1 // SPDX-License-Identifier: GPL-2.0 2 /* Copyright (c) 2020 Facebook */ 3 #include <linux/bpf.h> 4 #include <linux/btf.h> 5 #include <linux/btf_ids.h> 6 #include <linux/delay.h> 7 #include <linux/error-injection.h> 8 #include <linux/init.h> 9 #include <linux/module.h> 10 #include <linux/percpu-defs.h> 11 #include <linux/sysfs.h> 12 #include <linux/tracepoint.h> 13 #include <linux/net.h> 14 #include <linux/socket.h> 15 #include <linux/nsproxy.h> 16 #include <linux/inet.h> 17 #include <linux/in.h> 18 #include <linux/in6.h> 19 #include <linux/un.h> 20 #include <linux/filter.h> 21 #include <linux/rcupdate_trace.h> 22 #include <net/sock.h> 23 #include <linux/namei.h> 24 #include "bpf_testmod.h" 25 #include "bpf_testmod_kfunc.h" 26 27 #define CREATE_TRACE_POINTS 28 #include "bpf_testmod-events.h" 29 30 #define CONNECT_TIMEOUT_SEC 1 31 32 typedef int (*func_proto_typedef)(long); 33 typedef int (*func_proto_typedef_nested1)(func_proto_typedef); 34 typedef int (*func_proto_typedef_nested2)(func_proto_typedef_nested1); 35 36 DEFINE_PER_CPU(int, bpf_testmod_ksym_percpu) = 123; 37 long bpf_testmod_test_struct_arg_result; 38 static DEFINE_MUTEX(sock_lock); 39 static struct socket *sock; 40 41 struct bpf_testmod_struct_arg_1 { 42 int a; 43 }; 44 struct bpf_testmod_struct_arg_2 { 45 long a; 46 long b; 47 }; 48 49 struct bpf_testmod_struct_arg_3 { 50 int a; 51 int b[]; 52 }; 53 54 struct bpf_testmod_struct_arg_4 { 55 u64 a; 56 int b; 57 }; 58 59 struct bpf_testmod_struct_arg_5 { 60 char a; 61 short b; 62 int c; 63 long d; 64 }; 65 66 union bpf_testmod_union_arg_1 { 67 char a; 68 short b; 69 struct bpf_testmod_struct_arg_1 arg; 70 }; 71 72 union bpf_testmod_union_arg_2 { 73 int a; 74 long b; 75 struct bpf_testmod_struct_arg_2 arg; 76 }; 77 78 __bpf_hook_start(); 79 80 noinline int 81 bpf_testmod_test_struct_arg_1(struct bpf_testmod_struct_arg_2 a, int b, int c) { 82 bpf_testmod_test_struct_arg_result = a.a + a.b + b + c; 83 return bpf_testmod_test_struct_arg_result; 84 } 85 86 noinline int 87 bpf_testmod_test_struct_arg_2(int a, struct bpf_testmod_struct_arg_2 b, int c) { 88 bpf_testmod_test_struct_arg_result = a + b.a + b.b + c; 89 return bpf_testmod_test_struct_arg_result; 90 } 91 92 noinline int 93 bpf_testmod_test_struct_arg_3(int a, int b, struct bpf_testmod_struct_arg_2 c) { 94 bpf_testmod_test_struct_arg_result = a + b + c.a + c.b; 95 return bpf_testmod_test_struct_arg_result; 96 } 97 98 noinline int 99 bpf_testmod_test_struct_arg_4(struct bpf_testmod_struct_arg_1 a, int b, 100 int c, int d, struct bpf_testmod_struct_arg_2 e) { 101 bpf_testmod_test_struct_arg_result = a.a + b + c + d + e.a + e.b; 102 return bpf_testmod_test_struct_arg_result; 103 } 104 105 noinline int 106 bpf_testmod_test_struct_arg_5(void) { 107 bpf_testmod_test_struct_arg_result = 1; 108 return bpf_testmod_test_struct_arg_result; 109 } 110 111 noinline int 112 bpf_testmod_test_struct_arg_6(struct bpf_testmod_struct_arg_3 *a) { 113 bpf_testmod_test_struct_arg_result = a->b[0]; 114 return bpf_testmod_test_struct_arg_result; 115 } 116 117 noinline int 118 bpf_testmod_test_struct_arg_7(u64 a, void *b, short c, int d, void *e, 119 struct bpf_testmod_struct_arg_4 f) 120 { 121 bpf_testmod_test_struct_arg_result = a + (long)b + c + d + 122 (long)e + f.a + f.b; 123 return bpf_testmod_test_struct_arg_result; 124 } 125 126 noinline int 127 bpf_testmod_test_struct_arg_8(u64 a, void *b, short c, int d, void *e, 128 struct bpf_testmod_struct_arg_4 f, int g) 129 { 130 bpf_testmod_test_struct_arg_result = a + (long)b + c + d + 131 (long)e + f.a + f.b + g; 132 return bpf_testmod_test_struct_arg_result; 133 } 134 135 noinline int 136 bpf_testmod_test_struct_arg_9(u64 a, void *b, short c, int d, void *e, char f, 137 short g, struct bpf_testmod_struct_arg_5 h, long i) 138 { 139 bpf_testmod_test_struct_arg_result = a + (long)b + c + d + (long)e + 140 f + g + h.a + h.b + h.c + h.d + i; 141 return bpf_testmod_test_struct_arg_result; 142 } 143 144 noinline int 145 bpf_testmod_test_union_arg_1(union bpf_testmod_union_arg_1 a, int b, int c) 146 { 147 bpf_testmod_test_struct_arg_result = a.arg.a + b + c; 148 return bpf_testmod_test_struct_arg_result; 149 } 150 151 noinline int 152 bpf_testmod_test_union_arg_2(int a, union bpf_testmod_union_arg_2 b) 153 { 154 bpf_testmod_test_struct_arg_result = a + b.arg.a + b.arg.b; 155 return bpf_testmod_test_struct_arg_result; 156 } 157 158 noinline int 159 bpf_testmod_test_arg_ptr_to_struct(struct bpf_testmod_struct_arg_1 *a) { 160 bpf_testmod_test_struct_arg_result = a->a; 161 return bpf_testmod_test_struct_arg_result; 162 } 163 164 __weak noinline void bpf_testmod_looooooooooooooooooooooooooooooong_name(void) 165 { 166 } 167 168 __bpf_kfunc void 169 bpf_testmod_test_mod_kfunc(int i) 170 { 171 *(int *)this_cpu_ptr(&bpf_testmod_ksym_percpu) = i; 172 } 173 174 __bpf_kfunc int bpf_iter_testmod_seq_new(struct bpf_iter_testmod_seq *it, s64 value, int cnt) 175 { 176 it->cnt = cnt; 177 178 if (cnt < 0) 179 return -EINVAL; 180 181 it->value = value; 182 183 return 0; 184 } 185 186 __bpf_kfunc s64 *bpf_iter_testmod_seq_next(struct bpf_iter_testmod_seq* it) 187 { 188 if (it->cnt <= 0) 189 return NULL; 190 191 it->cnt--; 192 193 return &it->value; 194 } 195 196 __bpf_kfunc s64 bpf_iter_testmod_seq_value(int val, struct bpf_iter_testmod_seq* it__iter) 197 { 198 if (it__iter->cnt < 0) 199 return 0; 200 201 return val + it__iter->value; 202 } 203 204 __bpf_kfunc void bpf_iter_testmod_seq_destroy(struct bpf_iter_testmod_seq *it) 205 { 206 it->cnt = 0; 207 } 208 209 __bpf_kfunc void bpf_kfunc_common_test(void) 210 { 211 } 212 213 __bpf_kfunc void bpf_kfunc_dynptr_test(struct bpf_dynptr *ptr, 214 struct bpf_dynptr *ptr__nullable) 215 { 216 } 217 218 __bpf_kfunc struct sk_buff *bpf_kfunc_nested_acquire_nonzero_offset_test(struct sk_buff_head *ptr) 219 { 220 return NULL; 221 } 222 223 __bpf_kfunc struct sk_buff *bpf_kfunc_nested_acquire_zero_offset_test(struct sock_common *ptr) 224 { 225 return NULL; 226 } 227 228 __bpf_kfunc void bpf_kfunc_nested_release_test(struct sk_buff *ptr) 229 { 230 } 231 232 __bpf_kfunc void bpf_kfunc_trusted_vma_test(struct vm_area_struct *ptr) 233 { 234 } 235 236 __bpf_kfunc void bpf_kfunc_trusted_task_test(struct task_struct *ptr) 237 { 238 } 239 240 __bpf_kfunc void bpf_kfunc_trusted_num_test(int *ptr) 241 { 242 } 243 244 __bpf_kfunc void bpf_kfunc_rcu_task_test(struct task_struct *ptr) 245 { 246 } 247 248 __bpf_kfunc struct task_struct *bpf_kfunc_ret_rcu_test(void) 249 { 250 return NULL; 251 } 252 253 __bpf_kfunc int *bpf_kfunc_ret_rcu_test_nostruct(int rdonly_buf_size) 254 { 255 return NULL; 256 } 257 258 static struct prog_test_member trusted_ptr; 259 260 __bpf_kfunc struct prog_test_member *bpf_kfunc_get_default_trusted_ptr_test(void) 261 { 262 return &trusted_ptr; 263 } 264 265 __bpf_kfunc void bpf_kfunc_put_default_trusted_ptr_test(struct prog_test_member *trusted_ptr) 266 { 267 /* 268 * This BPF kfunc doesn't actually have any put/KF_ACQUIRE 269 * semantics. We're simply wanting to simulate a BPF kfunc that takes a 270 * struct prog_test_member pointer as an argument. 271 */ 272 } 273 274 __bpf_kfunc struct bpf_testmod_ctx * 275 bpf_testmod_ctx_create(int *err) 276 { 277 struct bpf_testmod_ctx *ctx; 278 279 ctx = kzalloc(sizeof(*ctx), GFP_ATOMIC); 280 if (!ctx) { 281 *err = -ENOMEM; 282 return NULL; 283 } 284 refcount_set(&ctx->usage, 1); 285 286 return ctx; 287 } 288 289 static void testmod_free_cb(struct rcu_head *head) 290 { 291 struct bpf_testmod_ctx *ctx; 292 293 ctx = container_of(head, struct bpf_testmod_ctx, rcu); 294 kfree(ctx); 295 } 296 297 __bpf_kfunc void bpf_testmod_ctx_release(struct bpf_testmod_ctx *ctx) 298 { 299 if (!ctx) 300 return; 301 if (refcount_dec_and_test(&ctx->usage)) 302 call_rcu(&ctx->rcu, testmod_free_cb); 303 } 304 305 __bpf_kfunc void bpf_testmod_ctx_release_dtor(void *ctx) 306 { 307 bpf_testmod_ctx_release(ctx); 308 } 309 CFI_NOSEAL(bpf_testmod_ctx_release_dtor); 310 311 static struct bpf_testmod_ops3 *st_ops3; 312 313 static int bpf_testmod_test_3(void) 314 { 315 return 0; 316 } 317 318 static int bpf_testmod_test_4(void) 319 { 320 return 0; 321 } 322 323 static struct bpf_testmod_ops3 __bpf_testmod_ops3 = { 324 .test_1 = bpf_testmod_test_3, 325 .test_2 = bpf_testmod_test_4, 326 }; 327 328 static void bpf_testmod_test_struct_ops3(void) 329 { 330 if (st_ops3) 331 st_ops3->test_1(); 332 } 333 334 __bpf_kfunc void bpf_testmod_ops3_call_test_1(void) 335 { 336 st_ops3->test_1(); 337 } 338 339 __bpf_kfunc void bpf_testmod_ops3_call_test_2(void) 340 { 341 st_ops3->test_2(); 342 } 343 344 struct bpf_testmod_btf_type_tag_1 { 345 int a; 346 }; 347 348 struct bpf_testmod_btf_type_tag_2 { 349 struct bpf_testmod_btf_type_tag_1 __user *p; 350 }; 351 352 struct bpf_testmod_btf_type_tag_3 { 353 struct bpf_testmod_btf_type_tag_1 __percpu *p; 354 }; 355 356 noinline int 357 bpf_testmod_test_btf_type_tag_user_1(struct bpf_testmod_btf_type_tag_1 __user *arg) { 358 BTF_TYPE_EMIT(func_proto_typedef); 359 BTF_TYPE_EMIT(func_proto_typedef_nested1); 360 BTF_TYPE_EMIT(func_proto_typedef_nested2); 361 return arg->a; 362 } 363 364 noinline int 365 bpf_testmod_test_btf_type_tag_user_2(struct bpf_testmod_btf_type_tag_2 *arg) { 366 return arg->p->a; 367 } 368 369 noinline int 370 bpf_testmod_test_btf_type_tag_percpu_1(struct bpf_testmod_btf_type_tag_1 __percpu *arg) { 371 return arg->a; 372 } 373 374 noinline int 375 bpf_testmod_test_btf_type_tag_percpu_2(struct bpf_testmod_btf_type_tag_3 *arg) { 376 return arg->p->a; 377 } 378 379 noinline int bpf_testmod_loop_test(int n) 380 { 381 /* Make sum volatile, so smart compilers, such as clang, will not 382 * optimize the code by removing the loop. 383 */ 384 volatile int sum = 0; 385 int i; 386 387 /* the primary goal of this test is to test LBR. Create a lot of 388 * branches in the function, so we can catch it easily. 389 */ 390 for (i = 0; i < n; i++) 391 sum += i; 392 return sum; 393 } 394 395 __weak noinline struct file *bpf_testmod_return_ptr(int arg) 396 { 397 static struct file f = {}; 398 399 switch (arg) { 400 case 1: return (void *)EINVAL; /* user addr */ 401 case 2: return (void *)0xcafe4a11; /* user addr */ 402 case 3: return (void *)-EINVAL; /* canonical, but invalid */ 403 case 4: return (void *)(1ull << 60); /* non-canonical and invalid */ 404 case 5: return (void *)~(1ull << 30); /* trigger extable */ 405 case 6: return &f; /* valid addr */ 406 case 7: return (void *)((long)&f | 1); /* kernel tricks */ 407 #ifdef CONFIG_X86_64 408 case 8: return (void *)VSYSCALL_ADDR; /* vsyscall page address */ 409 #endif 410 default: return NULL; 411 } 412 } 413 414 noinline int bpf_testmod_fentry_test1(int a) 415 { 416 trace_bpf_testmod_fentry_test1_tp(a); 417 418 return a + 1; 419 } 420 421 noinline int bpf_testmod_fentry_test2(int a, u64 b) 422 { 423 trace_bpf_testmod_fentry_test2_tp(a, b); 424 425 return a + b; 426 } 427 428 noinline int bpf_testmod_fentry_test3(char a, int b, u64 c) 429 { 430 return a + b + c; 431 } 432 433 noinline int bpf_testmod_fentry_test7(u64 a, void *b, short c, int d, 434 void *e, char f, int g) 435 { 436 return a + (long)b + c + d + (long)e + f + g; 437 } 438 439 noinline int bpf_testmod_fentry_test11(u64 a, void *b, short c, int d, 440 void *e, char f, int g, 441 unsigned int h, long i, __u64 j, 442 unsigned long k) 443 { 444 return a + (long)b + c + d + (long)e + f + g + h + i + j + k; 445 } 446 447 noinline void bpf_testmod_stacktrace_test(void) 448 { 449 /* used for stacktrace test as attach function */ 450 asm volatile (""); 451 } 452 453 noinline void bpf_testmod_stacktrace_test_3(void) 454 { 455 bpf_testmod_stacktrace_test(); 456 asm volatile (""); 457 } 458 459 noinline void bpf_testmod_stacktrace_test_2(void) 460 { 461 bpf_testmod_stacktrace_test_3(); 462 asm volatile (""); 463 } 464 465 noinline void bpf_testmod_stacktrace_test_1(void) 466 { 467 bpf_testmod_stacktrace_test_2(); 468 asm volatile (""); 469 } 470 471 int bpf_testmod_fentry_ok; 472 473 noinline int bpf_testmod_trampoline_count_test(void) 474 { 475 return 0; 476 } 477 478 noinline ssize_t 479 bpf_testmod_test_read(struct file *file, struct kobject *kobj, 480 const struct bin_attribute *bin_attr, 481 char *buf, loff_t off, size_t len) 482 { 483 struct bpf_testmod_test_read_ctx ctx = { 484 .buf = buf, 485 .off = off, 486 .len = len, 487 }; 488 struct bpf_testmod_struct_arg_1 struct_arg1 = {10}, struct_arg1_2 = {-1}; 489 struct bpf_testmod_struct_arg_2 struct_arg2 = {2, 3}; 490 struct bpf_testmod_struct_arg_3 *struct_arg3; 491 struct bpf_testmod_struct_arg_4 struct_arg4 = {21, 22}; 492 struct bpf_testmod_struct_arg_5 struct_arg5 = {23, 24, 25, 26}; 493 union bpf_testmod_union_arg_1 union_arg1 = { .arg = {1} }; 494 union bpf_testmod_union_arg_2 union_arg2 = { .arg = {2, 3} }; 495 int i = 1; 496 497 while (bpf_testmod_return_ptr(i)) 498 i++; 499 500 (void)bpf_testmod_test_struct_arg_1(struct_arg2, 1, 4); 501 (void)bpf_testmod_test_struct_arg_2(1, struct_arg2, 4); 502 (void)bpf_testmod_test_struct_arg_3(1, 4, struct_arg2); 503 (void)bpf_testmod_test_struct_arg_4(struct_arg1, 1, 2, 3, struct_arg2); 504 (void)bpf_testmod_test_struct_arg_5(); 505 (void)bpf_testmod_test_struct_arg_7(16, (void *)17, 18, 19, 506 (void *)20, struct_arg4); 507 (void)bpf_testmod_test_struct_arg_8(16, (void *)17, 18, 19, 508 (void *)20, struct_arg4, 23); 509 (void)bpf_testmod_test_struct_arg_9(16, (void *)17, 18, 19, (void *)20, 510 21, 22, struct_arg5, 27); 511 512 (void)bpf_testmod_test_union_arg_1(union_arg1, 4, 5); 513 (void)bpf_testmod_test_union_arg_2(6, union_arg2); 514 515 (void)bpf_testmod_test_arg_ptr_to_struct(&struct_arg1_2); 516 517 (void)trace_bpf_testmod_test_raw_tp_null_tp(NULL); 518 519 bpf_testmod_test_struct_ops3(); 520 521 struct_arg3 = kmalloc((sizeof(struct bpf_testmod_struct_arg_3) + 522 sizeof(int)), GFP_KERNEL); 523 if (struct_arg3 != NULL) { 524 struct_arg3->b[0] = 1; 525 (void)bpf_testmod_test_struct_arg_6(struct_arg3); 526 kfree(struct_arg3); 527 } 528 529 /* This is always true. Use the check to make sure the compiler 530 * doesn't remove bpf_testmod_loop_test. 531 */ 532 if (bpf_testmod_loop_test(101) > 100) 533 trace_bpf_testmod_test_read(current, &ctx); 534 535 trace_bpf_testmod_test_nullable_bare_tp(NULL); 536 537 /* Magic number to enable writable tp */ 538 if (len == 64) { 539 struct bpf_testmod_test_writable_ctx writable = { 540 .val = 1024, 541 }; 542 trace_bpf_testmod_test_writable_bare_tp(&writable); 543 if (writable.early_ret) 544 return snprintf(buf, len, "%d\n", writable.val); 545 } 546 547 if (bpf_testmod_fentry_test1(1) != 2 || 548 bpf_testmod_fentry_test2(2, 3) != 5 || 549 bpf_testmod_fentry_test3(4, 5, 6) != 15 || 550 bpf_testmod_fentry_test7(16, (void *)17, 18, 19, (void *)20, 551 21, 22) != 133 || 552 bpf_testmod_fentry_test11(16, (void *)17, 18, 19, (void *)20, 553 21, 22, 23, 24, 25, 26) != 231) 554 goto out; 555 556 bpf_testmod_trampoline_count_test(); 557 558 bpf_testmod_stacktrace_test_1(); 559 560 bpf_testmod_fentry_ok = 1; 561 out: 562 return -EIO; /* always fail */ 563 } 564 EXPORT_SYMBOL(bpf_testmod_test_read); 565 ALLOW_ERROR_INJECTION(bpf_testmod_test_read, ERRNO); 566 567 noinline ssize_t 568 bpf_testmod_test_write(struct file *file, struct kobject *kobj, 569 const struct bin_attribute *bin_attr, 570 char *buf, loff_t off, size_t len) 571 { 572 struct bpf_testmod_test_write_ctx ctx = { 573 .buf = buf, 574 .off = off, 575 .len = len, 576 }; 577 578 trace_bpf_testmod_test_write_bare_tp(current, &ctx); 579 580 return -EIO; /* always fail */ 581 } 582 EXPORT_SYMBOL(bpf_testmod_test_write); 583 ALLOW_ERROR_INJECTION(bpf_testmod_test_write, ERRNO); 584 585 noinline int bpf_fentry_shadow_test(int a) 586 { 587 return a + 2; 588 } 589 EXPORT_SYMBOL_GPL(bpf_fentry_shadow_test); 590 591 __bpf_hook_end(); 592 593 static struct bin_attribute bin_attr_bpf_testmod_file __ro_after_init = { 594 .attr = { .name = "bpf_testmod", .mode = 0666, }, 595 .read = bpf_testmod_test_read, 596 .write = bpf_testmod_test_write, 597 }; 598 599 /* bpf_testmod_uprobe sysfs attribute is so far enabled for x86_64 only, 600 * please see test_uretprobe_regs_change test 601 */ 602 #ifdef __x86_64__ 603 604 static int 605 uprobe_handler(struct uprobe_consumer *self, struct pt_regs *regs, __u64 *data) 606 { 607 regs->cx = 0x87654321feebdaed; 608 return 0; 609 } 610 611 static int 612 uprobe_ret_handler(struct uprobe_consumer *self, unsigned long func, 613 struct pt_regs *regs, __u64 *data) 614 615 { 616 regs->ax = 0x12345678deadbeef; 617 regs->r11 = (u64) -1; 618 return 0; 619 } 620 621 struct testmod_uprobe { 622 struct path path; 623 struct uprobe *uprobe; 624 struct uprobe_consumer consumer; 625 }; 626 627 static DEFINE_MUTEX(testmod_uprobe_mutex); 628 629 static struct testmod_uprobe uprobe = { 630 .consumer.handler = uprobe_handler, 631 .consumer.ret_handler = uprobe_ret_handler, 632 }; 633 634 static int testmod_register_uprobe(loff_t offset) 635 { 636 int err = -EBUSY; 637 638 if (uprobe.uprobe) 639 return -EBUSY; 640 641 mutex_lock(&testmod_uprobe_mutex); 642 643 if (uprobe.uprobe) 644 goto out; 645 646 err = kern_path("/proc/self/exe", LOOKUP_FOLLOW, &uprobe.path); 647 if (err) 648 goto out; 649 650 uprobe.uprobe = uprobe_register(d_real_inode(uprobe.path.dentry), 651 offset, 0, &uprobe.consumer); 652 if (IS_ERR(uprobe.uprobe)) { 653 err = PTR_ERR(uprobe.uprobe); 654 path_put(&uprobe.path); 655 uprobe.uprobe = NULL; 656 } 657 out: 658 mutex_unlock(&testmod_uprobe_mutex); 659 return err; 660 } 661 662 static void testmod_unregister_uprobe(void) 663 { 664 mutex_lock(&testmod_uprobe_mutex); 665 666 if (uprobe.uprobe) { 667 uprobe_unregister_nosync(uprobe.uprobe, &uprobe.consumer); 668 uprobe_unregister_sync(); 669 path_put(&uprobe.path); 670 uprobe.uprobe = NULL; 671 } 672 673 mutex_unlock(&testmod_uprobe_mutex); 674 } 675 676 static ssize_t 677 bpf_testmod_uprobe_write(struct file *file, struct kobject *kobj, 678 const struct bin_attribute *bin_attr, 679 char *buf, loff_t off, size_t len) 680 { 681 unsigned long offset = 0; 682 int err = 0; 683 684 if (kstrtoul(buf, 0, &offset)) 685 return -EINVAL; 686 687 if (offset) 688 err = testmod_register_uprobe(offset); 689 else 690 testmod_unregister_uprobe(); 691 692 return err ?: strlen(buf); 693 } 694 695 static struct bin_attribute bin_attr_bpf_testmod_uprobe_file __ro_after_init = { 696 .attr = { .name = "bpf_testmod_uprobe", .mode = 0666, }, 697 .write = bpf_testmod_uprobe_write, 698 }; 699 700 static int register_bpf_testmod_uprobe(void) 701 { 702 return sysfs_create_bin_file(kernel_kobj, &bin_attr_bpf_testmod_uprobe_file); 703 } 704 705 static void unregister_bpf_testmod_uprobe(void) 706 { 707 testmod_unregister_uprobe(); 708 sysfs_remove_bin_file(kernel_kobj, &bin_attr_bpf_testmod_uprobe_file); 709 } 710 711 #else 712 static int register_bpf_testmod_uprobe(void) 713 { 714 return 0; 715 } 716 717 static void unregister_bpf_testmod_uprobe(void) { } 718 #endif 719 720 BTF_KFUNCS_START(bpf_testmod_common_kfunc_ids) 721 BTF_ID_FLAGS(func, bpf_iter_testmod_seq_new, KF_ITER_NEW) 722 BTF_ID_FLAGS(func, bpf_iter_testmod_seq_next, KF_ITER_NEXT | KF_RET_NULL) 723 BTF_ID_FLAGS(func, bpf_iter_testmod_seq_destroy, KF_ITER_DESTROY) 724 BTF_ID_FLAGS(func, bpf_iter_testmod_seq_value) 725 BTF_ID_FLAGS(func, bpf_kfunc_common_test) 726 BTF_ID_FLAGS(func, bpf_kfunc_call_test_mem_len_pass1) 727 BTF_ID_FLAGS(func, bpf_kfunc_dynptr_test) 728 BTF_ID_FLAGS(func, bpf_kfunc_nested_acquire_nonzero_offset_test, KF_ACQUIRE) 729 BTF_ID_FLAGS(func, bpf_kfunc_nested_acquire_zero_offset_test, KF_ACQUIRE) 730 BTF_ID_FLAGS(func, bpf_kfunc_nested_release_test, KF_RELEASE) 731 BTF_ID_FLAGS(func, bpf_kfunc_trusted_vma_test) 732 BTF_ID_FLAGS(func, bpf_kfunc_trusted_task_test) 733 BTF_ID_FLAGS(func, bpf_kfunc_trusted_num_test) 734 BTF_ID_FLAGS(func, bpf_kfunc_rcu_task_test, KF_RCU) 735 BTF_ID_FLAGS(func, bpf_kfunc_ret_rcu_test, KF_RET_NULL | KF_RCU_PROTECTED) 736 BTF_ID_FLAGS(func, bpf_kfunc_ret_rcu_test_nostruct, KF_RET_NULL | KF_RCU_PROTECTED) 737 BTF_ID_FLAGS(func, bpf_testmod_ctx_create, KF_ACQUIRE | KF_RET_NULL) 738 BTF_ID_FLAGS(func, bpf_testmod_ctx_release, KF_RELEASE) 739 BTF_ID_FLAGS(func, bpf_testmod_ops3_call_test_1) 740 BTF_ID_FLAGS(func, bpf_testmod_ops3_call_test_2) 741 BTF_ID_FLAGS(func, bpf_kfunc_get_default_trusted_ptr_test); 742 BTF_ID_FLAGS(func, bpf_kfunc_put_default_trusted_ptr_test); 743 BTF_KFUNCS_END(bpf_testmod_common_kfunc_ids) 744 745 BTF_ID_LIST(bpf_testmod_dtor_ids) 746 BTF_ID(struct, bpf_testmod_ctx) 747 BTF_ID(func, bpf_testmod_ctx_release_dtor) 748 749 static const struct btf_kfunc_id_set bpf_testmod_common_kfunc_set = { 750 .owner = THIS_MODULE, 751 .set = &bpf_testmod_common_kfunc_ids, 752 }; 753 754 __bpf_kfunc u64 bpf_kfunc_call_test1(struct sock *sk, u32 a, u64 b, u32 c, u64 d) 755 { 756 return a + b + c + d; 757 } 758 759 __bpf_kfunc int bpf_kfunc_call_test2(struct sock *sk, u32 a, u32 b) 760 { 761 return a + b; 762 } 763 764 __bpf_kfunc struct sock *bpf_kfunc_call_test3(struct sock *sk) 765 { 766 return sk; 767 } 768 769 __bpf_kfunc long noinline bpf_kfunc_call_test4(signed char a, short b, int c, long d) 770 { 771 /* 772 * Make val as volatile to avoid compiler optimizations. 773 * Verify that negative signed values remain negative after 774 * sign-extension (JIT must sign-extend, not zero-extend). 775 */ 776 volatile long val; 777 778 /* val will be positive, if JIT does zero-extension instead of sign-extension */ 779 val = a; 780 if (val >= 0) 781 return 1; 782 783 val = b; 784 if (val >= 0) 785 return 2; 786 787 val = c; 788 if (val >= 0) 789 return 3; 790 791 /* 792 * Provoke the compiler to assume that the caller has sign-extended a, 793 * b and c on platforms where this is required (e.g. s390x). 794 */ 795 return (long)a + (long)b + (long)c + d; 796 } 797 798 __bpf_kfunc int bpf_kfunc_call_test5(u8 a, u16 b, u32 c) 799 { 800 /* 801 * Make val as volatile to avoid compiler optimizations on the below checks 802 * In C, assigning u8/u16/u32 to long performs zero-extension. 803 */ 804 volatile long val = a; 805 806 /* Check zero-extension */ 807 if (val != (unsigned long)a) 808 return 1; 809 /* Check no sign-extension */ 810 if (val < 0) 811 return 2; 812 813 val = b; 814 if (val != (unsigned long)b) 815 return 3; 816 if (val < 0) 817 return 4; 818 819 val = c; 820 if (val != (unsigned long)c) 821 return 5; 822 if (val < 0) 823 return 6; 824 825 return 0; 826 } 827 828 __bpf_kfunc u64 bpf_kfunc_call_stack_arg(u64 a, u64 b, u64 c, u64 d, 829 u64 e, u64 f, u64 g, u64 h) 830 { 831 return a + b + c + d + e + f + g + h; 832 } 833 834 __bpf_kfunc u64 bpf_kfunc_call_stack_arg_ptr(u64 a, u64 b, u64 c, u64 d, u64 e, 835 struct prog_test_pass1 *p) 836 { 837 return a + b + c + d + e + p->x0 + p->x1; 838 } 839 840 __bpf_kfunc u64 bpf_kfunc_call_stack_arg_mix(u64 a, u64 b, u64 c, u64 d, u64 e, 841 struct prog_test_pass1 *p, u64 f, 842 struct prog_test_pass1 *q) 843 { 844 return a + b + c + d + e + p->x0 + f + q->x1; 845 } 846 847 __bpf_kfunc u64 bpf_kfunc_call_stack_arg_dynptr(u64 a, u64 b, u64 c, u64 d, u64 e, 848 struct bpf_dynptr *ptr) 849 { 850 const struct bpf_dynptr_kern *kern_ptr = (void *)ptr; 851 852 return a + b + c + d + e + (kern_ptr->size & 0xFFFFFF); 853 } 854 855 __bpf_kfunc u64 bpf_kfunc_call_stack_arg_mem(u64 a, u64 b, u64 c, u64 d, u64 e, 856 void *mem, int mem__sz) 857 { 858 const unsigned char *p = mem; 859 u64 sum = a + b + c + d + e; 860 int i; 861 862 for (i = 0; i < mem__sz; i++) 863 sum += p[i]; 864 return sum; 865 } 866 867 __bpf_kfunc u64 bpf_kfunc_call_stack_arg_iter(u64 a, u64 b, u64 c, u64 d, u64 e, 868 struct bpf_iter_testmod_seq *it__iter) 869 { 870 return a + b + c + d + e + it__iter->value; 871 } 872 873 __bpf_kfunc u64 bpf_kfunc_call_stack_arg_const_str(u64 a, u64 b, u64 c, u64 d, u64 e, 874 const char *str__str) 875 { 876 return a + b + c + d + e; 877 } 878 879 __bpf_kfunc u64 bpf_kfunc_call_stack_arg_timer(u64 a, u64 b, u64 c, u64 d, u64 e, 880 struct bpf_timer *timer) 881 { 882 return a + b + c + d + e; 883 } 884 885 __bpf_kfunc u64 bpf_kfunc_call_stack_arg_big(u64 a, u64 b, u64 c, u64 d, u64 e, 886 struct prog_test_big_arg s) 887 { 888 return a + b + c + d + e + s.a + s.b; 889 } 890 891 static struct prog_test_ref_kfunc prog_test_struct = { 892 .a = 42, 893 .b = 108, 894 .next = &prog_test_struct, 895 .cnt = REFCOUNT_INIT(1), 896 }; 897 898 __bpf_kfunc struct prog_test_ref_kfunc * 899 bpf_kfunc_call_test_acquire(unsigned long *scalar_ptr) 900 { 901 refcount_inc(&prog_test_struct.cnt); 902 return &prog_test_struct; 903 } 904 905 __bpf_kfunc void bpf_kfunc_call_test_offset(struct prog_test_ref_kfunc *p) 906 { 907 WARN_ON_ONCE(1); 908 } 909 910 __bpf_kfunc struct prog_test_member * 911 bpf_kfunc_call_memb_acquire(void) 912 { 913 WARN_ON_ONCE(1); 914 return NULL; 915 } 916 917 __bpf_kfunc void bpf_kfunc_call_memb1_release(struct prog_test_member1 *p) 918 { 919 WARN_ON_ONCE(1); 920 } 921 922 static int *__bpf_kfunc_call_test_get_mem(struct prog_test_ref_kfunc *p, const int size) 923 { 924 if (size > 2 * sizeof(int)) 925 return NULL; 926 927 return (int *)p; 928 } 929 930 __bpf_kfunc int *bpf_kfunc_call_test_get_rdwr_mem(struct prog_test_ref_kfunc *p, 931 const int rdwr_buf_size) 932 { 933 return __bpf_kfunc_call_test_get_mem(p, rdwr_buf_size); 934 } 935 936 __bpf_kfunc int *bpf_kfunc_call_test_get_rdonly_mem(struct prog_test_ref_kfunc *p, 937 const int rdonly_buf_size) 938 { 939 return __bpf_kfunc_call_test_get_mem(p, rdonly_buf_size); 940 } 941 942 /* the next 2 ones can't be really used for testing expect to ensure 943 * that the verifier rejects the call. 944 * Acquire functions must return struct pointers, so these ones are 945 * failing. 946 */ 947 __bpf_kfunc int *bpf_kfunc_call_test_acq_rdonly_mem(struct prog_test_ref_kfunc *p, 948 const int rdonly_buf_size) 949 { 950 return __bpf_kfunc_call_test_get_mem(p, rdonly_buf_size); 951 } 952 953 __bpf_kfunc void bpf_kfunc_call_int_mem_release(int *p) 954 { 955 } 956 957 __bpf_kfunc void bpf_kfunc_call_test_pass_ctx(struct __sk_buff *skb) 958 { 959 } 960 961 __bpf_kfunc void bpf_kfunc_call_test_pass1(struct prog_test_pass1 *p) 962 { 963 } 964 965 __bpf_kfunc void bpf_kfunc_call_test_pass2(struct prog_test_pass2 *p) 966 { 967 } 968 969 __bpf_kfunc void bpf_kfunc_call_test_fail1(struct prog_test_fail1 *p) 970 { 971 } 972 973 __bpf_kfunc void bpf_kfunc_call_test_fail2(struct prog_test_fail2 *p) 974 { 975 } 976 977 __bpf_kfunc void bpf_kfunc_call_test_fail3(struct prog_test_fail3 *p) 978 { 979 } 980 981 __bpf_kfunc void bpf_kfunc_call_test_mem_len_pass1(void *mem, int mem__sz) 982 { 983 } 984 985 __bpf_kfunc void bpf_kfunc_call_test_mem_len_fail1(void *mem, int len) 986 { 987 } 988 989 __bpf_kfunc void bpf_kfunc_call_test_mem_len_fail2(u64 *mem, int len) 990 { 991 } 992 993 __bpf_kfunc void bpf_kfunc_call_test_ref(struct prog_test_ref_kfunc *p) 994 { 995 /* p != NULL, but p->cnt could be 0 */ 996 } 997 998 __bpf_kfunc void bpf_kfunc_call_test_destructive(void) 999 { 1000 } 1001 1002 __bpf_kfunc static u32 bpf_kfunc_call_test_static_unused_arg(u32 arg, u32 unused) 1003 { 1004 return arg; 1005 } 1006 1007 __bpf_kfunc void bpf_kfunc_call_test_sleepable(void) 1008 { 1009 } 1010 1011 struct bpf_kfunc_rcu_tasks_trace_data { 1012 struct rcu_head rcu; 1013 int *done; 1014 }; 1015 1016 static void bpf_kfunc_rcu_tasks_trace_cb(struct rcu_head *rhp) 1017 { 1018 struct bpf_kfunc_rcu_tasks_trace_data *data; 1019 1020 data = container_of(rhp, struct bpf_kfunc_rcu_tasks_trace_data, rcu); 1021 WRITE_ONCE(*data->done, 1); 1022 kfree(data); 1023 } 1024 1025 __bpf_kfunc int bpf_kfunc_call_test_call_rcu_tasks_trace(int *done) 1026 { 1027 struct bpf_kfunc_rcu_tasks_trace_data *data; 1028 1029 data = kmalloc(sizeof(*data), GFP_ATOMIC); 1030 if (!data) 1031 return -ENOMEM; 1032 data->done = done; 1033 call_rcu_tasks_trace(&data->rcu, bpf_kfunc_rcu_tasks_trace_cb); 1034 return 0; 1035 } 1036 1037 __bpf_kfunc int bpf_kfunc_init_sock(struct init_sock_args *args) 1038 { 1039 int proto; 1040 int err; 1041 1042 mutex_lock(&sock_lock); 1043 1044 if (sock) { 1045 pr_err("%s called without releasing old sock", __func__); 1046 err = -EPERM; 1047 goto out; 1048 } 1049 1050 switch (args->af) { 1051 case AF_INET: 1052 case AF_INET6: 1053 proto = args->type == SOCK_STREAM ? IPPROTO_TCP : IPPROTO_UDP; 1054 break; 1055 case AF_UNIX: 1056 proto = PF_UNIX; 1057 break; 1058 default: 1059 pr_err("invalid address family %d\n", args->af); 1060 err = -EINVAL; 1061 goto out; 1062 } 1063 1064 err = sock_create_kern(current->nsproxy->net_ns, args->af, args->type, 1065 proto, &sock); 1066 1067 if (!err) 1068 /* Set timeout for call to kernel_connect() to prevent it from hanging, 1069 * and consider the connection attempt failed if it returns 1070 * -EINPROGRESS. 1071 */ 1072 sock->sk->sk_sndtimeo = CONNECT_TIMEOUT_SEC * HZ; 1073 out: 1074 mutex_unlock(&sock_lock); 1075 1076 return err; 1077 } 1078 1079 __bpf_kfunc void bpf_kfunc_close_sock(void) 1080 { 1081 mutex_lock(&sock_lock); 1082 1083 if (sock) { 1084 sock_release(sock); 1085 sock = NULL; 1086 } 1087 1088 mutex_unlock(&sock_lock); 1089 } 1090 1091 __bpf_kfunc int bpf_kfunc_call_kernel_connect(struct addr_args *args) 1092 { 1093 int err; 1094 1095 if (args->addrlen > sizeof(args->addr)) 1096 return -EINVAL; 1097 1098 mutex_lock(&sock_lock); 1099 1100 if (!sock) { 1101 pr_err("%s called without initializing sock", __func__); 1102 err = -EPERM; 1103 goto out; 1104 } 1105 1106 err = kernel_connect(sock, (struct sockaddr_unsized *)&args->addr, 1107 args->addrlen, 0); 1108 out: 1109 mutex_unlock(&sock_lock); 1110 1111 return err; 1112 } 1113 1114 __bpf_kfunc int bpf_kfunc_call_kernel_bind(struct addr_args *args) 1115 { 1116 int err; 1117 1118 if (args->addrlen > sizeof(args->addr)) 1119 return -EINVAL; 1120 1121 mutex_lock(&sock_lock); 1122 1123 if (!sock) { 1124 pr_err("%s called without initializing sock", __func__); 1125 err = -EPERM; 1126 goto out; 1127 } 1128 1129 err = kernel_bind(sock, (struct sockaddr_unsized *)&args->addr, args->addrlen); 1130 out: 1131 mutex_unlock(&sock_lock); 1132 1133 return err; 1134 } 1135 1136 __bpf_kfunc int bpf_kfunc_call_kernel_listen(void) 1137 { 1138 int err; 1139 1140 mutex_lock(&sock_lock); 1141 1142 if (!sock) { 1143 pr_err("%s called without initializing sock", __func__); 1144 err = -EPERM; 1145 goto out; 1146 } 1147 1148 err = kernel_listen(sock, 128); 1149 out: 1150 mutex_unlock(&sock_lock); 1151 1152 return err; 1153 } 1154 1155 __bpf_kfunc int bpf_kfunc_call_kernel_sendmsg(struct sendmsg_args *args) 1156 { 1157 struct msghdr msg = { 1158 .msg_name = &args->addr.addr, 1159 .msg_namelen = args->addr.addrlen, 1160 }; 1161 struct kvec iov; 1162 int err; 1163 1164 if (args->addr.addrlen > sizeof(args->addr.addr) || 1165 args->msglen > sizeof(args->msg)) 1166 return -EINVAL; 1167 1168 iov.iov_base = args->msg; 1169 iov.iov_len = args->msglen; 1170 1171 mutex_lock(&sock_lock); 1172 1173 if (!sock) { 1174 pr_err("%s called without initializing sock", __func__); 1175 err = -EPERM; 1176 goto out; 1177 } 1178 1179 err = kernel_sendmsg(sock, &msg, &iov, 1, args->msglen); 1180 args->addr.addrlen = msg.msg_namelen; 1181 out: 1182 mutex_unlock(&sock_lock); 1183 1184 return err; 1185 } 1186 1187 __bpf_kfunc int bpf_kfunc_call_sock_sendmsg(struct sendmsg_args *args) 1188 { 1189 struct msghdr msg = { 1190 .msg_name = &args->addr.addr, 1191 .msg_namelen = args->addr.addrlen, 1192 }; 1193 struct kvec iov; 1194 int err; 1195 1196 if (args->addr.addrlen > sizeof(args->addr.addr) || 1197 args->msglen > sizeof(args->msg)) 1198 return -EINVAL; 1199 1200 iov.iov_base = args->msg; 1201 iov.iov_len = args->msglen; 1202 1203 iov_iter_kvec(&msg.msg_iter, ITER_SOURCE, &iov, 1, args->msglen); 1204 mutex_lock(&sock_lock); 1205 1206 if (!sock) { 1207 pr_err("%s called without initializing sock", __func__); 1208 err = -EPERM; 1209 goto out; 1210 } 1211 1212 err = sock_sendmsg(sock, &msg); 1213 args->addr.addrlen = msg.msg_namelen; 1214 out: 1215 mutex_unlock(&sock_lock); 1216 1217 return err; 1218 } 1219 1220 __bpf_kfunc int bpf_kfunc_call_kernel_getsockname(struct addr_args *args) 1221 { 1222 int err; 1223 1224 mutex_lock(&sock_lock); 1225 1226 if (!sock) { 1227 pr_err("%s called without initializing sock", __func__); 1228 err = -EPERM; 1229 goto out; 1230 } 1231 1232 err = kernel_getsockname(sock, (struct sockaddr *)&args->addr); 1233 if (err < 0) 1234 goto out; 1235 1236 args->addrlen = err; 1237 err = 0; 1238 out: 1239 mutex_unlock(&sock_lock); 1240 1241 return err; 1242 } 1243 1244 __bpf_kfunc int bpf_kfunc_call_kernel_getpeername(struct addr_args *args) 1245 { 1246 int err; 1247 1248 mutex_lock(&sock_lock); 1249 1250 if (!sock) { 1251 pr_err("%s called without initializing sock", __func__); 1252 err = -EPERM; 1253 goto out; 1254 } 1255 1256 err = kernel_getpeername(sock, (struct sockaddr *)&args->addr); 1257 if (err < 0) 1258 goto out; 1259 1260 args->addrlen = err; 1261 err = 0; 1262 out: 1263 mutex_unlock(&sock_lock); 1264 1265 return err; 1266 } 1267 1268 static DEFINE_MUTEX(st_ops_mutex); 1269 static struct bpf_testmod_st_ops *st_ops; 1270 1271 __bpf_kfunc int bpf_kfunc_st_ops_test_prologue(struct st_ops_args *args) 1272 { 1273 int ret = -1; 1274 1275 mutex_lock(&st_ops_mutex); 1276 if (st_ops && st_ops->test_prologue) 1277 ret = st_ops->test_prologue(args); 1278 mutex_unlock(&st_ops_mutex); 1279 1280 return ret; 1281 } 1282 1283 __bpf_kfunc int bpf_kfunc_st_ops_test_epilogue(struct st_ops_args *args) 1284 { 1285 int ret = -1; 1286 1287 mutex_lock(&st_ops_mutex); 1288 if (st_ops && st_ops->test_epilogue) 1289 ret = st_ops->test_epilogue(args); 1290 mutex_unlock(&st_ops_mutex); 1291 1292 return ret; 1293 } 1294 1295 __bpf_kfunc int bpf_kfunc_st_ops_test_pro_epilogue(struct st_ops_args *args) 1296 { 1297 int ret = -1; 1298 1299 mutex_lock(&st_ops_mutex); 1300 if (st_ops && st_ops->test_pro_epilogue) 1301 ret = st_ops->test_pro_epilogue(args); 1302 mutex_unlock(&st_ops_mutex); 1303 1304 return ret; 1305 } 1306 1307 __bpf_kfunc int bpf_kfunc_st_ops_inc10(struct st_ops_args *args) 1308 { 1309 args->a += 10; 1310 return args->a; 1311 } 1312 1313 __bpf_kfunc int bpf_kfunc_multi_st_ops_test_1(struct st_ops_args *args, u32 id); 1314 __bpf_kfunc int bpf_kfunc_multi_st_ops_test_1_assoc(struct st_ops_args *args, struct bpf_prog_aux *aux); 1315 1316 __bpf_kfunc int bpf_kfunc_implicit_arg(int a, struct bpf_prog_aux *aux); 1317 __bpf_kfunc int bpf_kfunc_implicit_arg_legacy(int a, int b, struct bpf_prog_aux *aux); 1318 __bpf_kfunc int bpf_kfunc_implicit_arg_legacy_impl(int a, int b, struct bpf_prog_aux *aux); 1319 1320 /* hook targets */ 1321 noinline void bpf_testmod_test_hardirq_fn(void) { barrier(); } 1322 noinline void bpf_testmod_test_softirq_fn(void) { barrier(); } 1323 1324 /* Tasklet for SoftIRQ context */ 1325 static void ctx_check_tasklet_fn(struct tasklet_struct *t) 1326 { 1327 bpf_testmod_test_softirq_fn(); 1328 } 1329 1330 DECLARE_TASKLET(ctx_check_tasklet, ctx_check_tasklet_fn); 1331 1332 /* IRQ Work for HardIRQ context */ 1333 static void ctx_check_irq_fn(struct irq_work *work) 1334 { 1335 bpf_testmod_test_hardirq_fn(); 1336 tasklet_schedule(&ctx_check_tasklet); 1337 } 1338 1339 static struct irq_work ctx_check_irq = IRQ_WORK_INIT_HARD(ctx_check_irq_fn); 1340 1341 /* The kfunc trigger */ 1342 __bpf_kfunc void bpf_kfunc_trigger_ctx_check(void) 1343 { 1344 irq_work_queue(&ctx_check_irq); 1345 } 1346 1347 BTF_KFUNCS_START(bpf_testmod_check_kfunc_ids) 1348 BTF_ID_FLAGS(func, bpf_testmod_test_mod_kfunc) 1349 BTF_ID_FLAGS(func, bpf_kfunc_call_test1) 1350 BTF_ID_FLAGS(func, bpf_kfunc_call_test2) 1351 BTF_ID_FLAGS(func, bpf_kfunc_call_test3) 1352 BTF_ID_FLAGS(func, bpf_kfunc_call_test4) 1353 BTF_ID_FLAGS(func, bpf_kfunc_call_test5) 1354 BTF_ID_FLAGS(func, bpf_kfunc_call_stack_arg) 1355 BTF_ID_FLAGS(func, bpf_kfunc_call_stack_arg_ptr) 1356 BTF_ID_FLAGS(func, bpf_kfunc_call_stack_arg_mix) 1357 BTF_ID_FLAGS(func, bpf_kfunc_call_stack_arg_dynptr) 1358 BTF_ID_FLAGS(func, bpf_kfunc_call_stack_arg_mem) 1359 BTF_ID_FLAGS(func, bpf_kfunc_call_stack_arg_iter) 1360 BTF_ID_FLAGS(func, bpf_kfunc_call_stack_arg_const_str) 1361 BTF_ID_FLAGS(func, bpf_kfunc_call_stack_arg_timer) 1362 BTF_ID_FLAGS(func, bpf_kfunc_call_stack_arg_big) 1363 BTF_ID_FLAGS(func, bpf_kfunc_call_test_mem_len_fail1) 1364 BTF_ID_FLAGS(func, bpf_kfunc_call_test_mem_len_fail2) 1365 BTF_ID_FLAGS(func, bpf_kfunc_call_test_acquire, KF_ACQUIRE | KF_RET_NULL) 1366 BTF_ID_FLAGS(func, bpf_kfunc_call_memb_acquire, KF_ACQUIRE | KF_RET_NULL) 1367 BTF_ID_FLAGS(func, bpf_kfunc_call_memb1_release, KF_RELEASE) 1368 BTF_ID_FLAGS(func, bpf_kfunc_call_test_get_rdwr_mem, KF_RET_NULL) 1369 BTF_ID_FLAGS(func, bpf_kfunc_call_test_get_rdonly_mem, KF_RET_NULL) 1370 BTF_ID_FLAGS(func, bpf_kfunc_call_test_acq_rdonly_mem, KF_ACQUIRE | KF_RET_NULL) 1371 BTF_ID_FLAGS(func, bpf_kfunc_call_int_mem_release, KF_RELEASE) 1372 BTF_ID_FLAGS(func, bpf_kfunc_call_test_pass_ctx) 1373 BTF_ID_FLAGS(func, bpf_kfunc_call_test_pass1) 1374 BTF_ID_FLAGS(func, bpf_kfunc_call_test_pass2) 1375 BTF_ID_FLAGS(func, bpf_kfunc_call_test_fail1) 1376 BTF_ID_FLAGS(func, bpf_kfunc_call_test_fail2) 1377 BTF_ID_FLAGS(func, bpf_kfunc_call_test_fail3) 1378 BTF_ID_FLAGS(func, bpf_kfunc_call_test_ref, KF_RCU) 1379 BTF_ID_FLAGS(func, bpf_kfunc_call_test_destructive, KF_DESTRUCTIVE) 1380 BTF_ID_FLAGS(func, bpf_kfunc_call_test_static_unused_arg) 1381 BTF_ID_FLAGS(func, bpf_kfunc_call_test_offset) 1382 BTF_ID_FLAGS(func, bpf_kfunc_call_test_sleepable, KF_SLEEPABLE) 1383 BTF_ID_FLAGS(func, bpf_kfunc_call_test_call_rcu_tasks_trace) 1384 BTF_ID_FLAGS(func, bpf_kfunc_init_sock, KF_SLEEPABLE) 1385 BTF_ID_FLAGS(func, bpf_kfunc_close_sock, KF_SLEEPABLE) 1386 BTF_ID_FLAGS(func, bpf_kfunc_call_kernel_connect, KF_SLEEPABLE) 1387 BTF_ID_FLAGS(func, bpf_kfunc_call_kernel_bind, KF_SLEEPABLE) 1388 BTF_ID_FLAGS(func, bpf_kfunc_call_kernel_listen, KF_SLEEPABLE) 1389 BTF_ID_FLAGS(func, bpf_kfunc_call_kernel_sendmsg, KF_SLEEPABLE) 1390 BTF_ID_FLAGS(func, bpf_kfunc_call_sock_sendmsg, KF_SLEEPABLE) 1391 BTF_ID_FLAGS(func, bpf_kfunc_call_kernel_getsockname, KF_SLEEPABLE) 1392 BTF_ID_FLAGS(func, bpf_kfunc_call_kernel_getpeername, KF_SLEEPABLE) 1393 BTF_ID_FLAGS(func, bpf_kfunc_st_ops_test_prologue, KF_SLEEPABLE) 1394 BTF_ID_FLAGS(func, bpf_kfunc_st_ops_test_epilogue, KF_SLEEPABLE) 1395 BTF_ID_FLAGS(func, bpf_kfunc_st_ops_test_pro_epilogue, KF_SLEEPABLE) 1396 BTF_ID_FLAGS(func, bpf_kfunc_st_ops_inc10) 1397 BTF_ID_FLAGS(func, bpf_kfunc_multi_st_ops_test_1) 1398 BTF_ID_FLAGS(func, bpf_kfunc_multi_st_ops_test_1_assoc, KF_IMPLICIT_ARGS) 1399 BTF_ID_FLAGS(func, bpf_kfunc_implicit_arg, KF_IMPLICIT_ARGS) 1400 BTF_ID_FLAGS(func, bpf_kfunc_implicit_arg_legacy, KF_IMPLICIT_ARGS) 1401 BTF_ID_FLAGS(func, bpf_kfunc_implicit_arg_legacy_impl) 1402 BTF_ID_FLAGS(func, bpf_kfunc_trigger_ctx_check) 1403 BTF_KFUNCS_END(bpf_testmod_check_kfunc_ids) 1404 1405 static int bpf_testmod_ops_init(struct btf *btf) 1406 { 1407 return 0; 1408 } 1409 1410 static bool bpf_testmod_ops_is_valid_access(int off, int size, 1411 enum bpf_access_type type, 1412 const struct bpf_prog *prog, 1413 struct bpf_insn_access_aux *info) 1414 { 1415 return bpf_tracing_btf_ctx_access(off, size, type, prog, info); 1416 } 1417 1418 static int bpf_testmod_ops_init_member(const struct btf_type *t, 1419 const struct btf_member *member, 1420 void *kdata, const void *udata) 1421 { 1422 if (member->offset == offsetof(struct bpf_testmod_ops, data) * 8) { 1423 /* For data fields, this function has to copy it and return 1424 * 1 to indicate that the data has been handled by the 1425 * struct_ops type, or the verifier will reject the map if 1426 * the value of the data field is not zero. 1427 */ 1428 ((struct bpf_testmod_ops *)kdata)->data = ((struct bpf_testmod_ops *)udata)->data; 1429 return 1; 1430 } 1431 return 0; 1432 } 1433 1434 static const struct btf_kfunc_id_set bpf_testmod_kfunc_set = { 1435 .owner = THIS_MODULE, 1436 .set = &bpf_testmod_check_kfunc_ids, 1437 }; 1438 1439 static const struct bpf_verifier_ops bpf_testmod_verifier_ops = { 1440 .get_func_proto = bpf_base_func_proto, 1441 .is_valid_access = bpf_testmod_ops_is_valid_access, 1442 }; 1443 1444 static const struct bpf_verifier_ops bpf_testmod_verifier_ops3 = { 1445 .is_valid_access = bpf_testmod_ops_is_valid_access, 1446 }; 1447 1448 static int bpf_dummy_reg(void *kdata, struct bpf_link *link) 1449 { 1450 struct bpf_testmod_ops *ops = kdata; 1451 1452 if (ops->test_1) 1453 ops->test_1(); 1454 /* Some test cases (ex. struct_ops_maybe_null) may not have test_2 1455 * initialized, so we need to check for NULL. 1456 */ 1457 if (ops->test_2) 1458 ops->test_2(4, ops->data); 1459 1460 return 0; 1461 } 1462 1463 static void bpf_dummy_unreg(void *kdata, struct bpf_link *link) 1464 { 1465 } 1466 1467 static int bpf_testmod_test_1(void) 1468 { 1469 return 0; 1470 } 1471 1472 static void bpf_testmod_test_2(int a, int b) 1473 { 1474 } 1475 1476 static int bpf_testmod_tramp(int value) 1477 { 1478 return 0; 1479 } 1480 1481 static int bpf_testmod_ops__test_maybe_null(int dummy, 1482 struct task_struct *task__nullable) 1483 { 1484 return 0; 1485 } 1486 1487 static int bpf_testmod_ops__test_refcounted(int dummy, 1488 struct task_struct *task__ref) 1489 { 1490 return 0; 1491 } 1492 1493 static int bpf_testmod_ops__test_refcounted_multi(int dummy, struct task_struct *task__nullable, 1494 struct task_struct *task__ref) 1495 { 1496 return 0; 1497 } 1498 1499 static struct task_struct * 1500 bpf_testmod_ops__test_return_ref_kptr(int dummy, struct task_struct *task__ref, 1501 struct cgroup *cgrp) 1502 { 1503 return NULL; 1504 } 1505 1506 static struct bpf_testmod_ops __bpf_testmod_ops = { 1507 .test_1 = bpf_testmod_test_1, 1508 .test_2 = bpf_testmod_test_2, 1509 .test_maybe_null = bpf_testmod_ops__test_maybe_null, 1510 .test_refcounted = bpf_testmod_ops__test_refcounted, 1511 .test_refcounted_multi = bpf_testmod_ops__test_refcounted_multi, 1512 .test_return_ref_kptr = bpf_testmod_ops__test_return_ref_kptr, 1513 }; 1514 1515 struct bpf_struct_ops bpf_bpf_testmod_ops = { 1516 .verifier_ops = &bpf_testmod_verifier_ops, 1517 .init = bpf_testmod_ops_init, 1518 .init_member = bpf_testmod_ops_init_member, 1519 .reg = bpf_dummy_reg, 1520 .unreg = bpf_dummy_unreg, 1521 .cfi_stubs = &__bpf_testmod_ops, 1522 .name = "bpf_testmod_ops", 1523 .owner = THIS_MODULE, 1524 }; 1525 1526 static int bpf_dummy_reg2(void *kdata, struct bpf_link *link) 1527 { 1528 struct bpf_testmod_ops2 *ops = kdata; 1529 1530 ops->test_1(); 1531 return 0; 1532 } 1533 1534 static struct bpf_testmod_ops2 __bpf_testmod_ops2 = { 1535 .test_1 = bpf_testmod_test_1, 1536 }; 1537 1538 struct bpf_struct_ops bpf_testmod_ops2 = { 1539 .verifier_ops = &bpf_testmod_verifier_ops, 1540 .init = bpf_testmod_ops_init, 1541 .init_member = bpf_testmod_ops_init_member, 1542 .reg = bpf_dummy_reg2, 1543 .unreg = bpf_dummy_unreg, 1544 .cfi_stubs = &__bpf_testmod_ops2, 1545 .name = "bpf_testmod_ops2", 1546 .owner = THIS_MODULE, 1547 }; 1548 1549 static int st_ops3_reg(void *kdata, struct bpf_link *link) 1550 { 1551 int err = 0; 1552 1553 mutex_lock(&st_ops_mutex); 1554 if (st_ops3) { 1555 pr_err("st_ops has already been registered\n"); 1556 err = -EEXIST; 1557 goto unlock; 1558 } 1559 st_ops3 = kdata; 1560 1561 unlock: 1562 mutex_unlock(&st_ops_mutex); 1563 return err; 1564 } 1565 1566 static void st_ops3_unreg(void *kdata, struct bpf_link *link) 1567 { 1568 mutex_lock(&st_ops_mutex); 1569 st_ops3 = NULL; 1570 mutex_unlock(&st_ops_mutex); 1571 } 1572 1573 static void test_1_recursion_detected(struct bpf_prog *prog) 1574 { 1575 struct bpf_prog_stats *stats; 1576 1577 stats = this_cpu_ptr(prog->stats); 1578 printk("bpf_testmod: oh no, recursing into test_1, recursion_misses %llu", 1579 u64_stats_read(&stats->misses)); 1580 } 1581 1582 static int st_ops3_check_member(const struct btf_type *t, 1583 const struct btf_member *member, 1584 const struct bpf_prog *prog) 1585 { 1586 u32 moff = __btf_member_bit_offset(t, member) / 8; 1587 1588 switch (moff) { 1589 case offsetof(struct bpf_testmod_ops3, test_1): 1590 prog->aux->priv_stack_requested = true; 1591 prog->aux->recursion_detected = test_1_recursion_detected; 1592 fallthrough; 1593 default: 1594 break; 1595 } 1596 return 0; 1597 } 1598 1599 struct bpf_struct_ops bpf_testmod_ops3 = { 1600 .verifier_ops = &bpf_testmod_verifier_ops3, 1601 .init = bpf_testmod_ops_init, 1602 .init_member = bpf_testmod_ops_init_member, 1603 .reg = st_ops3_reg, 1604 .unreg = st_ops3_unreg, 1605 .check_member = st_ops3_check_member, 1606 .cfi_stubs = &__bpf_testmod_ops3, 1607 .name = "bpf_testmod_ops3", 1608 .owner = THIS_MODULE, 1609 }; 1610 1611 static int bpf_test_mod_st_ops__test_prologue(struct st_ops_args *args) 1612 { 1613 return 0; 1614 } 1615 1616 static int bpf_test_mod_st_ops__test_epilogue(struct st_ops_args *args) 1617 { 1618 return 0; 1619 } 1620 1621 static int bpf_test_mod_st_ops__test_pro_epilogue(struct st_ops_args *args) 1622 { 1623 return 0; 1624 } 1625 1626 static int bpf_cgroup_from_id_id; 1627 static int bpf_cgroup_release_id; 1628 1629 static int st_ops_gen_prologue_with_kfunc(struct bpf_insn *insn_buf, bool direct_write, 1630 const struct bpf_prog *prog) 1631 { 1632 struct bpf_insn *insn = insn_buf; 1633 1634 /* r8 = r1; // r8 will be "u64 *ctx". 1635 * r1 = 0; 1636 * r0 = bpf_cgroup_from_id(r1); 1637 * if r0 != 0 goto pc+5; 1638 * r6 = r8[0]; // r6 will be "struct st_ops *args". 1639 * r7 = r6->a; 1640 * r7 += 1000; 1641 * r6->a = r7; 1642 * goto pc+2; 1643 * r1 = r0; 1644 * bpf_cgroup_release(r1); 1645 * r1 = r8; 1646 */ 1647 *insn++ = BPF_MOV64_REG(BPF_REG_8, BPF_REG_1); 1648 *insn++ = BPF_MOV64_IMM(BPF_REG_1, 0); 1649 *insn++ = BPF_CALL_KFUNC(0, bpf_cgroup_from_id_id); 1650 *insn++ = BPF_JMP_IMM(BPF_JNE, BPF_REG_0, 0, 5); 1651 *insn++ = BPF_LDX_MEM(BPF_DW, BPF_REG_6, BPF_REG_8, 0); 1652 *insn++ = BPF_LDX_MEM(BPF_DW, BPF_REG_7, BPF_REG_6, offsetof(struct st_ops_args, a)); 1653 *insn++ = BPF_ALU64_IMM(BPF_ADD, BPF_REG_7, 1000); 1654 *insn++ = BPF_STX_MEM(BPF_DW, BPF_REG_6, BPF_REG_7, offsetof(struct st_ops_args, a)); 1655 *insn++ = BPF_JMP_IMM(BPF_JA, 0, 0, 2); 1656 *insn++ = BPF_MOV64_REG(BPF_REG_1, BPF_REG_0); 1657 *insn++ = BPF_CALL_KFUNC(0, bpf_cgroup_release_id); 1658 *insn++ = BPF_MOV64_REG(BPF_REG_1, BPF_REG_8); 1659 *insn++ = prog->insnsi[0]; 1660 1661 return insn - insn_buf; 1662 } 1663 1664 static int st_ops_gen_epilogue_with_kfunc(struct bpf_insn *insn_buf, const struct bpf_prog *prog, 1665 s16 ctx_stack_off) 1666 { 1667 struct bpf_insn *insn = insn_buf; 1668 1669 /* r1 = 0; 1670 * r6 = 0; 1671 * r0 = bpf_cgroup_from_id(r1); 1672 * if r0 != 0 goto pc+6; 1673 * r1 = stack[ctx_stack_off]; // r1 will be "u64 *ctx" 1674 * r1 = r1[0]; // r1 will be "struct st_ops *args" 1675 * r6 = r1->a; 1676 * r6 += 10000; 1677 * r1->a = r6; 1678 * goto pc+2 1679 * r1 = r0; 1680 * bpf_cgroup_release(r1); 1681 * r0 = r6; 1682 * r0 *= 2; 1683 * BPF_EXIT; 1684 */ 1685 *insn++ = BPF_MOV64_IMM(BPF_REG_1, 0); 1686 *insn++ = BPF_MOV64_IMM(BPF_REG_6, 0); 1687 *insn++ = BPF_CALL_KFUNC(0, bpf_cgroup_from_id_id); 1688 *insn++ = BPF_JMP_IMM(BPF_JNE, BPF_REG_0, 0, 6); 1689 *insn++ = BPF_LDX_MEM(BPF_DW, BPF_REG_1, BPF_REG_FP, ctx_stack_off); 1690 *insn++ = BPF_LDX_MEM(BPF_DW, BPF_REG_1, BPF_REG_1, 0); 1691 *insn++ = BPF_LDX_MEM(BPF_DW, BPF_REG_6, BPF_REG_1, offsetof(struct st_ops_args, a)); 1692 *insn++ = BPF_ALU64_IMM(BPF_ADD, BPF_REG_6, 10000); 1693 *insn++ = BPF_STX_MEM(BPF_DW, BPF_REG_1, BPF_REG_6, offsetof(struct st_ops_args, a)); 1694 *insn++ = BPF_JMP_IMM(BPF_JA, 0, 0, 2); 1695 *insn++ = BPF_MOV64_REG(BPF_REG_1, BPF_REG_0); 1696 *insn++ = BPF_CALL_KFUNC(0, bpf_cgroup_release_id); 1697 *insn++ = BPF_MOV64_REG(BPF_REG_0, BPF_REG_6); 1698 *insn++ = BPF_ALU64_IMM(BPF_MUL, BPF_REG_0, 2); 1699 *insn++ = BPF_EXIT_INSN(); 1700 1701 return insn - insn_buf; 1702 } 1703 1704 #define KFUNC_PRO_EPI_PREFIX "test_kfunc_" 1705 static int st_ops_gen_prologue(struct bpf_insn *insn_buf, bool direct_write, 1706 const struct bpf_prog *prog) 1707 { 1708 struct bpf_insn *insn = insn_buf; 1709 1710 if (strcmp(prog->aux->attach_func_name, "test_prologue") && 1711 strcmp(prog->aux->attach_func_name, "test_pro_epilogue")) 1712 return 0; 1713 1714 if (!strncmp(prog->aux->name, KFUNC_PRO_EPI_PREFIX, strlen(KFUNC_PRO_EPI_PREFIX))) 1715 return st_ops_gen_prologue_with_kfunc(insn_buf, direct_write, prog); 1716 1717 /* r6 = r1[0]; // r6 will be "struct st_ops *args". r1 is "u64 *ctx". 1718 * r7 = r6->a; 1719 * r7 += 1000; 1720 * r6->a = r7; 1721 */ 1722 *insn++ = BPF_LDX_MEM(BPF_DW, BPF_REG_6, BPF_REG_1, 0); 1723 *insn++ = BPF_LDX_MEM(BPF_DW, BPF_REG_7, BPF_REG_6, offsetof(struct st_ops_args, a)); 1724 *insn++ = BPF_ALU64_IMM(BPF_ADD, BPF_REG_7, 1000); 1725 *insn++ = BPF_STX_MEM(BPF_DW, BPF_REG_6, BPF_REG_7, offsetof(struct st_ops_args, a)); 1726 *insn++ = prog->insnsi[0]; 1727 1728 return insn - insn_buf; 1729 } 1730 1731 static int st_ops_gen_epilogue(struct bpf_insn *insn_buf, const struct bpf_prog *prog, 1732 s16 ctx_stack_off) 1733 { 1734 struct bpf_insn *insn = insn_buf; 1735 1736 if (strcmp(prog->aux->attach_func_name, "test_epilogue") && 1737 strcmp(prog->aux->attach_func_name, "test_pro_epilogue")) 1738 return 0; 1739 1740 if (!strncmp(prog->aux->name, KFUNC_PRO_EPI_PREFIX, strlen(KFUNC_PRO_EPI_PREFIX))) 1741 return st_ops_gen_epilogue_with_kfunc(insn_buf, prog, ctx_stack_off); 1742 1743 /* r1 = stack[ctx_stack_off]; // r1 will be "u64 *ctx" 1744 * r1 = r1[0]; // r1 will be "struct st_ops *args" 1745 * r6 = r1->a; 1746 * r6 += 10000; 1747 * r1->a = r6; 1748 * r0 = r6; 1749 * r0 *= 2; 1750 * BPF_EXIT; 1751 */ 1752 *insn++ = BPF_LDX_MEM(BPF_DW, BPF_REG_1, BPF_REG_FP, ctx_stack_off); 1753 *insn++ = BPF_LDX_MEM(BPF_DW, BPF_REG_1, BPF_REG_1, 0); 1754 *insn++ = BPF_LDX_MEM(BPF_DW, BPF_REG_6, BPF_REG_1, offsetof(struct st_ops_args, a)); 1755 *insn++ = BPF_ALU64_IMM(BPF_ADD, BPF_REG_6, 10000); 1756 *insn++ = BPF_STX_MEM(BPF_DW, BPF_REG_1, BPF_REG_6, offsetof(struct st_ops_args, a)); 1757 *insn++ = BPF_MOV64_REG(BPF_REG_0, BPF_REG_6); 1758 *insn++ = BPF_ALU64_IMM(BPF_MUL, BPF_REG_0, 2); 1759 *insn++ = BPF_EXIT_INSN(); 1760 1761 return insn - insn_buf; 1762 } 1763 1764 static int st_ops_btf_struct_access(struct bpf_verifier_log *log, 1765 const struct bpf_reg_state *reg, 1766 int off, int size) 1767 { 1768 if (off < 0 || off + size > sizeof(struct st_ops_args)) 1769 return -EACCES; 1770 return 0; 1771 } 1772 1773 static const struct bpf_verifier_ops st_ops_verifier_ops = { 1774 .is_valid_access = bpf_testmod_ops_is_valid_access, 1775 .btf_struct_access = st_ops_btf_struct_access, 1776 .gen_prologue = st_ops_gen_prologue, 1777 .gen_epilogue = st_ops_gen_epilogue, 1778 .get_func_proto = bpf_base_func_proto, 1779 }; 1780 1781 static struct bpf_testmod_st_ops st_ops_cfi_stubs = { 1782 .test_prologue = bpf_test_mod_st_ops__test_prologue, 1783 .test_epilogue = bpf_test_mod_st_ops__test_epilogue, 1784 .test_pro_epilogue = bpf_test_mod_st_ops__test_pro_epilogue, 1785 }; 1786 1787 static int st_ops_reg(void *kdata, struct bpf_link *link) 1788 { 1789 int err = 0; 1790 1791 mutex_lock(&st_ops_mutex); 1792 if (st_ops) { 1793 pr_err("st_ops has already been registered\n"); 1794 err = -EEXIST; 1795 goto unlock; 1796 } 1797 st_ops = kdata; 1798 1799 unlock: 1800 mutex_unlock(&st_ops_mutex); 1801 return err; 1802 } 1803 1804 static void st_ops_unreg(void *kdata, struct bpf_link *link) 1805 { 1806 mutex_lock(&st_ops_mutex); 1807 st_ops = NULL; 1808 mutex_unlock(&st_ops_mutex); 1809 } 1810 1811 static int st_ops_init(struct btf *btf) 1812 { 1813 struct btf *kfunc_btf; 1814 1815 bpf_cgroup_from_id_id = bpf_find_btf_id("bpf_cgroup_from_id", BTF_KIND_FUNC, &kfunc_btf); 1816 bpf_cgroup_release_id = bpf_find_btf_id("bpf_cgroup_release", BTF_KIND_FUNC, &kfunc_btf); 1817 if (bpf_cgroup_from_id_id < 0 || bpf_cgroup_release_id < 0) 1818 return -EINVAL; 1819 1820 return 0; 1821 } 1822 1823 static int st_ops_init_member(const struct btf_type *t, 1824 const struct btf_member *member, 1825 void *kdata, const void *udata) 1826 { 1827 return 0; 1828 } 1829 1830 static struct bpf_struct_ops testmod_st_ops = { 1831 .verifier_ops = &st_ops_verifier_ops, 1832 .init = st_ops_init, 1833 .init_member = st_ops_init_member, 1834 .reg = st_ops_reg, 1835 .unreg = st_ops_unreg, 1836 .cfi_stubs = &st_ops_cfi_stubs, 1837 .name = "bpf_testmod_st_ops", 1838 .owner = THIS_MODULE, 1839 }; 1840 1841 struct hlist_head multi_st_ops_list; 1842 static DEFINE_SPINLOCK(multi_st_ops_lock); 1843 1844 static int multi_st_ops_init(struct btf *btf) 1845 { 1846 spin_lock_init(&multi_st_ops_lock); 1847 INIT_HLIST_HEAD(&multi_st_ops_list); 1848 1849 return 0; 1850 } 1851 1852 static int multi_st_ops_init_member(const struct btf_type *t, 1853 const struct btf_member *member, 1854 void *kdata, const void *udata) 1855 { 1856 return 0; 1857 } 1858 1859 static struct bpf_testmod_multi_st_ops *multi_st_ops_find_nolock(u32 id) 1860 { 1861 struct bpf_testmod_multi_st_ops *st_ops; 1862 1863 hlist_for_each_entry(st_ops, &multi_st_ops_list, node) { 1864 if (st_ops->id == id) 1865 return st_ops; 1866 } 1867 1868 return NULL; 1869 } 1870 1871 /* Call test_1() of the struct_ops map identified by the id */ 1872 int bpf_kfunc_multi_st_ops_test_1(struct st_ops_args *args, u32 id) 1873 { 1874 struct bpf_testmod_multi_st_ops *st_ops; 1875 unsigned long flags; 1876 int ret = -1; 1877 1878 spin_lock_irqsave(&multi_st_ops_lock, flags); 1879 st_ops = multi_st_ops_find_nolock(id); 1880 if (st_ops) 1881 ret = st_ops->test_1(args); 1882 spin_unlock_irqrestore(&multi_st_ops_lock, flags); 1883 1884 return ret; 1885 } 1886 1887 /* Call test_1() of the associated struct_ops map */ 1888 int bpf_kfunc_multi_st_ops_test_1_assoc(struct st_ops_args *args, struct bpf_prog_aux *aux) 1889 { 1890 struct bpf_testmod_multi_st_ops *st_ops; 1891 int ret = -1; 1892 1893 st_ops = (struct bpf_testmod_multi_st_ops *)bpf_prog_get_assoc_struct_ops(aux); 1894 if (st_ops) 1895 ret = st_ops->test_1(args); 1896 1897 return ret; 1898 } 1899 1900 int bpf_kfunc_implicit_arg(int a, struct bpf_prog_aux *aux) 1901 { 1902 if (aux && a > 0) 1903 return a; 1904 return -EINVAL; 1905 } 1906 1907 int bpf_kfunc_implicit_arg_legacy(int a, int b, struct bpf_prog_aux *aux) 1908 { 1909 if (aux) 1910 return a + b; 1911 return -EINVAL; 1912 } 1913 1914 int bpf_kfunc_implicit_arg_legacy_impl(int a, int b, struct bpf_prog_aux *aux) 1915 { 1916 return bpf_kfunc_implicit_arg_legacy(a, b, aux); 1917 } 1918 1919 static int multi_st_ops_reg(void *kdata, struct bpf_link *link) 1920 { 1921 struct bpf_testmod_multi_st_ops *st_ops = 1922 (struct bpf_testmod_multi_st_ops *)kdata; 1923 unsigned long flags; 1924 int err = 0; 1925 u32 id; 1926 1927 if (!st_ops->test_1) 1928 return -EINVAL; 1929 1930 id = bpf_struct_ops_id(kdata); 1931 1932 spin_lock_irqsave(&multi_st_ops_lock, flags); 1933 if (multi_st_ops_find_nolock(id)) { 1934 pr_err("multi_st_ops(id:%d) has already been registered\n", id); 1935 err = -EEXIST; 1936 goto unlock; 1937 } 1938 1939 st_ops->id = id; 1940 hlist_add_head(&st_ops->node, &multi_st_ops_list); 1941 unlock: 1942 spin_unlock_irqrestore(&multi_st_ops_lock, flags); 1943 1944 return err; 1945 } 1946 1947 static void multi_st_ops_unreg(void *kdata, struct bpf_link *link) 1948 { 1949 struct bpf_testmod_multi_st_ops *st_ops; 1950 unsigned long flags; 1951 u32 id; 1952 1953 id = bpf_struct_ops_id(kdata); 1954 1955 spin_lock_irqsave(&multi_st_ops_lock, flags); 1956 st_ops = multi_st_ops_find_nolock(id); 1957 if (st_ops) 1958 hlist_del(&st_ops->node); 1959 spin_unlock_irqrestore(&multi_st_ops_lock, flags); 1960 } 1961 1962 static int bpf_testmod_multi_st_ops__test_1(struct st_ops_args *args) 1963 { 1964 return 0; 1965 } 1966 1967 static struct bpf_testmod_multi_st_ops multi_st_ops_cfi_stubs = { 1968 .test_1 = bpf_testmod_multi_st_ops__test_1, 1969 }; 1970 1971 struct bpf_struct_ops testmod_multi_st_ops = { 1972 .verifier_ops = &bpf_testmod_verifier_ops, 1973 .init = multi_st_ops_init, 1974 .init_member = multi_st_ops_init_member, 1975 .reg = multi_st_ops_reg, 1976 .unreg = multi_st_ops_unreg, 1977 .cfi_stubs = &multi_st_ops_cfi_stubs, 1978 .name = "bpf_testmod_multi_st_ops", 1979 .owner = THIS_MODULE, 1980 }; 1981 1982 extern int bpf_fentry_test1(int a); 1983 1984 BTF_KFUNCS_START(bpf_testmod_trampoline_count_ids) 1985 BTF_ID_FLAGS(func, bpf_testmod_trampoline_count_test) 1986 BTF_KFUNCS_END(bpf_testmod_trampoline_count_ids) 1987 1988 static const struct 1989 btf_kfunc_id_set bpf_testmod_trampoline_count_fmodret_set = { 1990 .owner = THIS_MODULE, 1991 .set = &bpf_testmod_trampoline_count_ids, 1992 }; 1993 1994 static int bpf_testmod_init(void) 1995 { 1996 const struct btf_id_dtor_kfunc bpf_testmod_dtors[] = { 1997 { 1998 .btf_id = bpf_testmod_dtor_ids[0], 1999 .kfunc_btf_id = bpf_testmod_dtor_ids[1] 2000 }, 2001 }; 2002 void **tramp; 2003 int ret; 2004 2005 ret = register_btf_kfunc_id_set(BPF_PROG_TYPE_UNSPEC, &bpf_testmod_common_kfunc_set); 2006 ret = ret ?: register_btf_kfunc_id_set(BPF_PROG_TYPE_SCHED_CLS, &bpf_testmod_kfunc_set); 2007 ret = ret ?: register_btf_kfunc_id_set(BPF_PROG_TYPE_TRACING, &bpf_testmod_kfunc_set); 2008 ret = ret ?: register_btf_kfunc_id_set(BPF_PROG_TYPE_SYSCALL, &bpf_testmod_kfunc_set); 2009 ret = ret ?: register_btf_kfunc_id_set(BPF_PROG_TYPE_STRUCT_OPS, &bpf_testmod_kfunc_set); 2010 ret = ret ?: register_btf_fmodret_id_set(&bpf_testmod_trampoline_count_fmodret_set); 2011 ret = ret ?: register_bpf_struct_ops(&bpf_bpf_testmod_ops, bpf_testmod_ops); 2012 ret = ret ?: register_bpf_struct_ops(&bpf_testmod_ops2, bpf_testmod_ops2); 2013 ret = ret ?: register_bpf_struct_ops(&bpf_testmod_ops3, bpf_testmod_ops3); 2014 ret = ret ?: register_bpf_struct_ops(&testmod_st_ops, bpf_testmod_st_ops); 2015 ret = ret ?: register_bpf_struct_ops(&testmod_multi_st_ops, bpf_testmod_multi_st_ops); 2016 ret = ret ?: register_btf_id_dtor_kfuncs(bpf_testmod_dtors, 2017 ARRAY_SIZE(bpf_testmod_dtors), 2018 THIS_MODULE); 2019 if (ret < 0) 2020 return ret; 2021 if (bpf_fentry_test1(0) < 0) 2022 return -EINVAL; 2023 sock = NULL; 2024 mutex_init(&sock_lock); 2025 ret = sysfs_create_bin_file(kernel_kobj, &bin_attr_bpf_testmod_file); 2026 if (ret < 0) 2027 return ret; 2028 ret = register_bpf_testmod_uprobe(); 2029 if (ret < 0) 2030 return ret; 2031 2032 /* Ensure nothing is between tramp_1..tramp_40 */ 2033 BUILD_BUG_ON(offsetof(struct bpf_testmod_ops, tramp_1) + 40 * sizeof(long) != 2034 offsetofend(struct bpf_testmod_ops, tramp_40)); 2035 tramp = (void **)&__bpf_testmod_ops.tramp_1; 2036 while (tramp <= (void **)&__bpf_testmod_ops.tramp_40) 2037 *tramp++ = bpf_testmod_tramp; 2038 2039 return 0; 2040 } 2041 2042 static void bpf_testmod_exit(void) 2043 { 2044 /* Need to wait for all references to be dropped because 2045 * bpf_kfunc_call_test_release() which currently resides in kernel can 2046 * be called after bpf_testmod is unloaded. Once release function is 2047 * moved into the module this wait can be removed. 2048 */ 2049 while (refcount_read(&prog_test_struct.cnt) > 1) 2050 msleep(20); 2051 2052 /* Clean up irqwork and tasklet */ 2053 irq_work_sync(&ctx_check_irq); 2054 tasklet_kill(&ctx_check_tasklet); 2055 2056 bpf_kfunc_close_sock(); 2057 sysfs_remove_bin_file(kernel_kobj, &bin_attr_bpf_testmod_file); 2058 unregister_bpf_testmod_uprobe(); 2059 } 2060 2061 module_init(bpf_testmod_init); 2062 module_exit(bpf_testmod_exit); 2063 2064 MODULE_AUTHOR("Andrii Nakryiko"); 2065 MODULE_DESCRIPTION("BPF selftests module"); 2066 MODULE_LICENSE("Dual BSD/GPL"); 2067