From: Kumar Kartikeya Dwivedi <memxor@gmail.com>
To: Andrii Nakryiko <andrii.nakryiko@gmail.com>
Cc: bpf <bpf@vger.kernel.org>, "Alexei Starovoitov" <ast@kernel.org>,
"Andrii Nakryiko" <andrii@kernel.org>,
"Daniel Borkmann" <daniel@iogearbox.net>,
"Toke Høiland-Jørgensen" <toke@redhat.com>,
"Jesper Dangaard Brouer" <brouer@redhat.com>
Subject: Re: [PATCH bpf-next v3 07/13] bpf: Adapt copy_map_value for multiple offset case
Date: Fri, 25 Mar 2022 20:36:35 +0530 [thread overview]
Message-ID: <20220325150635.ebrdzxjlt2bhqjt4@apollo> (raw)
In-Reply-To: <CAEf4BzayMZcghFEKtbG58b9yC76P1wzc==wrape89bdS9wQemA@mail.gmail.com>
On Wed, Mar 23, 2022 at 02:08:36AM IST, Andrii Nakryiko wrote:
> On Sun, Mar 20, 2022 at 8:55 AM Kumar Kartikeya Dwivedi
> <memxor@gmail.com> wrote:
> >
> > Since now there might be at most 10 offsets that need handling in
> > copy_map_value, the manual shuffling and special case is no longer going
> > to work. Hence, let's generalise the copy_map_value function by using
> > a sorted array of offsets to skip regions that must be avoided while
> > copying into and out of a map value.
> >
> > When the map is created, we populate the offset array in struct map,
> > with one extra element for map->value_size, which is used as the final
> > offset to subtract previous offset from. Then, copy_map_value uses this
> > sorted offset array is used to memcpy while skipping timer, spin lock,
> > and kptr.
> >
> > Signed-off-by: Kumar Kartikeya Dwivedi <memxor@gmail.com>
> > ---
> > include/linux/bpf.h | 55 +++++++++++++++++++++++---------------------
> > kernel/bpf/syscall.c | 52 +++++++++++++++++++++++++++++++++++++++++
> > 2 files changed, 81 insertions(+), 26 deletions(-)
> >
> > diff --git a/include/linux/bpf.h b/include/linux/bpf.h
> > index 9d424d567dd3..6474d2d44b78 100644
> > --- a/include/linux/bpf.h
> > +++ b/include/linux/bpf.h
> > @@ -158,6 +158,10 @@ struct bpf_map_ops {
> > enum {
> > /* Support at most 8 pointers in a BPF map value */
> > BPF_MAP_VALUE_OFF_MAX = 8,
> > + BPF_MAP_OFF_ARR_MAX = BPF_MAP_VALUE_OFF_MAX +
> > + 1 + /* for bpf_spin_lock */
> > + 1 + /* for bpf_timer */
> > + 1, /* for map->value_size sentinel */
> > };
> >
> > enum {
> > @@ -206,9 +210,17 @@ struct bpf_map {
> > char name[BPF_OBJ_NAME_LEN];
> > bool bypass_spec_v1;
> > bool frozen; /* write-once; write-protected by freeze_mutex */
> > - /* 6 bytes hole */
> > -
> > - /* The 3rd and 4th cacheline with misc members to avoid false sharing
> > + /* 2 bytes hole */
> > + struct {
> > + struct {
> > + u32 off;
> > + u8 sz;
>
> So here we are wasting 11 * 3 == 33 bytes of padding, right? And it
> will only increase as we add bpf_dynptr support soon.
>
> But if we split this struct into two arrays you won't be wasting any of that:
>
> struct {
> u32 cnt;
> u32 field_offs[BPF_MAP_OFF_ARR_MAX];
> u8 szs[BPF_MAP_OFF_ARR_MAX]
> } off_arr;
>
> ?
Ok, will switch to this.
>
> Further, given the majority of BPF maps in the system probably won't
> use any of these special fields, would it make sense to dynamically
> allocate this portion of struct bpf_map?
>
Yes, dynamically allocating also makes sense. I'll go with that for v4.
> > + } field[BPF_MAP_OFF_ARR_MAX];
> > + u32 cnt;
> > + } off_arr;
> > + /* 40 bytes hole */
> > +
> > + /* The 4th and 5th cacheline with misc members to avoid false sharing
> > * particularly with refcounting.
> > */
> > atomic64_t refcnt ____cacheline_aligned;
> > @@ -250,36 +262,27 @@ static inline void check_and_init_map_value(struct bpf_map *map, void *dst)
> > memset(dst + map->spin_lock_off, 0, sizeof(struct bpf_spin_lock));
> > if (unlikely(map_value_has_timer(map)))
> > memset(dst + map->timer_off, 0, sizeof(struct bpf_timer));
> > + if (unlikely(map_value_has_kptr(map))) {
> > + struct bpf_map_value_off *tab = map->kptr_off_tab;
> > + int i;
> > +
> > + for (i = 0; i < tab->nr_off; i++)
> > + *(u64 *)(dst + tab->off[i].offset) = 0;
> > + }
> > }
> >
> > /* copy everything but bpf_spin_lock and bpf_timer. There could be one of each. */
> > static inline void copy_map_value(struct bpf_map *map, void *dst, void *src)
> > {
> > - u32 s_off = 0, s_sz = 0, t_off = 0, t_sz = 0;
> > + int i;
> >
> > - if (unlikely(map_value_has_spin_lock(map))) {
> > - s_off = map->spin_lock_off;
> > - s_sz = sizeof(struct bpf_spin_lock);
> > - }
> > - if (unlikely(map_value_has_timer(map))) {
> > - t_off = map->timer_off;
> > - t_sz = sizeof(struct bpf_timer);
> > - }
> > + memcpy(dst, src, map->off_arr.field[0].off);
> > + for (i = 1; i < map->off_arr.cnt; i++) {
> > + u32 curr_off = map->off_arr.field[i - 1].off;
> > + u32 next_off = map->off_arr.field[i].off;
> >
> > - if (unlikely(s_sz || t_sz)) {
> > - if (s_off < t_off || !s_sz) {
> > - swap(s_off, t_off);
> > - swap(s_sz, t_sz);
> > - }
> > - memcpy(dst, src, t_off);
> > - memcpy(dst + t_off + t_sz,
> > - src + t_off + t_sz,
> > - s_off - t_off - t_sz);
> > - memcpy(dst + s_off + s_sz,
> > - src + s_off + s_sz,
> > - map->value_size - s_off - s_sz);
> > - } else {
> > - memcpy(dst, src, map->value_size);
> > + curr_off += map->off_arr.field[i - 1].sz;
> > + memcpy(dst + curr_off, src + curr_off, next_off - curr_off);
> > }
>
> We can also get away with value_size sentinel value if we rewrite this
> logic as follows:
>
> u32 cur_off = 0;
> int i;
>
> for (i = 0; i < map->off_arr.cnt; i++) {
> memcpy(dst + cur_off, src + cur_off, map->off_arr.field[i].off - cur_off);
> cur_off += map->off_arr.field[i].sz;
> }
>
> memcpy(dst + cur_off, src + cur_off, map->value_size - cur_off);
>
Looks better, will switch.
>
> It will be as optimal but won't require value_size sentinel.
>
> > }
> > void copy_map_value_locked(struct bpf_map *map, void *dst, void *src,
> > diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
> > index 5990d6fa97ab..7b32537bd81f 100644
> > --- a/kernel/bpf/syscall.c
> > +++ b/kernel/bpf/syscall.c
> > @@ -30,6 +30,7 @@
> > #include <linux/pgtable.h>
> > #include <linux/bpf_lsm.h>
> > #include <linux/poll.h>
> > +#include <linux/sort.h>
> > #include <linux/bpf-netns.h>
> > #include <linux/rcupdate_trace.h>
> > #include <linux/memcontrol.h>
> > @@ -851,6 +852,55 @@ int map_check_no_btf(const struct bpf_map *map,
> > return -ENOTSUPP;
> > }
> >
> > +static int map_off_arr_cmp(const void *_a, const void *_b)
> > +{
> > + const u32 a = *(const u32 *)_a;
> > + const u32 b = *(const u32 *)_b;
> > +
> > + if (a < b)
> > + return -1;
> > + else if (a > b)
> > + return 1;
> > + return 0;
> > +}
> > +
> > +static void map_populate_off_arr(struct bpf_map *map)
> > +{
> > + u32 i;
> > +
> > + map->off_arr.cnt = 0;
> > + if (map_value_has_spin_lock(map)) {
> > + i = map->off_arr.cnt;
> > +
> > + map->off_arr.field[i].off = map->spin_lock_off;
> > + map->off_arr.field[i].sz = sizeof(struct bpf_spin_lock);
> > + map->off_arr.cnt++;
> > + }
> > + if (map_value_has_timer(map)) {
> > + i = map->off_arr.cnt;
> > +
> > + map->off_arr.field[i].off = map->timer_off;
> > + map->off_arr.field[i].sz = sizeof(struct bpf_timer);
> > + map->off_arr.cnt++;
> > + }
> > + if (map_value_has_kptr(map)) {
> > + struct bpf_map_value_off *tab = map->kptr_off_tab;
> > + u32 j = map->off_arr.cnt;
> > +
> > + for (i = 0; i < tab->nr_off; i++) {
> > + map->off_arr.field[j + i].off = tab->off[i].offset;
> > + map->off_arr.field[j + i].sz = sizeof(u64);
> > + }
> > + map->off_arr.cnt += tab->nr_off;
> > + }
> > +
> > + map->off_arr.field[map->off_arr.cnt++].off = map->value_size;
>
> Using a pointer for map->off_arr.field[j + i] and incrementing it
> along the cnt would make this code more succinct, and possibly even a
> bit more efficient. With my above suggestion to split offs from szs,
> you'll need two pointers, but still might be cleaner.
>
Ack.
> > + if (map->off_arr.cnt == 1)
> > + return;
> > + sort(map->off_arr.field, map->off_arr.cnt, sizeof(map->off_arr.field[0]),
> > + map_off_arr_cmp, NULL);
>
> See how Jiri is using sort_r() to sort two related arrays and keep
> them in sync w.r.t. order.
>
Thanks for the pointer.
> > +}
> > +
> > static int map_check_btf(struct bpf_map *map, const struct btf *btf,
> > u32 btf_key_id, u32 btf_value_id)
> > {
> > @@ -1018,6 +1068,8 @@ static int map_create(union bpf_attr *attr)
> > attr->btf_vmlinux_value_type_id;
> > }
> >
> > + map_populate_off_arr(map);
> > +
> > err = security_bpf_map_alloc(map);
> > if (err)
> > goto free_map;
> > --
> > 2.35.1
> >
--
Kartikeya
next prev parent reply other threads:[~2022-03-25 15:08 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-20 15:54 [PATCH bpf-next v3 00/13] Introduce typed pointer support in BPF maps Kumar Kartikeya Dwivedi
2022-03-20 15:54 ` [PATCH bpf-next v3 01/13] bpf: Make btf_find_field more generic Kumar Kartikeya Dwivedi
2022-03-20 15:54 ` [PATCH bpf-next v3 02/13] bpf: Move check_ptr_off_reg before check_map_access Kumar Kartikeya Dwivedi
2022-03-20 15:55 ` [PATCH bpf-next v3 03/13] bpf: Allow storing unreferenced kptr in map Kumar Kartikeya Dwivedi
2022-03-21 23:39 ` Joanne Koong
2022-03-22 7:04 ` Kumar Kartikeya Dwivedi
2022-03-22 20:22 ` Andrii Nakryiko
2022-03-25 14:51 ` Kumar Kartikeya Dwivedi
2022-03-22 5:45 ` Andrii Nakryiko
2022-03-22 7:16 ` Kumar Kartikeya Dwivedi
2022-03-22 7:43 ` Kumar Kartikeya Dwivedi
2022-03-22 18:52 ` Andrii Nakryiko
2022-03-25 14:42 ` Kumar Kartikeya Dwivedi
2022-03-25 22:59 ` Andrii Nakryiko
2022-03-22 18:06 ` Martin KaFai Lau
2022-03-25 14:45 ` Kumar Kartikeya Dwivedi
2022-03-20 15:55 ` [PATCH bpf-next v3 04/13] bpf: Indicate argument that will be released in bpf_func_proto Kumar Kartikeya Dwivedi
2022-03-22 1:47 ` Joanne Koong
2022-03-22 7:34 ` Kumar Kartikeya Dwivedi
2022-03-20 15:55 ` [PATCH bpf-next v3 05/13] bpf: Allow storing referenced kptr in map Kumar Kartikeya Dwivedi
2022-03-22 20:59 ` Martin KaFai Lau
2022-03-25 14:57 ` Kumar Kartikeya Dwivedi
2022-03-25 23:39 ` Martin KaFai Lau
2022-03-26 1:01 ` Kumar Kartikeya Dwivedi
2022-03-20 15:55 ` [PATCH bpf-next v3 06/13] bpf: Prevent escaping of kptr loaded from maps Kumar Kartikeya Dwivedi
2022-03-22 5:58 ` Andrii Nakryiko
2022-03-22 7:18 ` Kumar Kartikeya Dwivedi
2022-03-20 15:55 ` [PATCH bpf-next v3 07/13] bpf: Adapt copy_map_value for multiple offset case Kumar Kartikeya Dwivedi
2022-03-22 20:38 ` Andrii Nakryiko
2022-03-25 15:06 ` Kumar Kartikeya Dwivedi [this message]
2022-03-20 15:55 ` [PATCH bpf-next v3 08/13] bpf: Populate pairs of btf_id and destructor kfunc in btf Kumar Kartikeya Dwivedi
2022-03-20 15:55 ` [PATCH bpf-next v3 09/13] bpf: Wire up freeing of referenced kptr Kumar Kartikeya Dwivedi
2022-03-22 20:51 ` Andrii Nakryiko
2022-03-25 14:50 ` Kumar Kartikeya Dwivedi
2022-03-22 21:10 ` Alexei Starovoitov
2022-03-25 15:07 ` Kumar Kartikeya Dwivedi
2022-03-20 15:55 ` [PATCH bpf-next v3 10/13] bpf: Teach verifier about kptr_get kfunc helpers Kumar Kartikeya Dwivedi
2022-03-20 15:55 ` [PATCH bpf-next v3 11/13] libbpf: Add kptr type tag macros to bpf_helpers.h Kumar Kartikeya Dwivedi
2022-03-20 15:55 ` [PATCH bpf-next v3 12/13] selftests/bpf: Add C tests for kptr Kumar Kartikeya Dwivedi
2022-03-22 21:00 ` Andrii Nakryiko
2022-03-25 14:52 ` Kumar Kartikeya Dwivedi
2022-03-24 9:10 ` Jiri Olsa
2022-03-25 14:52 ` Kumar Kartikeya Dwivedi
2022-03-20 15:55 ` [PATCH bpf-next v3 13/13] selftests/bpf: Add verifier " Kumar Kartikeya Dwivedi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220325150635.ebrdzxjlt2bhqjt4@apollo \
--to=memxor@gmail.com \
--cc=andrii.nakryiko@gmail.com \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=brouer@redhat.com \
--cc=daniel@iogearbox.net \
--cc=toke@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox