764d56a76eSSandipan Das for (i = 0; i < prog->aux->func_cnt; i++) 40774d56a76eSSandipan Das info.jited_prog_len += prog->aux->func[i]->jited_len; 40784d56a76eSSandipan Das } else { 4079fcfb126dSJiong Wang info.jited_prog_len = prog->jited_len; 40804d56a76eSSandipan Das } 40814d56a76eSSandipan Das 4082fcfb126dSJiong Wang if (info.jited_prog_len && ulen) { 408363960260SKees Cook if (bpf_dump_raw_ok(file->f_cred)) { 4084fcfb126dSJiong Wang uinsns = u64_to_user_ptr(info.jited_prog_insns); 4085fcfb126dSJiong Wang ulen = min_t(u32, info.jited_prog_len, ulen); 40864d56a76eSSandipan Das 40874d56a76eSSandipan Das /* for multi-function programs, copy the JITed 40884d56a76eSSandipan Das * instructions for all the functions 40894d56a76eSSandipan Das */ 40904d56a76eSSandipan Das if (prog->aux->func_cnt) { 40914d56a76eSSandipan Das u32 len, free, i; 40924d56a76eSSandipan Das u8 *img; 40934d56a76eSSandipan Das 40944d56a76eSSandipan Das free = ulen; 40954d56a76eSSandipan Das for (i = 0; i < prog->aux->func_cnt; i++) { 40964d56a76eSSandipan Das len = prog->aux->func[i]->jited_len; 40974d56a76eSSandipan Das len = min_t(u32, len, free); 40984d56a76eSSandipan Das img = (u8 *) prog->aux->func[i]->bpf_func; 40994d56a76eSSandipan Das if (copy_to_user(uinsns, img, len)) 41004d56a76eSSandipan Das return -EFAULT; 41014d56a76eSSandipan Das uinsns += len; 41024d56a76eSSandipan Das free -= len; 41034d56a76eSSandipan Das if (!free) 41044d56a76eSSandipan Das break; 41054d56a76eSSandipan Das } 41064d56a76eSSandipan Das } else { 4107fcfb126dSJiong Wang if (copy_to_user(uinsns, prog->bpf_func, ulen)) 4108fcfb126dSJiong Wang return -EFAULT; 41094d56a76eSSandipan Das } 4110fcfb126dSJiong Wang } else { 4111fcfb126dSJiong Wang info.jited_prog_insns = 0; 4112fcfb126dSJiong Wang } 4113675fc275SJakub Kicinski } 4114675fc275SJakub Kicinski 4115dbecd738SSandipan Das ulen = info.nr_jited_ksyms; 4116ff1889fcSSong Liu info.nr_jited_ksyms = prog->aux->func_cnt ? : 1; 41177a5725ddSSong Liu if (ulen) { 411863960260SKees Cook if (bpf_dump_raw_ok(file->f_cred)) { 4119ff1889fcSSong Liu unsigned long ksym_addr; 4120dbecd738SSandipan Das u64 __user *user_ksyms; 4121dbecd738SSandipan Das u32 i; 4122dbecd738SSandipan Das 4123dbecd738SSandipan Das /* copy the address of the kernel symbol 4124dbecd738SSandipan Das * corresponding to each function 4125dbecd738SSandipan Das */ 4126dbecd738SSandipan Das ulen = min_t(u32, info.nr_jited_ksyms, ulen); 4127dbecd738SSandipan Das user_ksyms = u64_to_user_ptr(info.jited_ksyms); 4128ff1889fcSSong Liu if (prog->aux->func_cnt) { 4129dbecd738SSandipan Das for (i = 0; i < ulen; i++) { 4130ff1889fcSSong Liu ksym_addr = (unsigned long) 4131ff1889fcSSong Liu prog->aux->func[i]->bpf_func; 4132ff1889fcSSong Liu if (put_user((u64) ksym_addr, 4133ff1889fcSSong Liu &user_ksyms[i])) 4134ff1889fcSSong Liu return -EFAULT; 4135ff1889fcSSong Liu } 4136ff1889fcSSong Liu } else { 4137ff1889fcSSong Liu ksym_addr = (unsigned long) prog->bpf_func; 4138ff1889fcSSong Liu if (put_user((u64) ksym_addr, &user_ksyms[0])) 4139dbecd738SSandipan Das return -EFAULT; 4140dbecd738SSandipan Das } 4141dbecd738SSandipan Das } else { 4142dbecd738SSandipan Das info.jited_ksyms = 0; 4143dbecd738SSandipan Das } 4144dbecd738SSandipan Das } 4145dbecd738SSandipan Das 4146815581c1SSandipan Das ulen = info.nr_jited_func_lens; 4147ff1889fcSSong Liu info.nr_jited_func_lens = prog->aux->func_cnt ? : 1; 41487a5725ddSSong Liu if (ulen) { 414963960260SKees Cook if (bpf_dump_raw_ok(file->f_cred)) { 4150815581c1SSandipan Das u32 __user *user_lens; 4151815581c1SSandipan Das u32 func_len, i; 4152815581c1SSandipan Das 4153815581c1SSandipan Das /* copy the JITed image lengths for each function */ 4154815581c1SSandipan Das ulen = min_t(u32, info.nr_jited_func_lens, ulen); 4155815581c1SSandipan Das user_lens = u64_to_user_ptr(info.jited_func_lens); 4156ff1889fcSSong Liu if (prog->aux->func_cnt) { 4157815581c1SSandipan Das for (i = 0; i < ulen; i++) { 4158ff1889fcSSong Liu func_len = 4159ff1889fcSSong Liu prog->aux->func[i]->jited_len; 4160815581c1SSandipan Das if (put_user(func_len, &user_lens[i])) 4161815581c1SSandipan Das return -EFAULT; 4162815581c1SSandipan Das } 4163815581c1SSandipan Das } else { 4164ff1889fcSSong Liu func_len = prog->jited_len; 4165ff1889fcSSong Liu if (put_user(func_len, &user_lens[0])) 4166ff1889fcSSong Liu return -EFAULT; 4167ff1889fcSSong Liu } 4168ff1889fcSSong Liu } else { 4169815581c1SSandipan Das info.jited_func_lens = 0; 4170815581c1SSandipan Das } 4171815581c1SSandipan Das } 4172815581c1SSandipan Das 41737337224fSMartin KaFai Lau if (prog->aux->btf) 417422dc4a0fSAndrii Nakryiko info.btf_id = btf_obj_id(prog->aux->btf); 4175b79c9fc9SStanislav Fomichev info.attach_btf_id = prog->aux->attach_btf_id; 41766644aabbSStanislav Fomichev if (attach_btf) 41776644aabbSStanislav Fomichev info.attach_btf_obj_id = btf_obj_id(attach_btf); 4178838e9690SYonghong Song 417911d8b82dSYonghong Song ulen = info.nr_func_info; 418011d8b82dSYonghong Song info.nr_func_info = prog->aux->func_info_cnt; 418111d8b82dSYonghong Song if (info.nr_func_info && ulen) { 4182838e9690SYonghong Song char __user *user_finfo; 4183838e9690SYonghong Song 4184838e9690SYonghong Song user_finfo = u64_to_user_ptr(info.func_info); 418511d8b82dSYonghong Song ulen = min_t(u32, info.nr_func_info, ulen); 4186ba64e7d8SYonghong Song if (copy_to_user(user_finfo, prog->aux->func_info, 41877337224fSMartin KaFai Lau info.func_info_rec_size * ulen)) 4188838e9690SYonghong Song return -EFAULT; 4189838e9690SYonghong Song } 4190838e9690SYonghong Song 419111d8b82dSYonghong Song ulen = info.nr_line_info; 419211d8b82dSYonghong Song info.nr_line_info = prog->aux->nr_linfo; 419311d8b82dSYonghong Song if (info.nr_line_info && ulen) { 4194c454a46bSMartin KaFai Lau __u8 __user *user_linfo; 4195c454a46bSMartin KaFai Lau 4196c454a46bSMartin KaFai Lau user_linfo = u64_to_user_ptr(info.line_info); 419711d8b82dSYonghong Song ulen = min_t(u32, info.nr_line_info, ulen); 4198c454a46bSMartin KaFai Lau if (copy_to_user(user_linfo, prog->aux->linfo, 4199c454a46bSMartin KaFai Lau info.line_info_rec_size * ulen)) 4200c454a46bSMartin KaFai Lau return -EFAULT; 4201c454a46bSMartin KaFai Lau } 4202c454a46bSMartin KaFai Lau 420311d8b82dSYonghong Song ulen = info.nr_jited_line_info; 4204c454a46bSMartin KaFai Lau if (prog->aux->jited_linfo) 420511d8b82dSYonghong Song info.nr_jited_line_info = prog->aux->nr_linfo; 4206c454a46bSMartin KaFai Lau else 420711d8b82dSYonghong Song info.nr_jited_line_info = 0; 420811d8b82dSYonghong Song if (info.nr_jited_line_info && ulen) { 420963960260SKees Cook if (bpf_dump_raw_ok(file->f_cred)) { 42102cd00852SPu Lehui unsigned long line_addr; 4211c454a46bSMartin KaFai Lau __u64 __user *user_linfo; 4212c454a46bSMartin KaFai Lau u32 i; 4213c454a46bSMartin KaFai Lau 4214c454a46bSMartin KaFai Lau user_linfo = u64_to_user_ptr(info.jited_line_info); 421511d8b82dSYonghong Song ulen = min_t(u32, info.nr_jited_line_info, ulen); 4216c454a46bSMartin KaFai Lau for (i = 0; i < ulen; i++) { 42172cd00852SPu Lehui line_addr = (unsigned long)prog->aux->jited_linfo[i]; 42182cd00852SPu Lehui if (put_user((__u64)line_addr, &user_linfo[i])) 4219c454a46bSMartin KaFai Lau return -EFAULT; 4220c454a46bSMartin KaFai Lau } 4221c454a46bSMartin KaFai Lau } else { 4222c454a46bSMartin KaFai Lau info.jited_line_info = 0; 4223c454a46bSMartin KaFai Lau } 4224c454a46bSMartin KaFai Lau } 4225c454a46bSMartin KaFai Lau 4226c872bdb3SSong Liu ulen = info.nr_prog_tags; 4227c872bdb3SSong Liu info.nr_prog_tags = prog->aux->func_cnt ? : 1; 4228c872bdb3SSong Liu if (ulen) { 4229c872bdb3SSong Liu __u8 __user (*user_prog_tags)[BPF_TAG_SIZE]; 4230c872bdb3SSong Liu u32 i; 4231c872bdb3SSong Liu 4232c872bdb3SSong Liu user_prog_tags = u64_to_user_ptr(info.prog_tags); 4233c872bdb3SSong Liu ulen = min_t(u32, info.nr_prog_tags, ulen); 4234c872bdb3SSong Liu if (prog->aux->func_cnt) { 4235c872bdb3SSong Liu for (i = 0; i < ulen; i++) { 4236c872bdb3SSong Liu if (copy_to_user(user_prog_tags[i], 4237c872bdb3SSong Liu prog->aux->func[i]->tag, 4238c872bdb3SSong Liu BPF_TAG_SIZE)) 4239c872bdb3SSong Liu return -EFAULT; 4240c872bdb3SSong Liu } 4241c872bdb3SSong Liu } else { 4242c872bdb3SSong Liu if (copy_to_user(user_prog_tags[0], 4243c872bdb3SSong Liu prog->tag, BPF_TAG_SIZE)) 4244c872bdb3SSong Liu return -EFAULT; 4245c872bdb3SSong Liu } 4246c872bdb3SSong Liu } 4247c872bdb3SSong Liu 42481e270976SMartin KaFai Lau done: 42491e270976SMartin KaFai Lau if (copy_to_user(uinfo, &info, info_len) || 42501e270976SMartin KaFai Lau put_user(info_len, &uattr->info.info_len)) 42511e270976SMartin KaFai Lau return -EFAULT; 42521e270976SMartin KaFai Lau 42531e270976SMartin KaFai Lau return 0; 42541e270976SMartin KaFai Lau } 42551e270976SMartin KaFai Lau 425663960260SKees Cook static int bpf_map_get_info_by_fd(struct file *file, 425763960260SKees Cook struct bpf_map *map, 42581e270976SMartin KaFai Lau const union bpf_attr *attr, 42591e270976SMartin KaFai Lau union bpf_attr __user *uattr) 42601e270976SMartin KaFai Lau { 42611e270976SMartin KaFai Lau struct bpf_map_info __user *uinfo = u64_to_user_ptr(attr->info.info); 42625c6f2588SGreg Kroah-Hartman struct bpf_map_info info; 42631e270976SMartin KaFai Lau u32 info_len = attr->info.info_len; 42641e270976SMartin KaFai Lau int err; 42651e270976SMartin KaFai Lau 4266af2ac3e1SAlexei Starovoitov err = bpf_check_uarg_tail_zero(USER_BPFPTR(uinfo), sizeof(info), info_len); 42671e270976SMartin KaFai Lau if (err) 42681e270976SMartin KaFai Lau return err; 42691e270976SMartin KaFai Lau info_len = min_t(u32, sizeof(info), info_len); 42701e270976SMartin KaFai Lau 42715c6f2588SGreg Kroah-Hartman memset(&info, 0, sizeof(info)); 42721e270976SMartin KaFai Lau info.type = map->map_type; 42731e270976SMartin KaFai Lau info.id = map->id; 42741e270976SMartin KaFai Lau info.key_size = map->key_size; 42751e270976SMartin KaFai Lau info.value_size = map->value_size; 42761e270976SMartin KaFai Lau info.max_entries = map->max_entries; 42771e270976SMartin KaFai Lau info.map_flags = map->map_flags; 42789330986cSJoanne Koong info.map_extra = map->map_extra; 4279ad5b177bSMartin KaFai Lau memcpy(info.name, map->name, sizeof(map->name)); 42801e270976SMartin KaFai Lau 428178958fcaSMartin KaFai Lau if (map->btf) { 428222dc4a0fSAndrii Nakryiko info.btf_id = btf_obj_id(map->btf); 42839b2cf328SMartin KaFai Lau info.btf_key_type_id = map->btf_key_type_id; 42849b2cf328SMartin KaFai Lau info.btf_value_type_id = map->btf_value_type_id; 428578958fcaSMartin KaFai Lau } 428685d33df3SMartin KaFai Lau info.btf_vmlinux_value_type_id = map->btf_vmlinux_value_type_id; 428778958fcaSMartin KaFai Lau 42889d03ebc7SStanislav Fomichev if (bpf_map_is_offloaded(map)) { 428952775b33SJakub Kicinski err = bpf_map_offload_info_fill(&info, map); 429052775b33SJakub Kicinski if (err) 429152775b33SJakub Kicinski return err; 429252775b33SJakub Kicinski } 429352775b33SJakub Kicinski 42941e270976SMartin KaFai Lau if (copy_to_user(uinfo, &info, info_len) || 42951e270976SMartin KaFai Lau put_user(info_len, &uattr->info.info_len)) 42961e270976SMartin KaFai Lau return -EFAULT; 42971e270976SMartin KaFai Lau 42981e270976SMartin KaFai Lau return 0; 42991e270976SMartin KaFai Lau } 43001e270976SMartin KaFai Lau 430163960260SKees Cook static int bpf_btf_get_info_by_fd(struct file *file, 430263960260SKees Cook struct btf *btf, 430362dab84cSMartin KaFai Lau const union bpf_attr *attr, 430462dab84cSMartin KaFai Lau union bpf_attr __user *uattr) 430562dab84cSMartin KaFai Lau { 430662dab84cSMartin KaFai Lau struct bpf_btf_info __user *uinfo = u64_to_user_ptr(attr->info.info); 430762dab84cSMartin KaFai Lau u32 info_len = attr->info.info_len; 430862dab84cSMartin KaFai Lau int err; 430962dab84cSMartin KaFai Lau 4310af2ac3e1SAlexei Starovoitov err = bpf_check_uarg_tail_zero(USER_BPFPTR(uinfo), sizeof(*uinfo), info_len); 431162dab84cSMartin KaFai Lau if (err) 431262dab84cSMartin KaFai Lau return err; 431362dab84cSMartin KaFai Lau 431462dab84cSMartin KaFai Lau return btf_get_info_by_fd(btf, attr, uattr); 431562dab84cSMartin KaFai Lau } 431662dab84cSMartin KaFai Lau 431763960260SKees Cook static int bpf_link_get_info_by_fd(struct file *file, 431863960260SKees Cook struct bpf_link *link, 4319f2e10bffSAndrii Nakryiko const union bpf_attr *attr, 4320f2e10bffSAndrii Nakryiko union bpf_attr __user *uattr) 4321f2e10bffSAndrii Nakryiko { 4322f2e10bffSAndrii Nakryiko struct bpf_link_info __user *uinfo = u64_to_user_ptr(attr->info.info); 4323f2e10bffSAndrii Nakryiko struct bpf_link_info info; 4324f2e10bffSAndrii Nakryiko u32 info_len = attr->info.info_len; 4325f2e10bffSAndrii Nakryiko int err; 4326f2e10bffSAndrii Nakryiko 4327af2ac3e1SAlexei Starovoitov err = bpf_check_uarg_tail_zero(USER_BPFPTR(uinfo), sizeof(info), info_len); 4328f2e10bffSAndrii Nakryiko if (err) 4329f2e10bffSAndrii Nakryiko return err; 4330f2e10bffSAndrii Nakryiko info_len = min_t(u32, sizeof(info), info_len); 4331f2e10bffSAndrii Nakryiko 4332f2e10bffSAndrii Nakryiko memset(&info, 0, sizeof(info)); 4333f2e10bffSAndrii Nakryiko if (copy_from_user(&info, uinfo, info_len)) 4334f2e10bffSAndrii Nakryiko return -EFAULT; 4335f2e10bffSAndrii Nakryiko 4336f2e10bffSAndrii Nakryiko info.type = link->type; 4337f2e10bffSAndrii Nakryiko info.id = link->id; 433868b04864SKui-Feng Lee if (link->prog) 4339f2e10bffSAndrii Nakryiko info.prog_id = link->prog->aux->id; 4340f2e10bffSAndrii Nakryiko 4341f2e10bffSAndrii Nakryiko if (link->ops->fill_link_info) { 4342f2e10bffSAndrii Nakryiko err = link->ops->fill_link_info(link, &info); 4343f2e10bffSAndrii Nakryiko if (err) 4344f2e10bffSAndrii Nakryiko return err; 4345f2e10bffSAndrii Nakryiko } 4346f2e10bffSAndrii Nakryiko 4347f2e10bffSAndrii Nakryiko if (copy_to_user(uinfo, &info, info_len) || 4348f2e10bffSAndrii Nakryiko put_user(info_len, &uattr->info.info_len)) 4349f2e10bffSAndrii Nakryiko return -EFAULT; 4350f2e10bffSAndrii Nakryiko 4351f2e10bffSAndrii Nakryiko return 0; 4352f2e10bffSAndrii Nakryiko } 4353f2e10bffSAndrii Nakryiko 4354f2e10bffSAndrii Nakryiko 43551e270976SMartin KaFai Lau #define BPF_OBJ_GET_INFO_BY_FD_LAST_FIELD info.info 43561e270976SMartin KaFai Lau 43571e270976SMartin KaFai Lau static int bpf_obj_get_info_by_fd(const union bpf_attr *attr, 43581e270976SMartin KaFai Lau union bpf_attr __user *uattr) 43591e270976SMartin KaFai Lau { 43601e270976SMartin KaFai Lau int ufd = attr->info.bpf_fd; 43611e270976SMartin KaFai Lau struct fd f; 43621e270976SMartin KaFai Lau int err; 43631e270976SMartin KaFai Lau 43641e270976SMartin KaFai Lau if (CHECK_ATTR(BPF_OBJ_GET_INFO_BY_FD)) 43651e270976SMartin KaFai Lau return -EINVAL; 43661e270976SMartin KaFai Lau 43671e270976SMartin KaFai Lau f = fdget(ufd); 43681e270976SMartin KaFai Lau if (!f.file) 43691e270976SMartin KaFai Lau return -EBADFD; 43701e270976SMartin KaFai Lau 43711e270976SMartin KaFai Lau if (f.file->f_op == &bpf_prog_fops) 437263960260SKees Cook err = bpf_prog_get_info_by_fd(f.file, f.file->private_data, attr, 43731e270976SMartin KaFai Lau uattr); 43741e270976SMartin KaFai Lau else if (f.file->f_op == &bpf_map_fops) 437563960260SKees Cook err = bpf_map_get_info_by_fd(f.file, f.file->private_data, attr, 43761e270976SMartin KaFai Lau uattr); 437760197cfbSMartin KaFai Lau else if (f.file->f_op == &btf_fops) 437863960260SKees Cook err = bpf_btf_get_info_by_fd(f.file, f.file->private_data, attr, uattr); 4379f2e10bffSAndrii Nakryiko else if (f.file->f_op == &bpf_link_fops) 438063960260SKees Cook err = bpf_link_get_info_by_fd(f.file, f.file->private_data, 4381f2e10bffSAndrii Nakryiko attr, uattr); 43821e270976SMartin KaFai Lau else 43831e270976SMartin KaFai Lau err = -EINVAL; 43841e270976SMartin KaFai Lau 43851e270976SMartin KaFai Lau fdput(f); 43861e270976SMartin KaFai Lau return err; 43871e270976SMartin KaFai Lau } 43881e270976SMartin KaFai Lau 438947a71c1fSAndrii Nakryiko #define BPF_BTF_LOAD_LAST_FIELD btf_log_true_size 4390f56a653cSMartin KaFai Lau 439147a71c1fSAndrii Nakryiko static int bpf_btf_load(const union bpf_attr *attr, bpfptr_t uattr, __u32 uattr_size) 4392f56a653cSMartin KaFai Lau { 4393f56a653cSMartin KaFai Lau if (CHECK_ATTR(BPF_BTF_LOAD)) 4394f56a653cSMartin KaFai Lau return -EINVAL; 4395f56a653cSMartin KaFai Lau 43962c78ee89SAlexei Starovoitov if (!bpf_capable()) 4397f56a653cSMartin KaFai Lau return -EPERM; 4398f56a653cSMartin KaFai Lau 439947a71c1fSAndrii Nakryiko return btf_new_fd(attr, uattr, uattr_size); 4400f56a653cSMartin KaFai Lau } 4401f56a653cSMartin KaFai Lau 440278958fcaSMartin KaFai Lau #define BPF_BTF_GET_FD_BY_ID_LAST_FIELD btf_id 440378958fcaSMartin KaFai Lau 440478958fcaSMartin KaFai Lau static int bpf_btf_get_fd_by_id(const union bpf_attr *attr) 440578958fcaSMartin KaFai Lau { 440678958fcaSMartin KaFai Lau if (CHECK_ATTR(BPF_BTF_GET_FD_BY_ID)) 440778958fcaSMartin KaFai Lau return -EINVAL; 440878958fcaSMartin KaFai Lau 440978958fcaSMartin KaFai Lau if (!capable(CAP_SYS_ADMIN)) 441078958fcaSMartin KaFai Lau return -EPERM; 441178958fcaSMartin KaFai Lau 441278958fcaSMartin KaFai Lau return btf_get_fd_by_id(attr->btf_id); 441378958fcaSMartin KaFai Lau } 441478958fcaSMartin KaFai Lau 441541bdc4b4SYonghong Song static int bpf_task_fd_query_copy(const union bpf_attr *attr, 441641bdc4b4SYonghong Song union bpf_attr __user *uattr, 441741bdc4b4SYonghong Song u32 prog_id, u32 fd_type, 441841bdc4b4SYonghong Song const char *buf, u64 probe_offset, 441941bdc4b4SYonghong Song u64 probe_addr) 442041bdc4b4SYonghong Song { 442141bdc4b4SYonghong Song char __user *ubuf = u64_to_user_ptr(attr->task_fd_query.buf); 442241bdc4b4SYonghong Song u32 len = buf ? strlen(buf) : 0, input_len; 442341bdc4b4SYonghong Song int err = 0; 442441bdc4b4SYonghong Song 442541bdc4b4SYonghong Song if (put_user(len, &uattr->task_fd_query.buf_len)) 442641bdc4b4SYonghong Song return -EFAULT; 442741bdc4b4SYonghong Song input_len = attr->task_fd_query.buf_len; 442841bdc4b4SYonghong Song if (input_len && ubuf) { 442941bdc4b4SYonghong Song if (!len) { 443041bdc4b4SYonghong Song /* nothing to copy, just make ubuf NULL terminated */ 443141bdc4b4SYonghong Song char zero = '\0'; 443241bdc4b4SYonghong Song 443341bdc4b4SYonghong Song if (put_user(zero, ubuf)) 443441bdc4b4SYonghong Song return -EFAULT; 443541bdc4b4SYonghong Song } else if (input_len >= len + 1) { 443641bdc4b4SYonghong Song /* ubuf can hold the string with NULL terminator */ 443741bdc4b4SYonghong Song if (copy_to_user(ubuf, buf, len + 1)) 443841bdc4b4SYonghong Song return -EFAULT; 443941bdc4b4SYonghong Song } else { 444041bdc4b4SYonghong Song /* ubuf cannot hold the string with NULL terminator, 444141bdc4b4SYonghong Song * do a partial copy with NULL terminator. 444241bdc4b4SYonghong Song */ 444341bdc4b4SYonghong Song char zero = '\0'; 444441bdc4b4SYonghong Song 444541bdc4b4SYonghong Song err = -ENOSPC; 444641bdc4b4SYonghong Song if (copy_to_user(ubuf, buf, input_len - 1)) 444741bdc4b4SYonghong Song return -EFAULT; 444841bdc4b4SYonghong Song if (put_user(zero, ubuf + input_len - 1)) 444941bdc4b4SYonghong Song return -EFAULT; 445041bdc4b4SYonghong Song } 445141bdc4b4SYonghong Song } 445241bdc4b4SYonghong Song 445341bdc4b4SYonghong Song if (put_user(prog_id, &uattr->task_fd_query.prog_id) || 445441bdc4b4SYonghong Song put_user(fd_type, &uattr->task_fd_query.fd_type) || 445541bdc4b4SYonghong Song put_user(probe_offset, &uattr->task_fd_query.probe_offset) || 445641bdc4b4SYonghong Song put_user(probe_addr, &uattr->task_fd_query.probe_addr)) 445741bdc4b4SYonghong Song return -EFAULT; 445841bdc4b4SYonghong Song 445941bdc4b4SYonghong Song return err; 446041bdc4b4SYonghong Song } 446141bdc4b4SYonghong Song 446241bdc4b4SYonghong Song #define BPF_TASK_FD_QUERY_LAST_FIELD task_fd_query.probe_addr 446341bdc4b4SYonghong Song 446441bdc4b4SYonghong Song static int bpf_task_fd_query(const union bpf_attr *attr, 446541bdc4b4SYonghong Song union bpf_attr __user *uattr) 446641bdc4b4SYonghong Song { 446741bdc4b4SYonghong Song pid_t pid = attr->task_fd_query.pid; 446841bdc4b4SYonghong Song u32 fd = attr->task_fd_query.fd; 446941bdc4b4SYonghong Song const struct perf_event *event; 447041bdc4b4SYonghong Song struct task_struct *task; 447141bdc4b4SYonghong Song struct file *file; 447241bdc4b4SYonghong Song int err; 447341bdc4b4SYonghong Song 447441bdc4b4SYonghong Song if (CHECK_ATTR(BPF_TASK_FD_QUERY)) 447541bdc4b4SYonghong Song return -EINVAL; 447641bdc4b4SYonghong Song 447741bdc4b4SYonghong Song if (!capable(CAP_SYS_ADMIN)) 447841bdc4b4SYonghong Song return -EPERM; 447941bdc4b4SYonghong Song 448041bdc4b4SYonghong Song if (attr->task_fd_query.flags != 0) 448141bdc4b4SYonghong Song return -EINVAL; 448241bdc4b4SYonghong Song 448383c10cc3SLee Jones rcu_read_lock(); 448441bdc4b4SYonghong Song task = get_pid_task(find_vpid(pid), PIDTYPE_PID); 448583c10cc3SLee Jones rcu_read_unlock(); 448641bdc4b4SYonghong Song if (!task) 448741bdc4b4SYonghong Song return -ENOENT; 448841bdc4b4SYonghong Song 448941bdc4b4SYonghong Song err = 0; 4490b48845afSEric W. Biederman file = fget_task(task, fd); 4491b48845afSEric W. Biederman put_task_struct(task); 449241bdc4b4SYonghong Song if (!file) 4493b48845afSEric W. Biederman return -EBADF; 449441bdc4b4SYonghong Song 449570ed506cSAndrii Nakryiko if (file->f_op == &bpf_link_fops) { 449670ed506cSAndrii Nakryiko struct bpf_link *link = file->private_data; 449770ed506cSAndrii Nakryiko 4498a3b80e10SAndrii Nakryiko if (link->ops == &bpf_raw_tp_link_lops) { 449970ed506cSAndrii Nakryiko struct bpf_raw_tp_link *raw_tp = 450070ed506cSAndrii Nakryiko container_of(link, struct bpf_raw_tp_link, link); 450141bdc4b4SYonghong Song struct bpf_raw_event_map *btp = raw_tp->btp; 450241bdc4b4SYonghong Song 450341bdc4b4SYonghong Song err = bpf_task_fd_query_copy(attr, uattr, 450470ed506cSAndrii Nakryiko raw_tp->link.prog->aux->id, 450541bdc4b4SYonghong Song BPF_FD_TYPE_RAW_TRACEPOINT, 450641bdc4b4SYonghong Song btp->tp->name, 0, 0); 450741bdc4b4SYonghong Song goto put_file; 450841bdc4b4SYonghong Song } 450970ed506cSAndrii Nakryiko goto out_not_supp; 451070ed506cSAndrii Nakryiko } 451141bdc4b4SYonghong Song 451241bdc4b4SYonghong Song event = perf_get_event(file); 451341bdc4b4SYonghong Song if (!IS_ERR(event)) { 451441bdc4b4SYonghong Song u64 probe_offset, probe_addr; 451541bdc4b4SYonghong Song u32 prog_id, fd_type; 451641bdc4b4SYonghong Song const char *buf; 451741bdc4b4SYonghong Song 451841bdc4b4SYonghong Song err = bpf_get_perf_event_info(event, &prog_id, &fd_type, 451941bdc4b4SYonghong Song &buf, &probe_offset, 452041bdc4b4SYonghong Song &probe_addr); 452141bdc4b4SYonghong Song if (!err) 452241bdc4b4SYonghong Song err = bpf_task_fd_query_copy(attr, uattr, prog_id, 452341bdc4b4SYonghong Song fd_type, buf, 452441bdc4b4SYonghong Song probe_offset, 452541bdc4b4SYonghong Song probe_addr); 452641bdc4b4SYonghong Song goto put_file; 452741bdc4b4SYonghong Song } 452841bdc4b4SYonghong Song 452970ed506cSAndrii Nakryiko out_not_supp: 453041bdc4b4SYonghong Song err = -ENOTSUPP; 453141bdc4b4SYonghong Song put_file: 453241bdc4b4SYonghong Song fput(file); 453341bdc4b4SYonghong Song return err; 453441bdc4b4SYonghong Song } 453541bdc4b4SYonghong Song 4536cb4d03abSBrian Vazquez #define BPF_MAP_BATCH_LAST_FIELD batch.flags 4537cb4d03abSBrian Vazquez 45383af43ba4SHou Tao #define BPF_DO_BATCH(fn, ...) \ 4539cb4d03abSBrian Vazquez do { \ 4540cb4d03abSBrian Vazquez if (!fn) { \ 4541cb4d03abSBrian Vazquez err = -ENOTSUPP; \ 4542cb4d03abSBrian Vazquez goto err_put; \ 4543cb4d03abSBrian Vazquez } \ 45443af43ba4SHou Tao err = fn(__VA_ARGS__); \ 4545cb4d03abSBrian Vazquez } while (0) 4546cb4d03abSBrian Vazquez 4547cb4d03abSBrian Vazquez static int bpf_map_do_batch(const union bpf_attr *attr, 4548cb4d03abSBrian Vazquez union bpf_attr __user *uattr, 4549cb4d03abSBrian Vazquez int cmd) 4550cb4d03abSBrian Vazquez { 4551353050beSDaniel Borkmann bool has_read = cmd == BPF_MAP_LOOKUP_BATCH || 4552353050beSDaniel Borkmann cmd == BPF_MAP_LOOKUP_AND_DELETE_BATCH; 4553353050beSDaniel Borkmann bool has_write = cmd != BPF_MAP_LOOKUP_BATCH; 4554cb4d03abSBrian Vazquez struct bpf_map *map; 4555cb4d03abSBrian Vazquez int err, ufd; 4556cb4d03abSBrian Vazquez struct fd f; 4557cb4d03abSBrian Vazquez 4558cb4d03abSBrian Vazquez if (CHECK_ATTR(BPF_MAP_BATCH)) 4559cb4d03abSBrian Vazquez return -EINVAL; 4560cb4d03abSBrian Vazquez 4561cb4d03abSBrian Vazquez ufd = attr->batch.map_fd; 4562cb4d03abSBrian Vazquez f = fdget(ufd); 4563cb4d03abSBrian Vazquez map = __bpf_map_get(f); 4564cb4d03abSBrian Vazquez if (IS_ERR(map)) 4565cb4d03abSBrian Vazquez return PTR_ERR(map); 4566353050beSDaniel Borkmann if (has_write) 4567353050beSDaniel Borkmann bpf_map_write_active_inc(map); 4568353050beSDaniel Borkmann if (has_read && !(map_get_sys_perms(map, f) & FMODE_CAN_READ)) { 4569cb4d03abSBrian Vazquez err = -EPERM; 4570cb4d03abSBrian Vazquez goto err_put; 4571cb4d03abSBrian Vazquez } 4572353050beSDaniel Borkmann if (has_write && !(map_get_sys_perms(map, f) & FMODE_CAN_WRITE)) { 4573cb4d03abSBrian Vazquez err = -EPERM; 4574cb4d03abSBrian Vazquez goto err_put; 4575cb4d03abSBrian Vazquez } 4576cb4d03abSBrian Vazquez 4577cb4d03abSBrian Vazquez if (cmd == BPF_MAP_LOOKUP_BATCH) 45783af43ba4SHou Tao BPF_DO_BATCH(map->ops->map_lookup_batch, map, attr, uattr); 457905799638SYonghong Song else if (cmd == BPF_MAP_LOOKUP_AND_DELETE_BATCH) 45803af43ba4SHou Tao BPF_DO_BATCH(map->ops->map_lookup_and_delete_batch, map, attr, uattr); 4581aa2e93b8SBrian Vazquez else if (cmd == BPF_MAP_UPDATE_BATCH) 45823af43ba4SHou Tao BPF_DO_BATCH(map->ops->map_update_batch, map, f.file, attr, uattr); 4583aa2e93b8SBrian Vazquez else 45843af43ba4SHou Tao BPF_DO_BATCH(map->ops->map_delete_batch, map, attr, uattr); 4585cb4d03abSBrian Vazquez err_put: 4586353050beSDaniel Borkmann if (has_write) 4587353050beSDaniel Borkmann bpf_map_write_active_dec(map); 4588cb4d03abSBrian Vazquez fdput(f); 4589cb4d03abSBrian Vazquez return err; 4590cb4d03abSBrian Vazquez } 4591cb4d03abSBrian Vazquez 4592ca74823cSJiri Olsa #define BPF_LINK_CREATE_LAST_FIELD link_create.kprobe_multi.cookies 4593af2ac3e1SAlexei Starovoitov static int link_create(union bpf_attr *attr, bpfptr_t uattr) 4594af6eea57SAndrii Nakryiko { 4595af6eea57SAndrii Nakryiko enum bpf_prog_type ptype; 4596af6eea57SAndrii Nakryiko struct bpf_prog *prog; 4597af6eea57SAndrii Nakryiko int ret; 4598af6eea57SAndrii Nakryiko 4599af6eea57SAndrii Nakryiko if (CHECK_ATTR(BPF_LINK_CREATE)) 4600af6eea57SAndrii Nakryiko return -EINVAL; 4601af6eea57SAndrii Nakryiko 460268b04864SKui-Feng Lee if (attr->link_create.attach_type == BPF_STRUCT_OPS) 460368b04864SKui-Feng Lee return bpf_struct_ops_link_create(attr); 460468b04864SKui-Feng Lee 46054a1e7c0cSToke Høiland-Jørgensen prog = bpf_prog_get(attr->link_create.prog_fd); 4606af6eea57SAndrii Nakryiko if (IS_ERR(prog)) 4607af6eea57SAndrii Nakryiko return PTR_ERR(prog); 4608af6eea57SAndrii Nakryiko 4609af6eea57SAndrii Nakryiko ret = bpf_prog_attach_check_attach_type(prog, 4610af6eea57SAndrii Nakryiko attr->link_create.attach_type); 4611af6eea57SAndrii Nakryiko if (ret) 46124a1e7c0cSToke Høiland-Jørgensen goto out; 46134a1e7c0cSToke Høiland-Jørgensen 4614b89fbfbbSAndrii Nakryiko switch (prog->type) { 4615b89fbfbbSAndrii Nakryiko case BPF_PROG_TYPE_EXT: 461684601d6eSFlorian Westphal case BPF_PROG_TYPE_NETFILTER: 4617df86ca0dSAndrii Nakryiko break; 4618b89fbfbbSAndrii Nakryiko case BPF_PROG_TYPE_PERF_EVENT: 4619b89fbfbbSAndrii Nakryiko case BPF_PROG_TYPE_TRACEPOINT: 4620b89fbfbbSAndrii Nakryiko if (attr->link_create.attach_type != BPF_PERF_EVENT) { 4621b89fbfbbSAndrii Nakryiko ret = -EINVAL; 4622b89fbfbbSAndrii Nakryiko goto out; 46234a1e7c0cSToke Høiland-Jørgensen } 4624b89fbfbbSAndrii Nakryiko break; 46250dcac272SJiri Olsa case BPF_PROG_TYPE_KPROBE: 46260dcac272SJiri Olsa if (attr->link_create.attach_type != BPF_PERF_EVENT && 46270dcac272SJiri Olsa attr->link_create.attach_type != BPF_TRACE_KPROBE_MULTI) { 46280dcac272SJiri Olsa ret = -EINVAL; 46290dcac272SJiri Olsa goto out; 46300dcac272SJiri Olsa } 46310dcac272SJiri Olsa break; 4632b89fbfbbSAndrii Nakryiko default: 46334a1e7c0cSToke Høiland-Jørgensen ptype = attach_type_to_prog_type(attr->link_create.attach_type); 46344a1e7c0cSToke Høiland-Jørgensen if (ptype == BPF_PROG_TYPE_UNSPEC || ptype != prog->type) { 46354a1e7c0cSToke Høiland-Jørgensen ret = -EINVAL; 46364a1e7c0cSToke Høiland-Jørgensen goto out; 46374a1e7c0cSToke Høiland-Jørgensen } 4638b89fbfbbSAndrii Nakryiko break; 4639b89fbfbbSAndrii Nakryiko } 4640af6eea57SAndrii Nakryiko 4641df86ca0dSAndrii Nakryiko switch (prog->type) { 4642af6eea57SAndrii Nakryiko case BPF_PROG_TYPE_CGROUP_SKB: 4643af6eea57SAndrii Nakryiko case BPF_PROG_TYPE_CGROUP_SOCK: 4644af6eea57SAndrii Nakryiko case BPF_PROG_TYPE_CGROUP_SOCK_ADDR: 4645af6eea57SAndrii Nakryiko case BPF_PROG_TYPE_SOCK_OPS: 4646af6eea57SAndrii Nakryiko case BPF_PROG_TYPE_CGROUP_DEVICE: 4647af6eea57SAndrii Nakryiko case BPF_PROG_TYPE_CGROUP_SYSCTL: 4648af6eea57SAndrii Nakryiko case BPF_PROG_TYPE_CGROUP_SOCKOPT: 4649af6eea57SAndrii Nakryiko ret = cgroup_bpf_link_attach(attr, prog); 4650af6eea57SAndrii Nakryiko break; 4651df86ca0dSAndrii Nakryiko case BPF_PROG_TYPE_EXT: 4652df86ca0dSAndrii Nakryiko ret = bpf_tracing_prog_attach(prog, 4653df86ca0dSAndrii Nakryiko attr->link_create.target_fd, 46542fcc8241SKui-Feng Lee attr->link_create.target_btf_id, 46552fcc8241SKui-Feng Lee attr->link_create.tracing.cookie); 4656df86ca0dSAndrii Nakryiko break; 4657df86ca0dSAndrii Nakryiko case BPF_PROG_TYPE_LSM: 4658de4e05caSYonghong Song case BPF_PROG_TYPE_TRACING: 4659df86ca0dSAndrii Nakryiko if (attr->link_create.attach_type != prog->expected_attach_type) { 4660df86ca0dSAndrii Nakryiko ret = -EINVAL; 4661df86ca0dSAndrii Nakryiko goto out; 4662df86ca0dSAndrii Nakryiko } 4663df86ca0dSAndrii Nakryiko if (prog->expected_attach_type == BPF_TRACE_RAW_TP) 4664df86ca0dSAndrii Nakryiko ret = bpf_raw_tp_link_attach(prog, NULL); 4665df86ca0dSAndrii Nakryiko else if (prog->expected_attach_type == BPF_TRACE_ITER) 4666df86ca0dSAndrii Nakryiko ret = bpf_iter_link_attach(attr, uattr, prog); 466769fd337aSStanislav Fomichev else if (prog->expected_attach_type == BPF_LSM_CGROUP) 466869fd337aSStanislav Fomichev ret = cgroup_bpf_link_attach(attr, prog); 4669df86ca0dSAndrii Nakryiko else 4670df86ca0dSAndrii Nakryiko ret = bpf_tracing_prog_attach(prog, 4671df86ca0dSAndrii Nakryiko attr->link_create.target_fd, 46722fcc8241SKui-Feng Lee attr->link_create.target_btf_id, 46732fcc8241SKui-Feng Lee attr->link_create.tracing.cookie); 4674de4e05caSYonghong Song break; 46757f045a49SJakub Sitnicki case BPF_PROG_TYPE_FLOW_DISSECTOR: 4676e9ddbb77SJakub Sitnicki case BPF_PROG_TYPE_SK_LOOKUP: 46777f045a49SJakub Sitnicki ret = netns_bpf_link_create(attr, prog); 46787f045a49SJakub Sitnicki break; 4679310ad797SAndrii Nakryiko #ifdef CONFIG_NET 4680aa8d3a71SAndrii Nakryiko case BPF_PROG_TYPE_XDP: 4681aa8d3a71SAndrii Nakryiko ret = bpf_xdp_link_attach(attr, prog); 4682aa8d3a71SAndrii Nakryiko break; 468384601d6eSFlorian Westphal case BPF_PROG_TYPE_NETFILTER: 468484601d6eSFlorian Westphal ret = bpf_nf_link_attach(attr, prog); 468584601d6eSFlorian Westphal break; 4686310ad797SAndrii Nakryiko #endif 4687b89fbfbbSAndrii Nakryiko case BPF_PROG_TYPE_PERF_EVENT: 4688b89fbfbbSAndrii Nakryiko case BPF_PROG_TYPE_TRACEPOINT: 4689b89fbfbbSAndrii Nakryiko ret = bpf_perf_link_attach(attr, prog); 4690b89fbfbbSAndrii Nakryiko break; 46910dcac272SJiri Olsa case BPF_PROG_TYPE_KPROBE: 46920dcac272SJiri Olsa if (attr->link_create.attach_type == BPF_PERF_EVENT) 46930dcac272SJiri Olsa ret = bpf_perf_link_attach(attr, prog); 46940dcac272SJiri Olsa else 46950dcac272SJiri Olsa ret = bpf_kprobe_multi_link_attach(attr, prog); 46960dcac272SJiri Olsa break; 4697af6eea57SAndrii Nakryiko default: 4698af6eea57SAndrii Nakryiko ret = -EINVAL; 4699af6eea57SAndrii Nakryiko } 4700af6eea57SAndrii Nakryiko 47014a1e7c0cSToke Høiland-Jørgensen out: 4702af6eea57SAndrii Nakryiko if (ret < 0) 4703af6eea57SAndrii Nakryiko bpf_prog_put(prog); 4704af6eea57SAndrii Nakryiko return ret; 4705af6eea57SAndrii Nakryiko } 4706af6eea57SAndrii Nakryiko 4707aef56f2eSKui-Feng Lee static int link_update_map(struct bpf_link *link, union bpf_attr *attr) 4708aef56f2eSKui-Feng Lee { 4709aef56f2eSKui-Feng Lee struct bpf_map *new_map, *old_map = NULL; 4710aef56f2eSKui-Feng Lee int ret; 4711aef56f2eSKui-Feng Lee 4712aef56f2eSKui-Feng Lee new_map = bpf_map_get(attr->link_update.new_map_fd); 4713aef56f2eSKui-Feng Lee if (IS_ERR(new_map)) 471455fbae05SMartin KaFai Lau return PTR_ERR(new_map); 4715aef56f2eSKui-Feng Lee 4716aef56f2eSKui-Feng Lee if (attr->link_update.flags & BPF_F_REPLACE) { 4717aef56f2eSKui-Feng Lee old_map = bpf_map_get(attr->link_update.old_map_fd); 4718aef56f2eSKui-Feng Lee if (IS_ERR(old_map)) { 471955fbae05SMartin KaFai Lau ret = PTR_ERR(old_map); 4720aef56f2eSKui-Feng Lee goto out_put; 4721aef56f2eSKui-Feng Lee } 4722aef56f2eSKui-Feng Lee } else if (attr->link_update.old_map_fd) { 4723aef56f2eSKui-Feng Lee ret = -EINVAL; 4724aef56f2eSKui-Feng Lee goto out_put; 4725aef56f2eSKui-Feng Lee } 4726aef56f2eSKui-Feng Lee 4727aef56f2eSKui-Feng Lee ret = link->ops->update_map(link, new_map, old_map); 4728aef56f2eSKui-Feng Lee 4729aef56f2eSKui-Feng Lee if (old_map) 4730aef56f2eSKui-Feng Lee bpf_map_put(old_map); 4731aef56f2eSKui-Feng Lee out_put: 4732aef56f2eSKui-Feng Lee bpf_map_put(new_map); 4733aef56f2eSKui-Feng Lee return ret; 4734aef56f2eSKui-Feng Lee } 4735aef56f2eSKui-Feng Lee 47360c991ebcSAndrii Nakryiko #define BPF_LINK_UPDATE_LAST_FIELD link_update.old_prog_fd 47370c991ebcSAndrii Nakryiko 47380c991ebcSAndrii Nakryiko static int link_update(union bpf_attr *attr) 47390c991ebcSAndrii Nakryiko { 47400c991ebcSAndrii Nakryiko struct bpf_prog *old_prog = NULL, *new_prog; 47410c991ebcSAndrii Nakryiko struct bpf_link *link; 47420c991ebcSAndrii Nakryiko u32 flags; 47430c991ebcSAndrii Nakryiko int ret; 47440c991ebcSAndrii Nakryiko 47450c991ebcSAndrii Nakryiko if (CHECK_ATTR(BPF_LINK_UPDATE)) 47460c991ebcSAndrii Nakryiko return -EINVAL; 47470c991ebcSAndrii Nakryiko 47480c991ebcSAndrii Nakryiko flags = attr->link_update.flags; 47490c991ebcSAndrii Nakryiko if (flags & ~BPF_F_REPLACE) 47500c991ebcSAndrii Nakryiko return -EINVAL; 47510c991ebcSAndrii Nakryiko 47520c991ebcSAndrii Nakryiko link = bpf_link_get_from_fd(attr->link_update.link_fd); 47530c991ebcSAndrii Nakryiko if (IS_ERR(link)) 47540c991ebcSAndrii Nakryiko return PTR_ERR(link); 47550c991ebcSAndrii Nakryiko 4756aef56f2eSKui-Feng Lee if (link->ops->update_map) { 4757aef56f2eSKui-Feng Lee ret = link_update_map(link, attr); 4758aef56f2eSKui-Feng Lee goto out_put_link; 4759aef56f2eSKui-Feng Lee } 4760aef56f2eSKui-Feng Lee 47610c991ebcSAndrii Nakryiko new_prog = bpf_prog_get(attr->link_update.new_prog_fd); 47624adb7a4aSAndrii Nakryiko if (IS_ERR(new_prog)) { 47634adb7a4aSAndrii Nakryiko ret = PTR_ERR(new_prog); 47644adb7a4aSAndrii Nakryiko goto out_put_link; 47654adb7a4aSAndrii Nakryiko } 47660c991ebcSAndrii Nakryiko 47670c991ebcSAndrii Nakryiko if (flags & BPF_F_REPLACE) { 47680c991ebcSAndrii Nakryiko old_prog = bpf_prog_get(attr->link_update.old_prog_fd); 47690c991ebcSAndrii Nakryiko if (IS_ERR(old_prog)) { 47700c991ebcSAndrii Nakryiko ret = PTR_ERR(old_prog); 47710c991ebcSAndrii Nakryiko old_prog = NULL; 47720c991ebcSAndrii Nakryiko goto out_put_progs; 47730c991ebcSAndrii Nakryiko } 47744adb7a4aSAndrii Nakryiko } else if (attr->link_update.old_prog_fd) { 47754adb7a4aSAndrii Nakryiko ret = -EINVAL; 47764adb7a4aSAndrii Nakryiko goto out_put_progs; 47770c991ebcSAndrii Nakryiko } 47780c991ebcSAndrii Nakryiko 4779f9d04127SAndrii Nakryiko if (link->ops->update_prog) 4780f9d04127SAndrii Nakryiko ret = link->ops->update_prog(link, new_prog, old_prog); 4781f9d04127SAndrii Nakryiko else 47820c991ebcSAndrii Nakryiko ret = -EINVAL; 47830c991ebcSAndrii Nakryiko 47840c991ebcSAndrii Nakryiko out_put_progs: 47850c991ebcSAndrii Nakryiko if (old_prog) 47860c991ebcSAndrii Nakryiko bpf_prog_put(old_prog); 47870c991ebcSAndrii Nakryiko if (ret) 47880c991ebcSAndrii Nakryiko bpf_prog_put(new_prog); 47894adb7a4aSAndrii Nakryiko out_put_link: 47904adb7a4aSAndrii Nakryiko bpf_link_put(link); 47910c991ebcSAndrii Nakryiko return ret; 47920c991ebcSAndrii Nakryiko } 47930c991ebcSAndrii Nakryiko 479473b11c2aSAndrii Nakryiko #define BPF_LINK_DETACH_LAST_FIELD link_detach.link_fd 479573b11c2aSAndrii Nakryiko 479673b11c2aSAndrii Nakryiko static int link_detach(union bpf_attr *attr) 479773b11c2aSAndrii Nakryiko { 479873b11c2aSAndrii Nakryiko struct bpf_link *link; 479973b11c2aSAndrii Nakryiko int ret; 480073b11c2aSAndrii Nakryiko 480173b11c2aSAndrii Nakryiko if (CHECK_ATTR(BPF_LINK_DETACH)) 480273b11c2aSAndrii Nakryiko return -EINVAL; 480373b11c2aSAndrii Nakryiko 480473b11c2aSAndrii Nakryiko link = bpf_link_get_from_fd(attr->link_detach.link_fd); 480573b11c2aSAndrii Nakryiko if (IS_ERR(link)) 480673b11c2aSAndrii Nakryiko return PTR_ERR(link); 480773b11c2aSAndrii Nakryiko 480873b11c2aSAndrii Nakryiko if (link->ops->detach) 480973b11c2aSAndrii Nakryiko ret = link->ops->detach(link); 481073b11c2aSAndrii Nakryiko else 481173b11c2aSAndrii Nakryiko ret = -EOPNOTSUPP; 481273b11c2aSAndrii Nakryiko 481373b11c2aSAndrii Nakryiko bpf_link_put(link); 481473b11c2aSAndrii Nakryiko return ret; 481573b11c2aSAndrii Nakryiko } 481673b11c2aSAndrii Nakryiko 4817005142b8SAlexei Starovoitov static struct bpf_link *bpf_link_inc_not_zero(struct bpf_link *link) 48182d602c8cSAndrii Nakryiko { 4819005142b8SAlexei Starovoitov return atomic64_fetch_add_unless(&link->refcnt, 1, 0) ? link : ERR_PTR(-ENOENT); 4820005142b8SAlexei Starovoitov } 4821005142b8SAlexei Starovoitov 4822005142b8SAlexei Starovoitov struct bpf_link *bpf_link_by_id(u32 id) 4823005142b8SAlexei Starovoitov { 4824005142b8SAlexei Starovoitov struct bpf_link *link; 4825005142b8SAlexei Starovoitov 4826005142b8SAlexei Starovoitov if (!id) 4827005142b8SAlexei Starovoitov return ERR_PTR(-ENOENT); 4828005142b8SAlexei Starovoitov 4829005142b8SAlexei Starovoitov spin_lock_bh(&link_idr_lock); 4830005142b8SAlexei Starovoitov /* before link is "settled", ID is 0, pretend it doesn't exist yet */ 4831005142b8SAlexei Starovoitov link = idr_find(&link_idr, id); 4832005142b8SAlexei Starovoitov if (link) { 4833005142b8SAlexei Starovoitov if (link->id) 4834005142b8SAlexei Starovoitov link = bpf_link_inc_not_zero(link); 4835005142b8SAlexei Starovoitov else 4836005142b8SAlexei Starovoitov link = ERR_PTR(-EAGAIN); 4837005142b8SAlexei Starovoitov } else { 4838005142b8SAlexei Starovoitov link = ERR_PTR(-ENOENT); 4839005142b8SAlexei Starovoitov } 4840005142b8SAlexei Starovoitov spin_unlock_bh(&link_idr_lock); 4841005142b8SAlexei Starovoitov return link; 48422d602c8cSAndrii Nakryiko } 48432d602c8cSAndrii Nakryiko 48449f883612SDmitrii Dolgov struct bpf_link *bpf_link_get_curr_or_next(u32 *id) 48459f883612SDmitrii Dolgov { 48469f883612SDmitrii Dolgov struct bpf_link *link; 48479f883612SDmitrii Dolgov 48489f883612SDmitrii Dolgov spin_lock_bh(&link_idr_lock); 48499f883612SDmitrii Dolgov again: 48509f883612SDmitrii Dolgov link = idr_get_next(&link_idr, id); 48519f883612SDmitrii Dolgov if (link) { 48529f883612SDmitrii Dolgov link = bpf_link_inc_not_zero(link); 48539f883612SDmitrii Dolgov if (IS_ERR(link)) { 48549f883612SDmitrii Dolgov (*id)++; 48559f883612SDmitrii Dolgov goto again; 48569f883612SDmitrii Dolgov } 48579f883612SDmitrii Dolgov } 48589f883612SDmitrii Dolgov spin_unlock_bh(&link_idr_lock); 48599f883612SDmitrii Dolgov 48609f883612SDmitrii Dolgov return link; 48619f883612SDmitrii Dolgov } 48629f883612SDmitrii Dolgov 48632d602c8cSAndrii Nakryiko #define BPF_LINK_GET_FD_BY_ID_LAST_FIELD link_id 48642d602c8cSAndrii Nakryiko 48652d602c8cSAndrii Nakryiko static int bpf_link_get_fd_by_id(const union bpf_attr *attr) 48662d602c8cSAndrii Nakryiko { 48672d602c8cSAndrii Nakryiko struct bpf_link *link; 48682d602c8cSAndrii Nakryiko u32 id = attr->link_id; 4869005142b8SAlexei Starovoitov int fd; 48702d602c8cSAndrii Nakryiko 48712d602c8cSAndrii Nakryiko if (CHECK_ATTR(BPF_LINK_GET_FD_BY_ID)) 48722d602c8cSAndrii Nakryiko return -EINVAL; 48732d602c8cSAndrii Nakryiko 48742d602c8cSAndrii Nakryiko if (!capable(CAP_SYS_ADMIN)) 48752d602c8cSAndrii Nakryiko return -EPERM; 48762d602c8cSAndrii Nakryiko 4877005142b8SAlexei Starovoitov link = bpf_link_by_id(id); 4878005142b8SAlexei Starovoitov if (IS_ERR(link)) 4879005142b8SAlexei Starovoitov return PTR_ERR(link); 48802d602c8cSAndrii Nakryiko 48812d602c8cSAndrii Nakryiko fd = bpf_link_new_fd(link); 48822d602c8cSAndrii Nakryiko if (fd < 0) 48832d602c8cSAndrii Nakryiko bpf_link_put(link); 48842d602c8cSAndrii Nakryiko 48852d602c8cSAndrii Nakryiko return fd; 48862d602c8cSAndrii Nakryiko } 48872d602c8cSAndrii Nakryiko 4888d46edd67SSong Liu DEFINE_MUTEX(bpf_stats_enabled_mutex); 4889d46edd67SSong Liu 4890d46edd67SSong Liu static int bpf_stats_release(struct inode *inode, struct file *file) 4891d46edd67SSong Liu { 4892d46edd67SSong Liu mutex_lock(&bpf_stats_enabled_mutex); 4893d46edd67SSong Liu static_key_slow_dec(&bpf_stats_enabled_key.key); 4894d46edd67SSong Liu mutex_unlock(&bpf_stats_enabled_mutex); 4895d46edd67SSong Liu return 0; 4896d46edd67SSong Liu } 4897d46edd67SSong Liu 4898d46edd67SSong Liu static const struct file_operations bpf_stats_fops = { 4899d46edd67SSong Liu .release = bpf_stats_release, 4900d46edd67SSong Liu }; 4901d46edd67SSong Liu 4902d46edd67SSong Liu static int bpf_enable_runtime_stats(void) 4903d46edd67SSong Liu { 4904d46edd67SSong Liu int fd; 4905d46edd67SSong Liu 4906d46edd67SSong Liu mutex_lock(&bpf_stats_enabled_mutex); 4907d46edd67SSong Liu 4908d46edd67SSong Liu /* Set a very high limit to avoid overflow */ 4909d46edd67SSong Liu if (static_key_count(&bpf_stats_enabled_key.key) > INT_MAX / 2) { 4910d46edd67SSong Liu mutex_unlock(&bpf_stats_enabled_mutex); 4911d46edd67SSong Liu return -EBUSY; 4912d46edd67SSong Liu } 4913d46edd67SSong Liu 4914d46edd67SSong Liu fd = anon_inode_getfd("bpf-stats", &bpf_stats_fops, NULL, O_CLOEXEC); 4915d46edd67SSong Liu if (fd >= 0) 4916d46edd67SSong Liu static_key_slow_inc(&bpf_stats_enabled_key.key); 4917d46edd67SSong Liu 4918d46edd67SSong Liu mutex_unlock(&bpf_stats_enabled_mutex); 4919d46edd67SSong Liu return fd; 4920d46edd67SSong Liu } 4921d46edd67SSong Liu 4922d46edd67SSong Liu #define BPF_ENABLE_STATS_LAST_FIELD enable_stats.type 4923d46edd67SSong Liu 4924d46edd67SSong Liu static int bpf_enable_stats(union bpf_attr *attr) 4925d46edd67SSong Liu { 4926d46edd67SSong Liu 4927d46edd67SSong Liu if (CHECK_ATTR(BPF_ENABLE_STATS)) 4928d46edd67SSong Liu return -EINVAL; 4929d46edd67SSong Liu 4930d46edd67SSong Liu if (!capable(CAP_SYS_ADMIN)) 4931d46edd67SSong Liu return -EPERM; 4932d46edd67SSong Liu 4933d46edd67SSong Liu switch (attr->enable_stats.type) { 4934d46edd67SSong Liu case BPF_STATS_RUN_TIME: 4935d46edd67SSong Liu return bpf_enable_runtime_stats(); 4936d46edd67SSong Liu default: 4937d46edd67SSong Liu break; 4938d46edd67SSong Liu } 4939d46edd67SSong Liu return -EINVAL; 4940d46edd67SSong Liu } 4941d46edd67SSong Liu 4942ac51d99bSYonghong Song #define BPF_ITER_CREATE_LAST_FIELD iter_create.flags 4943ac51d99bSYonghong Song 4944ac51d99bSYonghong Song static int bpf_iter_create(union bpf_attr *attr) 4945ac51d99bSYonghong Song { 4946ac51d99bSYonghong Song struct bpf_link *link; 4947ac51d99bSYonghong Song int err; 4948ac51d99bSYonghong Song 4949ac51d99bSYonghong Song if (CHECK_ATTR(BPF_ITER_CREATE)) 4950ac51d99bSYonghong Song return -EINVAL; 4951ac51d99bSYonghong Song 4952ac51d99bSYonghong Song if (attr->iter_create.flags) 4953ac51d99bSYonghong Song return -EINVAL; 4954ac51d99bSYonghong Song 4955ac51d99bSYonghong Song link = bpf_link_get_from_fd(attr->iter_create.link_fd); 4956ac51d99bSYonghong Song if (IS_ERR(link)) 4957ac51d99bSYonghong Song return PTR_ERR(link); 4958ac51d99bSYonghong Song 4959ac51d99bSYonghong Song err = bpf_iter_new_fd(link); 4960ac51d99bSYonghong Song bpf_link_put(link); 4961ac51d99bSYonghong Song 4962ac51d99bSYonghong Song return err; 4963ac51d99bSYonghong Song } 4964ac51d99bSYonghong Song 4965ef15314aSYiFei Zhu #define BPF_PROG_BIND_MAP_LAST_FIELD prog_bind_map.flags 4966ef15314aSYiFei Zhu 4967ef15314aSYiFei Zhu static int bpf_prog_bind_map(union bpf_attr *attr) 4968ef15314aSYiFei Zhu { 4969ef15314aSYiFei Zhu struct bpf_prog *prog; 4970ef15314aSYiFei Zhu struct bpf_map *map; 4971ef15314aSYiFei Zhu struct bpf_map **used_maps_old, **used_maps_new; 4972ef15314aSYiFei Zhu int i, ret = 0; 4973ef15314aSYiFei Zhu 4974ef15314aSYiFei Zhu if (CHECK_ATTR(BPF_PROG_BIND_MAP)) 4975ef15314aSYiFei Zhu return -EINVAL; 4976ef15314aSYiFei Zhu 4977ef15314aSYiFei Zhu if (attr->prog_bind_map.flags) 4978ef15314aSYiFei Zhu return -EINVAL; 4979ef15314aSYiFei Zhu 4980ef15314aSYiFei Zhu prog = bpf_prog_get(attr->prog_bind_map.prog_fd); 4981ef15314aSYiFei Zhu if (IS_ERR(prog)) 4982ef15314aSYiFei Zhu return PTR_ERR(prog); 4983ef15314aSYiFei Zhu 4984ef15314aSYiFei Zhu map = bpf_map_get(attr->prog_bind_map.map_fd); 4985ef15314aSYiFei Zhu if (IS_ERR(map)) { 4986ef15314aSYiFei Zhu ret = PTR_ERR(map); 4987ef15314aSYiFei Zhu goto out_prog_put; 4988ef15314aSYiFei Zhu } 4989ef15314aSYiFei Zhu 4990ef15314aSYiFei Zhu mutex_lock(&prog->aux->used_maps_mutex); 4991ef15314aSYiFei Zhu 4992ef15314aSYiFei Zhu used_maps_old = prog->aux->used_maps; 4993ef15314aSYiFei Zhu 4994ef15314aSYiFei Zhu for (i = 0; i < prog->aux->used_map_cnt; i++) 49951028ae40SStanislav Fomichev if (used_maps_old[i] == map) { 49961028ae40SStanislav Fomichev bpf_map_put(map); 4997ef15314aSYiFei Zhu goto out_unlock; 49981028ae40SStanislav Fomichev } 4999ef15314aSYiFei Zhu 5000ef15314aSYiFei Zhu used_maps_new = kmalloc_array(prog->aux->used_map_cnt + 1, 5001ef15314aSYiFei Zhu sizeof(used_maps_new[0]), 5002ef15314aSYiFei Zhu GFP_KERNEL); 5003ef15314aSYiFei Zhu if (!used_maps_new) { 5004ef15314aSYiFei Zhu ret = -ENOMEM; 5005ef15314aSYiFei Zhu goto out_unlock; 5006ef15314aSYiFei Zhu } 5007ef15314aSYiFei Zhu 5008ef15314aSYiFei Zhu memcpy(used_maps_new, used_maps_old, 5009ef15314aSYiFei Zhu sizeof(used_maps_old[0]) * prog->aux->used_map_cnt); 5010ef15314aSYiFei Zhu used_maps_new[prog->aux->used_map_cnt] = map; 5011ef15314aSYiFei Zhu 5012ef15314aSYiFei Zhu prog->aux->used_map_cnt++; 5013ef15314aSYiFei Zhu prog->aux->used_maps = used_maps_new; 5014ef15314aSYiFei Zhu 5015ef15314aSYiFei Zhu kfree(used_maps_old); 5016ef15314aSYiFei Zhu 5017ef15314aSYiFei Zhu out_unlock: 5018ef15314aSYiFei Zhu mutex_unlock(&prog->aux->used_maps_mutex); 5019ef15314aSYiFei Zhu 5020ef15314aSYiFei Zhu if (ret) 5021ef15314aSYiFei Zhu bpf_map_put(map); 5022ef15314aSYiFei Zhu out_prog_put: 5023ef15314aSYiFei Zhu bpf_prog_put(prog); 5024ef15314aSYiFei Zhu return ret; 5025ef15314aSYiFei Zhu } 5026ef15314aSYiFei Zhu 5027af2ac3e1SAlexei Starovoitov static int __sys_bpf(int cmd, bpfptr_t uattr, unsigned int size) 502899c55f7dSAlexei Starovoitov { 50298096f229SGreg Kroah-Hartman union bpf_attr attr; 5030c8644cd0SAlan Maguire bool capable; 503199c55f7dSAlexei Starovoitov int err; 503299c55f7dSAlexei Starovoitov 5033c8644cd0SAlan Maguire capable = bpf_capable() || !sysctl_unprivileged_bpf_disabled; 5034c8644cd0SAlan Maguire 5035c8644cd0SAlan Maguire /* Intent here is for unprivileged_bpf_disabled to block key object 5036c8644cd0SAlan Maguire * creation commands for unprivileged users; other actions depend 5037c8644cd0SAlan Maguire * of fd availability and access to bpffs, so are dependent on 5038c8644cd0SAlan Maguire * object creation success. Capabilities are later verified for 5039c8644cd0SAlan Maguire * operations such as load and map create, so even with unprivileged 5040c8644cd0SAlan Maguire * BPF disabled, capability checks are still carried out for these 5041c8644cd0SAlan Maguire * and other operations. 5042c8644cd0SAlan Maguire */ 5043c8644cd0SAlan Maguire if (!capable && 5044c8644cd0SAlan Maguire (cmd == BPF_MAP_CREATE || cmd == BPF_PROG_LOAD)) 504599c55f7dSAlexei Starovoitov return -EPERM; 504699c55f7dSAlexei Starovoitov 5047dcab51f1SMartin KaFai Lau err = bpf_check_uarg_tail_zero(uattr, sizeof(attr), size); 504899c55f7dSAlexei Starovoitov if (err) 504999c55f7dSAlexei Starovoitov return err; 50501e270976SMartin KaFai Lau size = min_t(u32, size, sizeof(attr)); 505199c55f7dSAlexei Starovoitov 505299c55f7dSAlexei Starovoitov /* copy attributes from user space, may be less than sizeof(bpf_attr) */ 50538096f229SGreg Kroah-Hartman memset(&attr, 0, sizeof(attr)); 5054af2ac3e1SAlexei Starovoitov if (copy_from_bpfptr(&attr, uattr, size) != 0) 505599c55f7dSAlexei Starovoitov return -EFAULT; 505699c55f7dSAlexei Starovoitov 5057afdb09c7SChenbo Feng err = security_bpf(cmd, &attr, size); 5058afdb09c7SChenbo Feng if (err < 0) 5059afdb09c7SChenbo Feng return err; 5060afdb09c7SChenbo Feng 506199c55f7dSAlexei Starovoitov switch (cmd) { 506299c55f7dSAlexei Starovoitov case BPF_MAP_CREATE: 506399c55f7dSAlexei Starovoitov err = map_create(&attr); 506499c55f7dSAlexei Starovoitov break; 5065db20fd2bSAlexei Starovoitov case BPF_MAP_LOOKUP_ELEM: 5066db20fd2bSAlexei Starovoitov err = map_lookup_elem(&attr); 5067db20fd2bSAlexei Starovoitov break; 5068db20fd2bSAlexei Starovoitov case BPF_MAP_UPDATE_ELEM: 5069af2ac3e1SAlexei Starovoitov err = map_update_elem(&attr, uattr); 5070db20fd2bSAlexei Starovoitov break; 5071db20fd2bSAlexei Starovoitov case BPF_MAP_DELETE_ELEM: 5072b88df697SBenjamin Tissoires err = map_delete_elem(&attr, uattr); 5073db20fd2bSAlexei Starovoitov break; 5074db20fd2bSAlexei Starovoitov case BPF_MAP_GET_NEXT_KEY: 5075db20fd2bSAlexei Starovoitov err = map_get_next_key(&attr); 5076db20fd2bSAlexei Starovoitov break; 507787df15deSDaniel Borkmann case BPF_MAP_FREEZE: 507887df15deSDaniel Borkmann err = map_freeze(&attr); 507987df15deSDaniel Borkmann break; 508009756af4SAlexei Starovoitov case BPF_PROG_LOAD: 508147a71c1fSAndrii Nakryiko err = bpf_prog_load(&attr, uattr, size); 508209756af4SAlexei Starovoitov break; 5083b2197755SDaniel Borkmann case BPF_OBJ_PIN: 5084b2197755SDaniel Borkmann err = bpf_obj_pin(&attr); 5085b2197755SDaniel Borkmann break; 5086b2197755SDaniel Borkmann case BPF_OBJ_GET: 5087b2197755SDaniel Borkmann err = bpf_obj_get(&attr); 5088b2197755SDaniel Borkmann break; 5089f4324551SDaniel Mack case BPF_PROG_ATTACH: 5090f4324551SDaniel Mack err = bpf_prog_attach(&attr); 5091f4324551SDaniel Mack break; 5092f4324551SDaniel Mack case BPF_PROG_DETACH: 5093f4324551SDaniel Mack err = bpf_prog_detach(&attr); 5094f4324551SDaniel Mack break; 5095468e2f64SAlexei Starovoitov case BPF_PROG_QUERY: 5096af2ac3e1SAlexei Starovoitov err = bpf_prog_query(&attr, uattr.user); 5097468e2f64SAlexei Starovoitov break; 50981cf1cae9SAlexei Starovoitov case BPF_PROG_TEST_RUN: 5099af2ac3e1SAlexei Starovoitov err = bpf_prog_test_run(&attr, uattr.user); 51001cf1cae9SAlexei Starovoitov break; 510134ad5580SMartin KaFai Lau case BPF_PROG_GET_NEXT_ID: 5102af2ac3e1SAlexei Starovoitov err = bpf_obj_get_next_id(&attr, uattr.user, 510334ad5580SMartin KaFai Lau &prog_idr, &prog_idr_lock); 510434ad5580SMartin KaFai Lau break; 510534ad5580SMartin KaFai Lau case BPF_MAP_GET_NEXT_ID: 5106af2ac3e1SAlexei Starovoitov err = bpf_obj_get_next_id(&attr, uattr.user, 510734ad5580SMartin KaFai Lau &map_idr, &map_idr_lock); 510834ad5580SMartin KaFai Lau break; 51091b9ed84eSQuentin Monnet case BPF_BTF_GET_NEXT_ID: 5110af2ac3e1SAlexei Starovoitov err = bpf_obj_get_next_id(&attr, uattr.user, 51111b9ed84eSQuentin Monnet &btf_idr, &btf_idr_lock); 51121b9ed84eSQuentin Monnet break; 5113b16d9aa4SMartin KaFai Lau case BPF_PROG_GET_FD_BY_ID: 5114b16d9aa4SMartin KaFai Lau err = bpf_prog_get_fd_by_id(&attr); 5115b16d9aa4SMartin KaFai Lau break; 5116bd5f5f4eSMartin KaFai Lau case BPF_MAP_GET_FD_BY_ID: 5117bd5f5f4eSMartin KaFai Lau err = bpf_map_get_fd_by_id(&attr); 5118bd5f5f4eSMartin KaFai Lau break; 51191e270976SMartin KaFai Lau case BPF_OBJ_GET_INFO_BY_FD: 5120af2ac3e1SAlexei Starovoitov err = bpf_obj_get_info_by_fd(&attr, uattr.user); 51211e270976SMartin KaFai Lau break; 5122c4f6699dSAlexei Starovoitov case BPF_RAW_TRACEPOINT_OPEN: 5123c4f6699dSAlexei Starovoitov err = bpf_raw_tracepoint_open(&attr); 5124c4f6699dSAlexei Starovoitov break; 5125f56a653cSMartin KaFai Lau case BPF_BTF_LOAD: 512647a71c1fSAndrii Nakryiko err = bpf_btf_load(&attr, uattr, size); 5127f56a653cSMartin KaFai Lau break; 512878958fcaSMartin KaFai Lau case BPF_BTF_GET_FD_BY_ID: 512978958fcaSMartin KaFai Lau err = bpf_btf_get_fd_by_id(&attr); 513078958fcaSMartin KaFai Lau break; 513141bdc4b4SYonghong Song case BPF_TASK_FD_QUERY: 5132af2ac3e1SAlexei Starovoitov err = bpf_task_fd_query(&attr, uattr.user); 513341bdc4b4SYonghong Song break; 5134bd513cd0SMauricio Vasquez B case BPF_MAP_LOOKUP_AND_DELETE_ELEM: 5135bd513cd0SMauricio Vasquez B err = map_lookup_and_delete_elem(&attr); 5136bd513cd0SMauricio Vasquez B break; 5137cb4d03abSBrian Vazquez case BPF_MAP_LOOKUP_BATCH: 5138af2ac3e1SAlexei Starovoitov err = bpf_map_do_batch(&attr, uattr.user, BPF_MAP_LOOKUP_BATCH); 5139cb4d03abSBrian Vazquez break; 514005799638SYonghong Song case BPF_MAP_LOOKUP_AND_DELETE_BATCH: 5141af2ac3e1SAlexei Starovoitov err = bpf_map_do_batch(&attr, uattr.user, 514205799638SYonghong Song BPF_MAP_LOOKUP_AND_DELETE_BATCH); 514305799638SYonghong Song break; 5144aa2e93b8SBrian Vazquez case BPF_MAP_UPDATE_BATCH: 5145af2ac3e1SAlexei Starovoitov err = bpf_map_do_batch(&attr, uattr.user, BPF_MAP_UPDATE_BATCH); 5146aa2e93b8SBrian Vazquez break; 5147aa2e93b8SBrian Vazquez case BPF_MAP_DELETE_BATCH: 5148af2ac3e1SAlexei Starovoitov err = bpf_map_do_batch(&attr, uattr.user, BPF_MAP_DELETE_BATCH); 5149aa2e93b8SBrian Vazquez break; 5150af6eea57SAndrii Nakryiko case BPF_LINK_CREATE: 5151af2ac3e1SAlexei Starovoitov err = link_create(&attr, uattr); 5152af6eea57SAndrii Nakryiko break; 51530c991ebcSAndrii Nakryiko case BPF_LINK_UPDATE: 51540c991ebcSAndrii Nakryiko err = link_update(&attr); 51550c991ebcSAndrii Nakryiko break; 51562d602c8cSAndrii Nakryiko case BPF_LINK_GET_FD_BY_ID: 51572d602c8cSAndrii Nakryiko err = bpf_link_get_fd_by_id(&attr); 51582d602c8cSAndrii Nakryiko break; 51592d602c8cSAndrii Nakryiko case BPF_LINK_GET_NEXT_ID: 5160af2ac3e1SAlexei Starovoitov err = bpf_obj_get_next_id(&attr, uattr.user, 51612d602c8cSAndrii Nakryiko &link_idr, &link_idr_lock); 51622d602c8cSAndrii Nakryiko break; 5163d46edd67SSong Liu case BPF_ENABLE_STATS: 5164d46edd67SSong Liu err = bpf_enable_stats(&attr); 5165d46edd67SSong Liu break; 5166ac51d99bSYonghong Song case BPF_ITER_CREATE: 5167ac51d99bSYonghong Song err = bpf_iter_create(&attr); 5168ac51d99bSYonghong Song break; 516973b11c2aSAndrii Nakryiko case BPF_LINK_DETACH: 517073b11c2aSAndrii Nakryiko err = link_detach(&attr); 517173b11c2aSAndrii Nakryiko break; 5172ef15314aSYiFei Zhu case BPF_PROG_BIND_MAP: 5173ef15314aSYiFei Zhu err = bpf_prog_bind_map(&attr); 5174ef15314aSYiFei Zhu break; 517599c55f7dSAlexei Starovoitov default: 517699c55f7dSAlexei Starovoitov err = -EINVAL; 517799c55f7dSAlexei Starovoitov break; 517899c55f7dSAlexei Starovoitov } 517999c55f7dSAlexei Starovoitov 518099c55f7dSAlexei Starovoitov return err; 518199c55f7dSAlexei Starovoitov } 518279a7f8bdSAlexei Starovoitov 5183af2ac3e1SAlexei Starovoitov SYSCALL_DEFINE3(bpf, int, cmd, union bpf_attr __user *, uattr, unsigned int, size) 5184af2ac3e1SAlexei Starovoitov { 5185af2ac3e1SAlexei Starovoitov return __sys_bpf(cmd, USER_BPFPTR(uattr), size); 5186af2ac3e1SAlexei Starovoitov } 5187af2ac3e1SAlexei Starovoitov 518879a7f8bdSAlexei Starovoitov static bool syscall_prog_is_valid_access(int off, int size, 518979a7f8bdSAlexei Starovoitov enum bpf_access_type type, 519079a7f8bdSAlexei Starovoitov const struct bpf_prog *prog, 519179a7f8bdSAlexei Starovoitov struct bpf_insn_access_aux *info) 519279a7f8bdSAlexei Starovoitov { 519379a7f8bdSAlexei Starovoitov if (off < 0 || off >= U16_MAX) 519479a7f8bdSAlexei Starovoitov return false; 519579a7f8bdSAlexei Starovoitov if (off % size != 0) 519679a7f8bdSAlexei Starovoitov return false; 519779a7f8bdSAlexei Starovoitov return true; 519879a7f8bdSAlexei Starovoitov } 519979a7f8bdSAlexei Starovoitov 5200b1d18a75SAlexei Starovoitov BPF_CALL_3(bpf_sys_bpf, int, cmd, union bpf_attr *, attr, u32, attr_size) 520179a7f8bdSAlexei Starovoitov { 5202af2ac3e1SAlexei Starovoitov switch (cmd) { 5203af2ac3e1SAlexei Starovoitov case BPF_MAP_CREATE: 5204b88df697SBenjamin Tissoires case BPF_MAP_DELETE_ELEM: 5205af2ac3e1SAlexei Starovoitov case BPF_MAP_UPDATE_ELEM: 5206af2ac3e1SAlexei Starovoitov case BPF_MAP_FREEZE: 5207b88df697SBenjamin Tissoires case BPF_MAP_GET_FD_BY_ID: 5208af2ac3e1SAlexei Starovoitov case BPF_PROG_LOAD: 5209c571bd75SAlexei Starovoitov case BPF_BTF_LOAD: 5210b1d18a75SAlexei Starovoitov case BPF_LINK_CREATE: 5211b1d18a75SAlexei Starovoitov case BPF_RAW_TRACEPOINT_OPEN: 5212af2ac3e1SAlexei Starovoitov break; 521386f44fceSAlexei Starovoitov default: 521486f44fceSAlexei Starovoitov return -EINVAL; 521586f44fceSAlexei Starovoitov } 521686f44fceSAlexei Starovoitov return __sys_bpf(cmd, KERNEL_BPFPTR(attr), attr_size); 521786f44fceSAlexei Starovoitov } 521886f44fceSAlexei Starovoitov 52194e4588f1SAlexei Starovoitov 52204e4588f1SAlexei Starovoitov /* To shut up -Wmissing-prototypes. 52214e4588f1SAlexei Starovoitov * This function is used by the kernel light skeleton 52224e4588f1SAlexei Starovoitov * to load bpf programs when modules are loaded or during kernel boot. 52234e4588f1SAlexei Starovoitov * See tools/lib/bpf/skel_internal.h 52244e4588f1SAlexei Starovoitov */ 52254e4588f1SAlexei Starovoitov int kern_sys_bpf(int cmd, union bpf_attr *attr, unsigned int size); 52264e4588f1SAlexei Starovoitov 522786f44fceSAlexei Starovoitov int kern_sys_bpf(int cmd, union bpf_attr *attr, unsigned int size) 522886f44fceSAlexei Starovoitov { 522986f44fceSAlexei Starovoitov struct bpf_prog * __maybe_unused prog; 523086f44fceSAlexei Starovoitov struct bpf_tramp_run_ctx __maybe_unused run_ctx; 523186f44fceSAlexei Starovoitov 523286f44fceSAlexei Starovoitov switch (cmd) { 5233b1d18a75SAlexei Starovoitov #ifdef CONFIG_BPF_JIT /* __bpf_prog_enter_sleepable used by trampoline and JIT */ 5234b1d18a75SAlexei Starovoitov case BPF_PROG_TEST_RUN: 5235b1d18a75SAlexei Starovoitov if (attr->test.data_in || attr->test.data_out || 5236b1d18a75SAlexei Starovoitov attr->test.ctx_out || attr->test.duration || 5237b1d18a75SAlexei Starovoitov attr->test.repeat || attr->test.flags) 5238b1d18a75SAlexei Starovoitov return -EINVAL; 5239b1d18a75SAlexei Starovoitov 5240b1d18a75SAlexei Starovoitov prog = bpf_prog_get_type(attr->test.prog_fd, BPF_PROG_TYPE_SYSCALL); 5241b1d18a75SAlexei Starovoitov if (IS_ERR(prog)) 5242b1d18a75SAlexei Starovoitov return PTR_ERR(prog); 5243b1d18a75SAlexei Starovoitov 5244b1d18a75SAlexei Starovoitov if (attr->test.ctx_size_in < prog->aux->max_ctx_offset || 5245b1d18a75SAlexei Starovoitov attr->test.ctx_size_in > U16_MAX) { 5246b1d18a75SAlexei Starovoitov bpf_prog_put(prog); 5247b1d18a75SAlexei Starovoitov return -EINVAL; 5248b1d18a75SAlexei Starovoitov } 5249b1d18a75SAlexei Starovoitov 5250e384c7b7SKui-Feng Lee run_ctx.bpf_cookie = 0; 5251e384c7b7SKui-Feng Lee run_ctx.saved_run_ctx = NULL; 5252271de525SMartin KaFai Lau if (!__bpf_prog_enter_sleepable_recur(prog, &run_ctx)) { 5253b1d18a75SAlexei Starovoitov /* recursion detected */ 5254b1d18a75SAlexei Starovoitov bpf_prog_put(prog); 5255b1d18a75SAlexei Starovoitov return -EBUSY; 5256b1d18a75SAlexei Starovoitov } 5257b1d18a75SAlexei Starovoitov attr->test.retval = bpf_prog_run(prog, (void *) (long) attr->test.ctx_in); 5258271de525SMartin KaFai Lau __bpf_prog_exit_sleepable_recur(prog, 0 /* bpf_prog_run does runtime stats */, 5259271de525SMartin KaFai Lau &run_ctx); 5260b1d18a75SAlexei Starovoitov bpf_prog_put(prog); 5261b1d18a75SAlexei Starovoitov return 0; 5262b1d18a75SAlexei Starovoitov #endif 5263af2ac3e1SAlexei Starovoitov default: 526486f44fceSAlexei Starovoitov return ____bpf_sys_bpf(cmd, attr, size); 526579a7f8bdSAlexei Starovoitov } 5266af2ac3e1SAlexei Starovoitov } 526786f44fceSAlexei Starovoitov EXPORT_SYMBOL(kern_sys_bpf); 526879a7f8bdSAlexei Starovoitov 52693a2daa72SPu Lehui static const struct bpf_func_proto bpf_sys_bpf_proto = { 527079a7f8bdSAlexei Starovoitov .func = bpf_sys_bpf, 527179a7f8bdSAlexei Starovoitov .gpl_only = false, 527279a7f8bdSAlexei Starovoitov .ret_type = RET_INTEGER, 527379a7f8bdSAlexei Starovoitov .arg1_type = ARG_ANYTHING, 5274216e3cd2SHao Luo .arg2_type = ARG_PTR_TO_MEM | MEM_RDONLY, 527579a7f8bdSAlexei Starovoitov .arg3_type = ARG_CONST_SIZE, 527679a7f8bdSAlexei Starovoitov }; 527779a7f8bdSAlexei Starovoitov 527879a7f8bdSAlexei Starovoitov const struct bpf_func_proto * __weak 527979a7f8bdSAlexei Starovoitov tracing_prog_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) 528079a7f8bdSAlexei Starovoitov { 528179a7f8bdSAlexei Starovoitov return bpf_base_func_proto(func_id); 528279a7f8bdSAlexei Starovoitov } 528379a7f8bdSAlexei Starovoitov 52843abea089SAlexei Starovoitov BPF_CALL_1(bpf_sys_close, u32, fd) 52853abea089SAlexei Starovoitov { 52863abea089SAlexei Starovoitov /* When bpf program calls this helper there should not be 52873abea089SAlexei Starovoitov * an fdget() without matching completed fdput(). 52883abea089SAlexei Starovoitov * This helper is allowed in the following callchain only: 52893abea089SAlexei Starovoitov * sys_bpf->prog_test_run->bpf_prog->bpf_sys_close 52903abea089SAlexei Starovoitov */ 52913abea089SAlexei Starovoitov return close_fd(fd); 52923abea089SAlexei Starovoitov } 52933abea089SAlexei Starovoitov 52943a2daa72SPu Lehui static const struct bpf_func_proto bpf_sys_close_proto = { 52953abea089SAlexei Starovoitov .func = bpf_sys_close, 52963abea089SAlexei Starovoitov .gpl_only = false, 52973abea089SAlexei Starovoitov .ret_type = RET_INTEGER, 52983abea089SAlexei Starovoitov .arg1_type = ARG_ANYTHING, 52993abea089SAlexei Starovoitov }; 53003abea089SAlexei Starovoitov 5301d6aef08aSKumar Kartikeya Dwivedi BPF_CALL_4(bpf_kallsyms_lookup_name, const char *, name, int, name_sz, int, flags, u64 *, res) 5302d6aef08aSKumar Kartikeya Dwivedi { 5303d6aef08aSKumar Kartikeya Dwivedi if (flags) 5304d6aef08aSKumar Kartikeya Dwivedi return -EINVAL; 5305d6aef08aSKumar Kartikeya Dwivedi 5306d6aef08aSKumar Kartikeya Dwivedi if (name_sz <= 1 || name[name_sz - 1]) 5307d6aef08aSKumar Kartikeya Dwivedi return -EINVAL; 5308d6aef08aSKumar Kartikeya Dwivedi 5309d6aef08aSKumar Kartikeya Dwivedi if (!bpf_dump_raw_ok(current_cred())) 5310d6aef08aSKumar Kartikeya Dwivedi return -EPERM; 5311d6aef08aSKumar Kartikeya Dwivedi 5312d6aef08aSKumar Kartikeya Dwivedi *res = kallsyms_lookup_name(name); 5313d6aef08aSKumar Kartikeya Dwivedi return *res ? 0 : -ENOENT; 5314d6aef08aSKumar Kartikeya Dwivedi } 5315d6aef08aSKumar Kartikeya Dwivedi 5316dc368e1cSJoanne Koong static const struct bpf_func_proto bpf_kallsyms_lookup_name_proto = { 5317d6aef08aSKumar Kartikeya Dwivedi .func = bpf_kallsyms_lookup_name, 5318d6aef08aSKumar Kartikeya Dwivedi .gpl_only = false, 5319d6aef08aSKumar Kartikeya Dwivedi .ret_type = RET_INTEGER, 5320d6aef08aSKumar Kartikeya Dwivedi .arg1_type = ARG_PTR_TO_MEM, 5321d4efb170SKumar Kartikeya Dwivedi .arg2_type = ARG_CONST_SIZE_OR_ZERO, 5322d6aef08aSKumar Kartikeya Dwivedi .arg3_type = ARG_ANYTHING, 5323d6aef08aSKumar Kartikeya Dwivedi .arg4_type = ARG_PTR_TO_LONG, 5324d6aef08aSKumar Kartikeya Dwivedi }; 5325d6aef08aSKumar Kartikeya Dwivedi 532679a7f8bdSAlexei Starovoitov static const struct bpf_func_proto * 532779a7f8bdSAlexei Starovoitov syscall_prog_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) 532879a7f8bdSAlexei Starovoitov { 532979a7f8bdSAlexei Starovoitov switch (func_id) { 533079a7f8bdSAlexei Starovoitov case BPF_FUNC_sys_bpf: 533114b20b78SYiFei Zhu return !perfmon_capable() ? NULL : &bpf_sys_bpf_proto; 53323d78417bSAlexei Starovoitov case BPF_FUNC_btf_find_by_name_kind: 53333d78417bSAlexei Starovoitov return &bpf_btf_find_by_name_kind_proto; 53343abea089SAlexei Starovoitov case BPF_FUNC_sys_close: 53353abea089SAlexei Starovoitov return &bpf_sys_close_proto; 5336d6aef08aSKumar Kartikeya Dwivedi case BPF_FUNC_kallsyms_lookup_name: 5337d6aef08aSKumar Kartikeya Dwivedi return &bpf_kallsyms_lookup_name_proto; 533879a7f8bdSAlexei Starovoitov default: 533979a7f8bdSAlexei Starovoitov return tracing_prog_func_proto(func_id, prog); 534079a7f8bdSAlexei Starovoitov } 534179a7f8bdSAlexei Starovoitov } 534279a7f8bdSAlexei Starovoitov 534379a7f8bdSAlexei Starovoitov const struct bpf_verifier_ops bpf_syscall_verifier_ops = { 534479a7f8bdSAlexei Starovoitov .get_func_proto = syscall_prog_func_proto, 534579a7f8bdSAlexei Starovoitov .is_valid_access = syscall_prog_is_valid_access, 534679a7f8bdSAlexei Starovoitov }; 534779a7f8bdSAlexei Starovoitov 534879a7f8bdSAlexei Starovoitov const struct bpf_prog_ops bpf_syscall_prog_ops = { 534979a7f8bdSAlexei Starovoitov .test_run = bpf_prog_test_run_syscall, 535079a7f8bdSAlexei Starovoitov }; 53512900005eSYan Zhu 53522900005eSYan Zhu #ifdef CONFIG_SYSCTL 53532900005eSYan Zhu static int bpf_stats_handler(struct ctl_table *table, int write, 53542900005eSYan Zhu void *buffer, size_t *lenp, loff_t *ppos) 53552900005eSYan Zhu { 53562900005eSYan Zhu struct static_key *key = (struct static_key *)table->data; 53572900005eSYan Zhu static int saved_val; 53582900005eSYan Zhu int val, ret; 53592900005eSYan Zhu struct ctl_table tmp = { 53602900005eSYan Zhu .data = &val, 53612900005eSYan Zhu .maxlen = sizeof(val), 53622900005eSYan Zhu .mode = table->mode, 53632900005eSYan Zhu .extra1 = SYSCTL_ZERO, 53642900005eSYan Zhu .extra2 = SYSCTL_ONE, 53652900005eSYan Zhu }; 53662900005eSYan Zhu 53672900005eSYan Zhu if (write && !capable(CAP_SYS_ADMIN)) 53682900005eSYan Zhu return -EPERM; 53692900005eSYan Zhu 53702900005eSYan Zhu mutex_lock(&bpf_stats_enabled_mutex); 53712900005eSYan Zhu val = saved_val; 53722900005eSYan Zhu ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos); 53732900005eSYan Zhu if (write && !ret && val != saved_val) { 53742900005eSYan Zhu if (val) 53752900005eSYan Zhu static_key_slow_inc(key); 53762900005eSYan Zhu else 53772900005eSYan Zhu static_key_slow_dec(key); 53782900005eSYan Zhu saved_val = val; 53792900005eSYan Zhu } 53802900005eSYan Zhu mutex_unlock(&bpf_stats_enabled_mutex); 53812900005eSYan Zhu return ret; 53822900005eSYan Zhu } 53832900005eSYan Zhu 53842900005eSYan Zhu void __weak unpriv_ebpf_notify(int new_state) 53852900005eSYan Zhu { 53862900005eSYan Zhu } 53872900005eSYan Zhu 53882900005eSYan Zhu static int bpf_unpriv_handler(struct ctl_table *table, int write, 53892900005eSYan Zhu void *buffer, size_t *lenp, loff_t *ppos) 53902900005eSYan Zhu { 53912900005eSYan Zhu int ret, unpriv_enable = *(int *)table->data; 53922900005eSYan Zhu bool locked_state = unpriv_enable == 1; 53932900005eSYan Zhu struct ctl_table tmp = *table; 53942900005eSYan Zhu 53952900005eSYan Zhu if (write && !capable(CAP_SYS_ADMIN)) 53962900005eSYan Zhu return -EPERM; 53972900005eSYan Zhu 53982900005eSYan Zhu tmp.data = &unpriv_enable; 53992900005eSYan Zhu ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos); 54002900005eSYan Zhu if (write && !ret) { 54012900005eSYan Zhu if (locked_state && unpriv_enable != 1) 54022900005eSYan Zhu return -EPERM; 54032900005eSYan Zhu *(int *)table->data = unpriv_enable; 54042900005eSYan Zhu } 54052900005eSYan Zhu 5406fedf9920SKui-Feng Lee if (write) 54072900005eSYan Zhu unpriv_ebpf_notify(unpriv_enable); 54082900005eSYan Zhu 54092900005eSYan Zhu return ret; 54102900005eSYan Zhu } 54112900005eSYan Zhu 54122900005eSYan Zhu static struct ctl_table bpf_syscall_table[] = { 54132900005eSYan Zhu { 54142900005eSYan Zhu .procname = "unprivileged_bpf_disabled", 54152900005eSYan Zhu .data = &sysctl_unprivileged_bpf_disabled, 54162900005eSYan Zhu .maxlen = sizeof(sysctl_unprivileged_bpf_disabled), 54172900005eSYan Zhu .mode = 0644, 54182900005eSYan Zhu .proc_handler = bpf_unpriv_handler, 54192900005eSYan Zhu .extra1 = SYSCTL_ZERO, 54202900005eSYan Zhu .extra2 = SYSCTL_TWO, 54212900005eSYan Zhu }, 54222900005eSYan Zhu { 54232900005eSYan Zhu .procname = "bpf_stats_enabled", 54242900005eSYan Zhu .data = &bpf_stats_enabled_key.key, 54252900005eSYan Zhu .mode = 0644, 54262900005eSYan Zhu .proc_handler = bpf_stats_handler, 54272900005eSYan Zhu }, 54282900005eSYan Zhu { } 54292900005eSYan Zhu }; 54302900005eSYan Zhu 54312900005eSYan Zhu static int __init bpf_syscall_sysctl_init(void) 54322900005eSYan Zhu { 54332900005eSYan Zhu register_sysctl_init("kernel", bpf_syscall_table); 54342900005eSYan Zhu return 0; 54352900005eSYan Zhu } 54362900005eSYan Zhu late_initcall(bpf_syscall_sysctl_init); 54372900005eSYan Zhu #endif /* CONFIG_SYSCTL */ 5438