[PATCH bpf-next 0/3] Always allow sleepable and fmod

public inbox for bpf@vger.kernel.org
 help / color / mirror / Atom feed

* [PATCH bpf-next 0/3] Always allow sleepable and fmod_ret programs on syscalls
@ 2026-03-05 15:25 Viktor Malik
  2026-03-05 15:25 ` [PATCH bpf-next 1/3] bpf: Always allow sleepable " Viktor Malik
                   ` (3 more replies)
  0 siblings, 4 replies; 15+ messages in thread
From: Viktor Malik @ 2026-03-05 15:25 UTC (permalink / raw)
  To: bpf
  Cc: Alexei Starovoitov, Daniel Borkmann, John Fastabend,
	Andrii Nakryiko, Martin KaFai Lau, Eduard Zingerman, Song Liu,
	Yonghong Song, KP Singh, Stanislav Fomichev, Hao Luo, Jiri Olsa,
	Paul Walmsley, Palmer Dabbelt, Albert Ou, Alexandre Ghiti,
	Shuah Khan, Leon Hwang, Viktor Malik

Both sleepable and fmod_ret programs are only allowed on selected
functions. For convenience, the error injection list was originally
used.

When error injection is disabled, that list is empty and sleepable
tracing programs, as well as fmod_ret programs, are effectively
unavailable.

This patch series addresses the issue by at least enabling sleepable and
fmod_ret programs on syscalls, if error injection is disabled.

Viktor Malik (3):
  bpf: Always allow sleepable programs on syscalls
  bpf: Always allow fmod_ret programs on syscalls
  selftests/bpf: Move sleepable refcounted_kptr tests to syscalls

 kernel/bpf/verifier.c                         | 79 +++++++++++++++----
 .../selftests/bpf/progs/refcounted_kptr.c     |  4 +-
 .../bpf/progs/refcounted_kptr_fail.c          |  2 +-
 3 files changed, 68 insertions(+), 17 deletions(-)

-- 
2.53.0


^ permalink raw reply	[flat|nested] 15+ messages in thread

* [PATCH bpf-next 1/3] bpf: Always allow sleepable programs on syscalls
  2026-03-05 15:25 [PATCH bpf-next 0/3] Always allow sleepable and fmod_ret programs on syscalls Viktor Malik
@ 2026-03-05 15:25 ` Viktor Malik
  2026-03-05 16:07   ` bot+bpf-ci
  2026-03-06  2:05   ` Leon Hwang
  2026-03-05 15:25 ` [PATCH bpf-next 2/3] bpf: Always allow fmod_ret " Viktor Malik
                   ` (2 subsequent siblings)
  3 siblings, 2 replies; 15+ messages in thread
From: Viktor Malik @ 2026-03-05 15:25 UTC (permalink / raw)
  To: bpf
  Cc: Alexei Starovoitov, Daniel Borkmann, John Fastabend,
	Andrii Nakryiko, Martin KaFai Lau, Eduard Zingerman, Song Liu,
	Yonghong Song, KP Singh, Stanislav Fomichev, Hao Luo, Jiri Olsa,
	Paul Walmsley, Palmer Dabbelt, Albert Ou, Alexandre Ghiti,
	Shuah Khan, Leon Hwang, Viktor Malik

Sleepable BPF programs can only be attached to selected functions. For
convenience, the error injection list was originally used, which
contains syscalls and several other functions.

When error injection is disabled (CONFIG_FUNCTION_ERROR_INJECTION=n),
that list is empty and sleepable tracing programs are effectively
unavailable. In such a case, at least enable sleepable programs on
syscalls.

Signed-off-by: Viktor Malik <vmalik@redhat.com>
---
 kernel/bpf/verifier.c | 54 ++++++++++++++++++++++++++++++++++++++-----
 1 file changed, 48 insertions(+), 6 deletions(-)

diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
index d92cf2821657..cb80a3ddb7a4 100644
--- a/kernel/bpf/verifier.c
+++ b/kernel/bpf/verifier.c
@@ -24930,6 +24930,8 @@ static int check_attach_modify_return(unsigned long addr, const char *func_name)
 	return -EINVAL;
 }
 
+#ifdef CONFIG_FUNCTION_ERROR_INJECTION
+
 /* list of non-sleepable functions that are otherwise on
  * ALLOW_ERROR_INJECTION list
  */
@@ -24951,6 +24953,51 @@ static int check_non_sleepable_error_inject(u32 btf_id)
 	return btf_id_set_contains(&btf_non_sleepable_error_inject, btf_id);
 }
 
+static int check_attach_sleepable(u32 btf_id, unsigned long addr, const char *func_name)
+{
+	/* fentry/fexit/fmod_ret progs can be sleepable if they are
+	 * attached to ALLOW_ERROR_INJECTION and are not in denylist.
+	 */
+	if (!check_non_sleepable_error_inject(btf_id) &&
+	    within_error_injection_list(addr))
+		return 0;
+
+	return -EINVAL;
+}
+
+#else
+
+static bool has_arch_syscall_prefix(const char *func_name)
+{
+#if defined(__x86_64__)
+	return !strncmp(func_name, "__x64_", 6);
+#elif defined(__i386__)
+	return !strncmp(func_name, "__ia32_", 7);
+#elif defined(__s390x__)
+	return !strncmp(func_name, "__s390x_", 8);
+#elif defined(__aarch64__)
+	return !strncmp(func_name, "__arm64_", 8);
+#elif defined(__riscv)
+	return !strncmp(func_name, "__riscv_", 8);
+#elif defined(__powerpc__) || defined(__powerpc64__)
+	return !strncmp(func_name, "sys", 3);
+#else
+	return false;
+#endif
+}
+
+/* Without error injection, allow sleepable progs on syscalls. */
+
+static int check_attach_sleepable(u32 btf_id, unsigned long addr, const char *func_name)
+{
+	if (has_arch_syscall_prefix(func_name))
+		return 0;
+
+	return -EINVAL;
+}
+
+#endif /* CONFIG_FUNCTION_ERROR_INJECTION */
+
 int bpf_check_attach_target(struct bpf_verifier_log *log,
 			    const struct bpf_prog *prog,
 			    const struct bpf_prog *tgt_prog,
@@ -25230,12 +25277,7 @@ int bpf_check_attach_target(struct bpf_verifier_log *log,
 			ret = -EINVAL;
 			switch (prog->type) {
 			case BPF_PROG_TYPE_TRACING:
-
-				/* fentry/fexit/fmod_ret progs can be sleepable if they are
-				 * attached to ALLOW_ERROR_INJECTION and are not in denylist.
-				 */
-				if (!check_non_sleepable_error_inject(btf_id) &&
-				    within_error_injection_list(addr))
+				if (!check_attach_sleepable(btf_id, addr, tname))
 					ret = 0;
 				/* fentry/fexit/fmod_ret progs can also be sleepable if they are
 				 * in the fmodret id set with the KF_SLEEPABLE flag.
-- 
2.53.0


^ permalink raw reply related	[flat|nested] 15+ messages in thread

* Re: [PATCH bpf-next 1/3] bpf: Always allow sleepable programs on syscalls
  2026-03-05 15:25 ` [PATCH bpf-next 1/3] bpf: Always allow sleepable " Viktor Malik
@ 2026-03-05 16:07   ` bot+bpf-ci
  2026-03-06  2:02     ` Kumar Kartikeya Dwivedi
  2026-03-06  2:05   ` Leon Hwang
  1 sibling, 1 reply; 15+ messages in thread
From: bot+bpf-ci @ 2026-03-05 16:07 UTC (permalink / raw)
  To: vmalik, bpf
  Cc: ast, daniel, john.fastabend, andrii, martin.lau, eddyz87, song,
	yonghong.song, kpsingh, sdf, haoluo, jolsa, pjw, palmer, aou,
	alex, shuah, leon.hwang, vmalik, ast, andrii, daniel, martin.lau,
	eddyz87, yonghong.song, clm, ihor.solodrai

[-- Attachment #1: Type: text/plain, Size: 1564 bytes --]

> diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
> index d92cf2821657..cb80a3ddb7a4 100644
> --- a/kernel/bpf/verifier.c
> +++ b/kernel/bpf/verifier.c

[ ... ]

> +#else
> +
> +static bool has_arch_syscall_prefix(const char *func_name)
> +{
> +#if defined(__x86_64__)
> +	return !strncmp(func_name, "__x64_", 6);
> +#elif defined(__i386__)
> +	return !strncmp(func_name, "__ia32_", 7);
> +#elif defined(__s390x__)
> +	return !strncmp(func_name, "__s390x_", 8);
> +#elif defined(__aarch64__)
> +	return !strncmp(func_name, "__arm64_", 8);
> +#elif defined(__riscv)
> +	return !strncmp(func_name, "__riscv_", 8);
> +#elif defined(__powerpc__) || defined(__powerpc64__)
> +	return !strncmp(func_name, "sys", 3);
                                    ^^^^^

The other architectures use prefixes that uniquely identify syscall
wrappers (__x64_sys_*, __arm64_sys_*, etc.), but "sys" with length 3
would also match sysfs_*, sysctl_*, sysrq_*, and other non-syscall
kernel functions.

Looking at arch/powerpc/include/asm/syscall_wrapper.h, __SYSCALL_DEFINEx
generates names like sys_read and SYSCALL_DEFINE0 generates sys_fork, so
the actual common prefix for powerpc syscalls is "sys_" (4 characters
with the underscore).

Should this be "sys_" with length 4 instead?

> +#else
> +	return false;
> +#endif
> +}

[ ... ]


---
AI reviewed your patch. Please fix the bug or email reply why it's not a bug.
See: https://github.com/kernel-patches/vmtest/blob/master/ci/claude/README.md

CI run summary: https://github.com/kernel-patches/bpf/actions/runs/22725431483

^ permalink raw reply	[flat|nested] 15+ messages in thread

* Re: [PATCH bpf-next 1/3] bpf: Always allow sleepable programs on syscalls
  2026-03-05 16:07   ` bot+bpf-ci
@ 2026-03-06  2:02     ` Kumar Kartikeya Dwivedi
  2026-03-06  6:23       ` Viktor Malik
  0 siblings, 1 reply; 15+ messages in thread
From: Kumar Kartikeya Dwivedi @ 2026-03-06  2:02 UTC (permalink / raw)
  To: bot+bpf-ci
  Cc: vmalik, bpf, ast, daniel, john.fastabend, andrii, martin.lau,
	eddyz87, song, yonghong.song, kpsingh, sdf, haoluo, jolsa, pjw,
	palmer, aou, alex, shuah, leon.hwang, martin.lau, clm,
	ihor.solodrai

On Thu, 5 Mar 2026 at 17:08, <bot+bpf-ci@kernel.org> wrote:
>
> > diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
> > index d92cf2821657..cb80a3ddb7a4 100644
> > --- a/kernel/bpf/verifier.c
> > +++ b/kernel/bpf/verifier.c
>
> [ ... ]
>
> > +#else
> > +
> > +static bool has_arch_syscall_prefix(const char *func_name)
> > +{
> > +#if defined(__x86_64__)
> > +     return !strncmp(func_name, "__x64_", 6);
> > +#elif defined(__i386__)
> > +     return !strncmp(func_name, "__ia32_", 7);
> > +#elif defined(__s390x__)
> > +     return !strncmp(func_name, "__s390x_", 8);
> > +#elif defined(__aarch64__)
> > +     return !strncmp(func_name, "__arm64_", 8);
> > +#elif defined(__riscv)
> > +     return !strncmp(func_name, "__riscv_", 8);
> > +#elif defined(__powerpc__) || defined(__powerpc64__)
> > +     return !strncmp(func_name, "sys", 3);
>                                     ^^^^^
>
> The other architectures use prefixes that uniquely identify syscall
> wrappers (__x64_sys_*, __arm64_sys_*, etc.), but "sys" with length 3
> would also match sysfs_*, sysctl_*, sysrq_*, and other non-syscall
> kernel functions.
>
> Looking at arch/powerpc/include/asm/syscall_wrapper.h, __SYSCALL_DEFINEx
> generates names like sys_read and SYSCALL_DEFINE0 generates sys_fork, so
> the actual common prefix for powerpc syscalls is "sys_" (4 characters
> with the underscore).
>
> Should this be "sys_" with length 4 instead?

I think the bot is right, we should match sys_, that is less likely to
include other non-syscall kernel functions.
It only affects powerpc with error injection disabled.

Other than that, the set looks good to me. I tested it by disabling
error injection and things fail before your fix is applied.

>
> > +#else
> > +     return false;
> > +#endif
> > +}
>
> [ ... ]
>
>
> ---
> AI reviewed your patch. Please fix the bug or email reply why it's not a bug.
> See: https://github.com/kernel-patches/vmtest/blob/master/ci/claude/README.md
>
> CI run summary: https://github.com/kernel-patches/bpf/actions/runs/22725431483

^ permalink raw reply	[flat|nested] 15+ messages in thread

* Re: [PATCH bpf-next 1/3] bpf: Always allow sleepable programs on syscalls
  2026-03-06  2:02     ` Kumar Kartikeya Dwivedi
@ 2026-03-06  6:23       ` Viktor Malik
  0 siblings, 0 replies; 15+ messages in thread
From: Viktor Malik @ 2026-03-06  6:23 UTC (permalink / raw)
  To: Kumar Kartikeya Dwivedi, bot+bpf-ci
  Cc: bpf, ast, daniel, john.fastabend, andrii, martin.lau, eddyz87,
	song, yonghong.song, kpsingh, sdf, haoluo, jolsa, pjw, palmer,
	aou, alex, shuah, leon.hwang, martin.lau, clm, ihor.solodrai

On 3/6/26 03:02, Kumar Kartikeya Dwivedi wrote:
> On Thu, 5 Mar 2026 at 17:08, <bot+bpf-ci@kernel.org> wrote:
>>
>>> diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
>>> index d92cf2821657..cb80a3ddb7a4 100644
>>> --- a/kernel/bpf/verifier.c
>>> +++ b/kernel/bpf/verifier.c
>>
>> [ ... ]
>>
>>> +#else
>>> +
>>> +static bool has_arch_syscall_prefix(const char *func_name)
>>> +{
>>> +#if defined(__x86_64__)
>>> +     return !strncmp(func_name, "__x64_", 6);
>>> +#elif defined(__i386__)
>>> +     return !strncmp(func_name, "__ia32_", 7);
>>> +#elif defined(__s390x__)
>>> +     return !strncmp(func_name, "__s390x_", 8);
>>> +#elif defined(__aarch64__)
>>> +     return !strncmp(func_name, "__arm64_", 8);
>>> +#elif defined(__riscv)
>>> +     return !strncmp(func_name, "__riscv_", 8);
>>> +#elif defined(__powerpc__) || defined(__powerpc64__)
>>> +     return !strncmp(func_name, "sys", 3);
>>                                     ^^^^^
>>
>> The other architectures use prefixes that uniquely identify syscall
>> wrappers (__x64_sys_*, __arm64_sys_*, etc.), but "sys" with length 3
>> would also match sysfs_*, sysctl_*, sysrq_*, and other non-syscall
>> kernel functions.
>>
>> Looking at arch/powerpc/include/asm/syscall_wrapper.h, __SYSCALL_DEFINEx
>> generates names like sys_read and SYSCALL_DEFINE0 generates sys_fork, so
>> the actual common prefix for powerpc syscalls is "sys_" (4 characters
>> with the underscore).
>>
>> Should this be "sys_" with length 4 instead?
> 
> I think the bot is right, we should match sys_, that is less likely to
> include other non-syscall kernel functions.
> It only affects powerpc with error injection disabled.

Yeah, agreed, will update to sys_ in v2.

> 
> Other than that, the set looks good to me. I tested it by disabling
> error injection and things fail before your fix is applied.
> 
>>
>>> +#else
>>> +     return false;
>>> +#endif
>>> +}
>>
>> [ ... ]
>>
>>
>> ---
>> AI reviewed your patch. Please fix the bug or email reply why it's not a bug.
>> See: https://github.com/kernel-patches/vmtest/blob/master/ci/claude/README.md
>>
>> CI run summary: https://github.com/kernel-patches/bpf/actions/runs/22725431483
> 


^ permalink raw reply	[flat|nested] 15+ messages in thread

* Re: [PATCH bpf-next 1/3] bpf: Always allow sleepable programs on syscalls
  2026-03-05 15:25 ` [PATCH bpf-next 1/3] bpf: Always allow sleepable " Viktor Malik
  2026-03-05 16:07   ` bot+bpf-ci
@ 2026-03-06  2:05   ` Leon Hwang
  2026-03-06  7:09     ` Viktor Malik
  1 sibling, 1 reply; 15+ messages in thread
From: Leon Hwang @ 2026-03-06  2:05 UTC (permalink / raw)
  To: Viktor Malik, bpf
  Cc: Alexei Starovoitov, Daniel Borkmann, John Fastabend,
	Andrii Nakryiko, Martin KaFai Lau, Eduard Zingerman, Song Liu,
	Yonghong Song, KP Singh, Stanislav Fomichev, Hao Luo, Jiri Olsa,
	Paul Walmsley, Palmer Dabbelt, Albert Ou, Alexandre Ghiti,
	Shuah Khan

On 5/3/26 23:25, Viktor Malik wrote:
> Sleepable BPF programs can only be attached to selected functions. For
> convenience, the error injection list was originally used, which
> contains syscalls and several other functions.
> 
> When error injection is disabled (CONFIG_FUNCTION_ERROR_INJECTION=n),
> that list is empty and sleepable tracing programs are effectively
> unavailable. In such a case, at least enable sleepable programs on
> syscalls.
> 
> Signed-off-by: Viktor Malik <vmalik@redhat.com>
> ---
>  kernel/bpf/verifier.c | 54 ++++++++++++++++++++++++++++++++++++++-----
>  1 file changed, 48 insertions(+), 6 deletions(-)
> 
> diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
> index d92cf2821657..cb80a3ddb7a4 100644
> --- a/kernel/bpf/verifier.c
> +++ b/kernel/bpf/verifier.c
> @@ -24930,6 +24930,8 @@ static int check_attach_modify_return(unsigned long addr, const char *func_name)
>  	return -EINVAL;
>  }
>  
> +#ifdef CONFIG_FUNCTION_ERROR_INJECTION
> +
>  /* list of non-sleepable functions that are otherwise on
>   * ALLOW_ERROR_INJECTION list
>   */
> @@ -24951,6 +24953,51 @@ static int check_non_sleepable_error_inject(u32 btf_id)
>  	return btf_id_set_contains(&btf_non_sleepable_error_inject, btf_id);
>  }
>  
> +static int check_attach_sleepable(u32 btf_id, unsigned long addr, const char *func_name)
> +{
> +	/* fentry/fexit/fmod_ret progs can be sleepable if they are
> +	 * attached to ALLOW_ERROR_INJECTION and are not in denylist.
> +	 */
> +	if (!check_non_sleepable_error_inject(btf_id) &&
> +	    within_error_injection_list(addr))
> +		return 0;
> +
> +	return -EINVAL;
> +}
> +
> +#else
> +
> +static bool has_arch_syscall_prefix(const char *func_name)
> +{
> +#if defined(__x86_64__)
> +	return !strncmp(func_name, "__x64_", 6);
> +#elif defined(__i386__)
> +	return !strncmp(func_name, "__ia32_", 7);
> +#elif defined(__s390x__)
> +	return !strncmp(func_name, "__s390x_", 8);
> +#elif defined(__aarch64__)
> +	return !strncmp(func_name, "__arm64_", 8);
> +#elif defined(__riscv)
> +	return !strncmp(func_name, "__riscv_", 8);
> +#elif defined(__powerpc__) || defined(__powerpc64__)
> +	return !strncmp(func_name, "sys", 3);
> +#else
> +	return false;
> +#endif
> +}

At first glance, it is not a good taste to hard code these prefixes here.

Furthermore, the arch_syscall_match_sym_name() of ftrace does the same
thing. Consider it instead.

Thanks,
Leon

> +
> +/* Without error injection, allow sleepable progs on syscalls. */
> +
> +static int check_attach_sleepable(u32 btf_id, unsigned long addr, const char *func_name)
> +{
> +	if (has_arch_syscall_prefix(func_name))
> +		return 0;
> +
> +	return -EINVAL;
> +}
> +
> +#endif /* CONFIG_FUNCTION_ERROR_INJECTION */
> +
>  int bpf_check_attach_target(struct bpf_verifier_log *log,
>  			    const struct bpf_prog *prog,
>  			    const struct bpf_prog *tgt_prog,
> @@ -25230,12 +25277,7 @@ int bpf_check_attach_target(struct bpf_verifier_log *log,
>  			ret = -EINVAL;
>  			switch (prog->type) {
>  			case BPF_PROG_TYPE_TRACING:
> -
> -				/* fentry/fexit/fmod_ret progs can be sleepable if they are
> -				 * attached to ALLOW_ERROR_INJECTION and are not in denylist.
> -				 */
> -				if (!check_non_sleepable_error_inject(btf_id) &&
> -				    within_error_injection_list(addr))
> +				if (!check_attach_sleepable(btf_id, addr, tname))
>  					ret = 0;
>  				/* fentry/fexit/fmod_ret progs can also be sleepable if they are
>  				 * in the fmodret id set with the KF_SLEEPABLE flag.


^ permalink raw reply	[flat|nested] 15+ messages in thread

* Re: [PATCH bpf-next 1/3] bpf: Always allow sleepable programs on syscalls
  2026-03-06  2:05   ` Leon Hwang
@ 2026-03-06  7:09     ` Viktor Malik
  2026-03-06  7:41       ` Leon Hwang
  0 siblings, 1 reply; 15+ messages in thread
From: Viktor Malik @ 2026-03-06  7:09 UTC (permalink / raw)
  To: Leon Hwang, bpf
  Cc: Alexei Starovoitov, Daniel Borkmann, John Fastabend,
	Andrii Nakryiko, Martin KaFai Lau, Eduard Zingerman, Song Liu,
	Yonghong Song, KP Singh, Stanislav Fomichev, Hao Luo, Jiri Olsa,
	Paul Walmsley, Palmer Dabbelt, Albert Ou, Alexandre Ghiti,
	Shuah Khan

On 3/6/26 03:05, Leon Hwang wrote:
> On 5/3/26 23:25, Viktor Malik wrote:
>> Sleepable BPF programs can only be attached to selected functions. For
>> convenience, the error injection list was originally used, which
>> contains syscalls and several other functions.
>>
>> When error injection is disabled (CONFIG_FUNCTION_ERROR_INJECTION=n),
>> that list is empty and sleepable tracing programs are effectively
>> unavailable. In such a case, at least enable sleepable programs on
>> syscalls.
>>
>> Signed-off-by: Viktor Malik <vmalik@redhat.com>
>> ---
>>  kernel/bpf/verifier.c | 54 ++++++++++++++++++++++++++++++++++++++-----
>>  1 file changed, 48 insertions(+), 6 deletions(-)
>>
>> diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
>> index d92cf2821657..cb80a3ddb7a4 100644
>> --- a/kernel/bpf/verifier.c
>> +++ b/kernel/bpf/verifier.c
>> @@ -24930,6 +24930,8 @@ static int check_attach_modify_return(unsigned long addr, const char *func_name)
>>  	return -EINVAL;
>>  }
>>  
>> +#ifdef CONFIG_FUNCTION_ERROR_INJECTION
>> +
>>  /* list of non-sleepable functions that are otherwise on
>>   * ALLOW_ERROR_INJECTION list
>>   */
>> @@ -24951,6 +24953,51 @@ static int check_non_sleepable_error_inject(u32 btf_id)
>>  	return btf_id_set_contains(&btf_non_sleepable_error_inject, btf_id);
>>  }
>>  
>> +static int check_attach_sleepable(u32 btf_id, unsigned long addr, const char *func_name)
>> +{
>> +	/* fentry/fexit/fmod_ret progs can be sleepable if they are
>> +	 * attached to ALLOW_ERROR_INJECTION and are not in denylist.
>> +	 */
>> +	if (!check_non_sleepable_error_inject(btf_id) &&
>> +	    within_error_injection_list(addr))
>> +		return 0;
>> +
>> +	return -EINVAL;
>> +}
>> +
>> +#else
>> +
>> +static bool has_arch_syscall_prefix(const char *func_name)
>> +{
>> +#if defined(__x86_64__)
>> +	return !strncmp(func_name, "__x64_", 6);
>> +#elif defined(__i386__)
>> +	return !strncmp(func_name, "__ia32_", 7);
>> +#elif defined(__s390x__)
>> +	return !strncmp(func_name, "__s390x_", 8);
>> +#elif defined(__aarch64__)
>> +	return !strncmp(func_name, "__arm64_", 8);
>> +#elif defined(__riscv)
>> +	return !strncmp(func_name, "__riscv_", 8);
>> +#elif defined(__powerpc__) || defined(__powerpc64__)
>> +	return !strncmp(func_name, "sys", 3);
>> +#else
>> +	return false;
>> +#endif
>> +}
> 
> At first glance, it is not a good taste to hard code these prefixes here.
> 
> Furthermore, the arch_syscall_match_sym_name() of ftrace does the same
> thing. Consider it instead.

I did consider it but arch_syscall_match_sym_name() matches two strings
(the arch-specific syscall function and the generic "sys_<name>") while
we need to just check the prefix (we don't have the other string).

Another generic option is to implement has_arch_syscall_prefix() in arch
code, next to arch_syscall_match_sym_name(). But that seems like too big
of a change in ftrace for a small use-case such as this one.

That's why I ended up with the current form. In addition, arches
hard-code the prefixes in their syscall code so we'll have to hard-code
them anyways, no matter the solution we end up with.

Viktor

> 
> Thanks,
> Leon
> 
>> +
>> +/* Without error injection, allow sleepable progs on syscalls. */
>> +
>> +static int check_attach_sleepable(u32 btf_id, unsigned long addr, const char *func_name)
>> +{
>> +	if (has_arch_syscall_prefix(func_name))
>> +		return 0;
>> +
>> +	return -EINVAL;
>> +}
>> +
>> +#endif /* CONFIG_FUNCTION_ERROR_INJECTION */
>> +
>>  int bpf_check_attach_target(struct bpf_verifier_log *log,
>>  			    const struct bpf_prog *prog,
>>  			    const struct bpf_prog *tgt_prog,
>> @@ -25230,12 +25277,7 @@ int bpf_check_attach_target(struct bpf_verifier_log *log,
>>  			ret = -EINVAL;
>>  			switch (prog->type) {
>>  			case BPF_PROG_TYPE_TRACING:
>> -
>> -				/* fentry/fexit/fmod_ret progs can be sleepable if they are
>> -				 * attached to ALLOW_ERROR_INJECTION and are not in denylist.
>> -				 */
>> -				if (!check_non_sleepable_error_inject(btf_id) &&
>> -				    within_error_injection_list(addr))
>> +				if (!check_attach_sleepable(btf_id, addr, tname))
>>  					ret = 0;
>>  				/* fentry/fexit/fmod_ret progs can also be sleepable if they are
>>  				 * in the fmodret id set with the KF_SLEEPABLE flag.
> 


^ permalink raw reply	[flat|nested] 15+ messages in thread

* Re: [PATCH bpf-next 1/3] bpf: Always allow sleepable programs on syscalls
  2026-03-06  7:09     ` Viktor Malik
@ 2026-03-06  7:41       ` Leon Hwang
  2026-03-06  8:38         ` Viktor Malik
  0 siblings, 1 reply; 15+ messages in thread
From: Leon Hwang @ 2026-03-06  7:41 UTC (permalink / raw)
  To: Viktor Malik, bpf
  Cc: Alexei Starovoitov, Daniel Borkmann, John Fastabend,
	Andrii Nakryiko, Martin KaFai Lau, Eduard Zingerman, Song Liu,
	Yonghong Song, KP Singh, Stanislav Fomichev, Hao Luo, Jiri Olsa,
	Paul Walmsley, Palmer Dabbelt, Albert Ou, Alexandre Ghiti,
	Shuah Khan

On 6/3/26 15:09, Viktor Malik wrote:
> On 3/6/26 03:05, Leon Hwang wrote:
>> On 5/3/26 23:25, Viktor Malik wrote:
>>> Sleepable BPF programs can only be attached to selected functions. For
>>> convenience, the error injection list was originally used, which
>>> contains syscalls and several other functions.
>>>
>>> When error injection is disabled (CONFIG_FUNCTION_ERROR_INJECTION=n),
>>> that list is empty and sleepable tracing programs are effectively
>>> unavailable. In such a case, at least enable sleepable programs on
>>> syscalls.
>>>
>>> Signed-off-by: Viktor Malik <vmalik@redhat.com>
>>> ---
>>>  kernel/bpf/verifier.c | 54 ++++++++++++++++++++++++++++++++++++++-----
>>>  1 file changed, 48 insertions(+), 6 deletions(-)
>>>
>>> diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
>>> index d92cf2821657..cb80a3ddb7a4 100644
>>> --- a/kernel/bpf/verifier.c
>>> +++ b/kernel/bpf/verifier.c
>>> @@ -24930,6 +24930,8 @@ static int check_attach_modify_return(unsigned long addr, const char *func_name)
>>>  	return -EINVAL;
>>>  }
>>>  
>>> +#ifdef CONFIG_FUNCTION_ERROR_INJECTION
>>> +
>>>  /* list of non-sleepable functions that are otherwise on
>>>   * ALLOW_ERROR_INJECTION list
>>>   */
>>> @@ -24951,6 +24953,51 @@ static int check_non_sleepable_error_inject(u32 btf_id)
>>>  	return btf_id_set_contains(&btf_non_sleepable_error_inject, btf_id);
>>>  }
>>>  
>>> +static int check_attach_sleepable(u32 btf_id, unsigned long addr, const char *func_name)
>>> +{
>>> +	/* fentry/fexit/fmod_ret progs can be sleepable if they are
>>> +	 * attached to ALLOW_ERROR_INJECTION and are not in denylist.
>>> +	 */
>>> +	if (!check_non_sleepable_error_inject(btf_id) &&
>>> +	    within_error_injection_list(addr))
>>> +		return 0;
>>> +
>>> +	return -EINVAL;
>>> +}
>>> +
>>> +#else
>>> +
>>> +static bool has_arch_syscall_prefix(const char *func_name)
>>> +{
>>> +#if defined(__x86_64__)
>>> +	return !strncmp(func_name, "__x64_", 6);
>>> +#elif defined(__i386__)
>>> +	return !strncmp(func_name, "__ia32_", 7);
>>> +#elif defined(__s390x__)
>>> +	return !strncmp(func_name, "__s390x_", 8);
>>> +#elif defined(__aarch64__)
>>> +	return !strncmp(func_name, "__arm64_", 8);
>>> +#elif defined(__riscv)
>>> +	return !strncmp(func_name, "__riscv_", 8);
>>> +#elif defined(__powerpc__) || defined(__powerpc64__)
>>> +	return !strncmp(func_name, "sys", 3);
>>> +#else
>>> +	return false;
>>> +#endif
>>> +}
>>
>> At first glance, it is not a good taste to hard code these prefixes here.
>>
>> Furthermore, the arch_syscall_match_sym_name() of ftrace does the same
>> thing. Consider it instead.
> 
> I did consider it but arch_syscall_match_sym_name() matches two strings
> (the arch-specific syscall function and the generic "sys_<name>") while
> we need to just check the prefix (we don't have the other string).
> 
> Another generic option is to implement has_arch_syscall_prefix() in arch
> code, next to arch_syscall_match_sym_name(). But that seems like too big
> of a change in ftrace for a small use-case such as this one.
> 
> That's why I ended up with the current form. In addition, arches
> hard-code the prefixes in their syscall code so we'll have to hard-code
> them anyways, no matter the solution we end up with.
> 
Hmm, I don't have a strong preference.

However, it is worth adding some explanation in the commit log and code
comment.

Thanks,
Leon

[...]


^ permalink raw reply	[flat|nested] 15+ messages in thread

* Re: [PATCH bpf-next 1/3] bpf: Always allow sleepable programs on syscalls
  2026-03-06  7:41       ` Leon Hwang
@ 2026-03-06  8:38         ` Viktor Malik
  0 siblings, 0 replies; 15+ messages in thread
From: Viktor Malik @ 2026-03-06  8:38 UTC (permalink / raw)
  To: Leon Hwang, bpf
  Cc: Alexei Starovoitov, Daniel Borkmann, John Fastabend,
	Andrii Nakryiko, Martin KaFai Lau, Eduard Zingerman, Song Liu,
	Yonghong Song, KP Singh, Stanislav Fomichev, Hao Luo, Jiri Olsa,
	Paul Walmsley, Palmer Dabbelt, Albert Ou, Alexandre Ghiti,
	Shuah Khan

On 3/6/26 08:41, Leon Hwang wrote:
> On 6/3/26 15:09, Viktor Malik wrote:
>> On 3/6/26 03:05, Leon Hwang wrote:
>>> On 5/3/26 23:25, Viktor Malik wrote:
>>>> Sleepable BPF programs can only be attached to selected functions. For
>>>> convenience, the error injection list was originally used, which
>>>> contains syscalls and several other functions.
>>>>
>>>> When error injection is disabled (CONFIG_FUNCTION_ERROR_INJECTION=n),
>>>> that list is empty and sleepable tracing programs are effectively
>>>> unavailable. In such a case, at least enable sleepable programs on
>>>> syscalls.
>>>>
>>>> Signed-off-by: Viktor Malik <vmalik@redhat.com>
>>>> ---
>>>>  kernel/bpf/verifier.c | 54 ++++++++++++++++++++++++++++++++++++++-----
>>>>  1 file changed, 48 insertions(+), 6 deletions(-)
>>>>
>>>> diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
>>>> index d92cf2821657..cb80a3ddb7a4 100644
>>>> --- a/kernel/bpf/verifier.c
>>>> +++ b/kernel/bpf/verifier.c
>>>> @@ -24930,6 +24930,8 @@ static int check_attach_modify_return(unsigned long addr, const char *func_name)
>>>>  	return -EINVAL;
>>>>  }
>>>>  
>>>> +#ifdef CONFIG_FUNCTION_ERROR_INJECTION
>>>> +
>>>>  /* list of non-sleepable functions that are otherwise on
>>>>   * ALLOW_ERROR_INJECTION list
>>>>   */
>>>> @@ -24951,6 +24953,51 @@ static int check_non_sleepable_error_inject(u32 btf_id)
>>>>  	return btf_id_set_contains(&btf_non_sleepable_error_inject, btf_id);
>>>>  }
>>>>  
>>>> +static int check_attach_sleepable(u32 btf_id, unsigned long addr, const char *func_name)
>>>> +{
>>>> +	/* fentry/fexit/fmod_ret progs can be sleepable if they are
>>>> +	 * attached to ALLOW_ERROR_INJECTION and are not in denylist.
>>>> +	 */
>>>> +	if (!check_non_sleepable_error_inject(btf_id) &&
>>>> +	    within_error_injection_list(addr))
>>>> +		return 0;
>>>> +
>>>> +	return -EINVAL;
>>>> +}
>>>> +
>>>> +#else
>>>> +
>>>> +static bool has_arch_syscall_prefix(const char *func_name)
>>>> +{
>>>> +#if defined(__x86_64__)
>>>> +	return !strncmp(func_name, "__x64_", 6);
>>>> +#elif defined(__i386__)
>>>> +	return !strncmp(func_name, "__ia32_", 7);
>>>> +#elif defined(__s390x__)
>>>> +	return !strncmp(func_name, "__s390x_", 8);
>>>> +#elif defined(__aarch64__)
>>>> +	return !strncmp(func_name, "__arm64_", 8);
>>>> +#elif defined(__riscv)
>>>> +	return !strncmp(func_name, "__riscv_", 8);
>>>> +#elif defined(__powerpc__) || defined(__powerpc64__)
>>>> +	return !strncmp(func_name, "sys", 3);
>>>> +#else
>>>> +	return false;
>>>> +#endif
>>>> +}
>>>
>>> At first glance, it is not a good taste to hard code these prefixes here.
>>>
>>> Furthermore, the arch_syscall_match_sym_name() of ftrace does the same
>>> thing. Consider it instead.
>>
>> I did consider it but arch_syscall_match_sym_name() matches two strings
>> (the arch-specific syscall function and the generic "sys_<name>") while
>> we need to just check the prefix (we don't have the other string).
>>
>> Another generic option is to implement has_arch_syscall_prefix() in arch
>> code, next to arch_syscall_match_sym_name(). But that seems like too big
>> of a change in ftrace for a small use-case such as this one.
>>
>> That's why I ended up with the current form. In addition, arches
>> hard-code the prefixes in their syscall code so we'll have to hard-code
>> them anyways, no matter the solution we end up with.
>>
> Hmm, I don't have a strong preference.
> 
> However, it is worth adding some explanation in the commit log and code
> comment.

Ok, I'll add an explanation.

Thanks,
Viktor

> 
> Thanks,
> Leon
> 
> [...]
> 


^ permalink raw reply	[flat|nested] 15+ messages in thread

* [PATCH bpf-next 2/3] bpf: Always allow fmod_ret programs on syscalls
  2026-03-05 15:25 [PATCH bpf-next 0/3] Always allow sleepable and fmod_ret programs on syscalls Viktor Malik
  2026-03-05 15:25 ` [PATCH bpf-next 1/3] bpf: Always allow sleepable " Viktor Malik
@ 2026-03-05 15:25 ` Viktor Malik
  2026-03-05 15:25 ` [PATCH bpf-next 3/3] selftests/bpf: Move sleepable refcounted_kptr tests to syscalls Viktor Malik
  2026-03-06  2:04 ` [PATCH bpf-next 0/3] Always allow sleepable and fmod_ret programs on syscalls Leon Hwang
  3 siblings, 0 replies; 15+ messages in thread
From: Viktor Malik @ 2026-03-05 15:25 UTC (permalink / raw)
  To: bpf
  Cc: Alexei Starovoitov, Daniel Borkmann, John Fastabend,
	Andrii Nakryiko, Martin KaFai Lau, Eduard Zingerman, Song Liu,
	Yonghong Song, KP Singh, Stanislav Fomichev, Hao Luo, Jiri Olsa,
	Paul Walmsley, Palmer Dabbelt, Albert Ou, Alexandre Ghiti,
	Shuah Khan, Leon Hwang, Viktor Malik

fmod_ret BPF programs can only be attached to selected functions. For
convenience, the error injection list was originally used (along with
functions prefixed with "security_"), which contains syscalls and
several other functions.

When error injection is disabled (CONFIG_FUNCTION_ERROR_INJECTION=n),
that list is empty and fmod_ret programs are effectively unavailable for
most of the functions. In such a case, at least enable fmod_ret programs
on syscalls.

Signed-off-by: Viktor Malik <vmalik@redhat.com>
---
 kernel/bpf/verifier.c | 29 +++++++++++++++++++----------
 1 file changed, 19 insertions(+), 10 deletions(-)

diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
index cb80a3ddb7a4..6883b18f1355 100644
--- a/kernel/bpf/verifier.c
+++ b/kernel/bpf/verifier.c
@@ -24921,15 +24921,6 @@ static int check_struct_ops_btf_id(struct bpf_verifier_env *env)
 }
 #define SECURITY_PREFIX "security_"
 
-static int check_attach_modify_return(unsigned long addr, const char *func_name)
-{
-	if (within_error_injection_list(addr) ||
-	    !strncmp(SECURITY_PREFIX, func_name, sizeof(SECURITY_PREFIX) - 1))
-		return 0;
-
-	return -EINVAL;
-}
-
 #ifdef CONFIG_FUNCTION_ERROR_INJECTION
 
 /* list of non-sleepable functions that are otherwise on
@@ -24965,6 +24956,15 @@ static int check_attach_sleepable(u32 btf_id, unsigned long addr, const char *fu
 	return -EINVAL;
 }
 
+static int check_attach_modify_return(unsigned long addr, const char *func_name)
+{
+	if (within_error_injection_list(addr) ||
+	    !strncmp(SECURITY_PREFIX, func_name, sizeof(SECURITY_PREFIX) - 1))
+		return 0;
+
+	return -EINVAL;
+}
+
 #else
 
 static bool has_arch_syscall_prefix(const char *func_name)
@@ -24986,7 +24986,7 @@ static bool has_arch_syscall_prefix(const char *func_name)
 #endif
 }
 
-/* Without error injection, allow sleepable progs on syscalls. */
+/* Without error injection, allow sleepable and fmod_ret progs on syscalls. */
 
 static int check_attach_sleepable(u32 btf_id, unsigned long addr, const char *func_name)
 {
@@ -24996,6 +24996,15 @@ static int check_attach_sleepable(u32 btf_id, unsigned long addr, const char *fu
 	return -EINVAL;
 }
 
+static int check_attach_modify_return(unsigned long addr, const char *func_name)
+{
+	if (has_arch_syscall_prefix(func_name) ||
+	    !strncmp(SECURITY_PREFIX, func_name, sizeof(SECURITY_PREFIX) - 1))
+		return 0;
+
+	return -EINVAL;
+}
+
 #endif /* CONFIG_FUNCTION_ERROR_INJECTION */
 
 int bpf_check_attach_target(struct bpf_verifier_log *log,
-- 
2.53.0


^ permalink raw reply related	[flat|nested] 15+ messages in thread

* [PATCH bpf-next 3/3] selftests/bpf: Move sleepable refcounted_kptr tests to syscalls
  2026-03-05 15:25 [PATCH bpf-next 0/3] Always allow sleepable and fmod_ret programs on syscalls Viktor Malik
  2026-03-05 15:25 ` [PATCH bpf-next 1/3] bpf: Always allow sleepable " Viktor Malik
  2026-03-05 15:25 ` [PATCH bpf-next 2/3] bpf: Always allow fmod_ret " Viktor Malik
@ 2026-03-05 15:25 ` Viktor Malik
  2026-03-06  2:04 ` [PATCH bpf-next 0/3] Always allow sleepable and fmod_ret programs on syscalls Leon Hwang
  3 siblings, 0 replies; 15+ messages in thread
From: Viktor Malik @ 2026-03-05 15:25 UTC (permalink / raw)
  To: bpf
  Cc: Alexei Starovoitov, Daniel Borkmann, John Fastabend,
	Andrii Nakryiko, Martin KaFai Lau, Eduard Zingerman, Song Liu,
	Yonghong Song, KP Singh, Stanislav Fomichev, Hao Luo, Jiri Olsa,
	Paul Walmsley, Palmer Dabbelt, Albert Ou, Alexandre Ghiti,
	Shuah Khan, Leon Hwang, Viktor Malik

Now that sleepable programs are always enabled on syscalls, let
refcounted_kptr tests use syscalls rather than bpf_testmod_test_read,
which is not sleepable with error injection disabled.

The tests just check that the verifier can handle usage of RCU locks in
sleepable programs and never actually attach. So, the attachment target
doesn't matter (as long as it is sleepable) and with syscalls, the tests
pass on kernels with disabled error injection.

Signed-off-by: Viktor Malik <vmalik@redhat.com>
---
 tools/testing/selftests/bpf/progs/refcounted_kptr.c      | 4 ++--
 tools/testing/selftests/bpf/progs/refcounted_kptr_fail.c | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/tools/testing/selftests/bpf/progs/refcounted_kptr.c b/tools/testing/selftests/bpf/progs/refcounted_kptr.c
index 1aca85d86aeb..c847398837cc 100644
--- a/tools/testing/selftests/bpf/progs/refcounted_kptr.c
+++ b/tools/testing/selftests/bpf/progs/refcounted_kptr.c
@@ -500,7 +500,7 @@ long rbtree_wrong_owner_remove_fail_a2(void *ctx)
 	return 0;
 }
 
-SEC("?fentry.s/bpf_testmod_test_read")
+SEC("?fentry.s/" SYS_PREFIX "sys_getpgid")
 __success
 int BPF_PROG(rbtree_sleepable_rcu,
 	     struct file *file, struct kobject *kobj,
@@ -534,7 +534,7 @@ int BPF_PROG(rbtree_sleepable_rcu,
 	return 0;
 }
 
-SEC("?fentry.s/bpf_testmod_test_read")
+SEC("?fentry.s/" SYS_PREFIX "sys_getpgid")
 __success
 int BPF_PROG(rbtree_sleepable_rcu_no_explicit_rcu_lock,
 	     struct file *file, struct kobject *kobj,
diff --git a/tools/testing/selftests/bpf/progs/refcounted_kptr_fail.c b/tools/testing/selftests/bpf/progs/refcounted_kptr_fail.c
index 836c8ab7b908..b2808bfcec29 100644
--- a/tools/testing/selftests/bpf/progs/refcounted_kptr_fail.c
+++ b/tools/testing/selftests/bpf/progs/refcounted_kptr_fail.c
@@ -93,7 +93,7 @@ long rbtree_refcounted_node_ref_escapes_owning_input(void *ctx)
 	return 0;
 }
 
-SEC("?fentry.s/bpf_testmod_test_read")
+SEC("?fentry.s/" SYS_PREFIX "sys_getpgid")
 __failure __msg("function calls are not allowed while holding a lock")
 int BPF_PROG(rbtree_fail_sleepable_lock_across_rcu,
 	     struct file *file, struct kobject *kobj,
-- 
2.53.0


^ permalink raw reply related	[flat|nested] 15+ messages in thread

* Re: [PATCH bpf-next 0/3] Always allow sleepable and fmod_ret programs on syscalls
  2026-03-05 15:25 [PATCH bpf-next 0/3] Always allow sleepable and fmod_ret programs on syscalls Viktor Malik
                   ` (2 preceding siblings ...)
  2026-03-05 15:25 ` [PATCH bpf-next 3/3] selftests/bpf: Move sleepable refcounted_kptr tests to syscalls Viktor Malik
@ 2026-03-06  2:04 ` Leon Hwang
  2026-03-06  2:14   ` Kumar Kartikeya Dwivedi
  3 siblings, 1 reply; 15+ messages in thread
From: Leon Hwang @ 2026-03-06  2:04 UTC (permalink / raw)
  To: Viktor Malik, bpf
  Cc: Alexei Starovoitov, Daniel Borkmann, John Fastabend,
	Andrii Nakryiko, Martin KaFai Lau, Eduard Zingerman, Song Liu,
	Yonghong Song, KP Singh, Stanislav Fomichev, Hao Luo, Jiri Olsa,
	Paul Walmsley, Palmer Dabbelt, Albert Ou, Alexandre Ghiti,
	Shuah Khan

Hi Viktor,

On 5/3/26 23:25, Viktor Malik wrote:
> Both sleepable and fmod_ret programs are only allowed on selected
> functions. For convenience, the error injection list was originally
> used.
> 
> When error injection is disabled, that list is empty and sleepable
> tracing programs, as well as fmod_ret programs, are effectively
> unavailable.
> 
> This patch series addresses the issue by at least enabling sleepable and
> fmod_ret programs on syscalls, if error injection is disabled.
> 

Could you please explain more about the purpose in cover letter?

I'm curious about enabling fmod_ret programs on syscalls, as they are
able to modify the retval of syscalls.

Thanks,
Leon

> Viktor Malik (3):
>   bpf: Always allow sleepable programs on syscalls
>   bpf: Always allow fmod_ret programs on syscalls
>   selftests/bpf: Move sleepable refcounted_kptr tests to syscalls
> 
>  kernel/bpf/verifier.c                         | 79 +++++++++++++++----
>  .../selftests/bpf/progs/refcounted_kptr.c     |  4 +-
>  .../bpf/progs/refcounted_kptr_fail.c          |  2 +-
>  3 files changed, 68 insertions(+), 17 deletions(-)
> 


^ permalink raw reply	[flat|nested] 15+ messages in thread

* Re: [PATCH bpf-next 0/3] Always allow sleepable and fmod_ret programs on syscalls
  2026-03-06  2:04 ` [PATCH bpf-next 0/3] Always allow sleepable and fmod_ret programs on syscalls Leon Hwang
@ 2026-03-06  2:14   ` Kumar Kartikeya Dwivedi
  2026-03-06  2:16     ` Leon Hwang
  0 siblings, 1 reply; 15+ messages in thread
From: Kumar Kartikeya Dwivedi @ 2026-03-06  2:14 UTC (permalink / raw)
  To: Leon Hwang
  Cc: Viktor Malik, bpf, Alexei Starovoitov, Daniel Borkmann,
	John Fastabend, Andrii Nakryiko, Martin KaFai Lau,
	Eduard Zingerman, Song Liu, Yonghong Song, KP Singh,
	Stanislav Fomichev, Hao Luo, Jiri Olsa, Paul Walmsley,
	Palmer Dabbelt, Albert Ou, Alexandre Ghiti, Shuah Khan

On Fri, 6 Mar 2026 at 03:04, Leon Hwang <leon.hwang@linux.dev> wrote:
>
> Hi Viktor,
>
> On 5/3/26 23:25, Viktor Malik wrote:
> > Both sleepable and fmod_ret programs are only allowed on selected
> > functions. For convenience, the error injection list was originally
> > used.
> >
> > When error injection is disabled, that list is empty and sleepable
> > tracing programs, as well as fmod_ret programs, are effectively
> > unavailable.
> >
> > This patch series addresses the issue by at least enabling sleepable and
> > fmod_ret programs on syscalls, if error injection is disabled.
> >
>
> Could you please explain more about the purpose in cover letter?
>
> I'm curious about enabling fmod_ret programs on syscalls, as they are
> able to modify the retval of syscalls.

It was already discussed at length here:
https://lore.kernel.org/bpf/CAADnVQJ4PU7bCb5XO9+zMZhLRSdbCKwxG6Rtojh2Rc3UZ8H43Q@mail.gmail.com/

I think the next version could include a link to the previous thread
in the cover letter for posterity.

>
> Thanks,
> Leon
>
> > Viktor Malik (3):
> >   bpf: Always allow sleepable programs on syscalls
> >   bpf: Always allow fmod_ret programs on syscalls
> >   selftests/bpf: Move sleepable refcounted_kptr tests to syscalls
> >
> >  kernel/bpf/verifier.c                         | 79 +++++++++++++++----
> >  .../selftests/bpf/progs/refcounted_kptr.c     |  4 +-
> >  .../bpf/progs/refcounted_kptr_fail.c          |  2 +-
> >  3 files changed, 68 insertions(+), 17 deletions(-)
> >
>
>

^ permalink raw reply	[flat|nested] 15+ messages in thread

* Re: [PATCH bpf-next 0/3] Always allow sleepable and fmod_ret programs on syscalls
  2026-03-06  2:14   ` Kumar Kartikeya Dwivedi
@ 2026-03-06  2:16     ` Leon Hwang
  2026-03-06  6:26       ` Viktor Malik
  0 siblings, 1 reply; 15+ messages in thread
From: Leon Hwang @ 2026-03-06  2:16 UTC (permalink / raw)
  To: Kumar Kartikeya Dwivedi
  Cc: Viktor Malik, bpf, Alexei Starovoitov, Daniel Borkmann,
	John Fastabend, Andrii Nakryiko, Martin KaFai Lau,
	Eduard Zingerman, Song Liu, Yonghong Song, KP Singh,
	Stanislav Fomichev, Hao Luo, Jiri Olsa, Paul Walmsley,
	Palmer Dabbelt, Albert Ou, Alexandre Ghiti, Shuah Khan

On 6/3/26 10:14, Kumar Kartikeya Dwivedi wrote:
> On Fri, 6 Mar 2026 at 03:04, Leon Hwang <leon.hwang@linux.dev> wrote:
>>
>> Hi Viktor,
>>
>> On 5/3/26 23:25, Viktor Malik wrote:
>>> Both sleepable and fmod_ret programs are only allowed on selected
>>> functions. For convenience, the error injection list was originally
>>> used.
>>>
>>> When error injection is disabled, that list is empty and sleepable
>>> tracing programs, as well as fmod_ret programs, are effectively
>>> unavailable.
>>>
>>> This patch series addresses the issue by at least enabling sleepable and
>>> fmod_ret programs on syscalls, if error injection is disabled.
>>>
>>
>> Could you please explain more about the purpose in cover letter?
>>
>> I'm curious about enabling fmod_ret programs on syscalls, as they are
>> able to modify the retval of syscalls.
> 
> It was already discussed at length here:
> https://lore.kernel.org/bpf/CAADnVQJ4PU7bCb5XO9+zMZhLRSdbCKwxG6Rtojh2Rc3UZ8H43Q@mail.gmail.com/
> 

Thanks for pointing this out.

Thanks,
Leon

> I think the next version could include a link to the previous thread
> in the cover letter for posterity.
> 
>>
>> Thanks,
>> Leon
>>
>>> Viktor Malik (3):
>>>   bpf: Always allow sleepable programs on syscalls
>>>   bpf: Always allow fmod_ret programs on syscalls
>>>   selftests/bpf: Move sleepable refcounted_kptr tests to syscalls
>>>
>>>  kernel/bpf/verifier.c                         | 79 +++++++++++++++----
>>>  .../selftests/bpf/progs/refcounted_kptr.c     |  4 +-
>>>  .../bpf/progs/refcounted_kptr_fail.c          |  2 +-
>>>  3 files changed, 68 insertions(+), 17 deletions(-)
>>>
>>
>>


^ permalink raw reply	[flat|nested] 15+ messages in thread

* Re: [PATCH bpf-next 0/3] Always allow sleepable and fmod_ret programs on syscalls
  2026-03-06  2:16     ` Leon Hwang
@ 2026-03-06  6:26       ` Viktor Malik
  0 siblings, 0 replies; 15+ messages in thread
From: Viktor Malik @ 2026-03-06  6:26 UTC (permalink / raw)
  To: Leon Hwang, Kumar Kartikeya Dwivedi
  Cc: bpf, Alexei Starovoitov, Daniel Borkmann, John Fastabend,
	Andrii Nakryiko, Martin KaFai Lau, Eduard Zingerman, Song Liu,
	Yonghong Song, KP Singh, Stanislav Fomichev, Hao Luo, Jiri Olsa,
	Paul Walmsley, Palmer Dabbelt, Albert Ou, Alexandre Ghiti,
	Shuah Khan

On 3/6/26 03:16, Leon Hwang wrote:
> On 6/3/26 10:14, Kumar Kartikeya Dwivedi wrote:
>> On Fri, 6 Mar 2026 at 03:04, Leon Hwang <leon.hwang@linux.dev> wrote:
>>>
>>> Hi Viktor,
>>>
>>> On 5/3/26 23:25, Viktor Malik wrote:
>>>> Both sleepable and fmod_ret programs are only allowed on selected
>>>> functions. For convenience, the error injection list was originally
>>>> used.
>>>>
>>>> When error injection is disabled, that list is empty and sleepable
>>>> tracing programs, as well as fmod_ret programs, are effectively
>>>> unavailable.
>>>>
>>>> This patch series addresses the issue by at least enabling sleepable and
>>>> fmod_ret programs on syscalls, if error injection is disabled.
>>>>
>>>
>>> Could you please explain more about the purpose in cover letter?
>>>
>>> I'm curious about enabling fmod_ret programs on syscalls, as they are
>>> able to modify the retval of syscalls.
>>
>> It was already discussed at length here:
>> https://lore.kernel.org/bpf/CAADnVQJ4PU7bCb5XO9+zMZhLRSdbCKwxG6Rtojh2Rc3UZ8H43Q@mail.gmail.com/
>>
> 
> Thanks for pointing this out.
> 
> Thanks,
> Leon
> 
>> I think the next version could include a link to the previous thread
>> in the cover letter for posterity.

Good point, I'll definitely add a link to the discussion.

>>
>>>
>>> Thanks,
>>> Leon
>>>
>>>> Viktor Malik (3):
>>>>   bpf: Always allow sleepable programs on syscalls
>>>>   bpf: Always allow fmod_ret programs on syscalls
>>>>   selftests/bpf: Move sleepable refcounted_kptr tests to syscalls
>>>>
>>>>  kernel/bpf/verifier.c                         | 79 +++++++++++++++----
>>>>  .../selftests/bpf/progs/refcounted_kptr.c     |  4 +-
>>>>  .../bpf/progs/refcounted_kptr_fail.c          |  2 +-
>>>>  3 files changed, 68 insertions(+), 17 deletions(-)
>>>>
>>>
>>>
> 


^ permalink raw reply	[flat|nested] 15+ messages in thread

end of thread, other threads:[~2026-03-06  8:38 UTC | newest]

Thread overview: 15+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-03-05 15:25 [PATCH bpf-next 0/3] Always allow sleepable and fmod_ret programs on syscalls Viktor Malik
2026-03-05 15:25 ` [PATCH bpf-next 1/3] bpf: Always allow sleepable " Viktor Malik
2026-03-05 16:07   ` bot+bpf-ci
2026-03-06  2:02     ` Kumar Kartikeya Dwivedi
2026-03-06  6:23       ` Viktor Malik
2026-03-06  2:05   ` Leon Hwang
2026-03-06  7:09     ` Viktor Malik
2026-03-06  7:41       ` Leon Hwang
2026-03-06  8:38         ` Viktor Malik
2026-03-05 15:25 ` [PATCH bpf-next 2/3] bpf: Always allow fmod_ret " Viktor Malik
2026-03-05 15:25 ` [PATCH bpf-next 3/3] selftests/bpf: Move sleepable refcounted_kptr tests to syscalls Viktor Malik
2026-03-06  2:04 ` [PATCH bpf-next 0/3] Always allow sleepable and fmod_ret programs on syscalls Leon Hwang
2026-03-06  2:14   ` Kumar Kartikeya Dwivedi
2026-03-06  2:16     ` Leon Hwang
2026-03-06  6:26       ` Viktor Malik

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox