From: Quentin Monnet <quentin.monnet@netronome.com>
To: Daniel Borkmann <daniel@iogearbox.net>,
Alexei Starovoitov <ast@kernel.org>
Cc: netdev@vger.kernel.org, oss-drivers@netronome.com,
Quentin Monnet <quentin.monnet@netronome.com>
Subject: [PATCH bpf-next 11/12] nfp: bpf: support pointers to other stack frames for BPF-to-BPF calls
Date: Sun, 7 Oct 2018 12:56:57 +0100 [thread overview]
Message-ID: <1538913418-16039-12-git-send-email-quentin.monnet@netronome.com> (raw)
In-Reply-To: <1538913418-16039-1-git-send-email-quentin.monnet@netronome.com>
Mark instructions that use pointers to areas in the stack outside of the
current stack frame, and process them accordingly in mem_op_stack().
This way, we also support BPF-to-BPF calls where the caller passes a
pointer to data in its own stack frame to the callee (typically, when
the caller passes an address to one of its local variables located in
the stack, as an argument).
Thanks to Jakub and Jiong for figuring out how to deal with this case,
I just had to turn their email discussion into this patch.
Suggested-by: Jiong Wang <jiong.wang@netronome.com>
Suggested-by: Jakub Kicinski <jakub.kicinski@netronome.com>
Signed-off-by: Quentin Monnet <quentin.monnet@netronome.com>
Reviewed-by: Jiong Wang <jiong.wang@netronome.com>
Reviewed-by: Jakub Kicinski <jakub.kicinski@netronome.com>
---
drivers/net/ethernet/netronome/nfp/bpf/jit.c | 3 ++-
drivers/net/ethernet/netronome/nfp/bpf/main.h | 1 +
drivers/net/ethernet/netronome/nfp/bpf/verifier.c | 3 +++
3 files changed, 6 insertions(+), 1 deletion(-)
diff --git a/drivers/net/ethernet/netronome/nfp/bpf/jit.c b/drivers/net/ethernet/netronome/nfp/bpf/jit.c
index b393f9dea584..6ed1b5207ecd 100644
--- a/drivers/net/ethernet/netronome/nfp/bpf/jit.c
+++ b/drivers/net/ethernet/netronome/nfp/bpf/jit.c
@@ -1178,7 +1178,8 @@ mem_op_stack(struct nfp_prog *nfp_prog, struct nfp_insn_meta *meta,
bool lm3 = true;
int ret;
- if (meta->ptr_not_const) {
+ if (meta->ptr_not_const ||
+ meta->flags & FLAG_INSN_PTR_CALLER_STACK_FRAME) {
/* Use of the last encountered ptr_off is OK, they all have
* the same alignment. Depend on low bits of value being
* discarded when written to LMaddr register.
diff --git a/drivers/net/ethernet/netronome/nfp/bpf/main.h b/drivers/net/ethernet/netronome/nfp/bpf/main.h
index 44b787a0bd4b..25e10cfa2678 100644
--- a/drivers/net/ethernet/netronome/nfp/bpf/main.h
+++ b/drivers/net/ethernet/netronome/nfp/bpf/main.h
@@ -267,6 +267,7 @@ struct nfp_bpf_reg_state {
#define FLAG_INSN_IS_JUMP_DST BIT(0)
#define FLAG_INSN_IS_SUBPROG_START BIT(1)
+#define FLAG_INSN_PTR_CALLER_STACK_FRAME BIT(2)
/**
* struct nfp_insn_meta - BPF instruction wrapper
diff --git a/drivers/net/ethernet/netronome/nfp/bpf/verifier.c b/drivers/net/ethernet/netronome/nfp/bpf/verifier.c
index f31721bd1fac..cddb70786a58 100644
--- a/drivers/net/ethernet/netronome/nfp/bpf/verifier.c
+++ b/drivers/net/ethernet/netronome/nfp/bpf/verifier.c
@@ -336,6 +336,9 @@ nfp_bpf_check_stack_access(struct nfp_prog *nfp_prog,
{
s32 old_off, new_off;
+ if (reg->frameno != env->cur_state->curframe)
+ meta->flags |= FLAG_INSN_PTR_CALLER_STACK_FRAME;
+
if (!tnum_is_const(reg->var_off)) {
pr_vlog(env, "variable ptr stack access\n");
return -EINVAL;
--
2.7.4
next prev parent reply other threads:[~2018-10-07 19:04 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-07 11:56 [PATCH bpf-next 00/12] nfp: bpf: add support for BPF-to-BPF function calls Quentin Monnet
2018-10-07 11:56 ` [PATCH bpf-next 01/12] bpf: add verifier callback to get stack usage info for offloaded progs Quentin Monnet
2018-10-07 11:56 ` [PATCH bpf-next 02/12] nfp: bpf: rename nfp_prog->stack_depth as nfp_prog->stack_frame_depth Quentin Monnet
2018-10-07 11:56 ` [PATCH bpf-next 03/12] nfp: bpf: copy eBPF subprograms information from kernel verifier Quentin Monnet
2018-10-07 11:56 ` [PATCH bpf-next 04/12] nfp: bpf: ignore helper-related checks for BPF calls in nfp verifier Quentin Monnet
2018-10-07 11:56 ` [PATCH bpf-next 05/12] nfp: bpf: account for BPF-to-BPF calls when preparing nfp JIT Quentin Monnet
2018-10-07 11:56 ` [PATCH bpf-next 06/12] nfp: bpf: add main logics for BPF-to-BPF calls support in nfp driver Quentin Monnet
2018-10-07 11:56 ` [PATCH bpf-next 07/12] nfp: bpf: account for additional stack usage when checking stack limit Quentin Monnet
2018-10-07 11:56 ` [PATCH bpf-next 08/12] nfp: bpf: update fixup function for BPF-to-BPF calls support Quentin Monnet
2018-10-07 11:56 ` [PATCH bpf-next 09/12] nfp: bpf: fix return address from register-saving subroutine to callee Quentin Monnet
2018-10-07 11:56 ` [PATCH bpf-next 10/12] nfp: bpf: optimise save/restore for R6~R9 based on register usage Quentin Monnet
2018-10-07 11:56 ` Quentin Monnet [this message]
2018-10-07 11:56 ` [PATCH bpf-next 12/12] bpf: allow offload of programs with BPF-to-BPF function calls Quentin Monnet
2018-10-08 8:36 ` [PATCH bpf-next 00/12] nfp: bpf: add support for " Daniel Borkmann
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1538913418-16039-12-git-send-email-quentin.monnet@netronome.com \
--to=quentin.monnet@netronome.com \
--cc=ast@kernel.org \
--cc=daniel@iogearbox.net \
--cc=netdev@vger.kernel.org \
--cc=oss-drivers@netronome.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).