Commit 1ef0736c authored by Jakub Kicinski's avatar Jakub Kicinski
Browse files

Merge https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next 

Daniel Borkmann says:

====================
pull-request: bpf-next 2022-05-23

We've added 113 non-merge commits during the last 26 day(s) which contain
a total of 121 files changed, 7425 insertions(+), 1586 deletions(-).

The main changes are:

1) Speed up symbol resolution for kprobes multi-link attachments, from Jiri Olsa.

2) Add BPF dynamic pointer infrastructure e.g. to allow for dynamically sized ringbuf
   reservations without extra memory copies, from Joanne Koong.

3) Big batch of libbpf improvements towards libbpf 1.0 release, from Andrii Nakryiko.

4) Add BPF link iterator to traverse links via seq_file ops, from Dmitrii Dolgov.

5) Add source IP address to BPF tunnel key infrastructure, from Kaixi Fan.

6) Refine unprivileged BPF to disable only object-creating commands, from Alan Maguire.

7) Fix JIT blinding of ld_imm64 when they point to subprogs, from Alexei Starovoitov.

8) Add BPF access to mptcp_sock structures and their meta data, from Geliang Tang.

9) Add new BPF helper for access to remote CPU's BPF map elements, from Feng Zhou.

10) Allow attaching 64-bit cookie to BPF link of fentry/fexit/fmod_ret, from Kui-Feng Lee.

11) Follow-ups to typed pointer support in BPF maps, from Kumar Kartikeya Dwivedi.

12) Add busy-poll test cases to the XSK selftest suite, from Magnus Karlsson.

13) Improvements in BPF selftest test_progs subtest output, from Mykola Lysenko.

14) Fill bpf_prog_pack allocator areas with illegal instructions, from Song Liu.

15) Add generic batch operations for BPF map-in-map cases, from Takshak Chahande.

16) Make bpf_jit_enable more user friendly when permanently on 1, from Tiezhu Yang.

17) Fix an array overflow in bpf_trampoline_get_progs(), from Yuntao Wang.

====================

Link: https://lore.kernel.org/r/20220523223805.27931-1-daniel@iogearbox.net


Signed-off-by: default avatarJakub Kicinski <kuba@kernel.org>
parents 9fa87dd2 608b638e

Documentation/bpf/instruction-set.rst

+2 −2
Original line number Diff line number Diff line
@@ -130,7 +130,7 @@ Byte swap instructions 
The byte swap instructions use an instruction class of ``BFP_ALU`` and a 4-bit

code field of ``BPF_END``.



The byte swap instructions instructions operate on the destination register

The byte swap instructions operate on the destination register

only and do not use a separate source register or immediate value.



The 1-bit source operand field in the opcode is used to to select what byte
@@ -157,7 +157,7 @@ Examples: 
  dst_reg = htobe64(dst_reg)



``BPF_FROM_LE`` and ``BPF_FROM_BE`` exist as aliases for ``BPF_TO_LE`` and

``BPF_TO_LE`` respetively.

``BPF_TO_BE`` respectively.





Jump instructions

MAINTAINERS

+2 −0
Original line number Diff line number Diff line
@@ -13799,6 +13799,7 @@ F: include/net/mptcp.h 
F:	include/trace/events/mptcp.h

F:	include/uapi/linux/mptcp.h

F:	net/mptcp/

F:	tools/testing/selftests/bpf/*/*mptcp*.c

F:	tools/testing/selftests/net/mptcp/









NETWORKING [TCP]








@@ -21551,6 +21552,7 @@ K:	(?:\b|_)xdp(?:\b|_)







XDP SOCKETS (AF_XDP)









M:	Björn Töpel <bjorn@kernel.org>









M:	Magnus Karlsson <magnus.karlsson@intel.com>









M:	Maciej Fijalkowski <maciej.fijalkowski@intel.com>









R:	Jonathan Lemon <jonathan.lemon@gmail.com>









L:	netdev@vger.kernel.org









L:	bpf@vger.kernel.org

























arch/s390/net/bpf_jit_comp.c



+1
−1






























Original line number
Diff line number
Diff line







@@ -1809,7 +1809,7 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *fp)







	/*









	 * Three initial passes:









	 *   - 1/2: Determine clobbered registers









	 *   - 3:   Calculate program size and addrs arrray









	 *   - 3:   Calculate program size and addrs array









	 */









	for (pass = 1; pass <= 3; pass++) {









		if (bpf_jit_prog(&jit, fp, extra_pass, stack_depth)) {
































arch/x86/include/asm/text-patching.h



+1
−0






























Original line number
Diff line number
Diff line







@@ -45,6 +45,7 @@ extern void *text_poke(void *addr, const void *opcode, size_t len);







extern void text_poke_sync(void);









extern void *text_poke_kgdb(void *addr, const void *opcode, size_t len);









extern void *text_poke_copy(void *addr, const void *opcode, size_t len);









extern void *text_poke_set(void *addr, int c, size_t len);









extern int poke_int3_handler(struct pt_regs *regs);









extern void text_poke_bp(void *addr, const void *opcode, size_t len, const void *emulate);










































arch/x86/kernel/alternative.c



+57
−10






























Original line number
Diff line number
Diff line







@@ -994,7 +994,21 @@ static inline void unuse_temporary_mm(temp_mm_state_t prev_state)







__ro_after_init struct mm_struct *poking_mm;









__ro_after_init unsigned long poking_addr;



















static void *__text_poke(void *addr, const void *opcode, size_t len)









static void text_poke_memcpy(void *dst, const void *src, size_t len)









{









	memcpy(dst, src, len);









}



















static void text_poke_memset(void *dst, const void *src, size_t len)









{









	int c = *(const int *)src;



















	memset(dst, c, len);









}



















typedef void text_poke_f(void *dst, const void *src, size_t len);



















static void *__text_poke(text_poke_f func, void *addr, const void *src, size_t len)









{









	bool cross_page_boundary = offset_in_page(addr) + len > PAGE_SIZE;









	struct page *pages[2] = {NULL};








@@ -1059,7 +1073,7 @@ static void *__text_poke(void *addr, const void *opcode, size_t len)







	prev = use_temporary_mm(poking_mm);



















	kasan_disable_current();









	memcpy((u8 *)poking_addr + offset_in_page(addr), opcode, len);









	func((u8 *)poking_addr + offset_in_page(addr), src, len);









	kasan_enable_current();



















	/*








@@ -1087,11 +1101,13 @@ static void *__text_poke(void *addr, const void *opcode, size_t len)







			   (cross_page_boundary ? 2 : 1) * PAGE_SIZE,









			   PAGE_SHIFT, false);



















	if (func == text_poke_memcpy) {









		/*









		 * If the text does not match what we just wrote then something is









		 * fundamentally screwy; there's nothing we can really do about that.









		 */









	BUG_ON(memcmp(addr, opcode, len));









		BUG_ON(memcmp(addr, src, len));









	}



















	local_irq_restore(flags);









	pte_unmap_unlock(ptep, ptl);








@@ -1118,7 +1134,7 @@ void *text_poke(void *addr, const void *opcode, size_t len)







{









	lockdep_assert_held(&text_mutex);



















	return __text_poke(addr, opcode, len);









	return __text_poke(text_poke_memcpy, addr, opcode, len);









}



















/**








@@ -1137,7 +1153,7 @@ void *text_poke(void *addr, const void *opcode, size_t len)







 */









void *text_poke_kgdb(void *addr, const void *opcode, size_t len)









{









	return __text_poke(addr, opcode, len);









	return __text_poke(text_poke_memcpy, addr, opcode, len);









}



















/**








@@ -1167,7 +1183,38 @@ void *text_poke_copy(void *addr, const void *opcode, size_t len)

















		s = min_t(size_t, PAGE_SIZE * 2 - offset_in_page(ptr), len - patched);



















		__text_poke((void *)ptr, opcode + patched, s);









		__text_poke(text_poke_memcpy, (void *)ptr, opcode + patched, s);









		patched += s;









	}









	mutex_unlock(&text_mutex);









	return addr;









}



















/**









 * text_poke_set - memset into (an unused part of) RX memory









 * @addr: address to modify









 * @c: the byte to fill the area with









 * @len: length to copy, could be more than 2x PAGE_SIZE









 *









 * This is useful to overwrite unused regions of RX memory with illegal









 * instructions.









 */









void *text_poke_set(void *addr, int c, size_t len)









{









	unsigned long start = (unsigned long)addr;









	size_t patched = 0;



















	if (WARN_ON_ONCE(core_kernel_text(start)))









		return NULL;



















	mutex_lock(&text_mutex);









	while (patched < len) {









		unsigned long ptr = start + patched;









		size_t s;



















		s = min_t(size_t, PAGE_SIZE * 2 - offset_in_page(ptr), len - patched);



















		__text_poke(text_poke_memset, (void *)ptr, (void *)&c, s);









		patched += s;









	}









	mutex_unlock(&text_mutex);