From: Yonghong Song <yhs@fb.com>
To: <bpf@vger.kernel.org>
Cc: Alexei Starovoitov <ast@kernel.org>,
Andrii Nakryiko <andrii@kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>, <kernel-team@fb.com>,
Martin KaFai Lau <martin.lau@kernel.org>
Subject: [PATCH bpf-next v5 0/7] bpf: Add bpf_rcu_read_lock() support
Date: Fri, 11 Nov 2022 08:57:34 -0800 [thread overview]
Message-ID: <20221111165734.2524596-1-yhs@fb.com> (raw)
Currently, without rcu attribute info in BTF, the verifier treats
rcu tagged pointer as a normal pointer. This might be a problem
for sleepable program where rcu_read_lock()/unlock() is not available.
For example, for a sleepable fentry program, if rcu protected memory
access is interleaved with a sleepable helper/kfunc, it is possible
the memory access after the sleepable helper/kfunc might be invalid
since the object might have been freed then. Even without
a sleepable helper/kfunc, without rcu_read_lock() protection,
it is possible that the rcu protected object might be release
in the middle of bpf program execution which may cause incorrect
result.
To prevent above cases, enable btf_type_tag("rcu") attributes,
introduce new bpf_rcu_read_lock/unlock() kfuncs and add verifier support.
In the rest of patch set, Patch 1 enabled btf_type_tag for __rcu
attribute. Patche 2 is a refactoring patch. Patch 3 added new
bpf_rcu_read_lock/unlock() kfuncs. Patch 4 added verifier support
and Patch 5 enabled sleepable program support for cgrp local storage.
Patch 6 added some tests for new helpers and verifier support and
Patch 7 added new test to the deny list for s390x arch.
Changelogs:
v4 -> v5:
. add new test to aarch64 deny list.
v3 -> v4:
. fix selftest failures when built with gcc. gcc doesn't support
btf_type_tag yet and some tests relies on that. skip these
tests if vmlinux BTF does not have btf_type_tag("rcu").
v2 -> v3:
. went back to MEM_RCU approach with invalidate rcu ptr registers
at bpf_rcu_read_unlock() place.
. remove KF_RCU_LOCK/UNLOCK flag and compare btf_id at verification
time instead.
v1 -> v2:
. use kfunc instead of helper for bpf_rcu_read_lock/unlock.
. not use MEM_RCU bpf_type_flag, instead use active_rcu_lock
in reg state to identify rcu ptr's.
. Add more self tests.
. add new test to s390x deny list.
Yonghong Song (7):
compiler_types: Define __rcu as __attribute__((btf_type_tag("rcu")))
bpf: Abstract out functions to check sleepable helpers
bpf: Add kfunc bpf_rcu_read_lock/unlock()
bpf: Add bpf_rcu_read_lock() verifier support
bpf: Enable sleeptable support for cgrp local storage
selftests/bpf: Add tests for bpf_rcu_read_lock()
selftests/bpf: Add rcu_read_lock test to s390x/aarch64 deny lists
include/linux/bpf.h | 6 +
include/linux/bpf_lsm.h | 6 +
include/linux/bpf_verifier.h | 4 +
include/linux/compiler_types.h | 3 +-
include/linux/trace_events.h | 8 +
kernel/bpf/bpf_lsm.c | 20 +-
kernel/bpf/btf.c | 39 +-
kernel/bpf/helpers.c | 25 +-
kernel/bpf/verifier.c | 125 +++++-
kernel/trace/bpf_trace.c | 22 +-
tools/testing/selftests/bpf/DENYLIST.aarch64 | 1 +
tools/testing/selftests/bpf/DENYLIST.s390x | 1 +
.../selftests/bpf/prog_tests/rcu_read_lock.c | 166 ++++++++
.../selftests/bpf/progs/rcu_read_lock.c | 355 ++++++++++++++++++
14 files changed, 759 insertions(+), 22 deletions(-)
create mode 100644 tools/testing/selftests/bpf/prog_tests/rcu_read_lock.c
create mode 100644 tools/testing/selftests/bpf/progs/rcu_read_lock.c
--
2.30.2
next reply other threads:[~2022-11-11 16:57 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-11 16:57 Yonghong Song [this message]
2022-11-11 16:57 ` [PATCH bpf-next v5 1/7] compiler_types: Define __rcu as __attribute__((btf_type_tag("rcu"))) Yonghong Song
2022-11-11 16:57 ` [PATCH bpf-next v5 2/7] bpf: Abstract out functions to check sleepable helpers Yonghong Song
2022-11-11 16:57 ` [PATCH bpf-next v5 3/7] bpf: Add kfunc bpf_rcu_read_lock/unlock() Yonghong Song
2022-11-11 16:57 ` [PATCH bpf-next v5 4/7] bpf: Add bpf_rcu_read_lock() verifier support Yonghong Song
2022-11-11 16:58 ` [PATCH bpf-next v5 5/7] bpf: Enable sleeptable support for cgrp local storage Yonghong Song
2022-11-11 16:58 ` [PATCH bpf-next v5 6/7] selftests/bpf: Add tests for bpf_rcu_read_lock() Yonghong Song
2022-11-15 6:50 ` Martin KaFai Lau
2022-11-16 5:33 ` Yonghong Song
2022-11-11 16:58 ` [PATCH bpf-next v5 7/7] selftests/bpf: Add rcu_read_lock test to s390x/aarch64 deny lists Yonghong Song
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221111165734.2524596-1-yhs@fb.com \
--to=yhs@fb.com \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=kernel-team@fb.com \
--cc=martin.lau@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.