1 // SPDX-License-Identifier: (LGPL-2.1 OR BSD-2-Clause) 2 /* Copyright (c) 2024, Oracle and/or its affiliates. */ 3 4 #ifndef _GNU_SOURCE 5 #define _GNU_SOURCE 6 #endif 7 8 #ifdef __KERNEL__ 9 #include <linux/bpf.h> 10 #include <linux/bsearch.h> 11 #include <linux/btf.h> 12 #include <linux/sort.h> 13 #include <linux/string.h> 14 #include <linux/bpf_verifier.h> 15 16 #define btf_type_by_id (struct btf_type *)btf_type_by_id 17 #define btf__type_cnt btf_nr_types 18 #define btf__base_btf btf_base_btf 19 #define btf__name_by_offset btf_name_by_offset 20 #define btf__str_by_offset btf_str_by_offset 21 #define btf_kflag btf_type_kflag 22 23 #define calloc(nmemb, sz) kvcalloc(nmemb, sz, GFP_KERNEL | __GFP_NOWARN) 24 #define free(ptr) kvfree(ptr) 25 #define qsort(base, num, sz, cmp) sort(base, num, sz, cmp, NULL) 26 27 #else 28 29 #include "btf.h" 30 #include "bpf.h" 31 #include "libbpf.h" 32 #include "libbpf_internal.h" 33 34 #endif /* __KERNEL__ */ 35 36 struct btf; 37 38 struct btf_relocate { 39 struct btf *btf; 40 const struct btf *base_btf; 41 const struct btf *dist_base_btf; 42 unsigned int nr_base_types; 43 unsigned int nr_split_types; 44 unsigned int nr_dist_base_types; 45 int dist_str_len; 46 int base_str_len; 47 __u32 *id_map; 48 __u32 *str_map; 49 }; 50 51 /* Set temporarily in relocation id_map if distilled base struct/union is 52 * embedded in a split BTF struct/union; in such a case, size information must 53 * match between distilled base BTF and base BTF representation of type. 54 */ 55 #define BTF_IS_EMBEDDED ((__u32)-1) 56 57 /* <name, size, id> triple used in sorting/searching distilled base BTF. */ 58 struct btf_name_info { 59 const char *name; 60 /* set when search requires a size match */ 61 bool needs_size: 1; 62 unsigned int size: 31; 63 __u32 id; 64 }; 65 66 static int btf_relocate_rewrite_type_id(struct btf_relocate *r, __u32 i) 67 { 68 struct btf_type *t = btf_type_by_id(r->btf, i); 69 struct btf_field_iter it; 70 __u32 *id; 71 int err; 72 73 err = btf_field_iter_init(&it, t, BTF_FIELD_ITER_IDS); 74 if (err) 75 return err; 76 77 while ((id = btf_field_iter_next(&it))) 78 *id = r->id_map[*id]; 79 return 0; 80 } 81 82 /* Simple string comparison used for sorting within BTF, since all distilled 83 * types are named. If strings match, and size is non-zero for both elements 84 * fall back to using size for ordering. 85 */ 86 static int cmp_btf_name_size(const void *n1, const void *n2) 87 { 88 const struct btf_name_info *ni1 = n1; 89 const struct btf_name_info *ni2 = n2; 90 int name_diff = strcmp(ni1->name, ni2->name); 91 92 if (!name_diff && ni1->needs_size && ni2->needs_size) 93 return ni2->size - ni1->size; 94 return name_diff; 95 } 96 97 /* Binary search with a small twist; find leftmost element that matches 98 * so that we can then iterate through all exact matches. So for example 99 * searching { "a", "bb", "bb", "c" } we would always match on the 100 * leftmost "bb". 101 */ 102 static struct btf_name_info *search_btf_name_size(struct btf_name_info *key, 103 struct btf_name_info *vals, 104 int nelems) 105 { 106 struct btf_name_info *ret = NULL; 107 int high = nelems - 1; 108 int low = 0; 109 110 while (low <= high) { 111 int mid = (low + high)/2; 112 struct btf_name_info *val = &vals[mid]; 113 int diff = cmp_btf_name_size(key, val); 114 115 if (diff == 0) 116 ret = val; 117 /* even if found, keep searching for leftmost match */ 118 if (diff <= 0) 119 high = mid - 1; 120 else 121 low = mid + 1; 122 } 123 return ret; 124 } 125 126 /* If a member of a split BTF struct/union refers to a base BTF 127 * struct/union, mark that struct/union id temporarily in the id_map 128 * with BTF_IS_EMBEDDED. Members can be const/restrict/volatile/typedef 129 * reference types, but if a pointer is encountered, the type is no longer 130 * considered embedded. 131 */ 132 static int btf_mark_embedded_composite_type_ids(struct btf_relocate *r, __u32 i) 133 { 134 struct btf_type *t = btf_type_by_id(r->btf, i); 135 struct btf_field_iter it; 136 __u32 *id; 137 int err; 138 139 if (!btf_is_composite(t)) 140 return 0; 141 142 err = btf_field_iter_init(&it, t, BTF_FIELD_ITER_IDS); 143 if (err) 144 return err; 145 146 while ((id = btf_field_iter_next(&it))) { 147 __u32 next_id = *id; 148 149 while (next_id) { 150 t = btf_type_by_id(r->btf, next_id); 151 switch (btf_kind(t)) { 152 case BTF_KIND_CONST: 153 case BTF_KIND_RESTRICT: 154 case BTF_KIND_VOLATILE: 155 case BTF_KIND_TYPEDEF: 156 case BTF_KIND_TYPE_TAG: 157 next_id = t->type; 158 break; 159 case BTF_KIND_ARRAY: { 160 struct btf_array *a = btf_array(t); 161 162 next_id = a->type; 163 break; 164 } 165 case BTF_KIND_STRUCT: 166 case BTF_KIND_UNION: 167 if (next_id < r->nr_dist_base_types) 168 r->id_map[next_id] = BTF_IS_EMBEDDED; 169 next_id = 0; 170 break; 171 default: 172 next_id = 0; 173 break; 174 } 175 } 176 } 177 178 return 0; 179 } 180 181 /* Build a map from distilled base BTF ids to base BTF ids. To do so, iterate 182 * through base BTF looking up distilled type (using binary search) equivalents. 183 */ 184 static int btf_relocate_map_distilled_base(struct btf_relocate *r) 185 { 186 struct btf_name_info *info, *info_end; 187 struct btf_type *base_t, *dist_t; 188 __u8 *base_name_cnt = NULL; 189 int err = 0; 190 __u32 id; 191 192 /* generate a sort index array of name/type ids sorted by name for 193 * distilled base BTF to speed name-based lookups. 194 */ 195 info = calloc(r->nr_dist_base_types, sizeof(*info)); 196 if (!info) { 197 err = -ENOMEM; 198 goto done; 199 } 200 info_end = info + r->nr_dist_base_types; 201 for (id = 0; id < r->nr_dist_base_types; id++) { 202 dist_t = btf_type_by_id(r->dist_base_btf, id); 203 info[id].name = btf__name_by_offset(r->dist_base_btf, dist_t->name_off); 204 info[id].id = id; 205 info[id].size = dist_t->size; 206 info[id].needs_size = true; 207 } 208 qsort(info, r->nr_dist_base_types, sizeof(*info), cmp_btf_name_size); 209 210 /* Mark distilled base struct/union members of split BTF structs/unions 211 * in id_map with BTF_IS_EMBEDDED; this signals that these types 212 * need to match both name and size, otherwise embedding the base 213 * struct/union in the split type is invalid. 214 */ 215 for (id = r->nr_dist_base_types; id < r->nr_split_types; id++) { 216 err = btf_mark_embedded_composite_type_ids(r, id); 217 if (err) 218 goto done; 219 } 220 221 /* Collect name counts for composite types in base BTF. If multiple 222 * instances of a struct/union of the same name exist, we need to use 223 * size to determine which to map to since name alone is ambiguous. 224 */ 225 base_name_cnt = calloc(r->base_str_len, sizeof(*base_name_cnt)); 226 if (!base_name_cnt) { 227 err = -ENOMEM; 228 goto done; 229 } 230 for (id = 1; id < r->nr_base_types; id++) { 231 base_t = btf_type_by_id(r->base_btf, id); 232 if (!btf_is_composite(base_t) || !base_t->name_off) 233 continue; 234 if (base_name_cnt[base_t->name_off] < 255) 235 base_name_cnt[base_t->name_off]++; 236 } 237 238 /* Now search base BTF for matching distilled base BTF types. */ 239 for (id = 1; id < r->nr_base_types; id++) { 240 struct btf_name_info *dist_info, base_info = {}; 241 int dist_kind, base_kind; 242 243 base_t = btf_type_by_id(r->base_btf, id); 244 /* distilled base consists of named types only. */ 245 if (!base_t->name_off) 246 continue; 247 base_kind = btf_kind(base_t); 248 base_info.id = id; 249 base_info.name = btf__name_by_offset(r->base_btf, base_t->name_off); 250 switch (base_kind) { 251 case BTF_KIND_INT: 252 case BTF_KIND_FLOAT: 253 case BTF_KIND_ENUM: 254 case BTF_KIND_ENUM64: 255 /* These types should match both name and size */ 256 base_info.needs_size = true; 257 base_info.size = base_t->size; 258 break; 259 case BTF_KIND_FWD: 260 /* No size considerations for fwds. */ 261 break; 262 case BTF_KIND_STRUCT: 263 case BTF_KIND_UNION: 264 /* Size only needs to be used for struct/union if there 265 * are multiple types in base BTF with the same name. 266 * If there are multiple _distilled_ types with the same 267 * name (a very unlikely scenario), that doesn't matter 268 * unless corresponding _base_ types to match them are 269 * missing. 270 */ 271 base_info.needs_size = base_name_cnt[base_t->name_off] > 1; 272 base_info.size = base_t->size; 273 break; 274 default: 275 continue; 276 } 277 /* iterate over all matching distilled base types */ 278 for (dist_info = search_btf_name_size(&base_info, info, r->nr_dist_base_types); 279 dist_info != NULL && dist_info < info_end && 280 cmp_btf_name_size(&base_info, dist_info) == 0; 281 dist_info++) { 282 if (!dist_info->id || dist_info->id >= r->nr_dist_base_types) { 283 pr_warn("base BTF id [%d] maps to invalid distilled base BTF id [%d]\n", 284 id, dist_info->id); 285 err = -EINVAL; 286 goto done; 287 } 288 dist_t = btf_type_by_id(r->dist_base_btf, dist_info->id); 289 dist_kind = btf_kind(dist_t); 290 291 /* Validate that the found distilled type is compatible. 292 * Do not error out on mismatch as another match may 293 * occur for an identically-named type. 294 */ 295 switch (dist_kind) { 296 case BTF_KIND_FWD: 297 switch (base_kind) { 298 case BTF_KIND_FWD: 299 if (btf_kflag(dist_t) != btf_kflag(base_t)) 300 continue; 301 break; 302 case BTF_KIND_STRUCT: 303 if (btf_kflag(base_t)) 304 continue; 305 break; 306 case BTF_KIND_UNION: 307 if (!btf_kflag(base_t)) 308 continue; 309 break; 310 default: 311 continue; 312 } 313 break; 314 case BTF_KIND_INT: 315 if (dist_kind != base_kind || 316 btf_int_encoding(base_t) != btf_int_encoding(dist_t)) 317 continue; 318 break; 319 case BTF_KIND_FLOAT: 320 if (dist_kind != base_kind) 321 continue; 322 break; 323 case BTF_KIND_ENUM: 324 /* ENUM and ENUM64 are encoded as sized ENUM in 325 * distilled base BTF. 326 */ 327 if (base_kind != dist_kind && base_kind != BTF_KIND_ENUM64) 328 continue; 329 break; 330 case BTF_KIND_STRUCT: 331 case BTF_KIND_UNION: 332 /* size verification is required for embedded 333 * struct/unions. 334 */ 335 if (r->id_map[dist_info->id] == BTF_IS_EMBEDDED && 336 base_t->size != dist_t->size) 337 continue; 338 break; 339 default: 340 continue; 341 } 342 if (r->id_map[dist_info->id] && 343 r->id_map[dist_info->id] != BTF_IS_EMBEDDED) { 344 /* we already have a match; this tells us that 345 * multiple base types of the same name 346 * have the same size, since for cases where 347 * multiple types have the same name we match 348 * on name and size. In this case, we have 349 * no way of determining which to relocate 350 * to in base BTF, so error out. 351 */ 352 pr_warn("distilled base BTF type '%s' [%u], size %u has multiple candidates of the same size (ids [%u, %u]) in base BTF\n", 353 base_info.name, dist_info->id, 354 base_t->size, id, r->id_map[dist_info->id]); 355 err = -EINVAL; 356 goto done; 357 } 358 /* map id and name */ 359 r->id_map[dist_info->id] = id; 360 r->str_map[dist_t->name_off] = base_t->name_off; 361 } 362 } 363 /* ensure all distilled BTF ids now have a mapping... */ 364 for (id = 1; id < r->nr_dist_base_types; id++) { 365 const char *name; 366 367 if (r->id_map[id] && r->id_map[id] != BTF_IS_EMBEDDED) 368 continue; 369 dist_t = btf_type_by_id(r->dist_base_btf, id); 370 name = btf__name_by_offset(r->dist_base_btf, dist_t->name_off); 371 pr_warn("distilled base BTF type '%s' [%d] is not mapped to base BTF id\n", 372 name, id); 373 err = -EINVAL; 374 break; 375 } 376 done: 377 free(base_name_cnt); 378 free(info); 379 return err; 380 } 381 382 /* distilled base should only have named int/float/enum/fwd/struct/union types. */ 383 static int btf_relocate_validate_distilled_base(struct btf_relocate *r) 384 { 385 unsigned int i; 386 387 for (i = 1; i < r->nr_dist_base_types; i++) { 388 struct btf_type *t = btf_type_by_id(r->dist_base_btf, i); 389 int kind = btf_kind(t); 390 391 switch (kind) { 392 case BTF_KIND_INT: 393 case BTF_KIND_FLOAT: 394 case BTF_KIND_ENUM: 395 case BTF_KIND_STRUCT: 396 case BTF_KIND_UNION: 397 case BTF_KIND_FWD: 398 if (t->name_off) 399 break; 400 pr_warn("type [%d], kind [%d] is invalid for distilled base BTF; it is anonymous\n", 401 i, kind); 402 return -EINVAL; 403 default: 404 pr_warn("type [%d] in distilled based BTF has unexpected kind [%d]\n", 405 i, kind); 406 return -EINVAL; 407 } 408 } 409 return 0; 410 } 411 412 static int btf_relocate_rewrite_strs(struct btf_relocate *r, __u32 i) 413 { 414 struct btf_type *t = btf_type_by_id(r->btf, i); 415 struct btf_field_iter it; 416 __u32 *str_off; 417 int off, err; 418 419 err = btf_field_iter_init(&it, t, BTF_FIELD_ITER_STRS); 420 if (err) 421 return err; 422 423 while ((str_off = btf_field_iter_next(&it))) { 424 if (!*str_off) 425 continue; 426 if (*str_off >= r->dist_str_len) { 427 *str_off += r->base_str_len - r->dist_str_len; 428 } else { 429 off = r->str_map[*str_off]; 430 if (!off) { 431 pr_warn("string '%s' [offset %u] is not mapped to base BTF", 432 btf__str_by_offset(r->btf, off), *str_off); 433 return -ENOENT; 434 } 435 *str_off = off; 436 } 437 } 438 return 0; 439 } 440 441 /* If successful, output of relocation is updated BTF with base BTF pointing 442 * at base_btf, and type ids, strings adjusted accordingly. 443 */ 444 int btf_relocate(struct btf *btf, const struct btf *base_btf, __u32 **id_map) 445 { 446 unsigned int nr_types = btf__type_cnt(btf); 447 const struct btf_header *dist_base_hdr; 448 const struct btf_header *base_hdr; 449 struct btf_relocate r = {}; 450 int err = 0; 451 __u32 id, i; 452 453 r.dist_base_btf = btf__base_btf(btf); 454 if (!base_btf || r.dist_base_btf == base_btf) 455 return -EINVAL; 456 457 r.nr_dist_base_types = btf__type_cnt(r.dist_base_btf); 458 r.nr_base_types = btf__type_cnt(base_btf); 459 r.nr_split_types = nr_types - r.nr_dist_base_types; 460 r.btf = btf; 461 r.base_btf = base_btf; 462 463 r.id_map = calloc(nr_types, sizeof(*r.id_map)); 464 r.str_map = calloc(btf_header(r.dist_base_btf)->str_len, sizeof(*r.str_map)); 465 dist_base_hdr = btf_header(r.dist_base_btf); 466 base_hdr = btf_header(r.base_btf); 467 r.dist_str_len = dist_base_hdr->str_len; 468 r.base_str_len = base_hdr->str_len; 469 if (!r.id_map || !r.str_map) { 470 err = -ENOMEM; 471 goto err_out; 472 } 473 474 err = btf_relocate_validate_distilled_base(&r); 475 if (err) 476 goto err_out; 477 478 /* Split BTF ids need to be adjusted as base and distilled base 479 * have different numbers of types, changing the start id of split 480 * BTF. 481 */ 482 for (id = r.nr_dist_base_types; id < nr_types; id++) 483 r.id_map[id] = id + r.nr_base_types - r.nr_dist_base_types; 484 485 /* Build a map from distilled base ids to actual base BTF ids; it is used 486 * to update split BTF id references. Also build a str_map mapping from 487 * distilled base BTF names to base BTF names. 488 */ 489 err = btf_relocate_map_distilled_base(&r); 490 if (err) 491 goto err_out; 492 493 /* Next, rewrite type ids in split BTF, replacing split ids with updated 494 * ids based on number of types in base BTF, and base ids with 495 * relocated ids from base_btf. 496 */ 497 for (i = 0, id = r.nr_dist_base_types; i < r.nr_split_types; i++, id++) { 498 err = btf_relocate_rewrite_type_id(&r, id); 499 if (err) 500 goto err_out; 501 } 502 /* String offsets now need to be updated using the str_map. */ 503 for (i = 0; i < r.nr_split_types; i++) { 504 err = btf_relocate_rewrite_strs(&r, i + r.nr_dist_base_types); 505 if (err) 506 goto err_out; 507 } 508 /* Finally reset base BTF to be base_btf */ 509 btf_set_base_btf(btf, base_btf); 510 511 if (id_map) { 512 *id_map = r.id_map; 513 r.id_map = NULL; 514 } 515 err_out: 516 free(r.id_map); 517 free(r.str_map); 518 return err; 519 } 520