* [PATCH bpf-next 0/2] Modify BPF_JIT_ALWAYS_ON and BPF_JIT_DEFAULT_ON @ 2022-02-11 8:57 Tiezhu Yang 2022-02-11 8:57 ` [PATCH bpf-next 1/2] bpf: Add some description about BPF_JIT_ALWAYS_ON in Kconfig Tiezhu Yang 2022-02-11 8:57 ` [PATCH bpf-next 2/2] bpf: Make BPF_JIT_DEFAULT_ON selectable " Tiezhu Yang 0 siblings, 2 replies; 6+ messages in thread From: Tiezhu Yang @ 2022-02-11 8:57 UTC (permalink / raw) To: Alexei Starovoitov, Daniel Borkmann, Andrii Nakryiko, Martin KaFai Lau, Song Liu, Yonghong Song, John Fastabend, KP Singh Cc: Xuefeng Li, netdev, bpf, linux-kernel Tiezhu Yang (2): bpf: Add some description about BPF_JIT_ALWAYS_ON in Kconfig bpf: Make BPF_JIT_DEFAULT_ON selectable in Kconfig kernel/bpf/Kconfig | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) -- 2.1.0 ^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH bpf-next 1/2] bpf: Add some description about BPF_JIT_ALWAYS_ON in Kconfig 2022-02-11 8:57 [PATCH bpf-next 0/2] Modify BPF_JIT_ALWAYS_ON and BPF_JIT_DEFAULT_ON Tiezhu Yang @ 2022-02-11 8:57 ` Tiezhu Yang 2022-02-11 14:44 ` Daniel Borkmann 2022-02-11 8:57 ` [PATCH bpf-next 2/2] bpf: Make BPF_JIT_DEFAULT_ON selectable " Tiezhu Yang 1 sibling, 1 reply; 6+ messages in thread From: Tiezhu Yang @ 2022-02-11 8:57 UTC (permalink / raw) To: Alexei Starovoitov, Daniel Borkmann, Andrii Nakryiko, Martin KaFai Lau, Song Liu, Yonghong Song, John Fastabend, KP Singh Cc: Xuefeng Li, netdev, bpf, linux-kernel When CONFIG_BPF_JIT_ALWAYS_ON is enabled, bpf_jit_enable is permanently set to 1 and setting any other value than that will return in failure. Add the above description in the help text of BPF_JIT_ALWAYS_ON, and then we can distinguish between BPF_JIT_ALWAYS_ON and BPF_JIT_DEFAULT_ON. Signed-off-by: Tiezhu Yang <yangtiezhu@loongson.cn> --- kernel/bpf/Kconfig | 3 +++ 1 file changed, 3 insertions(+) diff --git a/kernel/bpf/Kconfig b/kernel/bpf/Kconfig index d24d518..88409f8 100644 --- a/kernel/bpf/Kconfig +++ b/kernel/bpf/Kconfig @@ -58,6 +58,9 @@ config BPF_JIT_ALWAYS_ON Enables BPF JIT and removes BPF interpreter to avoid speculative execution of BPF instructions by the interpreter. + When CONFIG_BPF_JIT_ALWAYS_ON is enabled, bpf_jit_enable is permanently + set to 1 and setting any other value than that will return in failure. + config BPF_JIT_DEFAULT_ON def_bool ARCH_WANT_DEFAULT_BPF_JIT || BPF_JIT_ALWAYS_ON depends on HAVE_EBPF_JIT && BPF_JIT -- 2.1.0 ^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH bpf-next 1/2] bpf: Add some description about BPF_JIT_ALWAYS_ON in Kconfig 2022-02-11 8:57 ` [PATCH bpf-next 1/2] bpf: Add some description about BPF_JIT_ALWAYS_ON in Kconfig Tiezhu Yang @ 2022-02-11 14:44 ` Daniel Borkmann 0 siblings, 0 replies; 6+ messages in thread From: Daniel Borkmann @ 2022-02-11 14:44 UTC (permalink / raw) To: Tiezhu Yang, Alexei Starovoitov, Andrii Nakryiko, Martin KaFai Lau, Song Liu, Yonghong Song, John Fastabend, KP Singh Cc: Xuefeng Li, netdev, bpf, linux-kernel On 2/11/22 9:57 AM, Tiezhu Yang wrote: > When CONFIG_BPF_JIT_ALWAYS_ON is enabled, bpf_jit_enable is permanently > set to 1 and setting any other value than that will return in failure. > > Add the above description in the help text of BPF_JIT_ALWAYS_ON, and then > we can distinguish between BPF_JIT_ALWAYS_ON and BPF_JIT_DEFAULT_ON. > > Signed-off-by: Tiezhu Yang <yangtiezhu@loongson.cn> > --- > kernel/bpf/Kconfig | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/kernel/bpf/Kconfig b/kernel/bpf/Kconfig > index d24d518..88409f8 100644 > --- a/kernel/bpf/Kconfig > +++ b/kernel/bpf/Kconfig > @@ -58,6 +58,9 @@ config BPF_JIT_ALWAYS_ON > Enables BPF JIT and removes BPF interpreter to avoid speculative > execution of BPF instructions by the interpreter. > > + When CONFIG_BPF_JIT_ALWAYS_ON is enabled, bpf_jit_enable is permanently > + set to 1 and setting any other value than that will return in failure. Small nit here: lets use the full path (/proc/sys/net/core/bpf_jit_enable) in order to be consistent with the other descriptions in this Kconfig. > config BPF_JIT_DEFAULT_ON > def_bool ARCH_WANT_DEFAULT_BPF_JIT || BPF_JIT_ALWAYS_ON > depends on HAVE_EBPF_JIT && BPF_JIT > ^ permalink raw reply [flat|nested] 6+ messages in thread
* [PATCH bpf-next 2/2] bpf: Make BPF_JIT_DEFAULT_ON selectable in Kconfig 2022-02-11 8:57 [PATCH bpf-next 0/2] Modify BPF_JIT_ALWAYS_ON and BPF_JIT_DEFAULT_ON Tiezhu Yang 2022-02-11 8:57 ` [PATCH bpf-next 1/2] bpf: Add some description about BPF_JIT_ALWAYS_ON in Kconfig Tiezhu Yang @ 2022-02-11 8:57 ` Tiezhu Yang 2022-02-11 10:23 ` Daniel Borkmann 1 sibling, 1 reply; 6+ messages in thread From: Tiezhu Yang @ 2022-02-11 8:57 UTC (permalink / raw) To: Alexei Starovoitov, Daniel Borkmann, Andrii Nakryiko, Martin KaFai Lau, Song Liu, Yonghong Song, John Fastabend, KP Singh Cc: Xuefeng Li, netdev, bpf, linux-kernel Currently, it is not possible to set bpf_jit_enable to 1 by default and the users can change it to 0 or 2, it seems bad for some users, make BPF_JIT_DEFAULT_ON selectable to give them a chance. Signed-off-by: Tiezhu Yang <yangtiezhu@loongson.cn> --- kernel/bpf/Kconfig | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/kernel/bpf/Kconfig b/kernel/bpf/Kconfig index 88409f8..28b7d71 100644 --- a/kernel/bpf/Kconfig +++ b/kernel/bpf/Kconfig @@ -54,6 +54,7 @@ config BPF_JIT config BPF_JIT_ALWAYS_ON bool "Permanently enable BPF JIT and remove BPF interpreter" depends on BPF_SYSCALL && HAVE_EBPF_JIT && BPF_JIT + select BPF_JIT_DEFAULT_ON help Enables BPF JIT and removes BPF interpreter to avoid speculative execution of BPF instructions by the interpreter. @@ -62,8 +63,16 @@ config BPF_JIT_ALWAYS_ON set to 1 and setting any other value than that will return in failure. config BPF_JIT_DEFAULT_ON - def_bool ARCH_WANT_DEFAULT_BPF_JIT || BPF_JIT_ALWAYS_ON - depends on HAVE_EBPF_JIT && BPF_JIT + bool "Defaultly enable BPF JIT and remove BPF interpreter" + default y if ARCH_WANT_DEFAULT_BPF_JIT + depends on BPF_SYSCALL && HAVE_EBPF_JIT && BPF_JIT + help + Enables BPF JIT and removes BPF interpreter to avoid speculative + execution of BPF instructions by the interpreter. + + When CONFIG_BPF_JIT_DEFAULT_ON is enabled but CONFIG_BPF_JIT_ALWAYS_ON + is disabled, bpf_jit_enable is set to 1 by default and can be changed + to 0 or 2. config BPF_UNPRIV_DEFAULT_OFF bool "Disable unprivileged BPF by default" -- 2.1.0 ^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [PATCH bpf-next 2/2] bpf: Make BPF_JIT_DEFAULT_ON selectable in Kconfig 2022-02-11 8:57 ` [PATCH bpf-next 2/2] bpf: Make BPF_JIT_DEFAULT_ON selectable " Tiezhu Yang @ 2022-02-11 10:23 ` Daniel Borkmann 2022-02-12 2:40 ` Tiezhu Yang 0 siblings, 1 reply; 6+ messages in thread From: Daniel Borkmann @ 2022-02-11 10:23 UTC (permalink / raw) To: Tiezhu Yang, Alexei Starovoitov, Andrii Nakryiko, Martin KaFai Lau, Song Liu, Yonghong Song, John Fastabend, KP Singh Cc: Xuefeng Li, netdev, bpf, linux-kernel On 2/11/22 9:57 AM, Tiezhu Yang wrote: > Currently, it is not possible to set bpf_jit_enable to 1 by default > and the users can change it to 0 or 2, it seems bad for some users, > make BPF_JIT_DEFAULT_ON selectable to give them a chance. I'm not fully sure I follow the above, so you are saying that a kconfig of !BPF_JIT_ALWAYS_ON and ARCH_WANT_DEFAULT_BPF_JIT, enables BPF_JIT_DEFAULT_ON however in such setting you are not able to reset bpf_jit_enable back to 0 at runtime? Thanks, Daniel ^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [PATCH bpf-next 2/2] bpf: Make BPF_JIT_DEFAULT_ON selectable in Kconfig 2022-02-11 10:23 ` Daniel Borkmann @ 2022-02-12 2:40 ` Tiezhu Yang 0 siblings, 0 replies; 6+ messages in thread From: Tiezhu Yang @ 2022-02-12 2:40 UTC (permalink / raw) To: Daniel Borkmann, Alexei Starovoitov, Andrii Nakryiko, Martin KaFai Lau, Song Liu, Yonghong Song, John Fastabend, KP Singh Cc: Xuefeng Li, netdev, bpf, linux-kernel On 02/11/2022 06:23 PM, Daniel Borkmann wrote: > On 2/11/22 9:57 AM, Tiezhu Yang wrote: >> Currently, it is not possible to set bpf_jit_enable to 1 by default >> and the users can change it to 0 or 2, it seems bad for some users, >> make BPF_JIT_DEFAULT_ON selectable to give them a chance. > > I'm not fully sure I follow the above, so you are saying that a kconfig of > !BPF_JIT_ALWAYS_ON and ARCH_WANT_DEFAULT_BPF_JIT, enables > BPF_JIT_DEFAULT_ON > however in such setting you are not able to reset bpf_jit_enable back to > 0 at > runtime? Oh, no. Sorry for the unclear description. currently, only x86, arm64 and s390 select ARCH_WANT_DEFAULT_BPF_JIT, the other archs do not select ARCH_WANT_DEFAULT_BPF_JIT. On the archs without ARCH_WANT_DEFAULT_BPF_JIT, if we want to set bpf_jit_enable to 1 by default, the only way is to enable CONFIG_BPF_JIT_ALWAYS_ON, then the users can not change it to 0 or 2, it seems bad for some users, we can select ARCH_WANT_DEFAULT_BPF_JIT for those archs if it is proper, but at least for now, make BPF_JIT_DEFAULT_ON selectable can give them a chance. Additionaly, with this patch, under !BPF_JIT_ALWAYS_ON, we can disable BPF_JIT_DEFAULT_ON on the archs with ARCH_WANT_DEFAULT_BPF_JIT when make menuconfig, it seems flexible for some developers. If you are OK, I will update the commit message and then send v2. Thanks, Tiezhu > > Thanks, > Daniel ^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2022-02-12 2:40 UTC | newest] Thread overview: 6+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2022-02-11 8:57 [PATCH bpf-next 0/2] Modify BPF_JIT_ALWAYS_ON and BPF_JIT_DEFAULT_ON Tiezhu Yang 2022-02-11 8:57 ` [PATCH bpf-next 1/2] bpf: Add some description about BPF_JIT_ALWAYS_ON in Kconfig Tiezhu Yang 2022-02-11 14:44 ` Daniel Borkmann 2022-02-11 8:57 ` [PATCH bpf-next 2/2] bpf: Make BPF_JIT_DEFAULT_ON selectable " Tiezhu Yang 2022-02-11 10:23 ` Daniel Borkmann 2022-02-12 2:40 ` Tiezhu Yang
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).