Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 457740a9 authored by David S. Miller's avatar David S. Miller
Browse files

Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next 



Alexei Starovoitov says:

====================
pull-request: bpf-next 2018-01-26

The following pull-request contains BPF updates for your *net-next* tree.

The main changes are:

1) A number of extensions to tcp-bpf, from Lawrence.
    - direct R or R/W access to many tcp_sock fields via bpf_sock_ops
    - passing up to 3 arguments to bpf_sock_ops functions
    - tcp_sock field bpf_sock_ops_cb_flags for controlling callbacks
    - optionally calling bpf_sock_ops program when RTO fires
    - optionally calling bpf_sock_ops program when packet is retransmitted
    - optionally calling bpf_sock_ops program when TCP state changes
    - access to tclass and sk_txhash
    - new selftest

2) div/mod exception handling, from Daniel.
    One of the ugly leftovers from the early eBPF days is that div/mod
    operations based on registers have a hard-coded src_reg == 0 test
    in the interpreter as well as in JIT code generators that would
    return from the BPF program with exit code 0. This was basically
    adopted from cBPF interpreter for historical reasons.
    There are multiple reasons why this is very suboptimal and prone
    to bugs. To name one: the return code mapping for such abnormal
    program exit of 0 does not always match with a suitable program
    type's exit code mapping. For example, '0' in tc means action 'ok'
    where the packet gets passed further up the stack, which is just
    undesirable for such cases (e.g. when implementing policy) and
    also does not match with other program types.
    After considering _four_ different ways to address the problem,
    we adapt the same behavior as on some major archs like ARMv8:
    X div 0 results in 0, and X mod 0 results in X. aarch64 and
    aarch32 ISA do not generate any traps or otherwise aborts
    of program execution for unsigned divides.
    Given the options, it seems the most suitable from
    all of them, also since major archs have similar schemes in
    place. Given this is all in the realm of undefined behavior,
    we still have the option to adapt if deemed necessary.

3) sockmap sample refactoring, from John.

4) lpm map get_next_key fixes, from Yonghong.

5) test cleanups, from Alexei and Prashant.
====================

Signed-off-by: default avatarDavid S. Miller <davem@davemloft.net>
parents 6b2e2829 8223967f

Documentation/networking/filter.txt

+1 −1
Original line number Diff line number Diff line
@@ -1134,7 +1134,7 @@ The verifier's knowledge about the variable offset consists of: 
mask and value; no bit should ever be 1 in both.  For example, if a byte is read

into a register from memory, the register's top 56 bits are known zero, while

the low 8 are unknown - which is represented as the tnum (0x0; 0xff).  If we

then OR this with 0x40, we get (0x40; 0xcf), then if we add 1 we get (0x0;

then OR this with 0x40, we get (0x40; 0xbf), then if we add 1 we get (0x0;

0x1ff), because of potential carries.

Besides arithmetic, the register state can also be updated by conditional

branches.  For instance, if a SCALAR_VALUE is compared > 8, in the 'true' branch

arch/arm/net/bpf_jit_32.c

+0 −8
Original line number Diff line number Diff line
@@ -363,15 +363,7 @@ static inline int epilogue_offset(const struct jit_ctx *ctx) 
static inline void emit_udivmod(u8 rd, u8 rm, u8 rn, struct jit_ctx *ctx, u8 op)

{

	const u8 *tmp = bpf2a32[TMP_REG_1];

	s32 jmp_offset;



	/* checks if divisor is zero or not. If it is, then

	 * exit directly.

	 */

	emit(ARM_CMP_I(rn, 0), ctx);

	_emit(ARM_COND_EQ, ARM_MOV_I(ARM_R0, 0), ctx);

	jmp_offset = epilogue_offset(ctx);

	_emit(ARM_COND_EQ, ARM_B(jmp_offset), ctx);

#if __LINUX_ARM_ARCH__ == 7

	if (elf_hwcap & HWCAP_IDIVA) {

		if (op == BPF_DIV)

arch/arm64/net/bpf_jit_comp.c

+0 −13
Original line number Diff line number Diff line
@@ -390,18 +390,6 @@ static int build_insn(const struct bpf_insn *insn, struct jit_ctx *ctx) 
	case BPF_ALU64 | BPF_DIV | BPF_X:

	case BPF_ALU | BPF_MOD | BPF_X:

	case BPF_ALU64 | BPF_MOD | BPF_X:

	{

		const u8 r0 = bpf2a64[BPF_REG_0];



		/* if (src == 0) return 0 */

		jmp_offset = 3; /* skip ahead to else path */

		check_imm19(jmp_offset);

		emit(A64_CBNZ(is64, src, jmp_offset), ctx);

		emit(A64_MOVZ(1, r0, 0, 0), ctx);

		jmp_offset = epilogue_offset(ctx);

		check_imm26(jmp_offset);

		emit(A64_B(jmp_offset), ctx);

		/* else */

		switch (BPF_OP(code)) {

		case BPF_DIV:

			emit(A64_UDIV(is64, dst, dst, src), ctx);
@@ -413,7 +401,6 @@ static int build_insn(const struct bpf_insn *insn, struct jit_ctx *ctx) 
			break;

		}

		break;

	}

	case BPF_ALU | BPF_LSH | BPF_X:

	case BPF_ALU64 | BPF_LSH | BPF_X:

		emit(A64_LSLV(is64, dst, dst, src), ctx);

arch/mips/net/ebpf_jit.c

+4 −25
Original line number Diff line number Diff line
@@ -741,16 +741,11 @@ static int build_one_insn(const struct bpf_insn *insn, struct jit_ctx *ctx, 
		break;

	case BPF_ALU | BPF_DIV | BPF_K: /* ALU_IMM */

	case BPF_ALU | BPF_MOD | BPF_K: /* ALU_IMM */

		if (insn->imm == 0)

			return -EINVAL;

		dst = ebpf_to_mips_reg(ctx, insn, dst_reg);

		if (dst < 0)

			return dst;

		if (insn->imm == 0) { /* Div by zero */

			b_off = b_imm(exit_idx, ctx);

			if (is_bad_offset(b_off))

				return -E2BIG;

			emit_instr(ctx, beq, MIPS_R_ZERO, MIPS_R_ZERO, b_off);

			emit_instr(ctx, addu, MIPS_R_V0, MIPS_R_ZERO, MIPS_R_ZERO);

		}

		td = get_reg_val_type(ctx, this_idx, insn->dst_reg);

		if (td == REG_64BIT || td == REG_32BIT_ZERO_EX)

			/* sign extend */
@@ -770,19 +765,13 @@ static int build_one_insn(const struct bpf_insn *insn, struct jit_ctx *ctx, 
		break;

	case BPF_ALU64 | BPF_DIV | BPF_K: /* ALU_IMM */

	case BPF_ALU64 | BPF_MOD | BPF_K: /* ALU_IMM */

		if (insn->imm == 0)

			return -EINVAL;

		dst = ebpf_to_mips_reg(ctx, insn, dst_reg);

		if (dst < 0)

			return dst;

		if (insn->imm == 0) { /* Div by zero */

			b_off = b_imm(exit_idx, ctx);

			if (is_bad_offset(b_off))

				return -E2BIG;

			emit_instr(ctx, beq, MIPS_R_ZERO, MIPS_R_ZERO, b_off);

			emit_instr(ctx, addu, MIPS_R_V0, MIPS_R_ZERO, MIPS_R_ZERO);

		}

		if (get_reg_val_type(ctx, this_idx, insn->dst_reg) == REG_32BIT)

			emit_instr(ctx, dinsu, dst, MIPS_R_ZERO, 32, 32);



		if (insn->imm == 1) {

			/* div by 1 is a nop, mod by 1 is zero */

			if (bpf_op == BPF_MOD)
@@ -860,11 +849,6 @@ static int build_one_insn(const struct bpf_insn *insn, struct jit_ctx *ctx, 
			break;

		case BPF_DIV:

		case BPF_MOD:

			b_off = b_imm(exit_idx, ctx);

			if (is_bad_offset(b_off))

				return -E2BIG;

			emit_instr(ctx, beq, src, MIPS_R_ZERO, b_off);

			emit_instr(ctx, movz, MIPS_R_V0, MIPS_R_ZERO, src);

			emit_instr(ctx, ddivu, dst, src);

			if (bpf_op == BPF_DIV)

				emit_instr(ctx, mflo, dst);
@@ -943,11 +927,6 @@ static int build_one_insn(const struct bpf_insn *insn, struct jit_ctx *ctx, 
			break;

		case BPF_DIV:

		case BPF_MOD:

			b_off = b_imm(exit_idx, ctx);

			if (is_bad_offset(b_off))

				return -E2BIG;

			emit_instr(ctx, beq, src, MIPS_R_ZERO, b_off);

			emit_instr(ctx, movz, MIPS_R_V0, MIPS_R_ZERO, src);

			emit_instr(ctx, divu, dst, src);

			if (bpf_op == BPF_DIV)

				emit_instr(ctx, mflo, dst);

arch/powerpc/net/bpf_jit_comp64.c

+0 −8
Original line number Diff line number Diff line
@@ -381,10 +381,6 @@ static int bpf_jit_build_body(struct bpf_prog *fp, u32 *image, 
			goto bpf_alu32_trunc;

		case BPF_ALU | BPF_DIV | BPF_X: /* (u32) dst /= (u32) src */

		case BPF_ALU | BPF_MOD | BPF_X: /* (u32) dst %= (u32) src */

			PPC_CMPWI(src_reg, 0);

			PPC_BCC_SHORT(COND_NE, (ctx->idx * 4) + 12);

			PPC_LI(b2p[BPF_REG_0], 0);

			PPC_JMP(exit_addr);

			if (BPF_OP(code) == BPF_MOD) {

				PPC_DIVWU(b2p[TMP_REG_1], dst_reg, src_reg);

				PPC_MULW(b2p[TMP_REG_1], src_reg,
@@ -395,10 +391,6 @@ static int bpf_jit_build_body(struct bpf_prog *fp, u32 *image, 
			goto bpf_alu32_trunc;

		case BPF_ALU64 | BPF_DIV | BPF_X: /* dst /= src */

		case BPF_ALU64 | BPF_MOD | BPF_X: /* dst %= src */

			PPC_CMPDI(src_reg, 0);

			PPC_BCC_SHORT(COND_NE, (ctx->idx * 4) + 12);

			PPC_LI(b2p[BPF_REG_0], 0);

			PPC_JMP(exit_addr);

			if (BPF_OP(code) == BPF_MOD) {

				PPC_DIVD(b2p[TMP_REG_1], dst_reg, src_reg);

				PPC_MULD(b2p[TMP_REG_1], src_reg,