From: Daniel Xu <dxu@dxuuu.xyz>
To: linux-fsdevel@vger.kernel.org,
linux-trace-kernel@vger.kernel.org,
linux-perf-users@vger.kernel.org,
linux-kselftest@vger.kernel.org, netfilter-devel@vger.kernel.org,
bpf@vger.kernel.org, coreteam@netfilter.org,
linux-kernel@vger.kernel.org, linux-media@vger.kernel.org,
netdev@vger.kernel.org
Subject: [RFC bpf-next 00/13] bpf: Introduce modular verifier
Date: Tue, 8 Apr 2025 21:33:55 -0600 [thread overview]
Message-ID: <cover.1744169424.git.dxu@dxuuu.xyz> (raw)
This patchset adds the base infrastructure for modular BPF verifier.
The motivation remains unchanged from the LSFMMBPF25 proposal [0].
However, the design has diverged. Rather than immediately going for the
facade described in [0], we instead make a stop first at the continously
exported copies of the verifier in an out-of-tree repository, with a
separate copy for each kernel release. Each copy will receive as many
verifier backports as possible within the "boundary" of the modular
portions.
For example, a patch that changes the verifier at the same time as one
of the kernel symbols it depends on cannot be applied, as at runtime
only the verifier portion can be updated. However, a patch that only
changes verifier.c can be applied, as it's within the boundary. Rough
analysis of past data shows that most verifier changes fall within the
latter category. The jupyter notebook for this can be found here [1].
From here, we'll gradually enlarge the "boundary" to enable backports of
more and more patches, with the north star being the facade as described
in the proposal. Ideally, completion of the facade will render the
out-of-tree repository useless.
[0]: https://lore.kernel.org/bpf/nahst74z46ov7ii3vmriyhk25zo6tkf2f3hsulzjzselvobbbu@pqn6wfdibwqb/
[1]: https://github.com/danobi/verifier-analysis/blob/master/analysis.ipynb
Daniel Xu (13):
bpf: Move bpf_prog_ctx_arg_info_init() body into header
bpf: Move BTF related globals out of verifier.c
bpf: Move percpu memory allocator definition into core
bpf: Move bpf_check_attach_target() to core
bpf: Remove map_set_for_each_callback_args callback for maps
bpf: Move kfunc definitions out of verifier.c
bpf: Make bpf_free_kfunc_btf_tab() static in core
selftests: bpf: Avoid attaching to bpf_check()
perf: Export perf_snapshot_branch_stack static key
bpf: verifier: Add indirection to kallsyms_lookup_name()
treewide: bpf: Export symbols used by verifier
bpf: verifier: Make verifier loadable
bpf: Supporting building verifier.ko out-of-tree
arch/x86/net/bpf_jit_comp.c | 2 +
drivers/media/rc/bpf-lirc.c | 1 +
fs/bpf_fs_kfuncs.c | 4 +
include/linux/bpf.h | 82 ++-
include/linux/bpf_verifier.h | 7 -
include/linux/btf.h | 4 +
kernel/bpf/Kbuild | 8 +
kernel/bpf/Kconfig | 12 +
kernel/bpf/Makefile | 3 +-
kernel/bpf/arraymap.c | 2 -
kernel/bpf/bpf_iter.c | 1 +
kernel/bpf/bpf_lsm.c | 5 +
kernel/bpf/bpf_struct_ops.c | 2 +
kernel/bpf/btf.c | 61 +-
kernel/bpf/cgroup.c | 4 +
kernel/bpf/core.c | 463 ++++++++++++++++
kernel/bpf/disasm.c | 4 +
kernel/bpf/hashtab.c | 4 -
kernel/bpf/helpers.c | 2 +
kernel/bpf/local_storage.c | 2 +
kernel/bpf/log.c | 12 +
kernel/bpf/map_iter.c | 1 +
kernel/bpf/memalloc.c | 3 +
kernel/bpf/offload.c | 10 +
kernel/bpf/syscall.c | 52 +-
kernel/bpf/tnum.c | 20 +
kernel/bpf/token.c | 1 +
kernel/bpf/trampoline.c | 5 +
kernel/bpf/verifier.c | 521 ++----------------
kernel/events/callchain.c | 3 +
kernel/events/core.c | 1 +
kernel/trace/bpf_trace.c | 9 +
lib/error-inject.c | 2 +
net/core/filter.c | 26 +
net/core/xdp.c | 2 +
net/netfilter/nf_bpf_link.c | 1 +
.../selftests/bpf/progs/exceptions_assert.c | 2 +-
.../selftests/bpf/progs/exceptions_fail.c | 4 +-
38 files changed, 834 insertions(+), 514 deletions(-)
create mode 100644 kernel/bpf/Kbuild
--
2.47.1
next reply other threads:[~2025-04-09 3:34 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-04-09 3:33 Daniel Xu [this message]
2025-04-09 3:33 ` [RFC bpf-next 01/13] bpf: Move bpf_prog_ctx_arg_info_init() body into header Daniel Xu
2025-04-09 3:33 ` [RFC bpf-next 02/13] bpf: Move BTF related globals out of verifier.c Daniel Xu
2025-04-09 3:33 ` [RFC bpf-next 03/13] bpf: Move percpu memory allocator definition into core Daniel Xu
2025-04-09 3:33 ` [RFC bpf-next 04/13] bpf: Move bpf_check_attach_target() to core Daniel Xu
2025-04-09 3:34 ` [RFC bpf-next 05/13] bpf: Remove map_set_for_each_callback_args callback for maps Daniel Xu
2025-04-09 3:34 ` [RFC bpf-next 06/13] bpf: Move kfunc definitions out of verifier.c Daniel Xu
2025-04-09 3:34 ` [RFC bpf-next 07/13] bpf: Make bpf_free_kfunc_btf_tab() static in core Daniel Xu
2025-04-09 3:34 ` [RFC bpf-next 08/13] selftests: bpf: Avoid attaching to bpf_check() Daniel Xu
2025-04-09 3:34 ` [RFC bpf-next 09/13] perf: Export perf_snapshot_branch_stack static key Daniel Xu
2025-04-09 3:34 ` [RFC bpf-next 10/13] bpf: verifier: Add indirection to kallsyms_lookup_name() Daniel Xu
2025-04-09 14:25 ` Stanislav Fomichev
2025-04-15 4:28 ` Daniel Xu
2025-04-09 3:34 ` [RFC bpf-next 11/13] treewide: bpf: Export symbols used by verifier Daniel Xu
2025-04-21 16:13 ` Alexei Starovoitov
2025-04-09 3:34 ` [RFC bpf-next 12/13] bpf: verifier: Make verifier loadable Daniel Xu
2025-04-09 3:34 ` [RFC bpf-next 13/13] bpf: Supporting building verifier.ko out-of-tree Daniel Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1744169424.git.dxu@dxuuu.xyz \
--to=dxu@dxuuu.xyz \
--cc=bpf@vger.kernel.org \
--cc=coreteam@netfilter.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-kselftest@vger.kernel.org \
--cc=linux-media@vger.kernel.org \
--cc=linux-perf-users@vger.kernel.org \
--cc=linux-trace-kernel@vger.kernel.org \
--cc=netdev@vger.kernel.org \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).