From: Song Liu <songliubraving@meta.com>
To: Andrii Nakryiko <andrii.nakryiko@gmail.com>
Cc: Song Liu <song@kernel.org>,
"bpf@vger.kernel.org" <bpf@vger.kernel.org>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
"linux-security-module@vger.kernel.org"
<linux-security-module@vger.kernel.org>,
Kernel Team <kernel-team@meta.com>,
"andrii@kernel.org" <andrii@kernel.org>,
"ast@kernel.org" <ast@kernel.org>,
"daniel@iogearbox.net" <daniel@iogearbox.net>,
"martin.lau@linux.dev" <martin.lau@linux.dev>,
"kpsingh@kernel.org" <kpsingh@kernel.org>,
"mattbobrowski@google.com" <mattbobrowski@google.com>,
"paul@paul-moore.com" <paul@paul-moore.com>,
"jmorris@namei.org" <jmorris@namei.org>,
"serge@hallyn.com" <serge@hallyn.com>,
"memxor@gmail.com" <memxor@gmail.com>
Subject: Re: [PATCH v8 bpf-next 5/7] bpf: Use btf_kfunc_id_set.remap logic for bpf_dynptr_from_skb
Date: Tue, 14 Jan 2025 23:03:21 +0000 [thread overview]
Message-ID: <B7F9964F-63F0-4ED6-A798-37407855675F@fb.com> (raw)
In-Reply-To: <CAEf4BzapTMSfv4afg8QnV-mX2nL8cKboXCTBwp-_cRk8ybKnQQ@mail.gmail.com>
> On Jan 14, 2025, at 2:37 PM, Andrii Nakryiko <andrii.nakryiko@gmail.com> wrote:
>
[...]
>>
>> if (bpf_dev_bound_kfunc_id(func_id)) {
>> xdp_kfunc = bpf_dev_bound_resolve_kfunc(prog, func_id);
>> @@ -20833,22 +20836,6 @@ static void specialize_kfunc(struct bpf_verifier_env *env,
>> }
>> /* fallback to default kfunc when not supported by netdev */
>> }
>> -
>> - if (offset)
>> - return;
>> -
>> - if (func_id == special_kfunc_list[KF_bpf_dynptr_from_skb]) {
>> - seen_direct_write = env->seen_direct_write;
>> - is_rdonly = !may_access_direct_pkt_data(env, NULL, BPF_WRITE);
>> -
>> - if (is_rdonly)
>> - *addr = (unsigned long)bpf_dynptr_from_skb_rdonly;
>> -
>> - /* restore env->seen_direct_write to its original value, since
>> - * may_access_direct_pkt_data mutates it
>> - */
>> - env->seen_direct_write = seen_direct_write;
>
> is it safe to remove this special seen_direct_write part of logic?
We need to save and restore seen_direct_write because
may_access_direct_pkt_data() mutates it. If we do not call
may_access_direct_pkt_data() here, as after this patch, we don't need to
save and restore seen_direct_write.
>
>> - }
>> }
>>
>> static void __fixup_collection_insert_kfunc(struct bpf_insn_aux_data *insn_aux,
>> diff --git a/net/core/filter.c b/net/core/filter.c
>> index 21131ec25f24..f12bcc1b21d1 100644
>> --- a/net/core/filter.c
>> +++ b/net/core/filter.c
>> @@ -12047,10 +12047,8 @@ __bpf_kfunc int bpf_sk_assign_tcp_reqsk(struct __sk_buff *s, struct sock *sk,
>> #endif
>> }
>>
>> -__bpf_kfunc_end_defs();
>> -
>> -int bpf_dynptr_from_skb_rdonly(struct __sk_buff *skb, u64 flags,
>> - struct bpf_dynptr *ptr__uninit)
>> +__bpf_kfunc int bpf_dynptr_from_skb_rdonly(struct __sk_buff *skb, u64 flags,
>> + struct bpf_dynptr *ptr__uninit)
>> {
>> struct bpf_dynptr_kern *ptr = (struct bpf_dynptr_kern *)ptr__uninit;
>> int err;
>> @@ -12064,10 +12062,16 @@ int bpf_dynptr_from_skb_rdonly(struct __sk_buff *skb, u64 flags,
>> return 0;
>> }
[...]
>> +
>> +static u32 bpf_kfunc_set_skb_remap(const struct bpf_prog *prog, u32 kfunc_id)
>> +{
>> + if (kfunc_id != bpf_dynptr_from_skb_list[0])
>> + return 0;
>> +
>> + switch (resolve_prog_type(prog)) {
>> + /* Program types only with direct read access go here! */
>> + case BPF_PROG_TYPE_LWT_IN:
>> + case BPF_PROG_TYPE_LWT_OUT:
>> + case BPF_PROG_TYPE_LWT_SEG6LOCAL:
>> + case BPF_PROG_TYPE_SK_REUSEPORT:
>> + case BPF_PROG_TYPE_FLOW_DISSECTOR:
>> + case BPF_PROG_TYPE_CGROUP_SKB:
>> + return bpf_dynptr_from_skb_list[1];
>> +
>> + /* Program types with direct read + write access go here! */
>> + case BPF_PROG_TYPE_SCHED_CLS:
>> + case BPF_PROG_TYPE_SCHED_ACT:
>> + case BPF_PROG_TYPE_XDP:
>> + case BPF_PROG_TYPE_LWT_XMIT:
>> + case BPF_PROG_TYPE_SK_SKB:
>> + case BPF_PROG_TYPE_SK_MSG:
>> + case BPF_PROG_TYPE_CGROUP_SOCKOPT:
>> + return kfunc_id;
>> +
>> + default:
>> + break;
>> + }
>> + return bpf_dynptr_from_skb_list[1];
>> +}
>
> I'd personally prefer the approach we have with BPF helpers, where
> each program type has a function that handles all helpers (identified
> by its ID), and then we can use C code sharing to minimize duplication
> of code.
Different hooks of the same program type, especially struct_ops, may
not have same access to different kfuncs. Therefore, I am not sure
whether the approach with helpers can scale in the long term. At the
moment, we use special_kfunc_[type|set|list] to handle special cases.
But I am afraid this approach cannot work well with more struct_ops
and kfuncs.
>
> With this approach it seems like we'll have more duplication and we'll
> need to repeat these program type-based large switches for various
> small sets of kfuncs, no?
The motivation is to make the verification of kfuncs more modular, so
that each set of kfuncs handle their verification as much as possible.
I think the code duplication here (bpf_kfunc_set_skb_remap) is not a
common problem. And we can actually reduce duplication with some
simple helpers.
Does this make sense?
Thanks,
Song
next prev parent reply other threads:[~2025-01-14 23:03 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-01-08 22:51 [PATCH v8 bpf-next 0/7] Enable writing xattr from BPF programs Song Liu
2025-01-08 22:51 ` [PATCH v8 bpf-next 1/7] fs/xattr: bpf: Introduce security.bpf. xattr name prefix Song Liu
2025-01-08 22:51 ` [PATCH v8 bpf-next 2/7] selftests/bpf: Extend test fs_kfuncs to cover security.bpf. xattr names Song Liu
2025-01-08 22:51 ` [PATCH v8 bpf-next 3/7] bpf: lsm: Add two more sleepable hooks Song Liu
2025-01-08 22:51 ` [PATCH v8 bpf-next 4/7] bpf: Extend btf_kfunc_id_set to handle kfunc polymorphism Song Liu
2025-01-08 22:51 ` [PATCH v8 bpf-next 5/7] bpf: Use btf_kfunc_id_set.remap logic for bpf_dynptr_from_skb Song Liu
2025-01-09 23:55 ` kernel test robot
2025-01-10 1:08 ` Song Liu
2025-01-10 1:11 ` kernel test robot
2025-01-14 22:37 ` Andrii Nakryiko
2025-01-14 23:03 ` Song Liu [this message]
2025-01-14 23:40 ` Andrii Nakryiko
2025-01-08 22:51 ` [PATCH v8 bpf-next 6/7] bpf: fs/xattr: Add BPF kfuncs to set and remove xattrs Song Liu
2025-01-08 22:51 ` [PATCH v8 bpf-next 7/7] selftests/bpf: Test kfuncs that set and remove xattr from BPF programs Song Liu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=B7F9964F-63F0-4ED6-A798-37407855675F@fb.com \
--to=songliubraving@meta.com \
--cc=andrii.nakryiko@gmail.com \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=jmorris@namei.org \
--cc=kernel-team@meta.com \
--cc=kpsingh@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=martin.lau@linux.dev \
--cc=mattbobrowski@google.com \
--cc=memxor@gmail.com \
--cc=paul@paul-moore.com \
--cc=serge@hallyn.com \
--cc=song@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox