From: Emil Tsalapatis <emil@etsalapatis.com>
To: bpf@vger.kernel.org
Cc: ast@kernel.org, daniel@iogearbox.net, john.fastabend@gmail.com,
memxor@gmail.com, andrii@kernel.org, eddyz87@gmail.com,
yonghong.song@linux.dev, Emil Tsalapatis <emil@etsalapatis.com>
Subject: [PATCH 0/4] libbpf: move arena variables out of the zero page
Date: Mon, 17 Nov 2025 18:56:32 -0500 [thread overview]
Message-ID: <20251117235636.140259-1-emil@etsalapatis.com> (raw)
Modify libbpf to place arena globals in a small offset inside the arena
mapping instead of at the very beginning. This allows programs to leave
the "zero page" of the arena unmapped, so that NULL arena pointer
dereferences trigger a page fault and associated backtrace in BPF streams.
In contrast, the current policy of placing global data in the zero pages
means that NULL dereferences silently corrupt global data, e.g, arena
qspinlock state. This makes arena bugs more difficult to debug.
The patchset adds code to libbpf to move global arena data 16 pages into
the arena mapping. If this move is impossible, libbpf tries progressively
smaller increments, and finally defaults to 0 if there is not enough
space in the arena. At load time, libbpf adjusts each symbol's location
within the arena by that offset. The patchset also adds padding to the
BPF skeleton struct arena datasec to ensure the arena's fields are
pointing in the right locations within the mapping.
Signed-off-by: Emil Tsalapatis <emil@etsalapatis.com>
Emil Tsalapatis (4):
selftests/bpf: explicitly account for globals in verifier_arena_large
libbpf: add stub for offset-related skeleton padding
libbpf: offset global arena data into the arena if possible
selftests/bpf: add tests for the arena offset of globals
tools/bpf/bpftool/gen.c | 23 ++++++-
tools/lib/bpf/libbpf.c | 36 ++++++++++-
tools/lib/bpf/libbpf.h | 9 +++
tools/lib/bpf/libbpf.map | 1 +
.../selftests/bpf/prog_tests/verifier.c | 6 ++
.../bpf/progs/verifier_arena_globals1.c | 60 ++++++++++++++++++
.../bpf/progs/verifier_arena_globals2.c | 49 +++++++++++++++
.../bpf/progs/verifier_arena_globals3.c | 61 +++++++++++++++++++
.../bpf/progs/verifier_arena_large.c | 25 ++++++--
9 files changed, 261 insertions(+), 9 deletions(-)
create mode 100644 tools/testing/selftests/bpf/progs/verifier_arena_globals1.c
create mode 100644 tools/testing/selftests/bpf/progs/verifier_arena_globals2.c
create mode 100644 tools/testing/selftests/bpf/progs/verifier_arena_globals3.c
--
2.49.0
next reply other threads:[~2025-11-17 23:56 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-17 23:56 Emil Tsalapatis [this message]
2025-11-17 23:56 ` [PATCH 1/4] selftests/bpf: explicitly account for globals in verifier_arena_large Emil Tsalapatis
2025-11-17 23:56 ` [PATCH 2/4] libbpf: add stub for offset-related skeleton padding Emil Tsalapatis
2025-11-18 0:18 ` bot+bpf-ci
2025-11-18 2:48 ` Emil Tsalapatis
2025-11-17 23:56 ` [PATCH 3/4] libbpf: offset global arena data into the arena if possible Emil Tsalapatis
2025-11-18 0:26 ` bot+bpf-ci
2025-11-18 2:26 ` Emil Tsalapatis
2025-11-17 23:56 ` [PATCH 4/4] selftests/bpf: add tests for the arena offset of globals Emil Tsalapatis
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251117235636.140259-1-emil@etsalapatis.com \
--to=emil@etsalapatis.com \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=eddyz87@gmail.com \
--cc=john.fastabend@gmail.com \
--cc=memxor@gmail.com \
--cc=yonghong.song@linux.dev \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox