Commit 92046e83 authored by Jakub Kicinski's avatar Jakub Kicinski
Browse files

Merge tag 'for-netdev' of https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next 

Daniel Borkmann says:

====================
pull-request: bpf-next 2024-01-26

We've added 107 non-merge commits during the last 4 day(s) which contain
a total of 101 files changed, 6009 insertions(+), 1260 deletions(-).

The main changes are:

1) Add BPF token support to delegate a subset of BPF subsystem
   functionality from privileged system-wide daemons such as systemd
   through special mount options for userns-bound BPF fs to a trusted
   & unprivileged application. With addressed changes from Christian
   and Linus' reviews, from Andrii Nakryiko.

2) Support registration of struct_ops types from modules which helps
   projects like fuse-bpf that seeks to implement a new struct_ops type,
   from Kui-Feng Lee.

3) Add support for retrieval of cookies for perf/kprobe multi links,
   from Jiri Olsa.

4) Bigger batch of prep-work for the BPF verifier to eventually support
   preserving boundaries and tracking scalars on narrowing fills,
   from Maxim Mikityanskiy.

5) Extend the tc BPF flavor to support arbitrary TCP SYN cookies to help
   with the scenario of SYN floods, from Kuniyuki Iwashima.

6) Add code generation to inline the bpf_kptr_xchg() helper which
   improves performance when stashing/popping the allocated BPF objects,
   from Hou Tao.

7) Extend BPF verifier to track aligned ST stores as imprecise spilled
   registers, from Yonghong Song.

8) Several fixes to BPF selftests around inline asm constraints and
   unsupported VLA code generation, from Jose E. Marchesi.

9) Various updates to the BPF IETF instruction set draft document such
   as the introduction of conformance groups for instructions,
   from Dave Thaler.

10) Fix BPF verifier to make infinite loop detection in is_state_visited()
    exact to catch some too lax spill/fill corner cases,
    from Eduard Zingerman.

11) Refactor the BPF verifier pointer ALU check to allow ALU explicitly
    instead of implicitly for various register types, from Hao Sun.

12) Fix the flaky tc_redirect_dtime BPF selftest due to slowness
    in neighbor advertisement at setup time, from Martin KaFai Lau.

13) Change BPF selftests to skip callback tests for the case when the
    JIT is disabled, from Tiezhu Yang.

14) Add a small extension to libbpf which allows to auto create
    a map-in-map's inner map, from Andrey Grafin.

* tag 'for-netdev' of https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next: (107 commits)
  selftests/bpf: Add missing line break in test_verifier
  bpf, docs: Clarify definitions of various instructions
  bpf: Fix error checks against bpf_get_btf_vmlinux().
  bpf: One more maintainer for libbpf and BPF selftests
  selftests/bpf: Incorporate LSM policy to token-based tests
  selftests/bpf: Add tests for LIBBPF_BPF_TOKEN_PATH envvar
  libbpf: Support BPF token path setting through LIBBPF_BPF_TOKEN_PATH envvar
  selftests/bpf: Add tests for BPF object load with implicit token
  selftests/bpf: Add BPF object loading tests with explicit token passing
  libbpf: Wire up BPF token support at BPF object level
  libbpf: Wire up token_fd into feature probing logic
  libbpf: Move feature detection code into its own file
  libbpf: Further decouple feature checking logic from bpf_object
  libbpf: Split feature detectors definitions from cached results
  selftests/bpf: Utilize string values for delegate_xxx mount options
  bpf: Support symbolic BPF FS delegation mount options
  bpf: Fail BPF_TOKEN_CREATE if no delegation option was set on BPF FS
  bpf,selinux: Allocate bpf_security_struct per BPF token
  selftests/bpf: Add BPF token-enabled tests
  libbpf: Add BPF token support to bpf_prog_load() API
  ...
====================

Link: https://lore.kernel.org/r/20240126215710.19855-1-daniel@iogearbox.net


Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
parents c09f32a8 fa7178b0

Documentation/bpf/standardization/instruction-set.rst

+54 −26
Original line number Diff line number Diff line
@@ -97,6 +97,28 @@ Definitions 
    A:          10000110

    B: 11111111 10000110



Conformance groups

------------------



An implementation does not need to support all instructions specified in this

document (e.g., deprecated instructions).  Instead, a number of conformance

groups are specified.  An implementation must support the "basic" conformance

group and may support additional conformance groups, where supporting a

conformance group means it must support all instructions in that conformance

group.



The use of named conformance groups enables interoperability between a runtime

that executes instructions, and tools as such compilers that generate

instructions for the runtime.  Thus, capability discovery in terms of

conformance groups might be done manually by users or automatically by tools.



Each conformance group has a short ASCII label (e.g., "basic") that

corresponds to a set of instructions that are mandatory.  That is, each

instruction has one or more conformance groups of which it is a member.



The "basic" conformance group includes all instructions defined in this

specification unless otherwise noted.



Instruction encoding

====================
@@ -152,9 +174,9 @@ and imm containing the high 32 bits of the immediate value. 
This is depicted in the following figure::



        basic_instruction

  .-----------------------------.

  .------------------------------.

  |                              |

  code:8 regs:8 offset:16 imm:32 unused:32 imm:32

  opcode:8 regs:8 offset:16 imm:32 unused:32 imm:32

                                   |              |

                                   '--------------'

                                  pseudo instruction
@@ -295,7 +317,11 @@ The ``BPF_MOVSX`` instruction does a move operation with sign extension. 
``BPF_ALU | BPF_MOVSX`` :term:`sign extends<Sign Extend>` 8-bit and 16-bit operands into 32

bit operands, and zeroes the remaining upper 32 bits.

``BPF_ALU64 | BPF_MOVSX`` :term:`sign extends<Sign Extend>` 8-bit, 16-bit, and 32-bit

operands into 64 bit operands.

operands into 64 bit operands.  Unlike other arithmetic instructions,

``BPF_MOVSX`` is only defined for register source operands (``BPF_X``).



The ``BPF_NEG`` instruction is only defined when the source bit is clear

(``BPF_K``).



Shift operations use a mask of 0x3F (63) for 64-bit operations and 0x1F (31)

for 32-bit operations.
@@ -352,11 +378,11 @@ Jump instructions 
otherwise identical operations.

The 'code' field encodes the operation as below:



========  =====  ===  ===========================================  =========================================

========  =====  ===  ===============================  =============================================

code      value  src  description                      notes

========  =====  ===  ===========================================  =========================================

BPF_JA    0x0    0x0  PC += offset                                 BPF_JMP class

BPF_JA    0x0    0x0  PC += imm                                    BPF_JMP32 class

========  =====  ===  ===============================  =============================================

BPF_JA    0x0    0x0  PC += offset                     BPF_JMP | BPF_K only

BPF_JA    0x0    0x0  PC += imm                        BPF_JMP32 | BPF_K only

BPF_JEQ   0x1    any  PC += offset if dst == src

BPF_JGT   0x2    any  PC += offset if dst > src        unsigned

BPF_JGE   0x3    any  PC += offset if dst >= src       unsigned
@@ -364,15 +390,15 @@ BPF_JSET 0x4 any PC += offset if dst & src 
BPF_JNE   0x5    any  PC += offset if dst != src

BPF_JSGT  0x6    any  PC += offset if dst > src        signed

BPF_JSGE  0x7    any  PC += offset if dst >= src       signed

BPF_CALL  0x8    0x0  call helper function by address              see `Helper functions`_

BPF_CALL  0x8    0x1  call PC += imm                               see `Program-local functions`_

BPF_CALL  0x8    0x2  call helper function by BTF ID               see `Helper functions`_

BPF_EXIT  0x9    0x0  return                                       BPF_JMP only

BPF_CALL  0x8    0x0  call helper function by address  BPF_JMP | BPF_K only, see `Helper functions`_

BPF_CALL  0x8    0x1  call PC += imm                   BPF_JMP | BPF_K only, see `Program-local functions`_

BPF_CALL  0x8    0x2  call helper function by BTF ID   BPF_JMP | BPF_K only, see `Helper functions`_

BPF_EXIT  0x9    0x0  return                           BPF_JMP | BPF_K only

BPF_JLT   0xa    any  PC += offset if dst < src        unsigned

BPF_JLE   0xb    any  PC += offset if dst <= src       unsigned

BPF_JSLT  0xc    any  PC += offset if dst < src        signed

BPF_JSLE  0xd    any  PC += offset if dst <= src       signed

========  =====  ===  ===========================================  =========================================

========  =====  ===  ===============================  =============================================



The BPF program needs to store the return value into register R0 before doing a

``BPF_EXIT``.
@@ -610,4 +636,6 @@ Legacy BPF Packet access instructions 


BPF previously introduced special instructions for access to packet data that were

carried over from classic BPF. However, these instructions are

deprecated and should no longer be used.
 
deprecated and should no longer be used.  All legacy packet access

instructions belong to the "legacy" conformance group instead of the "basic"

conformance group.

Documentation/bpf/verifier.rst

+1 −1
Original line number Diff line number Diff line
@@ -562,7 +562,7 @@ works:: 
  * ``checkpoint[0].r1`` is marked as read;



* At instruction #5 exit is reached and ``checkpoint[0]`` can now be processed

  by ``clean_live_states()``. After this processing ``checkpoint[0].r0`` has a

  by ``clean_live_states()``. After this processing ``checkpoint[0].r1`` has a

  read mark and all other registers and stack slots are marked as ``NOT_INIT``

  or ``STACK_INVALID``

MAINTAINERS

+3 −0
Original line number Diff line number Diff line
@@ -3799,6 +3799,7 @@ M: Alexei Starovoitov <ast@kernel.org> 
M:	Daniel Borkmann <daniel@iogearbox.net>

M:	Andrii Nakryiko <andrii@kernel.org>

R:	Martin KaFai Lau <martin.lau@linux.dev>

R:	Eduard Zingerman <eddyz87@gmail.com>

R:	Song Liu <song@kernel.org>

R:	Yonghong Song <yonghong.song@linux.dev>

R:	John Fastabend <john.fastabend@gmail.com>
@@ -3859,6 +3860,7 @@ F: net/unix/unix_bpf.c 








BPF [LIBRARY] (libbpf)









M:	Andrii Nakryiko <andrii@kernel.org>









M:	Eduard Zingerman <eddyz87@gmail.com>









L:	bpf@vger.kernel.org









S:	Maintained









F:	tools/lib/bpf/








@@ -3916,6 +3918,7 @@ F:	security/bpf/















BPF [SELFTESTS] (Test Runners & Infrastructure)









M:	Andrii Nakryiko <andrii@kernel.org>









M:	Eduard Zingerman <eddyz87@gmail.com>









R:	Mykola Lysenko <mykolal@fb.com>









L:	bpf@vger.kernel.org









S:	Maintained
































arch/arm64/net/bpf_jit_comp.c



+5
−0






























Original line number
Diff line number
Diff line







@@ -2305,3 +2305,8 @@ int bpf_arch_text_poke(void *ip, enum bpf_text_poke_type poke_type,

















	return ret;









}



















bool bpf_jit_supports_ptr_xchg(void)









{









	return true;









}
























arch/x86/net/bpf_jit_comp.c



+5
−0






























Original line number
Diff line number
Diff line







@@ -3242,3 +3242,8 @@ void bpf_arch_poke_desc_update(struct bpf_jit_poke_descriptor *poke,







		BUG_ON(ret < 0);









	}









}



















bool bpf_jit_supports_ptr_xchg(void)









{









	return true;









}