From: Jiong Wang <jiong.wang@netronome.com>
To: alexei.starovoitov@gmail.com, daniel@iogearbox.net
Cc: ecree@solarflare.com, naveen.n.rao@linux.vnet.ibm.com,
andriin@fb.com, jakub.kicinski@netronome.com,
bpf@vger.kernel.org, netdev@vger.kernel.org,
oss-drivers@netronome.com, Jiong Wang <jiong.wang@netronome.com>
Subject: [RFC bpf-next 3/8] bpf: migrate jit blinding to list patching infra
Date: Thu, 4 Jul 2019 22:26:46 +0100 [thread overview]
Message-ID: <1562275611-31790-4-git-send-email-jiong.wang@netronome.com> (raw)
In-Reply-To: <1562275611-31790-1-git-send-email-jiong.wang@netronome.com>
List linerization function will figure out the new jump destination of
patched/blinded jumps. No need of destination adjustment inside
bpf_jit_blind_insn any more.
Signed-off-by: Jiong Wang <jiong.wang@netronome.com>
---
kernel/bpf/core.c | 76 ++++++++++++++++++++++++++-----------------------------
1 file changed, 36 insertions(+), 40 deletions(-)
diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c
index e60703e..c3a5f84 100644
--- a/kernel/bpf/core.c
+++ b/kernel/bpf/core.c
@@ -1162,7 +1162,6 @@ static int bpf_jit_blind_insn(const struct bpf_insn *from,
{
struct bpf_insn *to = to_buff;
u32 imm_rnd = get_random_int();
- s16 off;
BUILD_BUG_ON(BPF_REG_AX + 1 != MAX_BPF_JIT_REG);
BUILD_BUG_ON(MAX_BPF_REG + 1 != MAX_BPF_JIT_REG);
@@ -1234,13 +1233,10 @@ static int bpf_jit_blind_insn(const struct bpf_insn *from,
case BPF_JMP | BPF_JSGE | BPF_K:
case BPF_JMP | BPF_JSLE | BPF_K:
case BPF_JMP | BPF_JSET | BPF_K:
- /* Accommodate for extra offset in case of a backjump. */
- off = from->off;
- if (off < 0)
- off -= 2;
*to++ = BPF_ALU64_IMM(BPF_MOV, BPF_REG_AX, imm_rnd ^ from->imm);
*to++ = BPF_ALU64_IMM(BPF_XOR, BPF_REG_AX, imm_rnd);
- *to++ = BPF_JMP_REG(from->code, from->dst_reg, BPF_REG_AX, off);
+ *to++ = BPF_JMP_REG(from->code, from->dst_reg, BPF_REG_AX,
+ from->off);
break;
case BPF_JMP32 | BPF_JEQ | BPF_K:
@@ -1254,14 +1250,10 @@ static int bpf_jit_blind_insn(const struct bpf_insn *from,
case BPF_JMP32 | BPF_JSGE | BPF_K:
case BPF_JMP32 | BPF_JSLE | BPF_K:
case BPF_JMP32 | BPF_JSET | BPF_K:
- /* Accommodate for extra offset in case of a backjump. */
- off = from->off;
- if (off < 0)
- off -= 2;
*to++ = BPF_ALU32_IMM(BPF_MOV, BPF_REG_AX, imm_rnd ^ from->imm);
*to++ = BPF_ALU32_IMM(BPF_XOR, BPF_REG_AX, imm_rnd);
*to++ = BPF_JMP32_REG(from->code, from->dst_reg, BPF_REG_AX,
- off);
+ from->off);
break;
case BPF_LD | BPF_IMM | BPF_DW:
@@ -1332,10 +1324,9 @@ void bpf_jit_prog_release_other(struct bpf_prog *fp, struct bpf_prog *fp_other)
struct bpf_prog *bpf_jit_blind_constants(struct bpf_prog *prog)
{
struct bpf_insn insn_buff[16], aux[2];
- struct bpf_prog *clone, *tmp;
- int insn_delta, insn_cnt;
- struct bpf_insn *insn;
- int i, rewritten;
+ struct bpf_list_insn *list, *elem;
+ struct bpf_prog *clone, *ret_prog;
+ int rewritten;
if (!bpf_jit_blinding_enabled(prog) || prog->blinded)
return prog;
@@ -1344,43 +1335,48 @@ struct bpf_prog *bpf_jit_blind_constants(struct bpf_prog *prog)
if (!clone)
return ERR_PTR(-ENOMEM);
- insn_cnt = clone->len;
- insn = clone->insnsi;
+ list = bpf_create_list_insn(clone);
+ if (IS_ERR(list))
+ return (struct bpf_prog *)list;
+
+ /* kill uninitialized warning on some gcc versions. */
+ memset(&aux, 0, sizeof(aux));
+
+ for (elem = list; elem; elem = elem->next) {
+ struct bpf_list_insn *next = elem->next;
+ struct bpf_insn insn = elem->insn;
- for (i = 0; i < insn_cnt; i++, insn++) {
/* We temporarily need to hold the original ld64 insn
* so that we can still access the first part in the
* second blinding run.
*/
- if (insn[0].code == (BPF_LD | BPF_IMM | BPF_DW) &&
- insn[1].code == 0)
- memcpy(aux, insn, sizeof(aux));
+ if (insn.code == (BPF_LD | BPF_IMM | BPF_DW)) {
+ struct bpf_insn next_insn = next->insn;
- rewritten = bpf_jit_blind_insn(insn, aux, insn_buff);
+ if (next_insn.code == 0) {
+ aux[0] = insn;
+ aux[1] = next_insn;
+ }
+ }
+
+ rewritten = bpf_jit_blind_insn(&insn, aux, insn_buff);
if (!rewritten)
continue;
- tmp = bpf_patch_insn_single(clone, i, insn_buff, rewritten);
- if (IS_ERR(tmp)) {
- /* Patching may have repointed aux->prog during
- * realloc from the original one, so we need to
- * fix it up here on error.
- */
- bpf_jit_prog_release_other(prog, clone);
- return tmp;
+ elem = bpf_patch_list_insn(elem, insn_buff, rewritten);
+ if (IS_ERR(elem)) {
+ ret_prog = (struct bpf_prog *)elem;
+ goto free_list_ret;
}
-
- clone = tmp;
- insn_delta = rewritten - 1;
-
- /* Walk new program and skip insns we just inserted. */
- insn = clone->insnsi + i + insn_delta;
- insn_cnt += insn_delta;
- i += insn_delta;
}
- clone->blinded = 1;
- return clone;
+ clone = bpf_linearize_list_insn(clone, list);
+ if (!IS_ERR(clone))
+ clone->blinded = 1;
+ ret_prog = clone;
+free_list_ret:
+ bpf_destroy_list_insn(list);
+ return ret_prog;
}
#endif /* CONFIG_BPF_JIT */
--
2.7.4
next prev parent reply other threads:[~2019-07-04 21:27 UTC|newest]
Thread overview: 32+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-04 21:26 [RFC bpf-next 0/8] bpf: accelerate insn patching speed Jiong Wang
2019-07-04 21:26 ` [RFC bpf-next 1/8] bpf: introducing list based insn patching infra to core layer Jiong Wang
2019-07-10 17:49 ` Andrii Nakryiko
2019-07-11 11:53 ` Jiong Wang
2019-07-12 19:48 ` Andrii Nakryiko
2019-07-15 9:58 ` Jiong Wang
2019-07-04 21:26 ` [RFC bpf-next 2/8] bpf: extend list based insn patching infra to verification layer Jiong Wang
2019-07-10 17:50 ` Andrii Nakryiko
2019-07-11 11:59 ` [oss-drivers] " Jiong Wang
2019-07-11 12:20 ` Jiong Wang
2019-07-12 19:51 ` Andrii Nakryiko
2019-07-15 10:02 ` Jiong Wang
2019-07-15 22:29 ` Andrii Nakryiko
2019-07-16 8:12 ` Jiong Wang
2019-07-04 21:26 ` Jiong Wang [this message]
2019-07-04 21:26 ` [RFC bpf-next 4/8] bpf: migrate convert_ctx_accesses to list patching infra Jiong Wang
2019-07-04 21:26 ` [RFC bpf-next 5/8] bpf: migrate fixup_bpf_calls " Jiong Wang
2019-07-04 21:26 ` [RFC bpf-next 6/8] bpf: migrate zero extension opt " Jiong Wang
2019-07-04 21:26 ` [RFC bpf-next 7/8] bpf: migrate insn remove " Jiong Wang
2019-07-04 21:26 ` [RFC bpf-next 8/8] bpf: delete all those code around old insn patching infrastructure Jiong Wang
2019-07-10 17:39 ` [RFC bpf-next 0/8] bpf: accelerate insn patching speed Andrii Nakryiko
2019-07-11 11:22 ` Jiong Wang
2019-07-12 19:43 ` Andrii Nakryiko
2019-07-15 9:21 ` Jiong Wang
2019-07-15 22:55 ` Andrii Nakryiko
2019-07-15 23:00 ` Andrii Nakryiko
2019-07-16 8:50 ` Jiong Wang
2019-07-16 16:17 ` Alexei Starovoitov
2019-07-16 19:39 ` Jiong Wang
2019-07-16 22:12 ` Jakub Kicinski
2019-07-17 1:17 ` Alexei Starovoitov
2019-07-16 17:49 ` Andrii Nakryiko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1562275611-31790-4-git-send-email-jiong.wang@netronome.com \
--to=jiong.wang@netronome.com \
--cc=alexei.starovoitov@gmail.com \
--cc=andriin@fb.com \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=ecree@solarflare.com \
--cc=jakub.kicinski@netronome.com \
--cc=naveen.n.rao@linux.vnet.ibm.com \
--cc=netdev@vger.kernel.org \
--cc=oss-drivers@netronome.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).