1 // SPDX-License-Identifier: (LGPL-2.1 OR BSD-2-Clause)
4 * Common eBPF ELF object loading operations.
6 * Copyright (C) 2013-2015 Alexei Starovoitov <ast@kernel.org>
7 * Copyright (C) 2015 Wang Nan <wangnan0@huawei.com>
8 * Copyright (C) 2015 Huawei Inc.
9 * Copyright (C) 2017 Nicira, Inc.
10 * Copyright (C) 2019 Isovalent, Inc.
28 #include <asm/unistd.h>
29 #include <linux/err.h>
30 #include <linux/kernel.h>
31 #include <linux/bpf.h>
32 #include <linux/btf.h>
33 #include <linux/filter.h>
34 #include <linux/list.h>
35 #include <linux/limits.h>
36 #include <linux/perf_event.h>
37 #include <linux/ring_buffer.h>
38 #include <linux/version.h>
39 #include <sys/epoll.h>
40 #include <sys/ioctl.h>
43 #include <sys/types.h>
45 #include <sys/utsname.h>
46 #include <sys/resource.h>
54 #include "str_error.h"
55 #include "libbpf_internal.h"
57 #include "bpf_gen_internal.h"
60 #define BPF_FS_MAGIC 0xcafe4a11
63 #define BPF_INSN_SZ (sizeof(struct bpf_insn))
65 /* vsprintf() in __base_pr() uses nonliteral format string. It may break
66 * compilation if user enables corresponding warning. Disable it explicitly.
68 #pragma GCC diagnostic ignored "-Wformat-nonliteral"
70 #define __printf(a, b) __attribute__((format(printf, a, b)))
72 static struct bpf_map *bpf_object__add_map(struct bpf_object *obj);
73 static bool prog_is_subprog(const struct bpf_object *obj, const struct bpf_program *prog);
75 static int __base_pr(enum libbpf_print_level level, const char *format,
78 if (level == LIBBPF_DEBUG)
81 return vfprintf(stderr, format, args);
84 static libbpf_print_fn_t __libbpf_pr = __base_pr;
86 libbpf_print_fn_t libbpf_set_print(libbpf_print_fn_t fn)
88 libbpf_print_fn_t old_print_fn = __libbpf_pr;
95 void libbpf_print(enum libbpf_print_level level, const char *format, ...)
102 va_start(args, format);
103 __libbpf_pr(level, format, args);
107 static void pr_perm_msg(int err)
112 if (err != -EPERM || geteuid() != 0)
115 err = getrlimit(RLIMIT_MEMLOCK, &limit);
119 if (limit.rlim_cur == RLIM_INFINITY)
122 if (limit.rlim_cur < 1024)
123 snprintf(buf, sizeof(buf), "%zu bytes", (size_t)limit.rlim_cur);
124 else if (limit.rlim_cur < 1024*1024)
125 snprintf(buf, sizeof(buf), "%.1f KiB", (double)limit.rlim_cur / 1024);
127 snprintf(buf, sizeof(buf), "%.1f MiB", (double)limit.rlim_cur / (1024*1024));
129 pr_warn("permission error while running as root; try raising 'ulimit -l'? current value: %s\n",
133 #define STRERR_BUFSIZE 128
135 /* Copied from tools/perf/util/util.h */
137 # define zfree(ptr) ({ free(*ptr); *ptr = NULL; })
141 # define zclose(fd) ({ \
144 ___err = close((fd)); \
149 static inline __u64 ptr_to_u64(const void *ptr)
151 return (__u64) (unsigned long) ptr;
154 /* this goes away in libbpf 1.0 */
155 enum libbpf_strict_mode libbpf_mode = LIBBPF_STRICT_NONE;
157 int libbpf_set_strict_mode(enum libbpf_strict_mode mode)
163 __u32 libbpf_major_version(void)
165 return LIBBPF_MAJOR_VERSION;
168 __u32 libbpf_minor_version(void)
170 return LIBBPF_MINOR_VERSION;
173 const char *libbpf_version_string(void)
177 return "v" _S(LIBBPF_MAJOR_VERSION) "." _S(LIBBPF_MINOR_VERSION);
193 enum reloc_type type;
196 const struct bpf_core_relo *core_relo; /* used when type == RELO_CORE */
204 /* stored as sec_def->cookie for all libbpf-supported SEC()s */
207 /* expected_attach_type is optional, if kernel doesn't support that */
208 SEC_EXP_ATTACH_OPT = 1,
209 /* legacy, only used by libbpf_get_type_names() and
210 * libbpf_attach_type_by_name(), not used by libbpf itself at all.
211 * This used to be associated with cgroup (and few other) BPF programs
212 * that were attachable through BPF_PROG_ATTACH command. Pretty
213 * meaningless nowadays, though.
216 SEC_ATTACHABLE_OPT = SEC_ATTACHABLE | SEC_EXP_ATTACH_OPT,
217 /* attachment target is specified through BTF ID in either kernel or
218 * other BPF program's BTF object */
220 /* BPF program type allows sleeping/blocking in kernel */
222 /* allow non-strict prefix matching */
224 /* BPF program support non-linear XDP buffer */
226 /* deprecated sec definitions not supposed to be used */
232 enum bpf_prog_type prog_type;
233 enum bpf_attach_type expected_attach_type;
237 libbpf_prog_setup_fn_t prog_setup_fn;
238 libbpf_prog_prepare_load_fn_t prog_prepare_load_fn;
239 libbpf_prog_attach_fn_t prog_attach_fn;
243 * bpf_prog should be a better name but it has been used in
247 const struct bpf_sec_def *sec_def;
250 /* this program's instruction offset (in number of instructions)
251 * within its containing ELF section
254 /* number of original instructions in ELF section belonging to this
255 * program, not taking into account subprogram instructions possible
256 * appended later during relocation
259 /* Offset (in number of instructions) of the start of instruction
260 * belonging to this BPF program within its containing main BPF
261 * program. For the entry-point (main) BPF program, this is always
262 * zero. For a sub-program, this gets reset before each of main BPF
263 * programs are processed and relocated and is used to determined
264 * whether sub-program was already appended to the main program, and
265 * if yes, at which instruction offset.
270 /* name with / replaced by _; makes recursive pinning
271 * in bpf_object__pin_programs easier
275 /* instructions that belong to BPF program; insns[0] is located at
276 * sec_insn_off instruction within its ELF section in ELF file, so
277 * when mapping ELF file instruction index to the local instruction,
278 * one needs to subtract sec_insn_off; and vice versa.
280 struct bpf_insn *insns;
281 /* actual number of instruction in this BPF program's image; for
282 * entry-point BPF programs this includes the size of main program
283 * itself plus all the used sub-programs, appended at the end
287 struct reloc_desc *reloc_desc;
290 /* BPF verifier log settings */
299 bpf_program_prep_t preprocessor;
301 struct bpf_object *obj;
303 bpf_program_clear_priv_t clear_priv;
306 bool mark_btf_static;
307 enum bpf_prog_type type;
308 enum bpf_attach_type expected_attach_type;
310 __u32 attach_btf_obj_fd;
312 __u32 attach_prog_fd;
314 __u32 func_info_rec_size;
318 __u32 line_info_rec_size;
323 struct bpf_struct_ops {
325 const struct btf_type *type;
326 struct bpf_program **progs;
327 __u32 *kern_func_off;
328 /* e.g. struct tcp_congestion_ops in bpf_prog's btf format */
330 /* e.g. struct bpf_struct_ops_tcp_congestion_ops in
331 * btf_vmlinux's format.
332 * struct bpf_struct_ops_tcp_congestion_ops {
333 * [... some other kernel fields ...]
334 * struct tcp_congestion_ops data;
336 * kern_vdata-size == sizeof(struct bpf_struct_ops_tcp_congestion_ops)
337 * bpf_map__init_kern_struct_ops() will populate the "kern_vdata"
344 #define DATA_SEC ".data"
345 #define BSS_SEC ".bss"
346 #define RODATA_SEC ".rodata"
347 #define KCONFIG_SEC ".kconfig"
348 #define KSYMS_SEC ".ksyms"
349 #define STRUCT_OPS_SEC ".struct_ops"
351 enum libbpf_map_type {
360 struct bpf_object *obj;
362 /* real_name is defined for special internal maps (.rodata*,
363 * .data*, .bss, .kconfig) and preserves their original ELF section
364 * name. This is important to be be able to find corresponding BTF
365 * DATASEC information.
373 struct bpf_map_def def;
376 __u32 btf_key_type_id;
377 __u32 btf_value_type_id;
378 __u32 btf_vmlinux_value_type_id;
380 bpf_map_clear_priv_t clear_priv;
381 enum libbpf_map_type libbpf_type;
383 struct bpf_struct_ops *st_ops;
384 struct bpf_map *inner_map;
410 enum extern_type type;
426 unsigned long long addr;
428 /* target btf_id of the corresponding kernel var. */
429 int kernel_btf_obj_fd;
432 /* local btf_id of the ksym extern's type. */
434 /* BTF fd index to be patched in for insn->off, this is
435 * 0 for vmlinux BTF, index in obj->fd_array for module
443 static LIST_HEAD(bpf_objects_list);
461 struct elf_sec_desc {
462 enum sec_type sec_type;
474 Elf_Data *st_ops_data;
475 size_t shstrndx; /* section index for section name strings */
477 struct elf_sec_desc *secs;
481 __u32 btf_maps_sec_btf_id;
490 char name[BPF_OBJ_NAME_LEN];
494 struct bpf_program *programs;
496 struct bpf_map *maps;
501 struct extern_desc *externs;
509 struct bpf_gen *gen_loader;
511 /* Information when doing ELF related work. Only valid if efile.elf is not NULL */
512 struct elf_state efile;
514 * All loaded bpf_object are linked in a list, which is
515 * hidden to caller. bpf_objects__<func> handlers deal with
518 struct list_head list;
521 struct btf_ext *btf_ext;
523 /* Parse and load BTF vmlinux if any of the programs in the object need
526 struct btf *btf_vmlinux;
527 /* Path to the custom BTF to be used for BPF CO-RE relocations as an
528 * override for vmlinux BTF.
530 char *btf_custom_path;
531 /* vmlinux BTF override for CO-RE relocations */
532 struct btf *btf_vmlinux_override;
533 /* Lazily initialized kernel module BTFs */
534 struct module_btf *btf_modules;
535 bool btf_modules_loaded;
536 size_t btf_module_cnt;
537 size_t btf_module_cap;
539 /* optional log settings passed to BPF_BTF_LOAD and BPF_PROG_LOAD commands */
545 bpf_object_clear_priv_t clear_priv;
551 struct usdt_manager *usdt_man;
556 static const char *elf_sym_str(const struct bpf_object *obj, size_t off);
557 static const char *elf_sec_str(const struct bpf_object *obj, size_t off);
558 static Elf_Scn *elf_sec_by_idx(const struct bpf_object *obj, size_t idx);
559 static Elf_Scn *elf_sec_by_name(const struct bpf_object *obj, const char *name);
560 static Elf64_Shdr *elf_sec_hdr(const struct bpf_object *obj, Elf_Scn *scn);
561 static const char *elf_sec_name(const struct bpf_object *obj, Elf_Scn *scn);
562 static Elf_Data *elf_sec_data(const struct bpf_object *obj, Elf_Scn *scn);
563 static Elf64_Sym *elf_sym_by_idx(const struct bpf_object *obj, size_t idx);
564 static Elf64_Rel *elf_rel_by_idx(Elf_Data *data, size_t idx);
566 void bpf_program__unload(struct bpf_program *prog)
574 * If the object is opened but the program was never loaded,
575 * it is possible that prog->instances.nr == -1.
577 if (prog->instances.nr > 0) {
578 for (i = 0; i < prog->instances.nr; i++)
579 zclose(prog->instances.fds[i]);
580 } else if (prog->instances.nr != -1) {
581 pr_warn("Internal error: instances.nr is %d\n",
585 prog->instances.nr = -1;
586 zfree(&prog->instances.fds);
588 zfree(&prog->func_info);
589 zfree(&prog->line_info);
592 static void bpf_program__exit(struct bpf_program *prog)
597 if (prog->clear_priv)
598 prog->clear_priv(prog, prog->priv);
601 prog->clear_priv = NULL;
603 bpf_program__unload(prog);
605 zfree(&prog->sec_name);
606 zfree(&prog->pin_name);
608 zfree(&prog->reloc_desc);
615 static char *__bpf_program__pin_name(struct bpf_program *prog)
619 if (libbpf_mode & LIBBPF_STRICT_SEC_NAME)
620 name = strdup(prog->name);
622 name = strdup(prog->sec_name);
629 while ((p = strchr(p, '/')))
635 static bool insn_is_subprog_call(const struct bpf_insn *insn)
637 return BPF_CLASS(insn->code) == BPF_JMP &&
638 BPF_OP(insn->code) == BPF_CALL &&
639 BPF_SRC(insn->code) == BPF_K &&
640 insn->src_reg == BPF_PSEUDO_CALL &&
641 insn->dst_reg == 0 &&
645 static bool is_call_insn(const struct bpf_insn *insn)
647 return insn->code == (BPF_JMP | BPF_CALL);
650 static bool insn_is_pseudo_func(struct bpf_insn *insn)
652 return is_ldimm64_insn(insn) && insn->src_reg == BPF_PSEUDO_FUNC;
656 bpf_object__init_prog(struct bpf_object *obj, struct bpf_program *prog,
657 const char *name, size_t sec_idx, const char *sec_name,
658 size_t sec_off, void *insn_data, size_t insn_data_sz)
660 if (insn_data_sz == 0 || insn_data_sz % BPF_INSN_SZ || sec_off % BPF_INSN_SZ) {
661 pr_warn("sec '%s': corrupted program '%s', offset %zu, size %zu\n",
662 sec_name, name, sec_off, insn_data_sz);
666 memset(prog, 0, sizeof(*prog));
669 prog->sec_idx = sec_idx;
670 prog->sec_insn_off = sec_off / BPF_INSN_SZ;
671 prog->sec_insn_cnt = insn_data_sz / BPF_INSN_SZ;
672 /* insns_cnt can later be increased by appending used subprograms */
673 prog->insns_cnt = prog->sec_insn_cnt;
675 prog->type = BPF_PROG_TYPE_UNSPEC;
677 /* libbpf's convention for SEC("?abc...") is that it's just like
678 * SEC("abc...") but the corresponding bpf_program starts out with
679 * autoload set to false.
681 if (sec_name[0] == '?') {
682 prog->autoload = false;
683 /* from now on forget there was ? in section name */
686 prog->autoload = true;
689 prog->instances.fds = NULL;
690 prog->instances.nr = -1;
692 /* inherit object's log_level */
693 prog->log_level = obj->log_level;
695 prog->sec_name = strdup(sec_name);
699 prog->name = strdup(name);
703 prog->pin_name = __bpf_program__pin_name(prog);
707 prog->insns = malloc(insn_data_sz);
710 memcpy(prog->insns, insn_data, insn_data_sz);
714 pr_warn("sec '%s': failed to allocate memory for prog '%s'\n", sec_name, name);
715 bpf_program__exit(prog);
720 bpf_object__add_programs(struct bpf_object *obj, Elf_Data *sec_data,
721 const char *sec_name, int sec_idx)
723 Elf_Data *symbols = obj->efile.symbols;
724 struct bpf_program *prog, *progs;
725 void *data = sec_data->d_buf;
726 size_t sec_sz = sec_data->d_size, sec_off, prog_sz, nr_syms;
727 int nr_progs, err, i;
731 progs = obj->programs;
732 nr_progs = obj->nr_programs;
733 nr_syms = symbols->d_size / sizeof(Elf64_Sym);
736 for (i = 0; i < nr_syms; i++) {
737 sym = elf_sym_by_idx(obj, i);
739 if (sym->st_shndx != sec_idx)
741 if (ELF64_ST_TYPE(sym->st_info) != STT_FUNC)
744 prog_sz = sym->st_size;
745 sec_off = sym->st_value;
747 name = elf_sym_str(obj, sym->st_name);
749 pr_warn("sec '%s': failed to get symbol name for offset %zu\n",
751 return -LIBBPF_ERRNO__FORMAT;
754 if (sec_off + prog_sz > sec_sz) {
755 pr_warn("sec '%s': program at offset %zu crosses section boundary\n",
757 return -LIBBPF_ERRNO__FORMAT;
760 if (sec_idx != obj->efile.text_shndx && ELF64_ST_BIND(sym->st_info) == STB_LOCAL) {
761 pr_warn("sec '%s': program '%s' is static and not supported\n", sec_name, name);
765 pr_debug("sec '%s': found program '%s' at insn offset %zu (%zu bytes), code size %zu insns (%zu bytes)\n",
766 sec_name, name, sec_off / BPF_INSN_SZ, sec_off, prog_sz / BPF_INSN_SZ, prog_sz);
768 progs = libbpf_reallocarray(progs, nr_progs + 1, sizeof(*progs));
771 * In this case the original obj->programs
772 * is still valid, so don't need special treat for
773 * bpf_close_object().
775 pr_warn("sec '%s': failed to alloc memory for new program '%s'\n",
779 obj->programs = progs;
781 prog = &progs[nr_progs];
783 err = bpf_object__init_prog(obj, prog, name, sec_idx, sec_name,
784 sec_off, data + sec_off, prog_sz);
788 /* if function is a global/weak symbol, but has restricted
789 * (STV_HIDDEN or STV_INTERNAL) visibility, mark its BTF FUNC
790 * as static to enable more permissive BPF verification mode
791 * with more outside context available to BPF verifier
793 if (ELF64_ST_BIND(sym->st_info) != STB_LOCAL
794 && (ELF64_ST_VISIBILITY(sym->st_other) == STV_HIDDEN
795 || ELF64_ST_VISIBILITY(sym->st_other) == STV_INTERNAL))
796 prog->mark_btf_static = true;
799 obj->nr_programs = nr_progs;
805 __u32 get_kernel_version(void)
807 /* On Ubuntu LINUX_VERSION_CODE doesn't correspond to info.release,
808 * but Ubuntu provides /proc/version_signature file, as described at
809 * https://ubuntu.com/kernel, with an example contents below, which we
810 * can use to get a proper LINUX_VERSION_CODE.
812 * Ubuntu 5.4.0-12.15-generic 5.4.8
814 * In the above, 5.4.8 is what kernel is actually expecting, while
815 * uname() call will return 5.4.0 in info.release.
817 const char *ubuntu_kver_file = "/proc/version_signature";
818 __u32 major, minor, patch;
821 if (access(ubuntu_kver_file, R_OK) == 0) {
824 f = fopen(ubuntu_kver_file, "r");
826 if (fscanf(f, "%*s %*s %d.%d.%d\n", &major, &minor, &patch) == 3) {
828 return KERNEL_VERSION(major, minor, patch);
832 /* something went wrong, fall back to uname() approach */
836 if (sscanf(info.release, "%u.%u.%u", &major, &minor, &patch) != 3)
838 return KERNEL_VERSION(major, minor, patch);
841 static const struct btf_member *
842 find_member_by_offset(const struct btf_type *t, __u32 bit_offset)
844 struct btf_member *m;
847 for (i = 0, m = btf_members(t); i < btf_vlen(t); i++, m++) {
848 if (btf_member_bit_offset(t, i) == bit_offset)
855 static const struct btf_member *
856 find_member_by_name(const struct btf *btf, const struct btf_type *t,
859 struct btf_member *m;
862 for (i = 0, m = btf_members(t); i < btf_vlen(t); i++, m++) {
863 if (!strcmp(btf__name_by_offset(btf, m->name_off), name))
870 #define STRUCT_OPS_VALUE_PREFIX "bpf_struct_ops_"
871 static int find_btf_by_prefix_kind(const struct btf *btf, const char *prefix,
872 const char *name, __u32 kind);
875 find_struct_ops_kern_types(const struct btf *btf, const char *tname,
876 const struct btf_type **type, __u32 *type_id,
877 const struct btf_type **vtype, __u32 *vtype_id,
878 const struct btf_member **data_member)
880 const struct btf_type *kern_type, *kern_vtype;
881 const struct btf_member *kern_data_member;
882 __s32 kern_vtype_id, kern_type_id;
885 kern_type_id = btf__find_by_name_kind(btf, tname, BTF_KIND_STRUCT);
886 if (kern_type_id < 0) {
887 pr_warn("struct_ops init_kern: struct %s is not found in kernel BTF\n",
891 kern_type = btf__type_by_id(btf, kern_type_id);
893 /* Find the corresponding "map_value" type that will be used
894 * in map_update(BPF_MAP_TYPE_STRUCT_OPS). For example,
895 * find "struct bpf_struct_ops_tcp_congestion_ops" from the
898 kern_vtype_id = find_btf_by_prefix_kind(btf, STRUCT_OPS_VALUE_PREFIX,
899 tname, BTF_KIND_STRUCT);
900 if (kern_vtype_id < 0) {
901 pr_warn("struct_ops init_kern: struct %s%s is not found in kernel BTF\n",
902 STRUCT_OPS_VALUE_PREFIX, tname);
903 return kern_vtype_id;
905 kern_vtype = btf__type_by_id(btf, kern_vtype_id);
907 /* Find "struct tcp_congestion_ops" from
908 * struct bpf_struct_ops_tcp_congestion_ops {
910 * struct tcp_congestion_ops data;
913 kern_data_member = btf_members(kern_vtype);
914 for (i = 0; i < btf_vlen(kern_vtype); i++, kern_data_member++) {
915 if (kern_data_member->type == kern_type_id)
918 if (i == btf_vlen(kern_vtype)) {
919 pr_warn("struct_ops init_kern: struct %s data is not found in struct %s%s\n",
920 tname, STRUCT_OPS_VALUE_PREFIX, tname);
925 *type_id = kern_type_id;
927 *vtype_id = kern_vtype_id;
928 *data_member = kern_data_member;
933 static bool bpf_map__is_struct_ops(const struct bpf_map *map)
935 return map->def.type == BPF_MAP_TYPE_STRUCT_OPS;
938 /* Init the map's fields that depend on kern_btf */
939 static int bpf_map__init_kern_struct_ops(struct bpf_map *map,
940 const struct btf *btf,
941 const struct btf *kern_btf)
943 const struct btf_member *member, *kern_member, *kern_data_member;
944 const struct btf_type *type, *kern_type, *kern_vtype;
945 __u32 i, kern_type_id, kern_vtype_id, kern_data_off;
946 struct bpf_struct_ops *st_ops;
947 void *data, *kern_data;
951 st_ops = map->st_ops;
953 tname = st_ops->tname;
954 err = find_struct_ops_kern_types(kern_btf, tname,
955 &kern_type, &kern_type_id,
956 &kern_vtype, &kern_vtype_id,
961 pr_debug("struct_ops init_kern %s: type_id:%u kern_type_id:%u kern_vtype_id:%u\n",
962 map->name, st_ops->type_id, kern_type_id, kern_vtype_id);
964 map->def.value_size = kern_vtype->size;
965 map->btf_vmlinux_value_type_id = kern_vtype_id;
967 st_ops->kern_vdata = calloc(1, kern_vtype->size);
968 if (!st_ops->kern_vdata)
972 kern_data_off = kern_data_member->offset / 8;
973 kern_data = st_ops->kern_vdata + kern_data_off;
975 member = btf_members(type);
976 for (i = 0; i < btf_vlen(type); i++, member++) {
977 const struct btf_type *mtype, *kern_mtype;
978 __u32 mtype_id, kern_mtype_id;
979 void *mdata, *kern_mdata;
980 __s64 msize, kern_msize;
981 __u32 moff, kern_moff;
982 __u32 kern_member_idx;
985 mname = btf__name_by_offset(btf, member->name_off);
986 kern_member = find_member_by_name(kern_btf, kern_type, mname);
988 pr_warn("struct_ops init_kern %s: Cannot find member %s in kernel BTF\n",
993 kern_member_idx = kern_member - btf_members(kern_type);
994 if (btf_member_bitfield_size(type, i) ||
995 btf_member_bitfield_size(kern_type, kern_member_idx)) {
996 pr_warn("struct_ops init_kern %s: bitfield %s is not supported\n",
1001 moff = member->offset / 8;
1002 kern_moff = kern_member->offset / 8;
1004 mdata = data + moff;
1005 kern_mdata = kern_data + kern_moff;
1007 mtype = skip_mods_and_typedefs(btf, member->type, &mtype_id);
1008 kern_mtype = skip_mods_and_typedefs(kern_btf, kern_member->type,
1010 if (BTF_INFO_KIND(mtype->info) !=
1011 BTF_INFO_KIND(kern_mtype->info)) {
1012 pr_warn("struct_ops init_kern %s: Unmatched member type %s %u != %u(kernel)\n",
1013 map->name, mname, BTF_INFO_KIND(mtype->info),
1014 BTF_INFO_KIND(kern_mtype->info));
1018 if (btf_is_ptr(mtype)) {
1019 struct bpf_program *prog;
1021 prog = st_ops->progs[i];
1025 kern_mtype = skip_mods_and_typedefs(kern_btf,
1029 /* mtype->type must be a func_proto which was
1030 * guaranteed in bpf_object__collect_st_ops_relos(),
1031 * so only check kern_mtype for func_proto here.
1033 if (!btf_is_func_proto(kern_mtype)) {
1034 pr_warn("struct_ops init_kern %s: kernel member %s is not a func ptr\n",
1039 prog->attach_btf_id = kern_type_id;
1040 prog->expected_attach_type = kern_member_idx;
1042 st_ops->kern_func_off[i] = kern_data_off + kern_moff;
1044 pr_debug("struct_ops init_kern %s: func ptr %s is set to prog %s from data(+%u) to kern_data(+%u)\n",
1045 map->name, mname, prog->name, moff,
1051 msize = btf__resolve_size(btf, mtype_id);
1052 kern_msize = btf__resolve_size(kern_btf, kern_mtype_id);
1053 if (msize < 0 || kern_msize < 0 || msize != kern_msize) {
1054 pr_warn("struct_ops init_kern %s: Error in size of member %s: %zd != %zd(kernel)\n",
1055 map->name, mname, (ssize_t)msize,
1056 (ssize_t)kern_msize);
1060 pr_debug("struct_ops init_kern %s: copy %s %u bytes from data(+%u) to kern_data(+%u)\n",
1061 map->name, mname, (unsigned int)msize,
1063 memcpy(kern_mdata, mdata, msize);
1069 static int bpf_object__init_kern_struct_ops_maps(struct bpf_object *obj)
1071 struct bpf_map *map;
1075 for (i = 0; i < obj->nr_maps; i++) {
1076 map = &obj->maps[i];
1078 if (!bpf_map__is_struct_ops(map))
1081 err = bpf_map__init_kern_struct_ops(map, obj->btf,
1090 static int bpf_object__init_struct_ops_maps(struct bpf_object *obj)
1092 const struct btf_type *type, *datasec;
1093 const struct btf_var_secinfo *vsi;
1094 struct bpf_struct_ops *st_ops;
1095 const char *tname, *var_name;
1096 __s32 type_id, datasec_id;
1097 const struct btf *btf;
1098 struct bpf_map *map;
1101 if (obj->efile.st_ops_shndx == -1)
1105 datasec_id = btf__find_by_name_kind(btf, STRUCT_OPS_SEC,
1107 if (datasec_id < 0) {
1108 pr_warn("struct_ops init: DATASEC %s not found\n",
1113 datasec = btf__type_by_id(btf, datasec_id);
1114 vsi = btf_var_secinfos(datasec);
1115 for (i = 0; i < btf_vlen(datasec); i++, vsi++) {
1116 type = btf__type_by_id(obj->btf, vsi->type);
1117 var_name = btf__name_by_offset(obj->btf, type->name_off);
1119 type_id = btf__resolve_type(obj->btf, vsi->type);
1121 pr_warn("struct_ops init: Cannot resolve var type_id %u in DATASEC %s\n",
1122 vsi->type, STRUCT_OPS_SEC);
1126 type = btf__type_by_id(obj->btf, type_id);
1127 tname = btf__name_by_offset(obj->btf, type->name_off);
1129 pr_warn("struct_ops init: anonymous type is not supported\n");
1132 if (!btf_is_struct(type)) {
1133 pr_warn("struct_ops init: %s is not a struct\n", tname);
1137 map = bpf_object__add_map(obj);
1139 return PTR_ERR(map);
1141 map->sec_idx = obj->efile.st_ops_shndx;
1142 map->sec_offset = vsi->offset;
1143 map->name = strdup(var_name);
1147 map->def.type = BPF_MAP_TYPE_STRUCT_OPS;
1148 map->def.key_size = sizeof(int);
1149 map->def.value_size = type->size;
1150 map->def.max_entries = 1;
1152 map->st_ops = calloc(1, sizeof(*map->st_ops));
1155 st_ops = map->st_ops;
1156 st_ops->data = malloc(type->size);
1157 st_ops->progs = calloc(btf_vlen(type), sizeof(*st_ops->progs));
1158 st_ops->kern_func_off = malloc(btf_vlen(type) *
1159 sizeof(*st_ops->kern_func_off));
1160 if (!st_ops->data || !st_ops->progs || !st_ops->kern_func_off)
1163 if (vsi->offset + type->size > obj->efile.st_ops_data->d_size) {
1164 pr_warn("struct_ops init: var %s is beyond the end of DATASEC %s\n",
1165 var_name, STRUCT_OPS_SEC);
1169 memcpy(st_ops->data,
1170 obj->efile.st_ops_data->d_buf + vsi->offset,
1172 st_ops->tname = tname;
1173 st_ops->type = type;
1174 st_ops->type_id = type_id;
1176 pr_debug("struct_ops init: struct %s(type_id=%u) %s found at offset %u\n",
1177 tname, type_id, var_name, vsi->offset);
1183 static struct bpf_object *bpf_object__new(const char *path,
1184 const void *obj_buf,
1186 const char *obj_name)
1188 bool strict = (libbpf_mode & LIBBPF_STRICT_NO_OBJECT_LIST);
1189 struct bpf_object *obj;
1192 obj = calloc(1, sizeof(struct bpf_object) + strlen(path) + 1);
1194 pr_warn("alloc memory failed for %s\n", path);
1195 return ERR_PTR(-ENOMEM);
1198 strcpy(obj->path, path);
1200 libbpf_strlcpy(obj->name, obj_name, sizeof(obj->name));
1202 /* Using basename() GNU version which doesn't modify arg. */
1203 libbpf_strlcpy(obj->name, basename((void *)path), sizeof(obj->name));
1204 end = strchr(obj->name, '.');
1211 * Caller of this function should also call
1212 * bpf_object__elf_finish() after data collection to return
1213 * obj_buf to user. If not, we should duplicate the buffer to
1214 * avoid user freeing them before elf finish.
1216 obj->efile.obj_buf = obj_buf;
1217 obj->efile.obj_buf_sz = obj_buf_sz;
1218 obj->efile.maps_shndx = -1;
1219 obj->efile.btf_maps_shndx = -1;
1220 obj->efile.st_ops_shndx = -1;
1221 obj->kconfig_map_idx = -1;
1223 obj->kern_version = get_kernel_version();
1224 obj->loaded = false;
1226 INIT_LIST_HEAD(&obj->list);
1228 list_add(&obj->list, &bpf_objects_list);
1232 static void bpf_object__elf_finish(struct bpf_object *obj)
1234 if (!obj->efile.elf)
1237 elf_end(obj->efile.elf);
1238 obj->efile.elf = NULL;
1239 obj->efile.symbols = NULL;
1240 obj->efile.st_ops_data = NULL;
1242 zfree(&obj->efile.secs);
1243 obj->efile.sec_cnt = 0;
1244 zclose(obj->efile.fd);
1245 obj->efile.obj_buf = NULL;
1246 obj->efile.obj_buf_sz = 0;
1249 static int bpf_object__elf_init(struct bpf_object *obj)
1255 if (obj->efile.elf) {
1256 pr_warn("elf: init internal error\n");
1257 return -LIBBPF_ERRNO__LIBELF;
1260 if (obj->efile.obj_buf_sz > 0) {
1262 * obj_buf should have been validated by
1263 * bpf_object__open_buffer().
1265 elf = elf_memory((char *)obj->efile.obj_buf, obj->efile.obj_buf_sz);
1267 obj->efile.fd = open(obj->path, O_RDONLY | O_CLOEXEC);
1268 if (obj->efile.fd < 0) {
1269 char errmsg[STRERR_BUFSIZE], *cp;
1272 cp = libbpf_strerror_r(err, errmsg, sizeof(errmsg));
1273 pr_warn("elf: failed to open %s: %s\n", obj->path, cp);
1277 elf = elf_begin(obj->efile.fd, ELF_C_READ_MMAP, NULL);
1281 pr_warn("elf: failed to open %s as ELF file: %s\n", obj->path, elf_errmsg(-1));
1282 err = -LIBBPF_ERRNO__LIBELF;
1286 obj->efile.elf = elf;
1288 if (elf_kind(elf) != ELF_K_ELF) {
1289 err = -LIBBPF_ERRNO__FORMAT;
1290 pr_warn("elf: '%s' is not a proper ELF object\n", obj->path);
1294 if (gelf_getclass(elf) != ELFCLASS64) {
1295 err = -LIBBPF_ERRNO__FORMAT;
1296 pr_warn("elf: '%s' is not a 64-bit ELF object\n", obj->path);
1300 obj->efile.ehdr = ehdr = elf64_getehdr(elf);
1301 if (!obj->efile.ehdr) {
1302 pr_warn("elf: failed to get ELF header from %s: %s\n", obj->path, elf_errmsg(-1));
1303 err = -LIBBPF_ERRNO__FORMAT;
1307 if (elf_getshdrstrndx(elf, &obj->efile.shstrndx)) {
1308 pr_warn("elf: failed to get section names section index for %s: %s\n",
1309 obj->path, elf_errmsg(-1));
1310 err = -LIBBPF_ERRNO__FORMAT;
1314 /* Elf is corrupted/truncated, avoid calling elf_strptr. */
1315 if (!elf_rawdata(elf_getscn(elf, obj->efile.shstrndx), NULL)) {
1316 pr_warn("elf: failed to get section names strings from %s: %s\n",
1317 obj->path, elf_errmsg(-1));
1318 err = -LIBBPF_ERRNO__FORMAT;
1322 /* Old LLVM set e_machine to EM_NONE */
1323 if (ehdr->e_type != ET_REL || (ehdr->e_machine && ehdr->e_machine != EM_BPF)) {
1324 pr_warn("elf: %s is not a valid eBPF object file\n", obj->path);
1325 err = -LIBBPF_ERRNO__FORMAT;
1331 bpf_object__elf_finish(obj);
1335 static int bpf_object__check_endianness(struct bpf_object *obj)
1337 #if __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__
1338 if (obj->efile.ehdr->e_ident[EI_DATA] == ELFDATA2LSB)
1340 #elif __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__
1341 if (obj->efile.ehdr->e_ident[EI_DATA] == ELFDATA2MSB)
1344 # error "Unrecognized __BYTE_ORDER__"
1346 pr_warn("elf: endianness mismatch in %s.\n", obj->path);
1347 return -LIBBPF_ERRNO__ENDIAN;
1351 bpf_object__init_license(struct bpf_object *obj, void *data, size_t size)
1353 /* libbpf_strlcpy() only copies first N - 1 bytes, so size + 1 won't
1354 * go over allowed ELF data section buffer
1356 libbpf_strlcpy(obj->license, data, min(size + 1, sizeof(obj->license)));
1357 pr_debug("license of %s is %s\n", obj->path, obj->license);
1362 bpf_object__init_kversion(struct bpf_object *obj, void *data, size_t size)
1366 if (size != sizeof(kver)) {
1367 pr_warn("invalid kver section in %s\n", obj->path);
1368 return -LIBBPF_ERRNO__FORMAT;
1370 memcpy(&kver, data, sizeof(kver));
1371 obj->kern_version = kver;
1372 pr_debug("kernel version of %s is %x\n", obj->path, obj->kern_version);
1376 static bool bpf_map_type__is_map_in_map(enum bpf_map_type type)
1378 if (type == BPF_MAP_TYPE_ARRAY_OF_MAPS ||
1379 type == BPF_MAP_TYPE_HASH_OF_MAPS)
1384 static int find_elf_sec_sz(const struct bpf_object *obj, const char *name, __u32 *size)
1392 scn = elf_sec_by_name(obj, name);
1393 data = elf_sec_data(obj, scn);
1395 *size = data->d_size;
1396 return 0; /* found it */
1402 static int find_elf_var_offset(const struct bpf_object *obj, const char *name, __u32 *off)
1404 Elf_Data *symbols = obj->efile.symbols;
1411 for (si = 0; si < symbols->d_size / sizeof(Elf64_Sym); si++) {
1412 Elf64_Sym *sym = elf_sym_by_idx(obj, si);
1414 if (ELF64_ST_TYPE(sym->st_info) != STT_OBJECT)
1417 if (ELF64_ST_BIND(sym->st_info) != STB_GLOBAL &&
1418 ELF64_ST_BIND(sym->st_info) != STB_WEAK)
1421 sname = elf_sym_str(obj, sym->st_name);
1423 pr_warn("failed to get sym name string for var %s\n", name);
1426 if (strcmp(name, sname) == 0) {
1427 *off = sym->st_value;
1435 static struct bpf_map *bpf_object__add_map(struct bpf_object *obj)
1437 struct bpf_map *map;
1440 err = libbpf_ensure_mem((void **)&obj->maps, &obj->maps_cap,
1441 sizeof(*obj->maps), obj->nr_maps + 1);
1443 return ERR_PTR(err);
1445 map = &obj->maps[obj->nr_maps++];
1448 map->inner_map_fd = -1;
1449 map->autocreate = true;
1454 static size_t bpf_map_mmap_sz(const struct bpf_map *map)
1456 long page_sz = sysconf(_SC_PAGE_SIZE);
1459 map_sz = (size_t)roundup(map->def.value_size, 8) * map->def.max_entries;
1460 map_sz = roundup(map_sz, page_sz);
1464 static char *internal_map_name(struct bpf_object *obj, const char *real_name)
1466 char map_name[BPF_OBJ_NAME_LEN], *p;
1467 int pfx_len, sfx_len = max((size_t)7, strlen(real_name));
1469 /* This is one of the more confusing parts of libbpf for various
1470 * reasons, some of which are historical. The original idea for naming
1471 * internal names was to include as much of BPF object name prefix as
1472 * possible, so that it can be distinguished from similar internal
1473 * maps of a different BPF object.
1474 * As an example, let's say we have bpf_object named 'my_object_name'
1475 * and internal map corresponding to '.rodata' ELF section. The final
1476 * map name advertised to user and to the kernel will be
1477 * 'my_objec.rodata', taking first 8 characters of object name and
1478 * entire 7 characters of '.rodata'.
1479 * Somewhat confusingly, if internal map ELF section name is shorter
1480 * than 7 characters, e.g., '.bss', we still reserve 7 characters
1481 * for the suffix, even though we only have 4 actual characters, and
1482 * resulting map will be called 'my_objec.bss', not even using all 15
1483 * characters allowed by the kernel. Oh well, at least the truncated
1484 * object name is somewhat consistent in this case. But if the map
1485 * name is '.kconfig', we'll still have entirety of '.kconfig' added
1486 * (8 chars) and thus will be left with only first 7 characters of the
1487 * object name ('my_obje'). Happy guessing, user, that the final map
1488 * name will be "my_obje.kconfig".
1489 * Now, with libbpf starting to support arbitrarily named .rodata.*
1490 * and .data.* data sections, it's possible that ELF section name is
1491 * longer than allowed 15 chars, so we now need to be careful to take
1492 * only up to 15 first characters of ELF name, taking no BPF object
1493 * name characters at all. So '.rodata.abracadabra' will result in
1494 * '.rodata.abracad' kernel and user-visible name.
1495 * We need to keep this convoluted logic intact for .data, .bss and
1496 * .rodata maps, but for new custom .data.custom and .rodata.custom
1497 * maps we use their ELF names as is, not prepending bpf_object name
1498 * in front. We still need to truncate them to 15 characters for the
1499 * kernel. Full name can be recovered for such maps by using DATASEC
1500 * BTF type associated with such map's value type, though.
1502 if (sfx_len >= BPF_OBJ_NAME_LEN)
1503 sfx_len = BPF_OBJ_NAME_LEN - 1;
1505 /* if there are two or more dots in map name, it's a custom dot map */
1506 if (strchr(real_name + 1, '.') != NULL)
1509 pfx_len = min((size_t)BPF_OBJ_NAME_LEN - sfx_len - 1, strlen(obj->name));
1511 snprintf(map_name, sizeof(map_name), "%.*s%.*s", pfx_len, obj->name,
1512 sfx_len, real_name);
1514 /* sanitise map name to characters allowed by kernel */
1515 for (p = map_name; *p && p < map_name + sizeof(map_name); p++)
1516 if (!isalnum(*p) && *p != '_' && *p != '.')
1519 return strdup(map_name);
1523 bpf_map_find_btf_info(struct bpf_object *obj, struct bpf_map *map);
1526 bpf_object__init_internal_map(struct bpf_object *obj, enum libbpf_map_type type,
1527 const char *real_name, int sec_idx, void *data, size_t data_sz)
1529 struct bpf_map_def *def;
1530 struct bpf_map *map;
1533 map = bpf_object__add_map(obj);
1535 return PTR_ERR(map);
1537 map->libbpf_type = type;
1538 map->sec_idx = sec_idx;
1539 map->sec_offset = 0;
1540 map->real_name = strdup(real_name);
1541 map->name = internal_map_name(obj, real_name);
1542 if (!map->real_name || !map->name) {
1543 zfree(&map->real_name);
1549 def->type = BPF_MAP_TYPE_ARRAY;
1550 def->key_size = sizeof(int);
1551 def->value_size = data_sz;
1552 def->max_entries = 1;
1553 def->map_flags = type == LIBBPF_MAP_RODATA || type == LIBBPF_MAP_KCONFIG
1554 ? BPF_F_RDONLY_PROG : 0;
1555 def->map_flags |= BPF_F_MMAPABLE;
1557 pr_debug("map '%s' (global data): at sec_idx %d, offset %zu, flags %x.\n",
1558 map->name, map->sec_idx, map->sec_offset, def->map_flags);
1560 map->mmaped = mmap(NULL, bpf_map_mmap_sz(map), PROT_READ | PROT_WRITE,
1561 MAP_SHARED | MAP_ANONYMOUS, -1, 0);
1562 if (map->mmaped == MAP_FAILED) {
1565 pr_warn("failed to alloc map '%s' content buffer: %d\n",
1567 zfree(&map->real_name);
1572 /* failures are fine because of maps like .rodata.str1.1 */
1573 (void) bpf_map_find_btf_info(obj, map);
1576 memcpy(map->mmaped, data, data_sz);
1578 pr_debug("map %td is \"%s\"\n", map - obj->maps, map->name);
1582 static int bpf_object__init_global_data_maps(struct bpf_object *obj)
1584 struct elf_sec_desc *sec_desc;
1585 const char *sec_name;
1586 int err = 0, sec_idx;
1589 * Populate obj->maps with libbpf internal maps.
1591 for (sec_idx = 1; sec_idx < obj->efile.sec_cnt; sec_idx++) {
1592 sec_desc = &obj->efile.secs[sec_idx];
1594 switch (sec_desc->sec_type) {
1596 sec_name = elf_sec_name(obj, elf_sec_by_idx(obj, sec_idx));
1597 err = bpf_object__init_internal_map(obj, LIBBPF_MAP_DATA,
1599 sec_desc->data->d_buf,
1600 sec_desc->data->d_size);
1603 obj->has_rodata = true;
1604 sec_name = elf_sec_name(obj, elf_sec_by_idx(obj, sec_idx));
1605 err = bpf_object__init_internal_map(obj, LIBBPF_MAP_RODATA,
1607 sec_desc->data->d_buf,
1608 sec_desc->data->d_size);
1611 sec_name = elf_sec_name(obj, elf_sec_by_idx(obj, sec_idx));
1612 err = bpf_object__init_internal_map(obj, LIBBPF_MAP_BSS,
1615 sec_desc->data->d_size);
1628 static struct extern_desc *find_extern_by_name(const struct bpf_object *obj,
1633 for (i = 0; i < obj->nr_extern; i++) {
1634 if (strcmp(obj->externs[i].name, name) == 0)
1635 return &obj->externs[i];
1640 static int set_kcfg_value_tri(struct extern_desc *ext, void *ext_val,
1643 switch (ext->kcfg.type) {
1646 pr_warn("extern (kcfg) %s=%c should be tristate or char\n",
1650 *(bool *)ext_val = value == 'y' ? true : false;
1654 *(enum libbpf_tristate *)ext_val = TRI_YES;
1655 else if (value == 'm')
1656 *(enum libbpf_tristate *)ext_val = TRI_MODULE;
1657 else /* value == 'n' */
1658 *(enum libbpf_tristate *)ext_val = TRI_NO;
1661 *(char *)ext_val = value;
1667 pr_warn("extern (kcfg) %s=%c should be bool, tristate, or char\n",
1675 static int set_kcfg_value_str(struct extern_desc *ext, char *ext_val,
1680 if (ext->kcfg.type != KCFG_CHAR_ARR) {
1681 pr_warn("extern (kcfg) %s=%s should be char array\n", ext->name, value);
1685 len = strlen(value);
1686 if (value[len - 1] != '"') {
1687 pr_warn("extern (kcfg) '%s': invalid string config '%s'\n",
1694 if (len >= ext->kcfg.sz) {
1695 pr_warn("extern (kcfg) '%s': long string config %s of (%zu bytes) truncated to %d bytes\n",
1696 ext->name, value, len, ext->kcfg.sz - 1);
1697 len = ext->kcfg.sz - 1;
1699 memcpy(ext_val, value + 1, len);
1700 ext_val[len] = '\0';
1705 static int parse_u64(const char *value, __u64 *res)
1711 *res = strtoull(value, &value_end, 0);
1714 pr_warn("failed to parse '%s' as integer: %d\n", value, err);
1718 pr_warn("failed to parse '%s' as integer completely\n", value);
1724 static bool is_kcfg_value_in_range(const struct extern_desc *ext, __u64 v)
1726 int bit_sz = ext->kcfg.sz * 8;
1728 if (ext->kcfg.sz == 8)
1731 /* Validate that value stored in u64 fits in integer of `ext->sz`
1732 * bytes size without any loss of information. If the target integer
1733 * is signed, we rely on the following limits of integer type of
1734 * Y bits and subsequent transformation:
1736 * -2^(Y-1) <= X <= 2^(Y-1) - 1
1737 * 0 <= X + 2^(Y-1) <= 2^Y - 1
1738 * 0 <= X + 2^(Y-1) < 2^Y
1740 * For unsigned target integer, check that all the (64 - Y) bits are
1743 if (ext->kcfg.is_signed)
1744 return v + (1ULL << (bit_sz - 1)) < (1ULL << bit_sz);
1746 return (v >> bit_sz) == 0;
1749 static int set_kcfg_value_num(struct extern_desc *ext, void *ext_val,
1752 if (ext->kcfg.type != KCFG_INT && ext->kcfg.type != KCFG_CHAR) {
1753 pr_warn("extern (kcfg) %s=%llu should be integer\n",
1754 ext->name, (unsigned long long)value);
1757 if (!is_kcfg_value_in_range(ext, value)) {
1758 pr_warn("extern (kcfg) %s=%llu value doesn't fit in %d bytes\n",
1759 ext->name, (unsigned long long)value, ext->kcfg.sz);
1762 switch (ext->kcfg.sz) {
1763 case 1: *(__u8 *)ext_val = value; break;
1764 case 2: *(__u16 *)ext_val = value; break;
1765 case 4: *(__u32 *)ext_val = value; break;
1766 case 8: *(__u64 *)ext_val = value; break;
1774 static int bpf_object__process_kconfig_line(struct bpf_object *obj,
1775 char *buf, void *data)
1777 struct extern_desc *ext;
1783 if (!str_has_pfx(buf, "CONFIG_"))
1786 sep = strchr(buf, '=');
1788 pr_warn("failed to parse '%s': no separator\n", buf);
1792 /* Trim ending '\n' */
1794 if (buf[len - 1] == '\n')
1795 buf[len - 1] = '\0';
1796 /* Split on '=' and ensure that a value is present. */
1800 pr_warn("failed to parse '%s': no value\n", buf);
1804 ext = find_extern_by_name(obj, buf);
1805 if (!ext || ext->is_set)
1808 ext_val = data + ext->kcfg.data_off;
1812 case 'y': case 'n': case 'm':
1813 err = set_kcfg_value_tri(ext, ext_val, *value);
1816 err = set_kcfg_value_str(ext, ext_val, value);
1819 /* assume integer */
1820 err = parse_u64(value, &num);
1822 pr_warn("extern (kcfg) %s=%s should be integer\n",
1826 err = set_kcfg_value_num(ext, ext_val, num);
1831 pr_debug("extern (kcfg) %s=%s\n", ext->name, value);
1835 static int bpf_object__read_kconfig_file(struct bpf_object *obj, void *data)
1843 len = snprintf(buf, PATH_MAX, "/boot/config-%s", uts.release);
1846 else if (len >= PATH_MAX)
1847 return -ENAMETOOLONG;
1849 /* gzopen also accepts uncompressed files. */
1850 file = gzopen(buf, "r");
1852 file = gzopen("/proc/config.gz", "r");
1855 pr_warn("failed to open system Kconfig\n");
1859 while (gzgets(file, buf, sizeof(buf))) {
1860 err = bpf_object__process_kconfig_line(obj, buf, data);
1862 pr_warn("error parsing system Kconfig line '%s': %d\n",
1873 static int bpf_object__read_kconfig_mem(struct bpf_object *obj,
1874 const char *config, void *data)
1880 file = fmemopen((void *)config, strlen(config), "r");
1883 pr_warn("failed to open in-memory Kconfig: %d\n", err);
1887 while (fgets(buf, sizeof(buf), file)) {
1888 err = bpf_object__process_kconfig_line(obj, buf, data);
1890 pr_warn("error parsing in-memory Kconfig line '%s': %d\n",
1900 static int bpf_object__init_kconfig_map(struct bpf_object *obj)
1902 struct extern_desc *last_ext = NULL, *ext;
1906 for (i = 0; i < obj->nr_extern; i++) {
1907 ext = &obj->externs[i];
1908 if (ext->type == EXT_KCFG)
1915 map_sz = last_ext->kcfg.data_off + last_ext->kcfg.sz;
1916 err = bpf_object__init_internal_map(obj, LIBBPF_MAP_KCONFIG,
1917 ".kconfig", obj->efile.symbols_shndx,
1922 obj->kconfig_map_idx = obj->nr_maps - 1;
1927 static int bpf_object__init_user_maps(struct bpf_object *obj, bool strict)
1929 Elf_Data *symbols = obj->efile.symbols;
1930 int i, map_def_sz = 0, nr_maps = 0, nr_syms;
1931 Elf_Data *data = NULL;
1934 if (obj->efile.maps_shndx < 0)
1937 if (libbpf_mode & LIBBPF_STRICT_MAP_DEFINITIONS) {
1938 pr_warn("legacy map definitions in SEC(\"maps\") are not supported\n");
1945 scn = elf_sec_by_idx(obj, obj->efile.maps_shndx);
1946 data = elf_sec_data(obj, scn);
1947 if (!scn || !data) {
1948 pr_warn("elf: failed to get legacy map definitions for %s\n",
1954 * Count number of maps. Each map has a name.
1955 * Array of maps is not supported: only the first element is
1958 * TODO: Detect array of map and report error.
1960 nr_syms = symbols->d_size / sizeof(Elf64_Sym);
1961 for (i = 0; i < nr_syms; i++) {
1962 Elf64_Sym *sym = elf_sym_by_idx(obj, i);
1964 if (sym->st_shndx != obj->efile.maps_shndx)
1966 if (ELF64_ST_TYPE(sym->st_info) == STT_SECTION)
1970 /* Assume equally sized map definitions */
1971 pr_debug("elf: found %d legacy map definitions (%zd bytes) in %s\n",
1972 nr_maps, data->d_size, obj->path);
1974 if (!data->d_size || nr_maps == 0 || (data->d_size % nr_maps) != 0) {
1975 pr_warn("elf: unable to determine legacy map definition size in %s\n",
1979 map_def_sz = data->d_size / nr_maps;
1981 /* Fill obj->maps using data in "maps" section. */
1982 for (i = 0; i < nr_syms; i++) {
1983 Elf64_Sym *sym = elf_sym_by_idx(obj, i);
1984 const char *map_name;
1985 struct bpf_map_def *def;
1986 struct bpf_map *map;
1988 if (sym->st_shndx != obj->efile.maps_shndx)
1990 if (ELF64_ST_TYPE(sym->st_info) == STT_SECTION)
1993 map = bpf_object__add_map(obj);
1995 return PTR_ERR(map);
1997 map_name = elf_sym_str(obj, sym->st_name);
1999 pr_warn("failed to get map #%d name sym string for obj %s\n",
2001 return -LIBBPF_ERRNO__FORMAT;
2004 pr_warn("map '%s' (legacy): legacy map definitions are deprecated, use BTF-defined maps instead\n", map_name);
2006 if (ELF64_ST_BIND(sym->st_info) == STB_LOCAL) {
2007 pr_warn("map '%s' (legacy): static maps are not supported\n", map_name);
2011 map->libbpf_type = LIBBPF_MAP_UNSPEC;
2012 map->sec_idx = sym->st_shndx;
2013 map->sec_offset = sym->st_value;
2014 pr_debug("map '%s' (legacy): at sec_idx %d, offset %zu.\n",
2015 map_name, map->sec_idx, map->sec_offset);
2016 if (sym->st_value + map_def_sz > data->d_size) {
2017 pr_warn("corrupted maps section in %s: last map \"%s\" too small\n",
2018 obj->path, map_name);
2022 map->name = strdup(map_name);
2024 pr_warn("map '%s': failed to alloc map name\n", map_name);
2027 pr_debug("map %d is \"%s\"\n", i, map->name);
2028 def = (struct bpf_map_def *)(data->d_buf + sym->st_value);
2030 * If the definition of the map in the object file fits in
2031 * bpf_map_def, copy it. Any extra fields in our version
2032 * of bpf_map_def will default to zero as a result of the
2035 if (map_def_sz <= sizeof(struct bpf_map_def)) {
2036 memcpy(&map->def, def, map_def_sz);
2039 * Here the map structure being read is bigger than what
2040 * we expect, truncate if the excess bits are all zero.
2041 * If they are not zero, reject this map as
2046 for (b = ((char *)def) + sizeof(struct bpf_map_def);
2047 b < ((char *)def) + map_def_sz; b++) {
2049 pr_warn("maps section in %s: \"%s\" has unrecognized, non-zero options\n",
2050 obj->path, map_name);
2055 memcpy(&map->def, def, sizeof(struct bpf_map_def));
2058 /* btf info may not exist but fill it in if it does exist */
2059 (void) bpf_map_find_btf_info(obj, map);
2064 const struct btf_type *
2065 skip_mods_and_typedefs(const struct btf *btf, __u32 id, __u32 *res_id)
2067 const struct btf_type *t = btf__type_by_id(btf, id);
2072 while (btf_is_mod(t) || btf_is_typedef(t)) {
2075 t = btf__type_by_id(btf, t->type);
2081 static const struct btf_type *
2082 resolve_func_ptr(const struct btf *btf, __u32 id, __u32 *res_id)
2084 const struct btf_type *t;
2086 t = skip_mods_and_typedefs(btf, id, NULL);
2090 t = skip_mods_and_typedefs(btf, t->type, res_id);
2092 return btf_is_func_proto(t) ? t : NULL;
2095 static const char *__btf_kind_str(__u16 kind)
2098 case BTF_KIND_UNKN: return "void";
2099 case BTF_KIND_INT: return "int";
2100 case BTF_KIND_PTR: return "ptr";
2101 case BTF_KIND_ARRAY: return "array";
2102 case BTF_KIND_STRUCT: return "struct";
2103 case BTF_KIND_UNION: return "union";
2104 case BTF_KIND_ENUM: return "enum";
2105 case BTF_KIND_FWD: return "fwd";
2106 case BTF_KIND_TYPEDEF: return "typedef";
2107 case BTF_KIND_VOLATILE: return "volatile";
2108 case BTF_KIND_CONST: return "const";
2109 case BTF_KIND_RESTRICT: return "restrict";
2110 case BTF_KIND_FUNC: return "func";
2111 case BTF_KIND_FUNC_PROTO: return "func_proto";
2112 case BTF_KIND_VAR: return "var";
2113 case BTF_KIND_DATASEC: return "datasec";
2114 case BTF_KIND_FLOAT: return "float";
2115 case BTF_KIND_DECL_TAG: return "decl_tag";
2116 case BTF_KIND_TYPE_TAG: return "type_tag";
2117 default: return "unknown";
2121 const char *btf_kind_str(const struct btf_type *t)
2123 return __btf_kind_str(btf_kind(t));
2127 * Fetch integer attribute of BTF map definition. Such attributes are
2128 * represented using a pointer to an array, in which dimensionality of array
2129 * encodes specified integer value. E.g., int (*type)[BPF_MAP_TYPE_ARRAY];
2130 * encodes `type => BPF_MAP_TYPE_ARRAY` key/value pair completely using BTF
2131 * type definition, while using only sizeof(void *) space in ELF data section.
2133 static bool get_map_field_int(const char *map_name, const struct btf *btf,
2134 const struct btf_member *m, __u32 *res)
2136 const struct btf_type *t = skip_mods_and_typedefs(btf, m->type, NULL);
2137 const char *name = btf__name_by_offset(btf, m->name_off);
2138 const struct btf_array *arr_info;
2139 const struct btf_type *arr_t;
2141 if (!btf_is_ptr(t)) {
2142 pr_warn("map '%s': attr '%s': expected PTR, got %s.\n",
2143 map_name, name, btf_kind_str(t));
2147 arr_t = btf__type_by_id(btf, t->type);
2149 pr_warn("map '%s': attr '%s': type [%u] not found.\n",
2150 map_name, name, t->type);
2153 if (!btf_is_array(arr_t)) {
2154 pr_warn("map '%s': attr '%s': expected ARRAY, got %s.\n",
2155 map_name, name, btf_kind_str(arr_t));
2158 arr_info = btf_array(arr_t);
2159 *res = arr_info->nelems;
2163 static int build_map_pin_path(struct bpf_map *map, const char *path)
2169 path = "/sys/fs/bpf";
2171 len = snprintf(buf, PATH_MAX, "%s/%s", path, bpf_map__name(map));
2174 else if (len >= PATH_MAX)
2175 return -ENAMETOOLONG;
2177 return bpf_map__set_pin_path(map, buf);
2180 int parse_btf_map_def(const char *map_name, struct btf *btf,
2181 const struct btf_type *def_t, bool strict,
2182 struct btf_map_def *map_def, struct btf_map_def *inner_def)
2184 const struct btf_type *t;
2185 const struct btf_member *m;
2186 bool is_inner = inner_def == NULL;
2189 vlen = btf_vlen(def_t);
2190 m = btf_members(def_t);
2191 for (i = 0; i < vlen; i++, m++) {
2192 const char *name = btf__name_by_offset(btf, m->name_off);
2195 pr_warn("map '%s': invalid field #%d.\n", map_name, i);
2198 if (strcmp(name, "type") == 0) {
2199 if (!get_map_field_int(map_name, btf, m, &map_def->map_type))
2201 map_def->parts |= MAP_DEF_MAP_TYPE;
2202 } else if (strcmp(name, "max_entries") == 0) {
2203 if (!get_map_field_int(map_name, btf, m, &map_def->max_entries))
2205 map_def->parts |= MAP_DEF_MAX_ENTRIES;
2206 } else if (strcmp(name, "map_flags") == 0) {
2207 if (!get_map_field_int(map_name, btf, m, &map_def->map_flags))
2209 map_def->parts |= MAP_DEF_MAP_FLAGS;
2210 } else if (strcmp(name, "numa_node") == 0) {
2211 if (!get_map_field_int(map_name, btf, m, &map_def->numa_node))
2213 map_def->parts |= MAP_DEF_NUMA_NODE;
2214 } else if (strcmp(name, "key_size") == 0) {
2217 if (!get_map_field_int(map_name, btf, m, &sz))
2219 if (map_def->key_size && map_def->key_size != sz) {
2220 pr_warn("map '%s': conflicting key size %u != %u.\n",
2221 map_name, map_def->key_size, sz);
2224 map_def->key_size = sz;
2225 map_def->parts |= MAP_DEF_KEY_SIZE;
2226 } else if (strcmp(name, "key") == 0) {
2229 t = btf__type_by_id(btf, m->type);
2231 pr_warn("map '%s': key type [%d] not found.\n",
2235 if (!btf_is_ptr(t)) {
2236 pr_warn("map '%s': key spec is not PTR: %s.\n",
2237 map_name, btf_kind_str(t));
2240 sz = btf__resolve_size(btf, t->type);
2242 pr_warn("map '%s': can't determine key size for type [%u]: %zd.\n",
2243 map_name, t->type, (ssize_t)sz);
2246 if (map_def->key_size && map_def->key_size != sz) {
2247 pr_warn("map '%s': conflicting key size %u != %zd.\n",
2248 map_name, map_def->key_size, (ssize_t)sz);
2251 map_def->key_size = sz;
2252 map_def->key_type_id = t->type;
2253 map_def->parts |= MAP_DEF_KEY_SIZE | MAP_DEF_KEY_TYPE;
2254 } else if (strcmp(name, "value_size") == 0) {
2257 if (!get_map_field_int(map_name, btf, m, &sz))
2259 if (map_def->value_size && map_def->value_size != sz) {
2260 pr_warn("map '%s': conflicting value size %u != %u.\n",
2261 map_name, map_def->value_size, sz);
2264 map_def->value_size = sz;
2265 map_def->parts |= MAP_DEF_VALUE_SIZE;
2266 } else if (strcmp(name, "value") == 0) {
2269 t = btf__type_by_id(btf, m->type);
2271 pr_warn("map '%s': value type [%d] not found.\n",
2275 if (!btf_is_ptr(t)) {
2276 pr_warn("map '%s': value spec is not PTR: %s.\n",
2277 map_name, btf_kind_str(t));
2280 sz = btf__resolve_size(btf, t->type);
2282 pr_warn("map '%s': can't determine value size for type [%u]: %zd.\n",
2283 map_name, t->type, (ssize_t)sz);
2286 if (map_def->value_size && map_def->value_size != sz) {
2287 pr_warn("map '%s': conflicting value size %u != %zd.\n",
2288 map_name, map_def->value_size, (ssize_t)sz);
2291 map_def->value_size = sz;
2292 map_def->value_type_id = t->type;
2293 map_def->parts |= MAP_DEF_VALUE_SIZE | MAP_DEF_VALUE_TYPE;
2295 else if (strcmp(name, "values") == 0) {
2296 bool is_map_in_map = bpf_map_type__is_map_in_map(map_def->map_type);
2297 bool is_prog_array = map_def->map_type == BPF_MAP_TYPE_PROG_ARRAY;
2298 const char *desc = is_map_in_map ? "map-in-map inner" : "prog-array value";
2299 char inner_map_name[128];
2303 pr_warn("map '%s': multi-level inner maps not supported.\n",
2307 if (i != vlen - 1) {
2308 pr_warn("map '%s': '%s' member should be last.\n",
2312 if (!is_map_in_map && !is_prog_array) {
2313 pr_warn("map '%s': should be map-in-map or prog-array.\n",
2317 if (map_def->value_size && map_def->value_size != 4) {
2318 pr_warn("map '%s': conflicting value size %u != 4.\n",
2319 map_name, map_def->value_size);
2322 map_def->value_size = 4;
2323 t = btf__type_by_id(btf, m->type);
2325 pr_warn("map '%s': %s type [%d] not found.\n",
2326 map_name, desc, m->type);
2329 if (!btf_is_array(t) || btf_array(t)->nelems) {
2330 pr_warn("map '%s': %s spec is not a zero-sized array.\n",
2334 t = skip_mods_and_typedefs(btf, btf_array(t)->type, NULL);
2335 if (!btf_is_ptr(t)) {
2336 pr_warn("map '%s': %s def is of unexpected kind %s.\n",
2337 map_name, desc, btf_kind_str(t));
2340 t = skip_mods_and_typedefs(btf, t->type, NULL);
2341 if (is_prog_array) {
2342 if (!btf_is_func_proto(t)) {
2343 pr_warn("map '%s': prog-array value def is of unexpected kind %s.\n",
2344 map_name, btf_kind_str(t));
2349 if (!btf_is_struct(t)) {
2350 pr_warn("map '%s': map-in-map inner def is of unexpected kind %s.\n",
2351 map_name, btf_kind_str(t));
2355 snprintf(inner_map_name, sizeof(inner_map_name), "%s.inner", map_name);
2356 err = parse_btf_map_def(inner_map_name, btf, t, strict, inner_def, NULL);
2360 map_def->parts |= MAP_DEF_INNER_MAP;
2361 } else if (strcmp(name, "pinning") == 0) {
2365 pr_warn("map '%s': inner def can't be pinned.\n", map_name);
2368 if (!get_map_field_int(map_name, btf, m, &val))
2370 if (val != LIBBPF_PIN_NONE && val != LIBBPF_PIN_BY_NAME) {
2371 pr_warn("map '%s': invalid pinning value %u.\n",
2375 map_def->pinning = val;
2376 map_def->parts |= MAP_DEF_PINNING;
2377 } else if (strcmp(name, "map_extra") == 0) {
2380 if (!get_map_field_int(map_name, btf, m, &map_extra))
2382 map_def->map_extra = map_extra;
2383 map_def->parts |= MAP_DEF_MAP_EXTRA;
2386 pr_warn("map '%s': unknown field '%s'.\n", map_name, name);
2389 pr_debug("map '%s': ignoring unknown field '%s'.\n", map_name, name);
2393 if (map_def->map_type == BPF_MAP_TYPE_UNSPEC) {
2394 pr_warn("map '%s': map type isn't specified.\n", map_name);
2401 static void fill_map_from_def(struct bpf_map *map, const struct btf_map_def *def)
2403 map->def.type = def->map_type;
2404 map->def.key_size = def->key_size;
2405 map->def.value_size = def->value_size;
2406 map->def.max_entries = def->max_entries;
2407 map->def.map_flags = def->map_flags;
2408 map->map_extra = def->map_extra;
2410 map->numa_node = def->numa_node;
2411 map->btf_key_type_id = def->key_type_id;
2412 map->btf_value_type_id = def->value_type_id;
2414 if (def->parts & MAP_DEF_MAP_TYPE)
2415 pr_debug("map '%s': found type = %u.\n", map->name, def->map_type);
2417 if (def->parts & MAP_DEF_KEY_TYPE)
2418 pr_debug("map '%s': found key [%u], sz = %u.\n",
2419 map->name, def->key_type_id, def->key_size);
2420 else if (def->parts & MAP_DEF_KEY_SIZE)
2421 pr_debug("map '%s': found key_size = %u.\n", map->name, def->key_size);
2423 if (def->parts & MAP_DEF_VALUE_TYPE)
2424 pr_debug("map '%s': found value [%u], sz = %u.\n",
2425 map->name, def->value_type_id, def->value_size);
2426 else if (def->parts & MAP_DEF_VALUE_SIZE)
2427 pr_debug("map '%s': found value_size = %u.\n", map->name, def->value_size);
2429 if (def->parts & MAP_DEF_MAX_ENTRIES)
2430 pr_debug("map '%s': found max_entries = %u.\n", map->name, def->max_entries);
2431 if (def->parts & MAP_DEF_MAP_FLAGS)
2432 pr_debug("map '%s': found map_flags = 0x%x.\n", map->name, def->map_flags);
2433 if (def->parts & MAP_DEF_MAP_EXTRA)
2434 pr_debug("map '%s': found map_extra = 0x%llx.\n", map->name,
2435 (unsigned long long)def->map_extra);
2436 if (def->parts & MAP_DEF_PINNING)
2437 pr_debug("map '%s': found pinning = %u.\n", map->name, def->pinning);
2438 if (def->parts & MAP_DEF_NUMA_NODE)
2439 pr_debug("map '%s': found numa_node = %u.\n", map->name, def->numa_node);
2441 if (def->parts & MAP_DEF_INNER_MAP)
2442 pr_debug("map '%s': found inner map definition.\n", map->name);
2445 static const char *btf_var_linkage_str(__u32 linkage)
2448 case BTF_VAR_STATIC: return "static";
2449 case BTF_VAR_GLOBAL_ALLOCATED: return "global";
2450 case BTF_VAR_GLOBAL_EXTERN: return "extern";
2451 default: return "unknown";
2455 static int bpf_object__init_user_btf_map(struct bpf_object *obj,
2456 const struct btf_type *sec,
2457 int var_idx, int sec_idx,
2458 const Elf_Data *data, bool strict,
2459 const char *pin_root_path)
2461 struct btf_map_def map_def = {}, inner_def = {};
2462 const struct btf_type *var, *def;
2463 const struct btf_var_secinfo *vi;
2464 const struct btf_var *var_extra;
2465 const char *map_name;
2466 struct bpf_map *map;
2469 vi = btf_var_secinfos(sec) + var_idx;
2470 var = btf__type_by_id(obj->btf, vi->type);
2471 var_extra = btf_var(var);
2472 map_name = btf__name_by_offset(obj->btf, var->name_off);
2474 if (map_name == NULL || map_name[0] == '\0') {
2475 pr_warn("map #%d: empty name.\n", var_idx);
2478 if ((__u64)vi->offset + vi->size > data->d_size) {
2479 pr_warn("map '%s' BTF data is corrupted.\n", map_name);
2482 if (!btf_is_var(var)) {
2483 pr_warn("map '%s': unexpected var kind %s.\n",
2484 map_name, btf_kind_str(var));
2487 if (var_extra->linkage != BTF_VAR_GLOBAL_ALLOCATED) {
2488 pr_warn("map '%s': unsupported map linkage %s.\n",
2489 map_name, btf_var_linkage_str(var_extra->linkage));
2493 def = skip_mods_and_typedefs(obj->btf, var->type, NULL);
2494 if (!btf_is_struct(def)) {
2495 pr_warn("map '%s': unexpected def kind %s.\n",
2496 map_name, btf_kind_str(var));
2499 if (def->size > vi->size) {
2500 pr_warn("map '%s': invalid def size.\n", map_name);
2504 map = bpf_object__add_map(obj);
2506 return PTR_ERR(map);
2507 map->name = strdup(map_name);
2509 pr_warn("map '%s': failed to alloc map name.\n", map_name);
2512 map->libbpf_type = LIBBPF_MAP_UNSPEC;
2513 map->def.type = BPF_MAP_TYPE_UNSPEC;
2514 map->sec_idx = sec_idx;
2515 map->sec_offset = vi->offset;
2516 map->btf_var_idx = var_idx;
2517 pr_debug("map '%s': at sec_idx %d, offset %zu.\n",
2518 map_name, map->sec_idx, map->sec_offset);
2520 err = parse_btf_map_def(map->name, obj->btf, def, strict, &map_def, &inner_def);
2524 fill_map_from_def(map, &map_def);
2526 if (map_def.pinning == LIBBPF_PIN_BY_NAME) {
2527 err = build_map_pin_path(map, pin_root_path);
2529 pr_warn("map '%s': couldn't build pin path.\n", map->name);
2534 if (map_def.parts & MAP_DEF_INNER_MAP) {
2535 map->inner_map = calloc(1, sizeof(*map->inner_map));
2536 if (!map->inner_map)
2538 map->inner_map->fd = -1;
2539 map->inner_map->sec_idx = sec_idx;
2540 map->inner_map->name = malloc(strlen(map_name) + sizeof(".inner") + 1);
2541 if (!map->inner_map->name)
2543 sprintf(map->inner_map->name, "%s.inner", map_name);
2545 fill_map_from_def(map->inner_map, &inner_def);
2548 err = bpf_map_find_btf_info(obj, map);
2555 static int bpf_object__init_user_btf_maps(struct bpf_object *obj, bool strict,
2556 const char *pin_root_path)
2558 const struct btf_type *sec = NULL;
2559 int nr_types, i, vlen, err;
2560 const struct btf_type *t;
2565 if (obj->efile.btf_maps_shndx < 0)
2568 scn = elf_sec_by_idx(obj, obj->efile.btf_maps_shndx);
2569 data = elf_sec_data(obj, scn);
2570 if (!scn || !data) {
2571 pr_warn("elf: failed to get %s map definitions for %s\n",
2572 MAPS_ELF_SEC, obj->path);
2576 nr_types = btf__type_cnt(obj->btf);
2577 for (i = 1; i < nr_types; i++) {
2578 t = btf__type_by_id(obj->btf, i);
2579 if (!btf_is_datasec(t))
2581 name = btf__name_by_offset(obj->btf, t->name_off);
2582 if (strcmp(name, MAPS_ELF_SEC) == 0) {
2584 obj->efile.btf_maps_sec_btf_id = i;
2590 pr_warn("DATASEC '%s' not found.\n", MAPS_ELF_SEC);
2594 vlen = btf_vlen(sec);
2595 for (i = 0; i < vlen; i++) {
2596 err = bpf_object__init_user_btf_map(obj, sec, i,
2597 obj->efile.btf_maps_shndx,
2607 static int bpf_object__init_maps(struct bpf_object *obj,
2608 const struct bpf_object_open_opts *opts)
2610 const char *pin_root_path;
2614 strict = !OPTS_GET(opts, relaxed_maps, false);
2615 pin_root_path = OPTS_GET(opts, pin_root_path, NULL);
2617 err = bpf_object__init_user_maps(obj, strict);
2618 err = err ?: bpf_object__init_user_btf_maps(obj, strict, pin_root_path);
2619 err = err ?: bpf_object__init_global_data_maps(obj);
2620 err = err ?: bpf_object__init_kconfig_map(obj);
2621 err = err ?: bpf_object__init_struct_ops_maps(obj);
2626 static bool section_have_execinstr(struct bpf_object *obj, int idx)
2630 sh = elf_sec_hdr(obj, elf_sec_by_idx(obj, idx));
2634 return sh->sh_flags & SHF_EXECINSTR;
2637 static bool btf_needs_sanitization(struct bpf_object *obj)
2639 bool has_func_global = kernel_supports(obj, FEAT_BTF_GLOBAL_FUNC);
2640 bool has_datasec = kernel_supports(obj, FEAT_BTF_DATASEC);
2641 bool has_float = kernel_supports(obj, FEAT_BTF_FLOAT);
2642 bool has_func = kernel_supports(obj, FEAT_BTF_FUNC);
2643 bool has_decl_tag = kernel_supports(obj, FEAT_BTF_DECL_TAG);
2644 bool has_type_tag = kernel_supports(obj, FEAT_BTF_TYPE_TAG);
2646 return !has_func || !has_datasec || !has_func_global || !has_float ||
2647 !has_decl_tag || !has_type_tag;
2650 static void bpf_object__sanitize_btf(struct bpf_object *obj, struct btf *btf)
2652 bool has_func_global = kernel_supports(obj, FEAT_BTF_GLOBAL_FUNC);
2653 bool has_datasec = kernel_supports(obj, FEAT_BTF_DATASEC);
2654 bool has_float = kernel_supports(obj, FEAT_BTF_FLOAT);
2655 bool has_func = kernel_supports(obj, FEAT_BTF_FUNC);
2656 bool has_decl_tag = kernel_supports(obj, FEAT_BTF_DECL_TAG);
2657 bool has_type_tag = kernel_supports(obj, FEAT_BTF_TYPE_TAG);
2661 for (i = 1; i < btf__type_cnt(btf); i++) {
2662 t = (struct btf_type *)btf__type_by_id(btf, i);
2664 if ((!has_datasec && btf_is_var(t)) || (!has_decl_tag && btf_is_decl_tag(t))) {
2665 /* replace VAR/DECL_TAG with INT */
2666 t->info = BTF_INFO_ENC(BTF_KIND_INT, 0, 0);
2668 * using size = 1 is the safest choice, 4 will be too
2669 * big and cause kernel BTF validation failure if
2670 * original variable took less than 4 bytes
2673 *(int *)(t + 1) = BTF_INT_ENC(0, 0, 8);
2674 } else if (!has_datasec && btf_is_datasec(t)) {
2675 /* replace DATASEC with STRUCT */
2676 const struct btf_var_secinfo *v = btf_var_secinfos(t);
2677 struct btf_member *m = btf_members(t);
2678 struct btf_type *vt;
2681 name = (char *)btf__name_by_offset(btf, t->name_off);
2689 t->info = BTF_INFO_ENC(BTF_KIND_STRUCT, 0, vlen);
2690 for (j = 0; j < vlen; j++, v++, m++) {
2691 /* order of field assignments is important */
2692 m->offset = v->offset * 8;
2694 /* preserve variable name as member name */
2695 vt = (void *)btf__type_by_id(btf, v->type);
2696 m->name_off = vt->name_off;
2698 } else if (!has_func && btf_is_func_proto(t)) {
2699 /* replace FUNC_PROTO with ENUM */
2701 t->info = BTF_INFO_ENC(BTF_KIND_ENUM, 0, vlen);
2702 t->size = sizeof(__u32); /* kernel enforced */
2703 } else if (!has_func && btf_is_func(t)) {
2704 /* replace FUNC with TYPEDEF */
2705 t->info = BTF_INFO_ENC(BTF_KIND_TYPEDEF, 0, 0);
2706 } else if (!has_func_global && btf_is_func(t)) {
2707 /* replace BTF_FUNC_GLOBAL with BTF_FUNC_STATIC */
2708 t->info = BTF_INFO_ENC(BTF_KIND_FUNC, 0, 0);
2709 } else if (!has_float && btf_is_float(t)) {
2710 /* replace FLOAT with an equally-sized empty STRUCT;
2711 * since C compilers do not accept e.g. "float" as a
2712 * valid struct name, make it anonymous
2715 t->info = BTF_INFO_ENC(BTF_KIND_STRUCT, 0, 0);
2716 } else if (!has_type_tag && btf_is_type_tag(t)) {
2717 /* replace TYPE_TAG with a CONST */
2719 t->info = BTF_INFO_ENC(BTF_KIND_CONST, 0, 0);
2724 static bool libbpf_needs_btf(const struct bpf_object *obj)
2726 return obj->efile.btf_maps_shndx >= 0 ||
2727 obj->efile.st_ops_shndx >= 0 ||
2731 static bool kernel_needs_btf(const struct bpf_object *obj)
2733 return obj->efile.st_ops_shndx >= 0;
2736 static int bpf_object__init_btf(struct bpf_object *obj,
2738 Elf_Data *btf_ext_data)
2743 obj->btf = btf__new(btf_data->d_buf, btf_data->d_size);
2744 err = libbpf_get_error(obj->btf);
2747 pr_warn("Error loading ELF section %s: %d.\n", BTF_ELF_SEC, err);
2750 /* enforce 8-byte pointers for BPF-targeted BTFs */
2751 btf__set_pointer_size(obj->btf, 8);
2754 struct btf_ext_info *ext_segs[3];
2755 int seg_num, sec_num;
2758 pr_debug("Ignore ELF section %s because its depending ELF section %s is not found.\n",
2759 BTF_EXT_ELF_SEC, BTF_ELF_SEC);
2762 obj->btf_ext = btf_ext__new(btf_ext_data->d_buf, btf_ext_data->d_size);
2763 err = libbpf_get_error(obj->btf_ext);
2765 pr_warn("Error loading ELF section %s: %d. Ignored and continue.\n",
2766 BTF_EXT_ELF_SEC, err);
2767 obj->btf_ext = NULL;
2771 /* setup .BTF.ext to ELF section mapping */
2772 ext_segs[0] = &obj->btf_ext->func_info;
2773 ext_segs[1] = &obj->btf_ext->line_info;
2774 ext_segs[2] = &obj->btf_ext->core_relo_info;
2775 for (seg_num = 0; seg_num < ARRAY_SIZE(ext_segs); seg_num++) {
2776 struct btf_ext_info *seg = ext_segs[seg_num];
2777 const struct btf_ext_info_sec *sec;
2778 const char *sec_name;
2781 if (seg->sec_cnt == 0)
2784 seg->sec_idxs = calloc(seg->sec_cnt, sizeof(*seg->sec_idxs));
2785 if (!seg->sec_idxs) {
2791 for_each_btf_ext_sec(seg, sec) {
2792 /* preventively increment index to avoid doing
2793 * this before every continue below
2797 sec_name = btf__name_by_offset(obj->btf, sec->sec_name_off);
2798 if (str_is_empty(sec_name))
2800 scn = elf_sec_by_name(obj, sec_name);
2804 seg->sec_idxs[sec_num - 1] = elf_ndxscn(scn);
2809 if (err && libbpf_needs_btf(obj)) {
2810 pr_warn("BTF is required, but is missing or corrupted.\n");
2816 static int compare_vsi_off(const void *_a, const void *_b)
2818 const struct btf_var_secinfo *a = _a;
2819 const struct btf_var_secinfo *b = _b;
2821 return a->offset - b->offset;
2824 static int btf_fixup_datasec(struct bpf_object *obj, struct btf *btf,
2827 __u32 size = 0, off = 0, i, vars = btf_vlen(t);
2828 const char *name = btf__name_by_offset(btf, t->name_off);
2829 const struct btf_type *t_var;
2830 struct btf_var_secinfo *vsi;
2831 const struct btf_var *var;
2835 pr_debug("No name found in string section for DATASEC kind.\n");
2839 /* .extern datasec size and var offsets were set correctly during
2840 * extern collection step, so just skip straight to sorting variables
2845 ret = find_elf_sec_sz(obj, name, &size);
2847 pr_debug("Invalid size for section %s: %u bytes\n", name, size);
2853 for (i = 0, vsi = btf_var_secinfos(t); i < vars; i++, vsi++) {
2854 t_var = btf__type_by_id(btf, vsi->type);
2855 if (!t_var || !btf_is_var(t_var)) {
2856 pr_debug("Non-VAR type seen in section %s\n", name);
2860 var = btf_var(t_var);
2861 if (var->linkage == BTF_VAR_STATIC)
2864 name = btf__name_by_offset(btf, t_var->name_off);
2866 pr_debug("No name found in string section for VAR kind\n");
2870 ret = find_elf_var_offset(obj, name, &off);
2872 pr_debug("No offset found in symbol table for VAR %s\n",
2881 qsort(btf_var_secinfos(t), vars, sizeof(*vsi), compare_vsi_off);
2885 static int btf_finalize_data(struct bpf_object *obj, struct btf *btf)
2888 __u32 i, n = btf__type_cnt(btf);
2890 for (i = 1; i < n; i++) {
2891 struct btf_type *t = btf_type_by_id(btf, i);
2893 /* Loader needs to fix up some of the things compiler
2894 * couldn't get its hands on while emitting BTF. This
2895 * is section size and global variable offset. We use
2896 * the info from the ELF itself for this purpose.
2898 if (btf_is_datasec(t)) {
2899 err = btf_fixup_datasec(obj, btf, t);
2905 return libbpf_err(err);
2908 int btf__finalize_data(struct bpf_object *obj, struct btf *btf)
2910 return btf_finalize_data(obj, btf);
2913 static int bpf_object__finalize_btf(struct bpf_object *obj)
2920 err = btf_finalize_data(obj, obj->btf);
2922 pr_warn("Error finalizing %s: %d.\n", BTF_ELF_SEC, err);
2929 static bool prog_needs_vmlinux_btf(struct bpf_program *prog)
2931 if (prog->type == BPF_PROG_TYPE_STRUCT_OPS ||
2932 prog->type == BPF_PROG_TYPE_LSM)
2935 /* BPF_PROG_TYPE_TRACING programs which do not attach to other programs
2936 * also need vmlinux BTF
2938 if (prog->type == BPF_PROG_TYPE_TRACING && !prog->attach_prog_fd)
2944 static bool obj_needs_vmlinux_btf(const struct bpf_object *obj)
2946 struct bpf_program *prog;
2949 /* CO-RE relocations need kernel BTF, only when btf_custom_path
2952 if (obj->btf_ext && obj->btf_ext->core_relo_info.len && !obj->btf_custom_path)
2955 /* Support for typed ksyms needs kernel BTF */
2956 for (i = 0; i < obj->nr_extern; i++) {
2957 const struct extern_desc *ext;
2959 ext = &obj->externs[i];
2960 if (ext->type == EXT_KSYM && ext->ksym.type_id)
2964 bpf_object__for_each_program(prog, obj) {
2965 if (!prog->autoload)
2967 if (prog_needs_vmlinux_btf(prog))
2974 static int bpf_object__load_vmlinux_btf(struct bpf_object *obj, bool force)
2978 /* btf_vmlinux could be loaded earlier */
2979 if (obj->btf_vmlinux || obj->gen_loader)
2982 if (!force && !obj_needs_vmlinux_btf(obj))
2985 obj->btf_vmlinux = btf__load_vmlinux_btf();
2986 err = libbpf_get_error(obj->btf_vmlinux);
2988 pr_warn("Error loading vmlinux BTF: %d\n", err);
2989 obj->btf_vmlinux = NULL;
2995 static int bpf_object__sanitize_and_load_btf(struct bpf_object *obj)
2997 struct btf *kern_btf = obj->btf;
2998 bool btf_mandatory, sanitize;
3004 if (!kernel_supports(obj, FEAT_BTF)) {
3005 if (kernel_needs_btf(obj)) {
3009 pr_debug("Kernel doesn't support BTF, skipping uploading it.\n");
3013 /* Even though some subprogs are global/weak, user might prefer more
3014 * permissive BPF verification process that BPF verifier performs for
3015 * static functions, taking into account more context from the caller
3016 * functions. In such case, they need to mark such subprogs with
3017 * __attribute__((visibility("hidden"))) and libbpf will adjust
3018 * corresponding FUNC BTF type to be marked as static and trigger more
3019 * involved BPF verification process.
3021 for (i = 0; i < obj->nr_programs; i++) {
3022 struct bpf_program *prog = &obj->programs[i];
3027 if (!prog->mark_btf_static || !prog_is_subprog(obj, prog))
3030 n = btf__type_cnt(obj->btf);
3031 for (j = 1; j < n; j++) {
3032 t = btf_type_by_id(obj->btf, j);
3033 if (!btf_is_func(t) || btf_func_linkage(t) != BTF_FUNC_GLOBAL)
3036 name = btf__str_by_offset(obj->btf, t->name_off);
3037 if (strcmp(name, prog->name) != 0)
3040 t->info = btf_type_info(BTF_KIND_FUNC, BTF_FUNC_STATIC, 0);
3045 sanitize = btf_needs_sanitization(obj);
3047 const void *raw_data;
3050 /* clone BTF to sanitize a copy and leave the original intact */
3051 raw_data = btf__raw_data(obj->btf, &sz);
3052 kern_btf = btf__new(raw_data, sz);
3053 err = libbpf_get_error(kern_btf);
3057 /* enforce 8-byte pointers for BPF-targeted BTFs */
3058 btf__set_pointer_size(obj->btf, 8);
3059 bpf_object__sanitize_btf(obj, kern_btf);
3062 if (obj->gen_loader) {
3064 const void *raw_data = btf__raw_data(kern_btf, &raw_size);
3068 bpf_gen__load_btf(obj->gen_loader, raw_data, raw_size);
3069 /* Pretend to have valid FD to pass various fd >= 0 checks.
3070 * This fd == 0 will not be used with any syscall and will be reset to -1 eventually.
3072 btf__set_fd(kern_btf, 0);
3074 /* currently BPF_BTF_LOAD only supports log_level 1 */
3075 err = btf_load_into_kernel(kern_btf, obj->log_buf, obj->log_size,
3076 obj->log_level ? 1 : 0);
3080 /* move fd to libbpf's BTF */
3081 btf__set_fd(obj->btf, btf__fd(kern_btf));
3082 btf__set_fd(kern_btf, -1);
3084 btf__free(kern_btf);
3088 btf_mandatory = kernel_needs_btf(obj);
3089 pr_warn("Error loading .BTF into kernel: %d. %s\n", err,
3090 btf_mandatory ? "BTF is mandatory, can't proceed."
3091 : "BTF is optional, ignoring.");
3098 static const char *elf_sym_str(const struct bpf_object *obj, size_t off)
3102 name = elf_strptr(obj->efile.elf, obj->efile.strtabidx, off);
3104 pr_warn("elf: failed to get section name string at offset %zu from %s: %s\n",
3105 off, obj->path, elf_errmsg(-1));
3112 static const char *elf_sec_str(const struct bpf_object *obj, size_t off)
3116 name = elf_strptr(obj->efile.elf, obj->efile.shstrndx, off);
3118 pr_warn("elf: failed to get section name string at offset %zu from %s: %s\n",
3119 off, obj->path, elf_errmsg(-1));
3126 static Elf_Scn *elf_sec_by_idx(const struct bpf_object *obj, size_t idx)
3130 scn = elf_getscn(obj->efile.elf, idx);
3132 pr_warn("elf: failed to get section(%zu) from %s: %s\n",
3133 idx, obj->path, elf_errmsg(-1));
3139 static Elf_Scn *elf_sec_by_name(const struct bpf_object *obj, const char *name)
3141 Elf_Scn *scn = NULL;
3142 Elf *elf = obj->efile.elf;
3143 const char *sec_name;
3145 while ((scn = elf_nextscn(elf, scn)) != NULL) {
3146 sec_name = elf_sec_name(obj, scn);
3150 if (strcmp(sec_name, name) != 0)
3158 static Elf64_Shdr *elf_sec_hdr(const struct bpf_object *obj, Elf_Scn *scn)
3165 shdr = elf64_getshdr(scn);
3167 pr_warn("elf: failed to get section(%zu) header from %s: %s\n",
3168 elf_ndxscn(scn), obj->path, elf_errmsg(-1));
3175 static const char *elf_sec_name(const struct bpf_object *obj, Elf_Scn *scn)
3183 sh = elf_sec_hdr(obj, scn);
3187 name = elf_sec_str(obj, sh->sh_name);
3189 pr_warn("elf: failed to get section(%zu) name from %s: %s\n",
3190 elf_ndxscn(scn), obj->path, elf_errmsg(-1));
3197 static Elf_Data *elf_sec_data(const struct bpf_object *obj, Elf_Scn *scn)
3204 data = elf_getdata(scn, 0);
3206 pr_warn("elf: failed to get section(%zu) %s data from %s: %s\n",
3207 elf_ndxscn(scn), elf_sec_name(obj, scn) ?: "<?>",
3208 obj->path, elf_errmsg(-1));
3215 static Elf64_Sym *elf_sym_by_idx(const struct bpf_object *obj, size_t idx)
3217 if (idx >= obj->efile.symbols->d_size / sizeof(Elf64_Sym))
3220 return (Elf64_Sym *)obj->efile.symbols->d_buf + idx;
3223 static Elf64_Rel *elf_rel_by_idx(Elf_Data *data, size_t idx)
3225 if (idx >= data->d_size / sizeof(Elf64_Rel))
3228 return (Elf64_Rel *)data->d_buf + idx;
3231 static bool is_sec_name_dwarf(const char *name)
3233 /* approximation, but the actual list is too long */
3234 return str_has_pfx(name, ".debug_");
3237 static bool ignore_elf_section(Elf64_Shdr *hdr, const char *name)
3239 /* no special handling of .strtab */
3240 if (hdr->sh_type == SHT_STRTAB)
3243 /* ignore .llvm_addrsig section as well */
3244 if (hdr->sh_type == SHT_LLVM_ADDRSIG)
3247 /* no subprograms will lead to an empty .text section, ignore it */
3248 if (hdr->sh_type == SHT_PROGBITS && hdr->sh_size == 0 &&
3249 strcmp(name, ".text") == 0)
3252 /* DWARF sections */
3253 if (is_sec_name_dwarf(name))
3256 if (str_has_pfx(name, ".rel")) {
3257 name += sizeof(".rel") - 1;
3258 /* DWARF section relocations */
3259 if (is_sec_name_dwarf(name))
3262 /* .BTF and .BTF.ext don't need relocations */
3263 if (strcmp(name, BTF_ELF_SEC) == 0 ||
3264 strcmp(name, BTF_EXT_ELF_SEC) == 0)
3271 static int cmp_progs(const void *_a, const void *_b)
3273 const struct bpf_program *a = _a;
3274 const struct bpf_program *b = _b;
3276 if (a->sec_idx != b->sec_idx)
3277 return a->sec_idx < b->sec_idx ? -1 : 1;
3279 /* sec_insn_off can't be the same within the section */
3280 return a->sec_insn_off < b->sec_insn_off ? -1 : 1;
3283 static int bpf_object__elf_collect(struct bpf_object *obj)
3285 struct elf_sec_desc *sec_desc;
3286 Elf *elf = obj->efile.elf;
3287 Elf_Data *btf_ext_data = NULL;
3288 Elf_Data *btf_data = NULL;
3289 int idx = 0, err = 0;
3295 /* ELF section indices are 0-based, but sec #0 is special "invalid"
3296 * section. e_shnum does include sec #0, so e_shnum is the necessary
3297 * size of an array to keep all the sections.
3299 obj->efile.sec_cnt = obj->efile.ehdr->e_shnum;
3300 obj->efile.secs = calloc(obj->efile.sec_cnt, sizeof(*obj->efile.secs));
3301 if (!obj->efile.secs)
3304 /* a bunch of ELF parsing functionality depends on processing symbols,
3305 * so do the first pass and find the symbol table
3308 while ((scn = elf_nextscn(elf, scn)) != NULL) {
3309 sh = elf_sec_hdr(obj, scn);
3311 return -LIBBPF_ERRNO__FORMAT;
3313 if (sh->sh_type == SHT_SYMTAB) {
3314 if (obj->efile.symbols) {
3315 pr_warn("elf: multiple symbol tables in %s\n", obj->path);
3316 return -LIBBPF_ERRNO__FORMAT;
3319 data = elf_sec_data(obj, scn);
3321 return -LIBBPF_ERRNO__FORMAT;
3323 idx = elf_ndxscn(scn);
3325 obj->efile.symbols = data;
3326 obj->efile.symbols_shndx = idx;
3327 obj->efile.strtabidx = sh->sh_link;
3331 if (!obj->efile.symbols) {
3332 pr_warn("elf: couldn't find symbol table in %s, stripped object file?\n",
3338 while ((scn = elf_nextscn(elf, scn)) != NULL) {
3339 idx = elf_ndxscn(scn);
3340 sec_desc = &obj->efile.secs[idx];
3342 sh = elf_sec_hdr(obj, scn);
3344 return -LIBBPF_ERRNO__FORMAT;
3346 name = elf_sec_str(obj, sh->sh_name);
3348 return -LIBBPF_ERRNO__FORMAT;
3350 if (ignore_elf_section(sh, name))
3353 data = elf_sec_data(obj, scn);
3355 return -LIBBPF_ERRNO__FORMAT;
3357 pr_debug("elf: section(%d) %s, size %ld, link %d, flags %lx, type=%d\n",
3358 idx, name, (unsigned long)data->d_size,
3359 (int)sh->sh_link, (unsigned long)sh->sh_flags,
3362 if (strcmp(name, "license") == 0) {
3363 err = bpf_object__init_license(obj, data->d_buf, data->d_size);
3366 } else if (strcmp(name, "version") == 0) {
3367 err = bpf_object__init_kversion(obj, data->d_buf, data->d_size);
3370 } else if (strcmp(name, "maps") == 0) {
3371 obj->efile.maps_shndx = idx;
3372 } else if (strcmp(name, MAPS_ELF_SEC) == 0) {
3373 obj->efile.btf_maps_shndx = idx;
3374 } else if (strcmp(name, BTF_ELF_SEC) == 0) {
3375 if (sh->sh_type != SHT_PROGBITS)
3376 return -LIBBPF_ERRNO__FORMAT;
3378 } else if (strcmp(name, BTF_EXT_ELF_SEC) == 0) {
3379 if (sh->sh_type != SHT_PROGBITS)
3380 return -LIBBPF_ERRNO__FORMAT;
3381 btf_ext_data = data;
3382 } else if (sh->sh_type == SHT_SYMTAB) {
3383 /* already processed during the first pass above */
3384 } else if (sh->sh_type == SHT_PROGBITS && data->d_size > 0) {
3385 if (sh->sh_flags & SHF_EXECINSTR) {
3386 if (strcmp(name, ".text") == 0)
3387 obj->efile.text_shndx = idx;
3388 err = bpf_object__add_programs(obj, data, name, idx);
3391 } else if (strcmp(name, DATA_SEC) == 0 ||
3392 str_has_pfx(name, DATA_SEC ".")) {
3393 sec_desc->sec_type = SEC_DATA;
3394 sec_desc->shdr = sh;
3395 sec_desc->data = data;
3396 } else if (strcmp(name, RODATA_SEC) == 0 ||
3397 str_has_pfx(name, RODATA_SEC ".")) {
3398 sec_desc->sec_type = SEC_RODATA;
3399 sec_desc->shdr = sh;
3400 sec_desc->data = data;
3401 } else if (strcmp(name, STRUCT_OPS_SEC) == 0) {
3402 obj->efile.st_ops_data = data;
3403 obj->efile.st_ops_shndx = idx;
3405 pr_info("elf: skipping unrecognized data section(%d) %s\n",
3408 } else if (sh->sh_type == SHT_REL) {
3409 int targ_sec_idx = sh->sh_info; /* points to other section */
3411 if (sh->sh_entsize != sizeof(Elf64_Rel) ||
3412 targ_sec_idx >= obj->efile.sec_cnt)
3413 return -LIBBPF_ERRNO__FORMAT;
3415 /* Only do relo for section with exec instructions */
3416 if (!section_have_execinstr(obj, targ_sec_idx) &&
3417 strcmp(name, ".rel" STRUCT_OPS_SEC) &&
3418 strcmp(name, ".rel" MAPS_ELF_SEC)) {
3419 pr_info("elf: skipping relo section(%d) %s for section(%d) %s\n",
3420 idx, name, targ_sec_idx,
3421 elf_sec_name(obj, elf_sec_by_idx(obj, targ_sec_idx)) ?: "<?>");
3425 sec_desc->sec_type = SEC_RELO;
3426 sec_desc->shdr = sh;
3427 sec_desc->data = data;
3428 } else if (sh->sh_type == SHT_NOBITS && strcmp(name, BSS_SEC) == 0) {
3429 sec_desc->sec_type = SEC_BSS;
3430 sec_desc->shdr = sh;
3431 sec_desc->data = data;
3433 pr_info("elf: skipping section(%d) %s (size %zu)\n", idx, name,
3434 (size_t)sh->sh_size);
3438 if (!obj->efile.strtabidx || obj->efile.strtabidx > idx) {
3439 pr_warn("elf: symbol strings section missing or invalid in %s\n", obj->path);
3440 return -LIBBPF_ERRNO__FORMAT;
3443 /* sort BPF programs by section name and in-section instruction offset
3444 * for faster search */
3445 if (obj->nr_programs)
3446 qsort(obj->programs, obj->nr_programs, sizeof(*obj->programs), cmp_progs);
3448 return bpf_object__init_btf(obj, btf_data, btf_ext_data);
3451 static bool sym_is_extern(const Elf64_Sym *sym)
3453 int bind = ELF64_ST_BIND(sym->st_info);
3454 /* externs are symbols w/ type=NOTYPE, bind=GLOBAL|WEAK, section=UND */
3455 return sym->st_shndx == SHN_UNDEF &&
3456 (bind == STB_GLOBAL || bind == STB_WEAK) &&
3457 ELF64_ST_TYPE(sym->st_info) == STT_NOTYPE;
3460 static bool sym_is_subprog(const Elf64_Sym *sym, int text_shndx)
3462 int bind = ELF64_ST_BIND(sym->st_info);
3463 int type = ELF64_ST_TYPE(sym->st_info);
3465 /* in .text section */
3466 if (sym->st_shndx != text_shndx)
3469 /* local function */
3470 if (bind == STB_LOCAL && type == STT_SECTION)
3473 /* global function */
3474 return bind == STB_GLOBAL && type == STT_FUNC;
3477 static int find_extern_btf_id(const struct btf *btf, const char *ext_name)
3479 const struct btf_type *t;
3486 n = btf__type_cnt(btf);
3487 for (i = 1; i < n; i++) {
3488 t = btf__type_by_id(btf, i);
3490 if (!btf_is_var(t) && !btf_is_func(t))
3493 tname = btf__name_by_offset(btf, t->name_off);
3494 if (strcmp(tname, ext_name))
3497 if (btf_is_var(t) &&
3498 btf_var(t)->linkage != BTF_VAR_GLOBAL_EXTERN)
3501 if (btf_is_func(t) && btf_func_linkage(t) != BTF_FUNC_EXTERN)
3510 static int find_extern_sec_btf_id(struct btf *btf, int ext_btf_id) {
3511 const struct btf_var_secinfo *vs;
3512 const struct btf_type *t;
3518 n = btf__type_cnt(btf);
3519 for (i = 1; i < n; i++) {
3520 t = btf__type_by_id(btf, i);
3522 if (!btf_is_datasec(t))
3525 vs = btf_var_secinfos(t);
3526 for (j = 0; j < btf_vlen(t); j++, vs++) {
3527 if (vs->type == ext_btf_id)
3535 static enum kcfg_type find_kcfg_type(const struct btf *btf, int id,
3538 const struct btf_type *t;
3541 t = skip_mods_and_typedefs(btf, id, NULL);
3542 name = btf__name_by_offset(btf, t->name_off);
3546 switch (btf_kind(t)) {
3547 case BTF_KIND_INT: {
3548 int enc = btf_int_encoding(t);
3550 if (enc & BTF_INT_BOOL)
3551 return t->size == 1 ? KCFG_BOOL : KCFG_UNKNOWN;
3553 *is_signed = enc & BTF_INT_SIGNED;
3556 if (t->size < 1 || t->size > 8 || (t->size & (t->size - 1)))
3557 return KCFG_UNKNOWN;
3562 return KCFG_UNKNOWN;
3563 if (strcmp(name, "libbpf_tristate"))
3564 return KCFG_UNKNOWN;
3565 return KCFG_TRISTATE;
3566 case BTF_KIND_ARRAY:
3567 if (btf_array(t)->nelems == 0)
3568 return KCFG_UNKNOWN;
3569 if (find_kcfg_type(btf, btf_array(t)->type, NULL) != KCFG_CHAR)
3570 return KCFG_UNKNOWN;
3571 return KCFG_CHAR_ARR;
3573 return KCFG_UNKNOWN;
3577 static int cmp_externs(const void *_a, const void *_b)
3579 const struct extern_desc *a = _a;
3580 const struct extern_desc *b = _b;
3582 if (a->type != b->type)
3583 return a->type < b->type ? -1 : 1;
3585 if (a->type == EXT_KCFG) {
3586 /* descending order by alignment requirements */
3587 if (a->kcfg.align != b->kcfg.align)
3588 return a->kcfg.align > b->kcfg.align ? -1 : 1;
3589 /* ascending order by size, within same alignment class */
3590 if (a->kcfg.sz != b->kcfg.sz)
3591 return a->kcfg.sz < b->kcfg.sz ? -1 : 1;
3594 /* resolve ties by name */
3595 return strcmp(a->name, b->name);
3598 static int find_int_btf_id(const struct btf *btf)
3600 const struct btf_type *t;
3603 n = btf__type_cnt(btf);
3604 for (i = 1; i < n; i++) {
3605 t = btf__type_by_id(btf, i);
3607 if (btf_is_int(t) && btf_int_bits(t) == 32)
3614 static int add_dummy_ksym_var(struct btf *btf)
3616 int i, int_btf_id, sec_btf_id, dummy_var_btf_id;
3617 const struct btf_var_secinfo *vs;
3618 const struct btf_type *sec;
3623 sec_btf_id = btf__find_by_name_kind(btf, KSYMS_SEC,
3628 sec = btf__type_by_id(btf, sec_btf_id);
3629 vs = btf_var_secinfos(sec);
3630 for (i = 0; i < btf_vlen(sec); i++, vs++) {
3631 const struct btf_type *vt;
3633 vt = btf__type_by_id(btf, vs->type);
3634 if (btf_is_func(vt))
3638 /* No func in ksyms sec. No need to add dummy var. */
3639 if (i == btf_vlen(sec))
3642 int_btf_id = find_int_btf_id(btf);
3643 dummy_var_btf_id = btf__add_var(btf,
3645 BTF_VAR_GLOBAL_ALLOCATED,
3647 if (dummy_var_btf_id < 0)
3648 pr_warn("cannot create a dummy_ksym var\n");
3650 return dummy_var_btf_id;
3653 static int bpf_object__collect_externs(struct bpf_object *obj)
3655 struct btf_type *sec, *kcfg_sec = NULL, *ksym_sec = NULL;
3656 const struct btf_type *t;
3657 struct extern_desc *ext;
3658 int i, n, off, dummy_var_btf_id;
3659 const char *ext_name, *sec_name;
3663 if (!obj->efile.symbols)
3666 scn = elf_sec_by_idx(obj, obj->efile.symbols_shndx);
3667 sh = elf_sec_hdr(obj, scn);
3668 if (!sh || sh->sh_entsize != sizeof(Elf64_Sym))
3669 return -LIBBPF_ERRNO__FORMAT;
3671 dummy_var_btf_id = add_dummy_ksym_var(obj->btf);
3672 if (dummy_var_btf_id < 0)
3673 return dummy_var_btf_id;
3675 n = sh->sh_size / sh->sh_entsize;
3676 pr_debug("looking for externs among %d symbols...\n", n);
3678 for (i = 0; i < n; i++) {
3679 Elf64_Sym *sym = elf_sym_by_idx(obj, i);
3682 return -LIBBPF_ERRNO__FORMAT;
3683 if (!sym_is_extern(sym))
3685 ext_name = elf_sym_str(obj, sym->st_name);
3686 if (!ext_name || !ext_name[0])
3690 ext = libbpf_reallocarray(ext, obj->nr_extern + 1, sizeof(*ext));
3694 ext = &ext[obj->nr_extern];
3695 memset(ext, 0, sizeof(*ext));
3698 ext->btf_id = find_extern_btf_id(obj->btf, ext_name);
3699 if (ext->btf_id <= 0) {
3700 pr_warn("failed to find BTF for extern '%s': %d\n",
3701 ext_name, ext->btf_id);
3704 t = btf__type_by_id(obj->btf, ext->btf_id);
3705 ext->name = btf__name_by_offset(obj->btf, t->name_off);
3707 ext->is_weak = ELF64_ST_BIND(sym->st_info) == STB_WEAK;
3709 ext->sec_btf_id = find_extern_sec_btf_id(obj->btf, ext->btf_id);
3710 if (ext->sec_btf_id <= 0) {
3711 pr_warn("failed to find BTF for extern '%s' [%d] section: %d\n",
3712 ext_name, ext->btf_id, ext->sec_btf_id);
3713 return ext->sec_btf_id;
3715 sec = (void *)btf__type_by_id(obj->btf, ext->sec_btf_id);
3716 sec_name = btf__name_by_offset(obj->btf, sec->name_off);
3718 if (strcmp(sec_name, KCONFIG_SEC) == 0) {
3719 if (btf_is_func(t)) {
3720 pr_warn("extern function %s is unsupported under %s section\n",
3721 ext->name, KCONFIG_SEC);
3725 ext->type = EXT_KCFG;
3726 ext->kcfg.sz = btf__resolve_size(obj->btf, t->type);
3727 if (ext->kcfg.sz <= 0) {
3728 pr_warn("failed to resolve size of extern (kcfg) '%s': %d\n",
3729 ext_name, ext->kcfg.sz);
3730 return ext->kcfg.sz;
3732 ext->kcfg.align = btf__align_of(obj->btf, t->type);
3733 if (ext->kcfg.align <= 0) {
3734 pr_warn("failed to determine alignment of extern (kcfg) '%s': %d\n",
3735 ext_name, ext->kcfg.align);
3738 ext->kcfg.type = find_kcfg_type(obj->btf, t->type,
3739 &ext->kcfg.is_signed);
3740 if (ext->kcfg.type == KCFG_UNKNOWN) {
3741 pr_warn("extern (kcfg) '%s' type is unsupported\n", ext_name);
3744 } else if (strcmp(sec_name, KSYMS_SEC) == 0) {
3746 ext->type = EXT_KSYM;
3747 skip_mods_and_typedefs(obj->btf, t->type,
3748 &ext->ksym.type_id);
3750 pr_warn("unrecognized extern section '%s'\n", sec_name);
3754 pr_debug("collected %d externs total\n", obj->nr_extern);
3756 if (!obj->nr_extern)
3759 /* sort externs by type, for kcfg ones also by (align, size, name) */
3760 qsort(obj->externs, obj->nr_extern, sizeof(*ext), cmp_externs);
3762 /* for .ksyms section, we need to turn all externs into allocated
3763 * variables in BTF to pass kernel verification; we do this by
3764 * pretending that each extern is a 8-byte variable
3767 /* find existing 4-byte integer type in BTF to use for fake
3768 * extern variables in DATASEC
3770 int int_btf_id = find_int_btf_id(obj->btf);
3771 /* For extern function, a dummy_var added earlier
3772 * will be used to replace the vs->type and
3773 * its name string will be used to refill
3774 * the missing param's name.
3776 const struct btf_type *dummy_var;
3778 dummy_var = btf__type_by_id(obj->btf, dummy_var_btf_id);
3779 for (i = 0; i < obj->nr_extern; i++) {
3780 ext = &obj->externs[i];
3781 if (ext->type != EXT_KSYM)
3783 pr_debug("extern (ksym) #%d: symbol %d, name %s\n",
3784 i, ext->sym_idx, ext->name);
3789 for (i = 0, off = 0; i < n; i++, off += sizeof(int)) {
3790 struct btf_var_secinfo *vs = btf_var_secinfos(sec) + i;
3791 struct btf_type *vt;
3793 vt = (void *)btf__type_by_id(obj->btf, vs->type);
3794 ext_name = btf__name_by_offset(obj->btf, vt->name_off);
3795 ext = find_extern_by_name(obj, ext_name);
3797 pr_warn("failed to find extern definition for BTF %s '%s'\n",
3798 btf_kind_str(vt), ext_name);
3801 if (btf_is_func(vt)) {
3802 const struct btf_type *func_proto;
3803 struct btf_param *param;
3806 func_proto = btf__type_by_id(obj->btf,
3808 param = btf_params(func_proto);
3809 /* Reuse the dummy_var string if the
3810 * func proto does not have param name.
3812 for (j = 0; j < btf_vlen(func_proto); j++)
3813 if (param[j].type && !param[j].name_off)
3815 dummy_var->name_off;
3816 vs->type = dummy_var_btf_id;
3817 vt->info &= ~0xffff;
3818 vt->info |= BTF_FUNC_GLOBAL;
3820 btf_var(vt)->linkage = BTF_VAR_GLOBAL_ALLOCATED;
3821 vt->type = int_btf_id;
3824 vs->size = sizeof(int);
3831 /* for kcfg externs calculate their offsets within a .kconfig map */
3833 for (i = 0; i < obj->nr_extern; i++) {
3834 ext = &obj->externs[i];
3835 if (ext->type != EXT_KCFG)
3838 ext->kcfg.data_off = roundup(off, ext->kcfg.align);
3839 off = ext->kcfg.data_off + ext->kcfg.sz;
3840 pr_debug("extern (kcfg) #%d: symbol %d, off %u, name %s\n",
3841 i, ext->sym_idx, ext->kcfg.data_off, ext->name);
3845 for (i = 0; i < n; i++) {
3846 struct btf_var_secinfo *vs = btf_var_secinfos(sec) + i;
3848 t = btf__type_by_id(obj->btf, vs->type);
3849 ext_name = btf__name_by_offset(obj->btf, t->name_off);
3850 ext = find_extern_by_name(obj, ext_name);
3852 pr_warn("failed to find extern definition for BTF var '%s'\n",
3856 btf_var(t)->linkage = BTF_VAR_GLOBAL_ALLOCATED;
3857 vs->offset = ext->kcfg.data_off;
3863 struct bpf_program *
3864 bpf_object__find_program_by_title(const struct bpf_object *obj,
3867 struct bpf_program *pos;
3869 bpf_object__for_each_program(pos, obj) {
3870 if (pos->sec_name && !strcmp(pos->sec_name, title))
3873 return errno = ENOENT, NULL;
3876 static bool prog_is_subprog(const struct bpf_object *obj,
3877 const struct bpf_program *prog)
3879 /* For legacy reasons, libbpf supports an entry-point BPF programs
3880 * without SEC() attribute, i.e., those in the .text section. But if
3881 * there are 2 or more such programs in the .text section, they all
3882 * must be subprograms called from entry-point BPF programs in
3883 * designated SEC()'tions, otherwise there is no way to distinguish
3884 * which of those programs should be loaded vs which are a subprogram.
3885 * Similarly, if there is a function/program in .text and at least one
3886 * other BPF program with custom SEC() attribute, then we just assume
3887 * .text programs are subprograms (even if they are not called from
3888 * other programs), because libbpf never explicitly supported mixing
3889 * SEC()-designated BPF programs and .text entry-point BPF programs.
3891 * In libbpf 1.0 strict mode, we always consider .text
3892 * programs to be subprograms.
3895 if (libbpf_mode & LIBBPF_STRICT_SEC_NAME)
3896 return prog->sec_idx == obj->efile.text_shndx;
3898 return prog->sec_idx == obj->efile.text_shndx && obj->nr_programs > 1;
3901 struct bpf_program *
3902 bpf_object__find_program_by_name(const struct bpf_object *obj,
3905 struct bpf_program *prog;
3907 bpf_object__for_each_program(prog, obj) {
3908 if (prog_is_subprog(obj, prog))
3910 if (!strcmp(prog->name, name))
3913 return errno = ENOENT, NULL;
3916 static bool bpf_object__shndx_is_data(const struct bpf_object *obj,
3919 switch (obj->efile.secs[shndx].sec_type) {
3929 static bool bpf_object__shndx_is_maps(const struct bpf_object *obj,
3932 return shndx == obj->efile.maps_shndx ||
3933 shndx == obj->efile.btf_maps_shndx;
3936 static enum libbpf_map_type
3937 bpf_object__section_to_libbpf_map_type(const struct bpf_object *obj, int shndx)
3939 if (shndx == obj->efile.symbols_shndx)
3940 return LIBBPF_MAP_KCONFIG;
3942 switch (obj->efile.secs[shndx].sec_type) {
3944 return LIBBPF_MAP_BSS;
3946 return LIBBPF_MAP_DATA;
3948 return LIBBPF_MAP_RODATA;
3950 return LIBBPF_MAP_UNSPEC;
3954 static int bpf_program__record_reloc(struct bpf_program *prog,
3955 struct reloc_desc *reloc_desc,
3956 __u32 insn_idx, const char *sym_name,
3957 const Elf64_Sym *sym, const Elf64_Rel *rel)
3959 struct bpf_insn *insn = &prog->insns[insn_idx];
3960 size_t map_idx, nr_maps = prog->obj->nr_maps;
3961 struct bpf_object *obj = prog->obj;
3962 __u32 shdr_idx = sym->st_shndx;
3963 enum libbpf_map_type type;
3964 const char *sym_sec_name;
3965 struct bpf_map *map;
3967 if (!is_call_insn(insn) && !is_ldimm64_insn(insn)) {
3968 pr_warn("prog '%s': invalid relo against '%s' for insns[%d].code 0x%x\n",
3969 prog->name, sym_name, insn_idx, insn->code);
3970 return -LIBBPF_ERRNO__RELOC;
3973 if (sym_is_extern(sym)) {
3974 int sym_idx = ELF64_R_SYM(rel->r_info);
3975 int i, n = obj->nr_extern;
3976 struct extern_desc *ext;
3978 for (i = 0; i < n; i++) {
3979 ext = &obj->externs[i];
3980 if (ext->sym_idx == sym_idx)
3984 pr_warn("prog '%s': extern relo failed to find extern for '%s' (%d)\n",
3985 prog->name, sym_name, sym_idx);
3986 return -LIBBPF_ERRNO__RELOC;
3988 pr_debug("prog '%s': found extern #%d '%s' (sym %d) for insn #%u\n",
3989 prog->name, i, ext->name, ext->sym_idx, insn_idx);
3990 if (insn->code == (BPF_JMP | BPF_CALL))
3991 reloc_desc->type = RELO_EXTERN_FUNC;
3993 reloc_desc->type = RELO_EXTERN_VAR;
3994 reloc_desc->insn_idx = insn_idx;
3995 reloc_desc->sym_off = i; /* sym_off stores extern index */
3999 /* sub-program call relocation */
4000 if (is_call_insn(insn)) {
4001 if (insn->src_reg != BPF_PSEUDO_CALL) {
4002 pr_warn("prog '%s': incorrect bpf_call opcode\n", prog->name);
4003 return -LIBBPF_ERRNO__RELOC;
4005 /* text_shndx can be 0, if no default "main" program exists */
4006 if (!shdr_idx || shdr_idx != obj->efile.text_shndx) {
4007 sym_sec_name = elf_sec_name(obj, elf_sec_by_idx(obj, shdr_idx));
4008 pr_warn("prog '%s': bad call relo against '%s' in section '%s'\n",
4009 prog->name, sym_name, sym_sec_name);
4010 return -LIBBPF_ERRNO__RELOC;
4012 if (sym->st_value % BPF_INSN_SZ) {
4013 pr_warn("prog '%s': bad call relo against '%s' at offset %zu\n",
4014 prog->name, sym_name, (size_t)sym->st_value);
4015 return -LIBBPF_ERRNO__RELOC;
4017 reloc_desc->type = RELO_CALL;
4018 reloc_desc->insn_idx = insn_idx;
4019 reloc_desc->sym_off = sym->st_value;
4023 if (!shdr_idx || shdr_idx >= SHN_LORESERVE) {
4024 pr_warn("prog '%s': invalid relo against '%s' in special section 0x%x; forgot to initialize global var?..\n",
4025 prog->name, sym_name, shdr_idx);
4026 return -LIBBPF_ERRNO__RELOC;
4029 /* loading subprog addresses */
4030 if (sym_is_subprog(sym, obj->efile.text_shndx)) {
4031 /* global_func: sym->st_value = offset in the section, insn->imm = 0.
4032 * local_func: sym->st_value = 0, insn->imm = offset in the section.
4034 if ((sym->st_value % BPF_INSN_SZ) || (insn->imm % BPF_INSN_SZ)) {
4035 pr_warn("prog '%s': bad subprog addr relo against '%s' at offset %zu+%d\n",
4036 prog->name, sym_name, (size_t)sym->st_value, insn->imm);
4037 return -LIBBPF_ERRNO__RELOC;
4040 reloc_desc->type = RELO_SUBPROG_ADDR;
4041 reloc_desc->insn_idx = insn_idx;
4042 reloc_desc->sym_off = sym->st_value;
4046 type = bpf_object__section_to_libbpf_map_type(obj, shdr_idx);
4047 sym_sec_name = elf_sec_name(obj, elf_sec_by_idx(obj, shdr_idx));
4049 /* generic map reference relocation */
4050 if (type == LIBBPF_MAP_UNSPEC) {
4051 if (!bpf_object__shndx_is_maps(obj, shdr_idx)) {
4052 pr_warn("prog '%s': bad map relo against '%s' in section '%s'\n",
4053 prog->name, sym_name, sym_sec_name);
4054 return -LIBBPF_ERRNO__RELOC;
4056 for (map_idx = 0; map_idx < nr_maps; map_idx++) {
4057 map = &obj->maps[map_idx];
4058 if (map->libbpf_type != type ||
4059 map->sec_idx != sym->st_shndx ||
4060 map->sec_offset != sym->st_value)
4062 pr_debug("prog '%s': found map %zd (%s, sec %d, off %zu) for insn #%u\n",
4063 prog->name, map_idx, map->name, map->sec_idx,
4064 map->sec_offset, insn_idx);
4067 if (map_idx >= nr_maps) {
4068 pr_warn("prog '%s': map relo failed to find map for section '%s', off %zu\n",
4069 prog->name, sym_sec_name, (size_t)sym->st_value);
4070 return -LIBBPF_ERRNO__RELOC;
4072 reloc_desc->type = RELO_LD64;
4073 reloc_desc->insn_idx = insn_idx;
4074 reloc_desc->map_idx = map_idx;
4075 reloc_desc->sym_off = 0; /* sym->st_value determines map_idx */
4079 /* global data map relocation */
4080 if (!bpf_object__shndx_is_data(obj, shdr_idx)) {
4081 pr_warn("prog '%s': bad data relo against section '%s'\n",
4082 prog->name, sym_sec_name);
4083 return -LIBBPF_ERRNO__RELOC;
4085 for (map_idx = 0; map_idx < nr_maps; map_idx++) {
4086 map = &obj->maps[map_idx];
4087 if (map->libbpf_type != type || map->sec_idx != sym->st_shndx)
4089 pr_debug("prog '%s': found data map %zd (%s, sec %d, off %zu) for insn %u\n",
4090 prog->name, map_idx, map->name, map->sec_idx,
4091 map->sec_offset, insn_idx);
4094 if (map_idx >= nr_maps) {
4095 pr_warn("prog '%s': data relo failed to find map for section '%s'\n",
4096 prog->name, sym_sec_name);
4097 return -LIBBPF_ERRNO__RELOC;
4100 reloc_desc->type = RELO_DATA;
4101 reloc_desc->insn_idx = insn_idx;
4102 reloc_desc->map_idx = map_idx;
4103 reloc_desc->sym_off = sym->st_value;
4107 static bool prog_contains_insn(const struct bpf_program *prog, size_t insn_idx)
4109 return insn_idx >= prog->sec_insn_off &&
4110 insn_idx < prog->sec_insn_off + prog->sec_insn_cnt;
4113 static struct bpf_program *find_prog_by_sec_insn(const struct bpf_object *obj,
4114 size_t sec_idx, size_t insn_idx)
4116 int l = 0, r = obj->nr_programs - 1, m;
4117 struct bpf_program *prog;
4120 m = l + (r - l + 1) / 2;
4121 prog = &obj->programs[m];
4123 if (prog->sec_idx < sec_idx ||
4124 (prog->sec_idx == sec_idx && prog->sec_insn_off <= insn_idx))
4129 /* matching program could be at index l, but it still might be the
4130 * wrong one, so we need to double check conditions for the last time
4132 prog = &obj->programs[l];
4133 if (prog->sec_idx == sec_idx && prog_contains_insn(prog, insn_idx))
4139 bpf_object__collect_prog_relos(struct bpf_object *obj, Elf64_Shdr *shdr, Elf_Data *data)
4141 const char *relo_sec_name, *sec_name;
4142 size_t sec_idx = shdr->sh_info, sym_idx;
4143 struct bpf_program *prog;
4144 struct reloc_desc *relos;
4146 const char *sym_name;
4153 if (sec_idx >= obj->efile.sec_cnt)
4156 scn = elf_sec_by_idx(obj, sec_idx);
4157 scn_data = elf_sec_data(obj, scn);
4159 relo_sec_name = elf_sec_str(obj, shdr->sh_name);
4160 sec_name = elf_sec_name(obj, scn);
4161 if (!relo_sec_name || !sec_name)
4164 pr_debug("sec '%s': collecting relocation for section(%zu) '%s'\n",
4165 relo_sec_name, sec_idx, sec_name);
4166 nrels = shdr->sh_size / shdr->sh_entsize;
4168 for (i = 0; i < nrels; i++) {
4169 rel = elf_rel_by_idx(data, i);
4171 pr_warn("sec '%s': failed to get relo #%d\n", relo_sec_name, i);
4172 return -LIBBPF_ERRNO__FORMAT;
4175 sym_idx = ELF64_R_SYM(rel->r_info);
4176 sym = elf_sym_by_idx(obj, sym_idx);
4178 pr_warn("sec '%s': symbol #%zu not found for relo #%d\n",
4179 relo_sec_name, sym_idx, i);
4180 return -LIBBPF_ERRNO__FORMAT;
4183 if (sym->st_shndx >= obj->efile.sec_cnt) {
4184 pr_warn("sec '%s': corrupted symbol #%zu pointing to invalid section #%zu for relo #%d\n",
4185 relo_sec_name, sym_idx, (size_t)sym->st_shndx, i);
4186 return -LIBBPF_ERRNO__FORMAT;
4189 if (rel->r_offset % BPF_INSN_SZ || rel->r_offset >= scn_data->d_size) {
4190 pr_warn("sec '%s': invalid offset 0x%zx for relo #%d\n",
4191 relo_sec_name, (size_t)rel->r_offset, i);
4192 return -LIBBPF_ERRNO__FORMAT;
4195 insn_idx = rel->r_offset / BPF_INSN_SZ;
4196 /* relocations against static functions are recorded as
4197 * relocations against the section that contains a function;
4198 * in such case, symbol will be STT_SECTION and sym.st_name
4199 * will point to empty string (0), so fetch section name
4202 if (ELF64_ST_TYPE(sym->st_info) == STT_SECTION && sym->st_name == 0)
4203 sym_name = elf_sec_name(obj, elf_sec_by_idx(obj, sym->st_shndx));
4205 sym_name = elf_sym_str(obj, sym->st_name);
4206 sym_name = sym_name ?: "<?";
4208 pr_debug("sec '%s': relo #%d: insn #%u against '%s'\n",
4209 relo_sec_name, i, insn_idx, sym_name);
4211 prog = find_prog_by_sec_insn(obj, sec_idx, insn_idx);
4213 pr_debug("sec '%s': relo #%d: couldn't find program in section '%s' for insn #%u, probably overridden weak function, skipping...\n",
4214 relo_sec_name, i, sec_name, insn_idx);
4218 relos = libbpf_reallocarray(prog->reloc_desc,
4219 prog->nr_reloc + 1, sizeof(*relos));
4222 prog->reloc_desc = relos;
4224 /* adjust insn_idx to local BPF program frame of reference */
4225 insn_idx -= prog->sec_insn_off;
4226 err = bpf_program__record_reloc(prog, &relos[prog->nr_reloc],
4227 insn_idx, sym_name, sym, rel);
4236 static int bpf_map_find_btf_info(struct bpf_object *obj, struct bpf_map *map)
4238 struct bpf_map_def *def = &map->def;
4239 __u32 key_type_id = 0, value_type_id = 0;
4245 /* if it's BTF-defined map, we don't need to search for type IDs.
4246 * For struct_ops map, it does not need btf_key_type_id and
4247 * btf_value_type_id.
4249 if (map->sec_idx == obj->efile.btf_maps_shndx ||
4250 bpf_map__is_struct_ops(map))
4253 if (!bpf_map__is_internal(map)) {
4254 pr_warn("Use of BPF_ANNOTATE_KV_PAIR is deprecated, use BTF-defined maps in .maps section instead\n");
4255 #pragma GCC diagnostic push
4256 #pragma GCC diagnostic ignored "-Wdeprecated-declarations"
4257 ret = btf__get_map_kv_tids(obj->btf, map->name, def->key_size,
4258 def->value_size, &key_type_id,
4260 #pragma GCC diagnostic pop
4263 * LLVM annotates global data differently in BTF, that is,
4264 * only as '.data', '.bss' or '.rodata'.
4266 ret = btf__find_by_name(obj->btf, map->real_name);
4271 map->btf_key_type_id = key_type_id;
4272 map->btf_value_type_id = bpf_map__is_internal(map) ?
4273 ret : value_type_id;
4277 static int bpf_get_map_info_from_fdinfo(int fd, struct bpf_map_info *info)
4279 char file[PATH_MAX], buff[4096];
4284 snprintf(file, sizeof(file), "/proc/%d/fdinfo/%d", getpid(), fd);
4285 memset(info, 0, sizeof(*info));
4287 fp = fopen(file, "r");
4290 pr_warn("failed to open %s: %d. No procfs support?\n", file,
4295 while (fgets(buff, sizeof(buff), fp)) {
4296 if (sscanf(buff, "map_type:\t%u", &val) == 1)
4298 else if (sscanf(buff, "key_size:\t%u", &val) == 1)
4299 info->key_size = val;
4300 else if (sscanf(buff, "value_size:\t%u", &val) == 1)
4301 info->value_size = val;
4302 else if (sscanf(buff, "max_entries:\t%u", &val) == 1)
4303 info->max_entries = val;
4304 else if (sscanf(buff, "map_flags:\t%i", &val) == 1)
4305 info->map_flags = val;
4313 bool bpf_map__autocreate(const struct bpf_map *map)
4315 return map->autocreate;
4318 int bpf_map__set_autocreate(struct bpf_map *map, bool autocreate)
4320 if (map->obj->loaded)
4321 return libbpf_err(-EBUSY);
4323 map->autocreate = autocreate;
4327 int bpf_map__reuse_fd(struct bpf_map *map, int fd)
4329 struct bpf_map_info info = {};
4330 __u32 len = sizeof(info);
4334 err = bpf_obj_get_info_by_fd(fd, &info, &len);
4335 if (err && errno == EINVAL)
4336 err = bpf_get_map_info_from_fdinfo(fd, &info);
4338 return libbpf_err(err);
4340 new_name = strdup(info.name);
4342 return libbpf_err(-errno);
4344 new_fd = open("/", O_RDONLY | O_CLOEXEC);
4347 goto err_free_new_name;
4350 new_fd = dup3(fd, new_fd, O_CLOEXEC);
4353 goto err_close_new_fd;
4356 err = zclose(map->fd);
4359 goto err_close_new_fd;
4364 map->name = new_name;
4365 map->def.type = info.type;
4366 map->def.key_size = info.key_size;
4367 map->def.value_size = info.value_size;
4368 map->def.max_entries = info.max_entries;
4369 map->def.map_flags = info.map_flags;
4370 map->btf_key_type_id = info.btf_key_type_id;
4371 map->btf_value_type_id = info.btf_value_type_id;
4373 map->map_extra = info.map_extra;
4381 return libbpf_err(err);
4384 __u32 bpf_map__max_entries(const struct bpf_map *map)
4386 return map->def.max_entries;
4389 struct bpf_map *bpf_map__inner_map(struct bpf_map *map)
4391 if (!bpf_map_type__is_map_in_map(map->def.type))
4392 return errno = EINVAL, NULL;
4394 return map->inner_map;
4397 int bpf_map__set_max_entries(struct bpf_map *map, __u32 max_entries)
4400 return libbpf_err(-EBUSY);
4401 map->def.max_entries = max_entries;
4405 int bpf_map__resize(struct bpf_map *map, __u32 max_entries)
4407 if (!map || !max_entries)
4408 return libbpf_err(-EINVAL);
4410 return bpf_map__set_max_entries(map, max_entries);
4414 bpf_object__probe_loading(struct bpf_object *obj)
4416 char *cp, errmsg[STRERR_BUFSIZE];
4417 struct bpf_insn insns[] = {
4418 BPF_MOV64_IMM(BPF_REG_0, 0),
4421 int ret, insn_cnt = ARRAY_SIZE(insns);
4423 if (obj->gen_loader)
4426 ret = bump_rlimit_memlock();
4428 pr_warn("Failed to bump RLIMIT_MEMLOCK (err = %d), you might need to do it explicitly!\n", ret);
4430 /* make sure basic loading works */
4431 ret = bpf_prog_load(BPF_PROG_TYPE_SOCKET_FILTER, NULL, "GPL", insns, insn_cnt, NULL);
4433 ret = bpf_prog_load(BPF_PROG_TYPE_TRACEPOINT, NULL, "GPL", insns, insn_cnt, NULL);
4436 cp = libbpf_strerror_r(ret, errmsg, sizeof(errmsg));
4437 pr_warn("Error in %s():%s(%d). Couldn't load trivial BPF "
4438 "program. Make sure your kernel supports BPF "
4439 "(CONFIG_BPF_SYSCALL=y) and/or that RLIMIT_MEMLOCK is "
4440 "set to big enough value.\n", __func__, cp, ret);
4448 static int probe_fd(int fd)
4455 static int probe_kern_prog_name(void)
4457 struct bpf_insn insns[] = {
4458 BPF_MOV64_IMM(BPF_REG_0, 0),
4461 int ret, insn_cnt = ARRAY_SIZE(insns);
4463 /* make sure loading with name works */
4464 ret = bpf_prog_load(BPF_PROG_TYPE_SOCKET_FILTER, "test", "GPL", insns, insn_cnt, NULL);
4465 return probe_fd(ret);
4468 static int probe_kern_global_data(void)
4470 char *cp, errmsg[STRERR_BUFSIZE];
4471 struct bpf_insn insns[] = {
4472 BPF_LD_MAP_VALUE(BPF_REG_1, 0, 16),
4473 BPF_ST_MEM(BPF_DW, BPF_REG_1, 0, 42),
4474 BPF_MOV64_IMM(BPF_REG_0, 0),
4477 int ret, map, insn_cnt = ARRAY_SIZE(insns);
4479 map = bpf_map_create(BPF_MAP_TYPE_ARRAY, NULL, sizeof(int), 32, 1, NULL);
4482 cp = libbpf_strerror_r(ret, errmsg, sizeof(errmsg));
4483 pr_warn("Error in %s():%s(%d). Couldn't create simple array map.\n",
4484 __func__, cp, -ret);
4490 ret = bpf_prog_load(BPF_PROG_TYPE_SOCKET_FILTER, NULL, "GPL", insns, insn_cnt, NULL);
4492 return probe_fd(ret);
4495 static int probe_kern_btf(void)
4497 static const char strs[] = "\0int";
4500 BTF_TYPE_INT_ENC(1, BTF_INT_SIGNED, 0, 32, 4),
4503 return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
4504 strs, sizeof(strs)));
4507 static int probe_kern_btf_func(void)
4509 static const char strs[] = "\0int\0x\0a";
4510 /* void x(int a) {} */
4513 BTF_TYPE_INT_ENC(1, BTF_INT_SIGNED, 0, 32, 4), /* [1] */
4514 /* FUNC_PROTO */ /* [2] */
4515 BTF_TYPE_ENC(0, BTF_INFO_ENC(BTF_KIND_FUNC_PROTO, 0, 1), 0),
4516 BTF_PARAM_ENC(7, 1),
4517 /* FUNC x */ /* [3] */
4518 BTF_TYPE_ENC(5, BTF_INFO_ENC(BTF_KIND_FUNC, 0, 0), 2),
4521 return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
4522 strs, sizeof(strs)));
4525 static int probe_kern_btf_func_global(void)
4527 static const char strs[] = "\0int\0x\0a";
4528 /* static void x(int a) {} */
4531 BTF_TYPE_INT_ENC(1, BTF_INT_SIGNED, 0, 32, 4), /* [1] */
4532 /* FUNC_PROTO */ /* [2] */
4533 BTF_TYPE_ENC(0, BTF_INFO_ENC(BTF_KIND_FUNC_PROTO, 0, 1), 0),
4534 BTF_PARAM_ENC(7, 1),
4535 /* FUNC x BTF_FUNC_GLOBAL */ /* [3] */
4536 BTF_TYPE_ENC(5, BTF_INFO_ENC(BTF_KIND_FUNC, 0, BTF_FUNC_GLOBAL), 2),
4539 return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
4540 strs, sizeof(strs)));
4543 static int probe_kern_btf_datasec(void)
4545 static const char strs[] = "\0x\0.data";
4549 BTF_TYPE_INT_ENC(0, BTF_INT_SIGNED, 0, 32, 4), /* [1] */
4550 /* VAR x */ /* [2] */
4551 BTF_TYPE_ENC(1, BTF_INFO_ENC(BTF_KIND_VAR, 0, 0), 1),
4553 /* DATASEC val */ /* [3] */
4554 BTF_TYPE_ENC(3, BTF_INFO_ENC(BTF_KIND_DATASEC, 0, 1), 4),
4555 BTF_VAR_SECINFO_ENC(2, 0, 4),
4558 return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
4559 strs, sizeof(strs)));
4562 static int probe_kern_btf_float(void)
4564 static const char strs[] = "\0float";
4567 BTF_TYPE_FLOAT_ENC(1, 4),
4570 return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
4571 strs, sizeof(strs)));
4574 static int probe_kern_btf_decl_tag(void)
4576 static const char strs[] = "\0tag";
4579 BTF_TYPE_INT_ENC(0, BTF_INT_SIGNED, 0, 32, 4), /* [1] */
4580 /* VAR x */ /* [2] */
4581 BTF_TYPE_ENC(1, BTF_INFO_ENC(BTF_KIND_VAR, 0, 0), 1),
4584 BTF_TYPE_DECL_TAG_ENC(1, 2, -1),
4587 return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
4588 strs, sizeof(strs)));
4591 static int probe_kern_btf_type_tag(void)
4593 static const char strs[] = "\0tag";
4596 BTF_TYPE_INT_ENC(0, BTF_INT_SIGNED, 0, 32, 4), /* [1] */
4598 BTF_TYPE_TYPE_TAG_ENC(1, 1), /* [2] */
4600 BTF_TYPE_ENC(0, BTF_INFO_ENC(BTF_KIND_PTR, 0, 0), 2), /* [3] */
4603 return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
4604 strs, sizeof(strs)));
4607 static int probe_kern_array_mmap(void)
4609 LIBBPF_OPTS(bpf_map_create_opts, opts, .map_flags = BPF_F_MMAPABLE);
4612 fd = bpf_map_create(BPF_MAP_TYPE_ARRAY, NULL, sizeof(int), sizeof(int), 1, &opts);
4613 return probe_fd(fd);
4616 static int probe_kern_exp_attach_type(void)
4618 LIBBPF_OPTS(bpf_prog_load_opts, opts, .expected_attach_type = BPF_CGROUP_INET_SOCK_CREATE);
4619 struct bpf_insn insns[] = {
4620 BPF_MOV64_IMM(BPF_REG_0, 0),
4623 int fd, insn_cnt = ARRAY_SIZE(insns);
4625 /* use any valid combination of program type and (optional)
4626 * non-zero expected attach type (i.e., not a BPF_CGROUP_INET_INGRESS)
4627 * to see if kernel supports expected_attach_type field for
4628 * BPF_PROG_LOAD command
4630 fd = bpf_prog_load(BPF_PROG_TYPE_CGROUP_SOCK, NULL, "GPL", insns, insn_cnt, &opts);
4631 return probe_fd(fd);
4634 static int probe_kern_probe_read_kernel(void)
4636 struct bpf_insn insns[] = {
4637 BPF_MOV64_REG(BPF_REG_1, BPF_REG_10), /* r1 = r10 (fp) */
4638 BPF_ALU64_IMM(BPF_ADD, BPF_REG_1, -8), /* r1 += -8 */
4639 BPF_MOV64_IMM(BPF_REG_2, 8), /* r2 = 8 */
4640 BPF_MOV64_IMM(BPF_REG_3, 0), /* r3 = 0 */
4641 BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_probe_read_kernel),
4644 int fd, insn_cnt = ARRAY_SIZE(insns);
4646 fd = bpf_prog_load(BPF_PROG_TYPE_TRACEPOINT, NULL, "GPL", insns, insn_cnt, NULL);
4647 return probe_fd(fd);
4650 static int probe_prog_bind_map(void)
4652 char *cp, errmsg[STRERR_BUFSIZE];
4653 struct bpf_insn insns[] = {
4654 BPF_MOV64_IMM(BPF_REG_0, 0),
4657 int ret, map, prog, insn_cnt = ARRAY_SIZE(insns);
4659 map = bpf_map_create(BPF_MAP_TYPE_ARRAY, NULL, sizeof(int), 32, 1, NULL);
4662 cp = libbpf_strerror_r(ret, errmsg, sizeof(errmsg));
4663 pr_warn("Error in %s():%s(%d). Couldn't create simple array map.\n",
4664 __func__, cp, -ret);
4668 prog = bpf_prog_load(BPF_PROG_TYPE_SOCKET_FILTER, NULL, "GPL", insns, insn_cnt, NULL);
4674 ret = bpf_prog_bind_map(prog, map, NULL);
4682 static int probe_module_btf(void)
4684 static const char strs[] = "\0int";
4687 BTF_TYPE_INT_ENC(1, BTF_INT_SIGNED, 0, 32, 4),
4689 struct bpf_btf_info info;
4690 __u32 len = sizeof(info);
4694 fd = libbpf__load_raw_btf((char *)types, sizeof(types), strs, sizeof(strs));
4696 return 0; /* BTF not supported at all */
4698 memset(&info, 0, sizeof(info));
4699 info.name = ptr_to_u64(name);
4700 info.name_len = sizeof(name);
4702 /* check that BPF_OBJ_GET_INFO_BY_FD supports specifying name pointer;
4703 * kernel's module BTF support coincides with support for
4704 * name/name_len fields in struct bpf_btf_info.
4706 err = bpf_obj_get_info_by_fd(fd, &info, &len);
4711 static int probe_perf_link(void)
4713 struct bpf_insn insns[] = {
4714 BPF_MOV64_IMM(BPF_REG_0, 0),
4717 int prog_fd, link_fd, err;
4719 prog_fd = bpf_prog_load(BPF_PROG_TYPE_TRACEPOINT, NULL, "GPL",
4720 insns, ARRAY_SIZE(insns), NULL);
4724 /* use invalid perf_event FD to get EBADF, if link is supported;
4725 * otherwise EINVAL should be returned
4727 link_fd = bpf_link_create(prog_fd, -1, BPF_PERF_EVENT, NULL);
4728 err = -errno; /* close() can clobber errno */
4734 return link_fd < 0 && err == -EBADF;
4737 static int probe_kern_bpf_cookie(void)
4739 struct bpf_insn insns[] = {
4740 BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_get_attach_cookie),
4743 int ret, insn_cnt = ARRAY_SIZE(insns);
4745 ret = bpf_prog_load(BPF_PROG_TYPE_KPROBE, NULL, "GPL", insns, insn_cnt, NULL);
4746 return probe_fd(ret);
4749 enum kern_feature_result {
4755 typedef int (*feature_probe_fn)(void);
4757 static struct kern_feature_desc {
4759 feature_probe_fn probe;
4760 enum kern_feature_result res;
4761 } feature_probes[__FEAT_CNT] = {
4762 [FEAT_PROG_NAME] = {
4763 "BPF program name", probe_kern_prog_name,
4765 [FEAT_GLOBAL_DATA] = {
4766 "global variables", probe_kern_global_data,
4769 "minimal BTF", probe_kern_btf,
4772 "BTF functions", probe_kern_btf_func,
4774 [FEAT_BTF_GLOBAL_FUNC] = {
4775 "BTF global function", probe_kern_btf_func_global,
4777 [FEAT_BTF_DATASEC] = {
4778 "BTF data section and variable", probe_kern_btf_datasec,
4780 [FEAT_ARRAY_MMAP] = {
4781 "ARRAY map mmap()", probe_kern_array_mmap,
4783 [FEAT_EXP_ATTACH_TYPE] = {
4784 "BPF_PROG_LOAD expected_attach_type attribute",
4785 probe_kern_exp_attach_type,
4787 [FEAT_PROBE_READ_KERN] = {
4788 "bpf_probe_read_kernel() helper", probe_kern_probe_read_kernel,
4790 [FEAT_PROG_BIND_MAP] = {
4791 "BPF_PROG_BIND_MAP support", probe_prog_bind_map,
4793 [FEAT_MODULE_BTF] = {
4794 "module BTF support", probe_module_btf,
4796 [FEAT_BTF_FLOAT] = {
4797 "BTF_KIND_FLOAT support", probe_kern_btf_float,
4799 [FEAT_PERF_LINK] = {
4800 "BPF perf link support", probe_perf_link,
4802 [FEAT_BTF_DECL_TAG] = {
4803 "BTF_KIND_DECL_TAG support", probe_kern_btf_decl_tag,
4805 [FEAT_BTF_TYPE_TAG] = {
4806 "BTF_KIND_TYPE_TAG support", probe_kern_btf_type_tag,
4808 [FEAT_MEMCG_ACCOUNT] = {
4809 "memcg-based memory accounting", probe_memcg_account,
4811 [FEAT_BPF_COOKIE] = {
4812 "BPF cookie support", probe_kern_bpf_cookie,
4816 bool kernel_supports(const struct bpf_object *obj, enum kern_feature_id feat_id)
4818 struct kern_feature_desc *feat = &feature_probes[feat_id];
4821 if (obj && obj->gen_loader)
4822 /* To generate loader program assume the latest kernel
4823 * to avoid doing extra prog_load, map_create syscalls.
4827 if (READ_ONCE(feat->res) == FEAT_UNKNOWN) {
4828 ret = feat->probe();
4830 WRITE_ONCE(feat->res, FEAT_SUPPORTED);
4831 } else if (ret == 0) {
4832 WRITE_ONCE(feat->res, FEAT_MISSING);
4834 pr_warn("Detection of kernel %s support failed: %d\n", feat->desc, ret);
4835 WRITE_ONCE(feat->res, FEAT_MISSING);
4839 return READ_ONCE(feat->res) == FEAT_SUPPORTED;
4842 static bool map_is_reuse_compat(const struct bpf_map *map, int map_fd)
4844 struct bpf_map_info map_info = {};
4845 char msg[STRERR_BUFSIZE];
4849 map_info_len = sizeof(map_info);
4851 err = bpf_obj_get_info_by_fd(map_fd, &map_info, &map_info_len);
4852 if (err && errno == EINVAL)
4853 err = bpf_get_map_info_from_fdinfo(map_fd, &map_info);
4855 pr_warn("failed to get map info for map FD %d: %s\n", map_fd,
4856 libbpf_strerror_r(errno, msg, sizeof(msg)));
4860 return (map_info.type == map->def.type &&
4861 map_info.key_size == map->def.key_size &&
4862 map_info.value_size == map->def.value_size &&
4863 map_info.max_entries == map->def.max_entries &&
4864 map_info.map_flags == map->def.map_flags &&
4865 map_info.map_extra == map->map_extra);
4869 bpf_object__reuse_map(struct bpf_map *map)
4871 char *cp, errmsg[STRERR_BUFSIZE];
4874 pin_fd = bpf_obj_get(map->pin_path);
4877 if (err == -ENOENT) {
4878 pr_debug("found no pinned map to reuse at '%s'\n",
4883 cp = libbpf_strerror_r(-err, errmsg, sizeof(errmsg));
4884 pr_warn("couldn't retrieve pinned map '%s': %s\n",
4889 if (!map_is_reuse_compat(map, pin_fd)) {
4890 pr_warn("couldn't reuse pinned map at '%s': parameter mismatch\n",
4896 err = bpf_map__reuse_fd(map, pin_fd);
4902 pr_debug("reused pinned map at '%s'\n", map->pin_path);
4908 bpf_object__populate_internal_map(struct bpf_object *obj, struct bpf_map *map)
4910 enum libbpf_map_type map_type = map->libbpf_type;
4911 char *cp, errmsg[STRERR_BUFSIZE];
4914 if (obj->gen_loader) {
4915 bpf_gen__map_update_elem(obj->gen_loader, map - obj->maps,
4916 map->mmaped, map->def.value_size);
4917 if (map_type == LIBBPF_MAP_RODATA || map_type == LIBBPF_MAP_KCONFIG)
4918 bpf_gen__map_freeze(obj->gen_loader, map - obj->maps);
4921 err = bpf_map_update_elem(map->fd, &zero, map->mmaped, 0);
4924 cp = libbpf_strerror_r(err, errmsg, sizeof(errmsg));
4925 pr_warn("Error setting initial map(%s) contents: %s\n",
4930 /* Freeze .rodata and .kconfig map as read-only from syscall side. */
4931 if (map_type == LIBBPF_MAP_RODATA || map_type == LIBBPF_MAP_KCONFIG) {
4932 err = bpf_map_freeze(map->fd);
4935 cp = libbpf_strerror_r(err, errmsg, sizeof(errmsg));
4936 pr_warn("Error freezing map(%s) as read-only: %s\n",
4944 static void bpf_map__destroy(struct bpf_map *map);
4946 static bool is_pow_of_2(size_t x)
4948 return x && (x & (x - 1));
4951 static size_t adjust_ringbuf_sz(size_t sz)
4953 __u32 page_sz = sysconf(_SC_PAGE_SIZE);
4956 /* if user forgot to set any size, make sure they see error */
4959 /* Kernel expects BPF_MAP_TYPE_RINGBUF's max_entries to be
4960 * a power-of-2 multiple of kernel's page size. If user diligently
4961 * satisified these conditions, pass the size through.
4963 if ((sz % page_sz) == 0 && is_pow_of_2(sz / page_sz))
4966 /* Otherwise find closest (page_sz * power_of_2) product bigger than
4967 * user-set size to satisfy both user size request and kernel
4968 * requirements and substitute correct max_entries for map creation.
4970 for (mul = 1; mul <= UINT_MAX / page_sz; mul <<= 1) {
4971 if (mul * page_sz > sz)
4972 return mul * page_sz;
4975 /* if it's impossible to satisfy the conditions (i.e., user size is
4976 * very close to UINT_MAX but is not a power-of-2 multiple of
4977 * page_size) then just return original size and let kernel reject it
4982 static int bpf_object__create_map(struct bpf_object *obj, struct bpf_map *map, bool is_inner)
4984 LIBBPF_OPTS(bpf_map_create_opts, create_attr);
4985 struct bpf_map_def *def = &map->def;
4986 const char *map_name = NULL;
4989 if (kernel_supports(obj, FEAT_PROG_NAME))
4990 map_name = map->name;
4991 create_attr.map_ifindex = map->map_ifindex;
4992 create_attr.map_flags = def->map_flags;
4993 create_attr.numa_node = map->numa_node;
4994 create_attr.map_extra = map->map_extra;
4996 if (bpf_map__is_struct_ops(map))
4997 create_attr.btf_vmlinux_value_type_id = map->btf_vmlinux_value_type_id;
4999 if (obj->btf && btf__fd(obj->btf) >= 0) {
5000 create_attr.btf_fd = btf__fd(obj->btf);
5001 create_attr.btf_key_type_id = map->btf_key_type_id;
5002 create_attr.btf_value_type_id = map->btf_value_type_id;
5005 if (bpf_map_type__is_map_in_map(def->type)) {
5006 if (map->inner_map) {
5007 err = bpf_object__create_map(obj, map->inner_map, true);
5009 pr_warn("map '%s': failed to create inner map: %d\n",
5013 map->inner_map_fd = bpf_map__fd(map->inner_map);
5015 if (map->inner_map_fd >= 0)
5016 create_attr.inner_map_fd = map->inner_map_fd;
5019 switch (def->type) {
5020 case BPF_MAP_TYPE_RINGBUF:
5021 map->def.max_entries = adjust_ringbuf_sz(map->def.max_entries);
5023 case BPF_MAP_TYPE_PERF_EVENT_ARRAY:
5024 case BPF_MAP_TYPE_CGROUP_ARRAY:
5025 case BPF_MAP_TYPE_STACK_TRACE:
5026 case BPF_MAP_TYPE_ARRAY_OF_MAPS:
5027 case BPF_MAP_TYPE_HASH_OF_MAPS:
5028 case BPF_MAP_TYPE_DEVMAP:
5029 case BPF_MAP_TYPE_DEVMAP_HASH:
5030 case BPF_MAP_TYPE_CPUMAP:
5031 case BPF_MAP_TYPE_XSKMAP:
5032 case BPF_MAP_TYPE_SOCKMAP:
5033 case BPF_MAP_TYPE_SOCKHASH:
5034 case BPF_MAP_TYPE_QUEUE:
5035 case BPF_MAP_TYPE_STACK:
5036 create_attr.btf_fd = 0;
5037 create_attr.btf_key_type_id = 0;
5038 create_attr.btf_value_type_id = 0;
5039 map->btf_key_type_id = 0;
5040 map->btf_value_type_id = 0;
5045 if (obj->gen_loader) {
5046 bpf_gen__map_create(obj->gen_loader, def->type, map_name,
5047 def->key_size, def->value_size, def->max_entries,
5048 &create_attr, is_inner ? -1 : map - obj->maps);
5049 /* Pretend to have valid FD to pass various fd >= 0 checks.
5050 * This fd == 0 will not be used with any syscall and will be reset to -1 eventually.
5054 map->fd = bpf_map_create(def->type, map_name,
5055 def->key_size, def->value_size,
5056 def->max_entries, &create_attr);
5058 if (map->fd < 0 && (create_attr.btf_key_type_id ||
5059 create_attr.btf_value_type_id)) {
5060 char *cp, errmsg[STRERR_BUFSIZE];
5063 cp = libbpf_strerror_r(err, errmsg, sizeof(errmsg));
5064 pr_warn("Error in bpf_create_map_xattr(%s):%s(%d). Retrying without BTF.\n",
5065 map->name, cp, err);
5066 create_attr.btf_fd = 0;
5067 create_attr.btf_key_type_id = 0;
5068 create_attr.btf_value_type_id = 0;
5069 map->btf_key_type_id = 0;
5070 map->btf_value_type_id = 0;
5071 map->fd = bpf_map_create(def->type, map_name,
5072 def->key_size, def->value_size,
5073 def->max_entries, &create_attr);
5076 err = map->fd < 0 ? -errno : 0;
5078 if (bpf_map_type__is_map_in_map(def->type) && map->inner_map) {
5079 if (obj->gen_loader)
5080 map->inner_map->fd = -1;
5081 bpf_map__destroy(map->inner_map);
5082 zfree(&map->inner_map);
5088 static int init_map_in_map_slots(struct bpf_object *obj, struct bpf_map *map)
5090 const struct bpf_map *targ_map;
5094 for (i = 0; i < map->init_slots_sz; i++) {
5095 if (!map->init_slots[i])
5098 targ_map = map->init_slots[i];
5099 fd = bpf_map__fd(targ_map);
5101 if (obj->gen_loader) {
5102 bpf_gen__populate_outer_map(obj->gen_loader,
5104 targ_map - obj->maps);
5106 err = bpf_map_update_elem(map->fd, &i, &fd, 0);
5110 pr_warn("map '%s': failed to initialize slot [%d] to map '%s' fd=%d: %d\n",
5111 map->name, i, targ_map->name, fd, err);
5114 pr_debug("map '%s': slot [%d] set to map '%s' fd=%d\n",
5115 map->name, i, targ_map->name, fd);
5118 zfree(&map->init_slots);
5119 map->init_slots_sz = 0;
5124 static int init_prog_array_slots(struct bpf_object *obj, struct bpf_map *map)
5126 const struct bpf_program *targ_prog;
5130 if (obj->gen_loader)
5133 for (i = 0; i < map->init_slots_sz; i++) {
5134 if (!map->init_slots[i])
5137 targ_prog = map->init_slots[i];
5138 fd = bpf_program__fd(targ_prog);
5140 err = bpf_map_update_elem(map->fd, &i, &fd, 0);
5143 pr_warn("map '%s': failed to initialize slot [%d] to prog '%s' fd=%d: %d\n",
5144 map->name, i, targ_prog->name, fd, err);
5147 pr_debug("map '%s': slot [%d] set to prog '%s' fd=%d\n",
5148 map->name, i, targ_prog->name, fd);
5151 zfree(&map->init_slots);
5152 map->init_slots_sz = 0;
5157 static int bpf_object_init_prog_arrays(struct bpf_object *obj)
5159 struct bpf_map *map;
5162 for (i = 0; i < obj->nr_maps; i++) {
5163 map = &obj->maps[i];
5165 if (!map->init_slots_sz || map->def.type != BPF_MAP_TYPE_PROG_ARRAY)
5168 err = init_prog_array_slots(obj, map);
5177 static int map_set_def_max_entries(struct bpf_map *map)
5179 if (map->def.type == BPF_MAP_TYPE_PERF_EVENT_ARRAY && !map->def.max_entries) {
5182 nr_cpus = libbpf_num_possible_cpus();
5184 pr_warn("map '%s': failed to determine number of system CPUs: %d\n",
5185 map->name, nr_cpus);
5188 pr_debug("map '%s': setting size to %d\n", map->name, nr_cpus);
5189 map->def.max_entries = nr_cpus;
5196 bpf_object__create_maps(struct bpf_object *obj)
5198 struct bpf_map *map;
5199 char *cp, errmsg[STRERR_BUFSIZE];
5204 for (i = 0; i < obj->nr_maps; i++) {
5205 map = &obj->maps[i];
5207 /* To support old kernels, we skip creating global data maps
5208 * (.rodata, .data, .kconfig, etc); later on, during program
5209 * loading, if we detect that at least one of the to-be-loaded
5210 * programs is referencing any global data map, we'll error
5211 * out with program name and relocation index logged.
5212 * This approach allows to accommodate Clang emitting
5213 * unnecessary .rodata.str1.1 sections for string literals,
5214 * but also it allows to have CO-RE applications that use
5215 * global variables in some of BPF programs, but not others.
5216 * If those global variable-using programs are not loaded at
5217 * runtime due to bpf_program__set_autoload(prog, false),
5218 * bpf_object loading will succeed just fine even on old
5221 if (bpf_map__is_internal(map) && !kernel_supports(obj, FEAT_GLOBAL_DATA))
5222 map->autocreate = false;
5224 if (!map->autocreate) {
5225 pr_debug("map '%s': skipped auto-creating...\n", map->name);
5229 err = map_set_def_max_entries(map);
5235 if (map->pin_path) {
5236 err = bpf_object__reuse_map(map);
5238 pr_warn("map '%s': error reusing pinned map\n",
5242 if (retried && map->fd < 0) {
5243 pr_warn("map '%s': cannot find pinned map\n",
5251 pr_debug("map '%s': skipping creation (preset fd=%d)\n",
5252 map->name, map->fd);
5254 err = bpf_object__create_map(obj, map, false);
5258 pr_debug("map '%s': created successfully, fd=%d\n",
5259 map->name, map->fd);
5261 if (bpf_map__is_internal(map)) {
5262 err = bpf_object__populate_internal_map(obj, map);
5269 if (map->init_slots_sz && map->def.type != BPF_MAP_TYPE_PROG_ARRAY) {
5270 err = init_map_in_map_slots(obj, map);
5278 if (map->pin_path && !map->pinned) {
5279 err = bpf_map__pin(map, NULL);
5282 if (!retried && err == -EEXIST) {
5286 pr_warn("map '%s': failed to auto-pin at '%s': %d\n",
5287 map->name, map->pin_path, err);
5296 cp = libbpf_strerror_r(err, errmsg, sizeof(errmsg));
5297 pr_warn("map '%s': failed to create: %s(%d)\n", map->name, cp, err);
5299 for (j = 0; j < i; j++)
5300 zclose(obj->maps[j].fd);
5304 static bool bpf_core_is_flavor_sep(const char *s)
5306 /* check X___Y name pattern, where X and Y are not underscores */
5307 return s[0] != '_' && /* X */
5308 s[1] == '_' && s[2] == '_' && s[3] == '_' && /* ___ */
5309 s[4] != '_'; /* Y */
5312 /* Given 'some_struct_name___with_flavor' return the length of a name prefix
5313 * before last triple underscore. Struct name part after last triple
5314 * underscore is ignored by BPF CO-RE relocation during relocation matching.
5316 size_t bpf_core_essential_name_len(const char *name)
5318 size_t n = strlen(name);
5321 for (i = n - 5; i >= 0; i--) {
5322 if (bpf_core_is_flavor_sep(name + i))
5328 void bpf_core_free_cands(struct bpf_core_cand_list *cands)
5337 int bpf_core_add_cands(struct bpf_core_cand *local_cand,
5338 size_t local_essent_len,
5339 const struct btf *targ_btf,
5340 const char *targ_btf_name,
5342 struct bpf_core_cand_list *cands)
5344 struct bpf_core_cand *new_cands, *cand;
5345 const struct btf_type *t, *local_t;
5346 const char *targ_name, *local_name;
5347 size_t targ_essent_len;
5350 local_t = btf__type_by_id(local_cand->btf, local_cand->id);
5351 local_name = btf__str_by_offset(local_cand->btf, local_t->name_off);
5353 n = btf__type_cnt(targ_btf);
5354 for (i = targ_start_id; i < n; i++) {
5355 t = btf__type_by_id(targ_btf, i);
5356 if (btf_kind(t) != btf_kind(local_t))
5359 targ_name = btf__name_by_offset(targ_btf, t->name_off);
5360 if (str_is_empty(targ_name))
5363 targ_essent_len = bpf_core_essential_name_len(targ_name);
5364 if (targ_essent_len != local_essent_len)
5367 if (strncmp(local_name, targ_name, local_essent_len) != 0)
5370 pr_debug("CO-RE relocating [%d] %s %s: found target candidate [%d] %s %s in [%s]\n",
5371 local_cand->id, btf_kind_str(local_t),
5372 local_name, i, btf_kind_str(t), targ_name,
5374 new_cands = libbpf_reallocarray(cands->cands, cands->len + 1,
5375 sizeof(*cands->cands));
5379 cand = &new_cands[cands->len];
5380 cand->btf = targ_btf;
5383 cands->cands = new_cands;
5389 static int load_module_btfs(struct bpf_object *obj)
5391 struct bpf_btf_info info;
5392 struct module_btf *mod_btf;
5398 if (obj->btf_modules_loaded)
5401 if (obj->gen_loader)
5404 /* don't do this again, even if we find no module BTFs */
5405 obj->btf_modules_loaded = true;
5407 /* kernel too old to support module BTFs */
5408 if (!kernel_supports(obj, FEAT_MODULE_BTF))
5412 err = bpf_btf_get_next_id(id, &id);
5413 if (err && errno == ENOENT)
5417 pr_warn("failed to iterate BTF objects: %d\n", err);
5421 fd = bpf_btf_get_fd_by_id(id);
5423 if (errno == ENOENT)
5424 continue; /* expected race: BTF was unloaded */
5426 pr_warn("failed to get BTF object #%d FD: %d\n", id, err);
5431 memset(&info, 0, sizeof(info));
5432 info.name = ptr_to_u64(name);
5433 info.name_len = sizeof(name);
5435 err = bpf_obj_get_info_by_fd(fd, &info, &len);
5438 pr_warn("failed to get BTF object #%d info: %d\n", id, err);
5442 /* ignore non-module BTFs */
5443 if (!info.kernel_btf || strcmp(name, "vmlinux") == 0) {
5448 btf = btf_get_from_fd(fd, obj->btf_vmlinux);
5449 err = libbpf_get_error(btf);
5451 pr_warn("failed to load module [%s]'s BTF object #%d: %d\n",
5456 err = libbpf_ensure_mem((void **)&obj->btf_modules, &obj->btf_module_cap,
5457 sizeof(*obj->btf_modules), obj->btf_module_cnt + 1);
5461 mod_btf = &obj->btf_modules[obj->btf_module_cnt++];
5466 mod_btf->name = strdup(name);
5467 if (!mod_btf->name) {
5481 static struct bpf_core_cand_list *
5482 bpf_core_find_cands(struct bpf_object *obj, const struct btf *local_btf, __u32 local_type_id)
5484 struct bpf_core_cand local_cand = {};
5485 struct bpf_core_cand_list *cands;
5486 const struct btf *main_btf;
5487 const struct btf_type *local_t;
5488 const char *local_name;
5489 size_t local_essent_len;
5492 local_cand.btf = local_btf;
5493 local_cand.id = local_type_id;
5494 local_t = btf__type_by_id(local_btf, local_type_id);
5496 return ERR_PTR(-EINVAL);
5498 local_name = btf__name_by_offset(local_btf, local_t->name_off);
5499 if (str_is_empty(local_name))
5500 return ERR_PTR(-EINVAL);
5501 local_essent_len = bpf_core_essential_name_len(local_name);
5503 cands = calloc(1, sizeof(*cands));
5505 return ERR_PTR(-ENOMEM);
5507 /* Attempt to find target candidates in vmlinux BTF first */
5508 main_btf = obj->btf_vmlinux_override ?: obj->btf_vmlinux;
5509 err = bpf_core_add_cands(&local_cand, local_essent_len, main_btf, "vmlinux", 1, cands);
5513 /* if vmlinux BTF has any candidate, don't got for module BTFs */
5517 /* if vmlinux BTF was overridden, don't attempt to load module BTFs */
5518 if (obj->btf_vmlinux_override)
5521 /* now look through module BTFs, trying to still find candidates */
5522 err = load_module_btfs(obj);
5526 for (i = 0; i < obj->btf_module_cnt; i++) {
5527 err = bpf_core_add_cands(&local_cand, local_essent_len,
5528 obj->btf_modules[i].btf,
5529 obj->btf_modules[i].name,
5530 btf__type_cnt(obj->btf_vmlinux),
5538 bpf_core_free_cands(cands);
5539 return ERR_PTR(err);
5542 /* Check local and target types for compatibility. This check is used for
5543 * type-based CO-RE relocations and follow slightly different rules than
5544 * field-based relocations. This function assumes that root types were already
5545 * checked for name match. Beyond that initial root-level name check, names
5546 * are completely ignored. Compatibility rules are as follows:
5547 * - any two STRUCTs/UNIONs/FWDs/ENUMs/INTs are considered compatible, but
5548 * kind should match for local and target types (i.e., STRUCT is not
5549 * compatible with UNION);
5550 * - for ENUMs, the size is ignored;
5551 * - for INT, size and signedness are ignored;
5552 * - for ARRAY, dimensionality is ignored, element types are checked for
5553 * compatibility recursively;
5554 * - CONST/VOLATILE/RESTRICT modifiers are ignored;
5555 * - TYPEDEFs/PTRs are compatible if types they pointing to are compatible;
5556 * - FUNC_PROTOs are compatible if they have compatible signature: same
5557 * number of input args and compatible return and argument types.
5558 * These rules are not set in stone and probably will be adjusted as we get
5559 * more experience with using BPF CO-RE relocations.
5561 int bpf_core_types_are_compat(const struct btf *local_btf, __u32 local_id,
5562 const struct btf *targ_btf, __u32 targ_id)
5564 const struct btf_type *local_type, *targ_type;
5565 int depth = 32; /* max recursion depth */
5567 /* caller made sure that names match (ignoring flavor suffix) */
5568 local_type = btf__type_by_id(local_btf, local_id);
5569 targ_type = btf__type_by_id(targ_btf, targ_id);
5570 if (btf_kind(local_type) != btf_kind(targ_type))
5578 local_type = skip_mods_and_typedefs(local_btf, local_id, &local_id);
5579 targ_type = skip_mods_and_typedefs(targ_btf, targ_id, &targ_id);
5580 if (!local_type || !targ_type)
5583 if (btf_kind(local_type) != btf_kind(targ_type))
5586 switch (btf_kind(local_type)) {
5588 case BTF_KIND_STRUCT:
5589 case BTF_KIND_UNION:
5594 /* just reject deprecated bitfield-like integers; all other
5595 * integers are by default compatible between each other
5597 return btf_int_offset(local_type) == 0 && btf_int_offset(targ_type) == 0;
5599 local_id = local_type->type;
5600 targ_id = targ_type->type;
5602 case BTF_KIND_ARRAY:
5603 local_id = btf_array(local_type)->type;
5604 targ_id = btf_array(targ_type)->type;
5606 case BTF_KIND_FUNC_PROTO: {
5607 struct btf_param *local_p = btf_params(local_type);
5608 struct btf_param *targ_p = btf_params(targ_type);
5609 __u16 local_vlen = btf_vlen(local_type);
5610 __u16 targ_vlen = btf_vlen(targ_type);
5613 if (local_vlen != targ_vlen)
5616 for (i = 0; i < local_vlen; i++, local_p++, targ_p++) {
5617 skip_mods_and_typedefs(local_btf, local_p->type, &local_id);
5618 skip_mods_and_typedefs(targ_btf, targ_p->type, &targ_id);
5619 err = bpf_core_types_are_compat(local_btf, local_id, targ_btf, targ_id);
5624 /* tail recurse for return type check */
5625 skip_mods_and_typedefs(local_btf, local_type->type, &local_id);
5626 skip_mods_and_typedefs(targ_btf, targ_type->type, &targ_id);
5630 pr_warn("unexpected kind %s relocated, local [%d], target [%d]\n",
5631 btf_kind_str(local_type), local_id, targ_id);
5636 static size_t bpf_core_hash_fn(const void *key, void *ctx)
5641 static bool bpf_core_equal_fn(const void *k1, const void *k2, void *ctx)
5646 static void *u32_as_hash_key(__u32 x)
5648 return (void *)(uintptr_t)x;
5651 static int record_relo_core(struct bpf_program *prog,
5652 const struct bpf_core_relo *core_relo, int insn_idx)
5654 struct reloc_desc *relos, *relo;
5656 relos = libbpf_reallocarray(prog->reloc_desc,
5657 prog->nr_reloc + 1, sizeof(*relos));
5660 relo = &relos[prog->nr_reloc];
5661 relo->type = RELO_CORE;
5662 relo->insn_idx = insn_idx;
5663 relo->core_relo = core_relo;
5664 prog->reloc_desc = relos;
5669 static const struct bpf_core_relo *find_relo_core(struct bpf_program *prog, int insn_idx)
5671 struct reloc_desc *relo;
5674 for (i = 0; i < prog->nr_reloc; i++) {
5675 relo = &prog->reloc_desc[i];
5676 if (relo->type != RELO_CORE || relo->insn_idx != insn_idx)
5679 return relo->core_relo;
5685 static int bpf_core_resolve_relo(struct bpf_program *prog,
5686 const struct bpf_core_relo *relo,
5688 const struct btf *local_btf,
5689 struct hashmap *cand_cache,
5690 struct bpf_core_relo_res *targ_res)
5692 struct bpf_core_spec specs_scratch[3] = {};
5693 const void *type_key = u32_as_hash_key(relo->type_id);
5694 struct bpf_core_cand_list *cands = NULL;
5695 const char *prog_name = prog->name;
5696 const struct btf_type *local_type;
5697 const char *local_name;
5698 __u32 local_id = relo->type_id;
5701 local_type = btf__type_by_id(local_btf, local_id);
5705 local_name = btf__name_by_offset(local_btf, local_type->name_off);
5709 if (relo->kind != BPF_CORE_TYPE_ID_LOCAL &&
5710 !hashmap__find(cand_cache, type_key, (void **)&cands)) {
5711 cands = bpf_core_find_cands(prog->obj, local_btf, local_id);
5712 if (IS_ERR(cands)) {
5713 pr_warn("prog '%s': relo #%d: target candidate search failed for [%d] %s %s: %ld\n",
5714 prog_name, relo_idx, local_id, btf_kind_str(local_type),
5715 local_name, PTR_ERR(cands));
5716 return PTR_ERR(cands);
5718 err = hashmap__set(cand_cache, type_key, cands, NULL, NULL);
5720 bpf_core_free_cands(cands);
5725 return bpf_core_calc_relo_insn(prog_name, relo, relo_idx, local_btf, cands, specs_scratch,
5730 bpf_object__relocate_core(struct bpf_object *obj, const char *targ_btf_path)
5732 const struct btf_ext_info_sec *sec;
5733 struct bpf_core_relo_res targ_res;
5734 const struct bpf_core_relo *rec;
5735 const struct btf_ext_info *seg;
5736 struct hashmap_entry *entry;
5737 struct hashmap *cand_cache = NULL;
5738 struct bpf_program *prog;
5739 struct bpf_insn *insn;
5740 const char *sec_name;
5741 int i, err = 0, insn_idx, sec_idx, sec_num;
5743 if (obj->btf_ext->core_relo_info.len == 0)
5746 if (targ_btf_path) {
5747 obj->btf_vmlinux_override = btf__parse(targ_btf_path, NULL);
5748 err = libbpf_get_error(obj->btf_vmlinux_override);
5750 pr_warn("failed to parse target BTF: %d\n", err);
5755 cand_cache = hashmap__new(bpf_core_hash_fn, bpf_core_equal_fn, NULL);
5756 if (IS_ERR(cand_cache)) {
5757 err = PTR_ERR(cand_cache);
5761 seg = &obj->btf_ext->core_relo_info;
5763 for_each_btf_ext_sec(seg, sec) {
5764 sec_idx = seg->sec_idxs[sec_num];
5767 sec_name = btf__name_by_offset(obj->btf, sec->sec_name_off);
5768 if (str_is_empty(sec_name)) {
5773 pr_debug("sec '%s': found %d CO-RE relocations\n", sec_name, sec->num_info);
5775 for_each_btf_ext_rec(seg, sec, i, rec) {
5776 if (rec->insn_off % BPF_INSN_SZ)
5778 insn_idx = rec->insn_off / BPF_INSN_SZ;
5779 prog = find_prog_by_sec_insn(obj, sec_idx, insn_idx);
5781 /* When __weak subprog is "overridden" by another instance
5782 * of the subprog from a different object file, linker still
5783 * appends all the .BTF.ext info that used to belong to that
5784 * eliminated subprogram.
5785 * This is similar to what x86-64 linker does for relocations.
5786 * So just ignore such relocations just like we ignore
5787 * subprog instructions when discovering subprograms.
5789 pr_debug("sec '%s': skipping CO-RE relocation #%d for insn #%d belonging to eliminated weak subprogram\n",
5790 sec_name, i, insn_idx);
5793 /* no need to apply CO-RE relocation if the program is
5794 * not going to be loaded
5796 if (!prog->autoload)
5799 /* adjust insn_idx from section frame of reference to the local
5800 * program's frame of reference; (sub-)program code is not yet
5801 * relocated, so it's enough to just subtract in-section offset
5803 insn_idx = insn_idx - prog->sec_insn_off;
5804 if (insn_idx >= prog->insns_cnt)
5806 insn = &prog->insns[insn_idx];
5808 err = record_relo_core(prog, rec, insn_idx);
5810 pr_warn("prog '%s': relo #%d: failed to record relocation: %d\n",
5811 prog->name, i, err);
5815 if (prog->obj->gen_loader)
5818 err = bpf_core_resolve_relo(prog, rec, i, obj->btf, cand_cache, &targ_res);
5820 pr_warn("prog '%s': relo #%d: failed to relocate: %d\n",
5821 prog->name, i, err);
5825 err = bpf_core_patch_insn(prog->name, insn, insn_idx, rec, i, &targ_res);
5827 pr_warn("prog '%s': relo #%d: failed to patch insn #%u: %d\n",
5828 prog->name, i, insn_idx, err);
5835 /* obj->btf_vmlinux and module BTFs are freed after object load */
5836 btf__free(obj->btf_vmlinux_override);
5837 obj->btf_vmlinux_override = NULL;
5839 if (!IS_ERR_OR_NULL(cand_cache)) {
5840 hashmap__for_each_entry(cand_cache, entry, i) {
5841 bpf_core_free_cands(entry->value);
5843 hashmap__free(cand_cache);
5848 /* base map load ldimm64 special constant, used also for log fixup logic */
5849 #define MAP_LDIMM64_POISON_BASE 2001000000
5850 #define MAP_LDIMM64_POISON_PFX "200100"
5852 static void poison_map_ldimm64(struct bpf_program *prog, int relo_idx,
5853 int insn_idx, struct bpf_insn *insn,
5854 int map_idx, const struct bpf_map *map)
5858 pr_debug("prog '%s': relo #%d: poisoning insn #%d that loads map #%d '%s'\n",
5859 prog->name, relo_idx, insn_idx, map_idx, map->name);
5861 /* we turn single ldimm64 into two identical invalid calls */
5862 for (i = 0; i < 2; i++) {
5863 insn->code = BPF_JMP | BPF_CALL;
5867 /* if this instruction is reachable (not a dead code),
5868 * verifier will complain with something like:
5869 * invalid func unknown#2001000123
5870 * where lower 123 is map index into obj->maps[] array
5872 insn->imm = MAP_LDIMM64_POISON_BASE + map_idx;
5878 /* Relocate data references within program code:
5880 * - global variable references;
5881 * - extern references.
5884 bpf_object__relocate_data(struct bpf_object *obj, struct bpf_program *prog)
5888 for (i = 0; i < prog->nr_reloc; i++) {
5889 struct reloc_desc *relo = &prog->reloc_desc[i];
5890 struct bpf_insn *insn = &prog->insns[relo->insn_idx];
5891 const struct bpf_map *map;
5892 struct extern_desc *ext;
5894 switch (relo->type) {
5896 map = &obj->maps[relo->map_idx];
5897 if (obj->gen_loader) {
5898 insn[0].src_reg = BPF_PSEUDO_MAP_IDX;
5899 insn[0].imm = relo->map_idx;
5900 } else if (map->autocreate) {
5901 insn[0].src_reg = BPF_PSEUDO_MAP_FD;
5902 insn[0].imm = map->fd;
5904 poison_map_ldimm64(prog, i, relo->insn_idx, insn,
5905 relo->map_idx, map);
5909 map = &obj->maps[relo->map_idx];
5910 insn[1].imm = insn[0].imm + relo->sym_off;
5911 if (obj->gen_loader) {
5912 insn[0].src_reg = BPF_PSEUDO_MAP_IDX_VALUE;
5913 insn[0].imm = relo->map_idx;
5914 } else if (map->autocreate) {
5915 insn[0].src_reg = BPF_PSEUDO_MAP_VALUE;
5916 insn[0].imm = map->fd;
5918 poison_map_ldimm64(prog, i, relo->insn_idx, insn,
5919 relo->map_idx, map);
5922 case RELO_EXTERN_VAR:
5923 ext = &obj->externs[relo->sym_off];
5924 if (ext->type == EXT_KCFG) {
5925 if (obj->gen_loader) {
5926 insn[0].src_reg = BPF_PSEUDO_MAP_IDX_VALUE;
5927 insn[0].imm = obj->kconfig_map_idx;
5929 insn[0].src_reg = BPF_PSEUDO_MAP_VALUE;
5930 insn[0].imm = obj->maps[obj->kconfig_map_idx].fd;
5932 insn[1].imm = ext->kcfg.data_off;
5933 } else /* EXT_KSYM */ {
5934 if (ext->ksym.type_id && ext->is_set) { /* typed ksyms */
5935 insn[0].src_reg = BPF_PSEUDO_BTF_ID;
5936 insn[0].imm = ext->ksym.kernel_btf_id;
5937 insn[1].imm = ext->ksym.kernel_btf_obj_fd;
5938 } else { /* typeless ksyms or unresolved typed ksyms */
5939 insn[0].imm = (__u32)ext->ksym.addr;
5940 insn[1].imm = ext->ksym.addr >> 32;
5944 case RELO_EXTERN_FUNC:
5945 ext = &obj->externs[relo->sym_off];
5946 insn[0].src_reg = BPF_PSEUDO_KFUNC_CALL;
5948 insn[0].imm = ext->ksym.kernel_btf_id;
5949 insn[0].off = ext->ksym.btf_fd_idx;
5950 } else { /* unresolved weak kfunc */
5955 case RELO_SUBPROG_ADDR:
5956 if (insn[0].src_reg != BPF_PSEUDO_FUNC) {
5957 pr_warn("prog '%s': relo #%d: bad insn\n",
5961 /* handled already */
5964 /* handled already */
5967 /* will be handled by bpf_program_record_relos() */
5970 pr_warn("prog '%s': relo #%d: bad relo type %d\n",
5971 prog->name, i, relo->type);
5979 static int adjust_prog_btf_ext_info(const struct bpf_object *obj,
5980 const struct bpf_program *prog,
5981 const struct btf_ext_info *ext_info,
5982 void **prog_info, __u32 *prog_rec_cnt,
5985 void *copy_start = NULL, *copy_end = NULL;
5986 void *rec, *rec_end, *new_prog_info;
5987 const struct btf_ext_info_sec *sec;
5988 size_t old_sz, new_sz;
5989 int i, sec_num, sec_idx, off_adj;
5992 for_each_btf_ext_sec(ext_info, sec) {
5993 sec_idx = ext_info->sec_idxs[sec_num];
5995 if (prog->sec_idx != sec_idx)
5998 for_each_btf_ext_rec(ext_info, sec, i, rec) {
5999 __u32 insn_off = *(__u32 *)rec / BPF_INSN_SZ;
6001 if (insn_off < prog->sec_insn_off)
6003 if (insn_off >= prog->sec_insn_off + prog->sec_insn_cnt)
6008 copy_end = rec + ext_info->rec_size;
6014 /* append func/line info of a given (sub-)program to the main
6015 * program func/line info
6017 old_sz = (size_t)(*prog_rec_cnt) * ext_info->rec_size;
6018 new_sz = old_sz + (copy_end - copy_start);
6019 new_prog_info = realloc(*prog_info, new_sz);
6022 *prog_info = new_prog_info;
6023 *prog_rec_cnt = new_sz / ext_info->rec_size;
6024 memcpy(new_prog_info + old_sz, copy_start, copy_end - copy_start);
6026 /* Kernel instruction offsets are in units of 8-byte
6027 * instructions, while .BTF.ext instruction offsets generated
6028 * by Clang are in units of bytes. So convert Clang offsets
6029 * into kernel offsets and adjust offset according to program
6030 * relocated position.
6032 off_adj = prog->sub_insn_off - prog->sec_insn_off;
6033 rec = new_prog_info + old_sz;
6034 rec_end = new_prog_info + new_sz;
6035 for (; rec < rec_end; rec += ext_info->rec_size) {
6036 __u32 *insn_off = rec;
6038 *insn_off = *insn_off / BPF_INSN_SZ + off_adj;
6040 *prog_rec_sz = ext_info->rec_size;
6048 reloc_prog_func_and_line_info(const struct bpf_object *obj,
6049 struct bpf_program *main_prog,
6050 const struct bpf_program *prog)
6054 /* no .BTF.ext relocation if .BTF.ext is missing or kernel doesn't
6055 * supprot func/line info
6057 if (!obj->btf_ext || !kernel_supports(obj, FEAT_BTF_FUNC))
6060 /* only attempt func info relocation if main program's func_info
6061 * relocation was successful
6063 if (main_prog != prog && !main_prog->func_info)
6066 err = adjust_prog_btf_ext_info(obj, prog, &obj->btf_ext->func_info,
6067 &main_prog->func_info,
6068 &main_prog->func_info_cnt,
6069 &main_prog->func_info_rec_size);
6071 if (err != -ENOENT) {
6072 pr_warn("prog '%s': error relocating .BTF.ext function info: %d\n",
6076 if (main_prog->func_info) {
6078 * Some info has already been found but has problem
6079 * in the last btf_ext reloc. Must have to error out.
6081 pr_warn("prog '%s': missing .BTF.ext function info.\n", prog->name);
6084 /* Have problem loading the very first info. Ignore the rest. */
6085 pr_warn("prog '%s': missing .BTF.ext function info for the main program, skipping all of .BTF.ext func info.\n",
6090 /* don't relocate line info if main program's relocation failed */
6091 if (main_prog != prog && !main_prog->line_info)
6094 err = adjust_prog_btf_ext_info(obj, prog, &obj->btf_ext->line_info,
6095 &main_prog->line_info,
6096 &main_prog->line_info_cnt,
6097 &main_prog->line_info_rec_size);
6099 if (err != -ENOENT) {
6100 pr_warn("prog '%s': error relocating .BTF.ext line info: %d\n",
6104 if (main_prog->line_info) {
6106 * Some info has already been found but has problem
6107 * in the last btf_ext reloc. Must have to error out.
6109 pr_warn("prog '%s': missing .BTF.ext line info.\n", prog->name);
6112 /* Have problem loading the very first info. Ignore the rest. */
6113 pr_warn("prog '%s': missing .BTF.ext line info for the main program, skipping all of .BTF.ext line info.\n",
6119 static int cmp_relo_by_insn_idx(const void *key, const void *elem)
6121 size_t insn_idx = *(const size_t *)key;
6122 const struct reloc_desc *relo = elem;
6124 if (insn_idx == relo->insn_idx)
6126 return insn_idx < relo->insn_idx ? -1 : 1;
6129 static struct reloc_desc *find_prog_insn_relo(const struct bpf_program *prog, size_t insn_idx)
6131 if (!prog->nr_reloc)
6133 return bsearch(&insn_idx, prog->reloc_desc, prog->nr_reloc,
6134 sizeof(*prog->reloc_desc), cmp_relo_by_insn_idx);
6137 static int append_subprog_relos(struct bpf_program *main_prog, struct bpf_program *subprog)
6139 int new_cnt = main_prog->nr_reloc + subprog->nr_reloc;
6140 struct reloc_desc *relos;
6143 if (main_prog == subprog)
6145 relos = libbpf_reallocarray(main_prog->reloc_desc, new_cnt, sizeof(*relos));
6148 if (subprog->nr_reloc)
6149 memcpy(relos + main_prog->nr_reloc, subprog->reloc_desc,
6150 sizeof(*relos) * subprog->nr_reloc);
6152 for (i = main_prog->nr_reloc; i < new_cnt; i++)
6153 relos[i].insn_idx += subprog->sub_insn_off;
6154 /* After insn_idx adjustment the 'relos' array is still sorted
6155 * by insn_idx and doesn't break bsearch.
6157 main_prog->reloc_desc = relos;
6158 main_prog->nr_reloc = new_cnt;
6163 bpf_object__reloc_code(struct bpf_object *obj, struct bpf_program *main_prog,
6164 struct bpf_program *prog)
6166 size_t sub_insn_idx, insn_idx, new_cnt;
6167 struct bpf_program *subprog;
6168 struct bpf_insn *insns, *insn;
6169 struct reloc_desc *relo;
6172 err = reloc_prog_func_and_line_info(obj, main_prog, prog);
6176 for (insn_idx = 0; insn_idx < prog->sec_insn_cnt; insn_idx++) {
6177 insn = &main_prog->insns[prog->sub_insn_off + insn_idx];
6178 if (!insn_is_subprog_call(insn) && !insn_is_pseudo_func(insn))
6181 relo = find_prog_insn_relo(prog, insn_idx);
6182 if (relo && relo->type == RELO_EXTERN_FUNC)
6183 /* kfunc relocations will be handled later
6184 * in bpf_object__relocate_data()
6187 if (relo && relo->type != RELO_CALL && relo->type != RELO_SUBPROG_ADDR) {
6188 pr_warn("prog '%s': unexpected relo for insn #%zu, type %d\n",
6189 prog->name, insn_idx, relo->type);
6190 return -LIBBPF_ERRNO__RELOC;
6193 /* sub-program instruction index is a combination of
6194 * an offset of a symbol pointed to by relocation and
6195 * call instruction's imm field; for global functions,
6196 * call always has imm = -1, but for static functions
6197 * relocation is against STT_SECTION and insn->imm
6198 * points to a start of a static function
6200 * for subprog addr relocation, the relo->sym_off + insn->imm is
6201 * the byte offset in the corresponding section.
6203 if (relo->type == RELO_CALL)
6204 sub_insn_idx = relo->sym_off / BPF_INSN_SZ + insn->imm + 1;
6206 sub_insn_idx = (relo->sym_off + insn->imm) / BPF_INSN_SZ;
6207 } else if (insn_is_pseudo_func(insn)) {
6209 * RELO_SUBPROG_ADDR relo is always emitted even if both
6210 * functions are in the same section, so it shouldn't reach here.
6212 pr_warn("prog '%s': missing subprog addr relo for insn #%zu\n",
6213 prog->name, insn_idx);
6214 return -LIBBPF_ERRNO__RELOC;
6216 /* if subprogram call is to a static function within
6217 * the same ELF section, there won't be any relocation
6218 * emitted, but it also means there is no additional
6219 * offset necessary, insns->imm is relative to
6220 * instruction's original position within the section
6222 sub_insn_idx = prog->sec_insn_off + insn_idx + insn->imm + 1;
6225 /* we enforce that sub-programs should be in .text section */
6226 subprog = find_prog_by_sec_insn(obj, obj->efile.text_shndx, sub_insn_idx);
6228 pr_warn("prog '%s': no .text section found yet sub-program call exists\n",
6230 return -LIBBPF_ERRNO__RELOC;
6233 /* if it's the first call instruction calling into this
6234 * subprogram (meaning this subprog hasn't been processed
6235 * yet) within the context of current main program:
6236 * - append it at the end of main program's instructions blog;
6237 * - process is recursively, while current program is put on hold;
6238 * - if that subprogram calls some other not yet processes
6239 * subprogram, same thing will happen recursively until
6240 * there are no more unprocesses subprograms left to append
6243 if (subprog->sub_insn_off == 0) {
6244 subprog->sub_insn_off = main_prog->insns_cnt;
6246 new_cnt = main_prog->insns_cnt + subprog->insns_cnt;
6247 insns = libbpf_reallocarray(main_prog->insns, new_cnt, sizeof(*insns));
6249 pr_warn("prog '%s': failed to realloc prog code\n", main_prog->name);
6252 main_prog->insns = insns;
6253 main_prog->insns_cnt = new_cnt;
6255 memcpy(main_prog->insns + subprog->sub_insn_off, subprog->insns,
6256 subprog->insns_cnt * sizeof(*insns));
6258 pr_debug("prog '%s': added %zu insns from sub-prog '%s'\n",
6259 main_prog->name, subprog->insns_cnt, subprog->name);
6261 /* The subprog insns are now appended. Append its relos too. */
6262 err = append_subprog_relos(main_prog, subprog);
6265 err = bpf_object__reloc_code(obj, main_prog, subprog);
6270 /* main_prog->insns memory could have been re-allocated, so
6271 * calculate pointer again
6273 insn = &main_prog->insns[prog->sub_insn_off + insn_idx];
6274 /* calculate correct instruction position within current main
6275 * prog; each main prog can have a different set of
6276 * subprograms appended (potentially in different order as
6277 * well), so position of any subprog can be different for
6278 * different main programs */
6279 insn->imm = subprog->sub_insn_off - (prog->sub_insn_off + insn_idx) - 1;
6281 pr_debug("prog '%s': insn #%zu relocated, imm %d points to subprog '%s' (now at %zu offset)\n",
6282 prog->name, insn_idx, insn->imm, subprog->name, subprog->sub_insn_off);
6289 * Relocate sub-program calls.
6291 * Algorithm operates as follows. Each entry-point BPF program (referred to as
6292 * main prog) is processed separately. For each subprog (non-entry functions,
6293 * that can be called from either entry progs or other subprogs) gets their
6294 * sub_insn_off reset to zero. This serves as indicator that this subprogram
6295 * hasn't been yet appended and relocated within current main prog. Once its
6296 * relocated, sub_insn_off will point at the position within current main prog
6297 * where given subprog was appended. This will further be used to relocate all
6298 * the call instructions jumping into this subprog.
6300 * We start with main program and process all call instructions. If the call
6301 * is into a subprog that hasn't been processed (i.e., subprog->sub_insn_off
6302 * is zero), subprog instructions are appended at the end of main program's
6303 * instruction array. Then main program is "put on hold" while we recursively
6304 * process newly appended subprogram. If that subprogram calls into another
6305 * subprogram that hasn't been appended, new subprogram is appended again to
6306 * the *main* prog's instructions (subprog's instructions are always left
6307 * untouched, as they need to be in unmodified state for subsequent main progs
6308 * and subprog instructions are always sent only as part of a main prog) and
6309 * the process continues recursively. Once all the subprogs called from a main
6310 * prog or any of its subprogs are appended (and relocated), all their
6311 * positions within finalized instructions array are known, so it's easy to
6312 * rewrite call instructions with correct relative offsets, corresponding to
6313 * desired target subprog.
6315 * Its important to realize that some subprogs might not be called from some
6316 * main prog and any of its called/used subprogs. Those will keep their
6317 * subprog->sub_insn_off as zero at all times and won't be appended to current
6318 * main prog and won't be relocated within the context of current main prog.
6319 * They might still be used from other main progs later.
6321 * Visually this process can be shown as below. Suppose we have two main
6322 * programs mainA and mainB and BPF object contains three subprogs: subA,
6323 * subB, and subC. mainA calls only subA, mainB calls only subC, but subA and
6324 * subC both call subB:
6326 * +--------+ +-------+
6328 * +--+---+ +--+-+-+ +---+--+
6329 * | subA | | subB | | subC |
6330 * +--+---+ +------+ +---+--+
6333 * +---+-------+ +------+----+
6334 * | mainA | | mainB |
6335 * +-----------+ +-----------+
6337 * We'll start relocating mainA, will find subA, append it and start
6338 * processing sub A recursively:
6340 * +-----------+------+
6342 * +-----------+------+
6344 * At this point we notice that subB is used from subA, so we append it and
6345 * relocate (there are no further subcalls from subB):
6347 * +-----------+------+------+
6348 * | mainA | subA | subB |
6349 * +-----------+------+------+
6351 * At this point, we relocate subA calls, then go one level up and finish with
6352 * relocatin mainA calls. mainA is done.
6354 * For mainB process is similar but results in different order. We start with
6355 * mainB and skip subA and subB, as mainB never calls them (at least
6356 * directly), but we see subC is needed, so we append and start processing it:
6358 * +-----------+------+
6360 * +-----------+------+
6361 * Now we see subC needs subB, so we go back to it, append and relocate it:
6363 * +-----------+------+------+
6364 * | mainB | subC | subB |
6365 * +-----------+------+------+
6367 * At this point we unwind recursion, relocate calls in subC, then in mainB.
6370 bpf_object__relocate_calls(struct bpf_object *obj, struct bpf_program *prog)
6372 struct bpf_program *subprog;
6375 /* mark all subprogs as not relocated (yet) within the context of
6376 * current main program
6378 for (i = 0; i < obj->nr_programs; i++) {
6379 subprog = &obj->programs[i];
6380 if (!prog_is_subprog(obj, subprog))
6383 subprog->sub_insn_off = 0;
6386 err = bpf_object__reloc_code(obj, prog, prog);
6394 bpf_object__free_relocs(struct bpf_object *obj)
6396 struct bpf_program *prog;
6399 /* free up relocation descriptors */
6400 for (i = 0; i < obj->nr_programs; i++) {
6401 prog = &obj->programs[i];
6402 zfree(&prog->reloc_desc);
6407 static int cmp_relocs(const void *_a, const void *_b)
6409 const struct reloc_desc *a = _a;
6410 const struct reloc_desc *b = _b;
6412 if (a->insn_idx != b->insn_idx)
6413 return a->insn_idx < b->insn_idx ? -1 : 1;
6415 /* no two relocations should have the same insn_idx, but ... */
6416 if (a->type != b->type)
6417 return a->type < b->type ? -1 : 1;
6422 static void bpf_object__sort_relos(struct bpf_object *obj)
6426 for (i = 0; i < obj->nr_programs; i++) {
6427 struct bpf_program *p = &obj->programs[i];
6432 qsort(p->reloc_desc, p->nr_reloc, sizeof(*p->reloc_desc), cmp_relocs);
6437 bpf_object__relocate(struct bpf_object *obj, const char *targ_btf_path)
6439 struct bpf_program *prog;
6444 err = bpf_object__relocate_core(obj, targ_btf_path);
6446 pr_warn("failed to perform CO-RE relocations: %d\n",
6450 bpf_object__sort_relos(obj);
6453 /* Before relocating calls pre-process relocations and mark
6454 * few ld_imm64 instructions that points to subprogs.
6455 * Otherwise bpf_object__reloc_code() later would have to consider
6456 * all ld_imm64 insns as relocation candidates. That would
6457 * reduce relocation speed, since amount of find_prog_insn_relo()
6458 * would increase and most of them will fail to find a relo.
6460 for (i = 0; i < obj->nr_programs; i++) {
6461 prog = &obj->programs[i];
6462 for (j = 0; j < prog->nr_reloc; j++) {
6463 struct reloc_desc *relo = &prog->reloc_desc[j];
6464 struct bpf_insn *insn = &prog->insns[relo->insn_idx];
6466 /* mark the insn, so it's recognized by insn_is_pseudo_func() */
6467 if (relo->type == RELO_SUBPROG_ADDR)
6468 insn[0].src_reg = BPF_PSEUDO_FUNC;
6472 /* relocate subprogram calls and append used subprograms to main
6473 * programs; each copy of subprogram code needs to be relocated
6474 * differently for each main program, because its code location might
6476 * Append subprog relos to main programs to allow data relos to be
6477 * processed after text is completely relocated.
6479 for (i = 0; i < obj->nr_programs; i++) {
6480 prog = &obj->programs[i];
6481 /* sub-program's sub-calls are relocated within the context of
6482 * its main program only
6484 if (prog_is_subprog(obj, prog))
6486 if (!prog->autoload)
6489 err = bpf_object__relocate_calls(obj, prog);
6491 pr_warn("prog '%s': failed to relocate calls: %d\n",
6496 /* Process data relos for main programs */
6497 for (i = 0; i < obj->nr_programs; i++) {
6498 prog = &obj->programs[i];
6499 if (prog_is_subprog(obj, prog))
6501 if (!prog->autoload)
6503 err = bpf_object__relocate_data(obj, prog);
6505 pr_warn("prog '%s': failed to relocate data references: %d\n",
6514 static int bpf_object__collect_st_ops_relos(struct bpf_object *obj,
6515 Elf64_Shdr *shdr, Elf_Data *data);
6517 static int bpf_object__collect_map_relos(struct bpf_object *obj,
6518 Elf64_Shdr *shdr, Elf_Data *data)
6520 const int bpf_ptr_sz = 8, host_ptr_sz = sizeof(void *);
6521 int i, j, nrels, new_sz;
6522 const struct btf_var_secinfo *vi = NULL;
6523 const struct btf_type *sec, *var, *def;
6524 struct bpf_map *map = NULL, *targ_map = NULL;
6525 struct bpf_program *targ_prog = NULL;
6526 bool is_prog_array, is_map_in_map;
6527 const struct btf_member *member;
6528 const char *name, *mname, *type;
6534 if (!obj->efile.btf_maps_sec_btf_id || !obj->btf)
6536 sec = btf__type_by_id(obj->btf, obj->efile.btf_maps_sec_btf_id);
6540 nrels = shdr->sh_size / shdr->sh_entsize;
6541 for (i = 0; i < nrels; i++) {
6542 rel = elf_rel_by_idx(data, i);
6544 pr_warn(".maps relo #%d: failed to get ELF relo\n", i);
6545 return -LIBBPF_ERRNO__FORMAT;
6548 sym = elf_sym_by_idx(obj, ELF64_R_SYM(rel->r_info));
6550 pr_warn(".maps relo #%d: symbol %zx not found\n",
6551 i, (size_t)ELF64_R_SYM(rel->r_info));
6552 return -LIBBPF_ERRNO__FORMAT;
6554 name = elf_sym_str(obj, sym->st_name) ?: "<?>";
6556 pr_debug(".maps relo #%d: for %zd value %zd rel->r_offset %zu name %d ('%s')\n",
6557 i, (ssize_t)(rel->r_info >> 32), (size_t)sym->st_value,
6558 (size_t)rel->r_offset, sym->st_name, name);
6560 for (j = 0; j < obj->nr_maps; j++) {
6561 map = &obj->maps[j];
6562 if (map->sec_idx != obj->efile.btf_maps_shndx)
6565 vi = btf_var_secinfos(sec) + map->btf_var_idx;
6566 if (vi->offset <= rel->r_offset &&
6567 rel->r_offset + bpf_ptr_sz <= vi->offset + vi->size)
6570 if (j == obj->nr_maps) {
6571 pr_warn(".maps relo #%d: cannot find map '%s' at rel->r_offset %zu\n",
6572 i, name, (size_t)rel->r_offset);
6576 is_map_in_map = bpf_map_type__is_map_in_map(map->def.type);
6577 is_prog_array = map->def.type == BPF_MAP_TYPE_PROG_ARRAY;
6578 type = is_map_in_map ? "map" : "prog";
6579 if (is_map_in_map) {
6580 if (sym->st_shndx != obj->efile.btf_maps_shndx) {
6581 pr_warn(".maps relo #%d: '%s' isn't a BTF-defined map\n",
6583 return -LIBBPF_ERRNO__RELOC;
6585 if (map->def.type == BPF_MAP_TYPE_HASH_OF_MAPS &&
6586 map->def.key_size != sizeof(int)) {
6587 pr_warn(".maps relo #%d: hash-of-maps '%s' should have key size %zu.\n",
6588 i, map->name, sizeof(int));
6591 targ_map = bpf_object__find_map_by_name(obj, name);
6593 pr_warn(".maps relo #%d: '%s' isn't a valid map reference\n",
6597 } else if (is_prog_array) {
6598 targ_prog = bpf_object__find_program_by_name(obj, name);
6600 pr_warn(".maps relo #%d: '%s' isn't a valid program reference\n",
6604 if (targ_prog->sec_idx != sym->st_shndx ||
6605 targ_prog->sec_insn_off * 8 != sym->st_value ||
6606 prog_is_subprog(obj, targ_prog)) {
6607 pr_warn(".maps relo #%d: '%s' isn't an entry-point program\n",
6609 return -LIBBPF_ERRNO__RELOC;
6615 var = btf__type_by_id(obj->btf, vi->type);
6616 def = skip_mods_and_typedefs(obj->btf, var->type, NULL);
6617 if (btf_vlen(def) == 0)
6619 member = btf_members(def) + btf_vlen(def) - 1;
6620 mname = btf__name_by_offset(obj->btf, member->name_off);
6621 if (strcmp(mname, "values"))
6624 moff = btf_member_bit_offset(def, btf_vlen(def) - 1) / 8;
6625 if (rel->r_offset - vi->offset < moff)
6628 moff = rel->r_offset - vi->offset - moff;
6629 /* here we use BPF pointer size, which is always 64 bit, as we
6630 * are parsing ELF that was built for BPF target
6632 if (moff % bpf_ptr_sz)
6635 if (moff >= map->init_slots_sz) {
6637 tmp = libbpf_reallocarray(map->init_slots, new_sz, host_ptr_sz);
6640 map->init_slots = tmp;
6641 memset(map->init_slots + map->init_slots_sz, 0,
6642 (new_sz - map->init_slots_sz) * host_ptr_sz);
6643 map->init_slots_sz = new_sz;
6645 map->init_slots[moff] = is_map_in_map ? (void *)targ_map : (void *)targ_prog;
6647 pr_debug(".maps relo #%d: map '%s' slot [%d] points to %s '%s'\n",
6648 i, map->name, moff, type, name);
6654 static int bpf_object__collect_relos(struct bpf_object *obj)
6658 for (i = 0; i < obj->efile.sec_cnt; i++) {
6659 struct elf_sec_desc *sec_desc = &obj->efile.secs[i];
6664 if (sec_desc->sec_type != SEC_RELO)
6667 shdr = sec_desc->shdr;
6668 data = sec_desc->data;
6669 idx = shdr->sh_info;
6671 if (shdr->sh_type != SHT_REL) {
6672 pr_warn("internal error at %d\n", __LINE__);
6673 return -LIBBPF_ERRNO__INTERNAL;
6676 if (idx == obj->efile.st_ops_shndx)
6677 err = bpf_object__collect_st_ops_relos(obj, shdr, data);
6678 else if (idx == obj->efile.btf_maps_shndx)
6679 err = bpf_object__collect_map_relos(obj, shdr, data);
6681 err = bpf_object__collect_prog_relos(obj, shdr, data);
6686 bpf_object__sort_relos(obj);
6690 static bool insn_is_helper_call(struct bpf_insn *insn, enum bpf_func_id *func_id)
6692 if (BPF_CLASS(insn->code) == BPF_JMP &&
6693 BPF_OP(insn->code) == BPF_CALL &&
6694 BPF_SRC(insn->code) == BPF_K &&
6695 insn->src_reg == 0 &&
6696 insn->dst_reg == 0) {
6697 *func_id = insn->imm;
6703 static int bpf_object__sanitize_prog(struct bpf_object *obj, struct bpf_program *prog)
6705 struct bpf_insn *insn = prog->insns;
6706 enum bpf_func_id func_id;
6709 if (obj->gen_loader)
6712 for (i = 0; i < prog->insns_cnt; i++, insn++) {
6713 if (!insn_is_helper_call(insn, &func_id))
6716 /* on kernels that don't yet support
6717 * bpf_probe_read_{kernel,user}[_str] helpers, fall back
6718 * to bpf_probe_read() which works well for old kernels
6721 case BPF_FUNC_probe_read_kernel:
6722 case BPF_FUNC_probe_read_user:
6723 if (!kernel_supports(obj, FEAT_PROBE_READ_KERN))
6724 insn->imm = BPF_FUNC_probe_read;
6726 case BPF_FUNC_probe_read_kernel_str:
6727 case BPF_FUNC_probe_read_user_str:
6728 if (!kernel_supports(obj, FEAT_PROBE_READ_KERN))
6729 insn->imm = BPF_FUNC_probe_read_str;
6738 static int libbpf_find_attach_btf_id(struct bpf_program *prog, const char *attach_name,
6739 int *btf_obj_fd, int *btf_type_id);
6741 /* this is called as prog->sec_def->prog_prepare_load_fn for libbpf-supported sec_defs */
6742 static int libbpf_prepare_prog_load(struct bpf_program *prog,
6743 struct bpf_prog_load_opts *opts, long cookie)
6745 enum sec_def_flags def = cookie;
6747 /* old kernels might not support specifying expected_attach_type */
6748 if ((def & SEC_EXP_ATTACH_OPT) && !kernel_supports(prog->obj, FEAT_EXP_ATTACH_TYPE))
6749 opts->expected_attach_type = 0;
6751 if (def & SEC_SLEEPABLE)
6752 opts->prog_flags |= BPF_F_SLEEPABLE;
6754 if (prog->type == BPF_PROG_TYPE_XDP && (def & SEC_XDP_FRAGS))
6755 opts->prog_flags |= BPF_F_XDP_HAS_FRAGS;
6757 if (def & SEC_DEPRECATED) {
6758 pr_warn("SEC(\"%s\") is deprecated, please see https://github.com/libbpf/libbpf/wiki/Libbpf-1.0-migration-guide#bpf-program-sec-annotation-deprecations for details\n",
6762 if ((def & SEC_ATTACH_BTF) && !prog->attach_btf_id) {
6763 int btf_obj_fd = 0, btf_type_id = 0, err;
6764 const char *attach_name;
6766 attach_name = strchr(prog->sec_name, '/');
6768 /* if BPF program is annotated with just SEC("fentry")
6769 * (or similar) without declaratively specifying
6770 * target, then it is expected that target will be
6771 * specified with bpf_program__set_attach_target() at
6772 * runtime before BPF object load step. If not, then
6773 * there is nothing to load into the kernel as BPF
6774 * verifier won't be able to validate BPF program
6775 * correctness anyways.
6777 pr_warn("prog '%s': no BTF-based attach target is specified, use bpf_program__set_attach_target()\n",
6781 attach_name++; /* skip over / */
6783 err = libbpf_find_attach_btf_id(prog, attach_name, &btf_obj_fd, &btf_type_id);
6787 /* cache resolved BTF FD and BTF type ID in the prog */
6788 prog->attach_btf_obj_fd = btf_obj_fd;
6789 prog->attach_btf_id = btf_type_id;
6791 /* but by now libbpf common logic is not utilizing
6792 * prog->atach_btf_obj_fd/prog->attach_btf_id anymore because
6793 * this callback is called after opts were populated by
6794 * libbpf, so this callback has to update opts explicitly here
6796 opts->attach_btf_obj_fd = btf_obj_fd;
6797 opts->attach_btf_id = btf_type_id;
6802 static void fixup_verifier_log(struct bpf_program *prog, char *buf, size_t buf_sz);
6804 static int bpf_object_load_prog_instance(struct bpf_object *obj, struct bpf_program *prog,
6805 struct bpf_insn *insns, int insns_cnt,
6806 const char *license, __u32 kern_version,
6809 LIBBPF_OPTS(bpf_prog_load_opts, load_attr);
6810 const char *prog_name = NULL;
6811 char *cp, errmsg[STRERR_BUFSIZE];
6812 size_t log_buf_size = 0;
6813 char *log_buf = NULL, *tmp;
6814 int btf_fd, ret, err;
6815 bool own_log_buf = true;
6816 __u32 log_level = prog->log_level;
6818 if (prog->type == BPF_PROG_TYPE_UNSPEC) {
6820 * The program type must be set. Most likely we couldn't find a proper
6821 * section definition at load time, and thus we didn't infer the type.
6823 pr_warn("prog '%s': missing BPF prog type, check ELF section name '%s'\n",
6824 prog->name, prog->sec_name);
6828 if (!insns || !insns_cnt)
6831 load_attr.expected_attach_type = prog->expected_attach_type;
6832 if (kernel_supports(obj, FEAT_PROG_NAME))
6833 prog_name = prog->name;
6834 load_attr.attach_prog_fd = prog->attach_prog_fd;
6835 load_attr.attach_btf_obj_fd = prog->attach_btf_obj_fd;
6836 load_attr.attach_btf_id = prog->attach_btf_id;
6837 load_attr.kern_version = kern_version;
6838 load_attr.prog_ifindex = prog->prog_ifindex;
6840 /* specify func_info/line_info only if kernel supports them */
6841 btf_fd = bpf_object__btf_fd(obj);
6842 if (btf_fd >= 0 && kernel_supports(obj, FEAT_BTF_FUNC)) {
6843 load_attr.prog_btf_fd = btf_fd;
6844 load_attr.func_info = prog->func_info;
6845 load_attr.func_info_rec_size = prog->func_info_rec_size;
6846 load_attr.func_info_cnt = prog->func_info_cnt;
6847 load_attr.line_info = prog->line_info;
6848 load_attr.line_info_rec_size = prog->line_info_rec_size;
6849 load_attr.line_info_cnt = prog->line_info_cnt;
6851 load_attr.log_level = log_level;
6852 load_attr.prog_flags = prog->prog_flags;
6853 load_attr.fd_array = obj->fd_array;
6855 /* adjust load_attr if sec_def provides custom preload callback */
6856 if (prog->sec_def && prog->sec_def->prog_prepare_load_fn) {
6857 err = prog->sec_def->prog_prepare_load_fn(prog, &load_attr, prog->sec_def->cookie);
6859 pr_warn("prog '%s': failed to prepare load attributes: %d\n",
6863 insns = prog->insns;
6864 insns_cnt = prog->insns_cnt;
6867 if (obj->gen_loader) {
6868 bpf_gen__prog_load(obj->gen_loader, prog->type, prog->name,
6869 license, insns, insns_cnt, &load_attr,
6870 prog - obj->programs);
6876 /* if log_level is zero, we don't request logs initiallly even if
6877 * custom log_buf is specified; if the program load fails, then we'll
6878 * bump log_level to 1 and use either custom log_buf or we'll allocate
6879 * our own and retry the load to get details on what failed
6882 if (prog->log_buf) {
6883 log_buf = prog->log_buf;
6884 log_buf_size = prog->log_size;
6885 own_log_buf = false;
6886 } else if (obj->log_buf) {
6887 log_buf = obj->log_buf;
6888 log_buf_size = obj->log_size;
6889 own_log_buf = false;
6891 log_buf_size = max((size_t)BPF_LOG_BUF_SIZE, log_buf_size * 2);
6892 tmp = realloc(log_buf, log_buf_size);
6903 load_attr.log_buf = log_buf;
6904 load_attr.log_size = log_buf_size;
6905 load_attr.log_level = log_level;
6907 ret = bpf_prog_load(prog->type, prog_name, license, insns, insns_cnt, &load_attr);
6909 if (log_level && own_log_buf) {
6910 pr_debug("prog '%s': -- BEGIN PROG LOAD LOG --\n%s-- END PROG LOAD LOG --\n",
6911 prog->name, log_buf);
6914 if (obj->has_rodata && kernel_supports(obj, FEAT_PROG_BIND_MAP)) {
6915 struct bpf_map *map;
6918 for (i = 0; i < obj->nr_maps; i++) {
6919 map = &prog->obj->maps[i];
6920 if (map->libbpf_type != LIBBPF_MAP_RODATA)
6923 if (bpf_prog_bind_map(ret, bpf_map__fd(map), NULL)) {
6924 cp = libbpf_strerror_r(errno, errmsg, sizeof(errmsg));
6925 pr_warn("prog '%s': failed to bind map '%s': %s\n",
6926 prog->name, map->real_name, cp);
6927 /* Don't fail hard if can't bind rodata. */
6937 if (log_level == 0) {
6941 /* On ENOSPC, increase log buffer size and retry, unless custom
6942 * log_buf is specified.
6943 * Be careful to not overflow u32, though. Kernel's log buf size limit
6944 * isn't part of UAPI so it can always be bumped to full 4GB. So don't
6945 * multiply by 2 unless we are sure we'll fit within 32 bits.
6946 * Currently, we'll get -EINVAL when we reach (UINT_MAX >> 2).
6948 if (own_log_buf && errno == ENOSPC && log_buf_size <= UINT_MAX / 2)
6953 /* post-process verifier log to improve error descriptions */
6954 fixup_verifier_log(prog, log_buf, log_buf_size);
6956 cp = libbpf_strerror_r(errno, errmsg, sizeof(errmsg));
6957 pr_warn("prog '%s': BPF program load failed: %s\n", prog->name, cp);
6960 if (own_log_buf && log_buf && log_buf[0] != '\0') {
6961 pr_warn("prog '%s': -- BEGIN PROG LOAD LOG --\n%s-- END PROG LOAD LOG --\n",
6962 prog->name, log_buf);
6971 static char *find_prev_line(char *buf, char *cur)
6975 if (cur == buf) /* end of a log buf */
6979 while (p - 1 >= buf && *(p - 1) != '\n')
6985 static void patch_log(char *buf, size_t buf_sz, size_t log_sz,
6986 char *orig, size_t orig_sz, const char *patch)
6988 /* size of the remaining log content to the right from the to-be-replaced part */
6989 size_t rem_sz = (buf + log_sz) - (orig + orig_sz);
6990 size_t patch_sz = strlen(patch);
6992 if (patch_sz != orig_sz) {
6993 /* If patch line(s) are longer than original piece of verifier log,
6994 * shift log contents by (patch_sz - orig_sz) bytes to the right
6995 * starting from after to-be-replaced part of the log.
6997 * If patch line(s) are shorter than original piece of verifier log,
6998 * shift log contents by (orig_sz - patch_sz) bytes to the left
6999 * starting from after to-be-replaced part of the log
7001 * We need to be careful about not overflowing available
7002 * buf_sz capacity. If that's the case, we'll truncate the end
7003 * of the original log, as necessary.
7005 if (patch_sz > orig_sz) {
7006 if (orig + patch_sz >= buf + buf_sz) {
7007 /* patch is big enough to cover remaining space completely */
7008 patch_sz -= (orig + patch_sz) - (buf + buf_sz) + 1;
7010 } else if (patch_sz - orig_sz > buf_sz - log_sz) {
7011 /* patch causes part of remaining log to be truncated */
7012 rem_sz -= (patch_sz - orig_sz) - (buf_sz - log_sz);
7015 /* shift remaining log to the right by calculated amount */
7016 memmove(orig + patch_sz, orig + orig_sz, rem_sz);
7019 memcpy(orig, patch, patch_sz);
7022 static void fixup_log_failed_core_relo(struct bpf_program *prog,
7023 char *buf, size_t buf_sz, size_t log_sz,
7024 char *line1, char *line2, char *line3)
7026 /* Expected log for failed and not properly guarded CO-RE relocation:
7027 * line1 -> 123: (85) call unknown#195896080
7028 * line2 -> invalid func unknown#195896080
7029 * line3 -> <anything else or end of buffer>
7031 * "123" is the index of the instruction that was poisoned. We extract
7032 * instruction index to find corresponding CO-RE relocation and
7033 * replace this part of the log with more relevant information about
7034 * failed CO-RE relocation.
7036 const struct bpf_core_relo *relo;
7037 struct bpf_core_spec spec;
7038 char patch[512], spec_buf[256];
7039 int insn_idx, err, spec_len;
7041 if (sscanf(line1, "%d: (%*d) call unknown#195896080\n", &insn_idx) != 1)
7044 relo = find_relo_core(prog, insn_idx);
7048 err = bpf_core_parse_spec(prog->name, prog->obj->btf, relo, &spec);
7052 spec_len = bpf_core_format_spec(spec_buf, sizeof(spec_buf), &spec);
7053 snprintf(patch, sizeof(patch),
7054 "%d: <invalid CO-RE relocation>\n"
7055 "failed to resolve CO-RE relocation %s%s\n",
7056 insn_idx, spec_buf, spec_len >= sizeof(spec_buf) ? "..." : "");
7058 patch_log(buf, buf_sz, log_sz, line1, line3 - line1, patch);
7061 static void fixup_log_missing_map_load(struct bpf_program *prog,
7062 char *buf, size_t buf_sz, size_t log_sz,
7063 char *line1, char *line2, char *line3)
7065 /* Expected log for failed and not properly guarded CO-RE relocation:
7066 * line1 -> 123: (85) call unknown#2001000345
7067 * line2 -> invalid func unknown#2001000345
7068 * line3 -> <anything else or end of buffer>
7070 * "123" is the index of the instruction that was poisoned.
7071 * "345" in "2001000345" are map index in obj->maps to fetch map name.
7073 struct bpf_object *obj = prog->obj;
7074 const struct bpf_map *map;
7075 int insn_idx, map_idx;
7078 if (sscanf(line1, "%d: (%*d) call unknown#%d\n", &insn_idx, &map_idx) != 2)
7081 map_idx -= MAP_LDIMM64_POISON_BASE;
7082 if (map_idx < 0 || map_idx >= obj->nr_maps)
7084 map = &obj->maps[map_idx];
7086 snprintf(patch, sizeof(patch),
7087 "%d: <invalid BPF map reference>\n"
7088 "BPF map '%s' is referenced but wasn't created\n",
7089 insn_idx, map->name);
7091 patch_log(buf, buf_sz, log_sz, line1, line3 - line1, patch);
7094 static void fixup_verifier_log(struct bpf_program *prog, char *buf, size_t buf_sz)
7096 /* look for familiar error patterns in last N lines of the log */
7097 const size_t max_last_line_cnt = 10;
7098 char *prev_line, *cur_line, *next_line;
7105 log_sz = strlen(buf) + 1;
7106 next_line = buf + log_sz - 1;
7108 for (i = 0; i < max_last_line_cnt; i++, next_line = cur_line) {
7109 cur_line = find_prev_line(buf, next_line);
7113 /* failed CO-RE relocation case */
7114 if (str_has_pfx(cur_line, "invalid func unknown#195896080\n")) {
7115 prev_line = find_prev_line(buf, cur_line);
7119 fixup_log_failed_core_relo(prog, buf, buf_sz, log_sz,
7120 prev_line, cur_line, next_line);
7122 } else if (str_has_pfx(cur_line, "invalid func unknown#"MAP_LDIMM64_POISON_PFX)) {
7123 prev_line = find_prev_line(buf, cur_line);
7127 fixup_log_missing_map_load(prog, buf, buf_sz, log_sz,
7128 prev_line, cur_line, next_line);
7134 static int bpf_program_record_relos(struct bpf_program *prog)
7136 struct bpf_object *obj = prog->obj;
7139 for (i = 0; i < prog->nr_reloc; i++) {
7140 struct reloc_desc *relo = &prog->reloc_desc[i];
7141 struct extern_desc *ext = &obj->externs[relo->sym_off];
7143 switch (relo->type) {
7144 case RELO_EXTERN_VAR:
7145 if (ext->type != EXT_KSYM)
7147 bpf_gen__record_extern(obj->gen_loader, ext->name,
7148 ext->is_weak, !ext->ksym.type_id,
7149 BTF_KIND_VAR, relo->insn_idx);
7151 case RELO_EXTERN_FUNC:
7152 bpf_gen__record_extern(obj->gen_loader, ext->name,
7153 ext->is_weak, false, BTF_KIND_FUNC,
7157 struct bpf_core_relo cr = {
7158 .insn_off = relo->insn_idx * 8,
7159 .type_id = relo->core_relo->type_id,
7160 .access_str_off = relo->core_relo->access_str_off,
7161 .kind = relo->core_relo->kind,
7164 bpf_gen__record_relo_core(obj->gen_loader, &cr);
7174 static int bpf_object_load_prog(struct bpf_object *obj, struct bpf_program *prog,
7175 const char *license, __u32 kern_ver)
7180 pr_warn("prog '%s': can't load after object was loaded\n", prog->name);
7181 return libbpf_err(-EINVAL);
7184 if (prog->instances.nr < 0 || !prog->instances.fds) {
7185 if (prog->preprocessor) {
7186 pr_warn("Internal error: can't load program '%s'\n",
7188 return libbpf_err(-LIBBPF_ERRNO__INTERNAL);
7191 prog->instances.fds = malloc(sizeof(int));
7192 if (!prog->instances.fds) {
7193 pr_warn("Not enough memory for BPF fds\n");
7194 return libbpf_err(-ENOMEM);
7196 prog->instances.nr = 1;
7197 prog->instances.fds[0] = -1;
7200 if (!prog->preprocessor) {
7201 if (prog->instances.nr != 1) {
7202 pr_warn("prog '%s': inconsistent nr(%d) != 1\n",
7203 prog->name, prog->instances.nr);
7205 if (obj->gen_loader)
7206 bpf_program_record_relos(prog);
7207 err = bpf_object_load_prog_instance(obj, prog,
7208 prog->insns, prog->insns_cnt,
7209 license, kern_ver, &fd);
7211 prog->instances.fds[0] = fd;
7215 for (i = 0; i < prog->instances.nr; i++) {
7216 struct bpf_prog_prep_result result;
7217 bpf_program_prep_t preprocessor = prog->preprocessor;
7219 memset(&result, 0, sizeof(result));
7220 err = preprocessor(prog, i, prog->insns,
7221 prog->insns_cnt, &result);
7223 pr_warn("Preprocessing the %dth instance of program '%s' failed\n",
7228 if (!result.new_insn_ptr || !result.new_insn_cnt) {
7229 pr_debug("Skip loading the %dth instance of program '%s'\n",
7231 prog->instances.fds[i] = -1;
7237 err = bpf_object_load_prog_instance(obj, prog,
7238 result.new_insn_ptr, result.new_insn_cnt,
7239 license, kern_ver, &fd);
7241 pr_warn("Loading the %dth instance of program '%s' failed\n",
7248 prog->instances.fds[i] = fd;
7252 pr_warn("failed to load program '%s'\n", prog->name);
7253 return libbpf_err(err);
7256 int bpf_program__load(struct bpf_program *prog, const char *license, __u32 kern_ver)
7258 return bpf_object_load_prog(prog->obj, prog, license, kern_ver);
7262 bpf_object__load_progs(struct bpf_object *obj, int log_level)
7264 struct bpf_program *prog;
7268 for (i = 0; i < obj->nr_programs; i++) {
7269 prog = &obj->programs[i];
7270 err = bpf_object__sanitize_prog(obj, prog);
7275 for (i = 0; i < obj->nr_programs; i++) {
7276 prog = &obj->programs[i];
7277 if (prog_is_subprog(obj, prog))
7279 if (!prog->autoload) {
7280 pr_debug("prog '%s': skipped loading\n", prog->name);
7283 prog->log_level |= log_level;
7284 err = bpf_object_load_prog(obj, prog, obj->license, obj->kern_version);
7289 bpf_object__free_relocs(obj);
7293 static const struct bpf_sec_def *find_sec_def(const char *sec_name);
7295 static int bpf_object_init_progs(struct bpf_object *obj, const struct bpf_object_open_opts *opts)
7297 struct bpf_program *prog;
7300 bpf_object__for_each_program(prog, obj) {
7301 prog->sec_def = find_sec_def(prog->sec_name);
7302 if (!prog->sec_def) {
7303 /* couldn't guess, but user might manually specify */
7304 pr_debug("prog '%s': unrecognized ELF section name '%s'\n",
7305 prog->name, prog->sec_name);
7309 prog->type = prog->sec_def->prog_type;
7310 prog->expected_attach_type = prog->sec_def->expected_attach_type;
7312 #pragma GCC diagnostic push
7313 #pragma GCC diagnostic ignored "-Wdeprecated-declarations"
7314 if (prog->sec_def->prog_type == BPF_PROG_TYPE_TRACING ||
7315 prog->sec_def->prog_type == BPF_PROG_TYPE_EXT)
7316 prog->attach_prog_fd = OPTS_GET(opts, attach_prog_fd, 0);
7317 #pragma GCC diagnostic pop
7319 /* sec_def can have custom callback which should be called
7320 * after bpf_program is initialized to adjust its properties
7322 if (prog->sec_def->prog_setup_fn) {
7323 err = prog->sec_def->prog_setup_fn(prog, prog->sec_def->cookie);
7325 pr_warn("prog '%s': failed to initialize: %d\n",
7335 static struct bpf_object *bpf_object_open(const char *path, const void *obj_buf, size_t obj_buf_sz,
7336 const struct bpf_object_open_opts *opts)
7338 const char *obj_name, *kconfig, *btf_tmp_path;
7339 struct bpf_object *obj;
7346 if (elf_version(EV_CURRENT) == EV_NONE) {
7347 pr_warn("failed to init libelf for %s\n",
7348 path ? : "(mem buf)");
7349 return ERR_PTR(-LIBBPF_ERRNO__LIBELF);
7352 if (!OPTS_VALID(opts, bpf_object_open_opts))
7353 return ERR_PTR(-EINVAL);
7355 obj_name = OPTS_GET(opts, object_name, NULL);
7358 snprintf(tmp_name, sizeof(tmp_name), "%lx-%lx",
7359 (unsigned long)obj_buf,
7360 (unsigned long)obj_buf_sz);
7361 obj_name = tmp_name;
7364 pr_debug("loading object '%s' from buffer\n", obj_name);
7367 log_buf = OPTS_GET(opts, kernel_log_buf, NULL);
7368 log_size = OPTS_GET(opts, kernel_log_size, 0);
7369 log_level = OPTS_GET(opts, kernel_log_level, 0);
7370 if (log_size > UINT_MAX)
7371 return ERR_PTR(-EINVAL);
7372 if (log_size && !log_buf)
7373 return ERR_PTR(-EINVAL);
7375 obj = bpf_object__new(path, obj_buf, obj_buf_sz, obj_name);
7379 obj->log_buf = log_buf;
7380 obj->log_size = log_size;
7381 obj->log_level = log_level;
7383 btf_tmp_path = OPTS_GET(opts, btf_custom_path, NULL);
7385 if (strlen(btf_tmp_path) >= PATH_MAX) {
7386 err = -ENAMETOOLONG;
7389 obj->btf_custom_path = strdup(btf_tmp_path);
7390 if (!obj->btf_custom_path) {
7396 kconfig = OPTS_GET(opts, kconfig, NULL);
7398 obj->kconfig = strdup(kconfig);
7399 if (!obj->kconfig) {
7405 err = bpf_object__elf_init(obj);
7406 err = err ? : bpf_object__check_endianness(obj);
7407 err = err ? : bpf_object__elf_collect(obj);
7408 err = err ? : bpf_object__collect_externs(obj);
7409 err = err ? : bpf_object__finalize_btf(obj);
7410 err = err ? : bpf_object__init_maps(obj, opts);
7411 err = err ? : bpf_object_init_progs(obj, opts);
7412 err = err ? : bpf_object__collect_relos(obj);
7416 bpf_object__elf_finish(obj);
7420 bpf_object__close(obj);
7421 return ERR_PTR(err);
7424 static struct bpf_object *
7425 __bpf_object__open_xattr(struct bpf_object_open_attr *attr, int flags)
7427 DECLARE_LIBBPF_OPTS(bpf_object_open_opts, opts,
7428 .relaxed_maps = flags & MAPS_RELAX_COMPAT,
7431 /* param validation */
7435 pr_debug("loading %s\n", attr->file);
7436 return bpf_object_open(attr->file, NULL, 0, &opts);
7439 struct bpf_object *bpf_object__open_xattr(struct bpf_object_open_attr *attr)
7441 return libbpf_ptr(__bpf_object__open_xattr(attr, 0));
7444 struct bpf_object *bpf_object__open(const char *path)
7446 struct bpf_object_open_attr attr = {
7448 .prog_type = BPF_PROG_TYPE_UNSPEC,
7451 return libbpf_ptr(__bpf_object__open_xattr(&attr, 0));
7455 bpf_object__open_file(const char *path, const struct bpf_object_open_opts *opts)
7458 return libbpf_err_ptr(-EINVAL);
7460 pr_debug("loading %s\n", path);
7462 return libbpf_ptr(bpf_object_open(path, NULL, 0, opts));
7466 bpf_object__open_mem(const void *obj_buf, size_t obj_buf_sz,
7467 const struct bpf_object_open_opts *opts)
7469 if (!obj_buf || obj_buf_sz == 0)
7470 return libbpf_err_ptr(-EINVAL);
7472 return libbpf_ptr(bpf_object_open(NULL, obj_buf, obj_buf_sz, opts));
7476 bpf_object__open_buffer(const void *obj_buf, size_t obj_buf_sz,
7479 DECLARE_LIBBPF_OPTS(bpf_object_open_opts, opts,
7480 .object_name = name,
7481 /* wrong default, but backwards-compatible */
7482 .relaxed_maps = true,
7485 /* returning NULL is wrong, but backwards-compatible */
7486 if (!obj_buf || obj_buf_sz == 0)
7487 return errno = EINVAL, NULL;
7489 return libbpf_ptr(bpf_object_open(NULL, obj_buf, obj_buf_sz, &opts));
7492 static int bpf_object_unload(struct bpf_object *obj)
7497 return libbpf_err(-EINVAL);
7499 for (i = 0; i < obj->nr_maps; i++) {
7500 zclose(obj->maps[i].fd);
7501 if (obj->maps[i].st_ops)
7502 zfree(&obj->maps[i].st_ops->kern_vdata);
7505 for (i = 0; i < obj->nr_programs; i++)
7506 bpf_program__unload(&obj->programs[i]);
7511 int bpf_object__unload(struct bpf_object *obj) __attribute__((alias("bpf_object_unload")));
7513 static int bpf_object__sanitize_maps(struct bpf_object *obj)
7517 bpf_object__for_each_map(m, obj) {
7518 if (!bpf_map__is_internal(m))
7520 if (!kernel_supports(obj, FEAT_ARRAY_MMAP))
7521 m->def.map_flags ^= BPF_F_MMAPABLE;
7527 int libbpf_kallsyms_parse(kallsyms_cb_t cb, void *ctx)
7529 char sym_type, sym_name[500];
7530 unsigned long long sym_addr;
7534 f = fopen("/proc/kallsyms", "r");
7537 pr_warn("failed to open /proc/kallsyms: %d\n", err);
7542 ret = fscanf(f, "%llx %c %499s%*[^\n]\n",
7543 &sym_addr, &sym_type, sym_name);
7544 if (ret == EOF && feof(f))
7547 pr_warn("failed to read kallsyms entry: %d\n", ret);
7552 err = cb(sym_addr, sym_type, sym_name, ctx);
7561 static int kallsyms_cb(unsigned long long sym_addr, char sym_type,
7562 const char *sym_name, void *ctx)
7564 struct bpf_object *obj = ctx;
7565 const struct btf_type *t;
7566 struct extern_desc *ext;
7568 ext = find_extern_by_name(obj, sym_name);
7569 if (!ext || ext->type != EXT_KSYM)
7572 t = btf__type_by_id(obj->btf, ext->btf_id);
7576 if (ext->is_set && ext->ksym.addr != sym_addr) {
7577 pr_warn("extern (ksym) '%s' resolution is ambiguous: 0x%llx or 0x%llx\n",
7578 sym_name, ext->ksym.addr, sym_addr);
7583 ext->ksym.addr = sym_addr;
7584 pr_debug("extern (ksym) %s=0x%llx\n", sym_name, sym_addr);
7589 static int bpf_object__read_kallsyms_file(struct bpf_object *obj)
7591 return libbpf_kallsyms_parse(kallsyms_cb, obj);
7594 static int find_ksym_btf_id(struct bpf_object *obj, const char *ksym_name,
7595 __u16 kind, struct btf **res_btf,
7596 struct module_btf **res_mod_btf)
7598 struct module_btf *mod_btf;
7602 btf = obj->btf_vmlinux;
7604 id = btf__find_by_name_kind(btf, ksym_name, kind);
7606 if (id == -ENOENT) {
7607 err = load_module_btfs(obj);
7611 for (i = 0; i < obj->btf_module_cnt; i++) {
7612 /* we assume module_btf's BTF FD is always >0 */
7613 mod_btf = &obj->btf_modules[i];
7615 id = btf__find_by_name_kind_own(btf, ksym_name, kind);
7624 *res_mod_btf = mod_btf;
7628 static int bpf_object__resolve_ksym_var_btf_id(struct bpf_object *obj,
7629 struct extern_desc *ext)
7631 const struct btf_type *targ_var, *targ_type;
7632 __u32 targ_type_id, local_type_id;
7633 struct module_btf *mod_btf = NULL;
7634 const char *targ_var_name;
7635 struct btf *btf = NULL;
7638 id = find_ksym_btf_id(obj, ext->name, BTF_KIND_VAR, &btf, &mod_btf);
7640 if (id == -ESRCH && ext->is_weak)
7642 pr_warn("extern (var ksym) '%s': not found in kernel BTF\n",
7647 /* find local type_id */
7648 local_type_id = ext->ksym.type_id;
7650 /* find target type_id */
7651 targ_var = btf__type_by_id(btf, id);
7652 targ_var_name = btf__name_by_offset(btf, targ_var->name_off);
7653 targ_type = skip_mods_and_typedefs(btf, targ_var->type, &targ_type_id);
7655 err = bpf_core_types_are_compat(obj->btf, local_type_id,
7658 const struct btf_type *local_type;
7659 const char *targ_name, *local_name;
7661 local_type = btf__type_by_id(obj->btf, local_type_id);
7662 local_name = btf__name_by_offset(obj->btf, local_type->name_off);
7663 targ_name = btf__name_by_offset(btf, targ_type->name_off);
7665 pr_warn("extern (var ksym) '%s': incompatible types, expected [%d] %s %s, but kernel has [%d] %s %s\n",
7666 ext->name, local_type_id,
7667 btf_kind_str(local_type), local_name, targ_type_id,
7668 btf_kind_str(targ_type), targ_name);
7673 ext->ksym.kernel_btf_obj_fd = mod_btf ? mod_btf->fd : 0;
7674 ext->ksym.kernel_btf_id = id;
7675 pr_debug("extern (var ksym) '%s': resolved to [%d] %s %s\n",
7676 ext->name, id, btf_kind_str(targ_var), targ_var_name);
7681 static int bpf_object__resolve_ksym_func_btf_id(struct bpf_object *obj,
7682 struct extern_desc *ext)
7684 int local_func_proto_id, kfunc_proto_id, kfunc_id;
7685 struct module_btf *mod_btf = NULL;
7686 const struct btf_type *kern_func;
7687 struct btf *kern_btf = NULL;
7690 local_func_proto_id = ext->ksym.type_id;
7692 kfunc_id = find_ksym_btf_id(obj, ext->name, BTF_KIND_FUNC, &kern_btf, &mod_btf);
7694 if (kfunc_id == -ESRCH && ext->is_weak)
7696 pr_warn("extern (func ksym) '%s': not found in kernel or module BTFs\n",
7701 kern_func = btf__type_by_id(kern_btf, kfunc_id);
7702 kfunc_proto_id = kern_func->type;
7704 ret = bpf_core_types_are_compat(obj->btf, local_func_proto_id,
7705 kern_btf, kfunc_proto_id);
7707 pr_warn("extern (func ksym) '%s': func_proto [%d] incompatible with kernel [%d]\n",
7708 ext->name, local_func_proto_id, kfunc_proto_id);
7712 /* set index for module BTF fd in fd_array, if unset */
7713 if (mod_btf && !mod_btf->fd_array_idx) {
7714 /* insn->off is s16 */
7715 if (obj->fd_array_cnt == INT16_MAX) {
7716 pr_warn("extern (func ksym) '%s': module BTF fd index %d too big to fit in bpf_insn offset\n",
7717 ext->name, mod_btf->fd_array_idx);
7720 /* Cannot use index 0 for module BTF fd */
7721 if (!obj->fd_array_cnt)
7722 obj->fd_array_cnt = 1;
7724 ret = libbpf_ensure_mem((void **)&obj->fd_array, &obj->fd_array_cap, sizeof(int),
7725 obj->fd_array_cnt + 1);
7728 mod_btf->fd_array_idx = obj->fd_array_cnt;
7729 /* we assume module BTF FD is always >0 */
7730 obj->fd_array[obj->fd_array_cnt++] = mod_btf->fd;
7734 ext->ksym.kernel_btf_id = kfunc_id;
7735 ext->ksym.btf_fd_idx = mod_btf ? mod_btf->fd_array_idx : 0;
7736 pr_debug("extern (func ksym) '%s': resolved to kernel [%d]\n",
7737 ext->name, kfunc_id);
7742 static int bpf_object__resolve_ksyms_btf_id(struct bpf_object *obj)
7744 const struct btf_type *t;
7745 struct extern_desc *ext;
7748 for (i = 0; i < obj->nr_extern; i++) {
7749 ext = &obj->externs[i];
7750 if (ext->type != EXT_KSYM || !ext->ksym.type_id)
7753 if (obj->gen_loader) {
7755 ext->ksym.kernel_btf_obj_fd = 0;
7756 ext->ksym.kernel_btf_id = 0;
7759 t = btf__type_by_id(obj->btf, ext->btf_id);
7761 err = bpf_object__resolve_ksym_var_btf_id(obj, ext);
7763 err = bpf_object__resolve_ksym_func_btf_id(obj, ext);
7770 static int bpf_object__resolve_externs(struct bpf_object *obj,
7771 const char *extra_kconfig)
7773 bool need_config = false, need_kallsyms = false;
7774 bool need_vmlinux_btf = false;
7775 struct extern_desc *ext;
7776 void *kcfg_data = NULL;
7779 if (obj->nr_extern == 0)
7782 if (obj->kconfig_map_idx >= 0)
7783 kcfg_data = obj->maps[obj->kconfig_map_idx].mmaped;
7785 for (i = 0; i < obj->nr_extern; i++) {
7786 ext = &obj->externs[i];
7788 if (ext->type == EXT_KCFG &&
7789 strcmp(ext->name, "LINUX_KERNEL_VERSION") == 0) {
7790 void *ext_val = kcfg_data + ext->kcfg.data_off;
7791 __u32 kver = get_kernel_version();
7794 pr_warn("failed to get kernel version\n");
7797 err = set_kcfg_value_num(ext, ext_val, kver);
7800 pr_debug("extern (kcfg) %s=0x%x\n", ext->name, kver);
7801 } else if (ext->type == EXT_KCFG && str_has_pfx(ext->name, "CONFIG_")) {
7803 } else if (ext->type == EXT_KSYM) {
7804 if (ext->ksym.type_id)
7805 need_vmlinux_btf = true;
7807 need_kallsyms = true;
7809 pr_warn("unrecognized extern '%s'\n", ext->name);
7813 if (need_config && extra_kconfig) {
7814 err = bpf_object__read_kconfig_mem(obj, extra_kconfig, kcfg_data);
7817 need_config = false;
7818 for (i = 0; i < obj->nr_extern; i++) {
7819 ext = &obj->externs[i];
7820 if (ext->type == EXT_KCFG && !ext->is_set) {
7827 err = bpf_object__read_kconfig_file(obj, kcfg_data);
7831 if (need_kallsyms) {
7832 err = bpf_object__read_kallsyms_file(obj);
7836 if (need_vmlinux_btf) {
7837 err = bpf_object__resolve_ksyms_btf_id(obj);
7841 for (i = 0; i < obj->nr_extern; i++) {
7842 ext = &obj->externs[i];
7844 if (!ext->is_set && !ext->is_weak) {
7845 pr_warn("extern %s (strong) not resolved\n", ext->name);
7847 } else if (!ext->is_set) {
7848 pr_debug("extern %s (weak) not resolved, defaulting to zero\n",
7856 static int bpf_object_load(struct bpf_object *obj, int extra_log_level, const char *target_btf_path)
7861 return libbpf_err(-EINVAL);
7864 pr_warn("object '%s': load can't be attempted twice\n", obj->name);
7865 return libbpf_err(-EINVAL);
7868 if (obj->gen_loader)
7869 bpf_gen__init(obj->gen_loader, extra_log_level, obj->nr_programs, obj->nr_maps);
7871 err = bpf_object__probe_loading(obj);
7872 err = err ? : bpf_object__load_vmlinux_btf(obj, false);
7873 err = err ? : bpf_object__resolve_externs(obj, obj->kconfig);
7874 err = err ? : bpf_object__sanitize_and_load_btf(obj);
7875 err = err ? : bpf_object__sanitize_maps(obj);
7876 err = err ? : bpf_object__init_kern_struct_ops_maps(obj);
7877 err = err ? : bpf_object__create_maps(obj);
7878 err = err ? : bpf_object__relocate(obj, obj->btf_custom_path ? : target_btf_path);
7879 err = err ? : bpf_object__load_progs(obj, extra_log_level);
7880 err = err ? : bpf_object_init_prog_arrays(obj);
7882 if (obj->gen_loader) {
7885 btf__set_fd(obj->btf, -1);
7886 for (i = 0; i < obj->nr_maps; i++)
7887 obj->maps[i].fd = -1;
7889 err = bpf_gen__finish(obj->gen_loader, obj->nr_programs, obj->nr_maps);
7892 /* clean up fd_array */
7893 zfree(&obj->fd_array);
7895 /* clean up module BTFs */
7896 for (i = 0; i < obj->btf_module_cnt; i++) {
7897 close(obj->btf_modules[i].fd);
7898 btf__free(obj->btf_modules[i].btf);
7899 free(obj->btf_modules[i].name);
7901 free(obj->btf_modules);
7903 /* clean up vmlinux BTF */
7904 btf__free(obj->btf_vmlinux);
7905 obj->btf_vmlinux = NULL;
7907 obj->loaded = true; /* doesn't matter if successfully or not */
7914 /* unpin any maps that were auto-pinned during load */
7915 for (i = 0; i < obj->nr_maps; i++)
7916 if (obj->maps[i].pinned && !obj->maps[i].reused)
7917 bpf_map__unpin(&obj->maps[i], NULL);
7919 bpf_object_unload(obj);
7920 pr_warn("failed to load object '%s'\n", obj->path);
7921 return libbpf_err(err);
7924 int bpf_object__load_xattr(struct bpf_object_load_attr *attr)
7926 return bpf_object_load(attr->obj, attr->log_level, attr->target_btf_path);
7929 int bpf_object__load(struct bpf_object *obj)
7931 return bpf_object_load(obj, 0, NULL);
7934 static int make_parent_dir(const char *path)
7936 char *cp, errmsg[STRERR_BUFSIZE];
7940 dname = strdup(path);
7944 dir = dirname(dname);
7945 if (mkdir(dir, 0700) && errno != EEXIST)
7950 cp = libbpf_strerror_r(-err, errmsg, sizeof(errmsg));
7951 pr_warn("failed to mkdir %s: %s\n", path, cp);
7956 static int check_path(const char *path)
7958 char *cp, errmsg[STRERR_BUFSIZE];
7959 struct statfs st_fs;
7966 dname = strdup(path);
7970 dir = dirname(dname);
7971 if (statfs(dir, &st_fs)) {
7972 cp = libbpf_strerror_r(errno, errmsg, sizeof(errmsg));
7973 pr_warn("failed to statfs %s: %s\n", dir, cp);
7978 if (!err && st_fs.f_type != BPF_FS_MAGIC) {
7979 pr_warn("specified path %s is not on BPF FS\n", path);
7986 static int bpf_program_pin_instance(struct bpf_program *prog, const char *path, int instance)
7988 char *cp, errmsg[STRERR_BUFSIZE];
7991 err = make_parent_dir(path);
7993 return libbpf_err(err);
7995 err = check_path(path);
7997 return libbpf_err(err);
8000 pr_warn("invalid program pointer\n");
8001 return libbpf_err(-EINVAL);
8004 if (instance < 0 || instance >= prog->instances.nr) {
8005 pr_warn("invalid prog instance %d of prog %s (max %d)\n",
8006 instance, prog->name, prog->instances.nr);
8007 return libbpf_err(-EINVAL);
8010 if (bpf_obj_pin(prog->instances.fds[instance], path)) {
8012 cp = libbpf_strerror_r(err, errmsg, sizeof(errmsg));
8013 pr_warn("failed to pin program: %s\n", cp);
8014 return libbpf_err(err);
8016 pr_debug("pinned program '%s'\n", path);
8021 static int bpf_program_unpin_instance(struct bpf_program *prog, const char *path, int instance)
8025 err = check_path(path);
8027 return libbpf_err(err);
8030 pr_warn("invalid program pointer\n");
8031 return libbpf_err(-EINVAL);
8034 if (instance < 0 || instance >= prog->instances.nr) {
8035 pr_warn("invalid prog instance %d of prog %s (max %d)\n",
8036 instance, prog->name, prog->instances.nr);
8037 return libbpf_err(-EINVAL);
8042 return libbpf_err(-errno);
8044 pr_debug("unpinned program '%s'\n", path);
8049 __attribute__((alias("bpf_program_pin_instance")))
8050 int bpf_object__pin_instance(struct bpf_program *prog, const char *path, int instance);
8052 __attribute__((alias("bpf_program_unpin_instance")))
8053 int bpf_program__unpin_instance(struct bpf_program *prog, const char *path, int instance);
8055 int bpf_program__pin(struct bpf_program *prog, const char *path)
8059 err = make_parent_dir(path);
8061 return libbpf_err(err);
8063 err = check_path(path);
8065 return libbpf_err(err);
8068 pr_warn("invalid program pointer\n");
8069 return libbpf_err(-EINVAL);
8072 if (prog->instances.nr <= 0) {
8073 pr_warn("no instances of prog %s to pin\n", prog->name);
8074 return libbpf_err(-EINVAL);
8077 if (prog->instances.nr == 1) {
8078 /* don't create subdirs when pinning single instance */
8079 return bpf_program_pin_instance(prog, path, 0);
8082 for (i = 0; i < prog->instances.nr; i++) {
8086 len = snprintf(buf, PATH_MAX, "%s/%d", path, i);
8090 } else if (len >= PATH_MAX) {
8091 err = -ENAMETOOLONG;
8095 err = bpf_program_pin_instance(prog, buf, i);
8103 for (i = i - 1; i >= 0; i--) {
8107 len = snprintf(buf, PATH_MAX, "%s/%d", path, i);
8110 else if (len >= PATH_MAX)
8113 bpf_program_unpin_instance(prog, buf, i);
8118 return libbpf_err(err);
8121 int bpf_program__unpin(struct bpf_program *prog, const char *path)
8125 err = check_path(path);
8127 return libbpf_err(err);
8130 pr_warn("invalid program pointer\n");
8131 return libbpf_err(-EINVAL);
8134 if (prog->instances.nr <= 0) {
8135 pr_warn("no instances of prog %s to pin\n", prog->name);
8136 return libbpf_err(-EINVAL);
8139 if (prog->instances.nr == 1) {
8140 /* don't create subdirs when pinning single instance */
8141 return bpf_program_unpin_instance(prog, path, 0);
8144 for (i = 0; i < prog->instances.nr; i++) {
8148 len = snprintf(buf, PATH_MAX, "%s/%d", path, i);
8150 return libbpf_err(-EINVAL);
8151 else if (len >= PATH_MAX)
8152 return libbpf_err(-ENAMETOOLONG);
8154 err = bpf_program_unpin_instance(prog, buf, i);
8161 return libbpf_err(-errno);
8166 int bpf_map__pin(struct bpf_map *map, const char *path)
8168 char *cp, errmsg[STRERR_BUFSIZE];
8172 pr_warn("invalid map pointer\n");
8173 return libbpf_err(-EINVAL);
8176 if (map->pin_path) {
8177 if (path && strcmp(path, map->pin_path)) {
8178 pr_warn("map '%s' already has pin path '%s' different from '%s'\n",
8179 bpf_map__name(map), map->pin_path, path);
8180 return libbpf_err(-EINVAL);
8181 } else if (map->pinned) {
8182 pr_debug("map '%s' already pinned at '%s'; not re-pinning\n",
8183 bpf_map__name(map), map->pin_path);
8188 pr_warn("missing a path to pin map '%s' at\n",
8189 bpf_map__name(map));
8190 return libbpf_err(-EINVAL);
8191 } else if (map->pinned) {
8192 pr_warn("map '%s' already pinned\n", bpf_map__name(map));
8193 return libbpf_err(-EEXIST);
8196 map->pin_path = strdup(path);
8197 if (!map->pin_path) {
8203 err = make_parent_dir(map->pin_path);
8205 return libbpf_err(err);
8207 err = check_path(map->pin_path);
8209 return libbpf_err(err);
8211 if (bpf_obj_pin(map->fd, map->pin_path)) {
8217 pr_debug("pinned map '%s'\n", map->pin_path);
8222 cp = libbpf_strerror_r(-err, errmsg, sizeof(errmsg));
8223 pr_warn("failed to pin map: %s\n", cp);
8224 return libbpf_err(err);
8227 int bpf_map__unpin(struct bpf_map *map, const char *path)
8232 pr_warn("invalid map pointer\n");
8233 return libbpf_err(-EINVAL);
8236 if (map->pin_path) {
8237 if (path && strcmp(path, map->pin_path)) {
8238 pr_warn("map '%s' already has pin path '%s' different from '%s'\n",
8239 bpf_map__name(map), map->pin_path, path);
8240 return libbpf_err(-EINVAL);
8242 path = map->pin_path;
8244 pr_warn("no path to unpin map '%s' from\n",
8245 bpf_map__name(map));
8246 return libbpf_err(-EINVAL);
8249 err = check_path(path);
8251 return libbpf_err(err);
8255 return libbpf_err(-errno);
8257 map->pinned = false;
8258 pr_debug("unpinned map '%s' from '%s'\n", bpf_map__name(map), path);
8263 int bpf_map__set_pin_path(struct bpf_map *map, const char *path)
8270 return libbpf_err(-errno);
8273 free(map->pin_path);
8274 map->pin_path = new;
8278 __alias(bpf_map__pin_path)
8279 const char *bpf_map__get_pin_path(const struct bpf_map *map);
8281 const char *bpf_map__pin_path(const struct bpf_map *map)
8283 return map->pin_path;
8286 bool bpf_map__is_pinned(const struct bpf_map *map)
8291 static void sanitize_pin_path(char *s)
8293 /* bpffs disallows periods in path names */
8301 int bpf_object__pin_maps(struct bpf_object *obj, const char *path)
8303 struct bpf_map *map;
8307 return libbpf_err(-ENOENT);
8310 pr_warn("object not yet loaded; load it first\n");
8311 return libbpf_err(-ENOENT);
8314 bpf_object__for_each_map(map, obj) {
8315 char *pin_path = NULL;
8318 if (!map->autocreate)
8324 len = snprintf(buf, PATH_MAX, "%s/%s", path,
8325 bpf_map__name(map));
8328 goto err_unpin_maps;
8329 } else if (len >= PATH_MAX) {
8330 err = -ENAMETOOLONG;
8331 goto err_unpin_maps;
8333 sanitize_pin_path(buf);
8335 } else if (!map->pin_path) {
8339 err = bpf_map__pin(map, pin_path);
8341 goto err_unpin_maps;
8347 while ((map = bpf_object__prev_map(obj, map))) {
8351 bpf_map__unpin(map, NULL);
8354 return libbpf_err(err);
8357 int bpf_object__unpin_maps(struct bpf_object *obj, const char *path)
8359 struct bpf_map *map;
8363 return libbpf_err(-ENOENT);
8365 bpf_object__for_each_map(map, obj) {
8366 char *pin_path = NULL;
8372 len = snprintf(buf, PATH_MAX, "%s/%s", path,
8373 bpf_map__name(map));
8375 return libbpf_err(-EINVAL);
8376 else if (len >= PATH_MAX)
8377 return libbpf_err(-ENAMETOOLONG);
8378 sanitize_pin_path(buf);
8380 } else if (!map->pin_path) {
8384 err = bpf_map__unpin(map, pin_path);
8386 return libbpf_err(err);
8392 int bpf_object__pin_programs(struct bpf_object *obj, const char *path)
8394 struct bpf_program *prog;
8398 return libbpf_err(-ENOENT);
8401 pr_warn("object not yet loaded; load it first\n");
8402 return libbpf_err(-ENOENT);
8405 bpf_object__for_each_program(prog, obj) {
8409 len = snprintf(buf, PATH_MAX, "%s/%s", path,
8413 goto err_unpin_programs;
8414 } else if (len >= PATH_MAX) {
8415 err = -ENAMETOOLONG;
8416 goto err_unpin_programs;
8419 err = bpf_program__pin(prog, buf);
8421 goto err_unpin_programs;
8427 while ((prog = bpf_object__prev_program(obj, prog))) {
8431 len = snprintf(buf, PATH_MAX, "%s/%s", path,
8435 else if (len >= PATH_MAX)
8438 bpf_program__unpin(prog, buf);
8441 return libbpf_err(err);
8444 int bpf_object__unpin_programs(struct bpf_object *obj, const char *path)
8446 struct bpf_program *prog;
8450 return libbpf_err(-ENOENT);
8452 bpf_object__for_each_program(prog, obj) {
8456 len = snprintf(buf, PATH_MAX, "%s/%s", path,
8459 return libbpf_err(-EINVAL);
8460 else if (len >= PATH_MAX)
8461 return libbpf_err(-ENAMETOOLONG);
8463 err = bpf_program__unpin(prog, buf);
8465 return libbpf_err(err);
8471 int bpf_object__pin(struct bpf_object *obj, const char *path)
8475 err = bpf_object__pin_maps(obj, path);
8477 return libbpf_err(err);
8479 err = bpf_object__pin_programs(obj, path);
8481 bpf_object__unpin_maps(obj, path);
8482 return libbpf_err(err);
8488 static void bpf_map__destroy(struct bpf_map *map)
8490 if (map->clear_priv)
8491 map->clear_priv(map, map->priv);
8493 map->clear_priv = NULL;
8495 if (map->inner_map) {
8496 bpf_map__destroy(map->inner_map);
8497 zfree(&map->inner_map);
8500 zfree(&map->init_slots);
8501 map->init_slots_sz = 0;
8504 munmap(map->mmaped, bpf_map_mmap_sz(map));
8509 zfree(&map->st_ops->data);
8510 zfree(&map->st_ops->progs);
8511 zfree(&map->st_ops->kern_func_off);
8512 zfree(&map->st_ops);
8516 zfree(&map->real_name);
8517 zfree(&map->pin_path);
8523 void bpf_object__close(struct bpf_object *obj)
8527 if (IS_ERR_OR_NULL(obj))
8530 if (obj->clear_priv)
8531 obj->clear_priv(obj, obj->priv);
8533 usdt_manager_free(obj->usdt_man);
8534 obj->usdt_man = NULL;
8536 bpf_gen__free(obj->gen_loader);
8537 bpf_object__elf_finish(obj);
8538 bpf_object_unload(obj);
8539 btf__free(obj->btf);
8540 btf_ext__free(obj->btf_ext);
8542 for (i = 0; i < obj->nr_maps; i++)
8543 bpf_map__destroy(&obj->maps[i]);
8545 zfree(&obj->btf_custom_path);
8546 zfree(&obj->kconfig);
8547 zfree(&obj->externs);
8553 if (obj->programs && obj->nr_programs) {
8554 for (i = 0; i < obj->nr_programs; i++)
8555 bpf_program__exit(&obj->programs[i]);
8557 zfree(&obj->programs);
8559 list_del(&obj->list);
8564 bpf_object__next(struct bpf_object *prev)
8566 struct bpf_object *next;
8567 bool strict = (libbpf_mode & LIBBPF_STRICT_NO_OBJECT_LIST);
8573 next = list_first_entry(&bpf_objects_list,
8577 next = list_next_entry(prev, list);
8579 /* Empty list is noticed here so don't need checking on entry. */
8580 if (&next->list == &bpf_objects_list)
8586 const char *bpf_object__name(const struct bpf_object *obj)
8588 return obj ? obj->name : libbpf_err_ptr(-EINVAL);
8591 unsigned int bpf_object__kversion(const struct bpf_object *obj)
8593 return obj ? obj->kern_version : 0;
8596 struct btf *bpf_object__btf(const struct bpf_object *obj)
8598 return obj ? obj->btf : NULL;
8601 int bpf_object__btf_fd(const struct bpf_object *obj)
8603 return obj->btf ? btf__fd(obj->btf) : -1;
8606 int bpf_object__set_kversion(struct bpf_object *obj, __u32 kern_version)
8609 return libbpf_err(-EINVAL);
8611 obj->kern_version = kern_version;
8616 int bpf_object__set_priv(struct bpf_object *obj, void *priv,
8617 bpf_object_clear_priv_t clear_priv)
8619 if (obj->priv && obj->clear_priv)
8620 obj->clear_priv(obj, obj->priv);
8623 obj->clear_priv = clear_priv;
8627 void *bpf_object__priv(const struct bpf_object *obj)
8629 return obj ? obj->priv : libbpf_err_ptr(-EINVAL);
8632 int bpf_object__gen_loader(struct bpf_object *obj, struct gen_loader_opts *opts)
8634 struct bpf_gen *gen;
8638 if (!OPTS_VALID(opts, gen_loader_opts))
8640 gen = calloc(sizeof(*gen), 1);
8644 obj->gen_loader = gen;
8648 static struct bpf_program *
8649 __bpf_program__iter(const struct bpf_program *p, const struct bpf_object *obj,
8652 size_t nr_programs = obj->nr_programs;
8659 /* Iter from the beginning */
8660 return forward ? &obj->programs[0] :
8661 &obj->programs[nr_programs - 1];
8663 if (p->obj != obj) {
8664 pr_warn("error: program handler doesn't match object\n");
8665 return errno = EINVAL, NULL;
8668 idx = (p - obj->programs) + (forward ? 1 : -1);
8669 if (idx >= obj->nr_programs || idx < 0)
8671 return &obj->programs[idx];
8674 struct bpf_program *
8675 bpf_program__next(struct bpf_program *prev, const struct bpf_object *obj)
8677 return bpf_object__next_program(obj, prev);
8680 struct bpf_program *
8681 bpf_object__next_program(const struct bpf_object *obj, struct bpf_program *prev)
8683 struct bpf_program *prog = prev;
8686 prog = __bpf_program__iter(prog, obj, true);
8687 } while (prog && prog_is_subprog(obj, prog));
8692 struct bpf_program *
8693 bpf_program__prev(struct bpf_program *next, const struct bpf_object *obj)
8695 return bpf_object__prev_program(obj, next);
8698 struct bpf_program *
8699 bpf_object__prev_program(const struct bpf_object *obj, struct bpf_program *next)
8701 struct bpf_program *prog = next;
8704 prog = __bpf_program__iter(prog, obj, false);
8705 } while (prog && prog_is_subprog(obj, prog));
8710 int bpf_program__set_priv(struct bpf_program *prog, void *priv,
8711 bpf_program_clear_priv_t clear_priv)
8713 if (prog->priv && prog->clear_priv)
8714 prog->clear_priv(prog, prog->priv);
8717 prog->clear_priv = clear_priv;
8721 void *bpf_program__priv(const struct bpf_program *prog)
8723 return prog ? prog->priv : libbpf_err_ptr(-EINVAL);
8726 void bpf_program__set_ifindex(struct bpf_program *prog, __u32 ifindex)
8728 prog->prog_ifindex = ifindex;
8731 const char *bpf_program__name(const struct bpf_program *prog)
8736 const char *bpf_program__section_name(const struct bpf_program *prog)
8738 return prog->sec_name;
8741 const char *bpf_program__title(const struct bpf_program *prog, bool needs_copy)
8745 title = prog->sec_name;
8747 title = strdup(title);
8749 pr_warn("failed to strdup program title\n");
8750 return libbpf_err_ptr(-ENOMEM);
8757 bool bpf_program__autoload(const struct bpf_program *prog)
8759 return prog->autoload;
8762 int bpf_program__set_autoload(struct bpf_program *prog, bool autoload)
8764 if (prog->obj->loaded)
8765 return libbpf_err(-EINVAL);
8767 prog->autoload = autoload;
8771 static int bpf_program_nth_fd(const struct bpf_program *prog, int n);
8773 int bpf_program__fd(const struct bpf_program *prog)
8775 return bpf_program_nth_fd(prog, 0);
8778 size_t bpf_program__size(const struct bpf_program *prog)
8780 return prog->insns_cnt * BPF_INSN_SZ;
8783 const struct bpf_insn *bpf_program__insns(const struct bpf_program *prog)
8788 size_t bpf_program__insn_cnt(const struct bpf_program *prog)
8790 return prog->insns_cnt;
8793 int bpf_program__set_insns(struct bpf_program *prog,
8794 struct bpf_insn *new_insns, size_t new_insn_cnt)
8796 struct bpf_insn *insns;
8798 if (prog->obj->loaded)
8801 insns = libbpf_reallocarray(prog->insns, new_insn_cnt, sizeof(*insns));
8803 pr_warn("prog '%s': failed to realloc prog code\n", prog->name);
8806 memcpy(insns, new_insns, new_insn_cnt * sizeof(*insns));
8808 prog->insns = insns;
8809 prog->insns_cnt = new_insn_cnt;
8813 int bpf_program__set_prep(struct bpf_program *prog, int nr_instances,
8814 bpf_program_prep_t prep)
8818 if (nr_instances <= 0 || !prep)
8819 return libbpf_err(-EINVAL);
8821 if (prog->instances.nr > 0 || prog->instances.fds) {
8822 pr_warn("Can't set pre-processor after loading\n");
8823 return libbpf_err(-EINVAL);
8826 instances_fds = malloc(sizeof(int) * nr_instances);
8827 if (!instances_fds) {
8828 pr_warn("alloc memory failed for fds\n");
8829 return libbpf_err(-ENOMEM);
8832 /* fill all fd with -1 */
8833 memset(instances_fds, -1, sizeof(int) * nr_instances);
8835 prog->instances.nr = nr_instances;
8836 prog->instances.fds = instances_fds;
8837 prog->preprocessor = prep;
8841 __attribute__((alias("bpf_program_nth_fd")))
8842 int bpf_program__nth_fd(const struct bpf_program *prog, int n);
8844 static int bpf_program_nth_fd(const struct bpf_program *prog, int n)
8849 return libbpf_err(-EINVAL);
8851 if (n >= prog->instances.nr || n < 0) {
8852 pr_warn("Can't get the %dth fd from program %s: only %d instances\n",
8853 n, prog->name, prog->instances.nr);
8854 return libbpf_err(-EINVAL);
8857 fd = prog->instances.fds[n];
8859 pr_warn("%dth instance of program '%s' is invalid\n",
8861 return libbpf_err(-ENOENT);
8867 __alias(bpf_program__type)
8868 enum bpf_prog_type bpf_program__get_type(const struct bpf_program *prog);
8870 enum bpf_prog_type bpf_program__type(const struct bpf_program *prog)
8875 int bpf_program__set_type(struct bpf_program *prog, enum bpf_prog_type type)
8877 if (prog->obj->loaded)
8878 return libbpf_err(-EBUSY);
8884 static bool bpf_program__is_type(const struct bpf_program *prog,
8885 enum bpf_prog_type type)
8887 return prog ? (prog->type == type) : false;
8890 #define BPF_PROG_TYPE_FNS(NAME, TYPE) \
8891 int bpf_program__set_##NAME(struct bpf_program *prog) \
8894 return libbpf_err(-EINVAL); \
8895 return bpf_program__set_type(prog, TYPE); \
8898 bool bpf_program__is_##NAME(const struct bpf_program *prog) \
8900 return bpf_program__is_type(prog, TYPE); \
8903 BPF_PROG_TYPE_FNS(socket_filter, BPF_PROG_TYPE_SOCKET_FILTER);
8904 BPF_PROG_TYPE_FNS(lsm, BPF_PROG_TYPE_LSM);
8905 BPF_PROG_TYPE_FNS(kprobe, BPF_PROG_TYPE_KPROBE);
8906 BPF_PROG_TYPE_FNS(sched_cls, BPF_PROG_TYPE_SCHED_CLS);
8907 BPF_PROG_TYPE_FNS(sched_act, BPF_PROG_TYPE_SCHED_ACT);
8908 BPF_PROG_TYPE_FNS(tracepoint, BPF_PROG_TYPE_TRACEPOINT);
8909 BPF_PROG_TYPE_FNS(raw_tracepoint, BPF_PROG_TYPE_RAW_TRACEPOINT);
8910 BPF_PROG_TYPE_FNS(xdp, BPF_PROG_TYPE_XDP);
8911 BPF_PROG_TYPE_FNS(perf_event, BPF_PROG_TYPE_PERF_EVENT);
8912 BPF_PROG_TYPE_FNS(tracing, BPF_PROG_TYPE_TRACING);
8913 BPF_PROG_TYPE_FNS(struct_ops, BPF_PROG_TYPE_STRUCT_OPS);
8914 BPF_PROG_TYPE_FNS(extension, BPF_PROG_TYPE_EXT);
8915 BPF_PROG_TYPE_FNS(sk_lookup, BPF_PROG_TYPE_SK_LOOKUP);
8917 __alias(bpf_program__expected_attach_type)
8918 enum bpf_attach_type bpf_program__get_expected_attach_type(const struct bpf_program *prog);
8920 enum bpf_attach_type bpf_program__expected_attach_type(const struct bpf_program *prog)
8922 return prog->expected_attach_type;
8925 int bpf_program__set_expected_attach_type(struct bpf_program *prog,
8926 enum bpf_attach_type type)
8928 if (prog->obj->loaded)
8929 return libbpf_err(-EBUSY);
8931 prog->expected_attach_type = type;
8935 __u32 bpf_program__flags(const struct bpf_program *prog)
8937 return prog->prog_flags;
8940 int bpf_program__set_flags(struct bpf_program *prog, __u32 flags)
8942 if (prog->obj->loaded)
8943 return libbpf_err(-EBUSY);
8945 prog->prog_flags = flags;
8949 __u32 bpf_program__log_level(const struct bpf_program *prog)
8951 return prog->log_level;
8954 int bpf_program__set_log_level(struct bpf_program *prog, __u32 log_level)
8956 if (prog->obj->loaded)
8957 return libbpf_err(-EBUSY);
8959 prog->log_level = log_level;
8963 const char *bpf_program__log_buf(const struct bpf_program *prog, size_t *log_size)
8965 *log_size = prog->log_size;
8966 return prog->log_buf;
8969 int bpf_program__set_log_buf(struct bpf_program *prog, char *log_buf, size_t log_size)
8971 if (log_size && !log_buf)
8973 if (prog->log_size > UINT_MAX)
8975 if (prog->obj->loaded)
8978 prog->log_buf = log_buf;
8979 prog->log_size = log_size;
8983 #define SEC_DEF(sec_pfx, ptype, atype, flags, ...) { \
8984 .sec = (char *)sec_pfx, \
8985 .prog_type = BPF_PROG_TYPE_##ptype, \
8986 .expected_attach_type = atype, \
8987 .cookie = (long)(flags), \
8988 .prog_prepare_load_fn = libbpf_prepare_prog_load, \
8992 static int attach_kprobe(const struct bpf_program *prog, long cookie, struct bpf_link **link);
8993 static int attach_uprobe(const struct bpf_program *prog, long cookie, struct bpf_link **link);
8994 static int attach_usdt(const struct bpf_program *prog, long cookie, struct bpf_link **link);
8995 static int attach_tp(const struct bpf_program *prog, long cookie, struct bpf_link **link);
8996 static int attach_raw_tp(const struct bpf_program *prog, long cookie, struct bpf_link **link);
8997 static int attach_trace(const struct bpf_program *prog, long cookie, struct bpf_link **link);
8998 static int attach_kprobe_multi(const struct bpf_program *prog, long cookie, struct bpf_link **link);
8999 static int attach_lsm(const struct bpf_program *prog, long cookie, struct bpf_link **link);
9000 static int attach_iter(const struct bpf_program *prog, long cookie, struct bpf_link **link);
9002 static const struct bpf_sec_def section_defs[] = {
9003 SEC_DEF("socket", SOCKET_FILTER, 0, SEC_NONE | SEC_SLOPPY_PFX),
9004 SEC_DEF("sk_reuseport/migrate", SK_REUSEPORT, BPF_SK_REUSEPORT_SELECT_OR_MIGRATE, SEC_ATTACHABLE | SEC_SLOPPY_PFX),
9005 SEC_DEF("sk_reuseport", SK_REUSEPORT, BPF_SK_REUSEPORT_SELECT, SEC_ATTACHABLE | SEC_SLOPPY_PFX),
9006 SEC_DEF("kprobe+", KPROBE, 0, SEC_NONE, attach_kprobe),
9007 SEC_DEF("uprobe+", KPROBE, 0, SEC_NONE, attach_uprobe),
9008 SEC_DEF("kretprobe+", KPROBE, 0, SEC_NONE, attach_kprobe),
9009 SEC_DEF("uretprobe+", KPROBE, 0, SEC_NONE, attach_uprobe),
9010 SEC_DEF("kprobe.multi+", KPROBE, BPF_TRACE_KPROBE_MULTI, SEC_NONE, attach_kprobe_multi),
9011 SEC_DEF("kretprobe.multi+", KPROBE, BPF_TRACE_KPROBE_MULTI, SEC_NONE, attach_kprobe_multi),
9012 SEC_DEF("usdt+", KPROBE, 0, SEC_NONE, attach_usdt),
9013 SEC_DEF("tc", SCHED_CLS, 0, SEC_NONE),
9014 SEC_DEF("classifier", SCHED_CLS, 0, SEC_NONE | SEC_SLOPPY_PFX | SEC_DEPRECATED),
9015 SEC_DEF("action", SCHED_ACT, 0, SEC_NONE | SEC_SLOPPY_PFX),
9016 SEC_DEF("tracepoint+", TRACEPOINT, 0, SEC_NONE, attach_tp),
9017 SEC_DEF("tp+", TRACEPOINT, 0, SEC_NONE, attach_tp),
9018 SEC_DEF("raw_tracepoint+", RAW_TRACEPOINT, 0, SEC_NONE, attach_raw_tp),
9019 SEC_DEF("raw_tp+", RAW_TRACEPOINT, 0, SEC_NONE, attach_raw_tp),
9020 SEC_DEF("raw_tracepoint.w+", RAW_TRACEPOINT_WRITABLE, 0, SEC_NONE, attach_raw_tp),
9021 SEC_DEF("raw_tp.w+", RAW_TRACEPOINT_WRITABLE, 0, SEC_NONE, attach_raw_tp),
9022 SEC_DEF("tp_btf+", TRACING, BPF_TRACE_RAW_TP, SEC_ATTACH_BTF, attach_trace),
9023 SEC_DEF("fentry+", TRACING, BPF_TRACE_FENTRY, SEC_ATTACH_BTF, attach_trace),
9024 SEC_DEF("fmod_ret+", TRACING, BPF_MODIFY_RETURN, SEC_ATTACH_BTF, attach_trace),
9025 SEC_DEF("fexit+", TRACING, BPF_TRACE_FEXIT, SEC_ATTACH_BTF, attach_trace),
9026 SEC_DEF("fentry.s+", TRACING, BPF_TRACE_FENTRY, SEC_ATTACH_BTF | SEC_SLEEPABLE, attach_trace),
9027 SEC_DEF("fmod_ret.s+", TRACING, BPF_MODIFY_RETURN, SEC_ATTACH_BTF | SEC_SLEEPABLE, attach_trace),
9028 SEC_DEF("fexit.s+", TRACING, BPF_TRACE_FEXIT, SEC_ATTACH_BTF | SEC_SLEEPABLE, attach_trace),
9029 SEC_DEF("freplace+", EXT, 0, SEC_ATTACH_BTF, attach_trace),
9030 SEC_DEF("lsm+", LSM, BPF_LSM_MAC, SEC_ATTACH_BTF, attach_lsm),
9031 SEC_DEF("lsm.s+", LSM, BPF_LSM_MAC, SEC_ATTACH_BTF | SEC_SLEEPABLE, attach_lsm),
9032 SEC_DEF("iter+", TRACING, BPF_TRACE_ITER, SEC_ATTACH_BTF, attach_iter),
9033 SEC_DEF("iter.s+", TRACING, BPF_TRACE_ITER, SEC_ATTACH_BTF | SEC_SLEEPABLE, attach_iter),
9034 SEC_DEF("syscall", SYSCALL, 0, SEC_SLEEPABLE),
9035 SEC_DEF("xdp.frags/devmap", XDP, BPF_XDP_DEVMAP, SEC_XDP_FRAGS),
9036 SEC_DEF("xdp/devmap", XDP, BPF_XDP_DEVMAP, SEC_ATTACHABLE),
9037 SEC_DEF("xdp_devmap/", XDP, BPF_XDP_DEVMAP, SEC_ATTACHABLE | SEC_DEPRECATED),
9038 SEC_DEF("xdp.frags/cpumap", XDP, BPF_XDP_CPUMAP, SEC_XDP_FRAGS),
9039 SEC_DEF("xdp/cpumap", XDP, BPF_XDP_CPUMAP, SEC_ATTACHABLE),
9040 SEC_DEF("xdp_cpumap/", XDP, BPF_XDP_CPUMAP, SEC_ATTACHABLE | SEC_DEPRECATED),
9041 SEC_DEF("xdp.frags", XDP, BPF_XDP, SEC_XDP_FRAGS),
9042 SEC_DEF("xdp", XDP, BPF_XDP, SEC_ATTACHABLE_OPT | SEC_SLOPPY_PFX),
9043 SEC_DEF("perf_event", PERF_EVENT, 0, SEC_NONE | SEC_SLOPPY_PFX),
9044 SEC_DEF("lwt_in", LWT_IN, 0, SEC_NONE | SEC_SLOPPY_PFX),
9045 SEC_DEF("lwt_out", LWT_OUT, 0, SEC_NONE | SEC_SLOPPY_PFX),
9046 SEC_DEF("lwt_xmit", LWT_XMIT, 0, SEC_NONE | SEC_SLOPPY_PFX),
9047 SEC_DEF("lwt_seg6local", LWT_SEG6LOCAL, 0, SEC_NONE | SEC_SLOPPY_PFX),
9048 SEC_DEF("cgroup_skb/ingress", CGROUP_SKB, BPF_CGROUP_INET_INGRESS, SEC_ATTACHABLE_OPT | SEC_SLOPPY_PFX),
9049 SEC_DEF("cgroup_skb/egress", CGROUP_SKB, BPF_CGROUP_INET_EGRESS, SEC_ATTACHABLE_OPT | SEC_SLOPPY_PFX),
9050 SEC_DEF("cgroup/skb", CGROUP_SKB, 0, SEC_NONE | SEC_SLOPPY_PFX),
9051 SEC_DEF("cgroup/sock_create", CGROUP_SOCK, BPF_CGROUP_INET_SOCK_CREATE, SEC_ATTACHABLE | SEC_SLOPPY_PFX),
9052 SEC_DEF("cgroup/sock_release", CGROUP_SOCK, BPF_CGROUP_INET_SOCK_RELEASE, SEC_ATTACHABLE | SEC_SLOPPY_PFX),
9053 SEC_DEF("cgroup/sock", CGROUP_SOCK, BPF_CGROUP_INET_SOCK_CREATE, SEC_ATTACHABLE_OPT | SEC_SLOPPY_PFX),
9054 SEC_DEF("cgroup/post_bind4", CGROUP_SOCK, BPF_CGROUP_INET4_POST_BIND, SEC_ATTACHABLE | SEC_SLOPPY_PFX),
9055 SEC_DEF("cgroup/post_bind6", CGROUP_SOCK, BPF_CGROUP_INET6_POST_BIND, SEC_ATTACHABLE | SEC_SLOPPY_PFX),
9056 SEC_DEF("cgroup/dev", CGROUP_DEVICE, BPF_CGROUP_DEVICE, SEC_ATTACHABLE_OPT | SEC_SLOPPY_PFX),
9057 SEC_DEF("sockops", SOCK_OPS, BPF_CGROUP_SOCK_OPS, SEC_ATTACHABLE_OPT | SEC_SLOPPY_PFX),
9058 SEC_DEF("sk_skb/stream_parser", SK_SKB, BPF_SK_SKB_STREAM_PARSER, SEC_ATTACHABLE_OPT | SEC_SLOPPY_PFX),
9059 SEC_DEF("sk_skb/stream_verdict",SK_SKB, BPF_SK_SKB_STREAM_VERDICT, SEC_ATTACHABLE_OPT | SEC_SLOPPY_PFX),
9060 SEC_DEF("sk_skb", SK_SKB, 0, SEC_NONE | SEC_SLOPPY_PFX),
9061 SEC_DEF("sk_msg", SK_MSG, BPF_SK_MSG_VERDICT, SEC_ATTACHABLE_OPT | SEC_SLOPPY_PFX),
9062 SEC_DEF("lirc_mode2", LIRC_MODE2, BPF_LIRC_MODE2, SEC_ATTACHABLE_OPT | SEC_SLOPPY_PFX),
9063 SEC_DEF("flow_dissector", FLOW_DISSECTOR, BPF_FLOW_DISSECTOR, SEC_ATTACHABLE_OPT | SEC_SLOPPY_PFX),
9064 SEC_DEF("cgroup/bind4", CGROUP_SOCK_ADDR, BPF_CGROUP_INET4_BIND, SEC_ATTACHABLE | SEC_SLOPPY_PFX),
9065 SEC_DEF("cgroup/bind6", CGROUP_SOCK_ADDR, BPF_CGROUP_INET6_BIND, SEC_ATTACHABLE | SEC_SLOPPY_PFX),
9066 SEC_DEF("cgroup/connect4", CGROUP_SOCK_ADDR, BPF_CGROUP_INET4_CONNECT, SEC_ATTACHABLE | SEC_SLOPPY_PFX),
9067 SEC_DEF("cgroup/connect6", CGROUP_SOCK_ADDR, BPF_CGROUP_INET6_CONNECT, SEC_ATTACHABLE | SEC_SLOPPY_PFX),
9068 SEC_DEF("cgroup/sendmsg4", CGROUP_SOCK_ADDR, BPF_CGROUP_UDP4_SENDMSG, SEC_ATTACHABLE | SEC_SLOPPY_PFX),
9069 SEC_DEF("cgroup/sendmsg6", CGROUP_SOCK_ADDR, BPF_CGROUP_UDP6_SENDMSG, SEC_ATTACHABLE | SEC_SLOPPY_PFX),
9070 SEC_DEF("cgroup/recvmsg4", CGROUP_SOCK_ADDR, BPF_CGROUP_UDP4_RECVMSG, SEC_ATTACHABLE | SEC_SLOPPY_PFX),
9071 SEC_DEF("cgroup/recvmsg6", CGROUP_SOCK_ADDR, BPF_CGROUP_UDP6_RECVMSG, SEC_ATTACHABLE | SEC_SLOPPY_PFX),
9072 SEC_DEF("cgroup/getpeername4", CGROUP_SOCK_ADDR, BPF_CGROUP_INET4_GETPEERNAME, SEC_ATTACHABLE | SEC_SLOPPY_PFX),
9073 SEC_DEF("cgroup/getpeername6", CGROUP_SOCK_ADDR, BPF_CGROUP_INET6_GETPEERNAME, SEC_ATTACHABLE | SEC_SLOPPY_PFX),
9074 SEC_DEF("cgroup/getsockname4", CGROUP_SOCK_ADDR, BPF_CGROUP_INET4_GETSOCKNAME, SEC_ATTACHABLE | SEC_SLOPPY_PFX),
9075 SEC_DEF("cgroup/getsockname6", CGROUP_SOCK_ADDR, BPF_CGROUP_INET6_GETSOCKNAME, SEC_ATTACHABLE | SEC_SLOPPY_PFX),
9076 SEC_DEF("cgroup/sysctl", CGROUP_SYSCTL, BPF_CGROUP_SYSCTL, SEC_ATTACHABLE | SEC_SLOPPY_PFX),
9077 SEC_DEF("cgroup/getsockopt", CGROUP_SOCKOPT, BPF_CGROUP_GETSOCKOPT, SEC_ATTACHABLE | SEC_SLOPPY_PFX),
9078 SEC_DEF("cgroup/setsockopt", CGROUP_SOCKOPT, BPF_CGROUP_SETSOCKOPT, SEC_ATTACHABLE | SEC_SLOPPY_PFX),
9079 SEC_DEF("struct_ops+", STRUCT_OPS, 0, SEC_NONE),
9080 SEC_DEF("sk_lookup", SK_LOOKUP, BPF_SK_LOOKUP, SEC_ATTACHABLE | SEC_SLOPPY_PFX),
9083 static size_t custom_sec_def_cnt;
9084 static struct bpf_sec_def *custom_sec_defs;
9085 static struct bpf_sec_def custom_fallback_def;
9086 static bool has_custom_fallback_def;
9088 static int last_custom_sec_def_handler_id;
9090 int libbpf_register_prog_handler(const char *sec,
9091 enum bpf_prog_type prog_type,
9092 enum bpf_attach_type exp_attach_type,
9093 const struct libbpf_prog_handler_opts *opts)
9095 struct bpf_sec_def *sec_def;
9097 if (!OPTS_VALID(opts, libbpf_prog_handler_opts))
9098 return libbpf_err(-EINVAL);
9100 if (last_custom_sec_def_handler_id == INT_MAX) /* prevent overflow */
9101 return libbpf_err(-E2BIG);
9104 sec_def = libbpf_reallocarray(custom_sec_defs, custom_sec_def_cnt + 1,
9107 return libbpf_err(-ENOMEM);
9109 custom_sec_defs = sec_def;
9110 sec_def = &custom_sec_defs[custom_sec_def_cnt];
9112 if (has_custom_fallback_def)
9113 return libbpf_err(-EBUSY);
9115 sec_def = &custom_fallback_def;
9118 sec_def->sec = sec ? strdup(sec) : NULL;
9119 if (sec && !sec_def->sec)
9120 return libbpf_err(-ENOMEM);
9122 sec_def->prog_type = prog_type;
9123 sec_def->expected_attach_type = exp_attach_type;
9124 sec_def->cookie = OPTS_GET(opts, cookie, 0);
9126 sec_def->prog_setup_fn = OPTS_GET(opts, prog_setup_fn, NULL);
9127 sec_def->prog_prepare_load_fn = OPTS_GET(opts, prog_prepare_load_fn, NULL);
9128 sec_def->prog_attach_fn = OPTS_GET(opts, prog_attach_fn, NULL);
9130 sec_def->handler_id = ++last_custom_sec_def_handler_id;
9133 custom_sec_def_cnt++;
9135 has_custom_fallback_def = true;
9137 return sec_def->handler_id;
9140 int libbpf_unregister_prog_handler(int handler_id)
9142 struct bpf_sec_def *sec_defs;
9145 if (handler_id <= 0)
9146 return libbpf_err(-EINVAL);
9148 if (has_custom_fallback_def && custom_fallback_def.handler_id == handler_id) {
9149 memset(&custom_fallback_def, 0, sizeof(custom_fallback_def));
9150 has_custom_fallback_def = false;
9154 for (i = 0; i < custom_sec_def_cnt; i++) {
9155 if (custom_sec_defs[i].handler_id == handler_id)
9159 if (i == custom_sec_def_cnt)
9160 return libbpf_err(-ENOENT);
9162 free(custom_sec_defs[i].sec);
9163 for (i = i + 1; i < custom_sec_def_cnt; i++)
9164 custom_sec_defs[i - 1] = custom_sec_defs[i];
9165 custom_sec_def_cnt--;
9167 /* try to shrink the array, but it's ok if we couldn't */
9168 sec_defs = libbpf_reallocarray(custom_sec_defs, custom_sec_def_cnt, sizeof(*sec_defs));
9170 custom_sec_defs = sec_defs;
9175 static bool sec_def_matches(const struct bpf_sec_def *sec_def, const char *sec_name,
9178 size_t len = strlen(sec_def->sec);
9180 /* "type/" always has to have proper SEC("type/extras") form */
9181 if (sec_def->sec[len - 1] == '/') {
9182 if (str_has_pfx(sec_name, sec_def->sec))
9187 /* "type+" means it can be either exact SEC("type") or
9188 * well-formed SEC("type/extras") with proper '/' separator
9190 if (sec_def->sec[len - 1] == '+') {
9192 /* not even a prefix */
9193 if (strncmp(sec_name, sec_def->sec, len) != 0)
9195 /* exact match or has '/' separator */
9196 if (sec_name[len] == '\0' || sec_name[len] == '/')
9201 /* SEC_SLOPPY_PFX definitions are allowed to be just prefix
9202 * matches, unless strict section name mode
9203 * (LIBBPF_STRICT_SEC_NAME) is enabled, in which case the
9204 * match has to be exact.
9206 if (allow_sloppy && str_has_pfx(sec_name, sec_def->sec))
9209 /* Definitions not marked SEC_SLOPPY_PFX (e.g.,
9210 * SEC("syscall")) are exact matches in both modes.
9212 return strcmp(sec_name, sec_def->sec) == 0;
9215 static const struct bpf_sec_def *find_sec_def(const char *sec_name)
9217 const struct bpf_sec_def *sec_def;
9219 bool strict = libbpf_mode & LIBBPF_STRICT_SEC_NAME, allow_sloppy;
9221 n = custom_sec_def_cnt;
9222 for (i = 0; i < n; i++) {
9223 sec_def = &custom_sec_defs[i];
9224 if (sec_def_matches(sec_def, sec_name, false))
9228 n = ARRAY_SIZE(section_defs);
9229 for (i = 0; i < n; i++) {
9230 sec_def = §ion_defs[i];
9231 allow_sloppy = (sec_def->cookie & SEC_SLOPPY_PFX) && !strict;
9232 if (sec_def_matches(sec_def, sec_name, allow_sloppy))
9236 if (has_custom_fallback_def)
9237 return &custom_fallback_def;
9242 #define MAX_TYPE_NAME_SIZE 32
9244 static char *libbpf_get_type_names(bool attach_type)
9246 int i, len = ARRAY_SIZE(section_defs) * MAX_TYPE_NAME_SIZE;
9254 /* Forge string buf with all available names */
9255 for (i = 0; i < ARRAY_SIZE(section_defs); i++) {
9256 const struct bpf_sec_def *sec_def = §ion_defs[i];
9259 if (sec_def->prog_prepare_load_fn != libbpf_prepare_prog_load)
9262 if (!(sec_def->cookie & SEC_ATTACHABLE))
9266 if (strlen(buf) + strlen(section_defs[i].sec) + 2 > len) {
9271 strcat(buf, section_defs[i].sec);
9277 int libbpf_prog_type_by_name(const char *name, enum bpf_prog_type *prog_type,
9278 enum bpf_attach_type *expected_attach_type)
9280 const struct bpf_sec_def *sec_def;
9284 return libbpf_err(-EINVAL);
9286 sec_def = find_sec_def(name);
9288 *prog_type = sec_def->prog_type;
9289 *expected_attach_type = sec_def->expected_attach_type;
9293 pr_debug("failed to guess program type from ELF section '%s'\n", name);
9294 type_names = libbpf_get_type_names(false);
9295 if (type_names != NULL) {
9296 pr_debug("supported section(type) names are:%s\n", type_names);
9300 return libbpf_err(-ESRCH);
9303 static struct bpf_map *find_struct_ops_map_by_offset(struct bpf_object *obj,
9306 struct bpf_map *map;
9309 for (i = 0; i < obj->nr_maps; i++) {
9310 map = &obj->maps[i];
9311 if (!bpf_map__is_struct_ops(map))
9313 if (map->sec_offset <= offset &&
9314 offset - map->sec_offset < map->def.value_size)
9321 /* Collect the reloc from ELF and populate the st_ops->progs[] */
9322 static int bpf_object__collect_st_ops_relos(struct bpf_object *obj,
9323 Elf64_Shdr *shdr, Elf_Data *data)
9325 const struct btf_member *member;
9326 struct bpf_struct_ops *st_ops;
9327 struct bpf_program *prog;
9328 unsigned int shdr_idx;
9329 const struct btf *btf;
9330 struct bpf_map *map;
9331 unsigned int moff, insn_idx;
9339 nrels = shdr->sh_size / shdr->sh_entsize;
9340 for (i = 0; i < nrels; i++) {
9341 rel = elf_rel_by_idx(data, i);
9343 pr_warn("struct_ops reloc: failed to get %d reloc\n", i);
9344 return -LIBBPF_ERRNO__FORMAT;
9347 sym = elf_sym_by_idx(obj, ELF64_R_SYM(rel->r_info));
9349 pr_warn("struct_ops reloc: symbol %zx not found\n",
9350 (size_t)ELF64_R_SYM(rel->r_info));
9351 return -LIBBPF_ERRNO__FORMAT;
9354 name = elf_sym_str(obj, sym->st_name) ?: "<?>";
9355 map = find_struct_ops_map_by_offset(obj, rel->r_offset);
9357 pr_warn("struct_ops reloc: cannot find map at rel->r_offset %zu\n",
9358 (size_t)rel->r_offset);
9362 moff = rel->r_offset - map->sec_offset;
9363 shdr_idx = sym->st_shndx;
9364 st_ops = map->st_ops;
9365 pr_debug("struct_ops reloc %s: for %lld value %lld shdr_idx %u rel->r_offset %zu map->sec_offset %zu name %d (\'%s\')\n",
9367 (long long)(rel->r_info >> 32),
9368 (long long)sym->st_value,
9369 shdr_idx, (size_t)rel->r_offset,
9370 map->sec_offset, sym->st_name, name);
9372 if (shdr_idx >= SHN_LORESERVE) {
9373 pr_warn("struct_ops reloc %s: rel->r_offset %zu shdr_idx %u unsupported non-static function\n",
9374 map->name, (size_t)rel->r_offset, shdr_idx);
9375 return -LIBBPF_ERRNO__RELOC;
9377 if (sym->st_value % BPF_INSN_SZ) {
9378 pr_warn("struct_ops reloc %s: invalid target program offset %llu\n",
9379 map->name, (unsigned long long)sym->st_value);
9380 return -LIBBPF_ERRNO__FORMAT;
9382 insn_idx = sym->st_value / BPF_INSN_SZ;
9384 member = find_member_by_offset(st_ops->type, moff * 8);
9386 pr_warn("struct_ops reloc %s: cannot find member at moff %u\n",
9390 member_idx = member - btf_members(st_ops->type);
9391 name = btf__name_by_offset(btf, member->name_off);
9393 if (!resolve_func_ptr(btf, member->type, NULL)) {
9394 pr_warn("struct_ops reloc %s: cannot relocate non func ptr %s\n",
9399 prog = find_prog_by_sec_insn(obj, shdr_idx, insn_idx);
9401 pr_warn("struct_ops reloc %s: cannot find prog at shdr_idx %u to relocate func ptr %s\n",
9402 map->name, shdr_idx, name);
9406 /* prevent the use of BPF prog with invalid type */
9407 if (prog->type != BPF_PROG_TYPE_STRUCT_OPS) {
9408 pr_warn("struct_ops reloc %s: prog %s is not struct_ops BPF program\n",
9409 map->name, prog->name);
9413 /* if we haven't yet processed this BPF program, record proper
9414 * attach_btf_id and member_idx
9416 if (!prog->attach_btf_id) {
9417 prog->attach_btf_id = st_ops->type_id;
9418 prog->expected_attach_type = member_idx;
9421 /* struct_ops BPF prog can be re-used between multiple
9422 * .struct_ops as long as it's the same struct_ops struct
9423 * definition and the same function pointer field
9425 if (prog->attach_btf_id != st_ops->type_id ||
9426 prog->expected_attach_type != member_idx) {
9427 pr_warn("struct_ops reloc %s: cannot use prog %s in sec %s with type %u attach_btf_id %u expected_attach_type %u for func ptr %s\n",
9428 map->name, prog->name, prog->sec_name, prog->type,
9429 prog->attach_btf_id, prog->expected_attach_type, name);
9433 st_ops->progs[member_idx] = prog;
9439 #define BTF_TRACE_PREFIX "btf_trace_"
9440 #define BTF_LSM_PREFIX "bpf_lsm_"
9441 #define BTF_ITER_PREFIX "bpf_iter_"
9442 #define BTF_MAX_NAME_SIZE 128
9444 void btf_get_kernel_prefix_kind(enum bpf_attach_type attach_type,
9445 const char **prefix, int *kind)
9447 switch (attach_type) {
9448 case BPF_TRACE_RAW_TP:
9449 *prefix = BTF_TRACE_PREFIX;
9450 *kind = BTF_KIND_TYPEDEF;
9453 *prefix = BTF_LSM_PREFIX;
9454 *kind = BTF_KIND_FUNC;
9456 case BPF_TRACE_ITER:
9457 *prefix = BTF_ITER_PREFIX;
9458 *kind = BTF_KIND_FUNC;
9462 *kind = BTF_KIND_FUNC;
9466 static int find_btf_by_prefix_kind(const struct btf *btf, const char *prefix,
9467 const char *name, __u32 kind)
9469 char btf_type_name[BTF_MAX_NAME_SIZE];
9472 ret = snprintf(btf_type_name, sizeof(btf_type_name),
9473 "%s%s", prefix, name);
9474 /* snprintf returns the number of characters written excluding the
9475 * terminating null. So, if >= BTF_MAX_NAME_SIZE are written, it
9476 * indicates truncation.
9478 if (ret < 0 || ret >= sizeof(btf_type_name))
9479 return -ENAMETOOLONG;
9480 return btf__find_by_name_kind(btf, btf_type_name, kind);
9483 static inline int find_attach_btf_id(struct btf *btf, const char *name,
9484 enum bpf_attach_type attach_type)
9489 btf_get_kernel_prefix_kind(attach_type, &prefix, &kind);
9490 return find_btf_by_prefix_kind(btf, prefix, name, kind);
9493 int libbpf_find_vmlinux_btf_id(const char *name,
9494 enum bpf_attach_type attach_type)
9499 btf = btf__load_vmlinux_btf();
9500 err = libbpf_get_error(btf);
9502 pr_warn("vmlinux BTF is not found\n");
9503 return libbpf_err(err);
9506 err = find_attach_btf_id(btf, name, attach_type);
9508 pr_warn("%s is not found in vmlinux BTF\n", name);
9511 return libbpf_err(err);
9514 static int libbpf_find_prog_btf_id(const char *name, __u32 attach_prog_fd)
9516 struct bpf_prog_info info = {};
9517 __u32 info_len = sizeof(info);
9521 err = bpf_obj_get_info_by_fd(attach_prog_fd, &info, &info_len);
9523 pr_warn("failed bpf_obj_get_info_by_fd for FD %d: %d\n",
9524 attach_prog_fd, err);
9530 pr_warn("The target program doesn't have BTF\n");
9533 btf = btf__load_from_kernel_by_id(info.btf_id);
9534 err = libbpf_get_error(btf);
9536 pr_warn("Failed to get BTF %d of the program: %d\n", info.btf_id, err);
9539 err = btf__find_by_name_kind(btf, name, BTF_KIND_FUNC);
9542 pr_warn("%s is not found in prog's BTF\n", name);
9549 static int find_kernel_btf_id(struct bpf_object *obj, const char *attach_name,
9550 enum bpf_attach_type attach_type,
9551 int *btf_obj_fd, int *btf_type_id)
9555 ret = find_attach_btf_id(obj->btf_vmlinux, attach_name, attach_type);
9557 *btf_obj_fd = 0; /* vmlinux BTF */
9564 ret = load_module_btfs(obj);
9568 for (i = 0; i < obj->btf_module_cnt; i++) {
9569 const struct module_btf *mod = &obj->btf_modules[i];
9571 ret = find_attach_btf_id(mod->btf, attach_name, attach_type);
9573 *btf_obj_fd = mod->fd;
9586 static int libbpf_find_attach_btf_id(struct bpf_program *prog, const char *attach_name,
9587 int *btf_obj_fd, int *btf_type_id)
9589 enum bpf_attach_type attach_type = prog->expected_attach_type;
9590 __u32 attach_prog_fd = prog->attach_prog_fd;
9593 /* BPF program's BTF ID */
9594 if (attach_prog_fd) {
9595 err = libbpf_find_prog_btf_id(attach_name, attach_prog_fd);
9597 pr_warn("failed to find BPF program (FD %d) BTF ID for '%s': %d\n",
9598 attach_prog_fd, attach_name, err);
9606 /* kernel/module BTF ID */
9607 if (prog->obj->gen_loader) {
9608 bpf_gen__record_attach_target(prog->obj->gen_loader, attach_name, attach_type);
9612 err = find_kernel_btf_id(prog->obj, attach_name, attach_type, btf_obj_fd, btf_type_id);
9615 pr_warn("failed to find kernel BTF type ID of '%s': %d\n", attach_name, err);
9621 int libbpf_attach_type_by_name(const char *name,
9622 enum bpf_attach_type *attach_type)
9625 const struct bpf_sec_def *sec_def;
9628 return libbpf_err(-EINVAL);
9630 sec_def = find_sec_def(name);
9632 pr_debug("failed to guess attach type based on ELF section name '%s'\n", name);
9633 type_names = libbpf_get_type_names(true);
9634 if (type_names != NULL) {
9635 pr_debug("attachable section(type) names are:%s\n", type_names);
9639 return libbpf_err(-EINVAL);
9642 if (sec_def->prog_prepare_load_fn != libbpf_prepare_prog_load)
9643 return libbpf_err(-EINVAL);
9644 if (!(sec_def->cookie & SEC_ATTACHABLE))
9645 return libbpf_err(-EINVAL);
9647 *attach_type = sec_def->expected_attach_type;
9651 int bpf_map__fd(const struct bpf_map *map)
9653 return map ? map->fd : libbpf_err(-EINVAL);
9656 const struct bpf_map_def *bpf_map__def(const struct bpf_map *map)
9658 return map ? &map->def : libbpf_err_ptr(-EINVAL);
9661 static bool map_uses_real_name(const struct bpf_map *map)
9663 /* Since libbpf started to support custom .data.* and .rodata.* maps,
9664 * their user-visible name differs from kernel-visible name. Users see
9665 * such map's corresponding ELF section name as a map name.
9666 * This check distinguishes .data/.rodata from .data.* and .rodata.*
9667 * maps to know which name has to be returned to the user.
9669 if (map->libbpf_type == LIBBPF_MAP_DATA && strcmp(map->real_name, DATA_SEC) != 0)
9671 if (map->libbpf_type == LIBBPF_MAP_RODATA && strcmp(map->real_name, RODATA_SEC) != 0)
9676 const char *bpf_map__name(const struct bpf_map *map)
9681 if (map_uses_real_name(map))
9682 return map->real_name;
9687 enum bpf_map_type bpf_map__type(const struct bpf_map *map)
9689 return map->def.type;
9692 int bpf_map__set_type(struct bpf_map *map, enum bpf_map_type type)
9695 return libbpf_err(-EBUSY);
9696 map->def.type = type;
9700 __u32 bpf_map__map_flags(const struct bpf_map *map)
9702 return map->def.map_flags;
9705 int bpf_map__set_map_flags(struct bpf_map *map, __u32 flags)
9708 return libbpf_err(-EBUSY);
9709 map->def.map_flags = flags;
9713 __u64 bpf_map__map_extra(const struct bpf_map *map)
9715 return map->map_extra;
9718 int bpf_map__set_map_extra(struct bpf_map *map, __u64 map_extra)
9721 return libbpf_err(-EBUSY);
9722 map->map_extra = map_extra;
9726 __u32 bpf_map__numa_node(const struct bpf_map *map)
9728 return map->numa_node;
9731 int bpf_map__set_numa_node(struct bpf_map *map, __u32 numa_node)
9734 return libbpf_err(-EBUSY);
9735 map->numa_node = numa_node;
9739 __u32 bpf_map__key_size(const struct bpf_map *map)
9741 return map->def.key_size;
9744 int bpf_map__set_key_size(struct bpf_map *map, __u32 size)
9747 return libbpf_err(-EBUSY);
9748 map->def.key_size = size;
9752 __u32 bpf_map__value_size(const struct bpf_map *map)
9754 return map->def.value_size;
9757 int bpf_map__set_value_size(struct bpf_map *map, __u32 size)
9760 return libbpf_err(-EBUSY);
9761 map->def.value_size = size;
9765 __u32 bpf_map__btf_key_type_id(const struct bpf_map *map)
9767 return map ? map->btf_key_type_id : 0;
9770 __u32 bpf_map__btf_value_type_id(const struct bpf_map *map)
9772 return map ? map->btf_value_type_id : 0;
9775 int bpf_map__set_priv(struct bpf_map *map, void *priv,
9776 bpf_map_clear_priv_t clear_priv)
9779 return libbpf_err(-EINVAL);
9782 if (map->clear_priv)
9783 map->clear_priv(map, map->priv);
9787 map->clear_priv = clear_priv;
9791 void *bpf_map__priv(const struct bpf_map *map)
9793 return map ? map->priv : libbpf_err_ptr(-EINVAL);
9796 int bpf_map__set_initial_value(struct bpf_map *map,
9797 const void *data, size_t size)
9799 if (!map->mmaped || map->libbpf_type == LIBBPF_MAP_KCONFIG ||
9800 size != map->def.value_size || map->fd >= 0)
9801 return libbpf_err(-EINVAL);
9803 memcpy(map->mmaped, data, size);
9807 const void *bpf_map__initial_value(struct bpf_map *map, size_t *psize)
9811 *psize = map->def.value_size;
9815 bool bpf_map__is_offload_neutral(const struct bpf_map *map)
9817 return map->def.type == BPF_MAP_TYPE_PERF_EVENT_ARRAY;
9820 bool bpf_map__is_internal(const struct bpf_map *map)
9822 return map->libbpf_type != LIBBPF_MAP_UNSPEC;
9825 __u32 bpf_map__ifindex(const struct bpf_map *map)
9827 return map->map_ifindex;
9830 int bpf_map__set_ifindex(struct bpf_map *map, __u32 ifindex)
9833 return libbpf_err(-EBUSY);
9834 map->map_ifindex = ifindex;
9838 int bpf_map__set_inner_map_fd(struct bpf_map *map, int fd)
9840 if (!bpf_map_type__is_map_in_map(map->def.type)) {
9841 pr_warn("error: unsupported map type\n");
9842 return libbpf_err(-EINVAL);
9844 if (map->inner_map_fd != -1) {
9845 pr_warn("error: inner_map_fd already specified\n");
9846 return libbpf_err(-EINVAL);
9848 if (map->inner_map) {
9849 bpf_map__destroy(map->inner_map);
9850 zfree(&map->inner_map);
9852 map->inner_map_fd = fd;
9856 static struct bpf_map *
9857 __bpf_map__iter(const struct bpf_map *m, const struct bpf_object *obj, int i)
9860 struct bpf_map *s, *e;
9862 if (!obj || !obj->maps)
9863 return errno = EINVAL, NULL;
9866 e = obj->maps + obj->nr_maps;
9868 if ((m < s) || (m >= e)) {
9869 pr_warn("error in %s: map handler doesn't belong to object\n",
9871 return errno = EINVAL, NULL;
9874 idx = (m - obj->maps) + i;
9875 if (idx >= obj->nr_maps || idx < 0)
9877 return &obj->maps[idx];
9881 bpf_map__next(const struct bpf_map *prev, const struct bpf_object *obj)
9883 return bpf_object__next_map(obj, prev);
9887 bpf_object__next_map(const struct bpf_object *obj, const struct bpf_map *prev)
9892 return __bpf_map__iter(prev, obj, 1);
9896 bpf_map__prev(const struct bpf_map *next, const struct bpf_object *obj)
9898 return bpf_object__prev_map(obj, next);
9902 bpf_object__prev_map(const struct bpf_object *obj, const struct bpf_map *next)
9907 return obj->maps + obj->nr_maps - 1;
9910 return __bpf_map__iter(next, obj, -1);
9914 bpf_object__find_map_by_name(const struct bpf_object *obj, const char *name)
9916 struct bpf_map *pos;
9918 bpf_object__for_each_map(pos, obj) {
9919 /* if it's a special internal map name (which always starts
9920 * with dot) then check if that special name matches the
9921 * real map name (ELF section name)
9923 if (name[0] == '.') {
9924 if (pos->real_name && strcmp(pos->real_name, name) == 0)
9928 /* otherwise map name has to be an exact match */
9929 if (map_uses_real_name(pos)) {
9930 if (strcmp(pos->real_name, name) == 0)
9934 if (strcmp(pos->name, name) == 0)
9937 return errno = ENOENT, NULL;
9941 bpf_object__find_map_fd_by_name(const struct bpf_object *obj, const char *name)
9943 return bpf_map__fd(bpf_object__find_map_by_name(obj, name));
9947 bpf_object__find_map_by_offset(struct bpf_object *obj, size_t offset)
9949 return libbpf_err_ptr(-ENOTSUP);
9952 long libbpf_get_error(const void *ptr)
9954 if (!IS_ERR_OR_NULL(ptr))
9958 errno = -PTR_ERR(ptr);
9960 /* If ptr == NULL, then errno should be already set by the failing
9961 * API, because libbpf never returns NULL on success and it now always
9962 * sets errno on error. So no extra errno handling for ptr == NULL
9968 __attribute__((alias("bpf_prog_load_xattr2")))
9969 int bpf_prog_load_xattr(const struct bpf_prog_load_attr *attr,
9970 struct bpf_object **pobj, int *prog_fd);
9972 static int bpf_prog_load_xattr2(const struct bpf_prog_load_attr *attr,
9973 struct bpf_object **pobj, int *prog_fd)
9975 struct bpf_object_open_attr open_attr = {};
9976 struct bpf_program *prog, *first_prog = NULL;
9977 struct bpf_object *obj;
9978 struct bpf_map *map;
9982 return libbpf_err(-EINVAL);
9984 return libbpf_err(-EINVAL);
9986 open_attr.file = attr->file;
9987 open_attr.prog_type = attr->prog_type;
9989 obj = __bpf_object__open_xattr(&open_attr, 0);
9990 err = libbpf_get_error(obj);
9992 return libbpf_err(-ENOENT);
9994 bpf_object__for_each_program(prog, obj) {
9995 enum bpf_attach_type attach_type = attr->expected_attach_type;
9997 * to preserve backwards compatibility, bpf_prog_load treats
9998 * attr->prog_type, if specified, as an override to whatever
9999 * bpf_object__open guessed
10001 if (attr->prog_type != BPF_PROG_TYPE_UNSPEC) {
10002 prog->type = attr->prog_type;
10003 prog->expected_attach_type = attach_type;
10005 if (bpf_program__type(prog) == BPF_PROG_TYPE_UNSPEC) {
10007 * we haven't guessed from section name and user
10008 * didn't provide a fallback type, too bad...
10010 bpf_object__close(obj);
10011 return libbpf_err(-EINVAL);
10014 prog->prog_ifindex = attr->ifindex;
10015 prog->log_level = attr->log_level;
10016 prog->prog_flags |= attr->prog_flags;
10021 bpf_object__for_each_map(map, obj) {
10022 if (map->def.type != BPF_MAP_TYPE_PERF_EVENT_ARRAY)
10023 map->map_ifindex = attr->ifindex;
10027 pr_warn("object file doesn't contain bpf program\n");
10028 bpf_object__close(obj);
10029 return libbpf_err(-ENOENT);
10032 err = bpf_object__load(obj);
10034 bpf_object__close(obj);
10035 return libbpf_err(err);
10039 *prog_fd = bpf_program__fd(first_prog);
10043 COMPAT_VERSION(bpf_prog_load_deprecated, bpf_prog_load, LIBBPF_0.0.1)
10044 int bpf_prog_load_deprecated(const char *file, enum bpf_prog_type type,
10045 struct bpf_object **pobj, int *prog_fd)
10047 struct bpf_prog_load_attr attr;
10049 memset(&attr, 0, sizeof(struct bpf_prog_load_attr));
10051 attr.prog_type = type;
10052 attr.expected_attach_type = 0;
10054 return bpf_prog_load_xattr2(&attr, pobj, prog_fd);
10057 /* Replace link's underlying BPF program with the new one */
10058 int bpf_link__update_program(struct bpf_link *link, struct bpf_program *prog)
10062 ret = bpf_link_update(bpf_link__fd(link), bpf_program__fd(prog), NULL);
10063 return libbpf_err_errno(ret);
10066 /* Release "ownership" of underlying BPF resource (typically, BPF program
10067 * attached to some BPF hook, e.g., tracepoint, kprobe, etc). Disconnected
10068 * link, when destructed through bpf_link__destroy() call won't attempt to
10069 * detach/unregisted that BPF resource. This is useful in situations where,
10070 * say, attached BPF program has to outlive userspace program that attached it
10071 * in the system. Depending on type of BPF program, though, there might be
10072 * additional steps (like pinning BPF program in BPF FS) necessary to ensure
10073 * exit of userspace program doesn't trigger automatic detachment and clean up
10074 * inside the kernel.
10076 void bpf_link__disconnect(struct bpf_link *link)
10078 link->disconnected = true;
10081 int bpf_link__destroy(struct bpf_link *link)
10085 if (IS_ERR_OR_NULL(link))
10088 if (!link->disconnected && link->detach)
10089 err = link->detach(link);
10090 if (link->pin_path)
10091 free(link->pin_path);
10093 link->dealloc(link);
10097 return libbpf_err(err);
10100 int bpf_link__fd(const struct bpf_link *link)
10105 const char *bpf_link__pin_path(const struct bpf_link *link)
10107 return link->pin_path;
10110 static int bpf_link__detach_fd(struct bpf_link *link)
10112 return libbpf_err_errno(close(link->fd));
10115 struct bpf_link *bpf_link__open(const char *path)
10117 struct bpf_link *link;
10120 fd = bpf_obj_get(path);
10123 pr_warn("failed to open link at %s: %d\n", path, fd);
10124 return libbpf_err_ptr(fd);
10127 link = calloc(1, sizeof(*link));
10130 return libbpf_err_ptr(-ENOMEM);
10132 link->detach = &bpf_link__detach_fd;
10135 link->pin_path = strdup(path);
10136 if (!link->pin_path) {
10137 bpf_link__destroy(link);
10138 return libbpf_err_ptr(-ENOMEM);
10144 int bpf_link__detach(struct bpf_link *link)
10146 return bpf_link_detach(link->fd) ? -errno : 0;
10149 int bpf_link__pin(struct bpf_link *link, const char *path)
10153 if (link->pin_path)
10154 return libbpf_err(-EBUSY);
10155 err = make_parent_dir(path);
10157 return libbpf_err(err);
10158 err = check_path(path);
10160 return libbpf_err(err);
10162 link->pin_path = strdup(path);
10163 if (!link->pin_path)
10164 return libbpf_err(-ENOMEM);
10166 if (bpf_obj_pin(link->fd, link->pin_path)) {
10168 zfree(&link->pin_path);
10169 return libbpf_err(err);
10172 pr_debug("link fd=%d: pinned at %s\n", link->fd, link->pin_path);
10176 int bpf_link__unpin(struct bpf_link *link)
10180 if (!link->pin_path)
10181 return libbpf_err(-EINVAL);
10183 err = unlink(link->pin_path);
10187 pr_debug("link fd=%d: unpinned from %s\n", link->fd, link->pin_path);
10188 zfree(&link->pin_path);
10192 struct bpf_link_perf {
10193 struct bpf_link link;
10195 /* legacy kprobe support: keep track of probe identifier and type */
10196 char *legacy_probe_name;
10197 bool legacy_is_kprobe;
10198 bool legacy_is_retprobe;
10201 static int remove_kprobe_event_legacy(const char *probe_name, bool retprobe);
10202 static int remove_uprobe_event_legacy(const char *probe_name, bool retprobe);
10204 static int bpf_link_perf_detach(struct bpf_link *link)
10206 struct bpf_link_perf *perf_link = container_of(link, struct bpf_link_perf, link);
10209 if (ioctl(perf_link->perf_event_fd, PERF_EVENT_IOC_DISABLE, 0) < 0)
10212 if (perf_link->perf_event_fd != link->fd)
10213 close(perf_link->perf_event_fd);
10216 /* legacy uprobe/kprobe needs to be removed after perf event fd closure */
10217 if (perf_link->legacy_probe_name) {
10218 if (perf_link->legacy_is_kprobe) {
10219 err = remove_kprobe_event_legacy(perf_link->legacy_probe_name,
10220 perf_link->legacy_is_retprobe);
10222 err = remove_uprobe_event_legacy(perf_link->legacy_probe_name,
10223 perf_link->legacy_is_retprobe);
10230 static void bpf_link_perf_dealloc(struct bpf_link *link)
10232 struct bpf_link_perf *perf_link = container_of(link, struct bpf_link_perf, link);
10234 free(perf_link->legacy_probe_name);
10238 struct bpf_link *bpf_program__attach_perf_event_opts(const struct bpf_program *prog, int pfd,
10239 const struct bpf_perf_event_opts *opts)
10241 char errmsg[STRERR_BUFSIZE];
10242 struct bpf_link_perf *link;
10243 int prog_fd, link_fd = -1, err;
10245 if (!OPTS_VALID(opts, bpf_perf_event_opts))
10246 return libbpf_err_ptr(-EINVAL);
10249 pr_warn("prog '%s': invalid perf event FD %d\n",
10251 return libbpf_err_ptr(-EINVAL);
10253 prog_fd = bpf_program__fd(prog);
10255 pr_warn("prog '%s': can't attach BPF program w/o FD (did you load it?)\n",
10257 return libbpf_err_ptr(-EINVAL);
10260 link = calloc(1, sizeof(*link));
10262 return libbpf_err_ptr(-ENOMEM);
10263 link->link.detach = &bpf_link_perf_detach;
10264 link->link.dealloc = &bpf_link_perf_dealloc;
10265 link->perf_event_fd = pfd;
10267 if (kernel_supports(prog->obj, FEAT_PERF_LINK)) {
10268 DECLARE_LIBBPF_OPTS(bpf_link_create_opts, link_opts,
10269 .perf_event.bpf_cookie = OPTS_GET(opts, bpf_cookie, 0));
10271 link_fd = bpf_link_create(prog_fd, pfd, BPF_PERF_EVENT, &link_opts);
10274 pr_warn("prog '%s': failed to create BPF link for perf_event FD %d: %d (%s)\n",
10276 err, libbpf_strerror_r(err, errmsg, sizeof(errmsg)));
10279 link->link.fd = link_fd;
10281 if (OPTS_GET(opts, bpf_cookie, 0)) {
10282 pr_warn("prog '%s': user context value is not supported\n", prog->name);
10287 if (ioctl(pfd, PERF_EVENT_IOC_SET_BPF, prog_fd) < 0) {
10289 pr_warn("prog '%s': failed to attach to perf_event FD %d: %s\n",
10290 prog->name, pfd, libbpf_strerror_r(err, errmsg, sizeof(errmsg)));
10291 if (err == -EPROTO)
10292 pr_warn("prog '%s': try add PERF_SAMPLE_CALLCHAIN to or remove exclude_callchain_[kernel|user] from pfd %d\n",
10296 link->link.fd = pfd;
10298 if (ioctl(pfd, PERF_EVENT_IOC_ENABLE, 0) < 0) {
10300 pr_warn("prog '%s': failed to enable perf_event FD %d: %s\n",
10301 prog->name, pfd, libbpf_strerror_r(err, errmsg, sizeof(errmsg)));
10305 return &link->link;
10310 return libbpf_err_ptr(err);
10313 struct bpf_link *bpf_program__attach_perf_event(const struct bpf_program *prog, int pfd)
10315 return bpf_program__attach_perf_event_opts(prog, pfd, NULL);
10319 * this function is expected to parse integer in the range of [0, 2^31-1] from
10320 * given file using scanf format string fmt. If actual parsed value is
10321 * negative, the result might be indistinguishable from error
10323 static int parse_uint_from_file(const char *file, const char *fmt)
10325 char buf[STRERR_BUFSIZE];
10329 f = fopen(file, "r");
10332 pr_debug("failed to open '%s': %s\n", file,
10333 libbpf_strerror_r(err, buf, sizeof(buf)));
10336 err = fscanf(f, fmt, &ret);
10338 err = err == EOF ? -EIO : -errno;
10339 pr_debug("failed to parse '%s': %s\n", file,
10340 libbpf_strerror_r(err, buf, sizeof(buf)));
10348 static int determine_kprobe_perf_type(void)
10350 const char *file = "/sys/bus/event_source/devices/kprobe/type";
10352 return parse_uint_from_file(file, "%d\n");
10355 static int determine_uprobe_perf_type(void)
10357 const char *file = "/sys/bus/event_source/devices/uprobe/type";
10359 return parse_uint_from_file(file, "%d\n");
10362 static int determine_kprobe_retprobe_bit(void)
10364 const char *file = "/sys/bus/event_source/devices/kprobe/format/retprobe";
10366 return parse_uint_from_file(file, "config:%d\n");
10369 static int determine_uprobe_retprobe_bit(void)
10371 const char *file = "/sys/bus/event_source/devices/uprobe/format/retprobe";
10373 return parse_uint_from_file(file, "config:%d\n");
10376 #define PERF_UPROBE_REF_CTR_OFFSET_BITS 32
10377 #define PERF_UPROBE_REF_CTR_OFFSET_SHIFT 32
10379 static int perf_event_open_probe(bool uprobe, bool retprobe, const char *name,
10380 uint64_t offset, int pid, size_t ref_ctr_off)
10382 struct perf_event_attr attr = {};
10383 char errmsg[STRERR_BUFSIZE];
10384 int type, pfd, err;
10386 if (ref_ctr_off >= (1ULL << PERF_UPROBE_REF_CTR_OFFSET_BITS))
10389 type = uprobe ? determine_uprobe_perf_type()
10390 : determine_kprobe_perf_type();
10392 pr_warn("failed to determine %s perf type: %s\n",
10393 uprobe ? "uprobe" : "kprobe",
10394 libbpf_strerror_r(type, errmsg, sizeof(errmsg)));
10398 int bit = uprobe ? determine_uprobe_retprobe_bit()
10399 : determine_kprobe_retprobe_bit();
10402 pr_warn("failed to determine %s retprobe bit: %s\n",
10403 uprobe ? "uprobe" : "kprobe",
10404 libbpf_strerror_r(bit, errmsg, sizeof(errmsg)));
10407 attr.config |= 1 << bit;
10409 attr.size = sizeof(attr);
10411 attr.config |= (__u64)ref_ctr_off << PERF_UPROBE_REF_CTR_OFFSET_SHIFT;
10412 attr.config1 = ptr_to_u64(name); /* kprobe_func or uprobe_path */
10413 attr.config2 = offset; /* kprobe_addr or probe_offset */
10415 /* pid filter is meaningful only for uprobes */
10416 pfd = syscall(__NR_perf_event_open, &attr,
10417 pid < 0 ? -1 : pid /* pid */,
10418 pid == -1 ? 0 : -1 /* cpu */,
10419 -1 /* group_fd */, PERF_FLAG_FD_CLOEXEC);
10422 pr_warn("%s perf_event_open() failed: %s\n",
10423 uprobe ? "uprobe" : "kprobe",
10424 libbpf_strerror_r(err, errmsg, sizeof(errmsg)));
10430 static int append_to_file(const char *file, const char *fmt, ...)
10432 int fd, n, err = 0;
10435 fd = open(file, O_WRONLY | O_APPEND | O_CLOEXEC, 0);
10440 n = vdprintf(fd, fmt, ap);
10450 static void gen_kprobe_legacy_event_name(char *buf, size_t buf_sz,
10451 const char *kfunc_name, size_t offset)
10453 static int index = 0;
10455 snprintf(buf, buf_sz, "libbpf_%u_%s_0x%zx_%d", getpid(), kfunc_name, offset,
10456 __sync_fetch_and_add(&index, 1));
10459 static int add_kprobe_event_legacy(const char *probe_name, bool retprobe,
10460 const char *kfunc_name, size_t offset)
10462 const char *file = "/sys/kernel/debug/tracing/kprobe_events";
10464 return append_to_file(file, "%c:%s/%s %s+0x%zx",
10465 retprobe ? 'r' : 'p',
10466 retprobe ? "kretprobes" : "kprobes",
10467 probe_name, kfunc_name, offset);
10470 static int remove_kprobe_event_legacy(const char *probe_name, bool retprobe)
10472 const char *file = "/sys/kernel/debug/tracing/kprobe_events";
10474 return append_to_file(file, "-:%s/%s", retprobe ? "kretprobes" : "kprobes", probe_name);
10477 static int determine_kprobe_perf_type_legacy(const char *probe_name, bool retprobe)
10481 snprintf(file, sizeof(file),
10482 "/sys/kernel/debug/tracing/events/%s/%s/id",
10483 retprobe ? "kretprobes" : "kprobes", probe_name);
10485 return parse_uint_from_file(file, "%d\n");
10488 static int perf_event_kprobe_open_legacy(const char *probe_name, bool retprobe,
10489 const char *kfunc_name, size_t offset, int pid)
10491 struct perf_event_attr attr = {};
10492 char errmsg[STRERR_BUFSIZE];
10493 int type, pfd, err;
10495 err = add_kprobe_event_legacy(probe_name, retprobe, kfunc_name, offset);
10497 pr_warn("failed to add legacy kprobe event for '%s+0x%zx': %s\n",
10498 kfunc_name, offset,
10499 libbpf_strerror_r(err, errmsg, sizeof(errmsg)));
10502 type = determine_kprobe_perf_type_legacy(probe_name, retprobe);
10504 pr_warn("failed to determine legacy kprobe event id for '%s+0x%zx': %s\n",
10505 kfunc_name, offset,
10506 libbpf_strerror_r(type, errmsg, sizeof(errmsg)));
10509 attr.size = sizeof(attr);
10510 attr.config = type;
10511 attr.type = PERF_TYPE_TRACEPOINT;
10513 pfd = syscall(__NR_perf_event_open, &attr,
10514 pid < 0 ? -1 : pid, /* pid */
10515 pid == -1 ? 0 : -1, /* cpu */
10516 -1 /* group_fd */, PERF_FLAG_FD_CLOEXEC);
10519 pr_warn("legacy kprobe perf_event_open() failed: %s\n",
10520 libbpf_strerror_r(err, errmsg, sizeof(errmsg)));
10527 bpf_program__attach_kprobe_opts(const struct bpf_program *prog,
10528 const char *func_name,
10529 const struct bpf_kprobe_opts *opts)
10531 DECLARE_LIBBPF_OPTS(bpf_perf_event_opts, pe_opts);
10532 char errmsg[STRERR_BUFSIZE];
10533 char *legacy_probe = NULL;
10534 struct bpf_link *link;
10536 bool retprobe, legacy;
10539 if (!OPTS_VALID(opts, bpf_kprobe_opts))
10540 return libbpf_err_ptr(-EINVAL);
10542 retprobe = OPTS_GET(opts, retprobe, false);
10543 offset = OPTS_GET(opts, offset, 0);
10544 pe_opts.bpf_cookie = OPTS_GET(opts, bpf_cookie, 0);
10546 legacy = determine_kprobe_perf_type() < 0;
10548 pfd = perf_event_open_probe(false /* uprobe */, retprobe,
10550 -1 /* pid */, 0 /* ref_ctr_off */);
10552 char probe_name[256];
10554 gen_kprobe_legacy_event_name(probe_name, sizeof(probe_name),
10555 func_name, offset);
10557 legacy_probe = strdup(probe_name);
10559 return libbpf_err_ptr(-ENOMEM);
10561 pfd = perf_event_kprobe_open_legacy(legacy_probe, retprobe, func_name,
10562 offset, -1 /* pid */);
10566 pr_warn("prog '%s': failed to create %s '%s+0x%zx' perf event: %s\n",
10567 prog->name, retprobe ? "kretprobe" : "kprobe",
10569 libbpf_strerror_r(err, errmsg, sizeof(errmsg)));
10572 link = bpf_program__attach_perf_event_opts(prog, pfd, &pe_opts);
10573 err = libbpf_get_error(link);
10576 pr_warn("prog '%s': failed to attach to %s '%s+0x%zx': %s\n",
10577 prog->name, retprobe ? "kretprobe" : "kprobe",
10579 libbpf_strerror_r(err, errmsg, sizeof(errmsg)));
10583 struct bpf_link_perf *perf_link = container_of(link, struct bpf_link_perf, link);
10585 perf_link->legacy_probe_name = legacy_probe;
10586 perf_link->legacy_is_kprobe = true;
10587 perf_link->legacy_is_retprobe = retprobe;
10592 free(legacy_probe);
10593 return libbpf_err_ptr(err);
10596 struct bpf_link *bpf_program__attach_kprobe(const struct bpf_program *prog,
10598 const char *func_name)
10600 DECLARE_LIBBPF_OPTS(bpf_kprobe_opts, opts,
10601 .retprobe = retprobe,
10604 return bpf_program__attach_kprobe_opts(prog, func_name, &opts);
10607 /* Adapted from perf/util/string.c */
10608 static bool glob_match(const char *str, const char *pat)
10610 while (*str && *pat && *pat != '*') {
10611 if (*pat == '?') { /* Matches any single character */
10621 /* Check wild card */
10623 while (*pat == '*')
10625 if (!*pat) /* Tail wild card matches all */
10628 if (glob_match(str++, pat))
10631 return !*str && !*pat;
10634 struct kprobe_multi_resolve {
10635 const char *pattern;
10636 unsigned long *addrs;
10642 resolve_kprobe_multi_cb(unsigned long long sym_addr, char sym_type,
10643 const char *sym_name, void *ctx)
10645 struct kprobe_multi_resolve *res = ctx;
10648 if (!glob_match(sym_name, res->pattern))
10651 err = libbpf_ensure_mem((void **) &res->addrs, &res->cap, sizeof(unsigned long),
10656 res->addrs[res->cnt++] = (unsigned long) sym_addr;
10661 bpf_program__attach_kprobe_multi_opts(const struct bpf_program *prog,
10662 const char *pattern,
10663 const struct bpf_kprobe_multi_opts *opts)
10665 LIBBPF_OPTS(bpf_link_create_opts, lopts);
10666 struct kprobe_multi_resolve res = {
10667 .pattern = pattern,
10669 struct bpf_link *link = NULL;
10670 char errmsg[STRERR_BUFSIZE];
10671 const unsigned long *addrs;
10672 int err, link_fd, prog_fd;
10673 const __u64 *cookies;
10678 if (!OPTS_VALID(opts, bpf_kprobe_multi_opts))
10679 return libbpf_err_ptr(-EINVAL);
10681 syms = OPTS_GET(opts, syms, false);
10682 addrs = OPTS_GET(opts, addrs, false);
10683 cnt = OPTS_GET(opts, cnt, false);
10684 cookies = OPTS_GET(opts, cookies, false);
10686 if (!pattern && !addrs && !syms)
10687 return libbpf_err_ptr(-EINVAL);
10688 if (pattern && (addrs || syms || cookies || cnt))
10689 return libbpf_err_ptr(-EINVAL);
10690 if (!pattern && !cnt)
10691 return libbpf_err_ptr(-EINVAL);
10693 return libbpf_err_ptr(-EINVAL);
10696 err = libbpf_kallsyms_parse(resolve_kprobe_multi_cb, &res);
10707 retprobe = OPTS_GET(opts, retprobe, false);
10709 lopts.kprobe_multi.syms = syms;
10710 lopts.kprobe_multi.addrs = addrs;
10711 lopts.kprobe_multi.cookies = cookies;
10712 lopts.kprobe_multi.cnt = cnt;
10713 lopts.kprobe_multi.flags = retprobe ? BPF_F_KPROBE_MULTI_RETURN : 0;
10715 link = calloc(1, sizeof(*link));
10720 link->detach = &bpf_link__detach_fd;
10722 prog_fd = bpf_program__fd(prog);
10723 link_fd = bpf_link_create(prog_fd, 0, BPF_TRACE_KPROBE_MULTI, &lopts);
10726 pr_warn("prog '%s': failed to attach: %s\n",
10727 prog->name, libbpf_strerror_r(err, errmsg, sizeof(errmsg)));
10730 link->fd = link_fd;
10737 return libbpf_err_ptr(err);
10740 static int attach_kprobe(const struct bpf_program *prog, long cookie, struct bpf_link **link)
10742 DECLARE_LIBBPF_OPTS(bpf_kprobe_opts, opts);
10743 unsigned long offset = 0;
10744 const char *func_name;
10750 /* no auto-attach for SEC("kprobe") and SEC("kretprobe") */
10751 if (strcmp(prog->sec_name, "kprobe") == 0 || strcmp(prog->sec_name, "kretprobe") == 0)
10754 opts.retprobe = str_has_pfx(prog->sec_name, "kretprobe/");
10756 func_name = prog->sec_name + sizeof("kretprobe/") - 1;
10758 func_name = prog->sec_name + sizeof("kprobe/") - 1;
10760 n = sscanf(func_name, "%m[a-zA-Z0-9_.]+%li", &func, &offset);
10762 pr_warn("kprobe name is invalid: %s\n", func_name);
10765 if (opts.retprobe && offset != 0) {
10767 pr_warn("kretprobes do not support offset specification\n");
10771 opts.offset = offset;
10772 *link = bpf_program__attach_kprobe_opts(prog, func, &opts);
10774 return libbpf_get_error(*link);
10777 static int attach_kprobe_multi(const struct bpf_program *prog, long cookie, struct bpf_link **link)
10779 LIBBPF_OPTS(bpf_kprobe_multi_opts, opts);
10786 /* no auto-attach for SEC("kprobe.multi") and SEC("kretprobe.multi") */
10787 if (strcmp(prog->sec_name, "kprobe.multi") == 0 ||
10788 strcmp(prog->sec_name, "kretprobe.multi") == 0)
10791 opts.retprobe = str_has_pfx(prog->sec_name, "kretprobe.multi/");
10793 spec = prog->sec_name + sizeof("kretprobe.multi/") - 1;
10795 spec = prog->sec_name + sizeof("kprobe.multi/") - 1;
10797 n = sscanf(spec, "%m[a-zA-Z0-9_.*?]", &pattern);
10799 pr_warn("kprobe multi pattern is invalid: %s\n", pattern);
10803 *link = bpf_program__attach_kprobe_multi_opts(prog, pattern, &opts);
10805 return libbpf_get_error(*link);
10808 static void gen_uprobe_legacy_event_name(char *buf, size_t buf_sz,
10809 const char *binary_path, uint64_t offset)
10813 snprintf(buf, buf_sz, "libbpf_%u_%s_0x%zx", getpid(), binary_path, (size_t)offset);
10815 /* sanitize binary_path in the probe name */
10816 for (i = 0; buf[i]; i++) {
10817 if (!isalnum(buf[i]))
10822 static inline int add_uprobe_event_legacy(const char *probe_name, bool retprobe,
10823 const char *binary_path, size_t offset)
10825 const char *file = "/sys/kernel/debug/tracing/uprobe_events";
10827 return append_to_file(file, "%c:%s/%s %s:0x%zx",
10828 retprobe ? 'r' : 'p',
10829 retprobe ? "uretprobes" : "uprobes",
10830 probe_name, binary_path, offset);
10833 static inline int remove_uprobe_event_legacy(const char *probe_name, bool retprobe)
10835 const char *file = "/sys/kernel/debug/tracing/uprobe_events";
10837 return append_to_file(file, "-:%s/%s", retprobe ? "uretprobes" : "uprobes", probe_name);
10840 static int determine_uprobe_perf_type_legacy(const char *probe_name, bool retprobe)
10844 snprintf(file, sizeof(file),
10845 "/sys/kernel/debug/tracing/events/%s/%s/id",
10846 retprobe ? "uretprobes" : "uprobes", probe_name);
10848 return parse_uint_from_file(file, "%d\n");
10851 static int perf_event_uprobe_open_legacy(const char *probe_name, bool retprobe,
10852 const char *binary_path, size_t offset, int pid)
10854 struct perf_event_attr attr;
10855 int type, pfd, err;
10857 err = add_uprobe_event_legacy(probe_name, retprobe, binary_path, offset);
10859 pr_warn("failed to add legacy uprobe event for %s:0x%zx: %d\n",
10860 binary_path, (size_t)offset, err);
10863 type = determine_uprobe_perf_type_legacy(probe_name, retprobe);
10865 pr_warn("failed to determine legacy uprobe event id for %s:0x%zx: %d\n",
10866 binary_path, offset, err);
10870 memset(&attr, 0, sizeof(attr));
10871 attr.size = sizeof(attr);
10872 attr.config = type;
10873 attr.type = PERF_TYPE_TRACEPOINT;
10875 pfd = syscall(__NR_perf_event_open, &attr,
10876 pid < 0 ? -1 : pid, /* pid */
10877 pid == -1 ? 0 : -1, /* cpu */
10878 -1 /* group_fd */, PERF_FLAG_FD_CLOEXEC);
10881 pr_warn("legacy uprobe perf_event_open() failed: %d\n", err);
10887 /* uprobes deal in relative offsets; subtract the base address associated with
10888 * the mapped binary. See Documentation/trace/uprobetracer.rst for more
10891 static long elf_find_relative_offset(const char *filename, Elf *elf, long addr)
10896 if (elf_getphdrnum(elf, &n)) {
10897 pr_warn("elf: failed to find program headers for '%s': %s\n", filename,
10902 for (i = 0; i < n; i++) {
10903 int seg_start, seg_end, seg_offset;
10906 if (!gelf_getphdr(elf, i, &phdr)) {
10907 pr_warn("elf: failed to get program header %d from '%s': %s\n", i, filename,
10911 if (phdr.p_type != PT_LOAD || !(phdr.p_flags & PF_X))
10914 seg_start = phdr.p_vaddr;
10915 seg_end = seg_start + phdr.p_memsz;
10916 seg_offset = phdr.p_offset;
10917 if (addr >= seg_start && addr < seg_end)
10918 return addr - seg_start + seg_offset;
10920 pr_warn("elf: failed to find prog header containing 0x%lx in '%s'\n", addr, filename);
10924 /* Return next ELF section of sh_type after scn, or first of that type if scn is NULL. */
10925 static Elf_Scn *elf_find_next_scn_by_type(Elf *elf, int sh_type, Elf_Scn *scn)
10927 while ((scn = elf_nextscn(elf, scn)) != NULL) {
10930 if (!gelf_getshdr(scn, &sh))
10932 if (sh.sh_type == sh_type)
10938 /* Find offset of function name in object specified by path. "name" matches
10939 * symbol name or name@@LIB for library functions.
10941 static long elf_find_func_offset(const char *binary_path, const char *name)
10943 int fd, i, sh_types[2] = { SHT_DYNSYM, SHT_SYMTAB };
10944 bool is_shared_lib, is_name_qualified;
10945 char errmsg[STRERR_BUFSIZE];
10946 long ret = -ENOENT;
10951 fd = open(binary_path, O_RDONLY | O_CLOEXEC);
10954 pr_warn("failed to open %s: %s\n", binary_path,
10955 libbpf_strerror_r(ret, errmsg, sizeof(errmsg)));
10958 elf = elf_begin(fd, ELF_C_READ_MMAP, NULL);
10960 pr_warn("elf: could not read elf from %s: %s\n", binary_path, elf_errmsg(-1));
10962 return -LIBBPF_ERRNO__FORMAT;
10964 if (!gelf_getehdr(elf, &ehdr)) {
10965 pr_warn("elf: failed to get ehdr from %s: %s\n", binary_path, elf_errmsg(-1));
10966 ret = -LIBBPF_ERRNO__FORMAT;
10969 /* for shared lib case, we do not need to calculate relative offset */
10970 is_shared_lib = ehdr.e_type == ET_DYN;
10972 name_len = strlen(name);
10973 /* Does name specify "@@LIB"? */
10974 is_name_qualified = strstr(name, "@@") != NULL;
10976 /* Search SHT_DYNSYM, SHT_SYMTAB for symbol. This search order is used because if
10977 * a binary is stripped, it may only have SHT_DYNSYM, and a fully-statically
10978 * linked binary may not have SHT_DYMSYM, so absence of a section should not be
10979 * reported as a warning/error.
10981 for (i = 0; i < ARRAY_SIZE(sh_types); i++) {
10982 size_t nr_syms, strtabidx, idx;
10983 Elf_Data *symbols = NULL;
10984 Elf_Scn *scn = NULL;
10985 int last_bind = -1;
10989 scn = elf_find_next_scn_by_type(elf, sh_types[i], NULL);
10991 pr_debug("elf: failed to find symbol table ELF sections in '%s'\n",
10995 if (!gelf_getshdr(scn, &sh))
10997 strtabidx = sh.sh_link;
10998 symbols = elf_getdata(scn, 0);
11000 pr_warn("elf: failed to get symbols for symtab section in '%s': %s\n",
11001 binary_path, elf_errmsg(-1));
11002 ret = -LIBBPF_ERRNO__FORMAT;
11005 nr_syms = symbols->d_size / sh.sh_entsize;
11007 for (idx = 0; idx < nr_syms; idx++) {
11011 if (!gelf_getsym(symbols, idx, &sym))
11014 if (GELF_ST_TYPE(sym.st_info) != STT_FUNC)
11017 sname = elf_strptr(elf, strtabidx, sym.st_name);
11021 curr_bind = GELF_ST_BIND(sym.st_info);
11023 /* User can specify func, func@@LIB or func@@LIB_VERSION. */
11024 if (strncmp(sname, name, name_len) != 0)
11026 /* ...but we don't want a search for "foo" to match 'foo2" also, so any
11027 * additional characters in sname should be of the form "@@LIB".
11029 if (!is_name_qualified && sname[name_len] != '\0' && sname[name_len] != '@')
11033 /* handle multiple matches */
11034 if (last_bind != STB_WEAK && curr_bind != STB_WEAK) {
11035 /* Only accept one non-weak bind. */
11036 pr_warn("elf: ambiguous match for '%s', '%s' in '%s'\n",
11037 sname, name, binary_path);
11038 ret = -LIBBPF_ERRNO__FORMAT;
11040 } else if (curr_bind == STB_WEAK) {
11041 /* already have a non-weak bind, and
11042 * this is a weak bind, so ignore.
11047 ret = sym.st_value;
11048 last_bind = curr_bind;
11050 /* For binaries that are not shared libraries, we need relative offset */
11051 if (ret > 0 && !is_shared_lib)
11052 ret = elf_find_relative_offset(binary_path, elf, ret);
11058 pr_debug("elf: symbol address match for '%s' in '%s': 0x%lx\n", name, binary_path,
11062 pr_warn("elf: '%s' is 0 in symtab for '%s': %s\n", name, binary_path,
11063 is_shared_lib ? "should not be 0 in a shared library" :
11064 "try using shared library path instead");
11067 pr_warn("elf: failed to find symbol '%s' in '%s'\n", name, binary_path);
11076 static const char *arch_specific_lib_paths(void)
11079 * Based on https://packages.debian.org/sid/libc6.
11081 * Assume that the traced program is built for the same architecture
11082 * as libbpf, which should cover the vast majority of cases.
11084 #if defined(__x86_64__)
11085 return "/lib/x86_64-linux-gnu";
11086 #elif defined(__i386__)
11087 return "/lib/i386-linux-gnu";
11088 #elif defined(__s390x__)
11089 return "/lib/s390x-linux-gnu";
11090 #elif defined(__s390__)
11091 return "/lib/s390-linux-gnu";
11092 #elif defined(__arm__) && defined(__SOFTFP__)
11093 return "/lib/arm-linux-gnueabi";
11094 #elif defined(__arm__) && !defined(__SOFTFP__)
11095 return "/lib/arm-linux-gnueabihf";
11096 #elif defined(__aarch64__)
11097 return "/lib/aarch64-linux-gnu";
11098 #elif defined(__mips__) && defined(__MIPSEL__) && _MIPS_SZLONG == 64
11099 return "/lib/mips64el-linux-gnuabi64";
11100 #elif defined(__mips__) && defined(__MIPSEL__) && _MIPS_SZLONG == 32
11101 return "/lib/mipsel-linux-gnu";
11102 #elif defined(__powerpc64__) && __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__
11103 return "/lib/powerpc64le-linux-gnu";
11104 #elif defined(__sparc__) && defined(__arch64__)
11105 return "/lib/sparc64-linux-gnu";
11106 #elif defined(__riscv) && __riscv_xlen == 64
11107 return "/lib/riscv64-linux-gnu";
11113 /* Get full path to program/shared library. */
11114 static int resolve_full_path(const char *file, char *result, size_t result_sz)
11116 const char *search_paths[3] = {};
11119 if (str_has_sfx(file, ".so") || strstr(file, ".so.")) {
11120 search_paths[0] = getenv("LD_LIBRARY_PATH");
11121 search_paths[1] = "/usr/lib64:/usr/lib";
11122 search_paths[2] = arch_specific_lib_paths();
11124 search_paths[0] = getenv("PATH");
11125 search_paths[1] = "/usr/bin:/usr/sbin";
11128 for (i = 0; i < ARRAY_SIZE(search_paths); i++) {
11131 if (!search_paths[i])
11133 for (s = search_paths[i]; s != NULL; s = strchr(s, ':')) {
11139 next_path = strchr(s, ':');
11140 seg_len = next_path ? next_path - s : strlen(s);
11143 snprintf(result, result_sz, "%.*s/%s", seg_len, s, file);
11144 /* ensure it is an executable file/link */
11145 if (access(result, R_OK | X_OK) < 0)
11147 pr_debug("resolved '%s' to '%s'\n", file, result);
11154 LIBBPF_API struct bpf_link *
11155 bpf_program__attach_uprobe_opts(const struct bpf_program *prog, pid_t pid,
11156 const char *binary_path, size_t func_offset,
11157 const struct bpf_uprobe_opts *opts)
11159 DECLARE_LIBBPF_OPTS(bpf_perf_event_opts, pe_opts);
11160 char errmsg[STRERR_BUFSIZE], *legacy_probe = NULL;
11161 char full_binary_path[PATH_MAX];
11162 struct bpf_link *link;
11163 size_t ref_ctr_off;
11165 bool retprobe, legacy;
11166 const char *func_name;
11168 if (!OPTS_VALID(opts, bpf_uprobe_opts))
11169 return libbpf_err_ptr(-EINVAL);
11171 retprobe = OPTS_GET(opts, retprobe, false);
11172 ref_ctr_off = OPTS_GET(opts, ref_ctr_offset, 0);
11173 pe_opts.bpf_cookie = OPTS_GET(opts, bpf_cookie, 0);
11175 if (binary_path && !strchr(binary_path, '/')) {
11176 err = resolve_full_path(binary_path, full_binary_path,
11177 sizeof(full_binary_path));
11179 pr_warn("prog '%s': failed to resolve full path for '%s': %d\n",
11180 prog->name, binary_path, err);
11181 return libbpf_err_ptr(err);
11183 binary_path = full_binary_path;
11185 func_name = OPTS_GET(opts, func_name, NULL);
11189 if (!binary_path) {
11190 pr_warn("prog '%s': name-based attach requires binary_path\n",
11192 return libbpf_err_ptr(-EINVAL);
11194 sym_off = elf_find_func_offset(binary_path, func_name);
11196 return libbpf_err_ptr(sym_off);
11197 func_offset += sym_off;
11200 legacy = determine_uprobe_perf_type() < 0;
11202 pfd = perf_event_open_probe(true /* uprobe */, retprobe, binary_path,
11203 func_offset, pid, ref_ctr_off);
11205 char probe_name[PATH_MAX + 64];
11208 return libbpf_err_ptr(-EINVAL);
11210 gen_uprobe_legacy_event_name(probe_name, sizeof(probe_name),
11211 binary_path, func_offset);
11213 legacy_probe = strdup(probe_name);
11215 return libbpf_err_ptr(-ENOMEM);
11217 pfd = perf_event_uprobe_open_legacy(legacy_probe, retprobe,
11218 binary_path, func_offset, pid);
11222 pr_warn("prog '%s': failed to create %s '%s:0x%zx' perf event: %s\n",
11223 prog->name, retprobe ? "uretprobe" : "uprobe",
11224 binary_path, func_offset,
11225 libbpf_strerror_r(err, errmsg, sizeof(errmsg)));
11229 link = bpf_program__attach_perf_event_opts(prog, pfd, &pe_opts);
11230 err = libbpf_get_error(link);
11233 pr_warn("prog '%s': failed to attach to %s '%s:0x%zx': %s\n",
11234 prog->name, retprobe ? "uretprobe" : "uprobe",
11235 binary_path, func_offset,
11236 libbpf_strerror_r(err, errmsg, sizeof(errmsg)));
11240 struct bpf_link_perf *perf_link = container_of(link, struct bpf_link_perf, link);
11242 perf_link->legacy_probe_name = legacy_probe;
11243 perf_link->legacy_is_kprobe = false;
11244 perf_link->legacy_is_retprobe = retprobe;
11248 free(legacy_probe);
11249 return libbpf_err_ptr(err);
11253 /* Format of u[ret]probe section definition supporting auto-attach:
11254 * u[ret]probe/binary:function[+offset]
11256 * binary can be an absolute/relative path or a filename; the latter is resolved to a
11257 * full binary path via bpf_program__attach_uprobe_opts.
11259 * Specifying uprobe+ ensures we carry out strict matching; either "uprobe" must be
11260 * specified (and auto-attach is not possible) or the above format is specified for
11263 static int attach_uprobe(const struct bpf_program *prog, long cookie, struct bpf_link **link)
11265 DECLARE_LIBBPF_OPTS(bpf_uprobe_opts, opts);
11266 char *probe_type = NULL, *binary_path = NULL, *func_name = NULL;
11267 int n, ret = -EINVAL;
11272 n = sscanf(prog->sec_name, "%m[^/]/%m[^:]:%m[a-zA-Z0-9_.]+%li",
11273 &probe_type, &binary_path, &func_name, &offset);
11276 /* handle SEC("u[ret]probe") - format is valid, but auto-attach is impossible. */
11280 pr_warn("prog '%s': section '%s' missing ':function[+offset]' specification\n",
11281 prog->name, prog->sec_name);
11285 opts.retprobe = strcmp(probe_type, "uretprobe") == 0;
11286 if (opts.retprobe && offset != 0) {
11287 pr_warn("prog '%s': uretprobes do not support offset specification\n",
11291 opts.func_name = func_name;
11292 *link = bpf_program__attach_uprobe_opts(prog, -1, binary_path, offset, &opts);
11293 ret = libbpf_get_error(*link);
11296 pr_warn("prog '%s': invalid format of section definition '%s'\n", prog->name,
11307 struct bpf_link *bpf_program__attach_uprobe(const struct bpf_program *prog,
11308 bool retprobe, pid_t pid,
11309 const char *binary_path,
11310 size_t func_offset)
11312 DECLARE_LIBBPF_OPTS(bpf_uprobe_opts, opts, .retprobe = retprobe);
11314 return bpf_program__attach_uprobe_opts(prog, pid, binary_path, func_offset, &opts);
11317 struct bpf_link *bpf_program__attach_usdt(const struct bpf_program *prog,
11318 pid_t pid, const char *binary_path,
11319 const char *usdt_provider, const char *usdt_name,
11320 const struct bpf_usdt_opts *opts)
11322 char resolved_path[512];
11323 struct bpf_object *obj = prog->obj;
11324 struct bpf_link *link;
11328 if (!OPTS_VALID(opts, bpf_uprobe_opts))
11329 return libbpf_err_ptr(-EINVAL);
11331 if (bpf_program__fd(prog) < 0) {
11332 pr_warn("prog '%s': can't attach BPF program w/o FD (did you load it?)\n",
11334 return libbpf_err_ptr(-EINVAL);
11337 if (!strchr(binary_path, '/')) {
11338 err = resolve_full_path(binary_path, resolved_path, sizeof(resolved_path));
11340 pr_warn("prog '%s': failed to resolve full path for '%s': %d\n",
11341 prog->name, binary_path, err);
11342 return libbpf_err_ptr(err);
11344 binary_path = resolved_path;
11347 /* USDT manager is instantiated lazily on first USDT attach. It will
11348 * be destroyed together with BPF object in bpf_object__close().
11350 if (IS_ERR(obj->usdt_man))
11351 return libbpf_ptr(obj->usdt_man);
11352 if (!obj->usdt_man) {
11353 obj->usdt_man = usdt_manager_new(obj);
11354 if (IS_ERR(obj->usdt_man))
11355 return libbpf_ptr(obj->usdt_man);
11358 usdt_cookie = OPTS_GET(opts, usdt_cookie, 0);
11359 link = usdt_manager_attach_usdt(obj->usdt_man, prog, pid, binary_path,
11360 usdt_provider, usdt_name, usdt_cookie);
11361 err = libbpf_get_error(link);
11363 return libbpf_err_ptr(err);
11367 static int attach_usdt(const struct bpf_program *prog, long cookie, struct bpf_link **link)
11369 char *path = NULL, *provider = NULL, *name = NULL;
11370 const char *sec_name;
11373 sec_name = bpf_program__section_name(prog);
11374 if (strcmp(sec_name, "usdt") == 0) {
11375 /* no auto-attach for just SEC("usdt") */
11380 n = sscanf(sec_name, "usdt/%m[^:]:%m[^:]:%m[^:]", &path, &provider, &name);
11382 pr_warn("invalid section '%s', expected SEC(\"usdt/<path>:<provider>:<name>\")\n",
11386 *link = bpf_program__attach_usdt(prog, -1 /* any process */, path,
11387 provider, name, NULL);
11388 err = libbpf_get_error(*link);
11396 static int determine_tracepoint_id(const char *tp_category,
11397 const char *tp_name)
11399 char file[PATH_MAX];
11402 ret = snprintf(file, sizeof(file),
11403 "/sys/kernel/debug/tracing/events/%s/%s/id",
11404 tp_category, tp_name);
11407 if (ret >= sizeof(file)) {
11408 pr_debug("tracepoint %s/%s path is too long\n",
11409 tp_category, tp_name);
11412 return parse_uint_from_file(file, "%d\n");
11415 static int perf_event_open_tracepoint(const char *tp_category,
11416 const char *tp_name)
11418 struct perf_event_attr attr = {};
11419 char errmsg[STRERR_BUFSIZE];
11420 int tp_id, pfd, err;
11422 tp_id = determine_tracepoint_id(tp_category, tp_name);
11424 pr_warn("failed to determine tracepoint '%s/%s' perf event ID: %s\n",
11425 tp_category, tp_name,
11426 libbpf_strerror_r(tp_id, errmsg, sizeof(errmsg)));
11430 attr.type = PERF_TYPE_TRACEPOINT;
11431 attr.size = sizeof(attr);
11432 attr.config = tp_id;
11434 pfd = syscall(__NR_perf_event_open, &attr, -1 /* pid */, 0 /* cpu */,
11435 -1 /* group_fd */, PERF_FLAG_FD_CLOEXEC);
11438 pr_warn("tracepoint '%s/%s' perf_event_open() failed: %s\n",
11439 tp_category, tp_name,
11440 libbpf_strerror_r(err, errmsg, sizeof(errmsg)));
11446 struct bpf_link *bpf_program__attach_tracepoint_opts(const struct bpf_program *prog,
11447 const char *tp_category,
11448 const char *tp_name,
11449 const struct bpf_tracepoint_opts *opts)
11451 DECLARE_LIBBPF_OPTS(bpf_perf_event_opts, pe_opts);
11452 char errmsg[STRERR_BUFSIZE];
11453 struct bpf_link *link;
11456 if (!OPTS_VALID(opts, bpf_tracepoint_opts))
11457 return libbpf_err_ptr(-EINVAL);
11459 pe_opts.bpf_cookie = OPTS_GET(opts, bpf_cookie, 0);
11461 pfd = perf_event_open_tracepoint(tp_category, tp_name);
11463 pr_warn("prog '%s': failed to create tracepoint '%s/%s' perf event: %s\n",
11464 prog->name, tp_category, tp_name,
11465 libbpf_strerror_r(pfd, errmsg, sizeof(errmsg)));
11466 return libbpf_err_ptr(pfd);
11468 link = bpf_program__attach_perf_event_opts(prog, pfd, &pe_opts);
11469 err = libbpf_get_error(link);
11472 pr_warn("prog '%s': failed to attach to tracepoint '%s/%s': %s\n",
11473 prog->name, tp_category, tp_name,
11474 libbpf_strerror_r(err, errmsg, sizeof(errmsg)));
11475 return libbpf_err_ptr(err);
11480 struct bpf_link *bpf_program__attach_tracepoint(const struct bpf_program *prog,
11481 const char *tp_category,
11482 const char *tp_name)
11484 return bpf_program__attach_tracepoint_opts(prog, tp_category, tp_name, NULL);
11487 static int attach_tp(const struct bpf_program *prog, long cookie, struct bpf_link **link)
11489 char *sec_name, *tp_cat, *tp_name;
11491 sec_name = strdup(prog->sec_name);
11497 /* no auto-attach for SEC("tp") or SEC("tracepoint") */
11498 if (strcmp(prog->sec_name, "tp") == 0 || strcmp(prog->sec_name, "tracepoint") == 0)
11501 /* extract "tp/<category>/<name>" or "tracepoint/<category>/<name>" */
11502 if (str_has_pfx(prog->sec_name, "tp/"))
11503 tp_cat = sec_name + sizeof("tp/") - 1;
11505 tp_cat = sec_name + sizeof("tracepoint/") - 1;
11506 tp_name = strchr(tp_cat, '/');
11514 *link = bpf_program__attach_tracepoint(prog, tp_cat, tp_name);
11516 return libbpf_get_error(*link);
11519 struct bpf_link *bpf_program__attach_raw_tracepoint(const struct bpf_program *prog,
11520 const char *tp_name)
11522 char errmsg[STRERR_BUFSIZE];
11523 struct bpf_link *link;
11526 prog_fd = bpf_program__fd(prog);
11528 pr_warn("prog '%s': can't attach before loaded\n", prog->name);
11529 return libbpf_err_ptr(-EINVAL);
11532 link = calloc(1, sizeof(*link));
11534 return libbpf_err_ptr(-ENOMEM);
11535 link->detach = &bpf_link__detach_fd;
11537 pfd = bpf_raw_tracepoint_open(tp_name, prog_fd);
11541 pr_warn("prog '%s': failed to attach to raw tracepoint '%s': %s\n",
11542 prog->name, tp_name, libbpf_strerror_r(pfd, errmsg, sizeof(errmsg)));
11543 return libbpf_err_ptr(pfd);
11549 static int attach_raw_tp(const struct bpf_program *prog, long cookie, struct bpf_link **link)
11551 static const char *const prefixes[] = {
11555 "raw_tracepoint.w",
11558 const char *tp_name = NULL;
11562 for (i = 0; i < ARRAY_SIZE(prefixes); i++) {
11565 if (!str_has_pfx(prog->sec_name, prefixes[i]))
11568 pfx_len = strlen(prefixes[i]);
11569 /* no auto-attach case of, e.g., SEC("raw_tp") */
11570 if (prog->sec_name[pfx_len] == '\0')
11573 if (prog->sec_name[pfx_len] != '/')
11576 tp_name = prog->sec_name + pfx_len + 1;
11581 pr_warn("prog '%s': invalid section name '%s'\n",
11582 prog->name, prog->sec_name);
11586 *link = bpf_program__attach_raw_tracepoint(prog, tp_name);
11587 return libbpf_get_error(link);
11590 /* Common logic for all BPF program types that attach to a btf_id */
11591 static struct bpf_link *bpf_program__attach_btf_id(const struct bpf_program *prog,
11592 const struct bpf_trace_opts *opts)
11594 LIBBPF_OPTS(bpf_link_create_opts, link_opts);
11595 char errmsg[STRERR_BUFSIZE];
11596 struct bpf_link *link;
11599 if (!OPTS_VALID(opts, bpf_trace_opts))
11600 return libbpf_err_ptr(-EINVAL);
11602 prog_fd = bpf_program__fd(prog);
11604 pr_warn("prog '%s': can't attach before loaded\n", prog->name);
11605 return libbpf_err_ptr(-EINVAL);
11608 link = calloc(1, sizeof(*link));
11610 return libbpf_err_ptr(-ENOMEM);
11611 link->detach = &bpf_link__detach_fd;
11613 /* libbpf is smart enough to redirect to BPF_RAW_TRACEPOINT_OPEN on old kernels */
11614 link_opts.tracing.cookie = OPTS_GET(opts, cookie, 0);
11615 pfd = bpf_link_create(prog_fd, 0, bpf_program__expected_attach_type(prog), &link_opts);
11619 pr_warn("prog '%s': failed to attach: %s\n",
11620 prog->name, libbpf_strerror_r(pfd, errmsg, sizeof(errmsg)));
11621 return libbpf_err_ptr(pfd);
11627 struct bpf_link *bpf_program__attach_trace(const struct bpf_program *prog)
11629 return bpf_program__attach_btf_id(prog, NULL);
11632 struct bpf_link *bpf_program__attach_trace_opts(const struct bpf_program *prog,
11633 const struct bpf_trace_opts *opts)
11635 return bpf_program__attach_btf_id(prog, opts);
11638 struct bpf_link *bpf_program__attach_lsm(const struct bpf_program *prog)
11640 return bpf_program__attach_btf_id(prog, NULL);
11643 static int attach_trace(const struct bpf_program *prog, long cookie, struct bpf_link **link)
11645 *link = bpf_program__attach_trace(prog);
11646 return libbpf_get_error(*link);
11649 static int attach_lsm(const struct bpf_program *prog, long cookie, struct bpf_link **link)
11651 *link = bpf_program__attach_lsm(prog);
11652 return libbpf_get_error(*link);
11655 static struct bpf_link *
11656 bpf_program__attach_fd(const struct bpf_program *prog, int target_fd, int btf_id,
11657 const char *target_name)
11659 DECLARE_LIBBPF_OPTS(bpf_link_create_opts, opts,
11660 .target_btf_id = btf_id);
11661 enum bpf_attach_type attach_type;
11662 char errmsg[STRERR_BUFSIZE];
11663 struct bpf_link *link;
11664 int prog_fd, link_fd;
11666 prog_fd = bpf_program__fd(prog);
11668 pr_warn("prog '%s': can't attach before loaded\n", prog->name);
11669 return libbpf_err_ptr(-EINVAL);
11672 link = calloc(1, sizeof(*link));
11674 return libbpf_err_ptr(-ENOMEM);
11675 link->detach = &bpf_link__detach_fd;
11677 attach_type = bpf_program__expected_attach_type(prog);
11678 link_fd = bpf_link_create(prog_fd, target_fd, attach_type, &opts);
11682 pr_warn("prog '%s': failed to attach to %s: %s\n",
11683 prog->name, target_name,
11684 libbpf_strerror_r(link_fd, errmsg, sizeof(errmsg)));
11685 return libbpf_err_ptr(link_fd);
11687 link->fd = link_fd;
11692 bpf_program__attach_cgroup(const struct bpf_program *prog, int cgroup_fd)
11694 return bpf_program__attach_fd(prog, cgroup_fd, 0, "cgroup");
11698 bpf_program__attach_netns(const struct bpf_program *prog, int netns_fd)
11700 return bpf_program__attach_fd(prog, netns_fd, 0, "netns");
11703 struct bpf_link *bpf_program__attach_xdp(const struct bpf_program *prog, int ifindex)
11705 /* target_fd/target_ifindex use the same field in LINK_CREATE */
11706 return bpf_program__attach_fd(prog, ifindex, 0, "xdp");
11709 struct bpf_link *bpf_program__attach_freplace(const struct bpf_program *prog,
11711 const char *attach_func_name)
11715 if (!!target_fd != !!attach_func_name) {
11716 pr_warn("prog '%s': supply none or both of target_fd and attach_func_name\n",
11718 return libbpf_err_ptr(-EINVAL);
11721 if (prog->type != BPF_PROG_TYPE_EXT) {
11722 pr_warn("prog '%s': only BPF_PROG_TYPE_EXT can attach as freplace",
11724 return libbpf_err_ptr(-EINVAL);
11728 btf_id = libbpf_find_prog_btf_id(attach_func_name, target_fd);
11730 return libbpf_err_ptr(btf_id);
11732 return bpf_program__attach_fd(prog, target_fd, btf_id, "freplace");
11734 /* no target, so use raw_tracepoint_open for compatibility
11737 return bpf_program__attach_trace(prog);
11742 bpf_program__attach_iter(const struct bpf_program *prog,
11743 const struct bpf_iter_attach_opts *opts)
11745 DECLARE_LIBBPF_OPTS(bpf_link_create_opts, link_create_opts);
11746 char errmsg[STRERR_BUFSIZE];
11747 struct bpf_link *link;
11748 int prog_fd, link_fd;
11749 __u32 target_fd = 0;
11751 if (!OPTS_VALID(opts, bpf_iter_attach_opts))
11752 return libbpf_err_ptr(-EINVAL);
11754 link_create_opts.iter_info = OPTS_GET(opts, link_info, (void *)0);
11755 link_create_opts.iter_info_len = OPTS_GET(opts, link_info_len, 0);
11757 prog_fd = bpf_program__fd(prog);
11759 pr_warn("prog '%s': can't attach before loaded\n", prog->name);
11760 return libbpf_err_ptr(-EINVAL);
11763 link = calloc(1, sizeof(*link));
11765 return libbpf_err_ptr(-ENOMEM);
11766 link->detach = &bpf_link__detach_fd;
11768 link_fd = bpf_link_create(prog_fd, target_fd, BPF_TRACE_ITER,
11769 &link_create_opts);
11773 pr_warn("prog '%s': failed to attach to iterator: %s\n",
11774 prog->name, libbpf_strerror_r(link_fd, errmsg, sizeof(errmsg)));
11775 return libbpf_err_ptr(link_fd);
11777 link->fd = link_fd;
11781 static int attach_iter(const struct bpf_program *prog, long cookie, struct bpf_link **link)
11783 *link = bpf_program__attach_iter(prog, NULL);
11784 return libbpf_get_error(*link);
11787 struct bpf_link *bpf_program__attach(const struct bpf_program *prog)
11789 struct bpf_link *link = NULL;
11792 if (!prog->sec_def || !prog->sec_def->prog_attach_fn)
11793 return libbpf_err_ptr(-EOPNOTSUPP);
11795 err = prog->sec_def->prog_attach_fn(prog, prog->sec_def->cookie, &link);
11797 return libbpf_err_ptr(err);
11799 /* When calling bpf_program__attach() explicitly, auto-attach support
11800 * is expected to work, so NULL returned link is considered an error.
11801 * This is different for skeleton's attach, see comment in
11802 * bpf_object__attach_skeleton().
11805 return libbpf_err_ptr(-EOPNOTSUPP);
11810 static int bpf_link__detach_struct_ops(struct bpf_link *link)
11814 if (bpf_map_delete_elem(link->fd, &zero))
11820 struct bpf_link *bpf_map__attach_struct_ops(const struct bpf_map *map)
11822 struct bpf_struct_ops *st_ops;
11823 struct bpf_link *link;
11827 if (!bpf_map__is_struct_ops(map) || map->fd == -1)
11828 return libbpf_err_ptr(-EINVAL);
11830 link = calloc(1, sizeof(*link));
11832 return libbpf_err_ptr(-EINVAL);
11834 st_ops = map->st_ops;
11835 for (i = 0; i < btf_vlen(st_ops->type); i++) {
11836 struct bpf_program *prog = st_ops->progs[i];
11843 prog_fd = bpf_program__fd(prog);
11844 kern_data = st_ops->kern_vdata + st_ops->kern_func_off[i];
11845 *(unsigned long *)kern_data = prog_fd;
11848 err = bpf_map_update_elem(map->fd, &zero, st_ops->kern_vdata, 0);
11852 return libbpf_err_ptr(err);
11855 link->detach = bpf_link__detach_struct_ops;
11856 link->fd = map->fd;
11861 static enum bpf_perf_event_ret
11862 perf_event_read_simple(void *mmap_mem, size_t mmap_size, size_t page_size,
11863 void **copy_mem, size_t *copy_size,
11864 bpf_perf_event_print_t fn, void *private_data)
11866 struct perf_event_mmap_page *header = mmap_mem;
11867 __u64 data_head = ring_buffer_read_head(header);
11868 __u64 data_tail = header->data_tail;
11869 void *base = ((__u8 *)header) + page_size;
11870 int ret = LIBBPF_PERF_EVENT_CONT;
11871 struct perf_event_header *ehdr;
11874 while (data_head != data_tail) {
11875 ehdr = base + (data_tail & (mmap_size - 1));
11876 ehdr_size = ehdr->size;
11878 if (((void *)ehdr) + ehdr_size > base + mmap_size) {
11879 void *copy_start = ehdr;
11880 size_t len_first = base + mmap_size - copy_start;
11881 size_t len_secnd = ehdr_size - len_first;
11883 if (*copy_size < ehdr_size) {
11885 *copy_mem = malloc(ehdr_size);
11888 ret = LIBBPF_PERF_EVENT_ERROR;
11891 *copy_size = ehdr_size;
11894 memcpy(*copy_mem, copy_start, len_first);
11895 memcpy(*copy_mem + len_first, base, len_secnd);
11899 ret = fn(ehdr, private_data);
11900 data_tail += ehdr_size;
11901 if (ret != LIBBPF_PERF_EVENT_CONT)
11905 ring_buffer_write_tail(header, data_tail);
11906 return libbpf_err(ret);
11909 __attribute__((alias("perf_event_read_simple")))
11910 enum bpf_perf_event_ret
11911 bpf_perf_event_read_simple(void *mmap_mem, size_t mmap_size, size_t page_size,
11912 void **copy_mem, size_t *copy_size,
11913 bpf_perf_event_print_t fn, void *private_data);
11915 struct perf_buffer;
11917 struct perf_buffer_params {
11918 struct perf_event_attr *attr;
11919 /* if event_cb is specified, it takes precendence */
11920 perf_buffer_event_fn event_cb;
11921 /* sample_cb and lost_cb are higher-level common-case callbacks */
11922 perf_buffer_sample_fn sample_cb;
11923 perf_buffer_lost_fn lost_cb;
11930 struct perf_cpu_buf {
11931 struct perf_buffer *pb;
11932 void *base; /* mmap()'ed memory */
11933 void *buf; /* for reconstructing segmented data */
11940 struct perf_buffer {
11941 perf_buffer_event_fn event_cb;
11942 perf_buffer_sample_fn sample_cb;
11943 perf_buffer_lost_fn lost_cb;
11944 void *ctx; /* passed into callbacks */
11948 struct perf_cpu_buf **cpu_bufs;
11949 struct epoll_event *events;
11950 int cpu_cnt; /* number of allocated CPU buffers */
11951 int epoll_fd; /* perf event FD */
11952 int map_fd; /* BPF_MAP_TYPE_PERF_EVENT_ARRAY BPF map FD */
11955 static void perf_buffer__free_cpu_buf(struct perf_buffer *pb,
11956 struct perf_cpu_buf *cpu_buf)
11960 if (cpu_buf->base &&
11961 munmap(cpu_buf->base, pb->mmap_size + pb->page_size))
11962 pr_warn("failed to munmap cpu_buf #%d\n", cpu_buf->cpu);
11963 if (cpu_buf->fd >= 0) {
11964 ioctl(cpu_buf->fd, PERF_EVENT_IOC_DISABLE, 0);
11965 close(cpu_buf->fd);
11967 free(cpu_buf->buf);
11971 void perf_buffer__free(struct perf_buffer *pb)
11975 if (IS_ERR_OR_NULL(pb))
11977 if (pb->cpu_bufs) {
11978 for (i = 0; i < pb->cpu_cnt; i++) {
11979 struct perf_cpu_buf *cpu_buf = pb->cpu_bufs[i];
11984 bpf_map_delete_elem(pb->map_fd, &cpu_buf->map_key);
11985 perf_buffer__free_cpu_buf(pb, cpu_buf);
11987 free(pb->cpu_bufs);
11989 if (pb->epoll_fd >= 0)
11990 close(pb->epoll_fd);
11995 static struct perf_cpu_buf *
11996 perf_buffer__open_cpu_buf(struct perf_buffer *pb, struct perf_event_attr *attr,
11997 int cpu, int map_key)
11999 struct perf_cpu_buf *cpu_buf;
12000 char msg[STRERR_BUFSIZE];
12003 cpu_buf = calloc(1, sizeof(*cpu_buf));
12005 return ERR_PTR(-ENOMEM);
12008 cpu_buf->cpu = cpu;
12009 cpu_buf->map_key = map_key;
12011 cpu_buf->fd = syscall(__NR_perf_event_open, attr, -1 /* pid */, cpu,
12012 -1, PERF_FLAG_FD_CLOEXEC);
12013 if (cpu_buf->fd < 0) {
12015 pr_warn("failed to open perf buffer event on cpu #%d: %s\n",
12016 cpu, libbpf_strerror_r(err, msg, sizeof(msg)));
12020 cpu_buf->base = mmap(NULL, pb->mmap_size + pb->page_size,
12021 PROT_READ | PROT_WRITE, MAP_SHARED,
12023 if (cpu_buf->base == MAP_FAILED) {
12024 cpu_buf->base = NULL;
12026 pr_warn("failed to mmap perf buffer on cpu #%d: %s\n",
12027 cpu, libbpf_strerror_r(err, msg, sizeof(msg)));
12031 if (ioctl(cpu_buf->fd, PERF_EVENT_IOC_ENABLE, 0) < 0) {
12033 pr_warn("failed to enable perf buffer event on cpu #%d: %s\n",
12034 cpu, libbpf_strerror_r(err, msg, sizeof(msg)));
12041 perf_buffer__free_cpu_buf(pb, cpu_buf);
12042 return (struct perf_cpu_buf *)ERR_PTR(err);
12045 static struct perf_buffer *__perf_buffer__new(int map_fd, size_t page_cnt,
12046 struct perf_buffer_params *p);
12048 DEFAULT_VERSION(perf_buffer__new_v0_6_0, perf_buffer__new, LIBBPF_0.6.0)
12049 struct perf_buffer *perf_buffer__new_v0_6_0(int map_fd, size_t page_cnt,
12050 perf_buffer_sample_fn sample_cb,
12051 perf_buffer_lost_fn lost_cb,
12053 const struct perf_buffer_opts *opts)
12055 struct perf_buffer_params p = {};
12056 struct perf_event_attr attr = {};
12058 if (!OPTS_VALID(opts, perf_buffer_opts))
12059 return libbpf_err_ptr(-EINVAL);
12061 attr.config = PERF_COUNT_SW_BPF_OUTPUT;
12062 attr.type = PERF_TYPE_SOFTWARE;
12063 attr.sample_type = PERF_SAMPLE_RAW;
12064 attr.sample_period = 1;
12065 attr.wakeup_events = 1;
12068 p.sample_cb = sample_cb;
12069 p.lost_cb = lost_cb;
12072 return libbpf_ptr(__perf_buffer__new(map_fd, page_cnt, &p));
12075 COMPAT_VERSION(perf_buffer__new_deprecated, perf_buffer__new, LIBBPF_0.0.4)
12076 struct perf_buffer *perf_buffer__new_deprecated(int map_fd, size_t page_cnt,
12077 const struct perf_buffer_opts *opts)
12079 return perf_buffer__new_v0_6_0(map_fd, page_cnt,
12080 opts ? opts->sample_cb : NULL,
12081 opts ? opts->lost_cb : NULL,
12082 opts ? opts->ctx : NULL,
12086 DEFAULT_VERSION(perf_buffer__new_raw_v0_6_0, perf_buffer__new_raw, LIBBPF_0.6.0)
12087 struct perf_buffer *perf_buffer__new_raw_v0_6_0(int map_fd, size_t page_cnt,
12088 struct perf_event_attr *attr,
12089 perf_buffer_event_fn event_cb, void *ctx,
12090 const struct perf_buffer_raw_opts *opts)
12092 struct perf_buffer_params p = {};
12095 return libbpf_err_ptr(-EINVAL);
12097 if (!OPTS_VALID(opts, perf_buffer_raw_opts))
12098 return libbpf_err_ptr(-EINVAL);
12101 p.event_cb = event_cb;
12103 p.cpu_cnt = OPTS_GET(opts, cpu_cnt, 0);
12104 p.cpus = OPTS_GET(opts, cpus, NULL);
12105 p.map_keys = OPTS_GET(opts, map_keys, NULL);
12107 return libbpf_ptr(__perf_buffer__new(map_fd, page_cnt, &p));
12110 COMPAT_VERSION(perf_buffer__new_raw_deprecated, perf_buffer__new_raw, LIBBPF_0.0.4)
12111 struct perf_buffer *perf_buffer__new_raw_deprecated(int map_fd, size_t page_cnt,
12112 const struct perf_buffer_raw_opts *opts)
12114 LIBBPF_OPTS(perf_buffer_raw_opts, inner_opts,
12115 .cpu_cnt = opts->cpu_cnt,
12116 .cpus = opts->cpus,
12117 .map_keys = opts->map_keys,
12120 return perf_buffer__new_raw_v0_6_0(map_fd, page_cnt, opts->attr,
12121 opts->event_cb, opts->ctx, &inner_opts);
12124 static struct perf_buffer *__perf_buffer__new(int map_fd, size_t page_cnt,
12125 struct perf_buffer_params *p)
12127 const char *online_cpus_file = "/sys/devices/system/cpu/online";
12128 struct bpf_map_info map;
12129 char msg[STRERR_BUFSIZE];
12130 struct perf_buffer *pb;
12131 bool *online = NULL;
12132 __u32 map_info_len;
12135 if (page_cnt == 0 || (page_cnt & (page_cnt - 1))) {
12136 pr_warn("page count should be power of two, but is %zu\n",
12138 return ERR_PTR(-EINVAL);
12141 /* best-effort sanity checks */
12142 memset(&map, 0, sizeof(map));
12143 map_info_len = sizeof(map);
12144 err = bpf_obj_get_info_by_fd(map_fd, &map, &map_info_len);
12147 /* if BPF_OBJ_GET_INFO_BY_FD is supported, will return
12148 * -EBADFD, -EFAULT, or -E2BIG on real error
12150 if (err != -EINVAL) {
12151 pr_warn("failed to get map info for map FD %d: %s\n",
12152 map_fd, libbpf_strerror_r(err, msg, sizeof(msg)));
12153 return ERR_PTR(err);
12155 pr_debug("failed to get map info for FD %d; API not supported? Ignoring...\n",
12158 if (map.type != BPF_MAP_TYPE_PERF_EVENT_ARRAY) {
12159 pr_warn("map '%s' should be BPF_MAP_TYPE_PERF_EVENT_ARRAY\n",
12161 return ERR_PTR(-EINVAL);
12165 pb = calloc(1, sizeof(*pb));
12167 return ERR_PTR(-ENOMEM);
12169 pb->event_cb = p->event_cb;
12170 pb->sample_cb = p->sample_cb;
12171 pb->lost_cb = p->lost_cb;
12174 pb->page_size = getpagesize();
12175 pb->mmap_size = pb->page_size * page_cnt;
12176 pb->map_fd = map_fd;
12178 pb->epoll_fd = epoll_create1(EPOLL_CLOEXEC);
12179 if (pb->epoll_fd < 0) {
12181 pr_warn("failed to create epoll instance: %s\n",
12182 libbpf_strerror_r(err, msg, sizeof(msg)));
12186 if (p->cpu_cnt > 0) {
12187 pb->cpu_cnt = p->cpu_cnt;
12189 pb->cpu_cnt = libbpf_num_possible_cpus();
12190 if (pb->cpu_cnt < 0) {
12194 if (map.max_entries && map.max_entries < pb->cpu_cnt)
12195 pb->cpu_cnt = map.max_entries;
12198 pb->events = calloc(pb->cpu_cnt, sizeof(*pb->events));
12201 pr_warn("failed to allocate events: out of memory\n");
12204 pb->cpu_bufs = calloc(pb->cpu_cnt, sizeof(*pb->cpu_bufs));
12205 if (!pb->cpu_bufs) {
12207 pr_warn("failed to allocate buffers: out of memory\n");
12211 err = parse_cpu_mask_file(online_cpus_file, &online, &n);
12213 pr_warn("failed to get online CPU mask: %d\n", err);
12217 for (i = 0, j = 0; i < pb->cpu_cnt; i++) {
12218 struct perf_cpu_buf *cpu_buf;
12221 cpu = p->cpu_cnt > 0 ? p->cpus[i] : i;
12222 map_key = p->cpu_cnt > 0 ? p->map_keys[i] : i;
12224 /* in case user didn't explicitly requested particular CPUs to
12225 * be attached to, skip offline/not present CPUs
12227 if (p->cpu_cnt <= 0 && (cpu >= n || !online[cpu]))
12230 cpu_buf = perf_buffer__open_cpu_buf(pb, p->attr, cpu, map_key);
12231 if (IS_ERR(cpu_buf)) {
12232 err = PTR_ERR(cpu_buf);
12236 pb->cpu_bufs[j] = cpu_buf;
12238 err = bpf_map_update_elem(pb->map_fd, &map_key,
12242 pr_warn("failed to set cpu #%d, key %d -> perf FD %d: %s\n",
12243 cpu, map_key, cpu_buf->fd,
12244 libbpf_strerror_r(err, msg, sizeof(msg)));
12248 pb->events[j].events = EPOLLIN;
12249 pb->events[j].data.ptr = cpu_buf;
12250 if (epoll_ctl(pb->epoll_fd, EPOLL_CTL_ADD, cpu_buf->fd,
12251 &pb->events[j]) < 0) {
12253 pr_warn("failed to epoll_ctl cpu #%d perf FD %d: %s\n",
12255 libbpf_strerror_r(err, msg, sizeof(msg)));
12268 perf_buffer__free(pb);
12269 return ERR_PTR(err);
12272 struct perf_sample_raw {
12273 struct perf_event_header header;
12278 struct perf_sample_lost {
12279 struct perf_event_header header;
12282 uint64_t sample_id;
12285 static enum bpf_perf_event_ret
12286 perf_buffer__process_record(struct perf_event_header *e, void *ctx)
12288 struct perf_cpu_buf *cpu_buf = ctx;
12289 struct perf_buffer *pb = cpu_buf->pb;
12292 /* user wants full control over parsing perf event */
12294 return pb->event_cb(pb->ctx, cpu_buf->cpu, e);
12297 case PERF_RECORD_SAMPLE: {
12298 struct perf_sample_raw *s = data;
12301 pb->sample_cb(pb->ctx, cpu_buf->cpu, s->data, s->size);
12304 case PERF_RECORD_LOST: {
12305 struct perf_sample_lost *s = data;
12308 pb->lost_cb(pb->ctx, cpu_buf->cpu, s->lost);
12312 pr_warn("unknown perf sample type %d\n", e->type);
12313 return LIBBPF_PERF_EVENT_ERROR;
12315 return LIBBPF_PERF_EVENT_CONT;
12318 static int perf_buffer__process_records(struct perf_buffer *pb,
12319 struct perf_cpu_buf *cpu_buf)
12321 enum bpf_perf_event_ret ret;
12323 ret = perf_event_read_simple(cpu_buf->base, pb->mmap_size,
12324 pb->page_size, &cpu_buf->buf,
12325 &cpu_buf->buf_size,
12326 perf_buffer__process_record, cpu_buf);
12327 if (ret != LIBBPF_PERF_EVENT_CONT)
12332 int perf_buffer__epoll_fd(const struct perf_buffer *pb)
12334 return pb->epoll_fd;
12337 int perf_buffer__poll(struct perf_buffer *pb, int timeout_ms)
12341 cnt = epoll_wait(pb->epoll_fd, pb->events, pb->cpu_cnt, timeout_ms);
12345 for (i = 0; i < cnt; i++) {
12346 struct perf_cpu_buf *cpu_buf = pb->events[i].data.ptr;
12348 err = perf_buffer__process_records(pb, cpu_buf);
12350 pr_warn("error while processing records: %d\n", err);
12351 return libbpf_err(err);
12357 /* Return number of PERF_EVENT_ARRAY map slots set up by this perf_buffer
12360 size_t perf_buffer__buffer_cnt(const struct perf_buffer *pb)
12362 return pb->cpu_cnt;
12366 * Return perf_event FD of a ring buffer in *buf_idx* slot of
12367 * PERF_EVENT_ARRAY BPF map. This FD can be polled for new data using
12368 * select()/poll()/epoll() Linux syscalls.
12370 int perf_buffer__buffer_fd(const struct perf_buffer *pb, size_t buf_idx)
12372 struct perf_cpu_buf *cpu_buf;
12374 if (buf_idx >= pb->cpu_cnt)
12375 return libbpf_err(-EINVAL);
12377 cpu_buf = pb->cpu_bufs[buf_idx];
12379 return libbpf_err(-ENOENT);
12381 return cpu_buf->fd;
12385 * Consume data from perf ring buffer corresponding to slot *buf_idx* in
12386 * PERF_EVENT_ARRAY BPF map without waiting/polling. If there is no data to
12387 * consume, do nothing and return success.
12392 int perf_buffer__consume_buffer(struct perf_buffer *pb, size_t buf_idx)
12394 struct perf_cpu_buf *cpu_buf;
12396 if (buf_idx >= pb->cpu_cnt)
12397 return libbpf_err(-EINVAL);
12399 cpu_buf = pb->cpu_bufs[buf_idx];
12401 return libbpf_err(-ENOENT);
12403 return perf_buffer__process_records(pb, cpu_buf);
12406 int perf_buffer__consume(struct perf_buffer *pb)
12410 for (i = 0; i < pb->cpu_cnt; i++) {
12411 struct perf_cpu_buf *cpu_buf = pb->cpu_bufs[i];
12416 err = perf_buffer__process_records(pb, cpu_buf);
12418 pr_warn("perf_buffer: failed to process records in buffer #%d: %d\n", i, err);
12419 return libbpf_err(err);
12425 struct bpf_prog_info_array_desc {
12426 int array_offset; /* e.g. offset of jited_prog_insns */
12427 int count_offset; /* e.g. offset of jited_prog_len */
12428 int size_offset; /* > 0: offset of rec size,
12429 * < 0: fix size of -size_offset
12433 static struct bpf_prog_info_array_desc bpf_prog_info_array_desc[] = {
12434 [BPF_PROG_INFO_JITED_INSNS] = {
12435 offsetof(struct bpf_prog_info, jited_prog_insns),
12436 offsetof(struct bpf_prog_info, jited_prog_len),
12439 [BPF_PROG_INFO_XLATED_INSNS] = {
12440 offsetof(struct bpf_prog_info, xlated_prog_insns),
12441 offsetof(struct bpf_prog_info, xlated_prog_len),
12444 [BPF_PROG_INFO_MAP_IDS] = {
12445 offsetof(struct bpf_prog_info, map_ids),
12446 offsetof(struct bpf_prog_info, nr_map_ids),
12447 -(int)sizeof(__u32),
12449 [BPF_PROG_INFO_JITED_KSYMS] = {
12450 offsetof(struct bpf_prog_info, jited_ksyms),
12451 offsetof(struct bpf_prog_info, nr_jited_ksyms),
12452 -(int)sizeof(__u64),
12454 [BPF_PROG_INFO_JITED_FUNC_LENS] = {
12455 offsetof(struct bpf_prog_info, jited_func_lens),
12456 offsetof(struct bpf_prog_info, nr_jited_func_lens),
12457 -(int)sizeof(__u32),
12459 [BPF_PROG_INFO_FUNC_INFO] = {
12460 offsetof(struct bpf_prog_info, func_info),
12461 offsetof(struct bpf_prog_info, nr_func_info),
12462 offsetof(struct bpf_prog_info, func_info_rec_size),
12464 [BPF_PROG_INFO_LINE_INFO] = {
12465 offsetof(struct bpf_prog_info, line_info),
12466 offsetof(struct bpf_prog_info, nr_line_info),
12467 offsetof(struct bpf_prog_info, line_info_rec_size),
12469 [BPF_PROG_INFO_JITED_LINE_INFO] = {
12470 offsetof(struct bpf_prog_info, jited_line_info),
12471 offsetof(struct bpf_prog_info, nr_jited_line_info),
12472 offsetof(struct bpf_prog_info, jited_line_info_rec_size),
12474 [BPF_PROG_INFO_PROG_TAGS] = {
12475 offsetof(struct bpf_prog_info, prog_tags),
12476 offsetof(struct bpf_prog_info, nr_prog_tags),
12477 -(int)sizeof(__u8) * BPF_TAG_SIZE,
12482 static __u32 bpf_prog_info_read_offset_u32(struct bpf_prog_info *info,
12485 __u32 *array = (__u32 *)info;
12488 return array[offset / sizeof(__u32)];
12489 return -(int)offset;
12492 static __u64 bpf_prog_info_read_offset_u64(struct bpf_prog_info *info,
12495 __u64 *array = (__u64 *)info;
12498 return array[offset / sizeof(__u64)];
12499 return -(int)offset;
12502 static void bpf_prog_info_set_offset_u32(struct bpf_prog_info *info, int offset,
12505 __u32 *array = (__u32 *)info;
12508 array[offset / sizeof(__u32)] = val;
12511 static void bpf_prog_info_set_offset_u64(struct bpf_prog_info *info, int offset,
12514 __u64 *array = (__u64 *)info;
12517 array[offset / sizeof(__u64)] = val;
12520 struct bpf_prog_info_linear *
12521 bpf_program__get_prog_info_linear(int fd, __u64 arrays)
12523 struct bpf_prog_info_linear *info_linear;
12524 struct bpf_prog_info info = {};
12525 __u32 info_len = sizeof(info);
12526 __u32 data_len = 0;
12530 if (arrays >> BPF_PROG_INFO_LAST_ARRAY)
12531 return libbpf_err_ptr(-EINVAL);
12533 /* step 1: get array dimensions */
12534 err = bpf_obj_get_info_by_fd(fd, &info, &info_len);
12536 pr_debug("can't get prog info: %s", strerror(errno));
12537 return libbpf_err_ptr(-EFAULT);
12540 /* step 2: calculate total size of all arrays */
12541 for (i = BPF_PROG_INFO_FIRST_ARRAY; i < BPF_PROG_INFO_LAST_ARRAY; ++i) {
12542 bool include_array = (arrays & (1UL << i)) > 0;
12543 struct bpf_prog_info_array_desc *desc;
12546 desc = bpf_prog_info_array_desc + i;
12548 /* kernel is too old to support this field */
12549 if (info_len < desc->array_offset + sizeof(__u32) ||
12550 info_len < desc->count_offset + sizeof(__u32) ||
12551 (desc->size_offset > 0 && info_len < desc->size_offset))
12552 include_array = false;
12554 if (!include_array) {
12555 arrays &= ~(1UL << i); /* clear the bit */
12559 count = bpf_prog_info_read_offset_u32(&info, desc->count_offset);
12560 size = bpf_prog_info_read_offset_u32(&info, desc->size_offset);
12562 data_len += count * size;
12565 /* step 3: allocate continuous memory */
12566 data_len = roundup(data_len, sizeof(__u64));
12567 info_linear = malloc(sizeof(struct bpf_prog_info_linear) + data_len);
12569 return libbpf_err_ptr(-ENOMEM);
12571 /* step 4: fill data to info_linear->info */
12572 info_linear->arrays = arrays;
12573 memset(&info_linear->info, 0, sizeof(info));
12574 ptr = info_linear->data;
12576 for (i = BPF_PROG_INFO_FIRST_ARRAY; i < BPF_PROG_INFO_LAST_ARRAY; ++i) {
12577 struct bpf_prog_info_array_desc *desc;
12580 if ((arrays & (1UL << i)) == 0)
12583 desc = bpf_prog_info_array_desc + i;
12584 count = bpf_prog_info_read_offset_u32(&info, desc->count_offset);
12585 size = bpf_prog_info_read_offset_u32(&info, desc->size_offset);
12586 bpf_prog_info_set_offset_u32(&info_linear->info,
12587 desc->count_offset, count);
12588 bpf_prog_info_set_offset_u32(&info_linear->info,
12589 desc->size_offset, size);
12590 bpf_prog_info_set_offset_u64(&info_linear->info,
12591 desc->array_offset,
12593 ptr += count * size;
12596 /* step 5: call syscall again to get required arrays */
12597 err = bpf_obj_get_info_by_fd(fd, &info_linear->info, &info_len);
12599 pr_debug("can't get prog info: %s", strerror(errno));
12601 return libbpf_err_ptr(-EFAULT);
12604 /* step 6: verify the data */
12605 for (i = BPF_PROG_INFO_FIRST_ARRAY; i < BPF_PROG_INFO_LAST_ARRAY; ++i) {
12606 struct bpf_prog_info_array_desc *desc;
12609 if ((arrays & (1UL << i)) == 0)
12612 desc = bpf_prog_info_array_desc + i;
12613 v1 = bpf_prog_info_read_offset_u32(&info, desc->count_offset);
12614 v2 = bpf_prog_info_read_offset_u32(&info_linear->info,
12615 desc->count_offset);
12617 pr_warn("%s: mismatch in element count\n", __func__);
12619 v1 = bpf_prog_info_read_offset_u32(&info, desc->size_offset);
12620 v2 = bpf_prog_info_read_offset_u32(&info_linear->info,
12621 desc->size_offset);
12623 pr_warn("%s: mismatch in rec size\n", __func__);
12626 /* step 7: update info_len and data_len */
12627 info_linear->info_len = sizeof(struct bpf_prog_info);
12628 info_linear->data_len = data_len;
12630 return info_linear;
12633 void bpf_program__bpil_addr_to_offs(struct bpf_prog_info_linear *info_linear)
12637 for (i = BPF_PROG_INFO_FIRST_ARRAY; i < BPF_PROG_INFO_LAST_ARRAY; ++i) {
12638 struct bpf_prog_info_array_desc *desc;
12641 if ((info_linear->arrays & (1UL << i)) == 0)
12644 desc = bpf_prog_info_array_desc + i;
12645 addr = bpf_prog_info_read_offset_u64(&info_linear->info,
12646 desc->array_offset);
12647 offs = addr - ptr_to_u64(info_linear->data);
12648 bpf_prog_info_set_offset_u64(&info_linear->info,
12649 desc->array_offset, offs);
12653 void bpf_program__bpil_offs_to_addr(struct bpf_prog_info_linear *info_linear)
12657 for (i = BPF_PROG_INFO_FIRST_ARRAY; i < BPF_PROG_INFO_LAST_ARRAY; ++i) {
12658 struct bpf_prog_info_array_desc *desc;
12661 if ((info_linear->arrays & (1UL << i)) == 0)
12664 desc = bpf_prog_info_array_desc + i;
12665 offs = bpf_prog_info_read_offset_u64(&info_linear->info,
12666 desc->array_offset);
12667 addr = offs + ptr_to_u64(info_linear->data);
12668 bpf_prog_info_set_offset_u64(&info_linear->info,
12669 desc->array_offset, addr);
12673 int bpf_program__set_attach_target(struct bpf_program *prog,
12674 int attach_prog_fd,
12675 const char *attach_func_name)
12677 int btf_obj_fd = 0, btf_id = 0, err;
12679 if (!prog || attach_prog_fd < 0)
12680 return libbpf_err(-EINVAL);
12682 if (prog->obj->loaded)
12683 return libbpf_err(-EINVAL);
12685 if (attach_prog_fd && !attach_func_name) {
12686 /* remember attach_prog_fd and let bpf_program__load() find
12687 * BTF ID during the program load
12689 prog->attach_prog_fd = attach_prog_fd;
12693 if (attach_prog_fd) {
12694 btf_id = libbpf_find_prog_btf_id(attach_func_name,
12697 return libbpf_err(btf_id);
12699 if (!attach_func_name)
12700 return libbpf_err(-EINVAL);
12702 /* load btf_vmlinux, if not yet */
12703 err = bpf_object__load_vmlinux_btf(prog->obj, true);
12705 return libbpf_err(err);
12706 err = find_kernel_btf_id(prog->obj, attach_func_name,
12707 prog->expected_attach_type,
12708 &btf_obj_fd, &btf_id);
12710 return libbpf_err(err);
12713 prog->attach_btf_id = btf_id;
12714 prog->attach_btf_obj_fd = btf_obj_fd;
12715 prog->attach_prog_fd = attach_prog_fd;
12719 int parse_cpu_mask_str(const char *s, bool **mask, int *mask_sz)
12721 int err = 0, n, len, start, end = -1;
12727 /* Each sub string separated by ',' has format \d+-\d+ or \d+ */
12729 if (*s == ',' || *s == '\n') {
12733 n = sscanf(s, "%d%n-%d%n", &start, &len, &end, &len);
12734 if (n <= 0 || n > 2) {
12735 pr_warn("Failed to get CPU range %s: %d\n", s, n);
12738 } else if (n == 1) {
12741 if (start < 0 || start > end) {
12742 pr_warn("Invalid CPU range [%d,%d] in %s\n",
12747 tmp = realloc(*mask, end + 1);
12753 memset(tmp + *mask_sz, 0, start - *mask_sz);
12754 memset(tmp + start, 1, end - start + 1);
12755 *mask_sz = end + 1;
12759 pr_warn("Empty CPU range\n");
12769 int parse_cpu_mask_file(const char *fcpu, bool **mask, int *mask_sz)
12771 int fd, err = 0, len;
12774 fd = open(fcpu, O_RDONLY | O_CLOEXEC);
12777 pr_warn("Failed to open cpu mask file %s: %d\n", fcpu, err);
12780 len = read(fd, buf, sizeof(buf));
12783 err = len ? -errno : -EINVAL;
12784 pr_warn("Failed to read cpu mask from %s: %d\n", fcpu, err);
12787 if (len >= sizeof(buf)) {
12788 pr_warn("CPU mask is too big in file %s\n", fcpu);
12793 return parse_cpu_mask_str(buf, mask, mask_sz);
12796 int libbpf_num_possible_cpus(void)
12798 static const char *fcpu = "/sys/devices/system/cpu/possible";
12800 int err, n, i, tmp_cpus;
12803 tmp_cpus = READ_ONCE(cpus);
12807 err = parse_cpu_mask_file(fcpu, &mask, &n);
12809 return libbpf_err(err);
12812 for (i = 0; i < n; i++) {
12818 WRITE_ONCE(cpus, tmp_cpus);
12822 static int populate_skeleton_maps(const struct bpf_object *obj,
12823 struct bpf_map_skeleton *maps,
12828 for (i = 0; i < map_cnt; i++) {
12829 struct bpf_map **map = maps[i].map;
12830 const char *name = maps[i].name;
12831 void **mmaped = maps[i].mmaped;
12833 *map = bpf_object__find_map_by_name(obj, name);
12835 pr_warn("failed to find skeleton map '%s'\n", name);
12839 /* externs shouldn't be pre-setup from user code */
12840 if (mmaped && (*map)->libbpf_type != LIBBPF_MAP_KCONFIG)
12841 *mmaped = (*map)->mmaped;
12846 static int populate_skeleton_progs(const struct bpf_object *obj,
12847 struct bpf_prog_skeleton *progs,
12852 for (i = 0; i < prog_cnt; i++) {
12853 struct bpf_program **prog = progs[i].prog;
12854 const char *name = progs[i].name;
12856 *prog = bpf_object__find_program_by_name(obj, name);
12858 pr_warn("failed to find skeleton program '%s'\n", name);
12865 int bpf_object__open_skeleton(struct bpf_object_skeleton *s,
12866 const struct bpf_object_open_opts *opts)
12868 DECLARE_LIBBPF_OPTS(bpf_object_open_opts, skel_opts,
12869 .object_name = s->name,
12871 struct bpf_object *obj;
12874 /* Attempt to preserve opts->object_name, unless overriden by user
12875 * explicitly. Overwriting object name for skeletons is discouraged,
12876 * as it breaks global data maps, because they contain object name
12877 * prefix as their own map name prefix. When skeleton is generated,
12878 * bpftool is making an assumption that this name will stay the same.
12881 memcpy(&skel_opts, opts, sizeof(*opts));
12882 if (!opts->object_name)
12883 skel_opts.object_name = s->name;
12886 obj = bpf_object__open_mem(s->data, s->data_sz, &skel_opts);
12887 err = libbpf_get_error(obj);
12889 pr_warn("failed to initialize skeleton BPF object '%s': %d\n",
12891 return libbpf_err(err);
12895 err = populate_skeleton_maps(obj, s->maps, s->map_cnt);
12897 pr_warn("failed to populate skeleton maps for '%s': %d\n", s->name, err);
12898 return libbpf_err(err);
12901 err = populate_skeleton_progs(obj, s->progs, s->prog_cnt);
12903 pr_warn("failed to populate skeleton progs for '%s': %d\n", s->name, err);
12904 return libbpf_err(err);
12910 int bpf_object__open_subskeleton(struct bpf_object_subskeleton *s)
12912 int err, len, var_idx, i;
12913 const char *var_name;
12914 const struct bpf_map *map;
12917 const struct btf_type *map_type, *var_type;
12918 const struct bpf_var_skeleton *var_skel;
12919 struct btf_var_secinfo *var;
12922 return libbpf_err(-EINVAL);
12924 btf = bpf_object__btf(s->obj);
12926 pr_warn("subskeletons require BTF at runtime (object %s)\n",
12927 bpf_object__name(s->obj));
12928 return libbpf_err(-errno);
12931 err = populate_skeleton_maps(s->obj, s->maps, s->map_cnt);
12933 pr_warn("failed to populate subskeleton maps: %d\n", err);
12934 return libbpf_err(err);
12937 err = populate_skeleton_progs(s->obj, s->progs, s->prog_cnt);
12939 pr_warn("failed to populate subskeleton maps: %d\n", err);
12940 return libbpf_err(err);
12943 for (var_idx = 0; var_idx < s->var_cnt; var_idx++) {
12944 var_skel = &s->vars[var_idx];
12945 map = *var_skel->map;
12946 map_type_id = bpf_map__btf_value_type_id(map);
12947 map_type = btf__type_by_id(btf, map_type_id);
12949 if (!btf_is_datasec(map_type)) {
12950 pr_warn("type for map '%1$s' is not a datasec: %2$s",
12951 bpf_map__name(map),
12952 __btf_kind_str(btf_kind(map_type)));
12953 return libbpf_err(-EINVAL);
12956 len = btf_vlen(map_type);
12957 var = btf_var_secinfos(map_type);
12958 for (i = 0; i < len; i++, var++) {
12959 var_type = btf__type_by_id(btf, var->type);
12960 var_name = btf__name_by_offset(btf, var_type->name_off);
12961 if (strcmp(var_name, var_skel->name) == 0) {
12962 *var_skel->addr = map->mmaped + var->offset;
12970 void bpf_object__destroy_subskeleton(struct bpf_object_subskeleton *s)
12980 int bpf_object__load_skeleton(struct bpf_object_skeleton *s)
12984 err = bpf_object__load(*s->obj);
12986 pr_warn("failed to load BPF skeleton '%s': %d\n", s->name, err);
12987 return libbpf_err(err);
12990 for (i = 0; i < s->map_cnt; i++) {
12991 struct bpf_map *map = *s->maps[i].map;
12992 size_t mmap_sz = bpf_map_mmap_sz(map);
12993 int prot, map_fd = bpf_map__fd(map);
12994 void **mmaped = s->maps[i].mmaped;
12999 if (!(map->def.map_flags & BPF_F_MMAPABLE)) {
13004 if (map->def.map_flags & BPF_F_RDONLY_PROG)
13007 prot = PROT_READ | PROT_WRITE;
13009 /* Remap anonymous mmap()-ed "map initialization image" as
13010 * a BPF map-backed mmap()-ed memory, but preserving the same
13011 * memory address. This will cause kernel to change process'
13012 * page table to point to a different piece of kernel memory,
13013 * but from userspace point of view memory address (and its
13014 * contents, being identical at this point) will stay the
13015 * same. This mapping will be released by bpf_object__close()
13016 * as per normal clean up procedure, so we don't need to worry
13017 * about it from skeleton's clean up perspective.
13019 *mmaped = mmap(map->mmaped, mmap_sz, prot,
13020 MAP_SHARED | MAP_FIXED, map_fd, 0);
13021 if (*mmaped == MAP_FAILED) {
13024 pr_warn("failed to re-mmap() map '%s': %d\n",
13025 bpf_map__name(map), err);
13026 return libbpf_err(err);
13033 int bpf_object__attach_skeleton(struct bpf_object_skeleton *s)
13037 for (i = 0; i < s->prog_cnt; i++) {
13038 struct bpf_program *prog = *s->progs[i].prog;
13039 struct bpf_link **link = s->progs[i].link;
13041 if (!prog->autoload)
13044 /* auto-attaching not supported for this program */
13045 if (!prog->sec_def || !prog->sec_def->prog_attach_fn)
13048 /* if user already set the link manually, don't attempt auto-attach */
13052 err = prog->sec_def->prog_attach_fn(prog, prog->sec_def->cookie, link);
13054 pr_warn("prog '%s': failed to auto-attach: %d\n",
13055 bpf_program__name(prog), err);
13056 return libbpf_err(err);
13059 /* It's possible that for some SEC() definitions auto-attach
13060 * is supported in some cases (e.g., if definition completely
13061 * specifies target information), but is not in other cases.
13062 * SEC("uprobe") is one such case. If user specified target
13063 * binary and function name, such BPF program can be
13064 * auto-attached. But if not, it shouldn't trigger skeleton's
13065 * attach to fail. It should just be skipped.
13066 * attach_fn signals such case with returning 0 (no error) and
13067 * setting link to NULL.
13074 void bpf_object__detach_skeleton(struct bpf_object_skeleton *s)
13078 for (i = 0; i < s->prog_cnt; i++) {
13079 struct bpf_link **link = s->progs[i].link;
13081 bpf_link__destroy(*link);
13086 void bpf_object__destroy_skeleton(struct bpf_object_skeleton *s)
13092 bpf_object__detach_skeleton(s);
13094 bpf_object__close(*s->obj);
projects / linux-2.6-microblaze.git / blob