From: Eduard Zingerman <eddyz87@gmail.com>
To: Kumar Kartikeya Dwivedi <memxor@gmail.com>, bpf@vger.kernel.org
Cc: kkd@meta.com, Alexei Starovoitov <ast@kernel.org>,
Andrii Nakryiko <andrii@kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>,
Martin KaFai Lau <martin.lau@kernel.org>,
kernel-team@fb.com
Subject: Re: [PATCH bpf-next v1 5/7] bpf: Introduce support for bpf_local_irq_{save,restore}
Date: Thu, 21 Nov 2024 12:21:02 -0800 [thread overview]
Message-ID: <c49e756f6e4ef492a68b7cd3b856240282963f8e.camel@gmail.com> (raw)
In-Reply-To: <20241121005329.408873-6-memxor@gmail.com>
On Wed, 2024-11-20 at 16:53 -0800, Kumar Kartikeya Dwivedi wrote:
> Teach the verifier about IRQ-disabled sections through the introduction
> of two new kfuncs, bpf_local_irq_save, to save IRQ state and disable
> them, and bpf_local_irq_restore, to restore IRQ state and enable them
> back again.
>
> For the purposes of tracking the saved IRQ state, the verifier is taught
> about a new special object on the stack of type STACK_IRQ_FLAG. This is
> a 8 byte value which saves the IRQ flags which are to be passed back to
> the IRQ restore kfunc.
>
> To track a dynamic number of IRQ-disabled regions and their associated
> saved states, a new resource type RES_TYPE_IRQ is introduced, which its
> state management functions: acquire_irq_state and release_irq_state,
> taking advantage of the refactoring and clean ups made in earlier
> commits.
>
> One notable requirement of the kernel's IRQ save and restore API is that
> they cannot happen out of order. For this purpose, resource state is
> extended with a new type-specific member 'prev_id'. This is used to
> remember the ordering of acquisitions of IRQ saved states, so that we
> maintain a logical stack in acquisition order of resource identities,
> and can enforce LIFO ordering when restoring IRQ state. The top of the
> stack is maintained using bpf_func_state's active_irq_id.
>
> The logic to detect initialized and unitialized irq flag slots, marking
> and unmarking is similar to how it's done for iterators. We do need to
> update ressafe to perform check_ids based satisfiability check, and
> additionally match prev_id for RES_TYPE_IRQ entries in the resource
> array.
>
> The kfuncs themselves are plain wrappers over local_irq_save and
> local_irq_restore macros.
>
> Signed-off-by: Kumar Kartikeya Dwivedi <memxor@gmail.com>
> ---
I think this matches what is done for iterators and dynptrs.
Acked-by: Eduard Zingerman <eddyz87@gmail.com>
[...]
> @@ -263,10 +267,16 @@ struct bpf_resource_state {
> * is used purely to inform the user of a resource leak.
> */
> int insn_idx;
> - /* Use to keep track of the source object of a lock, to ensure
> - * it matches on unlock.
> - */
> - void *ptr;
> + union {
> + /* Use to keep track of the source object of a lock, to ensure
> + * it matches on unlock.
> + */
> + void *ptr;
> + /* Track the reference id preceding the IRQ entry in acquisition
> + * order, to enforce an ordering on the release.
> + */
> + int prev_id;
> + };
Nit: Do we anticipate any other resource kinds that would need LIFO acquire/release?
If we do, an alternative to prev_id would be to organize bpf_func_state->res as
a stack (by changing erase_resource_state() implementation).
[...]
> diff --git a/kernel/bpf/helpers.c b/kernel/bpf/helpers.c
> index 751c150f9e1c..302f0d5976be 100644
> --- a/kernel/bpf/helpers.c
> +++ b/kernel/bpf/helpers.c
> @@ -3057,6 +3057,28 @@ __bpf_kfunc int bpf_copy_from_user_str(void *dst, u32 dst__sz, const void __user
> return ret + 1;
> }
>
> +/* Keep unsinged long in prototype so that kfunc is usable when emitted to
> + * vmlinux.h in BPF programs directly, but since unsigned long may potentially
> + * be 4 byte, always cast to u64 when reading/writing from this pointer as it
> + * always points to an 8-byte memory region in BPF stack.
> + */
> +__bpf_kfunc void bpf_local_irq_save(unsigned long *flags__irq_flag)
Nit: 'unsigned long long' is guaranteed to be at-least 64 bit.
What would go wrong if 'u64' is used here?
> +{
> + u64 *ptr = (u64 *)flags__irq_flag;
> + unsigned long flags;
> +
> + local_irq_save(flags);
> + *ptr = flags;
> +}
[...]
> @@ -1447,7 +1607,7 @@ static struct bpf_resource_state *find_lock_state(struct bpf_func_state *state,
> for (i = 0; i < state->acquired_res; i++) {
> struct bpf_resource_state *s = &state->res[i];
>
> - if (s->type == RES_TYPE_PTR || s->type != type)
> + if (s->type < __RES_TYPE_LOCK_BEGIN || s->type != type)
Nit: I think this would be easier to read if there was a bitmask
associated with lock types.
> continue;
>
> if (s->id == id && s->ptr == ptr)
[...]
next prev parent reply other threads:[~2024-11-21 20:21 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-11-21 0:53 [PATCH bpf-next v1 0/7] IRQ save/restore Kumar Kartikeya Dwivedi
2024-11-21 0:53 ` [PATCH bpf-next v1 1/7] bpf: Refactor and rename resource management Kumar Kartikeya Dwivedi
2024-11-21 16:57 ` Eduard Zingerman
2024-11-21 17:17 ` Kumar Kartikeya Dwivedi
2024-11-22 0:24 ` Alexei Starovoitov
2024-11-22 0:31 ` Kumar Kartikeya Dwivedi
2024-11-21 0:53 ` [PATCH bpf-next v1 2/7] bpf: Be consistent between {acquire,find,release}_lock_state Kumar Kartikeya Dwivedi
2024-11-21 17:54 ` Eduard Zingerman
2024-11-21 0:53 ` [PATCH bpf-next v1 3/7] bpf: Consolidate RCU and preempt locks in bpf_func_state Kumar Kartikeya Dwivedi
2024-11-21 18:09 ` Eduard Zingerman
2024-11-21 18:12 ` Kumar Kartikeya Dwivedi
2024-11-21 18:54 ` Eduard Zingerman
2024-11-21 22:04 ` Kumar Kartikeya Dwivedi
2024-11-21 0:53 ` [PATCH bpf-next v1 4/7] bpf: Refactor mark_{dynptr,iter}_read Kumar Kartikeya Dwivedi
2024-11-21 18:00 ` Eduard Zingerman
2024-11-21 0:53 ` [PATCH bpf-next v1 5/7] bpf: Introduce support for bpf_local_irq_{save,restore} Kumar Kartikeya Dwivedi
2024-11-21 20:21 ` Eduard Zingerman [this message]
2024-11-21 22:06 ` Kumar Kartikeya Dwivedi
2024-11-21 23:08 ` Eduard Zingerman
2024-11-21 23:12 ` Kumar Kartikeya Dwivedi
2024-11-22 0:30 ` Eduard Zingerman
2024-11-22 0:32 ` Alexei Starovoitov
2024-11-22 0:42 ` Kumar Kartikeya Dwivedi
2024-11-21 22:46 ` kernel test robot
2024-11-21 0:53 ` [PATCH bpf-next v1 6/7] selftests/bpf: Expand coverage of preempt tests to sleepable kfunc Kumar Kartikeya Dwivedi
2024-11-21 20:23 ` Eduard Zingerman
2024-11-21 0:53 ` [PATCH bpf-next v1 7/7] selftests/bpf: Add IRQ save/restore tests Kumar Kartikeya Dwivedi
2024-11-21 20:43 ` Eduard Zingerman
2024-11-21 22:07 ` Kumar Kartikeya Dwivedi
2024-11-21 23:09 ` Eduard Zingerman
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=c49e756f6e4ef492a68b7cd3b856240282963f8e.camel@gmail.com \
--to=eddyz87@gmail.com \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=kernel-team@fb.com \
--cc=kkd@meta.com \
--cc=martin.lau@kernel.org \
--cc=memxor@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.