From: Andrii Nakryiko <andrii.nakryiko@gmail.com>
To: Hao Luo <haoluo@google.com>
Cc: Alexei Starovoitov <ast@kernel.org>,
Andrii Nakryiko <andrii@kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>,
Yonghong Song <yhs@fb.com>,
Arnaldo Carvalho de Melo <acme@kernel.org>,
KP Singh <kpsingh@kernel.org>, bpf <bpf@vger.kernel.org>
Subject: Re: [PATCH bpf-next v1 2/4] compiler_types: define __percpu as __attribute__((btf_type_tag("percpu")))
Date: Mon, 7 Mar 2022 17:44:14 -0800 [thread overview]
Message-ID: <CAEf4BzadmAQSUHSSDfSeiMvicvdbOKh_r7oCX2=OThbjOS-rMw@mail.gmail.com> (raw)
In-Reply-To: <20220304191657.981240-3-haoluo@google.com>
On Fri, Mar 4, 2022 at 11:17 AM Hao Luo <haoluo@google.com> wrote:
>
> This is similar to commit 7472d5a642c9 ("compiler_types: define __user as
> __attribute__((btf_type_tag("user")))"), where a type tag "user" was
> introduced to identify the pointers that point to user memory. With that
> change, the newest compile toolchain can encode __user information into
> vmlinux BTF, which can be used by the BPF verifier to enforce safe
> program behaviors.
>
> Similarly, we have __percpu attribute, which is mainly used to indicate
> memory is allocated in percpu region. The __percpu pointers in kernel
> are supposed to be used together with functions like per_cpu_ptr() and
> this_cpu_ptr(), which perform necessary calculation on the pointer's
> base address. Without the btf_type_tag introduced in this patch,
> __percpu pointers will be treated as regular memory pointers in vmlinux
> BTF and BPF programs are allowed to directly dereference them, generating
> incorrect behaviors. Now with "percpu" btf_type_tag, the BPF verifier is
> able to differentiate __percpu pointers from regular pointers and forbids
> unexpected behaviors like direct load.
>
> The following is an example similar to the one given in commit
> 7472d5a642c9:
>
> [$ ~] cat test.c
> #define __percpu __attribute__((btf_type_tag("percpu")))
> int foo(int __percpu *arg) {
> return *arg;
> }
> [$ ~] clang -O2 -g -c test.c
> [$ ~] pahole -JV test.o
> ...
> File test.o:
> [1] INT int size=4 nr_bits=32 encoding=SIGNED
> [2] TYPE_TAG percpu type_id=1
> [3] PTR (anon) type_id=2
> [4] FUNC_PROTO (anon) return=1 args=(3 arg)
> [5] FUNC foo type_id=4
> [$ ~]
>
> for the function argument "int __percpu *arg", its type is described as
> PTR -> TYPE_TAG(percpu) -> INT
> The kernel can use this information for bpf verification or other
> use cases.
>
> Like commit 7472d5a642c9, this feature requires clang (>= clang14) and
> pahole (>= 1.23).
>
> Cc: Yonghong Song <yhs@fb.com>
> Signed-off-by: Hao Luo <haoluo@google.com>
> ---
> include/linux/compiler_types.h | 7 ++++++-
> 1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/include/linux/compiler_types.h b/include/linux/compiler_types.h
> index 3f31ff400432..223abf43679a 100644
> --- a/include/linux/compiler_types.h
> +++ b/include/linux/compiler_types.h
> @@ -38,7 +38,12 @@ static inline void __chk_io_ptr(const volatile void __iomem *ptr) { }
> # define __user
> # endif
> # define __iomem
> -# define __percpu
> +# if defined(CONFIG_DEBUG_INFO_BTF) && defined(CONFIG_PAHOLE_HAS_BTF_TAG) && \
> + __has_attribute(btf_type_tag)
> +# define __percpu __attribute__((btf_type_tag("percpu")))
Maybe let's add
#if defined(CONFIG_DEBUG_INFO_BTF) &&
defined(CONFIG_PAHOLE_HAS_BTF_TAG) && __has_attribute(btf_type_tag)
#define BTF_TYPE_TAG(value) __attribute__((btf_type_tag(#value)))
#else
#define BTF_TYPE_TAG(value) /* nothing */
#endif
and use BTF_TYPE_TAG() macro unconditionally everywhere?
> +# else
> +# define __percpu
> +# endif
> # define __rcu
> # define __chk_user_ptr(x) (void)0
> # define __chk_io_ptr(x) (void)0
> --
> 2.35.1.616.g0bdcbb4464-goog
>
next prev parent reply other threads:[~2022-03-08 1:44 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-04 19:16 [PATCH bpf-next v1 0/4] bpf: add __percpu tagging in vmlinux BTF Hao Luo
2022-03-04 19:16 ` [PATCH bpf-next v1 1/4] bpf: Fix checking PTR_TO_BTF_ID in check_mem_access Hao Luo
2022-03-05 20:00 ` Yonghong Song
2022-03-04 19:16 ` [PATCH bpf-next v1 2/4] compiler_types: define __percpu as __attribute__((btf_type_tag("percpu"))) Hao Luo
2022-03-05 20:06 ` Yonghong Song
2022-03-08 1:44 ` Andrii Nakryiko [this message]
2022-03-09 7:07 ` Yonghong Song
2022-03-09 19:31 ` Hao Luo
2022-03-04 19:16 ` [PATCH bpf-next v1 3/4] bpf: Reject programs that try to load __percpu memory Hao Luo
2022-03-05 21:15 ` Yonghong Song
2022-03-04 19:16 ` [PATCH bpf-next v1 4/4] selftests/bpf: Add a test for btf_type_tag "percpu" Hao Luo
2022-03-05 21:20 ` Yonghong Song
2022-03-06 2:49 ` Alexei Starovoitov
2022-03-08 1:41 ` Hao Luo
2022-03-06 2:50 ` [PATCH bpf-next v1 0/4] bpf: add __percpu tagging in vmlinux BTF patchwork-bot+netdevbpf
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAEf4BzadmAQSUHSSDfSeiMvicvdbOKh_r7oCX2=OThbjOS-rMw@mail.gmail.com' \
--to=andrii.nakryiko@gmail.com \
--cc=acme@kernel.org \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=haoluo@google.com \
--cc=kpsingh@kernel.org \
--cc=yhs@fb.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).