BPF Archive on lore.kernel.org
 help / color / Atom feed
From: Andrii Nakryiko <andrii.nakryiko@gmail.com>
To: Dmitrii Banshchikov <me@ubique.spb.ru>
Cc: bpf <bpf@vger.kernel.org>, Alexei Starovoitov <ast@kernel.org>,
	Daniel Borkmann <daniel@iogearbox.net>,
	Andrii Nakryiko <andrii@kernel.org>, Martin Lau <kafai@fb.com>,
	Song Liu <songliubraving@fb.com>, Yonghong Song <yhs@fb.com>,
	john fastabend <john.fastabend@gmail.com>,
	KP Singh <kpsingh@chromium.org>, Andrey Ignatov <rdna@fb.com>
Subject: Re: [PATCH v3 bpf-next 3/4] bpf: Support pointers in global func args
Date: Fri, 12 Feb 2021 13:14:30 -0800
Message-ID: <CAEf4BzbpPBW9AHZYPdsKL2KN_3Uenkwn=Ao7mpBduzEVPJXLOw@mail.gmail.com> (raw)
In-Reply-To: <20210212205642.620788-4-me@ubique.spb.ru>

On Fri, Feb 12, 2021 at 12:57 PM Dmitrii Banshchikov <me@ubique.spb.ru> wrote:
> Add an ability to pass a pointer to a type with known size in arguments
> of a global function. Such pointers may be used to overcome the limit on
> the maximum number of arguments, avoid expensive and tricky workarounds
> and to have multiple output arguments.
> A referenced type may contain pointers but indirect access through them
> isn't supported.
> The implementation consists of two parts.  If a global function has an
> argument that is a pointer to a type with known size then:
>   1) In btf_check_func_arg_match(): check that the corresponding
> register points to NULL or to a valid memory region that is large enough
> to contain the expected argument's type.
>   2) In btf_prepare_func_args(): set the corresponding register type to
> PTR_TO_MEM_OR_NULL and its size to the size of the expected type.
> Only global functions are supported because allowance of pointers for
> static functions might break validation. Consider the following
> scenario. A static function has a pointer argument. A caller passes
> pointer to its stack memory. Because the callee can change referenced
> memory verifier cannot longer assume any particular slot type of the
> caller's stack memory hence the slot type is changed to SLOT_MISC.  If
> there is an operation that relies on slot type other than SLOT_MISC then
> verifier won't be able to infer safety of the operation.
> When verifier sees a static function that has a pointer argument
> different from PTR_TO_CTX then it skips arguments check and continues
> with "inline" validation with more information available. The operation
> that relies on the particular slot type now succeeds.
> Because global functions were not allowed to have pointer arguments
> different from PTR_TO_CTX it's not possible to break existing and valid
> code.
> Signed-off-by: Dmitrii Banshchikov <me@ubique.spb.ru>
> ---

Acked-by: Andrii Nakryiko <andrii@kernel.org>

>  include/linux/bpf_verifier.h |  2 ++
>  kernel/bpf/btf.c             | 55 +++++++++++++++++++++++++++++-------
>  kernel/bpf/verifier.c        | 30 ++++++++++++++++++++
>  3 files changed, 77 insertions(+), 10 deletions(-)


  reply index

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-02-12 20:56 [PATCH v3 bpf-next 0/4] Add support of pointer to struct in global functions Dmitrii Banshchikov
2021-02-12 20:56 ` [PATCH v3 bpf-next 1/4] bpf: Rename bpf_reg_state variables Dmitrii Banshchikov
2021-02-12 21:11   ` Andrii Nakryiko
2021-02-12 20:56 ` [PATCH v3 bpf-next 2/4] bpf: Extract nullable reg type conversion into a helper function Dmitrii Banshchikov
2021-02-12 21:12   ` Andrii Nakryiko
2021-02-12 20:56 ` [PATCH v3 bpf-next 3/4] bpf: Support pointers in global func args Dmitrii Banshchikov
2021-02-12 21:14   ` Andrii Nakryiko [this message]
2021-02-13  2:09   ` Alexei Starovoitov
2021-02-15  6:25     ` Dmitrii Banshchikov
2021-02-12 20:56 ` [PATCH v3 bpf-next 4/4] selftests/bpf: Add unit tests for pointers in global functions Dmitrii Banshchikov
2021-02-12 21:15   ` Andrii Nakryiko
2021-02-23  6:43   ` Andrii Nakryiko
2021-02-23  8:22     ` [PATCH] selftests/bpf: Fix a compiler warning in global func test Dmitrii Banshchikov
2021-02-24 15:50       ` patchwork-bot+netdevbpf

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAEf4BzbpPBW9AHZYPdsKL2KN_3Uenkwn=Ao7mpBduzEVPJXLOw@mail.gmail.com' \
    --to=andrii.nakryiko@gmail.com \
    --cc=andrii@kernel.org \
    --cc=ast@kernel.org \
    --cc=bpf@vger.kernel.org \
    --cc=daniel@iogearbox.net \
    --cc=john.fastabend@gmail.com \
    --cc=kafai@fb.com \
    --cc=kpsingh@chromium.org \
    --cc=me@ubique.spb.ru \
    --cc=rdna@fb.com \
    --cc=songliubraving@fb.com \
    --cc=yhs@fb.com \


* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

BPF Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/bpf/0 bpf/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 bpf bpf/ https://lore.kernel.org/bpf \
	public-inbox-index bpf

Example config snippet for mirrors

Newsgroup available over NNTP:

AGPL code for this site: git clone https://public-inbox.org/public-inbox.git