1 // SPDX-License-Identifier: (LGPL-2.1 OR BSD-2-Clause)
4 * Common eBPF ELF object loading operations.
6 * Copyright (C) 2013-2015 Alexei Starovoitov <ast@kernel.org>
7 * Copyright (C) 2015 Wang Nan <wangnan0@huawei.com>
8 * Copyright (C) 2015 Huawei Inc.
9 * Copyright (C) 2017 Nicira, Inc.
10 * Copyright (C) 2019 Isovalent, Inc.
28 #include <asm/unistd.h>
29 #include <linux/err.h>
30 #include <linux/kernel.h>
31 #include <linux/bpf.h>
32 #include <linux/btf.h>
33 #include <linux/filter.h>
34 #include <linux/list.h>
35 #include <linux/limits.h>
36 #include <linux/perf_event.h>
37 #include <linux/ring_buffer.h>
38 #include <linux/version.h>
39 #include <sys/epoll.h>
40 #include <sys/ioctl.h>
43 #include <sys/types.h>
45 #include <sys/utsname.h>
46 #include <sys/resource.h>
54 #include "str_error.h"
55 #include "libbpf_internal.h"
63 #define BPF_FS_MAGIC 0xcafe4a11
66 /* vsprintf() in __base_pr() uses nonliteral format string. It may break
67 * compilation if user enables corresponding warning. Disable it explicitly.
69 #pragma GCC diagnostic ignored "-Wformat-nonliteral"
71 #define __printf(a, b) __attribute__((format(printf, a, b)))
73 static struct bpf_map *bpf_object__add_map(struct bpf_object *obj);
74 static struct bpf_program *bpf_object__find_prog_by_idx(struct bpf_object *obj,
76 static const struct btf_type *
77 skip_mods_and_typedefs(const struct btf *btf, __u32 id, __u32 *res_id);
79 static int __base_pr(enum libbpf_print_level level, const char *format,
82 if (level == LIBBPF_DEBUG)
85 return vfprintf(stderr, format, args);
88 static libbpf_print_fn_t __libbpf_pr = __base_pr;
90 libbpf_print_fn_t libbpf_set_print(libbpf_print_fn_t fn)
92 libbpf_print_fn_t old_print_fn = __libbpf_pr;
99 void libbpf_print(enum libbpf_print_level level, const char *format, ...)
106 va_start(args, format);
107 __libbpf_pr(level, format, args);
111 static void pr_perm_msg(int err)
116 if (err != -EPERM || geteuid() != 0)
119 err = getrlimit(RLIMIT_MEMLOCK, &limit);
123 if (limit.rlim_cur == RLIM_INFINITY)
126 if (limit.rlim_cur < 1024)
127 snprintf(buf, sizeof(buf), "%zu bytes", (size_t)limit.rlim_cur);
128 else if (limit.rlim_cur < 1024*1024)
129 snprintf(buf, sizeof(buf), "%.1f KiB", (double)limit.rlim_cur / 1024);
131 snprintf(buf, sizeof(buf), "%.1f MiB", (double)limit.rlim_cur / (1024*1024));
133 pr_warn("permission error while running as root; try raising 'ulimit -l'? current value: %s\n",
137 #define STRERR_BUFSIZE 128
139 /* Copied from tools/perf/util/util.h */
141 # define zfree(ptr) ({ free(*ptr); *ptr = NULL; })
145 # define zclose(fd) ({ \
148 ___err = close((fd)); \
153 static inline __u64 ptr_to_u64(const void *ptr)
155 return (__u64) (unsigned long) ptr;
158 enum kern_feature_id {
159 /* v4.14: kernel support for program & map names. */
161 /* v5.2: kernel support for global data sections. */
165 /* BTF_KIND_FUNC and BTF_KIND_FUNC_PROTO support */
167 /* BTF_KIND_VAR and BTF_KIND_DATASEC support */
169 /* BTF_FUNC_GLOBAL is supported */
170 FEAT_BTF_GLOBAL_FUNC,
171 /* BPF_F_MMAPABLE is supported for arrays */
173 /* kernel support for expected_attach_type in BPF_PROG_LOAD */
174 FEAT_EXP_ATTACH_TYPE,
175 /* bpf_probe_read_{kernel,user}[_str] helpers */
176 FEAT_PROBE_READ_KERN,
180 static bool kernel_supports(enum kern_feature_id feat_id);
190 enum reloc_type type;
198 typedef struct bpf_link *(*attach_fn_t)(const struct bpf_sec_def *sec,
199 struct bpf_program *prog);
204 enum bpf_prog_type prog_type;
205 enum bpf_attach_type expected_attach_type;
206 bool is_exp_attach_type_optional;
209 attach_fn_t attach_fn;
213 * bpf_prog should be a better name but it has been used in
217 /* Index in elf obj file, for relocation use. */
222 const struct bpf_sec_def *sec_def;
223 /* section_name with / replaced by _; makes recursive pinning
224 * in bpf_object__pin_programs easier
227 struct bpf_insn *insns;
228 size_t insns_cnt, main_prog_cnt;
229 enum bpf_prog_type type;
232 struct reloc_desc *reloc_desc;
240 bpf_program_prep_t preprocessor;
242 struct bpf_object *obj;
244 bpf_program_clear_priv_t clear_priv;
246 enum bpf_attach_type expected_attach_type;
248 __u32 attach_prog_fd;
250 __u32 func_info_rec_size;
254 __u32 line_info_rec_size;
259 struct bpf_struct_ops {
261 const struct btf_type *type;
262 struct bpf_program **progs;
263 __u32 *kern_func_off;
264 /* e.g. struct tcp_congestion_ops in bpf_prog's btf format */
266 /* e.g. struct bpf_struct_ops_tcp_congestion_ops in
267 * btf_vmlinux's format.
268 * struct bpf_struct_ops_tcp_congestion_ops {
269 * [... some other kernel fields ...]
270 * struct tcp_congestion_ops data;
272 * kern_vdata-size == sizeof(struct bpf_struct_ops_tcp_congestion_ops)
273 * bpf_map__init_kern_struct_ops() will populate the "kern_vdata"
280 #define DATA_SEC ".data"
281 #define BSS_SEC ".bss"
282 #define RODATA_SEC ".rodata"
283 #define KCONFIG_SEC ".kconfig"
284 #define KSYMS_SEC ".ksyms"
285 #define STRUCT_OPS_SEC ".struct_ops"
287 enum libbpf_map_type {
295 static const char * const libbpf_type_to_btf_name[] = {
296 [LIBBPF_MAP_DATA] = DATA_SEC,
297 [LIBBPF_MAP_BSS] = BSS_SEC,
298 [LIBBPF_MAP_RODATA] = RODATA_SEC,
299 [LIBBPF_MAP_KCONFIG] = KCONFIG_SEC,
309 struct bpf_map_def def;
312 __u32 btf_key_type_id;
313 __u32 btf_value_type_id;
314 __u32 btf_vmlinux_value_type_id;
316 bpf_map_clear_priv_t clear_priv;
317 enum libbpf_map_type libbpf_type;
319 struct bpf_struct_ops *st_ops;
320 struct bpf_map *inner_map;
344 enum extern_type type;
360 unsigned long long addr;
365 static LIST_HEAD(bpf_objects_list);
368 char name[BPF_OBJ_NAME_LEN];
372 struct bpf_program *programs;
374 struct bpf_map *maps;
379 struct extern_desc *externs;
384 bool has_pseudo_calls;
387 * Information when doing elf related work. Only valid if fd
400 Elf_Data *st_ops_data;
401 size_t shstrndx; /* section index for section name strings */
410 __u32 btf_maps_sec_btf_id;
419 * All loaded bpf_object is linked in a list, which is
420 * hidden to caller. bpf_objects__<func> handlers deal with
423 struct list_head list;
426 /* Parse and load BTF vmlinux if any of the programs in the object need
429 struct btf *btf_vmlinux;
430 struct btf_ext *btf_ext;
433 bpf_object_clear_priv_t clear_priv;
437 #define obj_elf_valid(o) ((o)->efile.elf)
439 static const char *elf_sym_str(const struct bpf_object *obj, size_t off);
440 static const char *elf_sec_str(const struct bpf_object *obj, size_t off);
441 static Elf_Scn *elf_sec_by_idx(const struct bpf_object *obj, size_t idx);
442 static Elf_Scn *elf_sec_by_name(const struct bpf_object *obj, const char *name);
443 static int elf_sec_hdr(const struct bpf_object *obj, Elf_Scn *scn, GElf_Shdr *hdr);
444 static const char *elf_sec_name(const struct bpf_object *obj, Elf_Scn *scn);
445 static Elf_Data *elf_sec_data(const struct bpf_object *obj, Elf_Scn *scn);
447 void bpf_program__unload(struct bpf_program *prog)
455 * If the object is opened but the program was never loaded,
456 * it is possible that prog->instances.nr == -1.
458 if (prog->instances.nr > 0) {
459 for (i = 0; i < prog->instances.nr; i++)
460 zclose(prog->instances.fds[i]);
461 } else if (prog->instances.nr != -1) {
462 pr_warn("Internal error: instances.nr is %d\n",
466 prog->instances.nr = -1;
467 zfree(&prog->instances.fds);
469 zfree(&prog->func_info);
470 zfree(&prog->line_info);
473 static void bpf_program__exit(struct bpf_program *prog)
478 if (prog->clear_priv)
479 prog->clear_priv(prog, prog->priv);
482 prog->clear_priv = NULL;
484 bpf_program__unload(prog);
486 zfree(&prog->section_name);
487 zfree(&prog->pin_name);
489 zfree(&prog->reloc_desc);
496 static char *__bpf_program__pin_name(struct bpf_program *prog)
500 name = p = strdup(prog->section_name);
501 while ((p = strchr(p, '/')))
508 bpf_program__init(void *data, size_t size, const char *section_name, int idx,
509 struct bpf_program *prog)
511 const size_t bpf_insn_sz = sizeof(struct bpf_insn);
513 if (size == 0 || size % bpf_insn_sz) {
514 pr_warn("corrupted section '%s', size: %zu\n",
519 memset(prog, 0, sizeof(*prog));
521 prog->section_name = strdup(section_name);
522 if (!prog->section_name) {
523 pr_warn("failed to alloc name for prog under section(%d) %s\n",
528 prog->pin_name = __bpf_program__pin_name(prog);
529 if (!prog->pin_name) {
530 pr_warn("failed to alloc pin name for prog under section(%d) %s\n",
535 prog->insns = malloc(size);
537 pr_warn("failed to alloc insns for prog under section %s\n",
541 prog->insns_cnt = size / bpf_insn_sz;
542 memcpy(prog->insns, data, size);
544 prog->instances.fds = NULL;
545 prog->instances.nr = -1;
546 prog->type = BPF_PROG_TYPE_UNSPEC;
551 bpf_program__exit(prog);
556 bpf_object__add_program(struct bpf_object *obj, void *data, size_t size,
557 const char *section_name, int idx)
559 struct bpf_program prog, *progs;
562 err = bpf_program__init(data, size, section_name, idx, &prog);
566 progs = obj->programs;
567 nr_progs = obj->nr_programs;
569 progs = libbpf_reallocarray(progs, nr_progs + 1, sizeof(progs[0]));
572 * In this case the original obj->programs
573 * is still valid, so don't need special treat for
574 * bpf_close_object().
576 pr_warn("failed to alloc a new program under section '%s'\n",
578 bpf_program__exit(&prog);
582 pr_debug("elf: found program '%s'\n", prog.section_name);
583 obj->programs = progs;
584 obj->nr_programs = nr_progs + 1;
586 progs[nr_progs] = prog;
591 bpf_object__init_prog_names(struct bpf_object *obj)
593 Elf_Data *symbols = obj->efile.symbols;
594 struct bpf_program *prog;
597 for (pi = 0; pi < obj->nr_programs; pi++) {
598 const char *name = NULL;
600 prog = &obj->programs[pi];
602 for (si = 0; si < symbols->d_size / sizeof(GElf_Sym) && !name; si++) {
605 if (!gelf_getsym(symbols, si, &sym))
607 if (sym.st_shndx != prog->idx)
609 if (GELF_ST_BIND(sym.st_info) != STB_GLOBAL)
612 name = elf_sym_str(obj, sym.st_name);
614 pr_warn("prog '%s': failed to get symbol name\n",
616 return -LIBBPF_ERRNO__LIBELF;
620 if (!name && prog->idx == obj->efile.text_shndx)
624 pr_warn("prog '%s': failed to find program symbol\n",
629 prog->name = strdup(name);
637 static __u32 get_kernel_version(void)
639 __u32 major, minor, patch;
643 if (sscanf(info.release, "%u.%u.%u", &major, &minor, &patch) != 3)
645 return KERNEL_VERSION(major, minor, patch);
648 static const struct btf_member *
649 find_member_by_offset(const struct btf_type *t, __u32 bit_offset)
651 struct btf_member *m;
654 for (i = 0, m = btf_members(t); i < btf_vlen(t); i++, m++) {
655 if (btf_member_bit_offset(t, i) == bit_offset)
662 static const struct btf_member *
663 find_member_by_name(const struct btf *btf, const struct btf_type *t,
666 struct btf_member *m;
669 for (i = 0, m = btf_members(t); i < btf_vlen(t); i++, m++) {
670 if (!strcmp(btf__name_by_offset(btf, m->name_off), name))
677 #define STRUCT_OPS_VALUE_PREFIX "bpf_struct_ops_"
678 static int find_btf_by_prefix_kind(const struct btf *btf, const char *prefix,
679 const char *name, __u32 kind);
682 find_struct_ops_kern_types(const struct btf *btf, const char *tname,
683 const struct btf_type **type, __u32 *type_id,
684 const struct btf_type **vtype, __u32 *vtype_id,
685 const struct btf_member **data_member)
687 const struct btf_type *kern_type, *kern_vtype;
688 const struct btf_member *kern_data_member;
689 __s32 kern_vtype_id, kern_type_id;
692 kern_type_id = btf__find_by_name_kind(btf, tname, BTF_KIND_STRUCT);
693 if (kern_type_id < 0) {
694 pr_warn("struct_ops init_kern: struct %s is not found in kernel BTF\n",
698 kern_type = btf__type_by_id(btf, kern_type_id);
700 /* Find the corresponding "map_value" type that will be used
701 * in map_update(BPF_MAP_TYPE_STRUCT_OPS). For example,
702 * find "struct bpf_struct_ops_tcp_congestion_ops" from the
705 kern_vtype_id = find_btf_by_prefix_kind(btf, STRUCT_OPS_VALUE_PREFIX,
706 tname, BTF_KIND_STRUCT);
707 if (kern_vtype_id < 0) {
708 pr_warn("struct_ops init_kern: struct %s%s is not found in kernel BTF\n",
709 STRUCT_OPS_VALUE_PREFIX, tname);
710 return kern_vtype_id;
712 kern_vtype = btf__type_by_id(btf, kern_vtype_id);
714 /* Find "struct tcp_congestion_ops" from
715 * struct bpf_struct_ops_tcp_congestion_ops {
717 * struct tcp_congestion_ops data;
720 kern_data_member = btf_members(kern_vtype);
721 for (i = 0; i < btf_vlen(kern_vtype); i++, kern_data_member++) {
722 if (kern_data_member->type == kern_type_id)
725 if (i == btf_vlen(kern_vtype)) {
726 pr_warn("struct_ops init_kern: struct %s data is not found in struct %s%s\n",
727 tname, STRUCT_OPS_VALUE_PREFIX, tname);
732 *type_id = kern_type_id;
734 *vtype_id = kern_vtype_id;
735 *data_member = kern_data_member;
740 static bool bpf_map__is_struct_ops(const struct bpf_map *map)
742 return map->def.type == BPF_MAP_TYPE_STRUCT_OPS;
745 /* Init the map's fields that depend on kern_btf */
746 static int bpf_map__init_kern_struct_ops(struct bpf_map *map,
747 const struct btf *btf,
748 const struct btf *kern_btf)
750 const struct btf_member *member, *kern_member, *kern_data_member;
751 const struct btf_type *type, *kern_type, *kern_vtype;
752 __u32 i, kern_type_id, kern_vtype_id, kern_data_off;
753 struct bpf_struct_ops *st_ops;
754 void *data, *kern_data;
758 st_ops = map->st_ops;
760 tname = st_ops->tname;
761 err = find_struct_ops_kern_types(kern_btf, tname,
762 &kern_type, &kern_type_id,
763 &kern_vtype, &kern_vtype_id,
768 pr_debug("struct_ops init_kern %s: type_id:%u kern_type_id:%u kern_vtype_id:%u\n",
769 map->name, st_ops->type_id, kern_type_id, kern_vtype_id);
771 map->def.value_size = kern_vtype->size;
772 map->btf_vmlinux_value_type_id = kern_vtype_id;
774 st_ops->kern_vdata = calloc(1, kern_vtype->size);
775 if (!st_ops->kern_vdata)
779 kern_data_off = kern_data_member->offset / 8;
780 kern_data = st_ops->kern_vdata + kern_data_off;
782 member = btf_members(type);
783 for (i = 0; i < btf_vlen(type); i++, member++) {
784 const struct btf_type *mtype, *kern_mtype;
785 __u32 mtype_id, kern_mtype_id;
786 void *mdata, *kern_mdata;
787 __s64 msize, kern_msize;
788 __u32 moff, kern_moff;
789 __u32 kern_member_idx;
792 mname = btf__name_by_offset(btf, member->name_off);
793 kern_member = find_member_by_name(kern_btf, kern_type, mname);
795 pr_warn("struct_ops init_kern %s: Cannot find member %s in kernel BTF\n",
800 kern_member_idx = kern_member - btf_members(kern_type);
801 if (btf_member_bitfield_size(type, i) ||
802 btf_member_bitfield_size(kern_type, kern_member_idx)) {
803 pr_warn("struct_ops init_kern %s: bitfield %s is not supported\n",
808 moff = member->offset / 8;
809 kern_moff = kern_member->offset / 8;
812 kern_mdata = kern_data + kern_moff;
814 mtype = skip_mods_and_typedefs(btf, member->type, &mtype_id);
815 kern_mtype = skip_mods_and_typedefs(kern_btf, kern_member->type,
817 if (BTF_INFO_KIND(mtype->info) !=
818 BTF_INFO_KIND(kern_mtype->info)) {
819 pr_warn("struct_ops init_kern %s: Unmatched member type %s %u != %u(kernel)\n",
820 map->name, mname, BTF_INFO_KIND(mtype->info),
821 BTF_INFO_KIND(kern_mtype->info));
825 if (btf_is_ptr(mtype)) {
826 struct bpf_program *prog;
828 mtype = skip_mods_and_typedefs(btf, mtype->type, &mtype_id);
829 kern_mtype = skip_mods_and_typedefs(kern_btf,
832 if (!btf_is_func_proto(mtype) ||
833 !btf_is_func_proto(kern_mtype)) {
834 pr_warn("struct_ops init_kern %s: non func ptr %s is not supported\n",
839 prog = st_ops->progs[i];
841 pr_debug("struct_ops init_kern %s: func ptr %s is not set\n",
846 prog->attach_btf_id = kern_type_id;
847 prog->expected_attach_type = kern_member_idx;
849 st_ops->kern_func_off[i] = kern_data_off + kern_moff;
851 pr_debug("struct_ops init_kern %s: func ptr %s is set to prog %s from data(+%u) to kern_data(+%u)\n",
852 map->name, mname, prog->name, moff,
858 msize = btf__resolve_size(btf, mtype_id);
859 kern_msize = btf__resolve_size(kern_btf, kern_mtype_id);
860 if (msize < 0 || kern_msize < 0 || msize != kern_msize) {
861 pr_warn("struct_ops init_kern %s: Error in size of member %s: %zd != %zd(kernel)\n",
862 map->name, mname, (ssize_t)msize,
863 (ssize_t)kern_msize);
867 pr_debug("struct_ops init_kern %s: copy %s %u bytes from data(+%u) to kern_data(+%u)\n",
868 map->name, mname, (unsigned int)msize,
870 memcpy(kern_mdata, mdata, msize);
876 static int bpf_object__init_kern_struct_ops_maps(struct bpf_object *obj)
882 for (i = 0; i < obj->nr_maps; i++) {
885 if (!bpf_map__is_struct_ops(map))
888 err = bpf_map__init_kern_struct_ops(map, obj->btf,
897 static int bpf_object__init_struct_ops_maps(struct bpf_object *obj)
899 const struct btf_type *type, *datasec;
900 const struct btf_var_secinfo *vsi;
901 struct bpf_struct_ops *st_ops;
902 const char *tname, *var_name;
903 __s32 type_id, datasec_id;
904 const struct btf *btf;
908 if (obj->efile.st_ops_shndx == -1)
912 datasec_id = btf__find_by_name_kind(btf, STRUCT_OPS_SEC,
914 if (datasec_id < 0) {
915 pr_warn("struct_ops init: DATASEC %s not found\n",
920 datasec = btf__type_by_id(btf, datasec_id);
921 vsi = btf_var_secinfos(datasec);
922 for (i = 0; i < btf_vlen(datasec); i++, vsi++) {
923 type = btf__type_by_id(obj->btf, vsi->type);
924 var_name = btf__name_by_offset(obj->btf, type->name_off);
926 type_id = btf__resolve_type(obj->btf, vsi->type);
928 pr_warn("struct_ops init: Cannot resolve var type_id %u in DATASEC %s\n",
929 vsi->type, STRUCT_OPS_SEC);
933 type = btf__type_by_id(obj->btf, type_id);
934 tname = btf__name_by_offset(obj->btf, type->name_off);
936 pr_warn("struct_ops init: anonymous type is not supported\n");
939 if (!btf_is_struct(type)) {
940 pr_warn("struct_ops init: %s is not a struct\n", tname);
944 map = bpf_object__add_map(obj);
948 map->sec_idx = obj->efile.st_ops_shndx;
949 map->sec_offset = vsi->offset;
950 map->name = strdup(var_name);
954 map->def.type = BPF_MAP_TYPE_STRUCT_OPS;
955 map->def.key_size = sizeof(int);
956 map->def.value_size = type->size;
957 map->def.max_entries = 1;
959 map->st_ops = calloc(1, sizeof(*map->st_ops));
962 st_ops = map->st_ops;
963 st_ops->data = malloc(type->size);
964 st_ops->progs = calloc(btf_vlen(type), sizeof(*st_ops->progs));
965 st_ops->kern_func_off = malloc(btf_vlen(type) *
966 sizeof(*st_ops->kern_func_off));
967 if (!st_ops->data || !st_ops->progs || !st_ops->kern_func_off)
970 if (vsi->offset + type->size > obj->efile.st_ops_data->d_size) {
971 pr_warn("struct_ops init: var %s is beyond the end of DATASEC %s\n",
972 var_name, STRUCT_OPS_SEC);
977 obj->efile.st_ops_data->d_buf + vsi->offset,
979 st_ops->tname = tname;
981 st_ops->type_id = type_id;
983 pr_debug("struct_ops init: struct %s(type_id=%u) %s found at offset %u\n",
984 tname, type_id, var_name, vsi->offset);
990 static struct bpf_object *bpf_object__new(const char *path,
993 const char *obj_name)
995 struct bpf_object *obj;
998 obj = calloc(1, sizeof(struct bpf_object) + strlen(path) + 1);
1000 pr_warn("alloc memory failed for %s\n", path);
1001 return ERR_PTR(-ENOMEM);
1004 strcpy(obj->path, path);
1006 strncpy(obj->name, obj_name, sizeof(obj->name) - 1);
1007 obj->name[sizeof(obj->name) - 1] = 0;
1009 /* Using basename() GNU version which doesn't modify arg. */
1010 strncpy(obj->name, basename((void *)path),
1011 sizeof(obj->name) - 1);
1012 end = strchr(obj->name, '.');
1019 * Caller of this function should also call
1020 * bpf_object__elf_finish() after data collection to return
1021 * obj_buf to user. If not, we should duplicate the buffer to
1022 * avoid user freeing them before elf finish.
1024 obj->efile.obj_buf = obj_buf;
1025 obj->efile.obj_buf_sz = obj_buf_sz;
1026 obj->efile.maps_shndx = -1;
1027 obj->efile.btf_maps_shndx = -1;
1028 obj->efile.data_shndx = -1;
1029 obj->efile.rodata_shndx = -1;
1030 obj->efile.bss_shndx = -1;
1031 obj->efile.st_ops_shndx = -1;
1032 obj->kconfig_map_idx = -1;
1034 obj->kern_version = get_kernel_version();
1035 obj->loaded = false;
1037 INIT_LIST_HEAD(&obj->list);
1038 list_add(&obj->list, &bpf_objects_list);
1042 static void bpf_object__elf_finish(struct bpf_object *obj)
1044 if (!obj_elf_valid(obj))
1047 if (obj->efile.elf) {
1048 elf_end(obj->efile.elf);
1049 obj->efile.elf = NULL;
1051 obj->efile.symbols = NULL;
1052 obj->efile.data = NULL;
1053 obj->efile.rodata = NULL;
1054 obj->efile.bss = NULL;
1055 obj->efile.st_ops_data = NULL;
1057 zfree(&obj->efile.reloc_sects);
1058 obj->efile.nr_reloc_sects = 0;
1059 zclose(obj->efile.fd);
1060 obj->efile.obj_buf = NULL;
1061 obj->efile.obj_buf_sz = 0;
1064 /* if libelf is old and doesn't support mmap(), fall back to read() */
1065 #ifndef ELF_C_READ_MMAP
1066 #define ELF_C_READ_MMAP ELF_C_READ
1069 static int bpf_object__elf_init(struct bpf_object *obj)
1074 if (obj_elf_valid(obj)) {
1075 pr_warn("elf: init internal error\n");
1076 return -LIBBPF_ERRNO__LIBELF;
1079 if (obj->efile.obj_buf_sz > 0) {
1081 * obj_buf should have been validated by
1082 * bpf_object__open_buffer().
1084 obj->efile.elf = elf_memory((char *)obj->efile.obj_buf,
1085 obj->efile.obj_buf_sz);
1087 obj->efile.fd = open(obj->path, O_RDONLY);
1088 if (obj->efile.fd < 0) {
1089 char errmsg[STRERR_BUFSIZE], *cp;
1092 cp = libbpf_strerror_r(err, errmsg, sizeof(errmsg));
1093 pr_warn("elf: failed to open %s: %s\n", obj->path, cp);
1097 obj->efile.elf = elf_begin(obj->efile.fd, ELF_C_READ_MMAP, NULL);
1100 if (!obj->efile.elf) {
1101 pr_warn("elf: failed to open %s as ELF file: %s\n", obj->path, elf_errmsg(-1));
1102 err = -LIBBPF_ERRNO__LIBELF;
1106 if (!gelf_getehdr(obj->efile.elf, &obj->efile.ehdr)) {
1107 pr_warn("elf: failed to get ELF header from %s: %s\n", obj->path, elf_errmsg(-1));
1108 err = -LIBBPF_ERRNO__FORMAT;
1111 ep = &obj->efile.ehdr;
1113 if (elf_getshdrstrndx(obj->efile.elf, &obj->efile.shstrndx)) {
1114 pr_warn("elf: failed to get section names section index for %s: %s\n",
1115 obj->path, elf_errmsg(-1));
1116 err = -LIBBPF_ERRNO__FORMAT;
1120 /* Elf is corrupted/truncated, avoid calling elf_strptr. */
1121 if (!elf_rawdata(elf_getscn(obj->efile.elf, obj->efile.shstrndx), NULL)) {
1122 pr_warn("elf: failed to get section names strings from %s: %s\n",
1123 obj->path, elf_errmsg(-1));
1124 return -LIBBPF_ERRNO__FORMAT;
1127 /* Old LLVM set e_machine to EM_NONE */
1128 if (ep->e_type != ET_REL ||
1129 (ep->e_machine && ep->e_machine != EM_BPF)) {
1130 pr_warn("elf: %s is not a valid eBPF object file\n", obj->path);
1131 err = -LIBBPF_ERRNO__FORMAT;
1137 bpf_object__elf_finish(obj);
1141 static int bpf_object__check_endianness(struct bpf_object *obj)
1143 #if __BYTE_ORDER == __LITTLE_ENDIAN
1144 if (obj->efile.ehdr.e_ident[EI_DATA] == ELFDATA2LSB)
1146 #elif __BYTE_ORDER == __BIG_ENDIAN
1147 if (obj->efile.ehdr.e_ident[EI_DATA] == ELFDATA2MSB)
1150 # error "Unrecognized __BYTE_ORDER__"
1152 pr_warn("elf: endianness mismatch in %s.\n", obj->path);
1153 return -LIBBPF_ERRNO__ENDIAN;
1157 bpf_object__init_license(struct bpf_object *obj, void *data, size_t size)
1159 memcpy(obj->license, data, min(size, sizeof(obj->license) - 1));
1160 pr_debug("license of %s is %s\n", obj->path, obj->license);
1165 bpf_object__init_kversion(struct bpf_object *obj, void *data, size_t size)
1169 if (size != sizeof(kver)) {
1170 pr_warn("invalid kver section in %s\n", obj->path);
1171 return -LIBBPF_ERRNO__FORMAT;
1173 memcpy(&kver, data, sizeof(kver));
1174 obj->kern_version = kver;
1175 pr_debug("kernel version of %s is %x\n", obj->path, obj->kern_version);
1179 static bool bpf_map_type__is_map_in_map(enum bpf_map_type type)
1181 if (type == BPF_MAP_TYPE_ARRAY_OF_MAPS ||
1182 type == BPF_MAP_TYPE_HASH_OF_MAPS)
1187 int bpf_object__section_size(const struct bpf_object *obj, const char *name,
1195 } else if (!strcmp(name, DATA_SEC)) {
1196 if (obj->efile.data)
1197 *size = obj->efile.data->d_size;
1198 } else if (!strcmp(name, BSS_SEC)) {
1200 *size = obj->efile.bss->d_size;
1201 } else if (!strcmp(name, RODATA_SEC)) {
1202 if (obj->efile.rodata)
1203 *size = obj->efile.rodata->d_size;
1204 } else if (!strcmp(name, STRUCT_OPS_SEC)) {
1205 if (obj->efile.st_ops_data)
1206 *size = obj->efile.st_ops_data->d_size;
1208 Elf_Scn *scn = elf_sec_by_name(obj, name);
1209 Elf_Data *data = elf_sec_data(obj, scn);
1212 ret = 0; /* found it */
1213 *size = data->d_size;
1217 return *size ? 0 : ret;
1220 int bpf_object__variable_offset(const struct bpf_object *obj, const char *name,
1223 Elf_Data *symbols = obj->efile.symbols;
1230 for (si = 0; si < symbols->d_size / sizeof(GElf_Sym); si++) {
1233 if (!gelf_getsym(symbols, si, &sym))
1235 if (GELF_ST_BIND(sym.st_info) != STB_GLOBAL ||
1236 GELF_ST_TYPE(sym.st_info) != STT_OBJECT)
1239 sname = elf_sym_str(obj, sym.st_name);
1241 pr_warn("failed to get sym name string for var %s\n",
1245 if (strcmp(name, sname) == 0) {
1246 *off = sym.st_value;
1254 static struct bpf_map *bpf_object__add_map(struct bpf_object *obj)
1256 struct bpf_map *new_maps;
1260 if (obj->nr_maps < obj->maps_cap)
1261 return &obj->maps[obj->nr_maps++];
1263 new_cap = max((size_t)4, obj->maps_cap * 3 / 2);
1264 new_maps = libbpf_reallocarray(obj->maps, new_cap, sizeof(*obj->maps));
1266 pr_warn("alloc maps for object failed\n");
1267 return ERR_PTR(-ENOMEM);
1270 obj->maps_cap = new_cap;
1271 obj->maps = new_maps;
1273 /* zero out new maps */
1274 memset(obj->maps + obj->nr_maps, 0,
1275 (obj->maps_cap - obj->nr_maps) * sizeof(*obj->maps));
1277 * fill all fd with -1 so won't close incorrect fd (fd=0 is stdin)
1278 * when failure (zclose won't close negative fd)).
1280 for (i = obj->nr_maps; i < obj->maps_cap; i++) {
1281 obj->maps[i].fd = -1;
1282 obj->maps[i].inner_map_fd = -1;
1285 return &obj->maps[obj->nr_maps++];
1288 static size_t bpf_map_mmap_sz(const struct bpf_map *map)
1290 long page_sz = sysconf(_SC_PAGE_SIZE);
1293 map_sz = (size_t)roundup(map->def.value_size, 8) * map->def.max_entries;
1294 map_sz = roundup(map_sz, page_sz);
1298 static char *internal_map_name(struct bpf_object *obj,
1299 enum libbpf_map_type type)
1301 char map_name[BPF_OBJ_NAME_LEN], *p;
1302 const char *sfx = libbpf_type_to_btf_name[type];
1303 int sfx_len = max((size_t)7, strlen(sfx));
1304 int pfx_len = min((size_t)BPF_OBJ_NAME_LEN - sfx_len - 1,
1307 snprintf(map_name, sizeof(map_name), "%.*s%.*s", pfx_len, obj->name,
1308 sfx_len, libbpf_type_to_btf_name[type]);
1310 /* sanitise map name to characters allowed by kernel */
1311 for (p = map_name; *p && p < map_name + sizeof(map_name); p++)
1312 if (!isalnum(*p) && *p != '_' && *p != '.')
1315 return strdup(map_name);
1319 bpf_object__init_internal_map(struct bpf_object *obj, enum libbpf_map_type type,
1320 int sec_idx, void *data, size_t data_sz)
1322 struct bpf_map_def *def;
1323 struct bpf_map *map;
1326 map = bpf_object__add_map(obj);
1328 return PTR_ERR(map);
1330 map->libbpf_type = type;
1331 map->sec_idx = sec_idx;
1332 map->sec_offset = 0;
1333 map->name = internal_map_name(obj, type);
1335 pr_warn("failed to alloc map name\n");
1340 def->type = BPF_MAP_TYPE_ARRAY;
1341 def->key_size = sizeof(int);
1342 def->value_size = data_sz;
1343 def->max_entries = 1;
1344 def->map_flags = type == LIBBPF_MAP_RODATA || type == LIBBPF_MAP_KCONFIG
1345 ? BPF_F_RDONLY_PROG : 0;
1346 def->map_flags |= BPF_F_MMAPABLE;
1348 pr_debug("map '%s' (global data): at sec_idx %d, offset %zu, flags %x.\n",
1349 map->name, map->sec_idx, map->sec_offset, def->map_flags);
1351 map->mmaped = mmap(NULL, bpf_map_mmap_sz(map), PROT_READ | PROT_WRITE,
1352 MAP_SHARED | MAP_ANONYMOUS, -1, 0);
1353 if (map->mmaped == MAP_FAILED) {
1356 pr_warn("failed to alloc map '%s' content buffer: %d\n",
1363 memcpy(map->mmaped, data, data_sz);
1365 pr_debug("map %td is \"%s\"\n", map - obj->maps, map->name);
1369 static int bpf_object__init_global_data_maps(struct bpf_object *obj)
1374 * Populate obj->maps with libbpf internal maps.
1376 if (obj->efile.data_shndx >= 0) {
1377 err = bpf_object__init_internal_map(obj, LIBBPF_MAP_DATA,
1378 obj->efile.data_shndx,
1379 obj->efile.data->d_buf,
1380 obj->efile.data->d_size);
1384 if (obj->efile.rodata_shndx >= 0) {
1385 err = bpf_object__init_internal_map(obj, LIBBPF_MAP_RODATA,
1386 obj->efile.rodata_shndx,
1387 obj->efile.rodata->d_buf,
1388 obj->efile.rodata->d_size);
1392 if (obj->efile.bss_shndx >= 0) {
1393 err = bpf_object__init_internal_map(obj, LIBBPF_MAP_BSS,
1394 obj->efile.bss_shndx,
1396 obj->efile.bss->d_size);
1404 static struct extern_desc *find_extern_by_name(const struct bpf_object *obj,
1409 for (i = 0; i < obj->nr_extern; i++) {
1410 if (strcmp(obj->externs[i].name, name) == 0)
1411 return &obj->externs[i];
1416 static int set_kcfg_value_tri(struct extern_desc *ext, void *ext_val,
1419 switch (ext->kcfg.type) {
1422 pr_warn("extern (kcfg) %s=%c should be tristate or char\n",
1426 *(bool *)ext_val = value == 'y' ? true : false;
1430 *(enum libbpf_tristate *)ext_val = TRI_YES;
1431 else if (value == 'm')
1432 *(enum libbpf_tristate *)ext_val = TRI_MODULE;
1433 else /* value == 'n' */
1434 *(enum libbpf_tristate *)ext_val = TRI_NO;
1437 *(char *)ext_val = value;
1443 pr_warn("extern (kcfg) %s=%c should be bool, tristate, or char\n",
1451 static int set_kcfg_value_str(struct extern_desc *ext, char *ext_val,
1456 if (ext->kcfg.type != KCFG_CHAR_ARR) {
1457 pr_warn("extern (kcfg) %s=%s should be char array\n", ext->name, value);
1461 len = strlen(value);
1462 if (value[len - 1] != '"') {
1463 pr_warn("extern (kcfg) '%s': invalid string config '%s'\n",
1470 if (len >= ext->kcfg.sz) {
1471 pr_warn("extern (kcfg) '%s': long string config %s of (%zu bytes) truncated to %d bytes\n",
1472 ext->name, value, len, ext->kcfg.sz - 1);
1473 len = ext->kcfg.sz - 1;
1475 memcpy(ext_val, value + 1, len);
1476 ext_val[len] = '\0';
1481 static int parse_u64(const char *value, __u64 *res)
1487 *res = strtoull(value, &value_end, 0);
1490 pr_warn("failed to parse '%s' as integer: %d\n", value, err);
1494 pr_warn("failed to parse '%s' as integer completely\n", value);
1500 static bool is_kcfg_value_in_range(const struct extern_desc *ext, __u64 v)
1502 int bit_sz = ext->kcfg.sz * 8;
1504 if (ext->kcfg.sz == 8)
1507 /* Validate that value stored in u64 fits in integer of `ext->sz`
1508 * bytes size without any loss of information. If the target integer
1509 * is signed, we rely on the following limits of integer type of
1510 * Y bits and subsequent transformation:
1512 * -2^(Y-1) <= X <= 2^(Y-1) - 1
1513 * 0 <= X + 2^(Y-1) <= 2^Y - 1
1514 * 0 <= X + 2^(Y-1) < 2^Y
1516 * For unsigned target integer, check that all the (64 - Y) bits are
1519 if (ext->kcfg.is_signed)
1520 return v + (1ULL << (bit_sz - 1)) < (1ULL << bit_sz);
1522 return (v >> bit_sz) == 0;
1525 static int set_kcfg_value_num(struct extern_desc *ext, void *ext_val,
1528 if (ext->kcfg.type != KCFG_INT && ext->kcfg.type != KCFG_CHAR) {
1529 pr_warn("extern (kcfg) %s=%llu should be integer\n",
1530 ext->name, (unsigned long long)value);
1533 if (!is_kcfg_value_in_range(ext, value)) {
1534 pr_warn("extern (kcfg) %s=%llu value doesn't fit in %d bytes\n",
1535 ext->name, (unsigned long long)value, ext->kcfg.sz);
1538 switch (ext->kcfg.sz) {
1539 case 1: *(__u8 *)ext_val = value; break;
1540 case 2: *(__u16 *)ext_val = value; break;
1541 case 4: *(__u32 *)ext_val = value; break;
1542 case 8: *(__u64 *)ext_val = value; break;
1550 static int bpf_object__process_kconfig_line(struct bpf_object *obj,
1551 char *buf, void *data)
1553 struct extern_desc *ext;
1559 if (strncmp(buf, "CONFIG_", 7))
1562 sep = strchr(buf, '=');
1564 pr_warn("failed to parse '%s': no separator\n", buf);
1568 /* Trim ending '\n' */
1570 if (buf[len - 1] == '\n')
1571 buf[len - 1] = '\0';
1572 /* Split on '=' and ensure that a value is present. */
1576 pr_warn("failed to parse '%s': no value\n", buf);
1580 ext = find_extern_by_name(obj, buf);
1581 if (!ext || ext->is_set)
1584 ext_val = data + ext->kcfg.data_off;
1588 case 'y': case 'n': case 'm':
1589 err = set_kcfg_value_tri(ext, ext_val, *value);
1592 err = set_kcfg_value_str(ext, ext_val, value);
1595 /* assume integer */
1596 err = parse_u64(value, &num);
1598 pr_warn("extern (kcfg) %s=%s should be integer\n",
1602 err = set_kcfg_value_num(ext, ext_val, num);
1607 pr_debug("extern (kcfg) %s=%s\n", ext->name, value);
1611 static int bpf_object__read_kconfig_file(struct bpf_object *obj, void *data)
1619 len = snprintf(buf, PATH_MAX, "/boot/config-%s", uts.release);
1622 else if (len >= PATH_MAX)
1623 return -ENAMETOOLONG;
1625 /* gzopen also accepts uncompressed files. */
1626 file = gzopen(buf, "r");
1628 file = gzopen("/proc/config.gz", "r");
1631 pr_warn("failed to open system Kconfig\n");
1635 while (gzgets(file, buf, sizeof(buf))) {
1636 err = bpf_object__process_kconfig_line(obj, buf, data);
1638 pr_warn("error parsing system Kconfig line '%s': %d\n",
1649 static int bpf_object__read_kconfig_mem(struct bpf_object *obj,
1650 const char *config, void *data)
1656 file = fmemopen((void *)config, strlen(config), "r");
1659 pr_warn("failed to open in-memory Kconfig: %d\n", err);
1663 while (fgets(buf, sizeof(buf), file)) {
1664 err = bpf_object__process_kconfig_line(obj, buf, data);
1666 pr_warn("error parsing in-memory Kconfig line '%s': %d\n",
1676 static int bpf_object__init_kconfig_map(struct bpf_object *obj)
1678 struct extern_desc *last_ext = NULL, *ext;
1682 for (i = 0; i < obj->nr_extern; i++) {
1683 ext = &obj->externs[i];
1684 if (ext->type == EXT_KCFG)
1691 map_sz = last_ext->kcfg.data_off + last_ext->kcfg.sz;
1692 err = bpf_object__init_internal_map(obj, LIBBPF_MAP_KCONFIG,
1693 obj->efile.symbols_shndx,
1698 obj->kconfig_map_idx = obj->nr_maps - 1;
1703 static int bpf_object__init_user_maps(struct bpf_object *obj, bool strict)
1705 Elf_Data *symbols = obj->efile.symbols;
1706 int i, map_def_sz = 0, nr_maps = 0, nr_syms;
1707 Elf_Data *data = NULL;
1710 if (obj->efile.maps_shndx < 0)
1717 scn = elf_sec_by_idx(obj, obj->efile.maps_shndx);
1718 data = elf_sec_data(obj, scn);
1719 if (!scn || !data) {
1720 pr_warn("elf: failed to get legacy map definitions for %s\n",
1726 * Count number of maps. Each map has a name.
1727 * Array of maps is not supported: only the first element is
1730 * TODO: Detect array of map and report error.
1732 nr_syms = symbols->d_size / sizeof(GElf_Sym);
1733 for (i = 0; i < nr_syms; i++) {
1736 if (!gelf_getsym(symbols, i, &sym))
1738 if (sym.st_shndx != obj->efile.maps_shndx)
1742 /* Assume equally sized map definitions */
1743 pr_debug("elf: found %d legacy map definitions (%zd bytes) in %s\n",
1744 nr_maps, data->d_size, obj->path);
1746 if (!data->d_size || nr_maps == 0 || (data->d_size % nr_maps) != 0) {
1747 pr_warn("elf: unable to determine legacy map definition size in %s\n",
1751 map_def_sz = data->d_size / nr_maps;
1753 /* Fill obj->maps using data in "maps" section. */
1754 for (i = 0; i < nr_syms; i++) {
1756 const char *map_name;
1757 struct bpf_map_def *def;
1758 struct bpf_map *map;
1760 if (!gelf_getsym(symbols, i, &sym))
1762 if (sym.st_shndx != obj->efile.maps_shndx)
1765 map = bpf_object__add_map(obj);
1767 return PTR_ERR(map);
1769 map_name = elf_sym_str(obj, sym.st_name);
1771 pr_warn("failed to get map #%d name sym string for obj %s\n",
1773 return -LIBBPF_ERRNO__FORMAT;
1776 map->libbpf_type = LIBBPF_MAP_UNSPEC;
1777 map->sec_idx = sym.st_shndx;
1778 map->sec_offset = sym.st_value;
1779 pr_debug("map '%s' (legacy): at sec_idx %d, offset %zu.\n",
1780 map_name, map->sec_idx, map->sec_offset);
1781 if (sym.st_value + map_def_sz > data->d_size) {
1782 pr_warn("corrupted maps section in %s: last map \"%s\" too small\n",
1783 obj->path, map_name);
1787 map->name = strdup(map_name);
1789 pr_warn("failed to alloc map name\n");
1792 pr_debug("map %d is \"%s\"\n", i, map->name);
1793 def = (struct bpf_map_def *)(data->d_buf + sym.st_value);
1795 * If the definition of the map in the object file fits in
1796 * bpf_map_def, copy it. Any extra fields in our version
1797 * of bpf_map_def will default to zero as a result of the
1800 if (map_def_sz <= sizeof(struct bpf_map_def)) {
1801 memcpy(&map->def, def, map_def_sz);
1804 * Here the map structure being read is bigger than what
1805 * we expect, truncate if the excess bits are all zero.
1806 * If they are not zero, reject this map as
1811 for (b = ((char *)def) + sizeof(struct bpf_map_def);
1812 b < ((char *)def) + map_def_sz; b++) {
1814 pr_warn("maps section in %s: \"%s\" has unrecognized, non-zero options\n",
1815 obj->path, map_name);
1820 memcpy(&map->def, def, sizeof(struct bpf_map_def));
1826 static const struct btf_type *
1827 skip_mods_and_typedefs(const struct btf *btf, __u32 id, __u32 *res_id)
1829 const struct btf_type *t = btf__type_by_id(btf, id);
1834 while (btf_is_mod(t) || btf_is_typedef(t)) {
1837 t = btf__type_by_id(btf, t->type);
1843 static const struct btf_type *
1844 resolve_func_ptr(const struct btf *btf, __u32 id, __u32 *res_id)
1846 const struct btf_type *t;
1848 t = skip_mods_and_typedefs(btf, id, NULL);
1852 t = skip_mods_and_typedefs(btf, t->type, res_id);
1854 return btf_is_func_proto(t) ? t : NULL;
1857 static const char *btf_kind_str(const struct btf_type *t)
1859 switch (btf_kind(t)) {
1860 case BTF_KIND_UNKN: return "void";
1861 case BTF_KIND_INT: return "int";
1862 case BTF_KIND_PTR: return "ptr";
1863 case BTF_KIND_ARRAY: return "array";
1864 case BTF_KIND_STRUCT: return "struct";
1865 case BTF_KIND_UNION: return "union";
1866 case BTF_KIND_ENUM: return "enum";
1867 case BTF_KIND_FWD: return "fwd";
1868 case BTF_KIND_TYPEDEF: return "typedef";
1869 case BTF_KIND_VOLATILE: return "volatile";
1870 case BTF_KIND_CONST: return "const";
1871 case BTF_KIND_RESTRICT: return "restrict";
1872 case BTF_KIND_FUNC: return "func";
1873 case BTF_KIND_FUNC_PROTO: return "func_proto";
1874 case BTF_KIND_VAR: return "var";
1875 case BTF_KIND_DATASEC: return "datasec";
1876 default: return "unknown";
1881 * Fetch integer attribute of BTF map definition. Such attributes are
1882 * represented using a pointer to an array, in which dimensionality of array
1883 * encodes specified integer value. E.g., int (*type)[BPF_MAP_TYPE_ARRAY];
1884 * encodes `type => BPF_MAP_TYPE_ARRAY` key/value pair completely using BTF
1885 * type definition, while using only sizeof(void *) space in ELF data section.
1887 static bool get_map_field_int(const char *map_name, const struct btf *btf,
1888 const struct btf_member *m, __u32 *res)
1890 const struct btf_type *t = skip_mods_and_typedefs(btf, m->type, NULL);
1891 const char *name = btf__name_by_offset(btf, m->name_off);
1892 const struct btf_array *arr_info;
1893 const struct btf_type *arr_t;
1895 if (!btf_is_ptr(t)) {
1896 pr_warn("map '%s': attr '%s': expected PTR, got %s.\n",
1897 map_name, name, btf_kind_str(t));
1901 arr_t = btf__type_by_id(btf, t->type);
1903 pr_warn("map '%s': attr '%s': type [%u] not found.\n",
1904 map_name, name, t->type);
1907 if (!btf_is_array(arr_t)) {
1908 pr_warn("map '%s': attr '%s': expected ARRAY, got %s.\n",
1909 map_name, name, btf_kind_str(arr_t));
1912 arr_info = btf_array(arr_t);
1913 *res = arr_info->nelems;
1917 static int build_map_pin_path(struct bpf_map *map, const char *path)
1923 path = "/sys/fs/bpf";
1925 len = snprintf(buf, PATH_MAX, "%s/%s", path, bpf_map__name(map));
1928 else if (len >= PATH_MAX)
1929 return -ENAMETOOLONG;
1931 return bpf_map__set_pin_path(map, buf);
1935 static int parse_btf_map_def(struct bpf_object *obj,
1936 struct bpf_map *map,
1937 const struct btf_type *def,
1938 bool strict, bool is_inner,
1939 const char *pin_root_path)
1941 const struct btf_type *t;
1942 const struct btf_member *m;
1945 vlen = btf_vlen(def);
1946 m = btf_members(def);
1947 for (i = 0; i < vlen; i++, m++) {
1948 const char *name = btf__name_by_offset(obj->btf, m->name_off);
1951 pr_warn("map '%s': invalid field #%d.\n", map->name, i);
1954 if (strcmp(name, "type") == 0) {
1955 if (!get_map_field_int(map->name, obj->btf, m,
1958 pr_debug("map '%s': found type = %u.\n",
1959 map->name, map->def.type);
1960 } else if (strcmp(name, "max_entries") == 0) {
1961 if (!get_map_field_int(map->name, obj->btf, m,
1962 &map->def.max_entries))
1964 pr_debug("map '%s': found max_entries = %u.\n",
1965 map->name, map->def.max_entries);
1966 } else if (strcmp(name, "map_flags") == 0) {
1967 if (!get_map_field_int(map->name, obj->btf, m,
1968 &map->def.map_flags))
1970 pr_debug("map '%s': found map_flags = %u.\n",
1971 map->name, map->def.map_flags);
1972 } else if (strcmp(name, "numa_node") == 0) {
1973 if (!get_map_field_int(map->name, obj->btf, m, &map->numa_node))
1975 pr_debug("map '%s': found numa_node = %u.\n", map->name, map->numa_node);
1976 } else if (strcmp(name, "key_size") == 0) {
1979 if (!get_map_field_int(map->name, obj->btf, m, &sz))
1981 pr_debug("map '%s': found key_size = %u.\n",
1983 if (map->def.key_size && map->def.key_size != sz) {
1984 pr_warn("map '%s': conflicting key size %u != %u.\n",
1985 map->name, map->def.key_size, sz);
1988 map->def.key_size = sz;
1989 } else if (strcmp(name, "key") == 0) {
1992 t = btf__type_by_id(obj->btf, m->type);
1994 pr_warn("map '%s': key type [%d] not found.\n",
1995 map->name, m->type);
1998 if (!btf_is_ptr(t)) {
1999 pr_warn("map '%s': key spec is not PTR: %s.\n",
2000 map->name, btf_kind_str(t));
2003 sz = btf__resolve_size(obj->btf, t->type);
2005 pr_warn("map '%s': can't determine key size for type [%u]: %zd.\n",
2006 map->name, t->type, (ssize_t)sz);
2009 pr_debug("map '%s': found key [%u], sz = %zd.\n",
2010 map->name, t->type, (ssize_t)sz);
2011 if (map->def.key_size && map->def.key_size != sz) {
2012 pr_warn("map '%s': conflicting key size %u != %zd.\n",
2013 map->name, map->def.key_size, (ssize_t)sz);
2016 map->def.key_size = sz;
2017 map->btf_key_type_id = t->type;
2018 } else if (strcmp(name, "value_size") == 0) {
2021 if (!get_map_field_int(map->name, obj->btf, m, &sz))
2023 pr_debug("map '%s': found value_size = %u.\n",
2025 if (map->def.value_size && map->def.value_size != sz) {
2026 pr_warn("map '%s': conflicting value size %u != %u.\n",
2027 map->name, map->def.value_size, sz);
2030 map->def.value_size = sz;
2031 } else if (strcmp(name, "value") == 0) {
2034 t = btf__type_by_id(obj->btf, m->type);
2036 pr_warn("map '%s': value type [%d] not found.\n",
2037 map->name, m->type);
2040 if (!btf_is_ptr(t)) {
2041 pr_warn("map '%s': value spec is not PTR: %s.\n",
2042 map->name, btf_kind_str(t));
2045 sz = btf__resolve_size(obj->btf, t->type);
2047 pr_warn("map '%s': can't determine value size for type [%u]: %zd.\n",
2048 map->name, t->type, (ssize_t)sz);
2051 pr_debug("map '%s': found value [%u], sz = %zd.\n",
2052 map->name, t->type, (ssize_t)sz);
2053 if (map->def.value_size && map->def.value_size != sz) {
2054 pr_warn("map '%s': conflicting value size %u != %zd.\n",
2055 map->name, map->def.value_size, (ssize_t)sz);
2058 map->def.value_size = sz;
2059 map->btf_value_type_id = t->type;
2061 else if (strcmp(name, "values") == 0) {
2065 pr_warn("map '%s': multi-level inner maps not supported.\n",
2069 if (i != vlen - 1) {
2070 pr_warn("map '%s': '%s' member should be last.\n",
2074 if (!bpf_map_type__is_map_in_map(map->def.type)) {
2075 pr_warn("map '%s': should be map-in-map.\n",
2079 if (map->def.value_size && map->def.value_size != 4) {
2080 pr_warn("map '%s': conflicting value size %u != 4.\n",
2081 map->name, map->def.value_size);
2084 map->def.value_size = 4;
2085 t = btf__type_by_id(obj->btf, m->type);
2087 pr_warn("map '%s': map-in-map inner type [%d] not found.\n",
2088 map->name, m->type);
2091 if (!btf_is_array(t) || btf_array(t)->nelems) {
2092 pr_warn("map '%s': map-in-map inner spec is not a zero-sized array.\n",
2096 t = skip_mods_and_typedefs(obj->btf, btf_array(t)->type,
2098 if (!btf_is_ptr(t)) {
2099 pr_warn("map '%s': map-in-map inner def is of unexpected kind %s.\n",
2100 map->name, btf_kind_str(t));
2103 t = skip_mods_and_typedefs(obj->btf, t->type, NULL);
2104 if (!btf_is_struct(t)) {
2105 pr_warn("map '%s': map-in-map inner def is of unexpected kind %s.\n",
2106 map->name, btf_kind_str(t));
2110 map->inner_map = calloc(1, sizeof(*map->inner_map));
2111 if (!map->inner_map)
2113 map->inner_map->sec_idx = obj->efile.btf_maps_shndx;
2114 map->inner_map->name = malloc(strlen(map->name) +
2115 sizeof(".inner") + 1);
2116 if (!map->inner_map->name)
2118 sprintf(map->inner_map->name, "%s.inner", map->name);
2120 err = parse_btf_map_def(obj, map->inner_map, t, strict,
2121 true /* is_inner */, NULL);
2124 } else if (strcmp(name, "pinning") == 0) {
2129 pr_debug("map '%s': inner def can't be pinned.\n",
2133 if (!get_map_field_int(map->name, obj->btf, m, &val))
2135 pr_debug("map '%s': found pinning = %u.\n",
2138 if (val != LIBBPF_PIN_NONE &&
2139 val != LIBBPF_PIN_BY_NAME) {
2140 pr_warn("map '%s': invalid pinning value %u.\n",
2144 if (val == LIBBPF_PIN_BY_NAME) {
2145 err = build_map_pin_path(map, pin_root_path);
2147 pr_warn("map '%s': couldn't build pin path.\n",
2154 pr_warn("map '%s': unknown field '%s'.\n",
2158 pr_debug("map '%s': ignoring unknown field '%s'.\n",
2163 if (map->def.type == BPF_MAP_TYPE_UNSPEC) {
2164 pr_warn("map '%s': map type isn't specified.\n", map->name);
2171 static int bpf_object__init_user_btf_map(struct bpf_object *obj,
2172 const struct btf_type *sec,
2173 int var_idx, int sec_idx,
2174 const Elf_Data *data, bool strict,
2175 const char *pin_root_path)
2177 const struct btf_type *var, *def;
2178 const struct btf_var_secinfo *vi;
2179 const struct btf_var *var_extra;
2180 const char *map_name;
2181 struct bpf_map *map;
2183 vi = btf_var_secinfos(sec) + var_idx;
2184 var = btf__type_by_id(obj->btf, vi->type);
2185 var_extra = btf_var(var);
2186 map_name = btf__name_by_offset(obj->btf, var->name_off);
2188 if (map_name == NULL || map_name[0] == '\0') {
2189 pr_warn("map #%d: empty name.\n", var_idx);
2192 if ((__u64)vi->offset + vi->size > data->d_size) {
2193 pr_warn("map '%s' BTF data is corrupted.\n", map_name);
2196 if (!btf_is_var(var)) {
2197 pr_warn("map '%s': unexpected var kind %s.\n",
2198 map_name, btf_kind_str(var));
2201 if (var_extra->linkage != BTF_VAR_GLOBAL_ALLOCATED &&
2202 var_extra->linkage != BTF_VAR_STATIC) {
2203 pr_warn("map '%s': unsupported var linkage %u.\n",
2204 map_name, var_extra->linkage);
2208 def = skip_mods_and_typedefs(obj->btf, var->type, NULL);
2209 if (!btf_is_struct(def)) {
2210 pr_warn("map '%s': unexpected def kind %s.\n",
2211 map_name, btf_kind_str(var));
2214 if (def->size > vi->size) {
2215 pr_warn("map '%s': invalid def size.\n", map_name);
2219 map = bpf_object__add_map(obj);
2221 return PTR_ERR(map);
2222 map->name = strdup(map_name);
2224 pr_warn("map '%s': failed to alloc map name.\n", map_name);
2227 map->libbpf_type = LIBBPF_MAP_UNSPEC;
2228 map->def.type = BPF_MAP_TYPE_UNSPEC;
2229 map->sec_idx = sec_idx;
2230 map->sec_offset = vi->offset;
2231 map->btf_var_idx = var_idx;
2232 pr_debug("map '%s': at sec_idx %d, offset %zu.\n",
2233 map_name, map->sec_idx, map->sec_offset);
2235 return parse_btf_map_def(obj, map, def, strict, false, pin_root_path);
2238 static int bpf_object__init_user_btf_maps(struct bpf_object *obj, bool strict,
2239 const char *pin_root_path)
2241 const struct btf_type *sec = NULL;
2242 int nr_types, i, vlen, err;
2243 const struct btf_type *t;
2248 if (obj->efile.btf_maps_shndx < 0)
2251 scn = elf_sec_by_idx(obj, obj->efile.btf_maps_shndx);
2252 data = elf_sec_data(obj, scn);
2253 if (!scn || !data) {
2254 pr_warn("elf: failed to get %s map definitions for %s\n",
2255 MAPS_ELF_SEC, obj->path);
2259 nr_types = btf__get_nr_types(obj->btf);
2260 for (i = 1; i <= nr_types; i++) {
2261 t = btf__type_by_id(obj->btf, i);
2262 if (!btf_is_datasec(t))
2264 name = btf__name_by_offset(obj->btf, t->name_off);
2265 if (strcmp(name, MAPS_ELF_SEC) == 0) {
2267 obj->efile.btf_maps_sec_btf_id = i;
2273 pr_warn("DATASEC '%s' not found.\n", MAPS_ELF_SEC);
2277 vlen = btf_vlen(sec);
2278 for (i = 0; i < vlen; i++) {
2279 err = bpf_object__init_user_btf_map(obj, sec, i,
2280 obj->efile.btf_maps_shndx,
2290 static int bpf_object__init_maps(struct bpf_object *obj,
2291 const struct bpf_object_open_opts *opts)
2293 const char *pin_root_path;
2297 strict = !OPTS_GET(opts, relaxed_maps, false);
2298 pin_root_path = OPTS_GET(opts, pin_root_path, NULL);
2300 err = bpf_object__init_user_maps(obj, strict);
2301 err = err ?: bpf_object__init_user_btf_maps(obj, strict, pin_root_path);
2302 err = err ?: bpf_object__init_global_data_maps(obj);
2303 err = err ?: bpf_object__init_kconfig_map(obj);
2304 err = err ?: bpf_object__init_struct_ops_maps(obj);
2311 static bool section_have_execinstr(struct bpf_object *obj, int idx)
2315 if (elf_sec_hdr(obj, elf_sec_by_idx(obj, idx), &sh))
2318 return sh.sh_flags & SHF_EXECINSTR;
2321 static bool btf_needs_sanitization(struct bpf_object *obj)
2323 bool has_func_global = kernel_supports(FEAT_BTF_GLOBAL_FUNC);
2324 bool has_datasec = kernel_supports(FEAT_BTF_DATASEC);
2325 bool has_func = kernel_supports(FEAT_BTF_FUNC);
2327 return !has_func || !has_datasec || !has_func_global;
2330 static void bpf_object__sanitize_btf(struct bpf_object *obj, struct btf *btf)
2332 bool has_func_global = kernel_supports(FEAT_BTF_GLOBAL_FUNC);
2333 bool has_datasec = kernel_supports(FEAT_BTF_DATASEC);
2334 bool has_func = kernel_supports(FEAT_BTF_FUNC);
2338 for (i = 1; i <= btf__get_nr_types(btf); i++) {
2339 t = (struct btf_type *)btf__type_by_id(btf, i);
2341 if (!has_datasec && btf_is_var(t)) {
2342 /* replace VAR with INT */
2343 t->info = BTF_INFO_ENC(BTF_KIND_INT, 0, 0);
2345 * using size = 1 is the safest choice, 4 will be too
2346 * big and cause kernel BTF validation failure if
2347 * original variable took less than 4 bytes
2350 *(int *)(t + 1) = BTF_INT_ENC(0, 0, 8);
2351 } else if (!has_datasec && btf_is_datasec(t)) {
2352 /* replace DATASEC with STRUCT */
2353 const struct btf_var_secinfo *v = btf_var_secinfos(t);
2354 struct btf_member *m = btf_members(t);
2355 struct btf_type *vt;
2358 name = (char *)btf__name_by_offset(btf, t->name_off);
2366 t->info = BTF_INFO_ENC(BTF_KIND_STRUCT, 0, vlen);
2367 for (j = 0; j < vlen; j++, v++, m++) {
2368 /* order of field assignments is important */
2369 m->offset = v->offset * 8;
2371 /* preserve variable name as member name */
2372 vt = (void *)btf__type_by_id(btf, v->type);
2373 m->name_off = vt->name_off;
2375 } else if (!has_func && btf_is_func_proto(t)) {
2376 /* replace FUNC_PROTO with ENUM */
2378 t->info = BTF_INFO_ENC(BTF_KIND_ENUM, 0, vlen);
2379 t->size = sizeof(__u32); /* kernel enforced */
2380 } else if (!has_func && btf_is_func(t)) {
2381 /* replace FUNC with TYPEDEF */
2382 t->info = BTF_INFO_ENC(BTF_KIND_TYPEDEF, 0, 0);
2383 } else if (!has_func_global && btf_is_func(t)) {
2384 /* replace BTF_FUNC_GLOBAL with BTF_FUNC_STATIC */
2385 t->info = BTF_INFO_ENC(BTF_KIND_FUNC, 0, 0);
2390 static bool libbpf_needs_btf(const struct bpf_object *obj)
2392 return obj->efile.btf_maps_shndx >= 0 ||
2393 obj->efile.st_ops_shndx >= 0 ||
2397 static bool kernel_needs_btf(const struct bpf_object *obj)
2399 return obj->efile.st_ops_shndx >= 0;
2402 static int bpf_object__init_btf(struct bpf_object *obj,
2404 Elf_Data *btf_ext_data)
2409 obj->btf = btf__new(btf_data->d_buf, btf_data->d_size);
2410 if (IS_ERR(obj->btf)) {
2411 err = PTR_ERR(obj->btf);
2413 pr_warn("Error loading ELF section %s: %d.\n",
2417 /* enforce 8-byte pointers for BPF-targeted BTFs */
2418 btf__set_pointer_size(obj->btf, 8);
2423 pr_debug("Ignore ELF section %s because its depending ELF section %s is not found.\n",
2424 BTF_EXT_ELF_SEC, BTF_ELF_SEC);
2427 obj->btf_ext = btf_ext__new(btf_ext_data->d_buf,
2428 btf_ext_data->d_size);
2429 if (IS_ERR(obj->btf_ext)) {
2430 pr_warn("Error loading ELF section %s: %ld. Ignored and continue.\n",
2431 BTF_EXT_ELF_SEC, PTR_ERR(obj->btf_ext));
2432 obj->btf_ext = NULL;
2437 if (err && libbpf_needs_btf(obj)) {
2438 pr_warn("BTF is required, but is missing or corrupted.\n");
2444 static int bpf_object__finalize_btf(struct bpf_object *obj)
2451 err = btf__finalize_data(obj, obj->btf);
2453 pr_warn("Error finalizing %s: %d.\n", BTF_ELF_SEC, err);
2460 static inline bool libbpf_prog_needs_vmlinux_btf(struct bpf_program *prog)
2462 if (prog->type == BPF_PROG_TYPE_STRUCT_OPS ||
2463 prog->type == BPF_PROG_TYPE_LSM)
2466 /* BPF_PROG_TYPE_TRACING programs which do not attach to other programs
2467 * also need vmlinux BTF
2469 if (prog->type == BPF_PROG_TYPE_TRACING && !prog->attach_prog_fd)
2475 static int bpf_object__load_vmlinux_btf(struct bpf_object *obj)
2477 bool need_vmlinux_btf = false;
2478 struct bpf_program *prog;
2481 /* CO-RE relocations need kernel BTF */
2482 if (obj->btf_ext && obj->btf_ext->core_relo_info.len)
2483 need_vmlinux_btf = true;
2485 bpf_object__for_each_program(prog, obj) {
2488 if (libbpf_prog_needs_vmlinux_btf(prog)) {
2489 need_vmlinux_btf = true;
2494 if (!need_vmlinux_btf)
2497 obj->btf_vmlinux = libbpf_find_kernel_btf();
2498 if (IS_ERR(obj->btf_vmlinux)) {
2499 err = PTR_ERR(obj->btf_vmlinux);
2500 pr_warn("Error loading vmlinux BTF: %d\n", err);
2501 obj->btf_vmlinux = NULL;
2507 static int bpf_object__sanitize_and_load_btf(struct bpf_object *obj)
2509 struct btf *kern_btf = obj->btf;
2510 bool btf_mandatory, sanitize;
2516 if (!kernel_supports(FEAT_BTF)) {
2517 if (kernel_needs_btf(obj)) {
2521 pr_debug("Kernel doesn't support BTF, skipping uploading it.\n");
2525 sanitize = btf_needs_sanitization(obj);
2527 const void *raw_data;
2530 /* clone BTF to sanitize a copy and leave the original intact */
2531 raw_data = btf__get_raw_data(obj->btf, &sz);
2532 kern_btf = btf__new(raw_data, sz);
2533 if (IS_ERR(kern_btf))
2534 return PTR_ERR(kern_btf);
2536 /* enforce 8-byte pointers for BPF-targeted BTFs */
2537 btf__set_pointer_size(obj->btf, 8);
2538 bpf_object__sanitize_btf(obj, kern_btf);
2541 err = btf__load(kern_btf);
2544 /* move fd to libbpf's BTF */
2545 btf__set_fd(obj->btf, btf__fd(kern_btf));
2546 btf__set_fd(kern_btf, -1);
2548 btf__free(kern_btf);
2552 btf_mandatory = kernel_needs_btf(obj);
2553 pr_warn("Error loading .BTF into kernel: %d. %s\n", err,
2554 btf_mandatory ? "BTF is mandatory, can't proceed."
2555 : "BTF is optional, ignoring.");
2562 static const char *elf_sym_str(const struct bpf_object *obj, size_t off)
2566 name = elf_strptr(obj->efile.elf, obj->efile.strtabidx, off);
2568 pr_warn("elf: failed to get section name string at offset %zu from %s: %s\n",
2569 off, obj->path, elf_errmsg(-1));
2576 static const char *elf_sec_str(const struct bpf_object *obj, size_t off)
2580 name = elf_strptr(obj->efile.elf, obj->efile.shstrndx, off);
2582 pr_warn("elf: failed to get section name string at offset %zu from %s: %s\n",
2583 off, obj->path, elf_errmsg(-1));
2590 static Elf_Scn *elf_sec_by_idx(const struct bpf_object *obj, size_t idx)
2594 scn = elf_getscn(obj->efile.elf, idx);
2596 pr_warn("elf: failed to get section(%zu) from %s: %s\n",
2597 idx, obj->path, elf_errmsg(-1));
2603 static Elf_Scn *elf_sec_by_name(const struct bpf_object *obj, const char *name)
2605 Elf_Scn *scn = NULL;
2606 Elf *elf = obj->efile.elf;
2607 const char *sec_name;
2609 while ((scn = elf_nextscn(elf, scn)) != NULL) {
2610 sec_name = elf_sec_name(obj, scn);
2614 if (strcmp(sec_name, name) != 0)
2622 static int elf_sec_hdr(const struct bpf_object *obj, Elf_Scn *scn, GElf_Shdr *hdr)
2627 if (gelf_getshdr(scn, hdr) != hdr) {
2628 pr_warn("elf: failed to get section(%zu) header from %s: %s\n",
2629 elf_ndxscn(scn), obj->path, elf_errmsg(-1));
2636 static const char *elf_sec_name(const struct bpf_object *obj, Elf_Scn *scn)
2644 if (elf_sec_hdr(obj, scn, &sh))
2647 name = elf_sec_str(obj, sh.sh_name);
2649 pr_warn("elf: failed to get section(%zu) name from %s: %s\n",
2650 elf_ndxscn(scn), obj->path, elf_errmsg(-1));
2657 static Elf_Data *elf_sec_data(const struct bpf_object *obj, Elf_Scn *scn)
2664 data = elf_getdata(scn, 0);
2666 pr_warn("elf: failed to get section(%zu) %s data from %s: %s\n",
2667 elf_ndxscn(scn), elf_sec_name(obj, scn) ?: "<?>",
2668 obj->path, elf_errmsg(-1));
2675 static bool is_sec_name_dwarf(const char *name)
2677 /* approximation, but the actual list is too long */
2678 return strncmp(name, ".debug_", sizeof(".debug_") - 1) == 0;
2681 static bool ignore_elf_section(GElf_Shdr *hdr, const char *name)
2683 /* no special handling of .strtab */
2684 if (hdr->sh_type == SHT_STRTAB)
2687 /* ignore .llvm_addrsig section as well */
2688 if (hdr->sh_type == 0x6FFF4C03 /* SHT_LLVM_ADDRSIG */)
2691 /* no subprograms will lead to an empty .text section, ignore it */
2692 if (hdr->sh_type == SHT_PROGBITS && hdr->sh_size == 0 &&
2693 strcmp(name, ".text") == 0)
2696 /* DWARF sections */
2697 if (is_sec_name_dwarf(name))
2700 if (strncmp(name, ".rel", sizeof(".rel") - 1) == 0) {
2701 name += sizeof(".rel") - 1;
2702 /* DWARF section relocations */
2703 if (is_sec_name_dwarf(name))
2706 /* .BTF and .BTF.ext don't need relocations */
2707 if (strcmp(name, BTF_ELF_SEC) == 0 ||
2708 strcmp(name, BTF_EXT_ELF_SEC) == 0)
2715 static int bpf_object__elf_collect(struct bpf_object *obj)
2717 Elf *elf = obj->efile.elf;
2718 Elf_Data *btf_ext_data = NULL;
2719 Elf_Data *btf_data = NULL;
2720 Elf_Scn *scn = NULL;
2721 int idx = 0, err = 0;
2723 while ((scn = elf_nextscn(elf, scn)) != NULL) {
2730 if (elf_sec_hdr(obj, scn, &sh))
2731 return -LIBBPF_ERRNO__FORMAT;
2733 name = elf_sec_str(obj, sh.sh_name);
2735 return -LIBBPF_ERRNO__FORMAT;
2737 if (ignore_elf_section(&sh, name))
2740 data = elf_sec_data(obj, scn);
2742 return -LIBBPF_ERRNO__FORMAT;
2744 pr_debug("elf: section(%d) %s, size %ld, link %d, flags %lx, type=%d\n",
2745 idx, name, (unsigned long)data->d_size,
2746 (int)sh.sh_link, (unsigned long)sh.sh_flags,
2749 if (strcmp(name, "license") == 0) {
2750 err = bpf_object__init_license(obj, data->d_buf, data->d_size);
2753 } else if (strcmp(name, "version") == 0) {
2754 err = bpf_object__init_kversion(obj, data->d_buf, data->d_size);
2757 } else if (strcmp(name, "maps") == 0) {
2758 obj->efile.maps_shndx = idx;
2759 } else if (strcmp(name, MAPS_ELF_SEC) == 0) {
2760 obj->efile.btf_maps_shndx = idx;
2761 } else if (strcmp(name, BTF_ELF_SEC) == 0) {
2763 } else if (strcmp(name, BTF_EXT_ELF_SEC) == 0) {
2764 btf_ext_data = data;
2765 } else if (sh.sh_type == SHT_SYMTAB) {
2766 if (obj->efile.symbols) {
2767 pr_warn("elf: multiple symbol tables in %s\n", obj->path);
2768 return -LIBBPF_ERRNO__FORMAT;
2770 obj->efile.symbols = data;
2771 obj->efile.symbols_shndx = idx;
2772 obj->efile.strtabidx = sh.sh_link;
2773 } else if (sh.sh_type == SHT_PROGBITS && data->d_size > 0) {
2774 if (sh.sh_flags & SHF_EXECINSTR) {
2775 if (strcmp(name, ".text") == 0)
2776 obj->efile.text_shndx = idx;
2777 err = bpf_object__add_program(obj, data->d_buf,
2782 } else if (strcmp(name, DATA_SEC) == 0) {
2783 obj->efile.data = data;
2784 obj->efile.data_shndx = idx;
2785 } else if (strcmp(name, RODATA_SEC) == 0) {
2786 obj->efile.rodata = data;
2787 obj->efile.rodata_shndx = idx;
2788 } else if (strcmp(name, STRUCT_OPS_SEC) == 0) {
2789 obj->efile.st_ops_data = data;
2790 obj->efile.st_ops_shndx = idx;
2792 pr_info("elf: skipping unrecognized data section(%d) %s\n",
2795 } else if (sh.sh_type == SHT_REL) {
2796 int nr_sects = obj->efile.nr_reloc_sects;
2797 void *sects = obj->efile.reloc_sects;
2798 int sec = sh.sh_info; /* points to other section */
2800 /* Only do relo for section with exec instructions */
2801 if (!section_have_execinstr(obj, sec) &&
2802 strcmp(name, ".rel" STRUCT_OPS_SEC) &&
2803 strcmp(name, ".rel" MAPS_ELF_SEC)) {
2804 pr_info("elf: skipping relo section(%d) %s for section(%d) %s\n",
2806 elf_sec_name(obj, elf_sec_by_idx(obj, sec)) ?: "<?>");
2810 sects = libbpf_reallocarray(sects, nr_sects + 1,
2811 sizeof(*obj->efile.reloc_sects));
2815 obj->efile.reloc_sects = sects;
2816 obj->efile.nr_reloc_sects++;
2818 obj->efile.reloc_sects[nr_sects].shdr = sh;
2819 obj->efile.reloc_sects[nr_sects].data = data;
2820 } else if (sh.sh_type == SHT_NOBITS && strcmp(name, BSS_SEC) == 0) {
2821 obj->efile.bss = data;
2822 obj->efile.bss_shndx = idx;
2824 pr_info("elf: skipping section(%d) %s (size %zu)\n", idx, name, sh.sh_size);
2828 if (!obj->efile.strtabidx || obj->efile.strtabidx > idx) {
2829 pr_warn("elf: symbol strings section missing or invalid in %s\n", obj->path);
2830 return -LIBBPF_ERRNO__FORMAT;
2832 return bpf_object__init_btf(obj, btf_data, btf_ext_data);
2835 static bool sym_is_extern(const GElf_Sym *sym)
2837 int bind = GELF_ST_BIND(sym->st_info);
2838 /* externs are symbols w/ type=NOTYPE, bind=GLOBAL|WEAK, section=UND */
2839 return sym->st_shndx == SHN_UNDEF &&
2840 (bind == STB_GLOBAL || bind == STB_WEAK) &&
2841 GELF_ST_TYPE(sym->st_info) == STT_NOTYPE;
2844 static int find_extern_btf_id(const struct btf *btf, const char *ext_name)
2846 const struct btf_type *t;
2847 const char *var_name;
2853 n = btf__get_nr_types(btf);
2854 for (i = 1; i <= n; i++) {
2855 t = btf__type_by_id(btf, i);
2860 var_name = btf__name_by_offset(btf, t->name_off);
2861 if (strcmp(var_name, ext_name))
2864 if (btf_var(t)->linkage != BTF_VAR_GLOBAL_EXTERN)
2873 static int find_extern_sec_btf_id(struct btf *btf, int ext_btf_id) {
2874 const struct btf_var_secinfo *vs;
2875 const struct btf_type *t;
2881 n = btf__get_nr_types(btf);
2882 for (i = 1; i <= n; i++) {
2883 t = btf__type_by_id(btf, i);
2885 if (!btf_is_datasec(t))
2888 vs = btf_var_secinfos(t);
2889 for (j = 0; j < btf_vlen(t); j++, vs++) {
2890 if (vs->type == ext_btf_id)
2898 static enum kcfg_type find_kcfg_type(const struct btf *btf, int id,
2901 const struct btf_type *t;
2904 t = skip_mods_and_typedefs(btf, id, NULL);
2905 name = btf__name_by_offset(btf, t->name_off);
2909 switch (btf_kind(t)) {
2910 case BTF_KIND_INT: {
2911 int enc = btf_int_encoding(t);
2913 if (enc & BTF_INT_BOOL)
2914 return t->size == 1 ? KCFG_BOOL : KCFG_UNKNOWN;
2916 *is_signed = enc & BTF_INT_SIGNED;
2919 if (t->size < 1 || t->size > 8 || (t->size & (t->size - 1)))
2920 return KCFG_UNKNOWN;
2925 return KCFG_UNKNOWN;
2926 if (strcmp(name, "libbpf_tristate"))
2927 return KCFG_UNKNOWN;
2928 return KCFG_TRISTATE;
2929 case BTF_KIND_ARRAY:
2930 if (btf_array(t)->nelems == 0)
2931 return KCFG_UNKNOWN;
2932 if (find_kcfg_type(btf, btf_array(t)->type, NULL) != KCFG_CHAR)
2933 return KCFG_UNKNOWN;
2934 return KCFG_CHAR_ARR;
2936 return KCFG_UNKNOWN;
2940 static int cmp_externs(const void *_a, const void *_b)
2942 const struct extern_desc *a = _a;
2943 const struct extern_desc *b = _b;
2945 if (a->type != b->type)
2946 return a->type < b->type ? -1 : 1;
2948 if (a->type == EXT_KCFG) {
2949 /* descending order by alignment requirements */
2950 if (a->kcfg.align != b->kcfg.align)
2951 return a->kcfg.align > b->kcfg.align ? -1 : 1;
2952 /* ascending order by size, within same alignment class */
2953 if (a->kcfg.sz != b->kcfg.sz)
2954 return a->kcfg.sz < b->kcfg.sz ? -1 : 1;
2957 /* resolve ties by name */
2958 return strcmp(a->name, b->name);
2961 static int find_int_btf_id(const struct btf *btf)
2963 const struct btf_type *t;
2966 n = btf__get_nr_types(btf);
2967 for (i = 1; i <= n; i++) {
2968 t = btf__type_by_id(btf, i);
2970 if (btf_is_int(t) && btf_int_bits(t) == 32)
2977 static int bpf_object__collect_externs(struct bpf_object *obj)
2979 struct btf_type *sec, *kcfg_sec = NULL, *ksym_sec = NULL;
2980 const struct btf_type *t;
2981 struct extern_desc *ext;
2983 const char *ext_name, *sec_name;
2987 if (!obj->efile.symbols)
2990 scn = elf_sec_by_idx(obj, obj->efile.symbols_shndx);
2991 if (elf_sec_hdr(obj, scn, &sh))
2992 return -LIBBPF_ERRNO__FORMAT;
2994 n = sh.sh_size / sh.sh_entsize;
2995 pr_debug("looking for externs among %d symbols...\n", n);
2997 for (i = 0; i < n; i++) {
3000 if (!gelf_getsym(obj->efile.symbols, i, &sym))
3001 return -LIBBPF_ERRNO__FORMAT;
3002 if (!sym_is_extern(&sym))
3004 ext_name = elf_sym_str(obj, sym.st_name);
3005 if (!ext_name || !ext_name[0])
3009 ext = libbpf_reallocarray(ext, obj->nr_extern + 1, sizeof(*ext));
3013 ext = &ext[obj->nr_extern];
3014 memset(ext, 0, sizeof(*ext));
3017 ext->btf_id = find_extern_btf_id(obj->btf, ext_name);
3018 if (ext->btf_id <= 0) {
3019 pr_warn("failed to find BTF for extern '%s': %d\n",
3020 ext_name, ext->btf_id);
3023 t = btf__type_by_id(obj->btf, ext->btf_id);
3024 ext->name = btf__name_by_offset(obj->btf, t->name_off);
3026 ext->is_weak = GELF_ST_BIND(sym.st_info) == STB_WEAK;
3028 ext->sec_btf_id = find_extern_sec_btf_id(obj->btf, ext->btf_id);
3029 if (ext->sec_btf_id <= 0) {
3030 pr_warn("failed to find BTF for extern '%s' [%d] section: %d\n",
3031 ext_name, ext->btf_id, ext->sec_btf_id);
3032 return ext->sec_btf_id;
3034 sec = (void *)btf__type_by_id(obj->btf, ext->sec_btf_id);
3035 sec_name = btf__name_by_offset(obj->btf, sec->name_off);
3037 if (strcmp(sec_name, KCONFIG_SEC) == 0) {
3039 ext->type = EXT_KCFG;
3040 ext->kcfg.sz = btf__resolve_size(obj->btf, t->type);
3041 if (ext->kcfg.sz <= 0) {
3042 pr_warn("failed to resolve size of extern (kcfg) '%s': %d\n",
3043 ext_name, ext->kcfg.sz);
3044 return ext->kcfg.sz;
3046 ext->kcfg.align = btf__align_of(obj->btf, t->type);
3047 if (ext->kcfg.align <= 0) {
3048 pr_warn("failed to determine alignment of extern (kcfg) '%s': %d\n",
3049 ext_name, ext->kcfg.align);
3052 ext->kcfg.type = find_kcfg_type(obj->btf, t->type,
3053 &ext->kcfg.is_signed);
3054 if (ext->kcfg.type == KCFG_UNKNOWN) {
3055 pr_warn("extern (kcfg) '%s' type is unsupported\n", ext_name);
3058 } else if (strcmp(sec_name, KSYMS_SEC) == 0) {
3059 const struct btf_type *vt;
3062 ext->type = EXT_KSYM;
3064 vt = skip_mods_and_typedefs(obj->btf, t->type, NULL);
3065 if (!btf_is_void(vt)) {
3066 pr_warn("extern (ksym) '%s' is not typeless (void)\n", ext_name);
3070 pr_warn("unrecognized extern section '%s'\n", sec_name);
3074 pr_debug("collected %d externs total\n", obj->nr_extern);
3076 if (!obj->nr_extern)
3079 /* sort externs by type, for kcfg ones also by (align, size, name) */
3080 qsort(obj->externs, obj->nr_extern, sizeof(*ext), cmp_externs);
3082 /* for .ksyms section, we need to turn all externs into allocated
3083 * variables in BTF to pass kernel verification; we do this by
3084 * pretending that each extern is a 8-byte variable
3087 /* find existing 4-byte integer type in BTF to use for fake
3088 * extern variables in DATASEC
3090 int int_btf_id = find_int_btf_id(obj->btf);
3092 for (i = 0; i < obj->nr_extern; i++) {
3093 ext = &obj->externs[i];
3094 if (ext->type != EXT_KSYM)
3096 pr_debug("extern (ksym) #%d: symbol %d, name %s\n",
3097 i, ext->sym_idx, ext->name);
3102 for (i = 0, off = 0; i < n; i++, off += sizeof(int)) {
3103 struct btf_var_secinfo *vs = btf_var_secinfos(sec) + i;
3104 struct btf_type *vt;
3106 vt = (void *)btf__type_by_id(obj->btf, vs->type);
3107 ext_name = btf__name_by_offset(obj->btf, vt->name_off);
3108 ext = find_extern_by_name(obj, ext_name);
3110 pr_warn("failed to find extern definition for BTF var '%s'\n",
3114 btf_var(vt)->linkage = BTF_VAR_GLOBAL_ALLOCATED;
3115 vt->type = int_btf_id;
3117 vs->size = sizeof(int);
3124 /* for kcfg externs calculate their offsets within a .kconfig map */
3126 for (i = 0; i < obj->nr_extern; i++) {
3127 ext = &obj->externs[i];
3128 if (ext->type != EXT_KCFG)
3131 ext->kcfg.data_off = roundup(off, ext->kcfg.align);
3132 off = ext->kcfg.data_off + ext->kcfg.sz;
3133 pr_debug("extern (kcfg) #%d: symbol %d, off %u, name %s\n",
3134 i, ext->sym_idx, ext->kcfg.data_off, ext->name);
3138 for (i = 0; i < n; i++) {
3139 struct btf_var_secinfo *vs = btf_var_secinfos(sec) + i;
3141 t = btf__type_by_id(obj->btf, vs->type);
3142 ext_name = btf__name_by_offset(obj->btf, t->name_off);
3143 ext = find_extern_by_name(obj, ext_name);
3145 pr_warn("failed to find extern definition for BTF var '%s'\n",
3149 btf_var(t)->linkage = BTF_VAR_GLOBAL_ALLOCATED;
3150 vs->offset = ext->kcfg.data_off;
3156 static struct bpf_program *
3157 bpf_object__find_prog_by_idx(struct bpf_object *obj, int idx)
3159 struct bpf_program *prog;
3162 for (i = 0; i < obj->nr_programs; i++) {
3163 prog = &obj->programs[i];
3164 if (prog->idx == idx)
3170 struct bpf_program *
3171 bpf_object__find_program_by_title(const struct bpf_object *obj,
3174 struct bpf_program *pos;
3176 bpf_object__for_each_program(pos, obj) {
3177 if (pos->section_name && !strcmp(pos->section_name, title))
3183 struct bpf_program *
3184 bpf_object__find_program_by_name(const struct bpf_object *obj,
3187 struct bpf_program *prog;
3189 bpf_object__for_each_program(prog, obj) {
3190 if (!strcmp(prog->name, name))
3196 static bool bpf_object__shndx_is_data(const struct bpf_object *obj,
3199 return shndx == obj->efile.data_shndx ||
3200 shndx == obj->efile.bss_shndx ||
3201 shndx == obj->efile.rodata_shndx;
3204 static bool bpf_object__shndx_is_maps(const struct bpf_object *obj,
3207 return shndx == obj->efile.maps_shndx ||
3208 shndx == obj->efile.btf_maps_shndx;
3211 static enum libbpf_map_type
3212 bpf_object__section_to_libbpf_map_type(const struct bpf_object *obj, int shndx)
3214 if (shndx == obj->efile.data_shndx)
3215 return LIBBPF_MAP_DATA;
3216 else if (shndx == obj->efile.bss_shndx)
3217 return LIBBPF_MAP_BSS;
3218 else if (shndx == obj->efile.rodata_shndx)
3219 return LIBBPF_MAP_RODATA;
3220 else if (shndx == obj->efile.symbols_shndx)
3221 return LIBBPF_MAP_KCONFIG;
3223 return LIBBPF_MAP_UNSPEC;
3226 static int bpf_program__record_reloc(struct bpf_program *prog,
3227 struct reloc_desc *reloc_desc,
3228 __u32 insn_idx, const char *name,
3229 const GElf_Sym *sym, const GElf_Rel *rel)
3231 struct bpf_insn *insn = &prog->insns[insn_idx];
3232 size_t map_idx, nr_maps = prog->obj->nr_maps;
3233 struct bpf_object *obj = prog->obj;
3234 __u32 shdr_idx = sym->st_shndx;
3235 enum libbpf_map_type type;
3236 struct bpf_map *map;
3238 /* sub-program call relocation */
3239 if (insn->code == (BPF_JMP | BPF_CALL)) {
3240 if (insn->src_reg != BPF_PSEUDO_CALL) {
3241 pr_warn("incorrect bpf_call opcode\n");
3242 return -LIBBPF_ERRNO__RELOC;
3244 /* text_shndx can be 0, if no default "main" program exists */
3245 if (!shdr_idx || shdr_idx != obj->efile.text_shndx) {
3246 pr_warn("bad call relo against section %u\n", shdr_idx);
3247 return -LIBBPF_ERRNO__RELOC;
3249 if (sym->st_value % 8) {
3250 pr_warn("bad call relo offset: %zu\n",
3251 (size_t)sym->st_value);
3252 return -LIBBPF_ERRNO__RELOC;
3254 reloc_desc->type = RELO_CALL;
3255 reloc_desc->insn_idx = insn_idx;
3256 reloc_desc->sym_off = sym->st_value;
3257 obj->has_pseudo_calls = true;
3261 if (insn->code != (BPF_LD | BPF_IMM | BPF_DW)) {
3262 pr_warn("invalid relo for insns[%d].code 0x%x\n",
3263 insn_idx, insn->code);
3264 return -LIBBPF_ERRNO__RELOC;
3267 if (sym_is_extern(sym)) {
3268 int sym_idx = GELF_R_SYM(rel->r_info);
3269 int i, n = obj->nr_extern;
3270 struct extern_desc *ext;
3272 for (i = 0; i < n; i++) {
3273 ext = &obj->externs[i];
3274 if (ext->sym_idx == sym_idx)
3278 pr_warn("extern relo failed to find extern for sym %d\n",
3280 return -LIBBPF_ERRNO__RELOC;
3282 pr_debug("found extern #%d '%s' (sym %d) for insn %u\n",
3283 i, ext->name, ext->sym_idx, insn_idx);
3284 reloc_desc->type = RELO_EXTERN;
3285 reloc_desc->insn_idx = insn_idx;
3286 reloc_desc->sym_off = i; /* sym_off stores extern index */
3290 if (!shdr_idx || shdr_idx >= SHN_LORESERVE) {
3291 pr_warn("invalid relo for \'%s\' in special section 0x%x; forgot to initialize global var?..\n",
3293 return -LIBBPF_ERRNO__RELOC;
3296 type = bpf_object__section_to_libbpf_map_type(obj, shdr_idx);
3298 /* generic map reference relocation */
3299 if (type == LIBBPF_MAP_UNSPEC) {
3300 if (!bpf_object__shndx_is_maps(obj, shdr_idx)) {
3301 pr_warn("bad map relo against section %u\n",
3303 return -LIBBPF_ERRNO__RELOC;
3305 for (map_idx = 0; map_idx < nr_maps; map_idx++) {
3306 map = &obj->maps[map_idx];
3307 if (map->libbpf_type != type ||
3308 map->sec_idx != sym->st_shndx ||
3309 map->sec_offset != sym->st_value)
3311 pr_debug("found map %zd (%s, sec %d, off %zu) for insn %u\n",
3312 map_idx, map->name, map->sec_idx,
3313 map->sec_offset, insn_idx);
3316 if (map_idx >= nr_maps) {
3317 pr_warn("map relo failed to find map for sec %u, off %zu\n",
3318 shdr_idx, (size_t)sym->st_value);
3319 return -LIBBPF_ERRNO__RELOC;
3321 reloc_desc->type = RELO_LD64;
3322 reloc_desc->insn_idx = insn_idx;
3323 reloc_desc->map_idx = map_idx;
3324 reloc_desc->sym_off = 0; /* sym->st_value determines map_idx */
3328 /* global data map relocation */
3329 if (!bpf_object__shndx_is_data(obj, shdr_idx)) {
3330 pr_warn("bad data relo against section %u\n", shdr_idx);
3331 return -LIBBPF_ERRNO__RELOC;
3333 for (map_idx = 0; map_idx < nr_maps; map_idx++) {
3334 map = &obj->maps[map_idx];
3335 if (map->libbpf_type != type)
3337 pr_debug("found data map %zd (%s, sec %d, off %zu) for insn %u\n",
3338 map_idx, map->name, map->sec_idx, map->sec_offset,
3342 if (map_idx >= nr_maps) {
3343 pr_warn("data relo failed to find map for sec %u\n",
3345 return -LIBBPF_ERRNO__RELOC;
3348 reloc_desc->type = RELO_DATA;
3349 reloc_desc->insn_idx = insn_idx;
3350 reloc_desc->map_idx = map_idx;
3351 reloc_desc->sym_off = sym->st_value;
3356 bpf_program__collect_reloc(struct bpf_program *prog, GElf_Shdr *shdr,
3357 Elf_Data *data, struct bpf_object *obj)
3359 Elf_Data *symbols = obj->efile.symbols;
3362 pr_debug("collecting relocating info for: '%s'\n", prog->section_name);
3363 nrels = shdr->sh_size / shdr->sh_entsize;
3365 prog->reloc_desc = malloc(sizeof(*prog->reloc_desc) * nrels);
3366 if (!prog->reloc_desc) {
3367 pr_warn("failed to alloc memory in relocation\n");
3370 prog->nr_reloc = nrels;
3372 for (i = 0; i < nrels; i++) {
3378 if (!gelf_getrel(data, i, &rel)) {
3379 pr_warn("relocation: failed to get %d reloc\n", i);
3380 return -LIBBPF_ERRNO__FORMAT;
3382 if (!gelf_getsym(symbols, GELF_R_SYM(rel.r_info), &sym)) {
3383 pr_warn("relocation: symbol %zx not found\n",
3384 (size_t)GELF_R_SYM(rel.r_info));
3385 return -LIBBPF_ERRNO__FORMAT;
3387 if (rel.r_offset % sizeof(struct bpf_insn))
3388 return -LIBBPF_ERRNO__FORMAT;
3390 insn_idx = rel.r_offset / sizeof(struct bpf_insn);
3391 name = elf_sym_str(obj, sym.st_name) ?: "<?>";
3393 pr_debug("relo for shdr %u, symb %zu, value %zu, type %d, bind %d, name %d (\'%s\'), insn %u\n",
3394 (__u32)sym.st_shndx, (size_t)GELF_R_SYM(rel.r_info),
3395 (size_t)sym.st_value, GELF_ST_TYPE(sym.st_info),
3396 GELF_ST_BIND(sym.st_info), sym.st_name, name,
3399 err = bpf_program__record_reloc(prog, &prog->reloc_desc[i],
3400 insn_idx, name, &sym, &rel);
3407 static int bpf_map_find_btf_info(struct bpf_object *obj, struct bpf_map *map)
3409 struct bpf_map_def *def = &map->def;
3410 __u32 key_type_id = 0, value_type_id = 0;
3413 /* if it's BTF-defined map, we don't need to search for type IDs.
3414 * For struct_ops map, it does not need btf_key_type_id and
3415 * btf_value_type_id.
3417 if (map->sec_idx == obj->efile.btf_maps_shndx ||
3418 bpf_map__is_struct_ops(map))
3421 if (!bpf_map__is_internal(map)) {
3422 ret = btf__get_map_kv_tids(obj->btf, map->name, def->key_size,
3423 def->value_size, &key_type_id,
3427 * LLVM annotates global data differently in BTF, that is,
3428 * only as '.data', '.bss' or '.rodata'.
3430 ret = btf__find_by_name(obj->btf,
3431 libbpf_type_to_btf_name[map->libbpf_type]);
3436 map->btf_key_type_id = key_type_id;
3437 map->btf_value_type_id = bpf_map__is_internal(map) ?
3438 ret : value_type_id;
3442 int bpf_map__reuse_fd(struct bpf_map *map, int fd)
3444 struct bpf_map_info info = {};
3445 __u32 len = sizeof(info);
3449 err = bpf_obj_get_info_by_fd(fd, &info, &len);
3453 new_name = strdup(info.name);
3457 new_fd = open("/", O_RDONLY | O_CLOEXEC);
3460 goto err_free_new_name;
3463 new_fd = dup3(fd, new_fd, O_CLOEXEC);
3466 goto err_close_new_fd;
3469 err = zclose(map->fd);
3472 goto err_close_new_fd;
3477 map->name = new_name;
3478 map->def.type = info.type;
3479 map->def.key_size = info.key_size;
3480 map->def.value_size = info.value_size;
3481 map->def.max_entries = info.max_entries;
3482 map->def.map_flags = info.map_flags;
3483 map->btf_key_type_id = info.btf_key_type_id;
3484 map->btf_value_type_id = info.btf_value_type_id;
3496 __u32 bpf_map__max_entries(const struct bpf_map *map)
3498 return map->def.max_entries;
3501 int bpf_map__set_max_entries(struct bpf_map *map, __u32 max_entries)
3505 map->def.max_entries = max_entries;
3509 int bpf_map__resize(struct bpf_map *map, __u32 max_entries)
3511 if (!map || !max_entries)
3514 return bpf_map__set_max_entries(map, max_entries);
3518 bpf_object__probe_loading(struct bpf_object *obj)
3520 struct bpf_load_program_attr attr;
3521 char *cp, errmsg[STRERR_BUFSIZE];
3522 struct bpf_insn insns[] = {
3523 BPF_MOV64_IMM(BPF_REG_0, 0),
3528 /* make sure basic loading works */
3530 memset(&attr, 0, sizeof(attr));
3531 attr.prog_type = BPF_PROG_TYPE_SOCKET_FILTER;
3533 attr.insns_cnt = ARRAY_SIZE(insns);
3534 attr.license = "GPL";
3536 ret = bpf_load_program_xattr(&attr, NULL, 0);
3539 cp = libbpf_strerror_r(ret, errmsg, sizeof(errmsg));
3540 pr_warn("Error in %s():%s(%d). Couldn't load trivial BPF "
3541 "program. Make sure your kernel supports BPF "
3542 "(CONFIG_BPF_SYSCALL=y) and/or that RLIMIT_MEMLOCK is "
3543 "set to big enough value.\n", __func__, cp, ret);
3551 static int probe_fd(int fd)
3558 static int probe_kern_prog_name(void)
3560 struct bpf_load_program_attr attr;
3561 struct bpf_insn insns[] = {
3562 BPF_MOV64_IMM(BPF_REG_0, 0),
3567 /* make sure loading with name works */
3569 memset(&attr, 0, sizeof(attr));
3570 attr.prog_type = BPF_PROG_TYPE_SOCKET_FILTER;
3572 attr.insns_cnt = ARRAY_SIZE(insns);
3573 attr.license = "GPL";
3575 ret = bpf_load_program_xattr(&attr, NULL, 0);
3576 return probe_fd(ret);
3579 static int probe_kern_global_data(void)
3581 struct bpf_load_program_attr prg_attr;
3582 struct bpf_create_map_attr map_attr;
3583 char *cp, errmsg[STRERR_BUFSIZE];
3584 struct bpf_insn insns[] = {
3585 BPF_LD_MAP_VALUE(BPF_REG_1, 0, 16),
3586 BPF_ST_MEM(BPF_DW, BPF_REG_1, 0, 42),
3587 BPF_MOV64_IMM(BPF_REG_0, 0),
3592 memset(&map_attr, 0, sizeof(map_attr));
3593 map_attr.map_type = BPF_MAP_TYPE_ARRAY;
3594 map_attr.key_size = sizeof(int);
3595 map_attr.value_size = 32;
3596 map_attr.max_entries = 1;
3598 map = bpf_create_map_xattr(&map_attr);
3601 cp = libbpf_strerror_r(ret, errmsg, sizeof(errmsg));
3602 pr_warn("Error in %s():%s(%d). Couldn't create simple array map.\n",
3603 __func__, cp, -ret);
3609 memset(&prg_attr, 0, sizeof(prg_attr));
3610 prg_attr.prog_type = BPF_PROG_TYPE_SOCKET_FILTER;
3611 prg_attr.insns = insns;
3612 prg_attr.insns_cnt = ARRAY_SIZE(insns);
3613 prg_attr.license = "GPL";
3615 ret = bpf_load_program_xattr(&prg_attr, NULL, 0);
3617 return probe_fd(ret);
3620 static int probe_kern_btf(void)
3622 static const char strs[] = "\0int";
3625 BTF_TYPE_INT_ENC(1, BTF_INT_SIGNED, 0, 32, 4),
3628 return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
3629 strs, sizeof(strs)));
3632 static int probe_kern_btf_func(void)
3634 static const char strs[] = "\0int\0x\0a";
3635 /* void x(int a) {} */
3638 BTF_TYPE_INT_ENC(1, BTF_INT_SIGNED, 0, 32, 4), /* [1] */
3639 /* FUNC_PROTO */ /* [2] */
3640 BTF_TYPE_ENC(0, BTF_INFO_ENC(BTF_KIND_FUNC_PROTO, 0, 1), 0),
3641 BTF_PARAM_ENC(7, 1),
3642 /* FUNC x */ /* [3] */
3643 BTF_TYPE_ENC(5, BTF_INFO_ENC(BTF_KIND_FUNC, 0, 0), 2),
3646 return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
3647 strs, sizeof(strs)));
3650 static int probe_kern_btf_func_global(void)
3652 static const char strs[] = "\0int\0x\0a";
3653 /* static void x(int a) {} */
3656 BTF_TYPE_INT_ENC(1, BTF_INT_SIGNED, 0, 32, 4), /* [1] */
3657 /* FUNC_PROTO */ /* [2] */
3658 BTF_TYPE_ENC(0, BTF_INFO_ENC(BTF_KIND_FUNC_PROTO, 0, 1), 0),
3659 BTF_PARAM_ENC(7, 1),
3660 /* FUNC x BTF_FUNC_GLOBAL */ /* [3] */
3661 BTF_TYPE_ENC(5, BTF_INFO_ENC(BTF_KIND_FUNC, 0, BTF_FUNC_GLOBAL), 2),
3664 return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
3665 strs, sizeof(strs)));
3668 static int probe_kern_btf_datasec(void)
3670 static const char strs[] = "\0x\0.data";
3674 BTF_TYPE_INT_ENC(0, BTF_INT_SIGNED, 0, 32, 4), /* [1] */
3675 /* VAR x */ /* [2] */
3676 BTF_TYPE_ENC(1, BTF_INFO_ENC(BTF_KIND_VAR, 0, 0), 1),
3678 /* DATASEC val */ /* [3] */
3679 BTF_TYPE_ENC(3, BTF_INFO_ENC(BTF_KIND_DATASEC, 0, 1), 4),
3680 BTF_VAR_SECINFO_ENC(2, 0, 4),
3683 return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
3684 strs, sizeof(strs)));
3687 static int probe_kern_array_mmap(void)
3689 struct bpf_create_map_attr attr = {
3690 .map_type = BPF_MAP_TYPE_ARRAY,
3691 .map_flags = BPF_F_MMAPABLE,
3692 .key_size = sizeof(int),
3693 .value_size = sizeof(int),
3697 return probe_fd(bpf_create_map_xattr(&attr));
3700 static int probe_kern_exp_attach_type(void)
3702 struct bpf_load_program_attr attr;
3703 struct bpf_insn insns[] = {
3704 BPF_MOV64_IMM(BPF_REG_0, 0),
3708 memset(&attr, 0, sizeof(attr));
3709 /* use any valid combination of program type and (optional)
3710 * non-zero expected attach type (i.e., not a BPF_CGROUP_INET_INGRESS)
3711 * to see if kernel supports expected_attach_type field for
3712 * BPF_PROG_LOAD command
3714 attr.prog_type = BPF_PROG_TYPE_CGROUP_SOCK;
3715 attr.expected_attach_type = BPF_CGROUP_INET_SOCK_CREATE;
3717 attr.insns_cnt = ARRAY_SIZE(insns);
3718 attr.license = "GPL";
3720 return probe_fd(bpf_load_program_xattr(&attr, NULL, 0));
3723 static int probe_kern_probe_read_kernel(void)
3725 struct bpf_load_program_attr attr;
3726 struct bpf_insn insns[] = {
3727 BPF_MOV64_REG(BPF_REG_1, BPF_REG_10), /* r1 = r10 (fp) */
3728 BPF_ALU64_IMM(BPF_ADD, BPF_REG_1, -8), /* r1 += -8 */
3729 BPF_MOV64_IMM(BPF_REG_2, 8), /* r2 = 8 */
3730 BPF_MOV64_IMM(BPF_REG_3, 0), /* r3 = 0 */
3731 BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_probe_read_kernel),
3735 memset(&attr, 0, sizeof(attr));
3736 attr.prog_type = BPF_PROG_TYPE_KPROBE;
3738 attr.insns_cnt = ARRAY_SIZE(insns);
3739 attr.license = "GPL";
3741 return probe_fd(bpf_load_program_xattr(&attr, NULL, 0));
3744 enum kern_feature_result {
3750 typedef int (*feature_probe_fn)(void);
3752 static struct kern_feature_desc {
3754 feature_probe_fn probe;
3755 enum kern_feature_result res;
3756 } feature_probes[__FEAT_CNT] = {
3757 [FEAT_PROG_NAME] = {
3758 "BPF program name", probe_kern_prog_name,
3760 [FEAT_GLOBAL_DATA] = {
3761 "global variables", probe_kern_global_data,
3764 "minimal BTF", probe_kern_btf,
3767 "BTF functions", probe_kern_btf_func,
3769 [FEAT_BTF_GLOBAL_FUNC] = {
3770 "BTF global function", probe_kern_btf_func_global,
3772 [FEAT_BTF_DATASEC] = {
3773 "BTF data section and variable", probe_kern_btf_datasec,
3775 [FEAT_ARRAY_MMAP] = {
3776 "ARRAY map mmap()", probe_kern_array_mmap,
3778 [FEAT_EXP_ATTACH_TYPE] = {
3779 "BPF_PROG_LOAD expected_attach_type attribute",
3780 probe_kern_exp_attach_type,
3782 [FEAT_PROBE_READ_KERN] = {
3783 "bpf_probe_read_kernel() helper", probe_kern_probe_read_kernel,
3787 static bool kernel_supports(enum kern_feature_id feat_id)
3789 struct kern_feature_desc *feat = &feature_probes[feat_id];
3792 if (READ_ONCE(feat->res) == FEAT_UNKNOWN) {
3793 ret = feat->probe();
3795 WRITE_ONCE(feat->res, FEAT_SUPPORTED);
3796 } else if (ret == 0) {
3797 WRITE_ONCE(feat->res, FEAT_MISSING);
3799 pr_warn("Detection of kernel %s support failed: %d\n", feat->desc, ret);
3800 WRITE_ONCE(feat->res, FEAT_MISSING);
3804 return READ_ONCE(feat->res) == FEAT_SUPPORTED;
3807 static bool map_is_reuse_compat(const struct bpf_map *map, int map_fd)
3809 struct bpf_map_info map_info = {};
3810 char msg[STRERR_BUFSIZE];
3813 map_info_len = sizeof(map_info);
3815 if (bpf_obj_get_info_by_fd(map_fd, &map_info, &map_info_len)) {
3816 pr_warn("failed to get map info for map FD %d: %s\n",
3817 map_fd, libbpf_strerror_r(errno, msg, sizeof(msg)));
3821 return (map_info.type == map->def.type &&
3822 map_info.key_size == map->def.key_size &&
3823 map_info.value_size == map->def.value_size &&
3824 map_info.max_entries == map->def.max_entries &&
3825 map_info.map_flags == map->def.map_flags);
3829 bpf_object__reuse_map(struct bpf_map *map)
3831 char *cp, errmsg[STRERR_BUFSIZE];
3834 pin_fd = bpf_obj_get(map->pin_path);
3837 if (err == -ENOENT) {
3838 pr_debug("found no pinned map to reuse at '%s'\n",
3843 cp = libbpf_strerror_r(-err, errmsg, sizeof(errmsg));
3844 pr_warn("couldn't retrieve pinned map '%s': %s\n",
3849 if (!map_is_reuse_compat(map, pin_fd)) {
3850 pr_warn("couldn't reuse pinned map at '%s': parameter mismatch\n",
3856 err = bpf_map__reuse_fd(map, pin_fd);
3862 pr_debug("reused pinned map at '%s'\n", map->pin_path);
3868 bpf_object__populate_internal_map(struct bpf_object *obj, struct bpf_map *map)
3870 enum libbpf_map_type map_type = map->libbpf_type;
3871 char *cp, errmsg[STRERR_BUFSIZE];
3874 err = bpf_map_update_elem(map->fd, &zero, map->mmaped, 0);
3877 cp = libbpf_strerror_r(err, errmsg, sizeof(errmsg));
3878 pr_warn("Error setting initial map(%s) contents: %s\n",
3883 /* Freeze .rodata and .kconfig map as read-only from syscall side. */
3884 if (map_type == LIBBPF_MAP_RODATA || map_type == LIBBPF_MAP_KCONFIG) {
3885 err = bpf_map_freeze(map->fd);
3888 cp = libbpf_strerror_r(err, errmsg, sizeof(errmsg));
3889 pr_warn("Error freezing map(%s) as read-only: %s\n",
3897 static void bpf_map__destroy(struct bpf_map *map);
3899 static int bpf_object__create_map(struct bpf_object *obj, struct bpf_map *map)
3901 struct bpf_create_map_attr create_attr;
3902 struct bpf_map_def *def = &map->def;
3904 memset(&create_attr, 0, sizeof(create_attr));
3906 if (kernel_supports(FEAT_PROG_NAME))
3907 create_attr.name = map->name;
3908 create_attr.map_ifindex = map->map_ifindex;
3909 create_attr.map_type = def->type;
3910 create_attr.map_flags = def->map_flags;
3911 create_attr.key_size = def->key_size;
3912 create_attr.value_size = def->value_size;
3913 create_attr.numa_node = map->numa_node;
3915 if (def->type == BPF_MAP_TYPE_PERF_EVENT_ARRAY && !def->max_entries) {
3918 nr_cpus = libbpf_num_possible_cpus();
3920 pr_warn("map '%s': failed to determine number of system CPUs: %d\n",
3921 map->name, nr_cpus);
3924 pr_debug("map '%s': setting size to %d\n", map->name, nr_cpus);
3925 create_attr.max_entries = nr_cpus;
3927 create_attr.max_entries = def->max_entries;
3930 if (bpf_map__is_struct_ops(map))
3931 create_attr.btf_vmlinux_value_type_id =
3932 map->btf_vmlinux_value_type_id;
3934 create_attr.btf_fd = 0;
3935 create_attr.btf_key_type_id = 0;
3936 create_attr.btf_value_type_id = 0;
3937 if (obj->btf && btf__fd(obj->btf) >= 0 && !bpf_map_find_btf_info(obj, map)) {
3938 create_attr.btf_fd = btf__fd(obj->btf);
3939 create_attr.btf_key_type_id = map->btf_key_type_id;
3940 create_attr.btf_value_type_id = map->btf_value_type_id;
3943 if (bpf_map_type__is_map_in_map(def->type)) {
3944 if (map->inner_map) {
3947 err = bpf_object__create_map(obj, map->inner_map);
3949 pr_warn("map '%s': failed to create inner map: %d\n",
3953 map->inner_map_fd = bpf_map__fd(map->inner_map);
3955 if (map->inner_map_fd >= 0)
3956 create_attr.inner_map_fd = map->inner_map_fd;
3959 map->fd = bpf_create_map_xattr(&create_attr);
3960 if (map->fd < 0 && (create_attr.btf_key_type_id ||
3961 create_attr.btf_value_type_id)) {
3962 char *cp, errmsg[STRERR_BUFSIZE];
3965 cp = libbpf_strerror_r(err, errmsg, sizeof(errmsg));
3966 pr_warn("Error in bpf_create_map_xattr(%s):%s(%d). Retrying without BTF.\n",
3967 map->name, cp, err);
3968 create_attr.btf_fd = 0;
3969 create_attr.btf_key_type_id = 0;
3970 create_attr.btf_value_type_id = 0;
3971 map->btf_key_type_id = 0;
3972 map->btf_value_type_id = 0;
3973 map->fd = bpf_create_map_xattr(&create_attr);
3979 if (bpf_map_type__is_map_in_map(def->type) && map->inner_map) {
3980 bpf_map__destroy(map->inner_map);
3981 zfree(&map->inner_map);
3988 bpf_object__create_maps(struct bpf_object *obj)
3990 struct bpf_map *map;
3991 char *cp, errmsg[STRERR_BUFSIZE];
3995 for (i = 0; i < obj->nr_maps; i++) {
3996 map = &obj->maps[i];
3998 if (map->pin_path) {
3999 err = bpf_object__reuse_map(map);
4001 pr_warn("map '%s': error reusing pinned map\n",
4008 pr_debug("map '%s': skipping creation (preset fd=%d)\n",
4009 map->name, map->fd);
4013 err = bpf_object__create_map(obj, map);
4017 pr_debug("map '%s': created successfully, fd=%d\n", map->name,
4020 if (bpf_map__is_internal(map)) {
4021 err = bpf_object__populate_internal_map(obj, map);
4028 if (map->init_slots_sz) {
4029 for (j = 0; j < map->init_slots_sz; j++) {
4030 const struct bpf_map *targ_map;
4033 if (!map->init_slots[j])
4036 targ_map = map->init_slots[j];
4037 fd = bpf_map__fd(targ_map);
4038 err = bpf_map_update_elem(map->fd, &j, &fd, 0);
4041 pr_warn("map '%s': failed to initialize slot [%d] to map '%s' fd=%d: %d\n",
4042 map->name, j, targ_map->name,
4046 pr_debug("map '%s': slot [%d] set to map '%s' fd=%d\n",
4047 map->name, j, targ_map->name, fd);
4049 zfree(&map->init_slots);
4050 map->init_slots_sz = 0;
4053 if (map->pin_path && !map->pinned) {
4054 err = bpf_map__pin(map, NULL);
4056 pr_warn("map '%s': failed to auto-pin at '%s': %d\n",
4057 map->name, map->pin_path, err);
4067 cp = libbpf_strerror_r(err, errmsg, sizeof(errmsg));
4068 pr_warn("map '%s': failed to create: %s(%d)\n", map->name, cp, err);
4070 for (j = 0; j < i; j++)
4071 zclose(obj->maps[j].fd);
4076 check_btf_ext_reloc_err(struct bpf_program *prog, int err,
4077 void *btf_prog_info, const char *info_name)
4079 if (err != -ENOENT) {
4080 pr_warn("Error in loading %s for sec %s.\n",
4081 info_name, prog->section_name);
4085 /* err == -ENOENT (i.e. prog->section_name not found in btf_ext) */
4087 if (btf_prog_info) {
4089 * Some info has already been found but has problem
4090 * in the last btf_ext reloc. Must have to error out.
4092 pr_warn("Error in relocating %s for sec %s.\n",
4093 info_name, prog->section_name);
4097 /* Have problem loading the very first info. Ignore the rest. */
4098 pr_warn("Cannot find %s for main program sec %s. Ignore all %s.\n",
4099 info_name, prog->section_name, info_name);
4104 bpf_program_reloc_btf_ext(struct bpf_program *prog, struct bpf_object *obj,
4105 const char *section_name, __u32 insn_offset)
4109 if (!insn_offset || prog->func_info) {
4111 * !insn_offset => main program
4113 * For sub prog, the main program's func_info has to
4114 * be loaded first (i.e. prog->func_info != NULL)
4116 err = btf_ext__reloc_func_info(obj->btf, obj->btf_ext,
4117 section_name, insn_offset,
4119 &prog->func_info_cnt);
4121 return check_btf_ext_reloc_err(prog, err,
4125 prog->func_info_rec_size = btf_ext__func_info_rec_size(obj->btf_ext);
4128 if (!insn_offset || prog->line_info) {
4129 err = btf_ext__reloc_line_info(obj->btf, obj->btf_ext,
4130 section_name, insn_offset,
4132 &prog->line_info_cnt);
4134 return check_btf_ext_reloc_err(prog, err,
4138 prog->line_info_rec_size = btf_ext__line_info_rec_size(obj->btf_ext);
4144 #define BPF_CORE_SPEC_MAX_LEN 64
4146 /* represents BPF CO-RE field or array element accessor */
4147 struct bpf_core_accessor {
4148 __u32 type_id; /* struct/union type or array element type */
4149 __u32 idx; /* field index or array index */
4150 const char *name; /* field name or NULL for array accessor */
4153 struct bpf_core_spec {
4154 const struct btf *btf;
4155 /* high-level spec: named fields and array indices only */
4156 struct bpf_core_accessor spec[BPF_CORE_SPEC_MAX_LEN];
4157 /* original unresolved (no skip_mods_or_typedefs) root type ID */
4159 /* CO-RE relocation kind */
4160 enum bpf_core_relo_kind relo_kind;
4161 /* high-level spec length */
4163 /* raw, low-level spec: 1-to-1 with accessor spec string */
4164 int raw_spec[BPF_CORE_SPEC_MAX_LEN];
4165 /* raw spec length */
4167 /* field bit offset represented by spec */
4171 static bool str_is_empty(const char *s)
4176 static bool is_flex_arr(const struct btf *btf,
4177 const struct bpf_core_accessor *acc,
4178 const struct btf_array *arr)
4180 const struct btf_type *t;
4182 /* not a flexible array, if not inside a struct or has non-zero size */
4183 if (!acc->name || arr->nelems > 0)
4186 /* has to be the last member of enclosing struct */
4187 t = btf__type_by_id(btf, acc->type_id);
4188 return acc->idx == btf_vlen(t) - 1;
4191 static const char *core_relo_kind_str(enum bpf_core_relo_kind kind)
4194 case BPF_FIELD_BYTE_OFFSET: return "byte_off";
4195 case BPF_FIELD_BYTE_SIZE: return "byte_sz";
4196 case BPF_FIELD_EXISTS: return "field_exists";
4197 case BPF_FIELD_SIGNED: return "signed";
4198 case BPF_FIELD_LSHIFT_U64: return "lshift_u64";
4199 case BPF_FIELD_RSHIFT_U64: return "rshift_u64";
4200 case BPF_TYPE_ID_LOCAL: return "local_type_id";
4201 case BPF_TYPE_ID_TARGET: return "target_type_id";
4202 case BPF_TYPE_EXISTS: return "type_exists";
4203 case BPF_TYPE_SIZE: return "type_size";
4204 case BPF_ENUMVAL_EXISTS: return "enumval_exists";
4205 case BPF_ENUMVAL_VALUE: return "enumval_value";
4206 default: return "unknown";
4210 static bool core_relo_is_field_based(enum bpf_core_relo_kind kind)
4213 case BPF_FIELD_BYTE_OFFSET:
4214 case BPF_FIELD_BYTE_SIZE:
4215 case BPF_FIELD_EXISTS:
4216 case BPF_FIELD_SIGNED:
4217 case BPF_FIELD_LSHIFT_U64:
4218 case BPF_FIELD_RSHIFT_U64:
4225 static bool core_relo_is_type_based(enum bpf_core_relo_kind kind)
4228 case BPF_TYPE_ID_LOCAL:
4229 case BPF_TYPE_ID_TARGET:
4230 case BPF_TYPE_EXISTS:
4238 static bool core_relo_is_enumval_based(enum bpf_core_relo_kind kind)
4241 case BPF_ENUMVAL_EXISTS:
4242 case BPF_ENUMVAL_VALUE:
4250 * Turn bpf_core_relo into a low- and high-level spec representation,
4251 * validating correctness along the way, as well as calculating resulting
4252 * field bit offset, specified by accessor string. Low-level spec captures
4253 * every single level of nestedness, including traversing anonymous
4254 * struct/union members. High-level one only captures semantically meaningful
4255 * "turning points": named fields and array indicies.
4256 * E.g., for this case:
4259 * int __unimportant;
4267 * struct sample *s = ...;
4269 * int x = &s->a[3]; // access string = '0:1:2:3'
4271 * Low-level spec has 1:1 mapping with each element of access string (it's
4272 * just a parsed access string representation): [0, 1, 2, 3].
4274 * High-level spec will capture only 3 points:
4275 * - intial zero-index access by pointer (&s->... is the same as &s[0]...);
4276 * - field 'a' access (corresponds to '2' in low-level spec);
4277 * - array element #3 access (corresponds to '3' in low-level spec).
4279 * Type-based relocations (TYPE_EXISTS/TYPE_SIZE,
4280 * TYPE_ID_LOCAL/TYPE_ID_TARGET) don't capture any field information. Their
4281 * spec and raw_spec are kept empty.
4283 * Enum value-based relocations (ENUMVAL_EXISTS/ENUMVAL_VALUE) use access
4284 * string to specify enumerator's value index that need to be relocated.
4286 static int bpf_core_parse_spec(const struct btf *btf,
4288 const char *spec_str,
4289 enum bpf_core_relo_kind relo_kind,
4290 struct bpf_core_spec *spec)
4292 int access_idx, parsed_len, i;
4293 struct bpf_core_accessor *acc;
4294 const struct btf_type *t;
4299 if (str_is_empty(spec_str) || *spec_str == ':')
4302 memset(spec, 0, sizeof(*spec));
4304 spec->root_type_id = type_id;
4305 spec->relo_kind = relo_kind;
4307 /* type-based relocations don't have a field access string */
4308 if (core_relo_is_type_based(relo_kind)) {
4309 if (strcmp(spec_str, "0"))
4314 /* parse spec_str="0:1:2:3:4" into array raw_spec=[0, 1, 2, 3, 4] */
4316 if (*spec_str == ':')
4318 if (sscanf(spec_str, "%d%n", &access_idx, &parsed_len) != 1)
4320 if (spec->raw_len == BPF_CORE_SPEC_MAX_LEN)
4322 spec_str += parsed_len;
4323 spec->raw_spec[spec->raw_len++] = access_idx;
4326 if (spec->raw_len == 0)
4329 t = skip_mods_and_typedefs(btf, type_id, &id);
4333 access_idx = spec->raw_spec[0];
4334 acc = &spec->spec[0];
4336 acc->idx = access_idx;
4339 if (core_relo_is_enumval_based(relo_kind)) {
4340 if (!btf_is_enum(t) || spec->raw_len > 1 || access_idx >= btf_vlen(t))
4343 /* record enumerator name in a first accessor */
4344 acc->name = btf__name_by_offset(btf, btf_enum(t)[access_idx].name_off);
4348 if (!core_relo_is_field_based(relo_kind))
4351 sz = btf__resolve_size(btf, id);
4354 spec->bit_offset = access_idx * sz * 8;
4356 for (i = 1; i < spec->raw_len; i++) {
4357 t = skip_mods_and_typedefs(btf, id, &id);
4361 access_idx = spec->raw_spec[i];
4362 acc = &spec->spec[spec->len];
4364 if (btf_is_composite(t)) {
4365 const struct btf_member *m;
4368 if (access_idx >= btf_vlen(t))
4371 bit_offset = btf_member_bit_offset(t, access_idx);
4372 spec->bit_offset += bit_offset;
4374 m = btf_members(t) + access_idx;
4376 name = btf__name_by_offset(btf, m->name_off);
4377 if (str_is_empty(name))
4381 acc->idx = access_idx;
4387 } else if (btf_is_array(t)) {
4388 const struct btf_array *a = btf_array(t);
4391 t = skip_mods_and_typedefs(btf, a->type, &id);
4395 flex = is_flex_arr(btf, acc - 1, a);
4396 if (!flex && access_idx >= a->nelems)
4399 spec->spec[spec->len].type_id = id;
4400 spec->spec[spec->len].idx = access_idx;
4403 sz = btf__resolve_size(btf, id);
4406 spec->bit_offset += access_idx * sz * 8;
4408 pr_warn("relo for [%u] %s (at idx %d) captures type [%d] of unexpected kind %s\n",
4409 type_id, spec_str, i, id, btf_kind_str(t));
4417 static bool bpf_core_is_flavor_sep(const char *s)
4419 /* check X___Y name pattern, where X and Y are not underscores */
4420 return s[0] != '_' && /* X */
4421 s[1] == '_' && s[2] == '_' && s[3] == '_' && /* ___ */
4422 s[4] != '_'; /* Y */
4425 /* Given 'some_struct_name___with_flavor' return the length of a name prefix
4426 * before last triple underscore. Struct name part after last triple
4427 * underscore is ignored by BPF CO-RE relocation during relocation matching.
4429 static size_t bpf_core_essential_name_len(const char *name)
4431 size_t n = strlen(name);
4434 for (i = n - 5; i >= 0; i--) {
4435 if (bpf_core_is_flavor_sep(name + i))
4441 /* dynamically sized list of type IDs */
4447 static void bpf_core_free_cands(struct ids_vec *cand_ids)
4449 free(cand_ids->data);
4453 static struct ids_vec *bpf_core_find_cands(const struct btf *local_btf,
4454 __u32 local_type_id,
4455 const struct btf *targ_btf)
4457 size_t local_essent_len, targ_essent_len;
4458 const char *local_name, *targ_name;
4459 const struct btf_type *t, *local_t;
4460 struct ids_vec *cand_ids;
4464 local_t = btf__type_by_id(local_btf, local_type_id);
4466 return ERR_PTR(-EINVAL);
4468 local_name = btf__name_by_offset(local_btf, local_t->name_off);
4469 if (str_is_empty(local_name))
4470 return ERR_PTR(-EINVAL);
4471 local_essent_len = bpf_core_essential_name_len(local_name);
4473 cand_ids = calloc(1, sizeof(*cand_ids));
4475 return ERR_PTR(-ENOMEM);
4477 n = btf__get_nr_types(targ_btf);
4478 for (i = 1; i <= n; i++) {
4479 t = btf__type_by_id(targ_btf, i);
4480 if (btf_kind(t) != btf_kind(local_t))
4483 targ_name = btf__name_by_offset(targ_btf, t->name_off);
4484 if (str_is_empty(targ_name))
4487 targ_essent_len = bpf_core_essential_name_len(targ_name);
4488 if (targ_essent_len != local_essent_len)
4491 if (strncmp(local_name, targ_name, local_essent_len) == 0) {
4492 pr_debug("CO-RE relocating [%d] %s %s: found target candidate [%d] %s %s\n",
4493 local_type_id, btf_kind_str(local_t),
4494 local_name, i, btf_kind_str(t), targ_name);
4495 new_ids = libbpf_reallocarray(cand_ids->data,
4497 sizeof(*cand_ids->data));
4502 cand_ids->data = new_ids;
4503 cand_ids->data[cand_ids->len++] = i;
4508 bpf_core_free_cands(cand_ids);
4509 return ERR_PTR(err);
4512 /* Check two types for compatibility for the purpose of field access
4513 * relocation. const/volatile/restrict and typedefs are skipped to ensure we
4514 * are relocating semantically compatible entities:
4515 * - any two STRUCTs/UNIONs are compatible and can be mixed;
4516 * - any two FWDs are compatible, if their names match (modulo flavor suffix);
4517 * - any two PTRs are always compatible;
4518 * - for ENUMs, names should be the same (ignoring flavor suffix) or at
4519 * least one of enums should be anonymous;
4520 * - for ENUMs, check sizes, names are ignored;
4521 * - for INT, size and signedness are ignored;
4522 * - for ARRAY, dimensionality is ignored, element types are checked for
4523 * compatibility recursively;
4524 * - everything else shouldn't be ever a target of relocation.
4525 * These rules are not set in stone and probably will be adjusted as we get
4526 * more experience with using BPF CO-RE relocations.
4528 static int bpf_core_fields_are_compat(const struct btf *local_btf,
4530 const struct btf *targ_btf,
4533 const struct btf_type *local_type, *targ_type;
4536 local_type = skip_mods_and_typedefs(local_btf, local_id, &local_id);
4537 targ_type = skip_mods_and_typedefs(targ_btf, targ_id, &targ_id);
4538 if (!local_type || !targ_type)
4541 if (btf_is_composite(local_type) && btf_is_composite(targ_type))
4543 if (btf_kind(local_type) != btf_kind(targ_type))
4546 switch (btf_kind(local_type)) {
4550 case BTF_KIND_ENUM: {
4551 const char *local_name, *targ_name;
4552 size_t local_len, targ_len;
4554 local_name = btf__name_by_offset(local_btf,
4555 local_type->name_off);
4556 targ_name = btf__name_by_offset(targ_btf, targ_type->name_off);
4557 local_len = bpf_core_essential_name_len(local_name);
4558 targ_len = bpf_core_essential_name_len(targ_name);
4559 /* one of them is anonymous or both w/ same flavor-less names */
4560 return local_len == 0 || targ_len == 0 ||
4561 (local_len == targ_len &&
4562 strncmp(local_name, targ_name, local_len) == 0);
4565 /* just reject deprecated bitfield-like integers; all other
4566 * integers are by default compatible between each other
4568 return btf_int_offset(local_type) == 0 &&
4569 btf_int_offset(targ_type) == 0;
4570 case BTF_KIND_ARRAY:
4571 local_id = btf_array(local_type)->type;
4572 targ_id = btf_array(targ_type)->type;
4575 pr_warn("unexpected kind %d relocated, local [%d], target [%d]\n",
4576 btf_kind(local_type), local_id, targ_id);
4582 * Given single high-level named field accessor in local type, find
4583 * corresponding high-level accessor for a target type. Along the way,
4584 * maintain low-level spec for target as well. Also keep updating target
4587 * Searching is performed through recursive exhaustive enumeration of all
4588 * fields of a struct/union. If there are any anonymous (embedded)
4589 * structs/unions, they are recursively searched as well. If field with
4590 * desired name is found, check compatibility between local and target types,
4591 * before returning result.
4593 * 1 is returned, if field is found.
4594 * 0 is returned if no compatible field is found.
4595 * <0 is returned on error.
4597 static int bpf_core_match_member(const struct btf *local_btf,
4598 const struct bpf_core_accessor *local_acc,
4599 const struct btf *targ_btf,
4601 struct bpf_core_spec *spec,
4602 __u32 *next_targ_id)
4604 const struct btf_type *local_type, *targ_type;
4605 const struct btf_member *local_member, *m;
4606 const char *local_name, *targ_name;
4610 targ_type = skip_mods_and_typedefs(targ_btf, targ_id, &targ_id);
4613 if (!btf_is_composite(targ_type))
4616 local_id = local_acc->type_id;
4617 local_type = btf__type_by_id(local_btf, local_id);
4618 local_member = btf_members(local_type) + local_acc->idx;
4619 local_name = btf__name_by_offset(local_btf, local_member->name_off);
4621 n = btf_vlen(targ_type);
4622 m = btf_members(targ_type);
4623 for (i = 0; i < n; i++, m++) {
4626 bit_offset = btf_member_bit_offset(targ_type, i);
4628 /* too deep struct/union/array nesting */
4629 if (spec->raw_len == BPF_CORE_SPEC_MAX_LEN)
4632 /* speculate this member will be the good one */
4633 spec->bit_offset += bit_offset;
4634 spec->raw_spec[spec->raw_len++] = i;
4636 targ_name = btf__name_by_offset(targ_btf, m->name_off);
4637 if (str_is_empty(targ_name)) {
4638 /* embedded struct/union, we need to go deeper */
4639 found = bpf_core_match_member(local_btf, local_acc,
4641 spec, next_targ_id);
4642 if (found) /* either found or error */
4644 } else if (strcmp(local_name, targ_name) == 0) {
4645 /* matching named field */
4646 struct bpf_core_accessor *targ_acc;
4648 targ_acc = &spec->spec[spec->len++];
4649 targ_acc->type_id = targ_id;
4651 targ_acc->name = targ_name;
4653 *next_targ_id = m->type;
4654 found = bpf_core_fields_are_compat(local_btf,
4658 spec->len--; /* pop accessor */
4661 /* member turned out not to be what we looked for */
4662 spec->bit_offset -= bit_offset;
4669 /* Check local and target types for compatibility. This check is used for
4670 * type-based CO-RE relocations and follow slightly different rules than
4671 * field-based relocations. This function assumes that root types were already
4672 * checked for name match. Beyond that initial root-level name check, names
4673 * are completely ignored. Compatibility rules are as follows:
4674 * - any two STRUCTs/UNIONs/FWDs/ENUMs/INTs are considered compatible, but
4675 * kind should match for local and target types (i.e., STRUCT is not
4676 * compatible with UNION);
4677 * - for ENUMs, the size is ignored;
4678 * - for INT, size and signedness are ignored;
4679 * - for ARRAY, dimensionality is ignored, element types are checked for
4680 * compatibility recursively;
4681 * - CONST/VOLATILE/RESTRICT modifiers are ignored;
4682 * - TYPEDEFs/PTRs are compatible if types they pointing to are compatible;
4683 * - FUNC_PROTOs are compatible if they have compatible signature: same
4684 * number of input args and compatible return and argument types.
4685 * These rules are not set in stone and probably will be adjusted as we get
4686 * more experience with using BPF CO-RE relocations.
4688 static int bpf_core_types_are_compat(const struct btf *local_btf, __u32 local_id,
4689 const struct btf *targ_btf, __u32 targ_id)
4691 const struct btf_type *local_type, *targ_type;
4692 int depth = 32; /* max recursion depth */
4694 /* caller made sure that names match (ignoring flavor suffix) */
4695 local_type = btf__type_by_id(local_btf, local_id);
4696 targ_type = btf__type_by_id(local_btf, local_id);
4697 if (btf_kind(local_type) != btf_kind(targ_type))
4705 local_type = skip_mods_and_typedefs(local_btf, local_id, &local_id);
4706 targ_type = skip_mods_and_typedefs(targ_btf, targ_id, &targ_id);
4707 if (!local_type || !targ_type)
4710 if (btf_kind(local_type) != btf_kind(targ_type))
4713 switch (btf_kind(local_type)) {
4715 case BTF_KIND_STRUCT:
4716 case BTF_KIND_UNION:
4721 /* just reject deprecated bitfield-like integers; all other
4722 * integers are by default compatible between each other
4724 return btf_int_offset(local_type) == 0 && btf_int_offset(targ_type) == 0;
4726 local_id = local_type->type;
4727 targ_id = targ_type->type;
4729 case BTF_KIND_ARRAY:
4730 local_id = btf_array(local_type)->type;
4731 targ_id = btf_array(targ_type)->type;
4733 case BTF_KIND_FUNC_PROTO: {
4734 struct btf_param *local_p = btf_params(local_type);
4735 struct btf_param *targ_p = btf_params(targ_type);
4736 __u16 local_vlen = btf_vlen(local_type);
4737 __u16 targ_vlen = btf_vlen(targ_type);
4740 if (local_vlen != targ_vlen)
4743 for (i = 0; i < local_vlen; i++, local_p++, targ_p++) {
4744 skip_mods_and_typedefs(local_btf, local_p->type, &local_id);
4745 skip_mods_and_typedefs(targ_btf, targ_p->type, &targ_id);
4746 err = bpf_core_types_are_compat(local_btf, local_id, targ_btf, targ_id);
4751 /* tail recurse for return type check */
4752 skip_mods_and_typedefs(local_btf, local_type->type, &local_id);
4753 skip_mods_and_typedefs(targ_btf, targ_type->type, &targ_id);
4757 pr_warn("unexpected kind %s relocated, local [%d], target [%d]\n",
4758 btf_kind_str(local_type), local_id, targ_id);
4764 * Try to match local spec to a target type and, if successful, produce full
4765 * target spec (high-level, low-level + bit offset).
4767 static int bpf_core_spec_match(struct bpf_core_spec *local_spec,
4768 const struct btf *targ_btf, __u32 targ_id,
4769 struct bpf_core_spec *targ_spec)
4771 const struct btf_type *targ_type;
4772 const struct bpf_core_accessor *local_acc;
4773 struct bpf_core_accessor *targ_acc;
4776 memset(targ_spec, 0, sizeof(*targ_spec));
4777 targ_spec->btf = targ_btf;
4778 targ_spec->root_type_id = targ_id;
4779 targ_spec->relo_kind = local_spec->relo_kind;
4781 if (core_relo_is_type_based(local_spec->relo_kind)) {
4782 return bpf_core_types_are_compat(local_spec->btf,
4783 local_spec->root_type_id,
4787 local_acc = &local_spec->spec[0];
4788 targ_acc = &targ_spec->spec[0];
4790 if (core_relo_is_enumval_based(local_spec->relo_kind)) {
4791 size_t local_essent_len, targ_essent_len;
4792 const struct btf_enum *e;
4793 const char *targ_name;
4795 /* has to resolve to an enum */
4796 targ_type = skip_mods_and_typedefs(targ_spec->btf, targ_id, &targ_id);
4797 if (!btf_is_enum(targ_type))
4800 local_essent_len = bpf_core_essential_name_len(local_acc->name);
4802 for (i = 0, e = btf_enum(targ_type); i < btf_vlen(targ_type); i++, e++) {
4803 targ_name = btf__name_by_offset(targ_spec->btf, e->name_off);
4804 targ_essent_len = bpf_core_essential_name_len(targ_name);
4805 if (targ_essent_len != local_essent_len)
4807 if (strncmp(local_acc->name, targ_name, local_essent_len) == 0) {
4808 targ_acc->type_id = targ_id;
4810 targ_acc->name = targ_name;
4812 targ_spec->raw_spec[targ_spec->raw_len] = targ_acc->idx;
4813 targ_spec->raw_len++;
4820 if (!core_relo_is_field_based(local_spec->relo_kind))
4823 for (i = 0; i < local_spec->len; i++, local_acc++, targ_acc++) {
4824 targ_type = skip_mods_and_typedefs(targ_spec->btf, targ_id,
4829 if (local_acc->name) {
4830 matched = bpf_core_match_member(local_spec->btf,
4833 targ_spec, &targ_id);
4837 /* for i=0, targ_id is already treated as array element
4838 * type (because it's the original struct), for others
4839 * we should find array element type first
4842 const struct btf_array *a;
4845 if (!btf_is_array(targ_type))
4848 a = btf_array(targ_type);
4849 flex = is_flex_arr(targ_btf, targ_acc - 1, a);
4850 if (!flex && local_acc->idx >= a->nelems)
4852 if (!skip_mods_and_typedefs(targ_btf, a->type,
4857 /* too deep struct/union/array nesting */
4858 if (targ_spec->raw_len == BPF_CORE_SPEC_MAX_LEN)
4861 targ_acc->type_id = targ_id;
4862 targ_acc->idx = local_acc->idx;
4863 targ_acc->name = NULL;
4865 targ_spec->raw_spec[targ_spec->raw_len] = targ_acc->idx;
4866 targ_spec->raw_len++;
4868 sz = btf__resolve_size(targ_btf, targ_id);
4871 targ_spec->bit_offset += local_acc->idx * sz * 8;
4878 static int bpf_core_calc_field_relo(const struct bpf_program *prog,
4879 const struct bpf_core_relo *relo,
4880 const struct bpf_core_spec *spec,
4881 __u32 *val, bool *validate)
4883 const struct bpf_core_accessor *acc;
4884 const struct btf_type *t;
4885 __u32 byte_off, byte_sz, bit_off, bit_sz;
4886 const struct btf_member *m;
4887 const struct btf_type *mt;
4891 if (relo->kind == BPF_FIELD_EXISTS) {
4892 *val = spec ? 1 : 0;
4897 return -EUCLEAN; /* request instruction poisoning */
4899 acc = &spec->spec[spec->len - 1];
4900 t = btf__type_by_id(spec->btf, acc->type_id);
4902 /* a[n] accessor needs special handling */
4904 if (relo->kind == BPF_FIELD_BYTE_OFFSET) {
4905 *val = spec->bit_offset / 8;
4906 } else if (relo->kind == BPF_FIELD_BYTE_SIZE) {
4907 sz = btf__resolve_size(spec->btf, acc->type_id);
4912 pr_warn("prog '%s': relo %d at insn #%d can't be applied to array access\n",
4913 bpf_program__title(prog, false),
4914 relo->kind, relo->insn_off / 8);
4922 m = btf_members(t) + acc->idx;
4923 mt = skip_mods_and_typedefs(spec->btf, m->type, NULL);
4924 bit_off = spec->bit_offset;
4925 bit_sz = btf_member_bitfield_size(t, acc->idx);
4927 bitfield = bit_sz > 0;
4930 byte_off = bit_off / 8 / byte_sz * byte_sz;
4931 /* figure out smallest int size necessary for bitfield load */
4932 while (bit_off + bit_sz - byte_off * 8 > byte_sz * 8) {
4934 /* bitfield can't be read with 64-bit read */
4935 pr_warn("prog '%s': relo %d at insn #%d can't be satisfied for bitfield\n",
4936 bpf_program__title(prog, false),
4937 relo->kind, relo->insn_off / 8);
4941 byte_off = bit_off / 8 / byte_sz * byte_sz;
4944 sz = btf__resolve_size(spec->btf, m->type);
4948 byte_off = spec->bit_offset / 8;
4949 bit_sz = byte_sz * 8;
4952 /* for bitfields, all the relocatable aspects are ambiguous and we
4953 * might disagree with compiler, so turn off validation of expected
4954 * value, except for signedness
4957 *validate = !bitfield;
4959 switch (relo->kind) {
4960 case BPF_FIELD_BYTE_OFFSET:
4963 case BPF_FIELD_BYTE_SIZE:
4966 case BPF_FIELD_SIGNED:
4967 /* enums will be assumed unsigned */
4968 *val = btf_is_enum(mt) ||
4969 (btf_int_encoding(mt) & BTF_INT_SIGNED);
4971 *validate = true; /* signedness is never ambiguous */
4973 case BPF_FIELD_LSHIFT_U64:
4974 #if __BYTE_ORDER == __LITTLE_ENDIAN
4975 *val = 64 - (bit_off + bit_sz - byte_off * 8);
4977 *val = (8 - byte_sz) * 8 + (bit_off - byte_off * 8);
4980 case BPF_FIELD_RSHIFT_U64:
4983 *validate = true; /* right shift is never ambiguous */
4985 case BPF_FIELD_EXISTS:
4993 static int bpf_core_calc_type_relo(const struct bpf_core_relo *relo,
4994 const struct bpf_core_spec *spec,
4999 /* type-based relos return zero when target type is not found */
5005 switch (relo->kind) {
5006 case BPF_TYPE_ID_TARGET:
5007 *val = spec->root_type_id;
5009 case BPF_TYPE_EXISTS:
5013 sz = btf__resolve_size(spec->btf, spec->root_type_id);
5018 case BPF_TYPE_ID_LOCAL:
5019 /* BPF_TYPE_ID_LOCAL is handled specially and shouldn't get here */
5027 static int bpf_core_calc_enumval_relo(const struct bpf_core_relo *relo,
5028 const struct bpf_core_spec *spec,
5031 const struct btf_type *t;
5032 const struct btf_enum *e;
5034 switch (relo->kind) {
5035 case BPF_ENUMVAL_EXISTS:
5036 *val = spec ? 1 : 0;
5038 case BPF_ENUMVAL_VALUE:
5040 return -EUCLEAN; /* request instruction poisoning */
5041 t = btf__type_by_id(spec->btf, spec->spec[0].type_id);
5042 e = btf_enum(t) + spec->spec[0].idx;
5052 struct bpf_core_relo_res
5054 /* expected value in the instruction, unless validate == false */
5056 /* new value that needs to be patched up to */
5058 /* relocation unsuccessful, poison instruction, but don't fail load */
5060 /* some relocations can't be validated against orig_val */
5064 /* Calculate original and target relocation values, given local and target
5065 * specs and relocation kind. These values are calculated for each candidate.
5066 * If there are multiple candidates, resulting values should all be consistent
5067 * with each other. Otherwise, libbpf will refuse to proceed due to ambiguity.
5068 * If instruction has to be poisoned, *poison will be set to true.
5070 static int bpf_core_calc_relo(const struct bpf_program *prog,
5071 const struct bpf_core_relo *relo,
5073 const struct bpf_core_spec *local_spec,
5074 const struct bpf_core_spec *targ_spec,
5075 struct bpf_core_relo_res *res)
5077 int err = -EOPNOTSUPP;
5081 res->poison = false;
5082 res->validate = true;
5084 if (core_relo_is_field_based(relo->kind)) {
5085 err = bpf_core_calc_field_relo(prog, relo, local_spec, &res->orig_val, &res->validate);
5086 err = err ?: bpf_core_calc_field_relo(prog, relo, targ_spec, &res->new_val, NULL);
5087 } else if (core_relo_is_type_based(relo->kind)) {
5088 err = bpf_core_calc_type_relo(relo, local_spec, &res->orig_val);
5089 err = err ?: bpf_core_calc_type_relo(relo, targ_spec, &res->new_val);
5090 } else if (core_relo_is_enumval_based(relo->kind)) {
5091 err = bpf_core_calc_enumval_relo(relo, local_spec, &res->orig_val);
5092 err = err ?: bpf_core_calc_enumval_relo(relo, targ_spec, &res->new_val);
5095 if (err == -EUCLEAN) {
5096 /* EUCLEAN is used to signal instruction poisoning request */
5099 } else if (err == -EOPNOTSUPP) {
5100 /* EOPNOTSUPP means unknown/unsupported relocation */
5101 pr_warn("prog '%s': relo #%d: unrecognized CO-RE relocation %s (%d) at insn #%d\n",
5102 bpf_program__title(prog, false), relo_idx,
5103 core_relo_kind_str(relo->kind), relo->kind, relo->insn_off / 8);
5110 * Turn instruction for which CO_RE relocation failed into invalid one with
5111 * distinct signature.
5113 static void bpf_core_poison_insn(struct bpf_program *prog, int relo_idx,
5114 int insn_idx, struct bpf_insn *insn)
5116 pr_debug("prog '%s': relo #%d: substituting insn #%d w/ invalid insn\n",
5117 bpf_program__title(prog, false), relo_idx, insn_idx);
5118 insn->code = BPF_JMP | BPF_CALL;
5122 /* if this instruction is reachable (not a dead code),
5123 * verifier will complain with the following message:
5124 * invalid func unknown#195896080
5126 insn->imm = 195896080; /* => 0xbad2310 => "bad relo" */
5129 static bool is_ldimm64(struct bpf_insn *insn)
5131 return insn->code == (BPF_LD | BPF_IMM | BPF_DW);
5135 * Patch relocatable BPF instruction.
5137 * Patched value is determined by relocation kind and target specification.
5138 * For existence relocations target spec will be NULL if field/type is not found.
5139 * Expected insn->imm value is determined using relocation kind and local
5140 * spec, and is checked before patching instruction. If actual insn->imm value
5141 * is wrong, bail out with error.
5143 * Currently three kinds of BPF instructions are supported:
5144 * 1. rX = <imm> (assignment with immediate operand);
5145 * 2. rX += <imm> (arithmetic operations with immediate operand);
5146 * 3. rX = <imm64> (load with 64-bit immediate value).
5148 static int bpf_core_patch_insn(struct bpf_program *prog,
5149 const struct bpf_core_relo *relo,
5151 const struct bpf_core_relo_res *res)
5153 __u32 orig_val, new_val;
5154 struct bpf_insn *insn;
5158 if (relo->insn_off % sizeof(struct bpf_insn))
5160 insn_idx = relo->insn_off / sizeof(struct bpf_insn);
5161 insn = &prog->insns[insn_idx];
5162 class = BPF_CLASS(insn->code);
5165 /* poison second part of ldimm64 to avoid confusing error from
5166 * verifier about "unknown opcode 00"
5168 if (is_ldimm64(insn))
5169 bpf_core_poison_insn(prog, relo_idx, insn_idx + 1, insn + 1);
5170 bpf_core_poison_insn(prog, relo_idx, insn_idx, insn);
5174 orig_val = res->orig_val;
5175 new_val = res->new_val;
5180 if (BPF_SRC(insn->code) != BPF_K)
5182 if (res->validate && insn->imm != orig_val) {
5183 pr_warn("prog '%s': relo #%d: unexpected insn #%d (ALU/ALU64) value: got %u, exp %u -> %u\n",
5184 bpf_program__title(prog, false), relo_idx,
5185 insn_idx, insn->imm, orig_val, new_val);
5188 orig_val = insn->imm;
5189 insn->imm = new_val;
5190 pr_debug("prog '%s': relo #%d: patched insn #%d (ALU/ALU64) imm %u -> %u\n",
5191 bpf_program__title(prog, false), relo_idx, insn_idx,
5197 if (res->validate && insn->off != orig_val) {
5198 pr_warn("prog '%s': relo #%d: unexpected insn #%d (LDX/ST/STX) value: got %u, exp %u -> %u\n",
5199 bpf_program__title(prog, false), relo_idx,
5200 insn_idx, insn->off, orig_val, new_val);
5203 if (new_val > SHRT_MAX) {
5204 pr_warn("prog '%s': relo #%d: insn #%d (LDX/ST/STX) value too big: %u\n",
5205 bpf_program__title(prog, false), relo_idx,
5209 orig_val = insn->off;
5210 insn->off = new_val;
5211 pr_debug("prog '%s': relo #%d: patched insn #%d (LDX/ST/STX) off %u -> %u\n",
5212 bpf_program__title(prog, false), relo_idx, insn_idx,
5218 if (!is_ldimm64(insn) ||
5219 insn[0].src_reg != 0 || insn[0].off != 0 ||
5220 insn_idx + 1 >= prog->insns_cnt ||
5221 insn[1].code != 0 || insn[1].dst_reg != 0 ||
5222 insn[1].src_reg != 0 || insn[1].off != 0) {
5223 pr_warn("prog '%s': relo #%d: insn #%d (LDIMM64) has unexpected form\n",
5224 bpf_program__title(prog, false), relo_idx, insn_idx);
5228 imm = insn[0].imm + ((__u64)insn[1].imm << 32);
5229 if (res->validate && imm != orig_val) {
5230 pr_warn("prog '%s': relo #%d: unexpected insn #%d (LDIMM64) value: got %llu, exp %u -> %u\n",
5231 bpf_program__title(prog, false), relo_idx,
5232 insn_idx, imm, orig_val, new_val);
5236 insn[0].imm = new_val;
5237 insn[1].imm = 0; /* currently only 32-bit values are supported */
5238 pr_debug("prog '%s': relo #%d: patched insn #%d (LDIMM64) imm64 %llu -> %u\n",
5239 bpf_program__title(prog, false), relo_idx, insn_idx,
5244 pr_warn("prog '%s': relo #%d: trying to relocate unrecognized insn #%d, code:0x%x, src:0x%x, dst:0x%x, off:0x%x, imm:0x%x\n",
5245 bpf_program__title(prog, false), relo_idx,
5246 insn_idx, insn->code, insn->src_reg, insn->dst_reg,
5247 insn->off, insn->imm);
5254 /* Output spec definition in the format:
5255 * [<type-id>] (<type-name>) + <raw-spec> => <offset>@<spec>,
5256 * where <spec> is a C-syntax view of recorded field access, e.g.: x.a[3].b
5258 static void bpf_core_dump_spec(int level, const struct bpf_core_spec *spec)
5260 const struct btf_type *t;
5261 const struct btf_enum *e;
5266 type_id = spec->root_type_id;
5267 t = btf__type_by_id(spec->btf, type_id);
5268 s = btf__name_by_offset(spec->btf, t->name_off);
5270 libbpf_print(level, "[%u] %s %s", type_id, btf_kind_str(t), str_is_empty(s) ? "<anon>" : s);
5272 if (core_relo_is_type_based(spec->relo_kind))
5275 if (core_relo_is_enumval_based(spec->relo_kind)) {
5276 t = skip_mods_and_typedefs(spec->btf, type_id, NULL);
5277 e = btf_enum(t) + spec->raw_spec[0];
5278 s = btf__name_by_offset(spec->btf, e->name_off);
5280 libbpf_print(level, "::%s = %u", s, e->val);
5284 if (core_relo_is_field_based(spec->relo_kind)) {
5285 for (i = 0; i < spec->len; i++) {
5286 if (spec->spec[i].name)
5287 libbpf_print(level, ".%s", spec->spec[i].name);
5288 else if (i > 0 || spec->spec[i].idx > 0)
5289 libbpf_print(level, "[%u]", spec->spec[i].idx);
5292 libbpf_print(level, " (");
5293 for (i = 0; i < spec->raw_len; i++)
5294 libbpf_print(level, "%s%d", i == 0 ? "" : ":", spec->raw_spec[i]);
5296 if (spec->bit_offset % 8)
5297 libbpf_print(level, " @ offset %u.%u)",
5298 spec->bit_offset / 8, spec->bit_offset % 8);
5300 libbpf_print(level, " @ offset %u)", spec->bit_offset / 8);
5305 static size_t bpf_core_hash_fn(const void *key, void *ctx)
5310 static bool bpf_core_equal_fn(const void *k1, const void *k2, void *ctx)
5315 static void *u32_as_hash_key(__u32 x)
5317 return (void *)(uintptr_t)x;
5321 * CO-RE relocate single instruction.
5323 * The outline and important points of the algorithm:
5324 * 1. For given local type, find corresponding candidate target types.
5325 * Candidate type is a type with the same "essential" name, ignoring
5326 * everything after last triple underscore (___). E.g., `sample`,
5327 * `sample___flavor_one`, `sample___flavor_another_one`, are all candidates
5328 * for each other. Names with triple underscore are referred to as
5329 * "flavors" and are useful, among other things, to allow to
5330 * specify/support incompatible variations of the same kernel struct, which
5331 * might differ between different kernel versions and/or build
5334 * N.B. Struct "flavors" could be generated by bpftool's BTF-to-C
5335 * converter, when deduplicated BTF of a kernel still contains more than
5336 * one different types with the same name. In that case, ___2, ___3, etc
5337 * are appended starting from second name conflict. But start flavors are
5338 * also useful to be defined "locally", in BPF program, to extract same
5339 * data from incompatible changes between different kernel
5340 * versions/configurations. For instance, to handle field renames between
5341 * kernel versions, one can use two flavors of the struct name with the
5342 * same common name and use conditional relocations to extract that field,
5343 * depending on target kernel version.
5344 * 2. For each candidate type, try to match local specification to this
5345 * candidate target type. Matching involves finding corresponding
5346 * high-level spec accessors, meaning that all named fields should match,
5347 * as well as all array accesses should be within the actual bounds. Also,
5348 * types should be compatible (see bpf_core_fields_are_compat for details).
5349 * 3. It is supported and expected that there might be multiple flavors
5350 * matching the spec. As long as all the specs resolve to the same set of
5351 * offsets across all candidates, there is no error. If there is any
5352 * ambiguity, CO-RE relocation will fail. This is necessary to accomodate
5353 * imprefection of BTF deduplication, which can cause slight duplication of
5354 * the same BTF type, if some directly or indirectly referenced (by
5355 * pointer) type gets resolved to different actual types in different
5356 * object files. If such situation occurs, deduplicated BTF will end up
5357 * with two (or more) structurally identical types, which differ only in
5358 * types they refer to through pointer. This should be OK in most cases and
5360 * 4. Candidate types search is performed by linearly scanning through all
5361 * types in target BTF. It is anticipated that this is overall more
5362 * efficient memory-wise and not significantly worse (if not better)
5363 * CPU-wise compared to prebuilding a map from all local type names to
5364 * a list of candidate type names. It's also sped up by caching resolved
5365 * list of matching candidates per each local "root" type ID, that has at
5366 * least one bpf_core_relo associated with it. This list is shared
5367 * between multiple relocations for the same type ID and is updated as some
5368 * of the candidates are pruned due to structural incompatibility.
5370 static int bpf_core_apply_relo(struct bpf_program *prog,
5371 const struct bpf_core_relo *relo,
5373 const struct btf *local_btf,
5374 const struct btf *targ_btf,
5375 struct hashmap *cand_cache)
5377 const char *prog_name = bpf_program__title(prog, false);
5378 struct bpf_core_spec local_spec, cand_spec, targ_spec;
5379 const void *type_key = u32_as_hash_key(relo->type_id);
5380 struct bpf_core_relo_res cand_res, targ_res;
5381 const struct btf_type *local_type;
5382 const char *local_name;
5383 struct ids_vec *cand_ids;
5384 __u32 local_id, cand_id;
5385 const char *spec_str;
5388 local_id = relo->type_id;
5389 local_type = btf__type_by_id(local_btf, local_id);
5393 local_name = btf__name_by_offset(local_btf, local_type->name_off);
5397 spec_str = btf__name_by_offset(local_btf, relo->access_str_off);
5398 if (str_is_empty(spec_str))
5401 err = bpf_core_parse_spec(local_btf, local_id, spec_str, relo->kind, &local_spec);
5403 pr_warn("prog '%s': relo #%d: parsing [%d] %s %s + %s failed: %d\n",
5404 prog_name, relo_idx, local_id, btf_kind_str(local_type),
5405 str_is_empty(local_name) ? "<anon>" : local_name,
5410 pr_debug("prog '%s': relo #%d: kind <%s> (%d), spec is ", prog_name,
5411 relo_idx, core_relo_kind_str(relo->kind), relo->kind);
5412 bpf_core_dump_spec(LIBBPF_DEBUG, &local_spec);
5413 libbpf_print(LIBBPF_DEBUG, "\n");
5415 /* TYPE_ID_LOCAL relo is special and doesn't need candidate search */
5416 if (relo->kind == BPF_TYPE_ID_LOCAL) {
5417 targ_res.validate = true;
5418 targ_res.poison = false;
5419 targ_res.orig_val = local_spec.root_type_id;
5420 targ_res.new_val = local_spec.root_type_id;
5424 /* libbpf doesn't support candidate search for anonymous types */
5425 if (str_is_empty(spec_str)) {
5426 pr_warn("prog '%s': relo #%d: <%s> (%d) relocation doesn't support anonymous types\n",
5427 prog_name, relo_idx, core_relo_kind_str(relo->kind), relo->kind);
5431 if (!hashmap__find(cand_cache, type_key, (void **)&cand_ids)) {
5432 cand_ids = bpf_core_find_cands(local_btf, local_id, targ_btf);
5433 if (IS_ERR(cand_ids)) {
5434 pr_warn("prog '%s': relo #%d: target candidate search failed for [%d] %s %s: %ld",
5435 prog_name, relo_idx, local_id, btf_kind_str(local_type),
5436 local_name, PTR_ERR(cand_ids));
5437 return PTR_ERR(cand_ids);
5439 err = hashmap__set(cand_cache, type_key, cand_ids, NULL, NULL);
5441 bpf_core_free_cands(cand_ids);
5446 for (i = 0, j = 0; i < cand_ids->len; i++) {
5447 cand_id = cand_ids->data[i];
5448 err = bpf_core_spec_match(&local_spec, targ_btf, cand_id, &cand_spec);
5450 pr_warn("prog '%s': relo #%d: error matching candidate #%d ",
5451 prog_name, relo_idx, i);
5452 bpf_core_dump_spec(LIBBPF_WARN, &cand_spec);
5453 libbpf_print(LIBBPF_WARN, ": %d\n", err);
5457 pr_debug("prog '%s': relo #%d: %s candidate #%d ", prog_name,
5458 relo_idx, err == 0 ? "non-matching" : "matching", i);
5459 bpf_core_dump_spec(LIBBPF_DEBUG, &cand_spec);
5460 libbpf_print(LIBBPF_DEBUG, "\n");
5465 err = bpf_core_calc_relo(prog, relo, relo_idx, &local_spec, &cand_spec, &cand_res);
5470 targ_res = cand_res;
5471 targ_spec = cand_spec;
5472 } else if (cand_spec.bit_offset != targ_spec.bit_offset) {
5473 /* if there are many field relo candidates, they
5474 * should all resolve to the same bit offset
5476 pr_warn("prog '%s': relo #%d: field offset ambiguity: %u != %u\n",
5477 prog_name, relo_idx, cand_spec.bit_offset,
5478 targ_spec.bit_offset);
5480 } else if (cand_res.poison != targ_res.poison || cand_res.new_val != targ_res.new_val) {
5481 /* all candidates should result in the same relocation
5482 * decision and value, otherwise it's dangerous to
5483 * proceed due to ambiguity
5485 pr_warn("prog '%s': relo #%d: relocation decision ambiguity: %s %u != %s %u\n",
5486 prog_name, relo_idx,
5487 cand_res.poison ? "failure" : "success", cand_res.new_val,
5488 targ_res.poison ? "failure" : "success", targ_res.new_val);
5492 cand_ids->data[j++] = cand_spec.root_type_id;
5496 * For BPF_FIELD_EXISTS relo or when used BPF program has field
5497 * existence checks or kernel version/config checks, it's expected
5498 * that we might not find any candidates. In this case, if field
5499 * wasn't found in any candidate, the list of candidates shouldn't
5500 * change at all, we'll just handle relocating appropriately,
5501 * depending on relo's kind.
5507 * If no candidates were found, it might be both a programmer error,
5508 * as well as expected case, depending whether instruction w/
5509 * relocation is guarded in some way that makes it unreachable (dead
5510 * code) if relocation can't be resolved. This is handled in
5511 * bpf_core_patch_insn() uniformly by replacing that instruction with
5512 * BPF helper call insn (using invalid helper ID). If that instruction
5513 * is indeed unreachable, then it will be ignored and eliminated by
5514 * verifier. If it was an error, then verifier will complain and point
5515 * to a specific instruction number in its log.
5518 pr_debug("prog '%s': relo #%d: no matching targets found\n",
5519 prog_name, relo_idx);
5521 /* calculate single target relo result explicitly */
5522 err = bpf_core_calc_relo(prog, relo, relo_idx, &local_spec, NULL, &targ_res);
5528 /* bpf_core_patch_insn() should know how to handle missing targ_spec */
5529 err = bpf_core_patch_insn(prog, relo, relo_idx, &targ_res);
5531 pr_warn("prog '%s': relo #%d: failed to patch insn at offset %d: %d\n",
5532 prog_name, relo_idx, relo->insn_off, err);
5540 bpf_object__relocate_core(struct bpf_object *obj, const char *targ_btf_path)
5542 const struct btf_ext_info_sec *sec;
5543 const struct bpf_core_relo *rec;
5544 const struct btf_ext_info *seg;
5545 struct hashmap_entry *entry;
5546 struct hashmap *cand_cache = NULL;
5547 struct bpf_program *prog;
5548 struct btf *targ_btf;
5549 const char *sec_name;
5552 if (obj->btf_ext->core_relo_info.len == 0)
5556 targ_btf = btf__parse_elf(targ_btf_path, NULL);
5558 targ_btf = obj->btf_vmlinux;
5559 if (IS_ERR_OR_NULL(targ_btf)) {
5560 pr_warn("failed to get target BTF: %ld\n", PTR_ERR(targ_btf));
5561 return PTR_ERR(targ_btf);
5564 cand_cache = hashmap__new(bpf_core_hash_fn, bpf_core_equal_fn, NULL);
5565 if (IS_ERR(cand_cache)) {
5566 err = PTR_ERR(cand_cache);
5570 seg = &obj->btf_ext->core_relo_info;
5571 for_each_btf_ext_sec(seg, sec) {
5572 sec_name = btf__name_by_offset(obj->btf, sec->sec_name_off);
5573 if (str_is_empty(sec_name)) {
5578 for (i = 0; i < obj->nr_programs; i++) {
5579 if (!strcmp(obj->programs[i].section_name, sec_name)) {
5580 prog = &obj->programs[i];
5585 pr_warn("failed to find program '%s' for CO-RE offset relocation\n",
5591 pr_debug("prog '%s': performing %d CO-RE offset relocs\n",
5592 sec_name, sec->num_info);
5594 for_each_btf_ext_rec(seg, sec, i, rec) {
5595 err = bpf_core_apply_relo(prog, rec, i, obj->btf,
5596 targ_btf, cand_cache);
5598 pr_warn("prog '%s': relo #%d: failed to relocate: %d\n",
5606 /* obj->btf_vmlinux is freed at the end of object load phase */
5607 if (targ_btf != obj->btf_vmlinux)
5608 btf__free(targ_btf);
5609 if (!IS_ERR_OR_NULL(cand_cache)) {
5610 hashmap__for_each_entry(cand_cache, entry, i) {
5611 bpf_core_free_cands(entry->value);
5613 hashmap__free(cand_cache);
5619 bpf_program__reloc_text(struct bpf_program *prog, struct bpf_object *obj,
5620 struct reloc_desc *relo)
5622 struct bpf_insn *insn, *new_insn;
5623 struct bpf_program *text;
5627 if (prog->idx != obj->efile.text_shndx && prog->main_prog_cnt == 0) {
5628 text = bpf_object__find_prog_by_idx(obj, obj->efile.text_shndx);
5630 pr_warn("no .text section found yet relo into text exist\n");
5631 return -LIBBPF_ERRNO__RELOC;
5633 new_cnt = prog->insns_cnt + text->insns_cnt;
5634 new_insn = libbpf_reallocarray(prog->insns, new_cnt, sizeof(*insn));
5636 pr_warn("oom in prog realloc\n");
5639 prog->insns = new_insn;
5642 err = bpf_program_reloc_btf_ext(prog, obj,
5649 memcpy(new_insn + prog->insns_cnt, text->insns,
5650 text->insns_cnt * sizeof(*insn));
5651 prog->main_prog_cnt = prog->insns_cnt;
5652 prog->insns_cnt = new_cnt;
5653 pr_debug("added %zd insn from %s to prog %s\n",
5654 text->insns_cnt, text->section_name,
5655 prog->section_name);
5658 insn = &prog->insns[relo->insn_idx];
5659 insn->imm += relo->sym_off / 8 + prog->main_prog_cnt - relo->insn_idx;
5664 bpf_program__relocate(struct bpf_program *prog, struct bpf_object *obj)
5672 err = bpf_program_reloc_btf_ext(prog, obj,
5673 prog->section_name, 0);
5678 if (!prog->reloc_desc)
5681 for (i = 0; i < prog->nr_reloc; i++) {
5682 struct reloc_desc *relo = &prog->reloc_desc[i];
5683 struct bpf_insn *insn = &prog->insns[relo->insn_idx];
5684 struct extern_desc *ext;
5686 if (relo->insn_idx + 1 >= (int)prog->insns_cnt) {
5687 pr_warn("relocation out of range: '%s'\n",
5688 prog->section_name);
5689 return -LIBBPF_ERRNO__RELOC;
5692 switch (relo->type) {
5694 insn[0].src_reg = BPF_PSEUDO_MAP_FD;
5695 insn[0].imm = obj->maps[relo->map_idx].fd;
5698 insn[0].src_reg = BPF_PSEUDO_MAP_VALUE;
5699 insn[1].imm = insn[0].imm + relo->sym_off;
5700 insn[0].imm = obj->maps[relo->map_idx].fd;
5703 ext = &obj->externs[relo->sym_off];
5704 if (ext->type == EXT_KCFG) {
5705 insn[0].src_reg = BPF_PSEUDO_MAP_VALUE;
5706 insn[0].imm = obj->maps[obj->kconfig_map_idx].fd;
5707 insn[1].imm = ext->kcfg.data_off;
5708 } else /* EXT_KSYM */ {
5709 insn[0].imm = (__u32)ext->ksym.addr;
5710 insn[1].imm = ext->ksym.addr >> 32;
5714 err = bpf_program__reloc_text(prog, obj, relo);
5719 pr_warn("relo #%d: bad relo type %d\n", i, relo->type);
5724 zfree(&prog->reloc_desc);
5730 bpf_object__relocate(struct bpf_object *obj, const char *targ_btf_path)
5732 struct bpf_program *prog;
5737 err = bpf_object__relocate_core(obj, targ_btf_path);
5739 pr_warn("failed to perform CO-RE relocations: %d\n",
5744 /* ensure .text is relocated first, as it's going to be copied as-is
5745 * later for sub-program calls
5747 for (i = 0; i < obj->nr_programs; i++) {
5748 prog = &obj->programs[i];
5749 if (prog->idx != obj->efile.text_shndx)
5752 err = bpf_program__relocate(prog, obj);
5754 pr_warn("failed to relocate '%s'\n", prog->section_name);
5759 /* now relocate everything but .text, which by now is relocated
5760 * properly, so we can copy raw sub-program instructions as is safely
5762 for (i = 0; i < obj->nr_programs; i++) {
5763 prog = &obj->programs[i];
5764 if (prog->idx == obj->efile.text_shndx)
5767 err = bpf_program__relocate(prog, obj);
5769 pr_warn("failed to relocate '%s'\n", prog->section_name);
5776 static int bpf_object__collect_st_ops_relos(struct bpf_object *obj,
5777 GElf_Shdr *shdr, Elf_Data *data);
5779 static int bpf_object__collect_map_relos(struct bpf_object *obj,
5780 GElf_Shdr *shdr, Elf_Data *data)
5782 const int bpf_ptr_sz = 8, host_ptr_sz = sizeof(void *);
5783 int i, j, nrels, new_sz;
5784 const struct btf_var_secinfo *vi = NULL;
5785 const struct btf_type *sec, *var, *def;
5786 const struct btf_member *member;
5787 struct bpf_map *map, *targ_map;
5788 const char *name, *mname;
5795 if (!obj->efile.btf_maps_sec_btf_id || !obj->btf)
5797 sec = btf__type_by_id(obj->btf, obj->efile.btf_maps_sec_btf_id);
5801 symbols = obj->efile.symbols;
5802 nrels = shdr->sh_size / shdr->sh_entsize;
5803 for (i = 0; i < nrels; i++) {
5804 if (!gelf_getrel(data, i, &rel)) {
5805 pr_warn(".maps relo #%d: failed to get ELF relo\n", i);
5806 return -LIBBPF_ERRNO__FORMAT;
5808 if (!gelf_getsym(symbols, GELF_R_SYM(rel.r_info), &sym)) {
5809 pr_warn(".maps relo #%d: symbol %zx not found\n",
5810 i, (size_t)GELF_R_SYM(rel.r_info));
5811 return -LIBBPF_ERRNO__FORMAT;
5813 name = elf_sym_str(obj, sym.st_name) ?: "<?>";
5814 if (sym.st_shndx != obj->efile.btf_maps_shndx) {
5815 pr_warn(".maps relo #%d: '%s' isn't a BTF-defined map\n",
5817 return -LIBBPF_ERRNO__RELOC;
5820 pr_debug(".maps relo #%d: for %zd value %zd rel.r_offset %zu name %d ('%s')\n",
5821 i, (ssize_t)(rel.r_info >> 32), (size_t)sym.st_value,
5822 (size_t)rel.r_offset, sym.st_name, name);
5824 for (j = 0; j < obj->nr_maps; j++) {
5825 map = &obj->maps[j];
5826 if (map->sec_idx != obj->efile.btf_maps_shndx)
5829 vi = btf_var_secinfos(sec) + map->btf_var_idx;
5830 if (vi->offset <= rel.r_offset &&
5831 rel.r_offset + bpf_ptr_sz <= vi->offset + vi->size)
5834 if (j == obj->nr_maps) {
5835 pr_warn(".maps relo #%d: cannot find map '%s' at rel.r_offset %zu\n",
5836 i, name, (size_t)rel.r_offset);
5840 if (!bpf_map_type__is_map_in_map(map->def.type))
5842 if (map->def.type == BPF_MAP_TYPE_HASH_OF_MAPS &&
5843 map->def.key_size != sizeof(int)) {
5844 pr_warn(".maps relo #%d: hash-of-maps '%s' should have key size %zu.\n",
5845 i, map->name, sizeof(int));
5849 targ_map = bpf_object__find_map_by_name(obj, name);
5853 var = btf__type_by_id(obj->btf, vi->type);
5854 def = skip_mods_and_typedefs(obj->btf, var->type, NULL);
5855 if (btf_vlen(def) == 0)
5857 member = btf_members(def) + btf_vlen(def) - 1;
5858 mname = btf__name_by_offset(obj->btf, member->name_off);
5859 if (strcmp(mname, "values"))
5862 moff = btf_member_bit_offset(def, btf_vlen(def) - 1) / 8;
5863 if (rel.r_offset - vi->offset < moff)
5866 moff = rel.r_offset - vi->offset - moff;
5867 /* here we use BPF pointer size, which is always 64 bit, as we
5868 * are parsing ELF that was built for BPF target
5870 if (moff % bpf_ptr_sz)
5873 if (moff >= map->init_slots_sz) {
5875 tmp = libbpf_reallocarray(map->init_slots, new_sz, host_ptr_sz);
5878 map->init_slots = tmp;
5879 memset(map->init_slots + map->init_slots_sz, 0,
5880 (new_sz - map->init_slots_sz) * host_ptr_sz);
5881 map->init_slots_sz = new_sz;
5883 map->init_slots[moff] = targ_map;
5885 pr_debug(".maps relo #%d: map '%s' slot [%d] points to map '%s'\n",
5886 i, map->name, moff, name);
5892 static int bpf_object__collect_reloc(struct bpf_object *obj)
5896 if (!obj_elf_valid(obj)) {
5897 pr_warn("Internal error: elf object is closed\n");
5898 return -LIBBPF_ERRNO__INTERNAL;
5901 for (i = 0; i < obj->efile.nr_reloc_sects; i++) {
5902 GElf_Shdr *shdr = &obj->efile.reloc_sects[i].shdr;
5903 Elf_Data *data = obj->efile.reloc_sects[i].data;
5904 int idx = shdr->sh_info;
5905 struct bpf_program *prog;
5907 if (shdr->sh_type != SHT_REL) {
5908 pr_warn("internal error at %d\n", __LINE__);
5909 return -LIBBPF_ERRNO__INTERNAL;
5912 if (idx == obj->efile.st_ops_shndx) {
5913 err = bpf_object__collect_st_ops_relos(obj, shdr, data);
5914 } else if (idx == obj->efile.btf_maps_shndx) {
5915 err = bpf_object__collect_map_relos(obj, shdr, data);
5917 prog = bpf_object__find_prog_by_idx(obj, idx);
5919 pr_warn("relocation failed: no prog in section(%d)\n", idx);
5920 return -LIBBPF_ERRNO__RELOC;
5922 err = bpf_program__collect_reloc(prog, shdr, data, obj);
5930 static bool insn_is_helper_call(struct bpf_insn *insn, enum bpf_func_id *func_id)
5932 if (BPF_CLASS(insn->code) == BPF_JMP &&
5933 BPF_OP(insn->code) == BPF_CALL &&
5934 BPF_SRC(insn->code) == BPF_K &&
5935 insn->src_reg == 0 &&
5936 insn->dst_reg == 0) {
5937 *func_id = insn->imm;
5943 static int bpf_object__sanitize_prog(struct bpf_object* obj, struct bpf_program *prog)
5945 struct bpf_insn *insn = prog->insns;
5946 enum bpf_func_id func_id;
5949 for (i = 0; i < prog->insns_cnt; i++, insn++) {
5950 if (!insn_is_helper_call(insn, &func_id))
5953 /* on kernels that don't yet support
5954 * bpf_probe_read_{kernel,user}[_str] helpers, fall back
5955 * to bpf_probe_read() which works well for old kernels
5958 case BPF_FUNC_probe_read_kernel:
5959 case BPF_FUNC_probe_read_user:
5960 if (!kernel_supports(FEAT_PROBE_READ_KERN))
5961 insn->imm = BPF_FUNC_probe_read;
5963 case BPF_FUNC_probe_read_kernel_str:
5964 case BPF_FUNC_probe_read_user_str:
5965 if (!kernel_supports(FEAT_PROBE_READ_KERN))
5966 insn->imm = BPF_FUNC_probe_read_str;
5976 load_program(struct bpf_program *prog, struct bpf_insn *insns, int insns_cnt,
5977 char *license, __u32 kern_version, int *pfd)
5979 struct bpf_load_program_attr load_attr;
5980 char *cp, errmsg[STRERR_BUFSIZE];
5981 size_t log_buf_size = 0;
5982 char *log_buf = NULL;
5985 if (!insns || !insns_cnt)
5988 memset(&load_attr, 0, sizeof(struct bpf_load_program_attr));
5989 load_attr.prog_type = prog->type;
5990 /* old kernels might not support specifying expected_attach_type */
5991 if (!kernel_supports(FEAT_EXP_ATTACH_TYPE) && prog->sec_def &&
5992 prog->sec_def->is_exp_attach_type_optional)
5993 load_attr.expected_attach_type = 0;
5995 load_attr.expected_attach_type = prog->expected_attach_type;
5996 if (kernel_supports(FEAT_PROG_NAME))
5997 load_attr.name = prog->name;
5998 load_attr.insns = insns;
5999 load_attr.insns_cnt = insns_cnt;
6000 load_attr.license = license;
6001 if (prog->type == BPF_PROG_TYPE_STRUCT_OPS ||
6002 prog->type == BPF_PROG_TYPE_LSM) {
6003 load_attr.attach_btf_id = prog->attach_btf_id;
6004 } else if (prog->type == BPF_PROG_TYPE_TRACING ||
6005 prog->type == BPF_PROG_TYPE_EXT) {
6006 load_attr.attach_prog_fd = prog->attach_prog_fd;
6007 load_attr.attach_btf_id = prog->attach_btf_id;
6009 load_attr.kern_version = kern_version;
6010 load_attr.prog_ifindex = prog->prog_ifindex;
6012 /* specify func_info/line_info only if kernel supports them */
6013 btf_fd = bpf_object__btf_fd(prog->obj);
6014 if (btf_fd >= 0 && kernel_supports(FEAT_BTF_FUNC)) {
6015 load_attr.prog_btf_fd = btf_fd;
6016 load_attr.func_info = prog->func_info;
6017 load_attr.func_info_rec_size = prog->func_info_rec_size;
6018 load_attr.func_info_cnt = prog->func_info_cnt;
6019 load_attr.line_info = prog->line_info;
6020 load_attr.line_info_rec_size = prog->line_info_rec_size;
6021 load_attr.line_info_cnt = prog->line_info_cnt;
6023 load_attr.log_level = prog->log_level;
6024 load_attr.prog_flags = prog->prog_flags;
6028 log_buf = malloc(log_buf_size);
6035 ret = bpf_load_program_xattr(&load_attr, log_buf, log_buf_size);
6038 if (log_buf && load_attr.log_level)
6039 pr_debug("verifier log:\n%s", log_buf);
6045 if (!log_buf || errno == ENOSPC) {
6046 log_buf_size = max((size_t)BPF_LOG_BUF_SIZE,
6053 cp = libbpf_strerror_r(errno, errmsg, sizeof(errmsg));
6054 pr_warn("load bpf program failed: %s\n", cp);
6057 if (log_buf && log_buf[0] != '\0') {
6058 ret = -LIBBPF_ERRNO__VERIFY;
6059 pr_warn("-- BEGIN DUMP LOG ---\n");
6060 pr_warn("\n%s\n", log_buf);
6061 pr_warn("-- END LOG --\n");
6062 } else if (load_attr.insns_cnt >= BPF_MAXINSNS) {
6063 pr_warn("Program too large (%zu insns), at most %d insns\n",
6064 load_attr.insns_cnt, BPF_MAXINSNS);
6065 ret = -LIBBPF_ERRNO__PROG2BIG;
6066 } else if (load_attr.prog_type != BPF_PROG_TYPE_KPROBE) {
6067 /* Wrong program type? */
6070 load_attr.prog_type = BPF_PROG_TYPE_KPROBE;
6071 load_attr.expected_attach_type = 0;
6072 fd = bpf_load_program_xattr(&load_attr, NULL, 0);
6075 ret = -LIBBPF_ERRNO__PROGTYPE;
6085 static int libbpf_find_attach_btf_id(struct bpf_program *prog);
6087 int bpf_program__load(struct bpf_program *prog, char *license, __u32 kern_ver)
6089 int err = 0, fd, i, btf_id;
6091 if (prog->obj->loaded) {
6092 pr_warn("prog '%s'('%s'): can't load after object was loaded\n",
6093 prog->name, prog->section_name);
6097 if ((prog->type == BPF_PROG_TYPE_TRACING ||
6098 prog->type == BPF_PROG_TYPE_LSM ||
6099 prog->type == BPF_PROG_TYPE_EXT) && !prog->attach_btf_id) {
6100 btf_id = libbpf_find_attach_btf_id(prog);
6103 prog->attach_btf_id = btf_id;
6106 if (prog->instances.nr < 0 || !prog->instances.fds) {
6107 if (prog->preprocessor) {
6108 pr_warn("Internal error: can't load program '%s'\n",
6109 prog->section_name);
6110 return -LIBBPF_ERRNO__INTERNAL;
6113 prog->instances.fds = malloc(sizeof(int));
6114 if (!prog->instances.fds) {
6115 pr_warn("Not enough memory for BPF fds\n");
6118 prog->instances.nr = 1;
6119 prog->instances.fds[0] = -1;
6122 if (!prog->preprocessor) {
6123 if (prog->instances.nr != 1) {
6124 pr_warn("Program '%s' is inconsistent: nr(%d) != 1\n",
6125 prog->section_name, prog->instances.nr);
6127 err = load_program(prog, prog->insns, prog->insns_cnt,
6128 license, kern_ver, &fd);
6130 prog->instances.fds[0] = fd;
6134 for (i = 0; i < prog->instances.nr; i++) {
6135 struct bpf_prog_prep_result result;
6136 bpf_program_prep_t preprocessor = prog->preprocessor;
6138 memset(&result, 0, sizeof(result));
6139 err = preprocessor(prog, i, prog->insns,
6140 prog->insns_cnt, &result);
6142 pr_warn("Preprocessing the %dth instance of program '%s' failed\n",
6143 i, prog->section_name);
6147 if (!result.new_insn_ptr || !result.new_insn_cnt) {
6148 pr_debug("Skip loading the %dth instance of program '%s'\n",
6149 i, prog->section_name);
6150 prog->instances.fds[i] = -1;
6156 err = load_program(prog, result.new_insn_ptr,
6157 result.new_insn_cnt, license, kern_ver, &fd);
6159 pr_warn("Loading the %dth instance of program '%s' failed\n",
6160 i, prog->section_name);
6166 prog->instances.fds[i] = fd;
6170 pr_warn("failed to load program '%s'\n", prog->section_name);
6171 zfree(&prog->insns);
6172 prog->insns_cnt = 0;
6176 static bool bpf_program__is_function_storage(const struct bpf_program *prog,
6177 const struct bpf_object *obj)
6179 return prog->idx == obj->efile.text_shndx && obj->has_pseudo_calls;
6183 bpf_object__load_progs(struct bpf_object *obj, int log_level)
6185 struct bpf_program *prog;
6189 for (i = 0; i < obj->nr_programs; i++) {
6190 prog = &obj->programs[i];
6191 err = bpf_object__sanitize_prog(obj, prog);
6196 for (i = 0; i < obj->nr_programs; i++) {
6197 prog = &obj->programs[i];
6198 if (bpf_program__is_function_storage(prog, obj))
6201 pr_debug("prog '%s'('%s'): skipped loading\n",
6202 prog->name, prog->section_name);
6205 prog->log_level |= log_level;
6206 err = bpf_program__load(prog, obj->license, obj->kern_version);
6213 static const struct bpf_sec_def *find_sec_def(const char *sec_name);
6215 static struct bpf_object *
6216 __bpf_object__open(const char *path, const void *obj_buf, size_t obj_buf_sz,
6217 const struct bpf_object_open_opts *opts)
6219 const char *obj_name, *kconfig;
6220 struct bpf_program *prog;
6221 struct bpf_object *obj;
6225 if (elf_version(EV_CURRENT) == EV_NONE) {
6226 pr_warn("failed to init libelf for %s\n",
6227 path ? : "(mem buf)");
6228 return ERR_PTR(-LIBBPF_ERRNO__LIBELF);
6231 if (!OPTS_VALID(opts, bpf_object_open_opts))
6232 return ERR_PTR(-EINVAL);
6234 obj_name = OPTS_GET(opts, object_name, NULL);
6237 snprintf(tmp_name, sizeof(tmp_name), "%lx-%lx",
6238 (unsigned long)obj_buf,
6239 (unsigned long)obj_buf_sz);
6240 obj_name = tmp_name;
6243 pr_debug("loading object '%s' from buffer\n", obj_name);
6246 obj = bpf_object__new(path, obj_buf, obj_buf_sz, obj_name);
6250 kconfig = OPTS_GET(opts, kconfig, NULL);
6252 obj->kconfig = strdup(kconfig);
6254 return ERR_PTR(-ENOMEM);
6257 err = bpf_object__elf_init(obj);
6258 err = err ? : bpf_object__check_endianness(obj);
6259 err = err ? : bpf_object__elf_collect(obj);
6260 err = err ? : bpf_object__collect_externs(obj);
6261 err = err ? : bpf_object__finalize_btf(obj);
6262 err = err ? : bpf_object__init_maps(obj, opts);
6263 err = err ? : bpf_object__init_prog_names(obj);
6264 err = err ? : bpf_object__collect_reloc(obj);
6267 bpf_object__elf_finish(obj);
6269 bpf_object__for_each_program(prog, obj) {
6270 prog->sec_def = find_sec_def(prog->section_name);
6272 /* couldn't guess, but user might manually specify */
6275 bpf_program__set_type(prog, prog->sec_def->prog_type);
6276 bpf_program__set_expected_attach_type(prog,
6277 prog->sec_def->expected_attach_type);
6279 if (prog->sec_def->prog_type == BPF_PROG_TYPE_TRACING ||
6280 prog->sec_def->prog_type == BPF_PROG_TYPE_EXT)
6281 prog->attach_prog_fd = OPTS_GET(opts, attach_prog_fd, 0);
6286 bpf_object__close(obj);
6287 return ERR_PTR(err);
6290 static struct bpf_object *
6291 __bpf_object__open_xattr(struct bpf_object_open_attr *attr, int flags)
6293 DECLARE_LIBBPF_OPTS(bpf_object_open_opts, opts,
6294 .relaxed_maps = flags & MAPS_RELAX_COMPAT,
6297 /* param validation */
6301 pr_debug("loading %s\n", attr->file);
6302 return __bpf_object__open(attr->file, NULL, 0, &opts);
6305 struct bpf_object *bpf_object__open_xattr(struct bpf_object_open_attr *attr)
6307 return __bpf_object__open_xattr(attr, 0);
6310 struct bpf_object *bpf_object__open(const char *path)
6312 struct bpf_object_open_attr attr = {
6314 .prog_type = BPF_PROG_TYPE_UNSPEC,
6317 return bpf_object__open_xattr(&attr);
6321 bpf_object__open_file(const char *path, const struct bpf_object_open_opts *opts)
6324 return ERR_PTR(-EINVAL);
6326 pr_debug("loading %s\n", path);
6328 return __bpf_object__open(path, NULL, 0, opts);
6332 bpf_object__open_mem(const void *obj_buf, size_t obj_buf_sz,
6333 const struct bpf_object_open_opts *opts)
6335 if (!obj_buf || obj_buf_sz == 0)
6336 return ERR_PTR(-EINVAL);
6338 return __bpf_object__open(NULL, obj_buf, obj_buf_sz, opts);
6342 bpf_object__open_buffer(const void *obj_buf, size_t obj_buf_sz,
6345 DECLARE_LIBBPF_OPTS(bpf_object_open_opts, opts,
6346 .object_name = name,
6347 /* wrong default, but backwards-compatible */
6348 .relaxed_maps = true,
6351 /* returning NULL is wrong, but backwards-compatible */
6352 if (!obj_buf || obj_buf_sz == 0)
6355 return bpf_object__open_mem(obj_buf, obj_buf_sz, &opts);
6358 int bpf_object__unload(struct bpf_object *obj)
6365 for (i = 0; i < obj->nr_maps; i++) {
6366 zclose(obj->maps[i].fd);
6367 if (obj->maps[i].st_ops)
6368 zfree(&obj->maps[i].st_ops->kern_vdata);
6371 for (i = 0; i < obj->nr_programs; i++)
6372 bpf_program__unload(&obj->programs[i]);
6377 static int bpf_object__sanitize_maps(struct bpf_object *obj)
6381 bpf_object__for_each_map(m, obj) {
6382 if (!bpf_map__is_internal(m))
6384 if (!kernel_supports(FEAT_GLOBAL_DATA)) {
6385 pr_warn("kernel doesn't support global data\n");
6388 if (!kernel_supports(FEAT_ARRAY_MMAP))
6389 m->def.map_flags ^= BPF_F_MMAPABLE;
6395 static int bpf_object__read_kallsyms_file(struct bpf_object *obj)
6397 char sym_type, sym_name[500];
6398 unsigned long long sym_addr;
6399 struct extern_desc *ext;
6403 f = fopen("/proc/kallsyms", "r");
6406 pr_warn("failed to open /proc/kallsyms: %d\n", err);
6411 ret = fscanf(f, "%llx %c %499s%*[^\n]\n",
6412 &sym_addr, &sym_type, sym_name);
6413 if (ret == EOF && feof(f))
6416 pr_warn("failed to read kallsyms entry: %d\n", ret);
6421 ext = find_extern_by_name(obj, sym_name);
6422 if (!ext || ext->type != EXT_KSYM)
6425 if (ext->is_set && ext->ksym.addr != sym_addr) {
6426 pr_warn("extern (ksym) '%s' resolution is ambiguous: 0x%llx or 0x%llx\n",
6427 sym_name, ext->ksym.addr, sym_addr);
6433 ext->ksym.addr = sym_addr;
6434 pr_debug("extern (ksym) %s=0x%llx\n", sym_name, sym_addr);
6443 static int bpf_object__resolve_externs(struct bpf_object *obj,
6444 const char *extra_kconfig)
6446 bool need_config = false, need_kallsyms = false;
6447 struct extern_desc *ext;
6448 void *kcfg_data = NULL;
6451 if (obj->nr_extern == 0)
6454 if (obj->kconfig_map_idx >= 0)
6455 kcfg_data = obj->maps[obj->kconfig_map_idx].mmaped;
6457 for (i = 0; i < obj->nr_extern; i++) {
6458 ext = &obj->externs[i];
6460 if (ext->type == EXT_KCFG &&
6461 strcmp(ext->name, "LINUX_KERNEL_VERSION") == 0) {
6462 void *ext_val = kcfg_data + ext->kcfg.data_off;
6463 __u32 kver = get_kernel_version();
6466 pr_warn("failed to get kernel version\n");
6469 err = set_kcfg_value_num(ext, ext_val, kver);
6472 pr_debug("extern (kcfg) %s=0x%x\n", ext->name, kver);
6473 } else if (ext->type == EXT_KCFG &&
6474 strncmp(ext->name, "CONFIG_", 7) == 0) {
6476 } else if (ext->type == EXT_KSYM) {
6477 need_kallsyms = true;
6479 pr_warn("unrecognized extern '%s'\n", ext->name);
6483 if (need_config && extra_kconfig) {
6484 err = bpf_object__read_kconfig_mem(obj, extra_kconfig, kcfg_data);
6487 need_config = false;
6488 for (i = 0; i < obj->nr_extern; i++) {
6489 ext = &obj->externs[i];
6490 if (ext->type == EXT_KCFG && !ext->is_set) {
6497 err = bpf_object__read_kconfig_file(obj, kcfg_data);
6501 if (need_kallsyms) {
6502 err = bpf_object__read_kallsyms_file(obj);
6506 for (i = 0; i < obj->nr_extern; i++) {
6507 ext = &obj->externs[i];
6509 if (!ext->is_set && !ext->is_weak) {
6510 pr_warn("extern %s (strong) not resolved\n", ext->name);
6512 } else if (!ext->is_set) {
6513 pr_debug("extern %s (weak) not resolved, defaulting to zero\n",
6521 int bpf_object__load_xattr(struct bpf_object_load_attr *attr)
6523 struct bpf_object *obj;
6533 pr_warn("object '%s': load can't be attempted twice\n", obj->name);
6537 err = bpf_object__probe_loading(obj);
6538 err = err ? : bpf_object__resolve_externs(obj, obj->kconfig);
6539 err = err ? : bpf_object__sanitize_and_load_btf(obj);
6540 err = err ? : bpf_object__sanitize_maps(obj);
6541 err = err ? : bpf_object__load_vmlinux_btf(obj);
6542 err = err ? : bpf_object__init_kern_struct_ops_maps(obj);
6543 err = err ? : bpf_object__create_maps(obj);
6544 err = err ? : bpf_object__relocate(obj, attr->target_btf_path);
6545 err = err ? : bpf_object__load_progs(obj, attr->log_level);
6547 btf__free(obj->btf_vmlinux);
6548 obj->btf_vmlinux = NULL;
6550 obj->loaded = true; /* doesn't matter if successfully or not */
6557 /* unpin any maps that were auto-pinned during load */
6558 for (i = 0; i < obj->nr_maps; i++)
6559 if (obj->maps[i].pinned && !obj->maps[i].reused)
6560 bpf_map__unpin(&obj->maps[i], NULL);
6562 bpf_object__unload(obj);
6563 pr_warn("failed to load object '%s'\n", obj->path);
6567 int bpf_object__load(struct bpf_object *obj)
6569 struct bpf_object_load_attr attr = {
6573 return bpf_object__load_xattr(&attr);
6576 static int make_parent_dir(const char *path)
6578 char *cp, errmsg[STRERR_BUFSIZE];
6582 dname = strdup(path);
6586 dir = dirname(dname);
6587 if (mkdir(dir, 0700) && errno != EEXIST)
6592 cp = libbpf_strerror_r(-err, errmsg, sizeof(errmsg));
6593 pr_warn("failed to mkdir %s: %s\n", path, cp);
6598 static int check_path(const char *path)
6600 char *cp, errmsg[STRERR_BUFSIZE];
6601 struct statfs st_fs;
6608 dname = strdup(path);
6612 dir = dirname(dname);
6613 if (statfs(dir, &st_fs)) {
6614 cp = libbpf_strerror_r(errno, errmsg, sizeof(errmsg));
6615 pr_warn("failed to statfs %s: %s\n", dir, cp);
6620 if (!err && st_fs.f_type != BPF_FS_MAGIC) {
6621 pr_warn("specified path %s is not on BPF FS\n", path);
6628 int bpf_program__pin_instance(struct bpf_program *prog, const char *path,
6631 char *cp, errmsg[STRERR_BUFSIZE];
6634 err = make_parent_dir(path);
6638 err = check_path(path);
6643 pr_warn("invalid program pointer\n");
6647 if (instance < 0 || instance >= prog->instances.nr) {
6648 pr_warn("invalid prog instance %d of prog %s (max %d)\n",
6649 instance, prog->section_name, prog->instances.nr);
6653 if (bpf_obj_pin(prog->instances.fds[instance], path)) {
6655 cp = libbpf_strerror_r(err, errmsg, sizeof(errmsg));
6656 pr_warn("failed to pin program: %s\n", cp);
6659 pr_debug("pinned program '%s'\n", path);
6664 int bpf_program__unpin_instance(struct bpf_program *prog, const char *path,
6669 err = check_path(path);
6674 pr_warn("invalid program pointer\n");
6678 if (instance < 0 || instance >= prog->instances.nr) {
6679 pr_warn("invalid prog instance %d of prog %s (max %d)\n",
6680 instance, prog->section_name, prog->instances.nr);
6687 pr_debug("unpinned program '%s'\n", path);
6692 int bpf_program__pin(struct bpf_program *prog, const char *path)
6696 err = make_parent_dir(path);
6700 err = check_path(path);
6705 pr_warn("invalid program pointer\n");
6709 if (prog->instances.nr <= 0) {
6710 pr_warn("no instances of prog %s to pin\n",
6711 prog->section_name);
6715 if (prog->instances.nr == 1) {
6716 /* don't create subdirs when pinning single instance */
6717 return bpf_program__pin_instance(prog, path, 0);
6720 for (i = 0; i < prog->instances.nr; i++) {
6724 len = snprintf(buf, PATH_MAX, "%s/%d", path, i);
6728 } else if (len >= PATH_MAX) {
6729 err = -ENAMETOOLONG;
6733 err = bpf_program__pin_instance(prog, buf, i);
6741 for (i = i - 1; i >= 0; i--) {
6745 len = snprintf(buf, PATH_MAX, "%s/%d", path, i);
6748 else if (len >= PATH_MAX)
6751 bpf_program__unpin_instance(prog, buf, i);
6759 int bpf_program__unpin(struct bpf_program *prog, const char *path)
6763 err = check_path(path);
6768 pr_warn("invalid program pointer\n");
6772 if (prog->instances.nr <= 0) {
6773 pr_warn("no instances of prog %s to pin\n",
6774 prog->section_name);
6778 if (prog->instances.nr == 1) {
6779 /* don't create subdirs when pinning single instance */
6780 return bpf_program__unpin_instance(prog, path, 0);
6783 for (i = 0; i < prog->instances.nr; i++) {
6787 len = snprintf(buf, PATH_MAX, "%s/%d", path, i);
6790 else if (len >= PATH_MAX)
6791 return -ENAMETOOLONG;
6793 err = bpf_program__unpin_instance(prog, buf, i);
6805 int bpf_map__pin(struct bpf_map *map, const char *path)
6807 char *cp, errmsg[STRERR_BUFSIZE];
6811 pr_warn("invalid map pointer\n");
6815 if (map->pin_path) {
6816 if (path && strcmp(path, map->pin_path)) {
6817 pr_warn("map '%s' already has pin path '%s' different from '%s'\n",
6818 bpf_map__name(map), map->pin_path, path);
6820 } else if (map->pinned) {
6821 pr_debug("map '%s' already pinned at '%s'; not re-pinning\n",
6822 bpf_map__name(map), map->pin_path);
6827 pr_warn("missing a path to pin map '%s' at\n",
6828 bpf_map__name(map));
6830 } else if (map->pinned) {
6831 pr_warn("map '%s' already pinned\n", bpf_map__name(map));
6835 map->pin_path = strdup(path);
6836 if (!map->pin_path) {
6842 err = make_parent_dir(map->pin_path);
6846 err = check_path(map->pin_path);
6850 if (bpf_obj_pin(map->fd, map->pin_path)) {
6856 pr_debug("pinned map '%s'\n", map->pin_path);
6861 cp = libbpf_strerror_r(-err, errmsg, sizeof(errmsg));
6862 pr_warn("failed to pin map: %s\n", cp);
6866 int bpf_map__unpin(struct bpf_map *map, const char *path)
6871 pr_warn("invalid map pointer\n");
6875 if (map->pin_path) {
6876 if (path && strcmp(path, map->pin_path)) {
6877 pr_warn("map '%s' already has pin path '%s' different from '%s'\n",
6878 bpf_map__name(map), map->pin_path, path);
6881 path = map->pin_path;
6883 pr_warn("no path to unpin map '%s' from\n",
6884 bpf_map__name(map));
6888 err = check_path(path);
6896 map->pinned = false;
6897 pr_debug("unpinned map '%s' from '%s'\n", bpf_map__name(map), path);
6902 int bpf_map__set_pin_path(struct bpf_map *map, const char *path)
6912 free(map->pin_path);
6913 map->pin_path = new;
6917 const char *bpf_map__get_pin_path(const struct bpf_map *map)
6919 return map->pin_path;
6922 bool bpf_map__is_pinned(const struct bpf_map *map)
6927 int bpf_object__pin_maps(struct bpf_object *obj, const char *path)
6929 struct bpf_map *map;
6936 pr_warn("object not yet loaded; load it first\n");
6940 bpf_object__for_each_map(map, obj) {
6941 char *pin_path = NULL;
6947 len = snprintf(buf, PATH_MAX, "%s/%s", path,
6948 bpf_map__name(map));
6951 goto err_unpin_maps;
6952 } else if (len >= PATH_MAX) {
6953 err = -ENAMETOOLONG;
6954 goto err_unpin_maps;
6957 } else if (!map->pin_path) {
6961 err = bpf_map__pin(map, pin_path);
6963 goto err_unpin_maps;
6969 while ((map = bpf_map__prev(map, obj))) {
6973 bpf_map__unpin(map, NULL);
6979 int bpf_object__unpin_maps(struct bpf_object *obj, const char *path)
6981 struct bpf_map *map;
6987 bpf_object__for_each_map(map, obj) {
6988 char *pin_path = NULL;
6994 len = snprintf(buf, PATH_MAX, "%s/%s", path,
6995 bpf_map__name(map));
6998 else if (len >= PATH_MAX)
6999 return -ENAMETOOLONG;
7001 } else if (!map->pin_path) {
7005 err = bpf_map__unpin(map, pin_path);
7013 int bpf_object__pin_programs(struct bpf_object *obj, const char *path)
7015 struct bpf_program *prog;
7022 pr_warn("object not yet loaded; load it first\n");
7026 bpf_object__for_each_program(prog, obj) {
7030 len = snprintf(buf, PATH_MAX, "%s/%s", path,
7034 goto err_unpin_programs;
7035 } else if (len >= PATH_MAX) {
7036 err = -ENAMETOOLONG;
7037 goto err_unpin_programs;
7040 err = bpf_program__pin(prog, buf);
7042 goto err_unpin_programs;
7048 while ((prog = bpf_program__prev(prog, obj))) {
7052 len = snprintf(buf, PATH_MAX, "%s/%s", path,
7056 else if (len >= PATH_MAX)
7059 bpf_program__unpin(prog, buf);
7065 int bpf_object__unpin_programs(struct bpf_object *obj, const char *path)
7067 struct bpf_program *prog;
7073 bpf_object__for_each_program(prog, obj) {
7077 len = snprintf(buf, PATH_MAX, "%s/%s", path,
7081 else if (len >= PATH_MAX)
7082 return -ENAMETOOLONG;
7084 err = bpf_program__unpin(prog, buf);
7092 int bpf_object__pin(struct bpf_object *obj, const char *path)
7096 err = bpf_object__pin_maps(obj, path);
7100 err = bpf_object__pin_programs(obj, path);
7102 bpf_object__unpin_maps(obj, path);
7109 static void bpf_map__destroy(struct bpf_map *map)
7111 if (map->clear_priv)
7112 map->clear_priv(map, map->priv);
7114 map->clear_priv = NULL;
7116 if (map->inner_map) {
7117 bpf_map__destroy(map->inner_map);
7118 zfree(&map->inner_map);
7121 zfree(&map->init_slots);
7122 map->init_slots_sz = 0;
7125 munmap(map->mmaped, bpf_map_mmap_sz(map));
7130 zfree(&map->st_ops->data);
7131 zfree(&map->st_ops->progs);
7132 zfree(&map->st_ops->kern_func_off);
7133 zfree(&map->st_ops);
7137 zfree(&map->pin_path);
7143 void bpf_object__close(struct bpf_object *obj)
7147 if (IS_ERR_OR_NULL(obj))
7150 if (obj->clear_priv)
7151 obj->clear_priv(obj, obj->priv);
7153 bpf_object__elf_finish(obj);
7154 bpf_object__unload(obj);
7155 btf__free(obj->btf);
7156 btf_ext__free(obj->btf_ext);
7158 for (i = 0; i < obj->nr_maps; i++)
7159 bpf_map__destroy(&obj->maps[i]);
7161 zfree(&obj->kconfig);
7162 zfree(&obj->externs);
7168 if (obj->programs && obj->nr_programs) {
7169 for (i = 0; i < obj->nr_programs; i++)
7170 bpf_program__exit(&obj->programs[i]);
7172 zfree(&obj->programs);
7174 list_del(&obj->list);
7179 bpf_object__next(struct bpf_object *prev)
7181 struct bpf_object *next;
7184 next = list_first_entry(&bpf_objects_list,
7188 next = list_next_entry(prev, list);
7190 /* Empty list is noticed here so don't need checking on entry. */
7191 if (&next->list == &bpf_objects_list)
7197 const char *bpf_object__name(const struct bpf_object *obj)
7199 return obj ? obj->name : ERR_PTR(-EINVAL);
7202 unsigned int bpf_object__kversion(const struct bpf_object *obj)
7204 return obj ? obj->kern_version : 0;
7207 struct btf *bpf_object__btf(const struct bpf_object *obj)
7209 return obj ? obj->btf : NULL;
7212 int bpf_object__btf_fd(const struct bpf_object *obj)
7214 return obj->btf ? btf__fd(obj->btf) : -1;
7217 int bpf_object__set_priv(struct bpf_object *obj, void *priv,
7218 bpf_object_clear_priv_t clear_priv)
7220 if (obj->priv && obj->clear_priv)
7221 obj->clear_priv(obj, obj->priv);
7224 obj->clear_priv = clear_priv;
7228 void *bpf_object__priv(const struct bpf_object *obj)
7230 return obj ? obj->priv : ERR_PTR(-EINVAL);
7233 static struct bpf_program *
7234 __bpf_program__iter(const struct bpf_program *p, const struct bpf_object *obj,
7237 size_t nr_programs = obj->nr_programs;
7244 /* Iter from the beginning */
7245 return forward ? &obj->programs[0] :
7246 &obj->programs[nr_programs - 1];
7248 if (p->obj != obj) {
7249 pr_warn("error: program handler doesn't match object\n");
7253 idx = (p - obj->programs) + (forward ? 1 : -1);
7254 if (idx >= obj->nr_programs || idx < 0)
7256 return &obj->programs[idx];
7259 struct bpf_program *
7260 bpf_program__next(struct bpf_program *prev, const struct bpf_object *obj)
7262 struct bpf_program *prog = prev;
7265 prog = __bpf_program__iter(prog, obj, true);
7266 } while (prog && bpf_program__is_function_storage(prog, obj));
7271 struct bpf_program *
7272 bpf_program__prev(struct bpf_program *next, const struct bpf_object *obj)
7274 struct bpf_program *prog = next;
7277 prog = __bpf_program__iter(prog, obj, false);
7278 } while (prog && bpf_program__is_function_storage(prog, obj));
7283 int bpf_program__set_priv(struct bpf_program *prog, void *priv,
7284 bpf_program_clear_priv_t clear_priv)
7286 if (prog->priv && prog->clear_priv)
7287 prog->clear_priv(prog, prog->priv);
7290 prog->clear_priv = clear_priv;
7294 void *bpf_program__priv(const struct bpf_program *prog)
7296 return prog ? prog->priv : ERR_PTR(-EINVAL);
7299 void bpf_program__set_ifindex(struct bpf_program *prog, __u32 ifindex)
7301 prog->prog_ifindex = ifindex;
7304 const char *bpf_program__name(const struct bpf_program *prog)
7309 const char *bpf_program__title(const struct bpf_program *prog, bool needs_copy)
7313 title = prog->section_name;
7315 title = strdup(title);
7317 pr_warn("failed to strdup program title\n");
7318 return ERR_PTR(-ENOMEM);
7325 bool bpf_program__autoload(const struct bpf_program *prog)
7330 int bpf_program__set_autoload(struct bpf_program *prog, bool autoload)
7332 if (prog->obj->loaded)
7335 prog->load = autoload;
7339 int bpf_program__fd(const struct bpf_program *prog)
7341 return bpf_program__nth_fd(prog, 0);
7344 size_t bpf_program__size(const struct bpf_program *prog)
7346 return prog->insns_cnt * sizeof(struct bpf_insn);
7349 int bpf_program__set_prep(struct bpf_program *prog, int nr_instances,
7350 bpf_program_prep_t prep)
7354 if (nr_instances <= 0 || !prep)
7357 if (prog->instances.nr > 0 || prog->instances.fds) {
7358 pr_warn("Can't set pre-processor after loading\n");
7362 instances_fds = malloc(sizeof(int) * nr_instances);
7363 if (!instances_fds) {
7364 pr_warn("alloc memory failed for fds\n");
7368 /* fill all fd with -1 */
7369 memset(instances_fds, -1, sizeof(int) * nr_instances);
7371 prog->instances.nr = nr_instances;
7372 prog->instances.fds = instances_fds;
7373 prog->preprocessor = prep;
7377 int bpf_program__nth_fd(const struct bpf_program *prog, int n)
7384 if (n >= prog->instances.nr || n < 0) {
7385 pr_warn("Can't get the %dth fd from program %s: only %d instances\n",
7386 n, prog->section_name, prog->instances.nr);
7390 fd = prog->instances.fds[n];
7392 pr_warn("%dth instance of program '%s' is invalid\n",
7393 n, prog->section_name);
7400 enum bpf_prog_type bpf_program__get_type(struct bpf_program *prog)
7405 void bpf_program__set_type(struct bpf_program *prog, enum bpf_prog_type type)
7410 static bool bpf_program__is_type(const struct bpf_program *prog,
7411 enum bpf_prog_type type)
7413 return prog ? (prog->type == type) : false;
7416 #define BPF_PROG_TYPE_FNS(NAME, TYPE) \
7417 int bpf_program__set_##NAME(struct bpf_program *prog) \
7421 bpf_program__set_type(prog, TYPE); \
7425 bool bpf_program__is_##NAME(const struct bpf_program *prog) \
7427 return bpf_program__is_type(prog, TYPE); \
7430 BPF_PROG_TYPE_FNS(socket_filter, BPF_PROG_TYPE_SOCKET_FILTER);
7431 BPF_PROG_TYPE_FNS(lsm, BPF_PROG_TYPE_LSM);
7432 BPF_PROG_TYPE_FNS(kprobe, BPF_PROG_TYPE_KPROBE);
7433 BPF_PROG_TYPE_FNS(sched_cls, BPF_PROG_TYPE_SCHED_CLS);
7434 BPF_PROG_TYPE_FNS(sched_act, BPF_PROG_TYPE_SCHED_ACT);
7435 BPF_PROG_TYPE_FNS(tracepoint, BPF_PROG_TYPE_TRACEPOINT);
7436 BPF_PROG_TYPE_FNS(raw_tracepoint, BPF_PROG_TYPE_RAW_TRACEPOINT);
7437 BPF_PROG_TYPE_FNS(xdp, BPF_PROG_TYPE_XDP);
7438 BPF_PROG_TYPE_FNS(perf_event, BPF_PROG_TYPE_PERF_EVENT);
7439 BPF_PROG_TYPE_FNS(tracing, BPF_PROG_TYPE_TRACING);
7440 BPF_PROG_TYPE_FNS(struct_ops, BPF_PROG_TYPE_STRUCT_OPS);
7441 BPF_PROG_TYPE_FNS(extension, BPF_PROG_TYPE_EXT);
7442 BPF_PROG_TYPE_FNS(sk_lookup, BPF_PROG_TYPE_SK_LOOKUP);
7444 enum bpf_attach_type
7445 bpf_program__get_expected_attach_type(struct bpf_program *prog)
7447 return prog->expected_attach_type;
7450 void bpf_program__set_expected_attach_type(struct bpf_program *prog,
7451 enum bpf_attach_type type)
7453 prog->expected_attach_type = type;
7456 #define BPF_PROG_SEC_IMPL(string, ptype, eatype, eatype_optional, \
7457 attachable, attach_btf) \
7460 .len = sizeof(string) - 1, \
7461 .prog_type = ptype, \
7462 .expected_attach_type = eatype, \
7463 .is_exp_attach_type_optional = eatype_optional, \
7464 .is_attachable = attachable, \
7465 .is_attach_btf = attach_btf, \
7468 /* Programs that can NOT be attached. */
7469 #define BPF_PROG_SEC(string, ptype) BPF_PROG_SEC_IMPL(string, ptype, 0, 0, 0, 0)
7471 /* Programs that can be attached. */
7472 #define BPF_APROG_SEC(string, ptype, atype) \
7473 BPF_PROG_SEC_IMPL(string, ptype, atype, true, 1, 0)
7475 /* Programs that must specify expected attach type at load time. */
7476 #define BPF_EAPROG_SEC(string, ptype, eatype) \
7477 BPF_PROG_SEC_IMPL(string, ptype, eatype, false, 1, 0)
7479 /* Programs that use BTF to identify attach point */
7480 #define BPF_PROG_BTF(string, ptype, eatype) \
7481 BPF_PROG_SEC_IMPL(string, ptype, eatype, false, 0, 1)
7483 /* Programs that can be attached but attach type can't be identified by section
7484 * name. Kept for backward compatibility.
7486 #define BPF_APROG_COMPAT(string, ptype) BPF_PROG_SEC(string, ptype)
7488 #define SEC_DEF(sec_pfx, ptype, ...) { \
7490 .len = sizeof(sec_pfx) - 1, \
7491 .prog_type = BPF_PROG_TYPE_##ptype, \
7495 static struct bpf_link *attach_kprobe(const struct bpf_sec_def *sec,
7496 struct bpf_program *prog);
7497 static struct bpf_link *attach_tp(const struct bpf_sec_def *sec,
7498 struct bpf_program *prog);
7499 static struct bpf_link *attach_raw_tp(const struct bpf_sec_def *sec,
7500 struct bpf_program *prog);
7501 static struct bpf_link *attach_trace(const struct bpf_sec_def *sec,
7502 struct bpf_program *prog);
7503 static struct bpf_link *attach_lsm(const struct bpf_sec_def *sec,
7504 struct bpf_program *prog);
7505 static struct bpf_link *attach_iter(const struct bpf_sec_def *sec,
7506 struct bpf_program *prog);
7508 static const struct bpf_sec_def section_defs[] = {
7509 BPF_PROG_SEC("socket", BPF_PROG_TYPE_SOCKET_FILTER),
7510 BPF_PROG_SEC("sk_reuseport", BPF_PROG_TYPE_SK_REUSEPORT),
7511 SEC_DEF("kprobe/", KPROBE,
7512 .attach_fn = attach_kprobe),
7513 BPF_PROG_SEC("uprobe/", BPF_PROG_TYPE_KPROBE),
7514 SEC_DEF("kretprobe/", KPROBE,
7515 .attach_fn = attach_kprobe),
7516 BPF_PROG_SEC("uretprobe/", BPF_PROG_TYPE_KPROBE),
7517 BPF_PROG_SEC("classifier", BPF_PROG_TYPE_SCHED_CLS),
7518 BPF_PROG_SEC("action", BPF_PROG_TYPE_SCHED_ACT),
7519 SEC_DEF("tracepoint/", TRACEPOINT,
7520 .attach_fn = attach_tp),
7521 SEC_DEF("tp/", TRACEPOINT,
7522 .attach_fn = attach_tp),
7523 SEC_DEF("raw_tracepoint/", RAW_TRACEPOINT,
7524 .attach_fn = attach_raw_tp),
7525 SEC_DEF("raw_tp/", RAW_TRACEPOINT,
7526 .attach_fn = attach_raw_tp),
7527 SEC_DEF("tp_btf/", TRACING,
7528 .expected_attach_type = BPF_TRACE_RAW_TP,
7529 .is_attach_btf = true,
7530 .attach_fn = attach_trace),
7531 SEC_DEF("fentry/", TRACING,
7532 .expected_attach_type = BPF_TRACE_FENTRY,
7533 .is_attach_btf = true,
7534 .attach_fn = attach_trace),
7535 SEC_DEF("fmod_ret/", TRACING,
7536 .expected_attach_type = BPF_MODIFY_RETURN,
7537 .is_attach_btf = true,
7538 .attach_fn = attach_trace),
7539 SEC_DEF("fexit/", TRACING,
7540 .expected_attach_type = BPF_TRACE_FEXIT,
7541 .is_attach_btf = true,
7542 .attach_fn = attach_trace),
7543 SEC_DEF("freplace/", EXT,
7544 .is_attach_btf = true,
7545 .attach_fn = attach_trace),
7546 SEC_DEF("lsm/", LSM,
7547 .is_attach_btf = true,
7548 .expected_attach_type = BPF_LSM_MAC,
7549 .attach_fn = attach_lsm),
7550 SEC_DEF("iter/", TRACING,
7551 .expected_attach_type = BPF_TRACE_ITER,
7552 .is_attach_btf = true,
7553 .attach_fn = attach_iter),
7554 BPF_EAPROG_SEC("xdp_devmap/", BPF_PROG_TYPE_XDP,
7556 BPF_EAPROG_SEC("xdp_cpumap/", BPF_PROG_TYPE_XDP,
7558 BPF_EAPROG_SEC("xdp", BPF_PROG_TYPE_XDP,
7560 BPF_PROG_SEC("perf_event", BPF_PROG_TYPE_PERF_EVENT),
7561 BPF_PROG_SEC("lwt_in", BPF_PROG_TYPE_LWT_IN),
7562 BPF_PROG_SEC("lwt_out", BPF_PROG_TYPE_LWT_OUT),
7563 BPF_PROG_SEC("lwt_xmit", BPF_PROG_TYPE_LWT_XMIT),
7564 BPF_PROG_SEC("lwt_seg6local", BPF_PROG_TYPE_LWT_SEG6LOCAL),
7565 BPF_APROG_SEC("cgroup_skb/ingress", BPF_PROG_TYPE_CGROUP_SKB,
7566 BPF_CGROUP_INET_INGRESS),
7567 BPF_APROG_SEC("cgroup_skb/egress", BPF_PROG_TYPE_CGROUP_SKB,
7568 BPF_CGROUP_INET_EGRESS),
7569 BPF_APROG_COMPAT("cgroup/skb", BPF_PROG_TYPE_CGROUP_SKB),
7570 BPF_EAPROG_SEC("cgroup/sock_create", BPF_PROG_TYPE_CGROUP_SOCK,
7571 BPF_CGROUP_INET_SOCK_CREATE),
7572 BPF_EAPROG_SEC("cgroup/sock_release", BPF_PROG_TYPE_CGROUP_SOCK,
7573 BPF_CGROUP_INET_SOCK_RELEASE),
7574 BPF_APROG_SEC("cgroup/sock", BPF_PROG_TYPE_CGROUP_SOCK,
7575 BPF_CGROUP_INET_SOCK_CREATE),
7576 BPF_EAPROG_SEC("cgroup/post_bind4", BPF_PROG_TYPE_CGROUP_SOCK,
7577 BPF_CGROUP_INET4_POST_BIND),
7578 BPF_EAPROG_SEC("cgroup/post_bind6", BPF_PROG_TYPE_CGROUP_SOCK,
7579 BPF_CGROUP_INET6_POST_BIND),
7580 BPF_APROG_SEC("cgroup/dev", BPF_PROG_TYPE_CGROUP_DEVICE,
7582 BPF_APROG_SEC("sockops", BPF_PROG_TYPE_SOCK_OPS,
7583 BPF_CGROUP_SOCK_OPS),
7584 BPF_APROG_SEC("sk_skb/stream_parser", BPF_PROG_TYPE_SK_SKB,
7585 BPF_SK_SKB_STREAM_PARSER),
7586 BPF_APROG_SEC("sk_skb/stream_verdict", BPF_PROG_TYPE_SK_SKB,
7587 BPF_SK_SKB_STREAM_VERDICT),
7588 BPF_APROG_COMPAT("sk_skb", BPF_PROG_TYPE_SK_SKB),
7589 BPF_APROG_SEC("sk_msg", BPF_PROG_TYPE_SK_MSG,
7590 BPF_SK_MSG_VERDICT),
7591 BPF_APROG_SEC("lirc_mode2", BPF_PROG_TYPE_LIRC_MODE2,
7593 BPF_APROG_SEC("flow_dissector", BPF_PROG_TYPE_FLOW_DISSECTOR,
7594 BPF_FLOW_DISSECTOR),
7595 BPF_EAPROG_SEC("cgroup/bind4", BPF_PROG_TYPE_CGROUP_SOCK_ADDR,
7596 BPF_CGROUP_INET4_BIND),
7597 BPF_EAPROG_SEC("cgroup/bind6", BPF_PROG_TYPE_CGROUP_SOCK_ADDR,
7598 BPF_CGROUP_INET6_BIND),
7599 BPF_EAPROG_SEC("cgroup/connect4", BPF_PROG_TYPE_CGROUP_SOCK_ADDR,
7600 BPF_CGROUP_INET4_CONNECT),
7601 BPF_EAPROG_SEC("cgroup/connect6", BPF_PROG_TYPE_CGROUP_SOCK_ADDR,
7602 BPF_CGROUP_INET6_CONNECT),
7603 BPF_EAPROG_SEC("cgroup/sendmsg4", BPF_PROG_TYPE_CGROUP_SOCK_ADDR,
7604 BPF_CGROUP_UDP4_SENDMSG),
7605 BPF_EAPROG_SEC("cgroup/sendmsg6", BPF_PROG_TYPE_CGROUP_SOCK_ADDR,
7606 BPF_CGROUP_UDP6_SENDMSG),
7607 BPF_EAPROG_SEC("cgroup/recvmsg4", BPF_PROG_TYPE_CGROUP_SOCK_ADDR,
7608 BPF_CGROUP_UDP4_RECVMSG),
7609 BPF_EAPROG_SEC("cgroup/recvmsg6", BPF_PROG_TYPE_CGROUP_SOCK_ADDR,
7610 BPF_CGROUP_UDP6_RECVMSG),
7611 BPF_EAPROG_SEC("cgroup/getpeername4", BPF_PROG_TYPE_CGROUP_SOCK_ADDR,
7612 BPF_CGROUP_INET4_GETPEERNAME),
7613 BPF_EAPROG_SEC("cgroup/getpeername6", BPF_PROG_TYPE_CGROUP_SOCK_ADDR,
7614 BPF_CGROUP_INET6_GETPEERNAME),
7615 BPF_EAPROG_SEC("cgroup/getsockname4", BPF_PROG_TYPE_CGROUP_SOCK_ADDR,
7616 BPF_CGROUP_INET4_GETSOCKNAME),
7617 BPF_EAPROG_SEC("cgroup/getsockname6", BPF_PROG_TYPE_CGROUP_SOCK_ADDR,
7618 BPF_CGROUP_INET6_GETSOCKNAME),
7619 BPF_EAPROG_SEC("cgroup/sysctl", BPF_PROG_TYPE_CGROUP_SYSCTL,
7621 BPF_EAPROG_SEC("cgroup/getsockopt", BPF_PROG_TYPE_CGROUP_SOCKOPT,
7622 BPF_CGROUP_GETSOCKOPT),
7623 BPF_EAPROG_SEC("cgroup/setsockopt", BPF_PROG_TYPE_CGROUP_SOCKOPT,
7624 BPF_CGROUP_SETSOCKOPT),
7625 BPF_PROG_SEC("struct_ops", BPF_PROG_TYPE_STRUCT_OPS),
7626 BPF_EAPROG_SEC("sk_lookup/", BPF_PROG_TYPE_SK_LOOKUP,
7630 #undef BPF_PROG_SEC_IMPL
7632 #undef BPF_APROG_SEC
7633 #undef BPF_EAPROG_SEC
7634 #undef BPF_APROG_COMPAT
7637 #define MAX_TYPE_NAME_SIZE 32
7639 static const struct bpf_sec_def *find_sec_def(const char *sec_name)
7641 int i, n = ARRAY_SIZE(section_defs);
7643 for (i = 0; i < n; i++) {
7644 if (strncmp(sec_name,
7645 section_defs[i].sec, section_defs[i].len))
7647 return §ion_defs[i];
7652 static char *libbpf_get_type_names(bool attach_type)
7654 int i, len = ARRAY_SIZE(section_defs) * MAX_TYPE_NAME_SIZE;
7662 /* Forge string buf with all available names */
7663 for (i = 0; i < ARRAY_SIZE(section_defs); i++) {
7664 if (attach_type && !section_defs[i].is_attachable)
7667 if (strlen(buf) + strlen(section_defs[i].sec) + 2 > len) {
7672 strcat(buf, section_defs[i].sec);
7678 int libbpf_prog_type_by_name(const char *name, enum bpf_prog_type *prog_type,
7679 enum bpf_attach_type *expected_attach_type)
7681 const struct bpf_sec_def *sec_def;
7687 sec_def = find_sec_def(name);
7689 *prog_type = sec_def->prog_type;
7690 *expected_attach_type = sec_def->expected_attach_type;
7694 pr_debug("failed to guess program type from ELF section '%s'\n", name);
7695 type_names = libbpf_get_type_names(false);
7696 if (type_names != NULL) {
7697 pr_debug("supported section(type) names are:%s\n", type_names);
7704 static struct bpf_map *find_struct_ops_map_by_offset(struct bpf_object *obj,
7707 struct bpf_map *map;
7710 for (i = 0; i < obj->nr_maps; i++) {
7711 map = &obj->maps[i];
7712 if (!bpf_map__is_struct_ops(map))
7714 if (map->sec_offset <= offset &&
7715 offset - map->sec_offset < map->def.value_size)
7722 /* Collect the reloc from ELF and populate the st_ops->progs[] */
7723 static int bpf_object__collect_st_ops_relos(struct bpf_object *obj,
7724 GElf_Shdr *shdr, Elf_Data *data)
7726 const struct btf_member *member;
7727 struct bpf_struct_ops *st_ops;
7728 struct bpf_program *prog;
7729 unsigned int shdr_idx;
7730 const struct btf *btf;
7731 struct bpf_map *map;
7740 symbols = obj->efile.symbols;
7742 nrels = shdr->sh_size / shdr->sh_entsize;
7743 for (i = 0; i < nrels; i++) {
7744 if (!gelf_getrel(data, i, &rel)) {
7745 pr_warn("struct_ops reloc: failed to get %d reloc\n", i);
7746 return -LIBBPF_ERRNO__FORMAT;
7749 if (!gelf_getsym(symbols, GELF_R_SYM(rel.r_info), &sym)) {
7750 pr_warn("struct_ops reloc: symbol %zx not found\n",
7751 (size_t)GELF_R_SYM(rel.r_info));
7752 return -LIBBPF_ERRNO__FORMAT;
7755 name = elf_sym_str(obj, sym.st_name) ?: "<?>";
7756 map = find_struct_ops_map_by_offset(obj, rel.r_offset);
7758 pr_warn("struct_ops reloc: cannot find map at rel.r_offset %zu\n",
7759 (size_t)rel.r_offset);
7763 moff = rel.r_offset - map->sec_offset;
7764 shdr_idx = sym.st_shndx;
7765 st_ops = map->st_ops;
7766 pr_debug("struct_ops reloc %s: for %lld value %lld shdr_idx %u rel.r_offset %zu map->sec_offset %zu name %d (\'%s\')\n",
7768 (long long)(rel.r_info >> 32),
7769 (long long)sym.st_value,
7770 shdr_idx, (size_t)rel.r_offset,
7771 map->sec_offset, sym.st_name, name);
7773 if (shdr_idx >= SHN_LORESERVE) {
7774 pr_warn("struct_ops reloc %s: rel.r_offset %zu shdr_idx %u unsupported non-static function\n",
7775 map->name, (size_t)rel.r_offset, shdr_idx);
7776 return -LIBBPF_ERRNO__RELOC;
7779 member = find_member_by_offset(st_ops->type, moff * 8);
7781 pr_warn("struct_ops reloc %s: cannot find member at moff %u\n",
7785 member_idx = member - btf_members(st_ops->type);
7786 name = btf__name_by_offset(btf, member->name_off);
7788 if (!resolve_func_ptr(btf, member->type, NULL)) {
7789 pr_warn("struct_ops reloc %s: cannot relocate non func ptr %s\n",
7794 prog = bpf_object__find_prog_by_idx(obj, shdr_idx);
7796 pr_warn("struct_ops reloc %s: cannot find prog at shdr_idx %u to relocate func ptr %s\n",
7797 map->name, shdr_idx, name);
7801 if (prog->type == BPF_PROG_TYPE_UNSPEC) {
7802 const struct bpf_sec_def *sec_def;
7804 sec_def = find_sec_def(prog->section_name);
7806 sec_def->prog_type != BPF_PROG_TYPE_STRUCT_OPS) {
7808 prog->type = sec_def->prog_type;
7812 prog->type = BPF_PROG_TYPE_STRUCT_OPS;
7813 prog->attach_btf_id = st_ops->type_id;
7814 prog->expected_attach_type = member_idx;
7815 } else if (prog->type != BPF_PROG_TYPE_STRUCT_OPS ||
7816 prog->attach_btf_id != st_ops->type_id ||
7817 prog->expected_attach_type != member_idx) {
7820 st_ops->progs[member_idx] = prog;
7826 pr_warn("struct_ops reloc %s: cannot use prog %s in sec %s with type %u attach_btf_id %u expected_attach_type %u for func ptr %s\n",
7827 map->name, prog->name, prog->section_name, prog->type,
7828 prog->attach_btf_id, prog->expected_attach_type, name);
7832 #define BTF_TRACE_PREFIX "btf_trace_"
7833 #define BTF_LSM_PREFIX "bpf_lsm_"
7834 #define BTF_ITER_PREFIX "bpf_iter_"
7835 #define BTF_MAX_NAME_SIZE 128
7837 static int find_btf_by_prefix_kind(const struct btf *btf, const char *prefix,
7838 const char *name, __u32 kind)
7840 char btf_type_name[BTF_MAX_NAME_SIZE];
7843 ret = snprintf(btf_type_name, sizeof(btf_type_name),
7844 "%s%s", prefix, name);
7845 /* snprintf returns the number of characters written excluding the
7846 * the terminating null. So, if >= BTF_MAX_NAME_SIZE are written, it
7847 * indicates truncation.
7849 if (ret < 0 || ret >= sizeof(btf_type_name))
7850 return -ENAMETOOLONG;
7851 return btf__find_by_name_kind(btf, btf_type_name, kind);
7854 static inline int __find_vmlinux_btf_id(struct btf *btf, const char *name,
7855 enum bpf_attach_type attach_type)
7859 if (attach_type == BPF_TRACE_RAW_TP)
7860 err = find_btf_by_prefix_kind(btf, BTF_TRACE_PREFIX, name,
7862 else if (attach_type == BPF_LSM_MAC)
7863 err = find_btf_by_prefix_kind(btf, BTF_LSM_PREFIX, name,
7865 else if (attach_type == BPF_TRACE_ITER)
7866 err = find_btf_by_prefix_kind(btf, BTF_ITER_PREFIX, name,
7869 err = btf__find_by_name_kind(btf, name, BTF_KIND_FUNC);
7872 pr_warn("%s is not found in vmlinux BTF\n", name);
7877 int libbpf_find_vmlinux_btf_id(const char *name,
7878 enum bpf_attach_type attach_type)
7883 btf = libbpf_find_kernel_btf();
7885 pr_warn("vmlinux BTF is not found\n");
7889 err = __find_vmlinux_btf_id(btf, name, attach_type);
7894 static int libbpf_find_prog_btf_id(const char *name, __u32 attach_prog_fd)
7896 struct bpf_prog_info_linear *info_linear;
7897 struct bpf_prog_info *info;
7898 struct btf *btf = NULL;
7901 info_linear = bpf_program__get_prog_info_linear(attach_prog_fd, 0);
7902 if (IS_ERR_OR_NULL(info_linear)) {
7903 pr_warn("failed get_prog_info_linear for FD %d\n",
7907 info = &info_linear->info;
7908 if (!info->btf_id) {
7909 pr_warn("The target program doesn't have BTF\n");
7912 if (btf__get_from_id(info->btf_id, &btf)) {
7913 pr_warn("Failed to get BTF of the program\n");
7916 err = btf__find_by_name_kind(btf, name, BTF_KIND_FUNC);
7919 pr_warn("%s is not found in prog's BTF\n", name);
7927 static int libbpf_find_attach_btf_id(struct bpf_program *prog)
7929 enum bpf_attach_type attach_type = prog->expected_attach_type;
7930 __u32 attach_prog_fd = prog->attach_prog_fd;
7931 const char *name = prog->section_name;
7937 for (i = 0; i < ARRAY_SIZE(section_defs); i++) {
7938 if (!section_defs[i].is_attach_btf)
7940 if (strncmp(name, section_defs[i].sec, section_defs[i].len))
7943 err = libbpf_find_prog_btf_id(name + section_defs[i].len,
7946 err = __find_vmlinux_btf_id(prog->obj->btf_vmlinux,
7947 name + section_defs[i].len,
7951 pr_warn("failed to identify btf_id based on ELF section name '%s'\n", name);
7955 int libbpf_attach_type_by_name(const char *name,
7956 enum bpf_attach_type *attach_type)
7964 for (i = 0; i < ARRAY_SIZE(section_defs); i++) {
7965 if (strncmp(name, section_defs[i].sec, section_defs[i].len))
7967 if (!section_defs[i].is_attachable)
7969 *attach_type = section_defs[i].expected_attach_type;
7972 pr_debug("failed to guess attach type based on ELF section name '%s'\n", name);
7973 type_names = libbpf_get_type_names(true);
7974 if (type_names != NULL) {
7975 pr_debug("attachable section(type) names are:%s\n", type_names);
7982 int bpf_map__fd(const struct bpf_map *map)
7984 return map ? map->fd : -EINVAL;
7987 const struct bpf_map_def *bpf_map__def(const struct bpf_map *map)
7989 return map ? &map->def : ERR_PTR(-EINVAL);
7992 const char *bpf_map__name(const struct bpf_map *map)
7994 return map ? map->name : NULL;
7997 enum bpf_map_type bpf_map__type(const struct bpf_map *map)
7999 return map->def.type;
8002 int bpf_map__set_type(struct bpf_map *map, enum bpf_map_type type)
8006 map->def.type = type;
8010 __u32 bpf_map__map_flags(const struct bpf_map *map)
8012 return map->def.map_flags;
8015 int bpf_map__set_map_flags(struct bpf_map *map, __u32 flags)
8019 map->def.map_flags = flags;
8023 __u32 bpf_map__numa_node(const struct bpf_map *map)
8025 return map->numa_node;
8028 int bpf_map__set_numa_node(struct bpf_map *map, __u32 numa_node)
8032 map->numa_node = numa_node;
8036 __u32 bpf_map__key_size(const struct bpf_map *map)
8038 return map->def.key_size;
8041 int bpf_map__set_key_size(struct bpf_map *map, __u32 size)
8045 map->def.key_size = size;
8049 __u32 bpf_map__value_size(const struct bpf_map *map)
8051 return map->def.value_size;
8054 int bpf_map__set_value_size(struct bpf_map *map, __u32 size)
8058 map->def.value_size = size;
8062 __u32 bpf_map__btf_key_type_id(const struct bpf_map *map)
8064 return map ? map->btf_key_type_id : 0;
8067 __u32 bpf_map__btf_value_type_id(const struct bpf_map *map)
8069 return map ? map->btf_value_type_id : 0;
8072 int bpf_map__set_priv(struct bpf_map *map, void *priv,
8073 bpf_map_clear_priv_t clear_priv)
8079 if (map->clear_priv)
8080 map->clear_priv(map, map->priv);
8084 map->clear_priv = clear_priv;
8088 void *bpf_map__priv(const struct bpf_map *map)
8090 return map ? map->priv : ERR_PTR(-EINVAL);
8093 int bpf_map__set_initial_value(struct bpf_map *map,
8094 const void *data, size_t size)
8096 if (!map->mmaped || map->libbpf_type == LIBBPF_MAP_KCONFIG ||
8097 size != map->def.value_size || map->fd >= 0)
8100 memcpy(map->mmaped, data, size);
8104 bool bpf_map__is_offload_neutral(const struct bpf_map *map)
8106 return map->def.type == BPF_MAP_TYPE_PERF_EVENT_ARRAY;
8109 bool bpf_map__is_internal(const struct bpf_map *map)
8111 return map->libbpf_type != LIBBPF_MAP_UNSPEC;
8114 __u32 bpf_map__ifindex(const struct bpf_map *map)
8116 return map->map_ifindex;
8119 int bpf_map__set_ifindex(struct bpf_map *map, __u32 ifindex)
8123 map->map_ifindex = ifindex;
8127 int bpf_map__set_inner_map_fd(struct bpf_map *map, int fd)
8129 if (!bpf_map_type__is_map_in_map(map->def.type)) {
8130 pr_warn("error: unsupported map type\n");
8133 if (map->inner_map_fd != -1) {
8134 pr_warn("error: inner_map_fd already specified\n");
8137 map->inner_map_fd = fd;
8141 static struct bpf_map *
8142 __bpf_map__iter(const struct bpf_map *m, const struct bpf_object *obj, int i)
8145 struct bpf_map *s, *e;
8147 if (!obj || !obj->maps)
8151 e = obj->maps + obj->nr_maps;
8153 if ((m < s) || (m >= e)) {
8154 pr_warn("error in %s: map handler doesn't belong to object\n",
8159 idx = (m - obj->maps) + i;
8160 if (idx >= obj->nr_maps || idx < 0)
8162 return &obj->maps[idx];
8166 bpf_map__next(const struct bpf_map *prev, const struct bpf_object *obj)
8171 return __bpf_map__iter(prev, obj, 1);
8175 bpf_map__prev(const struct bpf_map *next, const struct bpf_object *obj)
8180 return obj->maps + obj->nr_maps - 1;
8183 return __bpf_map__iter(next, obj, -1);
8187 bpf_object__find_map_by_name(const struct bpf_object *obj, const char *name)
8189 struct bpf_map *pos;
8191 bpf_object__for_each_map(pos, obj) {
8192 if (pos->name && !strcmp(pos->name, name))
8199 bpf_object__find_map_fd_by_name(const struct bpf_object *obj, const char *name)
8201 return bpf_map__fd(bpf_object__find_map_by_name(obj, name));
8205 bpf_object__find_map_by_offset(struct bpf_object *obj, size_t offset)
8207 return ERR_PTR(-ENOTSUP);
8210 long libbpf_get_error(const void *ptr)
8212 return PTR_ERR_OR_ZERO(ptr);
8215 int bpf_prog_load(const char *file, enum bpf_prog_type type,
8216 struct bpf_object **pobj, int *prog_fd)
8218 struct bpf_prog_load_attr attr;
8220 memset(&attr, 0, sizeof(struct bpf_prog_load_attr));
8222 attr.prog_type = type;
8223 attr.expected_attach_type = 0;
8225 return bpf_prog_load_xattr(&attr, pobj, prog_fd);
8228 int bpf_prog_load_xattr(const struct bpf_prog_load_attr *attr,
8229 struct bpf_object **pobj, int *prog_fd)
8231 struct bpf_object_open_attr open_attr = {};
8232 struct bpf_program *prog, *first_prog = NULL;
8233 struct bpf_object *obj;
8234 struct bpf_map *map;
8242 open_attr.file = attr->file;
8243 open_attr.prog_type = attr->prog_type;
8245 obj = bpf_object__open_xattr(&open_attr);
8246 if (IS_ERR_OR_NULL(obj))
8249 bpf_object__for_each_program(prog, obj) {
8250 enum bpf_attach_type attach_type = attr->expected_attach_type;
8252 * to preserve backwards compatibility, bpf_prog_load treats
8253 * attr->prog_type, if specified, as an override to whatever
8254 * bpf_object__open guessed
8256 if (attr->prog_type != BPF_PROG_TYPE_UNSPEC) {
8257 bpf_program__set_type(prog, attr->prog_type);
8258 bpf_program__set_expected_attach_type(prog,
8261 if (bpf_program__get_type(prog) == BPF_PROG_TYPE_UNSPEC) {
8263 * we haven't guessed from section name and user
8264 * didn't provide a fallback type, too bad...
8266 bpf_object__close(obj);
8270 prog->prog_ifindex = attr->ifindex;
8271 prog->log_level = attr->log_level;
8272 prog->prog_flags = attr->prog_flags;
8277 bpf_object__for_each_map(map, obj) {
8278 if (!bpf_map__is_offload_neutral(map))
8279 map->map_ifindex = attr->ifindex;
8283 pr_warn("object file doesn't contain bpf program\n");
8284 bpf_object__close(obj);
8288 err = bpf_object__load(obj);
8290 bpf_object__close(obj);
8295 *prog_fd = bpf_program__fd(first_prog);
8300 int (*detach)(struct bpf_link *link);
8301 int (*destroy)(struct bpf_link *link);
8302 char *pin_path; /* NULL, if not pinned */
8303 int fd; /* hook FD, -1 if not applicable */
8307 /* Replace link's underlying BPF program with the new one */
8308 int bpf_link__update_program(struct bpf_link *link, struct bpf_program *prog)
8310 return bpf_link_update(bpf_link__fd(link), bpf_program__fd(prog), NULL);
8313 /* Release "ownership" of underlying BPF resource (typically, BPF program
8314 * attached to some BPF hook, e.g., tracepoint, kprobe, etc). Disconnected
8315 * link, when destructed through bpf_link__destroy() call won't attempt to
8316 * detach/unregisted that BPF resource. This is useful in situations where,
8317 * say, attached BPF program has to outlive userspace program that attached it
8318 * in the system. Depending on type of BPF program, though, there might be
8319 * additional steps (like pinning BPF program in BPF FS) necessary to ensure
8320 * exit of userspace program doesn't trigger automatic detachment and clean up
8321 * inside the kernel.
8323 void bpf_link__disconnect(struct bpf_link *link)
8325 link->disconnected = true;
8328 int bpf_link__destroy(struct bpf_link *link)
8332 if (IS_ERR_OR_NULL(link))
8335 if (!link->disconnected && link->detach)
8336 err = link->detach(link);
8338 link->destroy(link);
8340 free(link->pin_path);
8346 int bpf_link__fd(const struct bpf_link *link)
8351 const char *bpf_link__pin_path(const struct bpf_link *link)
8353 return link->pin_path;
8356 static int bpf_link__detach_fd(struct bpf_link *link)
8358 return close(link->fd);
8361 struct bpf_link *bpf_link__open(const char *path)
8363 struct bpf_link *link;
8366 fd = bpf_obj_get(path);
8369 pr_warn("failed to open link at %s: %d\n", path, fd);
8373 link = calloc(1, sizeof(*link));
8376 return ERR_PTR(-ENOMEM);
8378 link->detach = &bpf_link__detach_fd;
8381 link->pin_path = strdup(path);
8382 if (!link->pin_path) {
8383 bpf_link__destroy(link);
8384 return ERR_PTR(-ENOMEM);
8390 int bpf_link__detach(struct bpf_link *link)
8392 return bpf_link_detach(link->fd) ? -errno : 0;
8395 int bpf_link__pin(struct bpf_link *link, const char *path)
8401 err = make_parent_dir(path);
8404 err = check_path(path);
8408 link->pin_path = strdup(path);
8409 if (!link->pin_path)
8412 if (bpf_obj_pin(link->fd, link->pin_path)) {
8414 zfree(&link->pin_path);
8418 pr_debug("link fd=%d: pinned at %s\n", link->fd, link->pin_path);
8422 int bpf_link__unpin(struct bpf_link *link)
8426 if (!link->pin_path)
8429 err = unlink(link->pin_path);
8433 pr_debug("link fd=%d: unpinned from %s\n", link->fd, link->pin_path);
8434 zfree(&link->pin_path);
8438 static int bpf_link__detach_perf_event(struct bpf_link *link)
8442 err = ioctl(link->fd, PERF_EVENT_IOC_DISABLE, 0);
8450 struct bpf_link *bpf_program__attach_perf_event(struct bpf_program *prog,
8453 char errmsg[STRERR_BUFSIZE];
8454 struct bpf_link *link;
8458 pr_warn("program '%s': invalid perf event FD %d\n",
8459 bpf_program__title(prog, false), pfd);
8460 return ERR_PTR(-EINVAL);
8462 prog_fd = bpf_program__fd(prog);
8464 pr_warn("program '%s': can't attach BPF program w/o FD (did you load it?)\n",
8465 bpf_program__title(prog, false));
8466 return ERR_PTR(-EINVAL);
8469 link = calloc(1, sizeof(*link));
8471 return ERR_PTR(-ENOMEM);
8472 link->detach = &bpf_link__detach_perf_event;
8475 if (ioctl(pfd, PERF_EVENT_IOC_SET_BPF, prog_fd) < 0) {
8478 pr_warn("program '%s': failed to attach to pfd %d: %s\n",
8479 bpf_program__title(prog, false), pfd,
8480 libbpf_strerror_r(err, errmsg, sizeof(errmsg)));
8482 pr_warn("program '%s': try add PERF_SAMPLE_CALLCHAIN to or remove exclude_callchain_[kernel|user] from pfd %d\n",
8483 bpf_program__title(prog, false), pfd);
8484 return ERR_PTR(err);
8486 if (ioctl(pfd, PERF_EVENT_IOC_ENABLE, 0) < 0) {
8489 pr_warn("program '%s': failed to enable pfd %d: %s\n",
8490 bpf_program__title(prog, false), pfd,
8491 libbpf_strerror_r(err, errmsg, sizeof(errmsg)));
8492 return ERR_PTR(err);
8498 * this function is expected to parse integer in the range of [0, 2^31-1] from
8499 * given file using scanf format string fmt. If actual parsed value is
8500 * negative, the result might be indistinguishable from error
8502 static int parse_uint_from_file(const char *file, const char *fmt)
8504 char buf[STRERR_BUFSIZE];
8508 f = fopen(file, "r");
8511 pr_debug("failed to open '%s': %s\n", file,
8512 libbpf_strerror_r(err, buf, sizeof(buf)));
8515 err = fscanf(f, fmt, &ret);
8517 err = err == EOF ? -EIO : -errno;
8518 pr_debug("failed to parse '%s': %s\n", file,
8519 libbpf_strerror_r(err, buf, sizeof(buf)));
8527 static int determine_kprobe_perf_type(void)
8529 const char *file = "/sys/bus/event_source/devices/kprobe/type";
8531 return parse_uint_from_file(file, "%d\n");
8534 static int determine_uprobe_perf_type(void)
8536 const char *file = "/sys/bus/event_source/devices/uprobe/type";
8538 return parse_uint_from_file(file, "%d\n");
8541 static int determine_kprobe_retprobe_bit(void)
8543 const char *file = "/sys/bus/event_source/devices/kprobe/format/retprobe";
8545 return parse_uint_from_file(file, "config:%d\n");
8548 static int determine_uprobe_retprobe_bit(void)
8550 const char *file = "/sys/bus/event_source/devices/uprobe/format/retprobe";
8552 return parse_uint_from_file(file, "config:%d\n");
8555 static int perf_event_open_probe(bool uprobe, bool retprobe, const char *name,
8556 uint64_t offset, int pid)
8558 struct perf_event_attr attr = {};
8559 char errmsg[STRERR_BUFSIZE];
8562 type = uprobe ? determine_uprobe_perf_type()
8563 : determine_kprobe_perf_type();
8565 pr_warn("failed to determine %s perf type: %s\n",
8566 uprobe ? "uprobe" : "kprobe",
8567 libbpf_strerror_r(type, errmsg, sizeof(errmsg)));
8571 int bit = uprobe ? determine_uprobe_retprobe_bit()
8572 : determine_kprobe_retprobe_bit();
8575 pr_warn("failed to determine %s retprobe bit: %s\n",
8576 uprobe ? "uprobe" : "kprobe",
8577 libbpf_strerror_r(bit, errmsg, sizeof(errmsg)));
8580 attr.config |= 1 << bit;
8582 attr.size = sizeof(attr);
8584 attr.config1 = ptr_to_u64(name); /* kprobe_func or uprobe_path */
8585 attr.config2 = offset; /* kprobe_addr or probe_offset */
8587 /* pid filter is meaningful only for uprobes */
8588 pfd = syscall(__NR_perf_event_open, &attr,
8589 pid < 0 ? -1 : pid /* pid */,
8590 pid == -1 ? 0 : -1 /* cpu */,
8591 -1 /* group_fd */, PERF_FLAG_FD_CLOEXEC);
8594 pr_warn("%s perf_event_open() failed: %s\n",
8595 uprobe ? "uprobe" : "kprobe",
8596 libbpf_strerror_r(err, errmsg, sizeof(errmsg)));
8602 struct bpf_link *bpf_program__attach_kprobe(struct bpf_program *prog,
8604 const char *func_name)
8606 char errmsg[STRERR_BUFSIZE];
8607 struct bpf_link *link;
8610 pfd = perf_event_open_probe(false /* uprobe */, retprobe, func_name,
8611 0 /* offset */, -1 /* pid */);
8613 pr_warn("program '%s': failed to create %s '%s' perf event: %s\n",
8614 bpf_program__title(prog, false),
8615 retprobe ? "kretprobe" : "kprobe", func_name,
8616 libbpf_strerror_r(pfd, errmsg, sizeof(errmsg)));
8617 return ERR_PTR(pfd);
8619 link = bpf_program__attach_perf_event(prog, pfd);
8622 err = PTR_ERR(link);
8623 pr_warn("program '%s': failed to attach to %s '%s': %s\n",
8624 bpf_program__title(prog, false),
8625 retprobe ? "kretprobe" : "kprobe", func_name,
8626 libbpf_strerror_r(err, errmsg, sizeof(errmsg)));
8632 static struct bpf_link *attach_kprobe(const struct bpf_sec_def *sec,
8633 struct bpf_program *prog)
8635 const char *func_name;
8638 func_name = bpf_program__title(prog, false) + sec->len;
8639 retprobe = strcmp(sec->sec, "kretprobe/") == 0;
8641 return bpf_program__attach_kprobe(prog, retprobe, func_name);
8644 struct bpf_link *bpf_program__attach_uprobe(struct bpf_program *prog,
8645 bool retprobe, pid_t pid,
8646 const char *binary_path,
8649 char errmsg[STRERR_BUFSIZE];
8650 struct bpf_link *link;
8653 pfd = perf_event_open_probe(true /* uprobe */, retprobe,
8654 binary_path, func_offset, pid);
8656 pr_warn("program '%s': failed to create %s '%s:0x%zx' perf event: %s\n",
8657 bpf_program__title(prog, false),
8658 retprobe ? "uretprobe" : "uprobe",
8659 binary_path, func_offset,
8660 libbpf_strerror_r(pfd, errmsg, sizeof(errmsg)));
8661 return ERR_PTR(pfd);
8663 link = bpf_program__attach_perf_event(prog, pfd);
8666 err = PTR_ERR(link);
8667 pr_warn("program '%s': failed to attach to %s '%s:0x%zx': %s\n",
8668 bpf_program__title(prog, false),
8669 retprobe ? "uretprobe" : "uprobe",
8670 binary_path, func_offset,
8671 libbpf_strerror_r(err, errmsg, sizeof(errmsg)));
8677 static int determine_tracepoint_id(const char *tp_category,
8678 const char *tp_name)
8680 char file[PATH_MAX];
8683 ret = snprintf(file, sizeof(file),
8684 "/sys/kernel/debug/tracing/events/%s/%s/id",
8685 tp_category, tp_name);
8688 if (ret >= sizeof(file)) {
8689 pr_debug("tracepoint %s/%s path is too long\n",
8690 tp_category, tp_name);
8693 return parse_uint_from_file(file, "%d\n");
8696 static int perf_event_open_tracepoint(const char *tp_category,
8697 const char *tp_name)
8699 struct perf_event_attr attr = {};
8700 char errmsg[STRERR_BUFSIZE];
8701 int tp_id, pfd, err;
8703 tp_id = determine_tracepoint_id(tp_category, tp_name);
8705 pr_warn("failed to determine tracepoint '%s/%s' perf event ID: %s\n",
8706 tp_category, tp_name,
8707 libbpf_strerror_r(tp_id, errmsg, sizeof(errmsg)));
8711 attr.type = PERF_TYPE_TRACEPOINT;
8712 attr.size = sizeof(attr);
8713 attr.config = tp_id;
8715 pfd = syscall(__NR_perf_event_open, &attr, -1 /* pid */, 0 /* cpu */,
8716 -1 /* group_fd */, PERF_FLAG_FD_CLOEXEC);
8719 pr_warn("tracepoint '%s/%s' perf_event_open() failed: %s\n",
8720 tp_category, tp_name,
8721 libbpf_strerror_r(err, errmsg, sizeof(errmsg)));
8727 struct bpf_link *bpf_program__attach_tracepoint(struct bpf_program *prog,
8728 const char *tp_category,
8729 const char *tp_name)
8731 char errmsg[STRERR_BUFSIZE];
8732 struct bpf_link *link;
8735 pfd = perf_event_open_tracepoint(tp_category, tp_name);
8737 pr_warn("program '%s': failed to create tracepoint '%s/%s' perf event: %s\n",
8738 bpf_program__title(prog, false),
8739 tp_category, tp_name,
8740 libbpf_strerror_r(pfd, errmsg, sizeof(errmsg)));
8741 return ERR_PTR(pfd);
8743 link = bpf_program__attach_perf_event(prog, pfd);
8746 err = PTR_ERR(link);
8747 pr_warn("program '%s': failed to attach to tracepoint '%s/%s': %s\n",
8748 bpf_program__title(prog, false),
8749 tp_category, tp_name,
8750 libbpf_strerror_r(err, errmsg, sizeof(errmsg)));
8756 static struct bpf_link *attach_tp(const struct bpf_sec_def *sec,
8757 struct bpf_program *prog)
8759 char *sec_name, *tp_cat, *tp_name;
8760 struct bpf_link *link;
8762 sec_name = strdup(bpf_program__title(prog, false));
8764 return ERR_PTR(-ENOMEM);
8766 /* extract "tp/<category>/<name>" */
8767 tp_cat = sec_name + sec->len;
8768 tp_name = strchr(tp_cat, '/');
8770 link = ERR_PTR(-EINVAL);
8776 link = bpf_program__attach_tracepoint(prog, tp_cat, tp_name);
8782 struct bpf_link *bpf_program__attach_raw_tracepoint(struct bpf_program *prog,
8783 const char *tp_name)
8785 char errmsg[STRERR_BUFSIZE];
8786 struct bpf_link *link;
8789 prog_fd = bpf_program__fd(prog);
8791 pr_warn("program '%s': can't attach before loaded\n",
8792 bpf_program__title(prog, false));
8793 return ERR_PTR(-EINVAL);
8796 link = calloc(1, sizeof(*link));
8798 return ERR_PTR(-ENOMEM);
8799 link->detach = &bpf_link__detach_fd;
8801 pfd = bpf_raw_tracepoint_open(tp_name, prog_fd);
8805 pr_warn("program '%s': failed to attach to raw tracepoint '%s': %s\n",
8806 bpf_program__title(prog, false), tp_name,
8807 libbpf_strerror_r(pfd, errmsg, sizeof(errmsg)));
8808 return ERR_PTR(pfd);
8814 static struct bpf_link *attach_raw_tp(const struct bpf_sec_def *sec,
8815 struct bpf_program *prog)
8817 const char *tp_name = bpf_program__title(prog, false) + sec->len;
8819 return bpf_program__attach_raw_tracepoint(prog, tp_name);
8822 /* Common logic for all BPF program types that attach to a btf_id */
8823 static struct bpf_link *bpf_program__attach_btf_id(struct bpf_program *prog)
8825 char errmsg[STRERR_BUFSIZE];
8826 struct bpf_link *link;
8829 prog_fd = bpf_program__fd(prog);
8831 pr_warn("program '%s': can't attach before loaded\n",
8832 bpf_program__title(prog, false));
8833 return ERR_PTR(-EINVAL);
8836 link = calloc(1, sizeof(*link));
8838 return ERR_PTR(-ENOMEM);
8839 link->detach = &bpf_link__detach_fd;
8841 pfd = bpf_raw_tracepoint_open(NULL, prog_fd);
8845 pr_warn("program '%s': failed to attach: %s\n",
8846 bpf_program__title(prog, false),
8847 libbpf_strerror_r(pfd, errmsg, sizeof(errmsg)));
8848 return ERR_PTR(pfd);
8851 return (struct bpf_link *)link;
8854 struct bpf_link *bpf_program__attach_trace(struct bpf_program *prog)
8856 return bpf_program__attach_btf_id(prog);
8859 struct bpf_link *bpf_program__attach_lsm(struct bpf_program *prog)
8861 return bpf_program__attach_btf_id(prog);
8864 static struct bpf_link *attach_trace(const struct bpf_sec_def *sec,
8865 struct bpf_program *prog)
8867 return bpf_program__attach_trace(prog);
8870 static struct bpf_link *attach_lsm(const struct bpf_sec_def *sec,
8871 struct bpf_program *prog)
8873 return bpf_program__attach_lsm(prog);
8876 static struct bpf_link *attach_iter(const struct bpf_sec_def *sec,
8877 struct bpf_program *prog)
8879 return bpf_program__attach_iter(prog, NULL);
8882 static struct bpf_link *
8883 bpf_program__attach_fd(struct bpf_program *prog, int target_fd,
8884 const char *target_name)
8886 enum bpf_attach_type attach_type;
8887 char errmsg[STRERR_BUFSIZE];
8888 struct bpf_link *link;
8889 int prog_fd, link_fd;
8891 prog_fd = bpf_program__fd(prog);
8893 pr_warn("program '%s': can't attach before loaded\n",
8894 bpf_program__title(prog, false));
8895 return ERR_PTR(-EINVAL);
8898 link = calloc(1, sizeof(*link));
8900 return ERR_PTR(-ENOMEM);
8901 link->detach = &bpf_link__detach_fd;
8903 attach_type = bpf_program__get_expected_attach_type(prog);
8904 link_fd = bpf_link_create(prog_fd, target_fd, attach_type, NULL);
8908 pr_warn("program '%s': failed to attach to %s: %s\n",
8909 bpf_program__title(prog, false), target_name,
8910 libbpf_strerror_r(link_fd, errmsg, sizeof(errmsg)));
8911 return ERR_PTR(link_fd);
8918 bpf_program__attach_cgroup(struct bpf_program *prog, int cgroup_fd)
8920 return bpf_program__attach_fd(prog, cgroup_fd, "cgroup");
8924 bpf_program__attach_netns(struct bpf_program *prog, int netns_fd)
8926 return bpf_program__attach_fd(prog, netns_fd, "netns");
8929 struct bpf_link *bpf_program__attach_xdp(struct bpf_program *prog, int ifindex)
8931 /* target_fd/target_ifindex use the same field in LINK_CREATE */
8932 return bpf_program__attach_fd(prog, ifindex, "xdp");
8936 bpf_program__attach_iter(struct bpf_program *prog,
8937 const struct bpf_iter_attach_opts *opts)
8939 DECLARE_LIBBPF_OPTS(bpf_link_create_opts, link_create_opts);
8940 char errmsg[STRERR_BUFSIZE];
8941 struct bpf_link *link;
8942 int prog_fd, link_fd;
8943 __u32 target_fd = 0;
8945 if (!OPTS_VALID(opts, bpf_iter_attach_opts))
8946 return ERR_PTR(-EINVAL);
8948 link_create_opts.iter_info = OPTS_GET(opts, link_info, (void *)0);
8949 link_create_opts.iter_info_len = OPTS_GET(opts, link_info_len, 0);
8951 prog_fd = bpf_program__fd(prog);
8953 pr_warn("program '%s': can't attach before loaded\n",
8954 bpf_program__title(prog, false));
8955 return ERR_PTR(-EINVAL);
8958 link = calloc(1, sizeof(*link));
8960 return ERR_PTR(-ENOMEM);
8961 link->detach = &bpf_link__detach_fd;
8963 link_fd = bpf_link_create(prog_fd, target_fd, BPF_TRACE_ITER,
8968 pr_warn("program '%s': failed to attach to iterator: %s\n",
8969 bpf_program__title(prog, false),
8970 libbpf_strerror_r(link_fd, errmsg, sizeof(errmsg)));
8971 return ERR_PTR(link_fd);
8977 struct bpf_link *bpf_program__attach(struct bpf_program *prog)
8979 const struct bpf_sec_def *sec_def;
8981 sec_def = find_sec_def(bpf_program__title(prog, false));
8982 if (!sec_def || !sec_def->attach_fn)
8983 return ERR_PTR(-ESRCH);
8985 return sec_def->attach_fn(sec_def, prog);
8988 static int bpf_link__detach_struct_ops(struct bpf_link *link)
8992 if (bpf_map_delete_elem(link->fd, &zero))
8998 struct bpf_link *bpf_map__attach_struct_ops(struct bpf_map *map)
9000 struct bpf_struct_ops *st_ops;
9001 struct bpf_link *link;
9005 if (!bpf_map__is_struct_ops(map) || map->fd == -1)
9006 return ERR_PTR(-EINVAL);
9008 link = calloc(1, sizeof(*link));
9010 return ERR_PTR(-EINVAL);
9012 st_ops = map->st_ops;
9013 for (i = 0; i < btf_vlen(st_ops->type); i++) {
9014 struct bpf_program *prog = st_ops->progs[i];
9021 prog_fd = bpf_program__fd(prog);
9022 kern_data = st_ops->kern_vdata + st_ops->kern_func_off[i];
9023 *(unsigned long *)kern_data = prog_fd;
9026 err = bpf_map_update_elem(map->fd, &zero, st_ops->kern_vdata, 0);
9030 return ERR_PTR(err);
9033 link->detach = bpf_link__detach_struct_ops;
9039 enum bpf_perf_event_ret
9040 bpf_perf_event_read_simple(void *mmap_mem, size_t mmap_size, size_t page_size,
9041 void **copy_mem, size_t *copy_size,
9042 bpf_perf_event_print_t fn, void *private_data)
9044 struct perf_event_mmap_page *header = mmap_mem;
9045 __u64 data_head = ring_buffer_read_head(header);
9046 __u64 data_tail = header->data_tail;
9047 void *base = ((__u8 *)header) + page_size;
9048 int ret = LIBBPF_PERF_EVENT_CONT;
9049 struct perf_event_header *ehdr;
9052 while (data_head != data_tail) {
9053 ehdr = base + (data_tail & (mmap_size - 1));
9054 ehdr_size = ehdr->size;
9056 if (((void *)ehdr) + ehdr_size > base + mmap_size) {
9057 void *copy_start = ehdr;
9058 size_t len_first = base + mmap_size - copy_start;
9059 size_t len_secnd = ehdr_size - len_first;
9061 if (*copy_size < ehdr_size) {
9063 *copy_mem = malloc(ehdr_size);
9066 ret = LIBBPF_PERF_EVENT_ERROR;
9069 *copy_size = ehdr_size;
9072 memcpy(*copy_mem, copy_start, len_first);
9073 memcpy(*copy_mem + len_first, base, len_secnd);
9077 ret = fn(ehdr, private_data);
9078 data_tail += ehdr_size;
9079 if (ret != LIBBPF_PERF_EVENT_CONT)
9083 ring_buffer_write_tail(header, data_tail);
9089 struct perf_buffer_params {
9090 struct perf_event_attr *attr;
9091 /* if event_cb is specified, it takes precendence */
9092 perf_buffer_event_fn event_cb;
9093 /* sample_cb and lost_cb are higher-level common-case callbacks */
9094 perf_buffer_sample_fn sample_cb;
9095 perf_buffer_lost_fn lost_cb;
9102 struct perf_cpu_buf {
9103 struct perf_buffer *pb;
9104 void *base; /* mmap()'ed memory */
9105 void *buf; /* for reconstructing segmented data */
9112 struct perf_buffer {
9113 perf_buffer_event_fn event_cb;
9114 perf_buffer_sample_fn sample_cb;
9115 perf_buffer_lost_fn lost_cb;
9116 void *ctx; /* passed into callbacks */
9120 struct perf_cpu_buf **cpu_bufs;
9121 struct epoll_event *events;
9122 int cpu_cnt; /* number of allocated CPU buffers */
9123 int epoll_fd; /* perf event FD */
9124 int map_fd; /* BPF_MAP_TYPE_PERF_EVENT_ARRAY BPF map FD */
9127 static void perf_buffer__free_cpu_buf(struct perf_buffer *pb,
9128 struct perf_cpu_buf *cpu_buf)
9132 if (cpu_buf->base &&
9133 munmap(cpu_buf->base, pb->mmap_size + pb->page_size))
9134 pr_warn("failed to munmap cpu_buf #%d\n", cpu_buf->cpu);
9135 if (cpu_buf->fd >= 0) {
9136 ioctl(cpu_buf->fd, PERF_EVENT_IOC_DISABLE, 0);
9143 void perf_buffer__free(struct perf_buffer *pb)
9147 if (IS_ERR_OR_NULL(pb))
9150 for (i = 0; i < pb->cpu_cnt; i++) {
9151 struct perf_cpu_buf *cpu_buf = pb->cpu_bufs[i];
9156 bpf_map_delete_elem(pb->map_fd, &cpu_buf->map_key);
9157 perf_buffer__free_cpu_buf(pb, cpu_buf);
9161 if (pb->epoll_fd >= 0)
9162 close(pb->epoll_fd);
9167 static struct perf_cpu_buf *
9168 perf_buffer__open_cpu_buf(struct perf_buffer *pb, struct perf_event_attr *attr,
9169 int cpu, int map_key)
9171 struct perf_cpu_buf *cpu_buf;
9172 char msg[STRERR_BUFSIZE];
9175 cpu_buf = calloc(1, sizeof(*cpu_buf));
9177 return ERR_PTR(-ENOMEM);
9181 cpu_buf->map_key = map_key;
9183 cpu_buf->fd = syscall(__NR_perf_event_open, attr, -1 /* pid */, cpu,
9184 -1, PERF_FLAG_FD_CLOEXEC);
9185 if (cpu_buf->fd < 0) {
9187 pr_warn("failed to open perf buffer event on cpu #%d: %s\n",
9188 cpu, libbpf_strerror_r(err, msg, sizeof(msg)));
9192 cpu_buf->base = mmap(NULL, pb->mmap_size + pb->page_size,
9193 PROT_READ | PROT_WRITE, MAP_SHARED,
9195 if (cpu_buf->base == MAP_FAILED) {
9196 cpu_buf->base = NULL;
9198 pr_warn("failed to mmap perf buffer on cpu #%d: %s\n",
9199 cpu, libbpf_strerror_r(err, msg, sizeof(msg)));
9203 if (ioctl(cpu_buf->fd, PERF_EVENT_IOC_ENABLE, 0) < 0) {
9205 pr_warn("failed to enable perf buffer event on cpu #%d: %s\n",
9206 cpu, libbpf_strerror_r(err, msg, sizeof(msg)));
9213 perf_buffer__free_cpu_buf(pb, cpu_buf);
9214 return (struct perf_cpu_buf *)ERR_PTR(err);
9217 static struct perf_buffer *__perf_buffer__new(int map_fd, size_t page_cnt,
9218 struct perf_buffer_params *p);
9220 struct perf_buffer *perf_buffer__new(int map_fd, size_t page_cnt,
9221 const struct perf_buffer_opts *opts)
9223 struct perf_buffer_params p = {};
9224 struct perf_event_attr attr = { 0, };
9226 attr.config = PERF_COUNT_SW_BPF_OUTPUT;
9227 attr.type = PERF_TYPE_SOFTWARE;
9228 attr.sample_type = PERF_SAMPLE_RAW;
9229 attr.sample_period = 1;
9230 attr.wakeup_events = 1;
9233 p.sample_cb = opts ? opts->sample_cb : NULL;
9234 p.lost_cb = opts ? opts->lost_cb : NULL;
9235 p.ctx = opts ? opts->ctx : NULL;
9237 return __perf_buffer__new(map_fd, page_cnt, &p);
9240 struct perf_buffer *
9241 perf_buffer__new_raw(int map_fd, size_t page_cnt,
9242 const struct perf_buffer_raw_opts *opts)
9244 struct perf_buffer_params p = {};
9246 p.attr = opts->attr;
9247 p.event_cb = opts->event_cb;
9249 p.cpu_cnt = opts->cpu_cnt;
9250 p.cpus = opts->cpus;
9251 p.map_keys = opts->map_keys;
9253 return __perf_buffer__new(map_fd, page_cnt, &p);
9256 static struct perf_buffer *__perf_buffer__new(int map_fd, size_t page_cnt,
9257 struct perf_buffer_params *p)
9259 const char *online_cpus_file = "/sys/devices/system/cpu/online";
9260 struct bpf_map_info map;
9261 char msg[STRERR_BUFSIZE];
9262 struct perf_buffer *pb;
9263 bool *online = NULL;
9267 if (page_cnt & (page_cnt - 1)) {
9268 pr_warn("page count should be power of two, but is %zu\n",
9270 return ERR_PTR(-EINVAL);
9273 /* best-effort sanity checks */
9274 memset(&map, 0, sizeof(map));
9275 map_info_len = sizeof(map);
9276 err = bpf_obj_get_info_by_fd(map_fd, &map, &map_info_len);
9279 /* if BPF_OBJ_GET_INFO_BY_FD is supported, will return
9280 * -EBADFD, -EFAULT, or -E2BIG on real error
9282 if (err != -EINVAL) {
9283 pr_warn("failed to get map info for map FD %d: %s\n",
9284 map_fd, libbpf_strerror_r(err, msg, sizeof(msg)));
9285 return ERR_PTR(err);
9287 pr_debug("failed to get map info for FD %d; API not supported? Ignoring...\n",
9290 if (map.type != BPF_MAP_TYPE_PERF_EVENT_ARRAY) {
9291 pr_warn("map '%s' should be BPF_MAP_TYPE_PERF_EVENT_ARRAY\n",
9293 return ERR_PTR(-EINVAL);
9297 pb = calloc(1, sizeof(*pb));
9299 return ERR_PTR(-ENOMEM);
9301 pb->event_cb = p->event_cb;
9302 pb->sample_cb = p->sample_cb;
9303 pb->lost_cb = p->lost_cb;
9306 pb->page_size = getpagesize();
9307 pb->mmap_size = pb->page_size * page_cnt;
9308 pb->map_fd = map_fd;
9310 pb->epoll_fd = epoll_create1(EPOLL_CLOEXEC);
9311 if (pb->epoll_fd < 0) {
9313 pr_warn("failed to create epoll instance: %s\n",
9314 libbpf_strerror_r(err, msg, sizeof(msg)));
9318 if (p->cpu_cnt > 0) {
9319 pb->cpu_cnt = p->cpu_cnt;
9321 pb->cpu_cnt = libbpf_num_possible_cpus();
9322 if (pb->cpu_cnt < 0) {
9326 if (map.max_entries && map.max_entries < pb->cpu_cnt)
9327 pb->cpu_cnt = map.max_entries;
9330 pb->events = calloc(pb->cpu_cnt, sizeof(*pb->events));
9333 pr_warn("failed to allocate events: out of memory\n");
9336 pb->cpu_bufs = calloc(pb->cpu_cnt, sizeof(*pb->cpu_bufs));
9337 if (!pb->cpu_bufs) {
9339 pr_warn("failed to allocate buffers: out of memory\n");
9343 err = parse_cpu_mask_file(online_cpus_file, &online, &n);
9345 pr_warn("failed to get online CPU mask: %d\n", err);
9349 for (i = 0, j = 0; i < pb->cpu_cnt; i++) {
9350 struct perf_cpu_buf *cpu_buf;
9353 cpu = p->cpu_cnt > 0 ? p->cpus[i] : i;
9354 map_key = p->cpu_cnt > 0 ? p->map_keys[i] : i;
9356 /* in case user didn't explicitly requested particular CPUs to
9357 * be attached to, skip offline/not present CPUs
9359 if (p->cpu_cnt <= 0 && (cpu >= n || !online[cpu]))
9362 cpu_buf = perf_buffer__open_cpu_buf(pb, p->attr, cpu, map_key);
9363 if (IS_ERR(cpu_buf)) {
9364 err = PTR_ERR(cpu_buf);
9368 pb->cpu_bufs[j] = cpu_buf;
9370 err = bpf_map_update_elem(pb->map_fd, &map_key,
9374 pr_warn("failed to set cpu #%d, key %d -> perf FD %d: %s\n",
9375 cpu, map_key, cpu_buf->fd,
9376 libbpf_strerror_r(err, msg, sizeof(msg)));
9380 pb->events[j].events = EPOLLIN;
9381 pb->events[j].data.ptr = cpu_buf;
9382 if (epoll_ctl(pb->epoll_fd, EPOLL_CTL_ADD, cpu_buf->fd,
9383 &pb->events[j]) < 0) {
9385 pr_warn("failed to epoll_ctl cpu #%d perf FD %d: %s\n",
9387 libbpf_strerror_r(err, msg, sizeof(msg)));
9400 perf_buffer__free(pb);
9401 return ERR_PTR(err);
9404 struct perf_sample_raw {
9405 struct perf_event_header header;
9410 struct perf_sample_lost {
9411 struct perf_event_header header;
9417 static enum bpf_perf_event_ret
9418 perf_buffer__process_record(struct perf_event_header *e, void *ctx)
9420 struct perf_cpu_buf *cpu_buf = ctx;
9421 struct perf_buffer *pb = cpu_buf->pb;
9424 /* user wants full control over parsing perf event */
9426 return pb->event_cb(pb->ctx, cpu_buf->cpu, e);
9429 case PERF_RECORD_SAMPLE: {
9430 struct perf_sample_raw *s = data;
9433 pb->sample_cb(pb->ctx, cpu_buf->cpu, s->data, s->size);
9436 case PERF_RECORD_LOST: {
9437 struct perf_sample_lost *s = data;
9440 pb->lost_cb(pb->ctx, cpu_buf->cpu, s->lost);
9444 pr_warn("unknown perf sample type %d\n", e->type);
9445 return LIBBPF_PERF_EVENT_ERROR;
9447 return LIBBPF_PERF_EVENT_CONT;
9450 static int perf_buffer__process_records(struct perf_buffer *pb,
9451 struct perf_cpu_buf *cpu_buf)
9453 enum bpf_perf_event_ret ret;
9455 ret = bpf_perf_event_read_simple(cpu_buf->base, pb->mmap_size,
9456 pb->page_size, &cpu_buf->buf,
9458 perf_buffer__process_record, cpu_buf);
9459 if (ret != LIBBPF_PERF_EVENT_CONT)
9464 int perf_buffer__epoll_fd(const struct perf_buffer *pb)
9466 return pb->epoll_fd;
9469 int perf_buffer__poll(struct perf_buffer *pb, int timeout_ms)
9473 cnt = epoll_wait(pb->epoll_fd, pb->events, pb->cpu_cnt, timeout_ms);
9474 for (i = 0; i < cnt; i++) {
9475 struct perf_cpu_buf *cpu_buf = pb->events[i].data.ptr;
9477 err = perf_buffer__process_records(pb, cpu_buf);
9479 pr_warn("error while processing records: %d\n", err);
9483 return cnt < 0 ? -errno : cnt;
9486 /* Return number of PERF_EVENT_ARRAY map slots set up by this perf_buffer
9489 size_t perf_buffer__buffer_cnt(const struct perf_buffer *pb)
9495 * Return perf_event FD of a ring buffer in *buf_idx* slot of
9496 * PERF_EVENT_ARRAY BPF map. This FD can be polled for new data using
9497 * select()/poll()/epoll() Linux syscalls.
9499 int perf_buffer__buffer_fd(const struct perf_buffer *pb, size_t buf_idx)
9501 struct perf_cpu_buf *cpu_buf;
9503 if (buf_idx >= pb->cpu_cnt)
9506 cpu_buf = pb->cpu_bufs[buf_idx];
9514 * Consume data from perf ring buffer corresponding to slot *buf_idx* in
9515 * PERF_EVENT_ARRAY BPF map without waiting/polling. If there is no data to
9516 * consume, do nothing and return success.
9521 int perf_buffer__consume_buffer(struct perf_buffer *pb, size_t buf_idx)
9523 struct perf_cpu_buf *cpu_buf;
9525 if (buf_idx >= pb->cpu_cnt)
9528 cpu_buf = pb->cpu_bufs[buf_idx];
9532 return perf_buffer__process_records(pb, cpu_buf);
9535 int perf_buffer__consume(struct perf_buffer *pb)
9539 for (i = 0; i < pb->cpu_cnt; i++) {
9540 struct perf_cpu_buf *cpu_buf = pb->cpu_bufs[i];
9545 err = perf_buffer__process_records(pb, cpu_buf);
9547 pr_warn("perf_buffer: failed to process records in buffer #%d: %d\n", i, err);
9554 struct bpf_prog_info_array_desc {
9555 int array_offset; /* e.g. offset of jited_prog_insns */
9556 int count_offset; /* e.g. offset of jited_prog_len */
9557 int size_offset; /* > 0: offset of rec size,
9558 * < 0: fix size of -size_offset
9562 static struct bpf_prog_info_array_desc bpf_prog_info_array_desc[] = {
9563 [BPF_PROG_INFO_JITED_INSNS] = {
9564 offsetof(struct bpf_prog_info, jited_prog_insns),
9565 offsetof(struct bpf_prog_info, jited_prog_len),
9568 [BPF_PROG_INFO_XLATED_INSNS] = {
9569 offsetof(struct bpf_prog_info, xlated_prog_insns),
9570 offsetof(struct bpf_prog_info, xlated_prog_len),
9573 [BPF_PROG_INFO_MAP_IDS] = {
9574 offsetof(struct bpf_prog_info, map_ids),
9575 offsetof(struct bpf_prog_info, nr_map_ids),
9576 -(int)sizeof(__u32),
9578 [BPF_PROG_INFO_JITED_KSYMS] = {
9579 offsetof(struct bpf_prog_info, jited_ksyms),
9580 offsetof(struct bpf_prog_info, nr_jited_ksyms),
9581 -(int)sizeof(__u64),
9583 [BPF_PROG_INFO_JITED_FUNC_LENS] = {
9584 offsetof(struct bpf_prog_info, jited_func_lens),
9585 offsetof(struct bpf_prog_info, nr_jited_func_lens),
9586 -(int)sizeof(__u32),
9588 [BPF_PROG_INFO_FUNC_INFO] = {
9589 offsetof(struct bpf_prog_info, func_info),
9590 offsetof(struct bpf_prog_info, nr_func_info),
9591 offsetof(struct bpf_prog_info, func_info_rec_size),
9593 [BPF_PROG_INFO_LINE_INFO] = {
9594 offsetof(struct bpf_prog_info, line_info),
9595 offsetof(struct bpf_prog_info, nr_line_info),
9596 offsetof(struct bpf_prog_info, line_info_rec_size),
9598 [BPF_PROG_INFO_JITED_LINE_INFO] = {
9599 offsetof(struct bpf_prog_info, jited_line_info),
9600 offsetof(struct bpf_prog_info, nr_jited_line_info),
9601 offsetof(struct bpf_prog_info, jited_line_info_rec_size),
9603 [BPF_PROG_INFO_PROG_TAGS] = {
9604 offsetof(struct bpf_prog_info, prog_tags),
9605 offsetof(struct bpf_prog_info, nr_prog_tags),
9606 -(int)sizeof(__u8) * BPF_TAG_SIZE,
9611 static __u32 bpf_prog_info_read_offset_u32(struct bpf_prog_info *info,
9614 __u32 *array = (__u32 *)info;
9617 return array[offset / sizeof(__u32)];
9618 return -(int)offset;
9621 static __u64 bpf_prog_info_read_offset_u64(struct bpf_prog_info *info,
9624 __u64 *array = (__u64 *)info;
9627 return array[offset / sizeof(__u64)];
9628 return -(int)offset;
9631 static void bpf_prog_info_set_offset_u32(struct bpf_prog_info *info, int offset,
9634 __u32 *array = (__u32 *)info;
9637 array[offset / sizeof(__u32)] = val;
9640 static void bpf_prog_info_set_offset_u64(struct bpf_prog_info *info, int offset,
9643 __u64 *array = (__u64 *)info;
9646 array[offset / sizeof(__u64)] = val;
9649 struct bpf_prog_info_linear *
9650 bpf_program__get_prog_info_linear(int fd, __u64 arrays)
9652 struct bpf_prog_info_linear *info_linear;
9653 struct bpf_prog_info info = {};
9654 __u32 info_len = sizeof(info);
9659 if (arrays >> BPF_PROG_INFO_LAST_ARRAY)
9660 return ERR_PTR(-EINVAL);
9662 /* step 1: get array dimensions */
9663 err = bpf_obj_get_info_by_fd(fd, &info, &info_len);
9665 pr_debug("can't get prog info: %s", strerror(errno));
9666 return ERR_PTR(-EFAULT);
9669 /* step 2: calculate total size of all arrays */
9670 for (i = BPF_PROG_INFO_FIRST_ARRAY; i < BPF_PROG_INFO_LAST_ARRAY; ++i) {
9671 bool include_array = (arrays & (1UL << i)) > 0;
9672 struct bpf_prog_info_array_desc *desc;
9675 desc = bpf_prog_info_array_desc + i;
9677 /* kernel is too old to support this field */
9678 if (info_len < desc->array_offset + sizeof(__u32) ||
9679 info_len < desc->count_offset + sizeof(__u32) ||
9680 (desc->size_offset > 0 && info_len < desc->size_offset))
9681 include_array = false;
9683 if (!include_array) {
9684 arrays &= ~(1UL << i); /* clear the bit */
9688 count = bpf_prog_info_read_offset_u32(&info, desc->count_offset);
9689 size = bpf_prog_info_read_offset_u32(&info, desc->size_offset);
9691 data_len += count * size;
9694 /* step 3: allocate continuous memory */
9695 data_len = roundup(data_len, sizeof(__u64));
9696 info_linear = malloc(sizeof(struct bpf_prog_info_linear) + data_len);
9698 return ERR_PTR(-ENOMEM);
9700 /* step 4: fill data to info_linear->info */
9701 info_linear->arrays = arrays;
9702 memset(&info_linear->info, 0, sizeof(info));
9703 ptr = info_linear->data;
9705 for (i = BPF_PROG_INFO_FIRST_ARRAY; i < BPF_PROG_INFO_LAST_ARRAY; ++i) {
9706 struct bpf_prog_info_array_desc *desc;
9709 if ((arrays & (1UL << i)) == 0)
9712 desc = bpf_prog_info_array_desc + i;
9713 count = bpf_prog_info_read_offset_u32(&info, desc->count_offset);
9714 size = bpf_prog_info_read_offset_u32(&info, desc->size_offset);
9715 bpf_prog_info_set_offset_u32(&info_linear->info,
9716 desc->count_offset, count);
9717 bpf_prog_info_set_offset_u32(&info_linear->info,
9718 desc->size_offset, size);
9719 bpf_prog_info_set_offset_u64(&info_linear->info,
9722 ptr += count * size;
9725 /* step 5: call syscall again to get required arrays */
9726 err = bpf_obj_get_info_by_fd(fd, &info_linear->info, &info_len);
9728 pr_debug("can't get prog info: %s", strerror(errno));
9730 return ERR_PTR(-EFAULT);
9733 /* step 6: verify the data */
9734 for (i = BPF_PROG_INFO_FIRST_ARRAY; i < BPF_PROG_INFO_LAST_ARRAY; ++i) {
9735 struct bpf_prog_info_array_desc *desc;
9738 if ((arrays & (1UL << i)) == 0)
9741 desc = bpf_prog_info_array_desc + i;
9742 v1 = bpf_prog_info_read_offset_u32(&info, desc->count_offset);
9743 v2 = bpf_prog_info_read_offset_u32(&info_linear->info,
9744 desc->count_offset);
9746 pr_warn("%s: mismatch in element count\n", __func__);
9748 v1 = bpf_prog_info_read_offset_u32(&info, desc->size_offset);
9749 v2 = bpf_prog_info_read_offset_u32(&info_linear->info,
9752 pr_warn("%s: mismatch in rec size\n", __func__);
9755 /* step 7: update info_len and data_len */
9756 info_linear->info_len = sizeof(struct bpf_prog_info);
9757 info_linear->data_len = data_len;
9762 void bpf_program__bpil_addr_to_offs(struct bpf_prog_info_linear *info_linear)
9766 for (i = BPF_PROG_INFO_FIRST_ARRAY; i < BPF_PROG_INFO_LAST_ARRAY; ++i) {
9767 struct bpf_prog_info_array_desc *desc;
9770 if ((info_linear->arrays & (1UL << i)) == 0)
9773 desc = bpf_prog_info_array_desc + i;
9774 addr = bpf_prog_info_read_offset_u64(&info_linear->info,
9775 desc->array_offset);
9776 offs = addr - ptr_to_u64(info_linear->data);
9777 bpf_prog_info_set_offset_u64(&info_linear->info,
9778 desc->array_offset, offs);
9782 void bpf_program__bpil_offs_to_addr(struct bpf_prog_info_linear *info_linear)
9786 for (i = BPF_PROG_INFO_FIRST_ARRAY; i < BPF_PROG_INFO_LAST_ARRAY; ++i) {
9787 struct bpf_prog_info_array_desc *desc;
9790 if ((info_linear->arrays & (1UL << i)) == 0)
9793 desc = bpf_prog_info_array_desc + i;
9794 offs = bpf_prog_info_read_offset_u64(&info_linear->info,
9795 desc->array_offset);
9796 addr = offs + ptr_to_u64(info_linear->data);
9797 bpf_prog_info_set_offset_u64(&info_linear->info,
9798 desc->array_offset, addr);
9802 int bpf_program__set_attach_target(struct bpf_program *prog,
9804 const char *attach_func_name)
9808 if (!prog || attach_prog_fd < 0 || !attach_func_name)
9812 btf_id = libbpf_find_prog_btf_id(attach_func_name,
9815 btf_id = __find_vmlinux_btf_id(prog->obj->btf_vmlinux,
9817 prog->expected_attach_type);
9822 prog->attach_btf_id = btf_id;
9823 prog->attach_prog_fd = attach_prog_fd;
9827 int parse_cpu_mask_str(const char *s, bool **mask, int *mask_sz)
9829 int err = 0, n, len, start, end = -1;
9835 /* Each sub string separated by ',' has format \d+-\d+ or \d+ */
9837 if (*s == ',' || *s == '\n') {
9841 n = sscanf(s, "%d%n-%d%n", &start, &len, &end, &len);
9842 if (n <= 0 || n > 2) {
9843 pr_warn("Failed to get CPU range %s: %d\n", s, n);
9846 } else if (n == 1) {
9849 if (start < 0 || start > end) {
9850 pr_warn("Invalid CPU range [%d,%d] in %s\n",
9855 tmp = realloc(*mask, end + 1);
9861 memset(tmp + *mask_sz, 0, start - *mask_sz);
9862 memset(tmp + start, 1, end - start + 1);
9867 pr_warn("Empty CPU range\n");
9877 int parse_cpu_mask_file(const char *fcpu, bool **mask, int *mask_sz)
9879 int fd, err = 0, len;
9882 fd = open(fcpu, O_RDONLY);
9885 pr_warn("Failed to open cpu mask file %s: %d\n", fcpu, err);
9888 len = read(fd, buf, sizeof(buf));
9891 err = len ? -errno : -EINVAL;
9892 pr_warn("Failed to read cpu mask from %s: %d\n", fcpu, err);
9895 if (len >= sizeof(buf)) {
9896 pr_warn("CPU mask is too big in file %s\n", fcpu);
9901 return parse_cpu_mask_str(buf, mask, mask_sz);
9904 int libbpf_num_possible_cpus(void)
9906 static const char *fcpu = "/sys/devices/system/cpu/possible";
9908 int err, n, i, tmp_cpus;
9911 tmp_cpus = READ_ONCE(cpus);
9915 err = parse_cpu_mask_file(fcpu, &mask, &n);
9920 for (i = 0; i < n; i++) {
9926 WRITE_ONCE(cpus, tmp_cpus);
9930 int bpf_object__open_skeleton(struct bpf_object_skeleton *s,
9931 const struct bpf_object_open_opts *opts)
9933 DECLARE_LIBBPF_OPTS(bpf_object_open_opts, skel_opts,
9934 .object_name = s->name,
9936 struct bpf_object *obj;
9939 /* Attempt to preserve opts->object_name, unless overriden by user
9940 * explicitly. Overwriting object name for skeletons is discouraged,
9941 * as it breaks global data maps, because they contain object name
9942 * prefix as their own map name prefix. When skeleton is generated,
9943 * bpftool is making an assumption that this name will stay the same.
9946 memcpy(&skel_opts, opts, sizeof(*opts));
9947 if (!opts->object_name)
9948 skel_opts.object_name = s->name;
9951 obj = bpf_object__open_mem(s->data, s->data_sz, &skel_opts);
9953 pr_warn("failed to initialize skeleton BPF object '%s': %ld\n",
9954 s->name, PTR_ERR(obj));
9955 return PTR_ERR(obj);
9960 for (i = 0; i < s->map_cnt; i++) {
9961 struct bpf_map **map = s->maps[i].map;
9962 const char *name = s->maps[i].name;
9963 void **mmaped = s->maps[i].mmaped;
9965 *map = bpf_object__find_map_by_name(obj, name);
9967 pr_warn("failed to find skeleton map '%s'\n", name);
9971 /* externs shouldn't be pre-setup from user code */
9972 if (mmaped && (*map)->libbpf_type != LIBBPF_MAP_KCONFIG)
9973 *mmaped = (*map)->mmaped;
9976 for (i = 0; i < s->prog_cnt; i++) {
9977 struct bpf_program **prog = s->progs[i].prog;
9978 const char *name = s->progs[i].name;
9980 *prog = bpf_object__find_program_by_name(obj, name);
9982 pr_warn("failed to find skeleton program '%s'\n", name);
9990 int bpf_object__load_skeleton(struct bpf_object_skeleton *s)
9994 err = bpf_object__load(*s->obj);
9996 pr_warn("failed to load BPF skeleton '%s': %d\n", s->name, err);
10000 for (i = 0; i < s->map_cnt; i++) {
10001 struct bpf_map *map = *s->maps[i].map;
10002 size_t mmap_sz = bpf_map_mmap_sz(map);
10003 int prot, map_fd = bpf_map__fd(map);
10004 void **mmaped = s->maps[i].mmaped;
10009 if (!(map->def.map_flags & BPF_F_MMAPABLE)) {
10014 if (map->def.map_flags & BPF_F_RDONLY_PROG)
10017 prot = PROT_READ | PROT_WRITE;
10019 /* Remap anonymous mmap()-ed "map initialization image" as
10020 * a BPF map-backed mmap()-ed memory, but preserving the same
10021 * memory address. This will cause kernel to change process'
10022 * page table to point to a different piece of kernel memory,
10023 * but from userspace point of view memory address (and its
10024 * contents, being identical at this point) will stay the
10025 * same. This mapping will be released by bpf_object__close()
10026 * as per normal clean up procedure, so we don't need to worry
10027 * about it from skeleton's clean up perspective.
10029 *mmaped = mmap(map->mmaped, mmap_sz, prot,
10030 MAP_SHARED | MAP_FIXED, map_fd, 0);
10031 if (*mmaped == MAP_FAILED) {
10034 pr_warn("failed to re-mmap() map '%s': %d\n",
10035 bpf_map__name(map), err);
10043 int bpf_object__attach_skeleton(struct bpf_object_skeleton *s)
10047 for (i = 0; i < s->prog_cnt; i++) {
10048 struct bpf_program *prog = *s->progs[i].prog;
10049 struct bpf_link **link = s->progs[i].link;
10050 const struct bpf_sec_def *sec_def;
10051 const char *sec_name = bpf_program__title(prog, false);
10056 sec_def = find_sec_def(sec_name);
10057 if (!sec_def || !sec_def->attach_fn)
10060 *link = sec_def->attach_fn(sec_def, prog);
10061 if (IS_ERR(*link)) {
10062 pr_warn("failed to auto-attach program '%s': %ld\n",
10063 bpf_program__name(prog), PTR_ERR(*link));
10064 return PTR_ERR(*link);
10071 void bpf_object__detach_skeleton(struct bpf_object_skeleton *s)
10075 for (i = 0; i < s->prog_cnt; i++) {
10076 struct bpf_link **link = s->progs[i].link;
10078 bpf_link__destroy(*link);
10083 void bpf_object__destroy_skeleton(struct bpf_object_skeleton *s)
10086 bpf_object__detach_skeleton(s);
10088 bpf_object__close(*s->obj);