1 // SPDX-License-Identifier: (LGPL-2.1 OR BSD-2-Clause)
4 * Common eBPF ELF object loading operations.
6 * Copyright (C) 2013-2015 Alexei Starovoitov <ast@kernel.org>
7 * Copyright (C) 2015 Wang Nan <wangnan0@huawei.com>
8 * Copyright (C) 2015 Huawei Inc.
9 * Copyright (C) 2017 Nicira, Inc.
10 * Copyright (C) 2019 Isovalent, Inc.
28 #include <asm/unistd.h>
29 #include <linux/err.h>
30 #include <linux/kernel.h>
31 #include <linux/bpf.h>
32 #include <linux/btf.h>
33 #include <linux/filter.h>
34 #include <linux/list.h>
35 #include <linux/limits.h>
36 #include <linux/perf_event.h>
37 #include <linux/ring_buffer.h>
38 #include <linux/version.h>
39 #include <sys/epoll.h>
40 #include <sys/ioctl.h>
43 #include <sys/types.h>
45 #include <sys/utsname.h>
46 #include <sys/resource.h>
54 #include "str_error.h"
55 #include "libbpf_internal.h"
59 #define BPF_FS_MAGIC 0xcafe4a11
62 #define BPF_INSN_SZ (sizeof(struct bpf_insn))
64 /* vsprintf() in __base_pr() uses nonliteral format string. It may break
65 * compilation if user enables corresponding warning. Disable it explicitly.
67 #pragma GCC diagnostic ignored "-Wformat-nonliteral"
69 #define __printf(a, b) __attribute__((format(printf, a, b)))
71 static struct bpf_map *bpf_object__add_map(struct bpf_object *obj);
72 static const struct btf_type *
73 skip_mods_and_typedefs(const struct btf *btf, __u32 id, __u32 *res_id);
75 static int __base_pr(enum libbpf_print_level level, const char *format,
78 if (level == LIBBPF_DEBUG)
81 return vfprintf(stderr, format, args);
84 static libbpf_print_fn_t __libbpf_pr = __base_pr;
86 libbpf_print_fn_t libbpf_set_print(libbpf_print_fn_t fn)
88 libbpf_print_fn_t old_print_fn = __libbpf_pr;
95 void libbpf_print(enum libbpf_print_level level, const char *format, ...)
102 va_start(args, format);
103 __libbpf_pr(level, format, args);
107 static void pr_perm_msg(int err)
112 if (err != -EPERM || geteuid() != 0)
115 err = getrlimit(RLIMIT_MEMLOCK, &limit);
119 if (limit.rlim_cur == RLIM_INFINITY)
122 if (limit.rlim_cur < 1024)
123 snprintf(buf, sizeof(buf), "%zu bytes", (size_t)limit.rlim_cur);
124 else if (limit.rlim_cur < 1024*1024)
125 snprintf(buf, sizeof(buf), "%.1f KiB", (double)limit.rlim_cur / 1024);
127 snprintf(buf, sizeof(buf), "%.1f MiB", (double)limit.rlim_cur / (1024*1024));
129 pr_warn("permission error while running as root; try raising 'ulimit -l'? current value: %s\n",
133 #define STRERR_BUFSIZE 128
135 /* Copied from tools/perf/util/util.h */
137 # define zfree(ptr) ({ free(*ptr); *ptr = NULL; })
141 # define zclose(fd) ({ \
144 ___err = close((fd)); \
149 static inline __u64 ptr_to_u64(const void *ptr)
151 return (__u64) (unsigned long) ptr;
154 enum kern_feature_id {
155 /* v4.14: kernel support for program & map names. */
157 /* v5.2: kernel support for global data sections. */
161 /* BTF_KIND_FUNC and BTF_KIND_FUNC_PROTO support */
163 /* BTF_KIND_VAR and BTF_KIND_DATASEC support */
165 /* BTF_FUNC_GLOBAL is supported */
166 FEAT_BTF_GLOBAL_FUNC,
167 /* BPF_F_MMAPABLE is supported for arrays */
169 /* kernel support for expected_attach_type in BPF_PROG_LOAD */
170 FEAT_EXP_ATTACH_TYPE,
171 /* bpf_probe_read_{kernel,user}[_str] helpers */
172 FEAT_PROBE_READ_KERN,
173 /* BPF_PROG_BIND_MAP is supported */
175 /* Kernel support for module BTFs */
177 /* BTF_KIND_FLOAT support */
182 static bool kernel_supports(enum kern_feature_id feat_id);
193 enum reloc_type type;
202 typedef struct bpf_link *(*attach_fn_t)(const struct bpf_sec_def *sec,
203 struct bpf_program *prog);
208 enum bpf_prog_type prog_type;
209 enum bpf_attach_type expected_attach_type;
210 bool is_exp_attach_type_optional;
214 attach_fn_t attach_fn;
218 * bpf_prog should be a better name but it has been used in
222 const struct bpf_sec_def *sec_def;
225 /* this program's instruction offset (in number of instructions)
226 * within its containing ELF section
229 /* number of original instructions in ELF section belonging to this
230 * program, not taking into account subprogram instructions possible
231 * appended later during relocation
234 /* Offset (in number of instructions) of the start of instruction
235 * belonging to this BPF program within its containing main BPF
236 * program. For the entry-point (main) BPF program, this is always
237 * zero. For a sub-program, this gets reset before each of main BPF
238 * programs are processed and relocated and is used to determined
239 * whether sub-program was already appended to the main program, and
240 * if yes, at which instruction offset.
245 /* sec_name with / replaced by _; makes recursive pinning
246 * in bpf_object__pin_programs easier
250 /* instructions that belong to BPF program; insns[0] is located at
251 * sec_insn_off instruction within its ELF section in ELF file, so
252 * when mapping ELF file instruction index to the local instruction,
253 * one needs to subtract sec_insn_off; and vice versa.
255 struct bpf_insn *insns;
256 /* actual number of instruction in this BPF program's image; for
257 * entry-point BPF programs this includes the size of main program
258 * itself plus all the used sub-programs, appended at the end
262 struct reloc_desc *reloc_desc;
270 bpf_program_prep_t preprocessor;
272 struct bpf_object *obj;
274 bpf_program_clear_priv_t clear_priv;
277 enum bpf_prog_type type;
278 enum bpf_attach_type expected_attach_type;
280 __u32 attach_btf_obj_fd;
282 __u32 attach_prog_fd;
284 __u32 func_info_rec_size;
288 __u32 line_info_rec_size;
293 struct bpf_struct_ops {
295 const struct btf_type *type;
296 struct bpf_program **progs;
297 __u32 *kern_func_off;
298 /* e.g. struct tcp_congestion_ops in bpf_prog's btf format */
300 /* e.g. struct bpf_struct_ops_tcp_congestion_ops in
301 * btf_vmlinux's format.
302 * struct bpf_struct_ops_tcp_congestion_ops {
303 * [... some other kernel fields ...]
304 * struct tcp_congestion_ops data;
306 * kern_vdata-size == sizeof(struct bpf_struct_ops_tcp_congestion_ops)
307 * bpf_map__init_kern_struct_ops() will populate the "kern_vdata"
314 #define DATA_SEC ".data"
315 #define BSS_SEC ".bss"
316 #define RODATA_SEC ".rodata"
317 #define KCONFIG_SEC ".kconfig"
318 #define KSYMS_SEC ".ksyms"
319 #define STRUCT_OPS_SEC ".struct_ops"
321 enum libbpf_map_type {
329 static const char * const libbpf_type_to_btf_name[] = {
330 [LIBBPF_MAP_DATA] = DATA_SEC,
331 [LIBBPF_MAP_BSS] = BSS_SEC,
332 [LIBBPF_MAP_RODATA] = RODATA_SEC,
333 [LIBBPF_MAP_KCONFIG] = KCONFIG_SEC,
343 struct bpf_map_def def;
346 __u32 btf_key_type_id;
347 __u32 btf_value_type_id;
348 __u32 btf_vmlinux_value_type_id;
350 bpf_map_clear_priv_t clear_priv;
351 enum libbpf_map_type libbpf_type;
353 struct bpf_struct_ops *st_ops;
354 struct bpf_map *inner_map;
378 enum extern_type type;
394 unsigned long long addr;
396 /* target btf_id of the corresponding kernel var. */
397 int kernel_btf_obj_fd;
400 /* local btf_id of the ksym extern's type. */
406 static LIST_HEAD(bpf_objects_list);
416 char name[BPF_OBJ_NAME_LEN];
420 struct bpf_program *programs;
422 struct bpf_map *maps;
427 struct extern_desc *externs;
436 * Information when doing elf related work. Only valid if fd
449 Elf_Data *st_ops_data;
450 size_t shstrndx; /* section index for section name strings */
459 __u32 btf_maps_sec_btf_id;
468 * All loaded bpf_object is linked in a list, which is
469 * hidden to caller. bpf_objects__<func> handlers deal with
472 struct list_head list;
475 struct btf_ext *btf_ext;
477 /* Parse and load BTF vmlinux if any of the programs in the object need
480 struct btf *btf_vmlinux;
481 /* vmlinux BTF override for CO-RE relocations */
482 struct btf *btf_vmlinux_override;
483 /* Lazily initialized kernel module BTFs */
484 struct module_btf *btf_modules;
485 bool btf_modules_loaded;
486 size_t btf_module_cnt;
487 size_t btf_module_cap;
490 bpf_object_clear_priv_t clear_priv;
494 #define obj_elf_valid(o) ((o)->efile.elf)
496 static const char *elf_sym_str(const struct bpf_object *obj, size_t off);
497 static const char *elf_sec_str(const struct bpf_object *obj, size_t off);
498 static Elf_Scn *elf_sec_by_idx(const struct bpf_object *obj, size_t idx);
499 static Elf_Scn *elf_sec_by_name(const struct bpf_object *obj, const char *name);
500 static int elf_sec_hdr(const struct bpf_object *obj, Elf_Scn *scn, GElf_Shdr *hdr);
501 static const char *elf_sec_name(const struct bpf_object *obj, Elf_Scn *scn);
502 static Elf_Data *elf_sec_data(const struct bpf_object *obj, Elf_Scn *scn);
503 static int elf_sym_by_sec_off(const struct bpf_object *obj, size_t sec_idx,
504 size_t off, __u32 sym_type, GElf_Sym *sym);
506 void bpf_program__unload(struct bpf_program *prog)
514 * If the object is opened but the program was never loaded,
515 * it is possible that prog->instances.nr == -1.
517 if (prog->instances.nr > 0) {
518 for (i = 0; i < prog->instances.nr; i++)
519 zclose(prog->instances.fds[i]);
520 } else if (prog->instances.nr != -1) {
521 pr_warn("Internal error: instances.nr is %d\n",
525 prog->instances.nr = -1;
526 zfree(&prog->instances.fds);
528 zfree(&prog->func_info);
529 zfree(&prog->line_info);
532 static void bpf_program__exit(struct bpf_program *prog)
537 if (prog->clear_priv)
538 prog->clear_priv(prog, prog->priv);
541 prog->clear_priv = NULL;
543 bpf_program__unload(prog);
545 zfree(&prog->sec_name);
546 zfree(&prog->pin_name);
548 zfree(&prog->reloc_desc);
555 static char *__bpf_program__pin_name(struct bpf_program *prog)
559 name = p = strdup(prog->sec_name);
560 while ((p = strchr(p, '/')))
566 static bool insn_is_subprog_call(const struct bpf_insn *insn)
568 return BPF_CLASS(insn->code) == BPF_JMP &&
569 BPF_OP(insn->code) == BPF_CALL &&
570 BPF_SRC(insn->code) == BPF_K &&
571 insn->src_reg == BPF_PSEUDO_CALL &&
572 insn->dst_reg == 0 &&
576 static bool is_ldimm64(struct bpf_insn *insn)
578 return insn->code == (BPF_LD | BPF_IMM | BPF_DW);
581 static bool insn_is_pseudo_func(struct bpf_insn *insn)
583 return is_ldimm64(insn) && insn->src_reg == BPF_PSEUDO_FUNC;
587 bpf_object__init_prog(struct bpf_object *obj, struct bpf_program *prog,
588 const char *name, size_t sec_idx, const char *sec_name,
589 size_t sec_off, void *insn_data, size_t insn_data_sz)
591 if (insn_data_sz == 0 || insn_data_sz % BPF_INSN_SZ || sec_off % BPF_INSN_SZ) {
592 pr_warn("sec '%s': corrupted program '%s', offset %zu, size %zu\n",
593 sec_name, name, sec_off, insn_data_sz);
597 memset(prog, 0, sizeof(*prog));
600 prog->sec_idx = sec_idx;
601 prog->sec_insn_off = sec_off / BPF_INSN_SZ;
602 prog->sec_insn_cnt = insn_data_sz / BPF_INSN_SZ;
603 /* insns_cnt can later be increased by appending used subprograms */
604 prog->insns_cnt = prog->sec_insn_cnt;
606 prog->type = BPF_PROG_TYPE_UNSPEC;
609 prog->instances.fds = NULL;
610 prog->instances.nr = -1;
612 prog->sec_name = strdup(sec_name);
616 prog->name = strdup(name);
620 prog->pin_name = __bpf_program__pin_name(prog);
624 prog->insns = malloc(insn_data_sz);
627 memcpy(prog->insns, insn_data, insn_data_sz);
631 pr_warn("sec '%s': failed to allocate memory for prog '%s'\n", sec_name, name);
632 bpf_program__exit(prog);
637 bpf_object__add_programs(struct bpf_object *obj, Elf_Data *sec_data,
638 const char *sec_name, int sec_idx)
640 struct bpf_program *prog, *progs;
641 void *data = sec_data->d_buf;
642 size_t sec_sz = sec_data->d_size, sec_off, prog_sz;
647 progs = obj->programs;
648 nr_progs = obj->nr_programs;
651 while (sec_off < sec_sz) {
652 if (elf_sym_by_sec_off(obj, sec_idx, sec_off, STT_FUNC, &sym)) {
653 pr_warn("sec '%s': failed to find program symbol at offset %zu\n",
655 return -LIBBPF_ERRNO__FORMAT;
658 prog_sz = sym.st_size;
660 name = elf_sym_str(obj, sym.st_name);
662 pr_warn("sec '%s': failed to get symbol name for offset %zu\n",
664 return -LIBBPF_ERRNO__FORMAT;
667 if (sec_off + prog_sz > sec_sz) {
668 pr_warn("sec '%s': program at offset %zu crosses section boundary\n",
670 return -LIBBPF_ERRNO__FORMAT;
673 pr_debug("sec '%s': found program '%s' at insn offset %zu (%zu bytes), code size %zu insns (%zu bytes)\n",
674 sec_name, name, sec_off / BPF_INSN_SZ, sec_off, prog_sz / BPF_INSN_SZ, prog_sz);
676 progs = libbpf_reallocarray(progs, nr_progs + 1, sizeof(*progs));
679 * In this case the original obj->programs
680 * is still valid, so don't need special treat for
681 * bpf_close_object().
683 pr_warn("sec '%s': failed to alloc memory for new program '%s'\n",
687 obj->programs = progs;
689 prog = &progs[nr_progs];
691 err = bpf_object__init_prog(obj, prog, name, sec_idx, sec_name,
692 sec_off, data + sec_off, prog_sz);
697 obj->nr_programs = nr_progs;
705 static __u32 get_kernel_version(void)
707 __u32 major, minor, patch;
711 if (sscanf(info.release, "%u.%u.%u", &major, &minor, &patch) != 3)
713 return KERNEL_VERSION(major, minor, patch);
716 static const struct btf_member *
717 find_member_by_offset(const struct btf_type *t, __u32 bit_offset)
719 struct btf_member *m;
722 for (i = 0, m = btf_members(t); i < btf_vlen(t); i++, m++) {
723 if (btf_member_bit_offset(t, i) == bit_offset)
730 static const struct btf_member *
731 find_member_by_name(const struct btf *btf, const struct btf_type *t,
734 struct btf_member *m;
737 for (i = 0, m = btf_members(t); i < btf_vlen(t); i++, m++) {
738 if (!strcmp(btf__name_by_offset(btf, m->name_off), name))
745 #define STRUCT_OPS_VALUE_PREFIX "bpf_struct_ops_"
746 static int find_btf_by_prefix_kind(const struct btf *btf, const char *prefix,
747 const char *name, __u32 kind);
750 find_struct_ops_kern_types(const struct btf *btf, const char *tname,
751 const struct btf_type **type, __u32 *type_id,
752 const struct btf_type **vtype, __u32 *vtype_id,
753 const struct btf_member **data_member)
755 const struct btf_type *kern_type, *kern_vtype;
756 const struct btf_member *kern_data_member;
757 __s32 kern_vtype_id, kern_type_id;
760 kern_type_id = btf__find_by_name_kind(btf, tname, BTF_KIND_STRUCT);
761 if (kern_type_id < 0) {
762 pr_warn("struct_ops init_kern: struct %s is not found in kernel BTF\n",
766 kern_type = btf__type_by_id(btf, kern_type_id);
768 /* Find the corresponding "map_value" type that will be used
769 * in map_update(BPF_MAP_TYPE_STRUCT_OPS). For example,
770 * find "struct bpf_struct_ops_tcp_congestion_ops" from the
773 kern_vtype_id = find_btf_by_prefix_kind(btf, STRUCT_OPS_VALUE_PREFIX,
774 tname, BTF_KIND_STRUCT);
775 if (kern_vtype_id < 0) {
776 pr_warn("struct_ops init_kern: struct %s%s is not found in kernel BTF\n",
777 STRUCT_OPS_VALUE_PREFIX, tname);
778 return kern_vtype_id;
780 kern_vtype = btf__type_by_id(btf, kern_vtype_id);
782 /* Find "struct tcp_congestion_ops" from
783 * struct bpf_struct_ops_tcp_congestion_ops {
785 * struct tcp_congestion_ops data;
788 kern_data_member = btf_members(kern_vtype);
789 for (i = 0; i < btf_vlen(kern_vtype); i++, kern_data_member++) {
790 if (kern_data_member->type == kern_type_id)
793 if (i == btf_vlen(kern_vtype)) {
794 pr_warn("struct_ops init_kern: struct %s data is not found in struct %s%s\n",
795 tname, STRUCT_OPS_VALUE_PREFIX, tname);
800 *type_id = kern_type_id;
802 *vtype_id = kern_vtype_id;
803 *data_member = kern_data_member;
808 static bool bpf_map__is_struct_ops(const struct bpf_map *map)
810 return map->def.type == BPF_MAP_TYPE_STRUCT_OPS;
813 /* Init the map's fields that depend on kern_btf */
814 static int bpf_map__init_kern_struct_ops(struct bpf_map *map,
815 const struct btf *btf,
816 const struct btf *kern_btf)
818 const struct btf_member *member, *kern_member, *kern_data_member;
819 const struct btf_type *type, *kern_type, *kern_vtype;
820 __u32 i, kern_type_id, kern_vtype_id, kern_data_off;
821 struct bpf_struct_ops *st_ops;
822 void *data, *kern_data;
826 st_ops = map->st_ops;
828 tname = st_ops->tname;
829 err = find_struct_ops_kern_types(kern_btf, tname,
830 &kern_type, &kern_type_id,
831 &kern_vtype, &kern_vtype_id,
836 pr_debug("struct_ops init_kern %s: type_id:%u kern_type_id:%u kern_vtype_id:%u\n",
837 map->name, st_ops->type_id, kern_type_id, kern_vtype_id);
839 map->def.value_size = kern_vtype->size;
840 map->btf_vmlinux_value_type_id = kern_vtype_id;
842 st_ops->kern_vdata = calloc(1, kern_vtype->size);
843 if (!st_ops->kern_vdata)
847 kern_data_off = kern_data_member->offset / 8;
848 kern_data = st_ops->kern_vdata + kern_data_off;
850 member = btf_members(type);
851 for (i = 0; i < btf_vlen(type); i++, member++) {
852 const struct btf_type *mtype, *kern_mtype;
853 __u32 mtype_id, kern_mtype_id;
854 void *mdata, *kern_mdata;
855 __s64 msize, kern_msize;
856 __u32 moff, kern_moff;
857 __u32 kern_member_idx;
860 mname = btf__name_by_offset(btf, member->name_off);
861 kern_member = find_member_by_name(kern_btf, kern_type, mname);
863 pr_warn("struct_ops init_kern %s: Cannot find member %s in kernel BTF\n",
868 kern_member_idx = kern_member - btf_members(kern_type);
869 if (btf_member_bitfield_size(type, i) ||
870 btf_member_bitfield_size(kern_type, kern_member_idx)) {
871 pr_warn("struct_ops init_kern %s: bitfield %s is not supported\n",
876 moff = member->offset / 8;
877 kern_moff = kern_member->offset / 8;
880 kern_mdata = kern_data + kern_moff;
882 mtype = skip_mods_and_typedefs(btf, member->type, &mtype_id);
883 kern_mtype = skip_mods_and_typedefs(kern_btf, kern_member->type,
885 if (BTF_INFO_KIND(mtype->info) !=
886 BTF_INFO_KIND(kern_mtype->info)) {
887 pr_warn("struct_ops init_kern %s: Unmatched member type %s %u != %u(kernel)\n",
888 map->name, mname, BTF_INFO_KIND(mtype->info),
889 BTF_INFO_KIND(kern_mtype->info));
893 if (btf_is_ptr(mtype)) {
894 struct bpf_program *prog;
896 prog = st_ops->progs[i];
900 kern_mtype = skip_mods_and_typedefs(kern_btf,
904 /* mtype->type must be a func_proto which was
905 * guaranteed in bpf_object__collect_st_ops_relos(),
906 * so only check kern_mtype for func_proto here.
908 if (!btf_is_func_proto(kern_mtype)) {
909 pr_warn("struct_ops init_kern %s: kernel member %s is not a func ptr\n",
914 prog->attach_btf_id = kern_type_id;
915 prog->expected_attach_type = kern_member_idx;
917 st_ops->kern_func_off[i] = kern_data_off + kern_moff;
919 pr_debug("struct_ops init_kern %s: func ptr %s is set to prog %s from data(+%u) to kern_data(+%u)\n",
920 map->name, mname, prog->name, moff,
926 msize = btf__resolve_size(btf, mtype_id);
927 kern_msize = btf__resolve_size(kern_btf, kern_mtype_id);
928 if (msize < 0 || kern_msize < 0 || msize != kern_msize) {
929 pr_warn("struct_ops init_kern %s: Error in size of member %s: %zd != %zd(kernel)\n",
930 map->name, mname, (ssize_t)msize,
931 (ssize_t)kern_msize);
935 pr_debug("struct_ops init_kern %s: copy %s %u bytes from data(+%u) to kern_data(+%u)\n",
936 map->name, mname, (unsigned int)msize,
938 memcpy(kern_mdata, mdata, msize);
944 static int bpf_object__init_kern_struct_ops_maps(struct bpf_object *obj)
950 for (i = 0; i < obj->nr_maps; i++) {
953 if (!bpf_map__is_struct_ops(map))
956 err = bpf_map__init_kern_struct_ops(map, obj->btf,
965 static int bpf_object__init_struct_ops_maps(struct bpf_object *obj)
967 const struct btf_type *type, *datasec;
968 const struct btf_var_secinfo *vsi;
969 struct bpf_struct_ops *st_ops;
970 const char *tname, *var_name;
971 __s32 type_id, datasec_id;
972 const struct btf *btf;
976 if (obj->efile.st_ops_shndx == -1)
980 datasec_id = btf__find_by_name_kind(btf, STRUCT_OPS_SEC,
982 if (datasec_id < 0) {
983 pr_warn("struct_ops init: DATASEC %s not found\n",
988 datasec = btf__type_by_id(btf, datasec_id);
989 vsi = btf_var_secinfos(datasec);
990 for (i = 0; i < btf_vlen(datasec); i++, vsi++) {
991 type = btf__type_by_id(obj->btf, vsi->type);
992 var_name = btf__name_by_offset(obj->btf, type->name_off);
994 type_id = btf__resolve_type(obj->btf, vsi->type);
996 pr_warn("struct_ops init: Cannot resolve var type_id %u in DATASEC %s\n",
997 vsi->type, STRUCT_OPS_SEC);
1001 type = btf__type_by_id(obj->btf, type_id);
1002 tname = btf__name_by_offset(obj->btf, type->name_off);
1004 pr_warn("struct_ops init: anonymous type is not supported\n");
1007 if (!btf_is_struct(type)) {
1008 pr_warn("struct_ops init: %s is not a struct\n", tname);
1012 map = bpf_object__add_map(obj);
1014 return PTR_ERR(map);
1016 map->sec_idx = obj->efile.st_ops_shndx;
1017 map->sec_offset = vsi->offset;
1018 map->name = strdup(var_name);
1022 map->def.type = BPF_MAP_TYPE_STRUCT_OPS;
1023 map->def.key_size = sizeof(int);
1024 map->def.value_size = type->size;
1025 map->def.max_entries = 1;
1027 map->st_ops = calloc(1, sizeof(*map->st_ops));
1030 st_ops = map->st_ops;
1031 st_ops->data = malloc(type->size);
1032 st_ops->progs = calloc(btf_vlen(type), sizeof(*st_ops->progs));
1033 st_ops->kern_func_off = malloc(btf_vlen(type) *
1034 sizeof(*st_ops->kern_func_off));
1035 if (!st_ops->data || !st_ops->progs || !st_ops->kern_func_off)
1038 if (vsi->offset + type->size > obj->efile.st_ops_data->d_size) {
1039 pr_warn("struct_ops init: var %s is beyond the end of DATASEC %s\n",
1040 var_name, STRUCT_OPS_SEC);
1044 memcpy(st_ops->data,
1045 obj->efile.st_ops_data->d_buf + vsi->offset,
1047 st_ops->tname = tname;
1048 st_ops->type = type;
1049 st_ops->type_id = type_id;
1051 pr_debug("struct_ops init: struct %s(type_id=%u) %s found at offset %u\n",
1052 tname, type_id, var_name, vsi->offset);
1058 static struct bpf_object *bpf_object__new(const char *path,
1059 const void *obj_buf,
1061 const char *obj_name)
1063 struct bpf_object *obj;
1066 obj = calloc(1, sizeof(struct bpf_object) + strlen(path) + 1);
1068 pr_warn("alloc memory failed for %s\n", path);
1069 return ERR_PTR(-ENOMEM);
1072 strcpy(obj->path, path);
1074 strncpy(obj->name, obj_name, sizeof(obj->name) - 1);
1075 obj->name[sizeof(obj->name) - 1] = 0;
1077 /* Using basename() GNU version which doesn't modify arg. */
1078 strncpy(obj->name, basename((void *)path),
1079 sizeof(obj->name) - 1);
1080 end = strchr(obj->name, '.');
1087 * Caller of this function should also call
1088 * bpf_object__elf_finish() after data collection to return
1089 * obj_buf to user. If not, we should duplicate the buffer to
1090 * avoid user freeing them before elf finish.
1092 obj->efile.obj_buf = obj_buf;
1093 obj->efile.obj_buf_sz = obj_buf_sz;
1094 obj->efile.maps_shndx = -1;
1095 obj->efile.btf_maps_shndx = -1;
1096 obj->efile.data_shndx = -1;
1097 obj->efile.rodata_shndx = -1;
1098 obj->efile.bss_shndx = -1;
1099 obj->efile.st_ops_shndx = -1;
1100 obj->kconfig_map_idx = -1;
1101 obj->rodata_map_idx = -1;
1103 obj->kern_version = get_kernel_version();
1104 obj->loaded = false;
1106 INIT_LIST_HEAD(&obj->list);
1107 list_add(&obj->list, &bpf_objects_list);
1111 static void bpf_object__elf_finish(struct bpf_object *obj)
1113 if (!obj_elf_valid(obj))
1116 if (obj->efile.elf) {
1117 elf_end(obj->efile.elf);
1118 obj->efile.elf = NULL;
1120 obj->efile.symbols = NULL;
1121 obj->efile.data = NULL;
1122 obj->efile.rodata = NULL;
1123 obj->efile.bss = NULL;
1124 obj->efile.st_ops_data = NULL;
1126 zfree(&obj->efile.reloc_sects);
1127 obj->efile.nr_reloc_sects = 0;
1128 zclose(obj->efile.fd);
1129 obj->efile.obj_buf = NULL;
1130 obj->efile.obj_buf_sz = 0;
1133 static int bpf_object__elf_init(struct bpf_object *obj)
1138 if (obj_elf_valid(obj)) {
1139 pr_warn("elf: init internal error\n");
1140 return -LIBBPF_ERRNO__LIBELF;
1143 if (obj->efile.obj_buf_sz > 0) {
1145 * obj_buf should have been validated by
1146 * bpf_object__open_buffer().
1148 obj->efile.elf = elf_memory((char *)obj->efile.obj_buf,
1149 obj->efile.obj_buf_sz);
1151 obj->efile.fd = open(obj->path, O_RDONLY);
1152 if (obj->efile.fd < 0) {
1153 char errmsg[STRERR_BUFSIZE], *cp;
1156 cp = libbpf_strerror_r(err, errmsg, sizeof(errmsg));
1157 pr_warn("elf: failed to open %s: %s\n", obj->path, cp);
1161 obj->efile.elf = elf_begin(obj->efile.fd, ELF_C_READ_MMAP, NULL);
1164 if (!obj->efile.elf) {
1165 pr_warn("elf: failed to open %s as ELF file: %s\n", obj->path, elf_errmsg(-1));
1166 err = -LIBBPF_ERRNO__LIBELF;
1170 if (!gelf_getehdr(obj->efile.elf, &obj->efile.ehdr)) {
1171 pr_warn("elf: failed to get ELF header from %s: %s\n", obj->path, elf_errmsg(-1));
1172 err = -LIBBPF_ERRNO__FORMAT;
1175 ep = &obj->efile.ehdr;
1177 if (elf_getshdrstrndx(obj->efile.elf, &obj->efile.shstrndx)) {
1178 pr_warn("elf: failed to get section names section index for %s: %s\n",
1179 obj->path, elf_errmsg(-1));
1180 err = -LIBBPF_ERRNO__FORMAT;
1184 /* Elf is corrupted/truncated, avoid calling elf_strptr. */
1185 if (!elf_rawdata(elf_getscn(obj->efile.elf, obj->efile.shstrndx), NULL)) {
1186 pr_warn("elf: failed to get section names strings from %s: %s\n",
1187 obj->path, elf_errmsg(-1));
1188 err = -LIBBPF_ERRNO__FORMAT;
1192 /* Old LLVM set e_machine to EM_NONE */
1193 if (ep->e_type != ET_REL ||
1194 (ep->e_machine && ep->e_machine != EM_BPF)) {
1195 pr_warn("elf: %s is not a valid eBPF object file\n", obj->path);
1196 err = -LIBBPF_ERRNO__FORMAT;
1202 bpf_object__elf_finish(obj);
1206 static int bpf_object__check_endianness(struct bpf_object *obj)
1208 #if __BYTE_ORDER == __LITTLE_ENDIAN
1209 if (obj->efile.ehdr.e_ident[EI_DATA] == ELFDATA2LSB)
1211 #elif __BYTE_ORDER == __BIG_ENDIAN
1212 if (obj->efile.ehdr.e_ident[EI_DATA] == ELFDATA2MSB)
1215 # error "Unrecognized __BYTE_ORDER__"
1217 pr_warn("elf: endianness mismatch in %s.\n", obj->path);
1218 return -LIBBPF_ERRNO__ENDIAN;
1222 bpf_object__init_license(struct bpf_object *obj, void *data, size_t size)
1224 memcpy(obj->license, data, min(size, sizeof(obj->license) - 1));
1225 pr_debug("license of %s is %s\n", obj->path, obj->license);
1230 bpf_object__init_kversion(struct bpf_object *obj, void *data, size_t size)
1234 if (size != sizeof(kver)) {
1235 pr_warn("invalid kver section in %s\n", obj->path);
1236 return -LIBBPF_ERRNO__FORMAT;
1238 memcpy(&kver, data, sizeof(kver));
1239 obj->kern_version = kver;
1240 pr_debug("kernel version of %s is %x\n", obj->path, obj->kern_version);
1244 static bool bpf_map_type__is_map_in_map(enum bpf_map_type type)
1246 if (type == BPF_MAP_TYPE_ARRAY_OF_MAPS ||
1247 type == BPF_MAP_TYPE_HASH_OF_MAPS)
1252 int bpf_object__section_size(const struct bpf_object *obj, const char *name,
1260 } else if (!strcmp(name, DATA_SEC)) {
1261 if (obj->efile.data)
1262 *size = obj->efile.data->d_size;
1263 } else if (!strcmp(name, BSS_SEC)) {
1265 *size = obj->efile.bss->d_size;
1266 } else if (!strcmp(name, RODATA_SEC)) {
1267 if (obj->efile.rodata)
1268 *size = obj->efile.rodata->d_size;
1269 } else if (!strcmp(name, STRUCT_OPS_SEC)) {
1270 if (obj->efile.st_ops_data)
1271 *size = obj->efile.st_ops_data->d_size;
1273 Elf_Scn *scn = elf_sec_by_name(obj, name);
1274 Elf_Data *data = elf_sec_data(obj, scn);
1277 ret = 0; /* found it */
1278 *size = data->d_size;
1282 return *size ? 0 : ret;
1285 int bpf_object__variable_offset(const struct bpf_object *obj, const char *name,
1288 Elf_Data *symbols = obj->efile.symbols;
1295 for (si = 0; si < symbols->d_size / sizeof(GElf_Sym); si++) {
1298 if (!gelf_getsym(symbols, si, &sym))
1300 if (GELF_ST_BIND(sym.st_info) != STB_GLOBAL ||
1301 GELF_ST_TYPE(sym.st_info) != STT_OBJECT)
1304 sname = elf_sym_str(obj, sym.st_name);
1306 pr_warn("failed to get sym name string for var %s\n",
1310 if (strcmp(name, sname) == 0) {
1311 *off = sym.st_value;
1319 static struct bpf_map *bpf_object__add_map(struct bpf_object *obj)
1321 struct bpf_map *new_maps;
1325 if (obj->nr_maps < obj->maps_cap)
1326 return &obj->maps[obj->nr_maps++];
1328 new_cap = max((size_t)4, obj->maps_cap * 3 / 2);
1329 new_maps = libbpf_reallocarray(obj->maps, new_cap, sizeof(*obj->maps));
1331 pr_warn("alloc maps for object failed\n");
1332 return ERR_PTR(-ENOMEM);
1335 obj->maps_cap = new_cap;
1336 obj->maps = new_maps;
1338 /* zero out new maps */
1339 memset(obj->maps + obj->nr_maps, 0,
1340 (obj->maps_cap - obj->nr_maps) * sizeof(*obj->maps));
1342 * fill all fd with -1 so won't close incorrect fd (fd=0 is stdin)
1343 * when failure (zclose won't close negative fd)).
1345 for (i = obj->nr_maps; i < obj->maps_cap; i++) {
1346 obj->maps[i].fd = -1;
1347 obj->maps[i].inner_map_fd = -1;
1350 return &obj->maps[obj->nr_maps++];
1353 static size_t bpf_map_mmap_sz(const struct bpf_map *map)
1355 long page_sz = sysconf(_SC_PAGE_SIZE);
1358 map_sz = (size_t)roundup(map->def.value_size, 8) * map->def.max_entries;
1359 map_sz = roundup(map_sz, page_sz);
1363 static char *internal_map_name(struct bpf_object *obj,
1364 enum libbpf_map_type type)
1366 char map_name[BPF_OBJ_NAME_LEN], *p;
1367 const char *sfx = libbpf_type_to_btf_name[type];
1368 int sfx_len = max((size_t)7, strlen(sfx));
1369 int pfx_len = min((size_t)BPF_OBJ_NAME_LEN - sfx_len - 1,
1372 snprintf(map_name, sizeof(map_name), "%.*s%.*s", pfx_len, obj->name,
1373 sfx_len, libbpf_type_to_btf_name[type]);
1375 /* sanitise map name to characters allowed by kernel */
1376 for (p = map_name; *p && p < map_name + sizeof(map_name); p++)
1377 if (!isalnum(*p) && *p != '_' && *p != '.')
1380 return strdup(map_name);
1384 bpf_object__init_internal_map(struct bpf_object *obj, enum libbpf_map_type type,
1385 int sec_idx, void *data, size_t data_sz)
1387 struct bpf_map_def *def;
1388 struct bpf_map *map;
1391 map = bpf_object__add_map(obj);
1393 return PTR_ERR(map);
1395 map->libbpf_type = type;
1396 map->sec_idx = sec_idx;
1397 map->sec_offset = 0;
1398 map->name = internal_map_name(obj, type);
1400 pr_warn("failed to alloc map name\n");
1405 def->type = BPF_MAP_TYPE_ARRAY;
1406 def->key_size = sizeof(int);
1407 def->value_size = data_sz;
1408 def->max_entries = 1;
1409 def->map_flags = type == LIBBPF_MAP_RODATA || type == LIBBPF_MAP_KCONFIG
1410 ? BPF_F_RDONLY_PROG : 0;
1411 def->map_flags |= BPF_F_MMAPABLE;
1413 pr_debug("map '%s' (global data): at sec_idx %d, offset %zu, flags %x.\n",
1414 map->name, map->sec_idx, map->sec_offset, def->map_flags);
1416 map->mmaped = mmap(NULL, bpf_map_mmap_sz(map), PROT_READ | PROT_WRITE,
1417 MAP_SHARED | MAP_ANONYMOUS, -1, 0);
1418 if (map->mmaped == MAP_FAILED) {
1421 pr_warn("failed to alloc map '%s' content buffer: %d\n",
1428 memcpy(map->mmaped, data, data_sz);
1430 pr_debug("map %td is \"%s\"\n", map - obj->maps, map->name);
1434 static int bpf_object__init_global_data_maps(struct bpf_object *obj)
1439 * Populate obj->maps with libbpf internal maps.
1441 if (obj->efile.data_shndx >= 0) {
1442 err = bpf_object__init_internal_map(obj, LIBBPF_MAP_DATA,
1443 obj->efile.data_shndx,
1444 obj->efile.data->d_buf,
1445 obj->efile.data->d_size);
1449 if (obj->efile.rodata_shndx >= 0) {
1450 err = bpf_object__init_internal_map(obj, LIBBPF_MAP_RODATA,
1451 obj->efile.rodata_shndx,
1452 obj->efile.rodata->d_buf,
1453 obj->efile.rodata->d_size);
1457 obj->rodata_map_idx = obj->nr_maps - 1;
1459 if (obj->efile.bss_shndx >= 0) {
1460 err = bpf_object__init_internal_map(obj, LIBBPF_MAP_BSS,
1461 obj->efile.bss_shndx,
1463 obj->efile.bss->d_size);
1471 static struct extern_desc *find_extern_by_name(const struct bpf_object *obj,
1476 for (i = 0; i < obj->nr_extern; i++) {
1477 if (strcmp(obj->externs[i].name, name) == 0)
1478 return &obj->externs[i];
1483 static int set_kcfg_value_tri(struct extern_desc *ext, void *ext_val,
1486 switch (ext->kcfg.type) {
1489 pr_warn("extern (kcfg) %s=%c should be tristate or char\n",
1493 *(bool *)ext_val = value == 'y' ? true : false;
1497 *(enum libbpf_tristate *)ext_val = TRI_YES;
1498 else if (value == 'm')
1499 *(enum libbpf_tristate *)ext_val = TRI_MODULE;
1500 else /* value == 'n' */
1501 *(enum libbpf_tristate *)ext_val = TRI_NO;
1504 *(char *)ext_val = value;
1510 pr_warn("extern (kcfg) %s=%c should be bool, tristate, or char\n",
1518 static int set_kcfg_value_str(struct extern_desc *ext, char *ext_val,
1523 if (ext->kcfg.type != KCFG_CHAR_ARR) {
1524 pr_warn("extern (kcfg) %s=%s should be char array\n", ext->name, value);
1528 len = strlen(value);
1529 if (value[len - 1] != '"') {
1530 pr_warn("extern (kcfg) '%s': invalid string config '%s'\n",
1537 if (len >= ext->kcfg.sz) {
1538 pr_warn("extern (kcfg) '%s': long string config %s of (%zu bytes) truncated to %d bytes\n",
1539 ext->name, value, len, ext->kcfg.sz - 1);
1540 len = ext->kcfg.sz - 1;
1542 memcpy(ext_val, value + 1, len);
1543 ext_val[len] = '\0';
1548 static int parse_u64(const char *value, __u64 *res)
1554 *res = strtoull(value, &value_end, 0);
1557 pr_warn("failed to parse '%s' as integer: %d\n", value, err);
1561 pr_warn("failed to parse '%s' as integer completely\n", value);
1567 static bool is_kcfg_value_in_range(const struct extern_desc *ext, __u64 v)
1569 int bit_sz = ext->kcfg.sz * 8;
1571 if (ext->kcfg.sz == 8)
1574 /* Validate that value stored in u64 fits in integer of `ext->sz`
1575 * bytes size without any loss of information. If the target integer
1576 * is signed, we rely on the following limits of integer type of
1577 * Y bits and subsequent transformation:
1579 * -2^(Y-1) <= X <= 2^(Y-1) - 1
1580 * 0 <= X + 2^(Y-1) <= 2^Y - 1
1581 * 0 <= X + 2^(Y-1) < 2^Y
1583 * For unsigned target integer, check that all the (64 - Y) bits are
1586 if (ext->kcfg.is_signed)
1587 return v + (1ULL << (bit_sz - 1)) < (1ULL << bit_sz);
1589 return (v >> bit_sz) == 0;
1592 static int set_kcfg_value_num(struct extern_desc *ext, void *ext_val,
1595 if (ext->kcfg.type != KCFG_INT && ext->kcfg.type != KCFG_CHAR) {
1596 pr_warn("extern (kcfg) %s=%llu should be integer\n",
1597 ext->name, (unsigned long long)value);
1600 if (!is_kcfg_value_in_range(ext, value)) {
1601 pr_warn("extern (kcfg) %s=%llu value doesn't fit in %d bytes\n",
1602 ext->name, (unsigned long long)value, ext->kcfg.sz);
1605 switch (ext->kcfg.sz) {
1606 case 1: *(__u8 *)ext_val = value; break;
1607 case 2: *(__u16 *)ext_val = value; break;
1608 case 4: *(__u32 *)ext_val = value; break;
1609 case 8: *(__u64 *)ext_val = value; break;
1617 static int bpf_object__process_kconfig_line(struct bpf_object *obj,
1618 char *buf, void *data)
1620 struct extern_desc *ext;
1626 if (strncmp(buf, "CONFIG_", 7))
1629 sep = strchr(buf, '=');
1631 pr_warn("failed to parse '%s': no separator\n", buf);
1635 /* Trim ending '\n' */
1637 if (buf[len - 1] == '\n')
1638 buf[len - 1] = '\0';
1639 /* Split on '=' and ensure that a value is present. */
1643 pr_warn("failed to parse '%s': no value\n", buf);
1647 ext = find_extern_by_name(obj, buf);
1648 if (!ext || ext->is_set)
1651 ext_val = data + ext->kcfg.data_off;
1655 case 'y': case 'n': case 'm':
1656 err = set_kcfg_value_tri(ext, ext_val, *value);
1659 err = set_kcfg_value_str(ext, ext_val, value);
1662 /* assume integer */
1663 err = parse_u64(value, &num);
1665 pr_warn("extern (kcfg) %s=%s should be integer\n",
1669 err = set_kcfg_value_num(ext, ext_val, num);
1674 pr_debug("extern (kcfg) %s=%s\n", ext->name, value);
1678 static int bpf_object__read_kconfig_file(struct bpf_object *obj, void *data)
1686 len = snprintf(buf, PATH_MAX, "/boot/config-%s", uts.release);
1689 else if (len >= PATH_MAX)
1690 return -ENAMETOOLONG;
1692 /* gzopen also accepts uncompressed files. */
1693 file = gzopen(buf, "r");
1695 file = gzopen("/proc/config.gz", "r");
1698 pr_warn("failed to open system Kconfig\n");
1702 while (gzgets(file, buf, sizeof(buf))) {
1703 err = bpf_object__process_kconfig_line(obj, buf, data);
1705 pr_warn("error parsing system Kconfig line '%s': %d\n",
1716 static int bpf_object__read_kconfig_mem(struct bpf_object *obj,
1717 const char *config, void *data)
1723 file = fmemopen((void *)config, strlen(config), "r");
1726 pr_warn("failed to open in-memory Kconfig: %d\n", err);
1730 while (fgets(buf, sizeof(buf), file)) {
1731 err = bpf_object__process_kconfig_line(obj, buf, data);
1733 pr_warn("error parsing in-memory Kconfig line '%s': %d\n",
1743 static int bpf_object__init_kconfig_map(struct bpf_object *obj)
1745 struct extern_desc *last_ext = NULL, *ext;
1749 for (i = 0; i < obj->nr_extern; i++) {
1750 ext = &obj->externs[i];
1751 if (ext->type == EXT_KCFG)
1758 map_sz = last_ext->kcfg.data_off + last_ext->kcfg.sz;
1759 err = bpf_object__init_internal_map(obj, LIBBPF_MAP_KCONFIG,
1760 obj->efile.symbols_shndx,
1765 obj->kconfig_map_idx = obj->nr_maps - 1;
1770 static int bpf_object__init_user_maps(struct bpf_object *obj, bool strict)
1772 Elf_Data *symbols = obj->efile.symbols;
1773 int i, map_def_sz = 0, nr_maps = 0, nr_syms;
1774 Elf_Data *data = NULL;
1777 if (obj->efile.maps_shndx < 0)
1784 scn = elf_sec_by_idx(obj, obj->efile.maps_shndx);
1785 data = elf_sec_data(obj, scn);
1786 if (!scn || !data) {
1787 pr_warn("elf: failed to get legacy map definitions for %s\n",
1793 * Count number of maps. Each map has a name.
1794 * Array of maps is not supported: only the first element is
1797 * TODO: Detect array of map and report error.
1799 nr_syms = symbols->d_size / sizeof(GElf_Sym);
1800 for (i = 0; i < nr_syms; i++) {
1803 if (!gelf_getsym(symbols, i, &sym))
1805 if (sym.st_shndx != obj->efile.maps_shndx)
1809 /* Assume equally sized map definitions */
1810 pr_debug("elf: found %d legacy map definitions (%zd bytes) in %s\n",
1811 nr_maps, data->d_size, obj->path);
1813 if (!data->d_size || nr_maps == 0 || (data->d_size % nr_maps) != 0) {
1814 pr_warn("elf: unable to determine legacy map definition size in %s\n",
1818 map_def_sz = data->d_size / nr_maps;
1820 /* Fill obj->maps using data in "maps" section. */
1821 for (i = 0; i < nr_syms; i++) {
1823 const char *map_name;
1824 struct bpf_map_def *def;
1825 struct bpf_map *map;
1827 if (!gelf_getsym(symbols, i, &sym))
1829 if (sym.st_shndx != obj->efile.maps_shndx)
1832 map = bpf_object__add_map(obj);
1834 return PTR_ERR(map);
1836 map_name = elf_sym_str(obj, sym.st_name);
1838 pr_warn("failed to get map #%d name sym string for obj %s\n",
1840 return -LIBBPF_ERRNO__FORMAT;
1843 map->libbpf_type = LIBBPF_MAP_UNSPEC;
1844 map->sec_idx = sym.st_shndx;
1845 map->sec_offset = sym.st_value;
1846 pr_debug("map '%s' (legacy): at sec_idx %d, offset %zu.\n",
1847 map_name, map->sec_idx, map->sec_offset);
1848 if (sym.st_value + map_def_sz > data->d_size) {
1849 pr_warn("corrupted maps section in %s: last map \"%s\" too small\n",
1850 obj->path, map_name);
1854 map->name = strdup(map_name);
1856 pr_warn("failed to alloc map name\n");
1859 pr_debug("map %d is \"%s\"\n", i, map->name);
1860 def = (struct bpf_map_def *)(data->d_buf + sym.st_value);
1862 * If the definition of the map in the object file fits in
1863 * bpf_map_def, copy it. Any extra fields in our version
1864 * of bpf_map_def will default to zero as a result of the
1867 if (map_def_sz <= sizeof(struct bpf_map_def)) {
1868 memcpy(&map->def, def, map_def_sz);
1871 * Here the map structure being read is bigger than what
1872 * we expect, truncate if the excess bits are all zero.
1873 * If they are not zero, reject this map as
1878 for (b = ((char *)def) + sizeof(struct bpf_map_def);
1879 b < ((char *)def) + map_def_sz; b++) {
1881 pr_warn("maps section in %s: \"%s\" has unrecognized, non-zero options\n",
1882 obj->path, map_name);
1887 memcpy(&map->def, def, sizeof(struct bpf_map_def));
1893 static const struct btf_type *
1894 skip_mods_and_typedefs(const struct btf *btf, __u32 id, __u32 *res_id)
1896 const struct btf_type *t = btf__type_by_id(btf, id);
1901 while (btf_is_mod(t) || btf_is_typedef(t)) {
1904 t = btf__type_by_id(btf, t->type);
1910 static const struct btf_type *
1911 resolve_func_ptr(const struct btf *btf, __u32 id, __u32 *res_id)
1913 const struct btf_type *t;
1915 t = skip_mods_and_typedefs(btf, id, NULL);
1919 t = skip_mods_and_typedefs(btf, t->type, res_id);
1921 return btf_is_func_proto(t) ? t : NULL;
1924 static const char *btf_kind_str(const struct btf_type *t)
1926 switch (btf_kind(t)) {
1927 case BTF_KIND_UNKN: return "void";
1928 case BTF_KIND_INT: return "int";
1929 case BTF_KIND_PTR: return "ptr";
1930 case BTF_KIND_ARRAY: return "array";
1931 case BTF_KIND_STRUCT: return "struct";
1932 case BTF_KIND_UNION: return "union";
1933 case BTF_KIND_ENUM: return "enum";
1934 case BTF_KIND_FWD: return "fwd";
1935 case BTF_KIND_TYPEDEF: return "typedef";
1936 case BTF_KIND_VOLATILE: return "volatile";
1937 case BTF_KIND_CONST: return "const";
1938 case BTF_KIND_RESTRICT: return "restrict";
1939 case BTF_KIND_FUNC: return "func";
1940 case BTF_KIND_FUNC_PROTO: return "func_proto";
1941 case BTF_KIND_VAR: return "var";
1942 case BTF_KIND_DATASEC: return "datasec";
1943 case BTF_KIND_FLOAT: return "float";
1944 default: return "unknown";
1949 * Fetch integer attribute of BTF map definition. Such attributes are
1950 * represented using a pointer to an array, in which dimensionality of array
1951 * encodes specified integer value. E.g., int (*type)[BPF_MAP_TYPE_ARRAY];
1952 * encodes `type => BPF_MAP_TYPE_ARRAY` key/value pair completely using BTF
1953 * type definition, while using only sizeof(void *) space in ELF data section.
1955 static bool get_map_field_int(const char *map_name, const struct btf *btf,
1956 const struct btf_member *m, __u32 *res)
1958 const struct btf_type *t = skip_mods_and_typedefs(btf, m->type, NULL);
1959 const char *name = btf__name_by_offset(btf, m->name_off);
1960 const struct btf_array *arr_info;
1961 const struct btf_type *arr_t;
1963 if (!btf_is_ptr(t)) {
1964 pr_warn("map '%s': attr '%s': expected PTR, got %s.\n",
1965 map_name, name, btf_kind_str(t));
1969 arr_t = btf__type_by_id(btf, t->type);
1971 pr_warn("map '%s': attr '%s': type [%u] not found.\n",
1972 map_name, name, t->type);
1975 if (!btf_is_array(arr_t)) {
1976 pr_warn("map '%s': attr '%s': expected ARRAY, got %s.\n",
1977 map_name, name, btf_kind_str(arr_t));
1980 arr_info = btf_array(arr_t);
1981 *res = arr_info->nelems;
1985 static int build_map_pin_path(struct bpf_map *map, const char *path)
1991 path = "/sys/fs/bpf";
1993 len = snprintf(buf, PATH_MAX, "%s/%s", path, bpf_map__name(map));
1996 else if (len >= PATH_MAX)
1997 return -ENAMETOOLONG;
1999 return bpf_map__set_pin_path(map, buf);
2003 static int parse_btf_map_def(struct bpf_object *obj,
2004 struct bpf_map *map,
2005 const struct btf_type *def,
2006 bool strict, bool is_inner,
2007 const char *pin_root_path)
2009 const struct btf_type *t;
2010 const struct btf_member *m;
2013 vlen = btf_vlen(def);
2014 m = btf_members(def);
2015 for (i = 0; i < vlen; i++, m++) {
2016 const char *name = btf__name_by_offset(obj->btf, m->name_off);
2019 pr_warn("map '%s': invalid field #%d.\n", map->name, i);
2022 if (strcmp(name, "type") == 0) {
2023 if (!get_map_field_int(map->name, obj->btf, m,
2026 pr_debug("map '%s': found type = %u.\n",
2027 map->name, map->def.type);
2028 } else if (strcmp(name, "max_entries") == 0) {
2029 if (!get_map_field_int(map->name, obj->btf, m,
2030 &map->def.max_entries))
2032 pr_debug("map '%s': found max_entries = %u.\n",
2033 map->name, map->def.max_entries);
2034 } else if (strcmp(name, "map_flags") == 0) {
2035 if (!get_map_field_int(map->name, obj->btf, m,
2036 &map->def.map_flags))
2038 pr_debug("map '%s': found map_flags = %u.\n",
2039 map->name, map->def.map_flags);
2040 } else if (strcmp(name, "numa_node") == 0) {
2041 if (!get_map_field_int(map->name, obj->btf, m, &map->numa_node))
2043 pr_debug("map '%s': found numa_node = %u.\n", map->name, map->numa_node);
2044 } else if (strcmp(name, "key_size") == 0) {
2047 if (!get_map_field_int(map->name, obj->btf, m, &sz))
2049 pr_debug("map '%s': found key_size = %u.\n",
2051 if (map->def.key_size && map->def.key_size != sz) {
2052 pr_warn("map '%s': conflicting key size %u != %u.\n",
2053 map->name, map->def.key_size, sz);
2056 map->def.key_size = sz;
2057 } else if (strcmp(name, "key") == 0) {
2060 t = btf__type_by_id(obj->btf, m->type);
2062 pr_warn("map '%s': key type [%d] not found.\n",
2063 map->name, m->type);
2066 if (!btf_is_ptr(t)) {
2067 pr_warn("map '%s': key spec is not PTR: %s.\n",
2068 map->name, btf_kind_str(t));
2071 sz = btf__resolve_size(obj->btf, t->type);
2073 pr_warn("map '%s': can't determine key size for type [%u]: %zd.\n",
2074 map->name, t->type, (ssize_t)sz);
2077 pr_debug("map '%s': found key [%u], sz = %zd.\n",
2078 map->name, t->type, (ssize_t)sz);
2079 if (map->def.key_size && map->def.key_size != sz) {
2080 pr_warn("map '%s': conflicting key size %u != %zd.\n",
2081 map->name, map->def.key_size, (ssize_t)sz);
2084 map->def.key_size = sz;
2085 map->btf_key_type_id = t->type;
2086 } else if (strcmp(name, "value_size") == 0) {
2089 if (!get_map_field_int(map->name, obj->btf, m, &sz))
2091 pr_debug("map '%s': found value_size = %u.\n",
2093 if (map->def.value_size && map->def.value_size != sz) {
2094 pr_warn("map '%s': conflicting value size %u != %u.\n",
2095 map->name, map->def.value_size, sz);
2098 map->def.value_size = sz;
2099 } else if (strcmp(name, "value") == 0) {
2102 t = btf__type_by_id(obj->btf, m->type);
2104 pr_warn("map '%s': value type [%d] not found.\n",
2105 map->name, m->type);
2108 if (!btf_is_ptr(t)) {
2109 pr_warn("map '%s': value spec is not PTR: %s.\n",
2110 map->name, btf_kind_str(t));
2113 sz = btf__resolve_size(obj->btf, t->type);
2115 pr_warn("map '%s': can't determine value size for type [%u]: %zd.\n",
2116 map->name, t->type, (ssize_t)sz);
2119 pr_debug("map '%s': found value [%u], sz = %zd.\n",
2120 map->name, t->type, (ssize_t)sz);
2121 if (map->def.value_size && map->def.value_size != sz) {
2122 pr_warn("map '%s': conflicting value size %u != %zd.\n",
2123 map->name, map->def.value_size, (ssize_t)sz);
2126 map->def.value_size = sz;
2127 map->btf_value_type_id = t->type;
2129 else if (strcmp(name, "values") == 0) {
2133 pr_warn("map '%s': multi-level inner maps not supported.\n",
2137 if (i != vlen - 1) {
2138 pr_warn("map '%s': '%s' member should be last.\n",
2142 if (!bpf_map_type__is_map_in_map(map->def.type)) {
2143 pr_warn("map '%s': should be map-in-map.\n",
2147 if (map->def.value_size && map->def.value_size != 4) {
2148 pr_warn("map '%s': conflicting value size %u != 4.\n",
2149 map->name, map->def.value_size);
2152 map->def.value_size = 4;
2153 t = btf__type_by_id(obj->btf, m->type);
2155 pr_warn("map '%s': map-in-map inner type [%d] not found.\n",
2156 map->name, m->type);
2159 if (!btf_is_array(t) || btf_array(t)->nelems) {
2160 pr_warn("map '%s': map-in-map inner spec is not a zero-sized array.\n",
2164 t = skip_mods_and_typedefs(obj->btf, btf_array(t)->type,
2166 if (!btf_is_ptr(t)) {
2167 pr_warn("map '%s': map-in-map inner def is of unexpected kind %s.\n",
2168 map->name, btf_kind_str(t));
2171 t = skip_mods_and_typedefs(obj->btf, t->type, NULL);
2172 if (!btf_is_struct(t)) {
2173 pr_warn("map '%s': map-in-map inner def is of unexpected kind %s.\n",
2174 map->name, btf_kind_str(t));
2178 map->inner_map = calloc(1, sizeof(*map->inner_map));
2179 if (!map->inner_map)
2181 map->inner_map->sec_idx = obj->efile.btf_maps_shndx;
2182 map->inner_map->name = malloc(strlen(map->name) +
2183 sizeof(".inner") + 1);
2184 if (!map->inner_map->name)
2186 sprintf(map->inner_map->name, "%s.inner", map->name);
2188 err = parse_btf_map_def(obj, map->inner_map, t, strict,
2189 true /* is_inner */, NULL);
2192 } else if (strcmp(name, "pinning") == 0) {
2197 pr_debug("map '%s': inner def can't be pinned.\n",
2201 if (!get_map_field_int(map->name, obj->btf, m, &val))
2203 pr_debug("map '%s': found pinning = %u.\n",
2206 if (val != LIBBPF_PIN_NONE &&
2207 val != LIBBPF_PIN_BY_NAME) {
2208 pr_warn("map '%s': invalid pinning value %u.\n",
2212 if (val == LIBBPF_PIN_BY_NAME) {
2213 err = build_map_pin_path(map, pin_root_path);
2215 pr_warn("map '%s': couldn't build pin path.\n",
2222 pr_warn("map '%s': unknown field '%s'.\n",
2226 pr_debug("map '%s': ignoring unknown field '%s'.\n",
2231 if (map->def.type == BPF_MAP_TYPE_UNSPEC) {
2232 pr_warn("map '%s': map type isn't specified.\n", map->name);
2239 static int bpf_object__init_user_btf_map(struct bpf_object *obj,
2240 const struct btf_type *sec,
2241 int var_idx, int sec_idx,
2242 const Elf_Data *data, bool strict,
2243 const char *pin_root_path)
2245 const struct btf_type *var, *def;
2246 const struct btf_var_secinfo *vi;
2247 const struct btf_var *var_extra;
2248 const char *map_name;
2249 struct bpf_map *map;
2251 vi = btf_var_secinfos(sec) + var_idx;
2252 var = btf__type_by_id(obj->btf, vi->type);
2253 var_extra = btf_var(var);
2254 map_name = btf__name_by_offset(obj->btf, var->name_off);
2256 if (map_name == NULL || map_name[0] == '\0') {
2257 pr_warn("map #%d: empty name.\n", var_idx);
2260 if ((__u64)vi->offset + vi->size > data->d_size) {
2261 pr_warn("map '%s' BTF data is corrupted.\n", map_name);
2264 if (!btf_is_var(var)) {
2265 pr_warn("map '%s': unexpected var kind %s.\n",
2266 map_name, btf_kind_str(var));
2269 if (var_extra->linkage != BTF_VAR_GLOBAL_ALLOCATED &&
2270 var_extra->linkage != BTF_VAR_STATIC) {
2271 pr_warn("map '%s': unsupported var linkage %u.\n",
2272 map_name, var_extra->linkage);
2276 def = skip_mods_and_typedefs(obj->btf, var->type, NULL);
2277 if (!btf_is_struct(def)) {
2278 pr_warn("map '%s': unexpected def kind %s.\n",
2279 map_name, btf_kind_str(var));
2282 if (def->size > vi->size) {
2283 pr_warn("map '%s': invalid def size.\n", map_name);
2287 map = bpf_object__add_map(obj);
2289 return PTR_ERR(map);
2290 map->name = strdup(map_name);
2292 pr_warn("map '%s': failed to alloc map name.\n", map_name);
2295 map->libbpf_type = LIBBPF_MAP_UNSPEC;
2296 map->def.type = BPF_MAP_TYPE_UNSPEC;
2297 map->sec_idx = sec_idx;
2298 map->sec_offset = vi->offset;
2299 map->btf_var_idx = var_idx;
2300 pr_debug("map '%s': at sec_idx %d, offset %zu.\n",
2301 map_name, map->sec_idx, map->sec_offset);
2303 return parse_btf_map_def(obj, map, def, strict, false, pin_root_path);
2306 static int bpf_object__init_user_btf_maps(struct bpf_object *obj, bool strict,
2307 const char *pin_root_path)
2309 const struct btf_type *sec = NULL;
2310 int nr_types, i, vlen, err;
2311 const struct btf_type *t;
2316 if (obj->efile.btf_maps_shndx < 0)
2319 scn = elf_sec_by_idx(obj, obj->efile.btf_maps_shndx);
2320 data = elf_sec_data(obj, scn);
2321 if (!scn || !data) {
2322 pr_warn("elf: failed to get %s map definitions for %s\n",
2323 MAPS_ELF_SEC, obj->path);
2327 nr_types = btf__get_nr_types(obj->btf);
2328 for (i = 1; i <= nr_types; i++) {
2329 t = btf__type_by_id(obj->btf, i);
2330 if (!btf_is_datasec(t))
2332 name = btf__name_by_offset(obj->btf, t->name_off);
2333 if (strcmp(name, MAPS_ELF_SEC) == 0) {
2335 obj->efile.btf_maps_sec_btf_id = i;
2341 pr_warn("DATASEC '%s' not found.\n", MAPS_ELF_SEC);
2345 vlen = btf_vlen(sec);
2346 for (i = 0; i < vlen; i++) {
2347 err = bpf_object__init_user_btf_map(obj, sec, i,
2348 obj->efile.btf_maps_shndx,
2358 static int bpf_object__init_maps(struct bpf_object *obj,
2359 const struct bpf_object_open_opts *opts)
2361 const char *pin_root_path;
2365 strict = !OPTS_GET(opts, relaxed_maps, false);
2366 pin_root_path = OPTS_GET(opts, pin_root_path, NULL);
2368 err = bpf_object__init_user_maps(obj, strict);
2369 err = err ?: bpf_object__init_user_btf_maps(obj, strict, pin_root_path);
2370 err = err ?: bpf_object__init_global_data_maps(obj);
2371 err = err ?: bpf_object__init_kconfig_map(obj);
2372 err = err ?: bpf_object__init_struct_ops_maps(obj);
2379 static bool section_have_execinstr(struct bpf_object *obj, int idx)
2383 if (elf_sec_hdr(obj, elf_sec_by_idx(obj, idx), &sh))
2386 return sh.sh_flags & SHF_EXECINSTR;
2389 static bool btf_needs_sanitization(struct bpf_object *obj)
2391 bool has_func_global = kernel_supports(FEAT_BTF_GLOBAL_FUNC);
2392 bool has_datasec = kernel_supports(FEAT_BTF_DATASEC);
2393 bool has_float = kernel_supports(FEAT_BTF_FLOAT);
2394 bool has_func = kernel_supports(FEAT_BTF_FUNC);
2396 return !has_func || !has_datasec || !has_func_global || !has_float;
2399 static void bpf_object__sanitize_btf(struct bpf_object *obj, struct btf *btf)
2401 bool has_func_global = kernel_supports(FEAT_BTF_GLOBAL_FUNC);
2402 bool has_datasec = kernel_supports(FEAT_BTF_DATASEC);
2403 bool has_float = kernel_supports(FEAT_BTF_FLOAT);
2404 bool has_func = kernel_supports(FEAT_BTF_FUNC);
2408 for (i = 1; i <= btf__get_nr_types(btf); i++) {
2409 t = (struct btf_type *)btf__type_by_id(btf, i);
2411 if (!has_datasec && btf_is_var(t)) {
2412 /* replace VAR with INT */
2413 t->info = BTF_INFO_ENC(BTF_KIND_INT, 0, 0);
2415 * using size = 1 is the safest choice, 4 will be too
2416 * big and cause kernel BTF validation failure if
2417 * original variable took less than 4 bytes
2420 *(int *)(t + 1) = BTF_INT_ENC(0, 0, 8);
2421 } else if (!has_datasec && btf_is_datasec(t)) {
2422 /* replace DATASEC with STRUCT */
2423 const struct btf_var_secinfo *v = btf_var_secinfos(t);
2424 struct btf_member *m = btf_members(t);
2425 struct btf_type *vt;
2428 name = (char *)btf__name_by_offset(btf, t->name_off);
2436 t->info = BTF_INFO_ENC(BTF_KIND_STRUCT, 0, vlen);
2437 for (j = 0; j < vlen; j++, v++, m++) {
2438 /* order of field assignments is important */
2439 m->offset = v->offset * 8;
2441 /* preserve variable name as member name */
2442 vt = (void *)btf__type_by_id(btf, v->type);
2443 m->name_off = vt->name_off;
2445 } else if (!has_func && btf_is_func_proto(t)) {
2446 /* replace FUNC_PROTO with ENUM */
2448 t->info = BTF_INFO_ENC(BTF_KIND_ENUM, 0, vlen);
2449 t->size = sizeof(__u32); /* kernel enforced */
2450 } else if (!has_func && btf_is_func(t)) {
2451 /* replace FUNC with TYPEDEF */
2452 t->info = BTF_INFO_ENC(BTF_KIND_TYPEDEF, 0, 0);
2453 } else if (!has_func_global && btf_is_func(t)) {
2454 /* replace BTF_FUNC_GLOBAL with BTF_FUNC_STATIC */
2455 t->info = BTF_INFO_ENC(BTF_KIND_FUNC, 0, 0);
2456 } else if (!has_float && btf_is_float(t)) {
2457 /* replace FLOAT with an equally-sized empty STRUCT;
2458 * since C compilers do not accept e.g. "float" as a
2459 * valid struct name, make it anonymous
2462 t->info = BTF_INFO_ENC(BTF_KIND_STRUCT, 0, 0);
2467 static bool libbpf_needs_btf(const struct bpf_object *obj)
2469 return obj->efile.btf_maps_shndx >= 0 ||
2470 obj->efile.st_ops_shndx >= 0 ||
2474 static bool kernel_needs_btf(const struct bpf_object *obj)
2476 return obj->efile.st_ops_shndx >= 0;
2479 static int bpf_object__init_btf(struct bpf_object *obj,
2481 Elf_Data *btf_ext_data)
2486 obj->btf = btf__new(btf_data->d_buf, btf_data->d_size);
2487 if (IS_ERR(obj->btf)) {
2488 err = PTR_ERR(obj->btf);
2490 pr_warn("Error loading ELF section %s: %d.\n",
2494 /* enforce 8-byte pointers for BPF-targeted BTFs */
2495 btf__set_pointer_size(obj->btf, 8);
2500 pr_debug("Ignore ELF section %s because its depending ELF section %s is not found.\n",
2501 BTF_EXT_ELF_SEC, BTF_ELF_SEC);
2504 obj->btf_ext = btf_ext__new(btf_ext_data->d_buf,
2505 btf_ext_data->d_size);
2506 if (IS_ERR(obj->btf_ext)) {
2507 pr_warn("Error loading ELF section %s: %ld. Ignored and continue.\n",
2508 BTF_EXT_ELF_SEC, PTR_ERR(obj->btf_ext));
2509 obj->btf_ext = NULL;
2514 if (err && libbpf_needs_btf(obj)) {
2515 pr_warn("BTF is required, but is missing or corrupted.\n");
2521 static int bpf_object__finalize_btf(struct bpf_object *obj)
2528 err = btf__finalize_data(obj, obj->btf);
2530 pr_warn("Error finalizing %s: %d.\n", BTF_ELF_SEC, err);
2537 static bool prog_needs_vmlinux_btf(struct bpf_program *prog)
2539 if (prog->type == BPF_PROG_TYPE_STRUCT_OPS ||
2540 prog->type == BPF_PROG_TYPE_LSM)
2543 /* BPF_PROG_TYPE_TRACING programs which do not attach to other programs
2544 * also need vmlinux BTF
2546 if (prog->type == BPF_PROG_TYPE_TRACING && !prog->attach_prog_fd)
2552 static bool obj_needs_vmlinux_btf(const struct bpf_object *obj)
2554 struct bpf_program *prog;
2557 /* CO-RE relocations need kernel BTF */
2558 if (obj->btf_ext && obj->btf_ext->core_relo_info.len)
2561 /* Support for typed ksyms needs kernel BTF */
2562 for (i = 0; i < obj->nr_extern; i++) {
2563 const struct extern_desc *ext;
2565 ext = &obj->externs[i];
2566 if (ext->type == EXT_KSYM && ext->ksym.type_id)
2570 bpf_object__for_each_program(prog, obj) {
2573 if (prog_needs_vmlinux_btf(prog))
2580 static int bpf_object__load_vmlinux_btf(struct bpf_object *obj, bool force)
2584 /* btf_vmlinux could be loaded earlier */
2585 if (obj->btf_vmlinux)
2588 if (!force && !obj_needs_vmlinux_btf(obj))
2591 obj->btf_vmlinux = libbpf_find_kernel_btf();
2592 if (IS_ERR(obj->btf_vmlinux)) {
2593 err = PTR_ERR(obj->btf_vmlinux);
2594 pr_warn("Error loading vmlinux BTF: %d\n", err);
2595 obj->btf_vmlinux = NULL;
2601 static int bpf_object__sanitize_and_load_btf(struct bpf_object *obj)
2603 struct btf *kern_btf = obj->btf;
2604 bool btf_mandatory, sanitize;
2610 if (!kernel_supports(FEAT_BTF)) {
2611 if (kernel_needs_btf(obj)) {
2615 pr_debug("Kernel doesn't support BTF, skipping uploading it.\n");
2619 sanitize = btf_needs_sanitization(obj);
2621 const void *raw_data;
2624 /* clone BTF to sanitize a copy and leave the original intact */
2625 raw_data = btf__get_raw_data(obj->btf, &sz);
2626 kern_btf = btf__new(raw_data, sz);
2627 if (IS_ERR(kern_btf))
2628 return PTR_ERR(kern_btf);
2630 /* enforce 8-byte pointers for BPF-targeted BTFs */
2631 btf__set_pointer_size(obj->btf, 8);
2632 bpf_object__sanitize_btf(obj, kern_btf);
2635 err = btf__load(kern_btf);
2638 /* move fd to libbpf's BTF */
2639 btf__set_fd(obj->btf, btf__fd(kern_btf));
2640 btf__set_fd(kern_btf, -1);
2642 btf__free(kern_btf);
2646 btf_mandatory = kernel_needs_btf(obj);
2647 pr_warn("Error loading .BTF into kernel: %d. %s\n", err,
2648 btf_mandatory ? "BTF is mandatory, can't proceed."
2649 : "BTF is optional, ignoring.");
2656 static const char *elf_sym_str(const struct bpf_object *obj, size_t off)
2660 name = elf_strptr(obj->efile.elf, obj->efile.strtabidx, off);
2662 pr_warn("elf: failed to get section name string at offset %zu from %s: %s\n",
2663 off, obj->path, elf_errmsg(-1));
2670 static const char *elf_sec_str(const struct bpf_object *obj, size_t off)
2674 name = elf_strptr(obj->efile.elf, obj->efile.shstrndx, off);
2676 pr_warn("elf: failed to get section name string at offset %zu from %s: %s\n",
2677 off, obj->path, elf_errmsg(-1));
2684 static Elf_Scn *elf_sec_by_idx(const struct bpf_object *obj, size_t idx)
2688 scn = elf_getscn(obj->efile.elf, idx);
2690 pr_warn("elf: failed to get section(%zu) from %s: %s\n",
2691 idx, obj->path, elf_errmsg(-1));
2697 static Elf_Scn *elf_sec_by_name(const struct bpf_object *obj, const char *name)
2699 Elf_Scn *scn = NULL;
2700 Elf *elf = obj->efile.elf;
2701 const char *sec_name;
2703 while ((scn = elf_nextscn(elf, scn)) != NULL) {
2704 sec_name = elf_sec_name(obj, scn);
2708 if (strcmp(sec_name, name) != 0)
2716 static int elf_sec_hdr(const struct bpf_object *obj, Elf_Scn *scn, GElf_Shdr *hdr)
2721 if (gelf_getshdr(scn, hdr) != hdr) {
2722 pr_warn("elf: failed to get section(%zu) header from %s: %s\n",
2723 elf_ndxscn(scn), obj->path, elf_errmsg(-1));
2730 static const char *elf_sec_name(const struct bpf_object *obj, Elf_Scn *scn)
2738 if (elf_sec_hdr(obj, scn, &sh))
2741 name = elf_sec_str(obj, sh.sh_name);
2743 pr_warn("elf: failed to get section(%zu) name from %s: %s\n",
2744 elf_ndxscn(scn), obj->path, elf_errmsg(-1));
2751 static Elf_Data *elf_sec_data(const struct bpf_object *obj, Elf_Scn *scn)
2758 data = elf_getdata(scn, 0);
2760 pr_warn("elf: failed to get section(%zu) %s data from %s: %s\n",
2761 elf_ndxscn(scn), elf_sec_name(obj, scn) ?: "<?>",
2762 obj->path, elf_errmsg(-1));
2769 static int elf_sym_by_sec_off(const struct bpf_object *obj, size_t sec_idx,
2770 size_t off, __u32 sym_type, GElf_Sym *sym)
2772 Elf_Data *symbols = obj->efile.symbols;
2773 size_t n = symbols->d_size / sizeof(GElf_Sym);
2776 for (i = 0; i < n; i++) {
2777 if (!gelf_getsym(symbols, i, sym))
2779 if (sym->st_shndx != sec_idx || sym->st_value != off)
2781 if (GELF_ST_TYPE(sym->st_info) != sym_type)
2789 static bool is_sec_name_dwarf(const char *name)
2791 /* approximation, but the actual list is too long */
2792 return strncmp(name, ".debug_", sizeof(".debug_") - 1) == 0;
2795 static bool ignore_elf_section(GElf_Shdr *hdr, const char *name)
2797 /* no special handling of .strtab */
2798 if (hdr->sh_type == SHT_STRTAB)
2801 /* ignore .llvm_addrsig section as well */
2802 if (hdr->sh_type == SHT_LLVM_ADDRSIG)
2805 /* no subprograms will lead to an empty .text section, ignore it */
2806 if (hdr->sh_type == SHT_PROGBITS && hdr->sh_size == 0 &&
2807 strcmp(name, ".text") == 0)
2810 /* DWARF sections */
2811 if (is_sec_name_dwarf(name))
2814 if (strncmp(name, ".rel", sizeof(".rel") - 1) == 0) {
2815 name += sizeof(".rel") - 1;
2816 /* DWARF section relocations */
2817 if (is_sec_name_dwarf(name))
2820 /* .BTF and .BTF.ext don't need relocations */
2821 if (strcmp(name, BTF_ELF_SEC) == 0 ||
2822 strcmp(name, BTF_EXT_ELF_SEC) == 0)
2829 static int cmp_progs(const void *_a, const void *_b)
2831 const struct bpf_program *a = _a;
2832 const struct bpf_program *b = _b;
2834 if (a->sec_idx != b->sec_idx)
2835 return a->sec_idx < b->sec_idx ? -1 : 1;
2837 /* sec_insn_off can't be the same within the section */
2838 return a->sec_insn_off < b->sec_insn_off ? -1 : 1;
2841 static int bpf_object__elf_collect(struct bpf_object *obj)
2843 Elf *elf = obj->efile.elf;
2844 Elf_Data *btf_ext_data = NULL;
2845 Elf_Data *btf_data = NULL;
2846 int idx = 0, err = 0;
2852 /* a bunch of ELF parsing functionality depends on processing symbols,
2853 * so do the first pass and find the symbol table
2856 while ((scn = elf_nextscn(elf, scn)) != NULL) {
2857 if (elf_sec_hdr(obj, scn, &sh))
2858 return -LIBBPF_ERRNO__FORMAT;
2860 if (sh.sh_type == SHT_SYMTAB) {
2861 if (obj->efile.symbols) {
2862 pr_warn("elf: multiple symbol tables in %s\n", obj->path);
2863 return -LIBBPF_ERRNO__FORMAT;
2866 data = elf_sec_data(obj, scn);
2868 return -LIBBPF_ERRNO__FORMAT;
2870 obj->efile.symbols = data;
2871 obj->efile.symbols_shndx = elf_ndxscn(scn);
2872 obj->efile.strtabidx = sh.sh_link;
2877 while ((scn = elf_nextscn(elf, scn)) != NULL) {
2880 if (elf_sec_hdr(obj, scn, &sh))
2881 return -LIBBPF_ERRNO__FORMAT;
2883 name = elf_sec_str(obj, sh.sh_name);
2885 return -LIBBPF_ERRNO__FORMAT;
2887 if (ignore_elf_section(&sh, name))
2890 data = elf_sec_data(obj, scn);
2892 return -LIBBPF_ERRNO__FORMAT;
2894 pr_debug("elf: section(%d) %s, size %ld, link %d, flags %lx, type=%d\n",
2895 idx, name, (unsigned long)data->d_size,
2896 (int)sh.sh_link, (unsigned long)sh.sh_flags,
2899 if (strcmp(name, "license") == 0) {
2900 err = bpf_object__init_license(obj, data->d_buf, data->d_size);
2903 } else if (strcmp(name, "version") == 0) {
2904 err = bpf_object__init_kversion(obj, data->d_buf, data->d_size);
2907 } else if (strcmp(name, "maps") == 0) {
2908 obj->efile.maps_shndx = idx;
2909 } else if (strcmp(name, MAPS_ELF_SEC) == 0) {
2910 obj->efile.btf_maps_shndx = idx;
2911 } else if (strcmp(name, BTF_ELF_SEC) == 0) {
2913 } else if (strcmp(name, BTF_EXT_ELF_SEC) == 0) {
2914 btf_ext_data = data;
2915 } else if (sh.sh_type == SHT_SYMTAB) {
2916 /* already processed during the first pass above */
2917 } else if (sh.sh_type == SHT_PROGBITS && data->d_size > 0) {
2918 if (sh.sh_flags & SHF_EXECINSTR) {
2919 if (strcmp(name, ".text") == 0)
2920 obj->efile.text_shndx = idx;
2921 err = bpf_object__add_programs(obj, data, name, idx);
2924 } else if (strcmp(name, DATA_SEC) == 0) {
2925 obj->efile.data = data;
2926 obj->efile.data_shndx = idx;
2927 } else if (strcmp(name, RODATA_SEC) == 0) {
2928 obj->efile.rodata = data;
2929 obj->efile.rodata_shndx = idx;
2930 } else if (strcmp(name, STRUCT_OPS_SEC) == 0) {
2931 obj->efile.st_ops_data = data;
2932 obj->efile.st_ops_shndx = idx;
2934 pr_info("elf: skipping unrecognized data section(%d) %s\n",
2937 } else if (sh.sh_type == SHT_REL) {
2938 int nr_sects = obj->efile.nr_reloc_sects;
2939 void *sects = obj->efile.reloc_sects;
2940 int sec = sh.sh_info; /* points to other section */
2942 /* Only do relo for section with exec instructions */
2943 if (!section_have_execinstr(obj, sec) &&
2944 strcmp(name, ".rel" STRUCT_OPS_SEC) &&
2945 strcmp(name, ".rel" MAPS_ELF_SEC)) {
2946 pr_info("elf: skipping relo section(%d) %s for section(%d) %s\n",
2948 elf_sec_name(obj, elf_sec_by_idx(obj, sec)) ?: "<?>");
2952 sects = libbpf_reallocarray(sects, nr_sects + 1,
2953 sizeof(*obj->efile.reloc_sects));
2957 obj->efile.reloc_sects = sects;
2958 obj->efile.nr_reloc_sects++;
2960 obj->efile.reloc_sects[nr_sects].shdr = sh;
2961 obj->efile.reloc_sects[nr_sects].data = data;
2962 } else if (sh.sh_type == SHT_NOBITS && strcmp(name, BSS_SEC) == 0) {
2963 obj->efile.bss = data;
2964 obj->efile.bss_shndx = idx;
2966 pr_info("elf: skipping section(%d) %s (size %zu)\n", idx, name,
2967 (size_t)sh.sh_size);
2971 if (!obj->efile.strtabidx || obj->efile.strtabidx > idx) {
2972 pr_warn("elf: symbol strings section missing or invalid in %s\n", obj->path);
2973 return -LIBBPF_ERRNO__FORMAT;
2976 /* sort BPF programs by section name and in-section instruction offset
2977 * for faster search */
2978 qsort(obj->programs, obj->nr_programs, sizeof(*obj->programs), cmp_progs);
2980 return bpf_object__init_btf(obj, btf_data, btf_ext_data);
2983 static bool sym_is_extern(const GElf_Sym *sym)
2985 int bind = GELF_ST_BIND(sym->st_info);
2986 /* externs are symbols w/ type=NOTYPE, bind=GLOBAL|WEAK, section=UND */
2987 return sym->st_shndx == SHN_UNDEF &&
2988 (bind == STB_GLOBAL || bind == STB_WEAK) &&
2989 GELF_ST_TYPE(sym->st_info) == STT_NOTYPE;
2992 static bool sym_is_subprog(const GElf_Sym *sym, int text_shndx)
2994 int bind = GELF_ST_BIND(sym->st_info);
2995 int type = GELF_ST_TYPE(sym->st_info);
2997 /* in .text section */
2998 if (sym->st_shndx != text_shndx)
3001 /* local function */
3002 if (bind == STB_LOCAL && type == STT_SECTION)
3005 /* global function */
3006 return bind == STB_GLOBAL && type == STT_FUNC;
3009 static int find_extern_btf_id(const struct btf *btf, const char *ext_name)
3011 const struct btf_type *t;
3012 const char *var_name;
3018 n = btf__get_nr_types(btf);
3019 for (i = 1; i <= n; i++) {
3020 t = btf__type_by_id(btf, i);
3025 var_name = btf__name_by_offset(btf, t->name_off);
3026 if (strcmp(var_name, ext_name))
3029 if (btf_var(t)->linkage != BTF_VAR_GLOBAL_EXTERN)
3038 static int find_extern_sec_btf_id(struct btf *btf, int ext_btf_id) {
3039 const struct btf_var_secinfo *vs;
3040 const struct btf_type *t;
3046 n = btf__get_nr_types(btf);
3047 for (i = 1; i <= n; i++) {
3048 t = btf__type_by_id(btf, i);
3050 if (!btf_is_datasec(t))
3053 vs = btf_var_secinfos(t);
3054 for (j = 0; j < btf_vlen(t); j++, vs++) {
3055 if (vs->type == ext_btf_id)
3063 static enum kcfg_type find_kcfg_type(const struct btf *btf, int id,
3066 const struct btf_type *t;
3069 t = skip_mods_and_typedefs(btf, id, NULL);
3070 name = btf__name_by_offset(btf, t->name_off);
3074 switch (btf_kind(t)) {
3075 case BTF_KIND_INT: {
3076 int enc = btf_int_encoding(t);
3078 if (enc & BTF_INT_BOOL)
3079 return t->size == 1 ? KCFG_BOOL : KCFG_UNKNOWN;
3081 *is_signed = enc & BTF_INT_SIGNED;
3084 if (t->size < 1 || t->size > 8 || (t->size & (t->size - 1)))
3085 return KCFG_UNKNOWN;
3090 return KCFG_UNKNOWN;
3091 if (strcmp(name, "libbpf_tristate"))
3092 return KCFG_UNKNOWN;
3093 return KCFG_TRISTATE;
3094 case BTF_KIND_ARRAY:
3095 if (btf_array(t)->nelems == 0)
3096 return KCFG_UNKNOWN;
3097 if (find_kcfg_type(btf, btf_array(t)->type, NULL) != KCFG_CHAR)
3098 return KCFG_UNKNOWN;
3099 return KCFG_CHAR_ARR;
3101 return KCFG_UNKNOWN;
3105 static int cmp_externs(const void *_a, const void *_b)
3107 const struct extern_desc *a = _a;
3108 const struct extern_desc *b = _b;
3110 if (a->type != b->type)
3111 return a->type < b->type ? -1 : 1;
3113 if (a->type == EXT_KCFG) {
3114 /* descending order by alignment requirements */
3115 if (a->kcfg.align != b->kcfg.align)
3116 return a->kcfg.align > b->kcfg.align ? -1 : 1;
3117 /* ascending order by size, within same alignment class */
3118 if (a->kcfg.sz != b->kcfg.sz)
3119 return a->kcfg.sz < b->kcfg.sz ? -1 : 1;
3122 /* resolve ties by name */
3123 return strcmp(a->name, b->name);
3126 static int find_int_btf_id(const struct btf *btf)
3128 const struct btf_type *t;
3131 n = btf__get_nr_types(btf);
3132 for (i = 1; i <= n; i++) {
3133 t = btf__type_by_id(btf, i);
3135 if (btf_is_int(t) && btf_int_bits(t) == 32)
3142 static int bpf_object__collect_externs(struct bpf_object *obj)
3144 struct btf_type *sec, *kcfg_sec = NULL, *ksym_sec = NULL;
3145 const struct btf_type *t;
3146 struct extern_desc *ext;
3148 const char *ext_name, *sec_name;
3152 if (!obj->efile.symbols)
3155 scn = elf_sec_by_idx(obj, obj->efile.symbols_shndx);
3156 if (elf_sec_hdr(obj, scn, &sh))
3157 return -LIBBPF_ERRNO__FORMAT;
3159 n = sh.sh_size / sh.sh_entsize;
3160 pr_debug("looking for externs among %d symbols...\n", n);
3162 for (i = 0; i < n; i++) {
3165 if (!gelf_getsym(obj->efile.symbols, i, &sym))
3166 return -LIBBPF_ERRNO__FORMAT;
3167 if (!sym_is_extern(&sym))
3169 ext_name = elf_sym_str(obj, sym.st_name);
3170 if (!ext_name || !ext_name[0])
3174 ext = libbpf_reallocarray(ext, obj->nr_extern + 1, sizeof(*ext));
3178 ext = &ext[obj->nr_extern];
3179 memset(ext, 0, sizeof(*ext));
3182 ext->btf_id = find_extern_btf_id(obj->btf, ext_name);
3183 if (ext->btf_id <= 0) {
3184 pr_warn("failed to find BTF for extern '%s': %d\n",
3185 ext_name, ext->btf_id);
3188 t = btf__type_by_id(obj->btf, ext->btf_id);
3189 ext->name = btf__name_by_offset(obj->btf, t->name_off);
3191 ext->is_weak = GELF_ST_BIND(sym.st_info) == STB_WEAK;
3193 ext->sec_btf_id = find_extern_sec_btf_id(obj->btf, ext->btf_id);
3194 if (ext->sec_btf_id <= 0) {
3195 pr_warn("failed to find BTF for extern '%s' [%d] section: %d\n",
3196 ext_name, ext->btf_id, ext->sec_btf_id);
3197 return ext->sec_btf_id;
3199 sec = (void *)btf__type_by_id(obj->btf, ext->sec_btf_id);
3200 sec_name = btf__name_by_offset(obj->btf, sec->name_off);
3202 if (strcmp(sec_name, KCONFIG_SEC) == 0) {
3204 ext->type = EXT_KCFG;
3205 ext->kcfg.sz = btf__resolve_size(obj->btf, t->type);
3206 if (ext->kcfg.sz <= 0) {
3207 pr_warn("failed to resolve size of extern (kcfg) '%s': %d\n",
3208 ext_name, ext->kcfg.sz);
3209 return ext->kcfg.sz;
3211 ext->kcfg.align = btf__align_of(obj->btf, t->type);
3212 if (ext->kcfg.align <= 0) {
3213 pr_warn("failed to determine alignment of extern (kcfg) '%s': %d\n",
3214 ext_name, ext->kcfg.align);
3217 ext->kcfg.type = find_kcfg_type(obj->btf, t->type,
3218 &ext->kcfg.is_signed);
3219 if (ext->kcfg.type == KCFG_UNKNOWN) {
3220 pr_warn("extern (kcfg) '%s' type is unsupported\n", ext_name);
3223 } else if (strcmp(sec_name, KSYMS_SEC) == 0) {
3225 ext->type = EXT_KSYM;
3226 skip_mods_and_typedefs(obj->btf, t->type,
3227 &ext->ksym.type_id);
3229 pr_warn("unrecognized extern section '%s'\n", sec_name);
3233 pr_debug("collected %d externs total\n", obj->nr_extern);
3235 if (!obj->nr_extern)
3238 /* sort externs by type, for kcfg ones also by (align, size, name) */
3239 qsort(obj->externs, obj->nr_extern, sizeof(*ext), cmp_externs);
3241 /* for .ksyms section, we need to turn all externs into allocated
3242 * variables in BTF to pass kernel verification; we do this by
3243 * pretending that each extern is a 8-byte variable
3246 /* find existing 4-byte integer type in BTF to use for fake
3247 * extern variables in DATASEC
3249 int int_btf_id = find_int_btf_id(obj->btf);
3251 for (i = 0; i < obj->nr_extern; i++) {
3252 ext = &obj->externs[i];
3253 if (ext->type != EXT_KSYM)
3255 pr_debug("extern (ksym) #%d: symbol %d, name %s\n",
3256 i, ext->sym_idx, ext->name);
3261 for (i = 0, off = 0; i < n; i++, off += sizeof(int)) {
3262 struct btf_var_secinfo *vs = btf_var_secinfos(sec) + i;
3263 struct btf_type *vt;
3265 vt = (void *)btf__type_by_id(obj->btf, vs->type);
3266 ext_name = btf__name_by_offset(obj->btf, vt->name_off);
3267 ext = find_extern_by_name(obj, ext_name);
3269 pr_warn("failed to find extern definition for BTF var '%s'\n",
3273 btf_var(vt)->linkage = BTF_VAR_GLOBAL_ALLOCATED;
3274 vt->type = int_btf_id;
3276 vs->size = sizeof(int);
3283 /* for kcfg externs calculate their offsets within a .kconfig map */
3285 for (i = 0; i < obj->nr_extern; i++) {
3286 ext = &obj->externs[i];
3287 if (ext->type != EXT_KCFG)
3290 ext->kcfg.data_off = roundup(off, ext->kcfg.align);
3291 off = ext->kcfg.data_off + ext->kcfg.sz;
3292 pr_debug("extern (kcfg) #%d: symbol %d, off %u, name %s\n",
3293 i, ext->sym_idx, ext->kcfg.data_off, ext->name);
3297 for (i = 0; i < n; i++) {
3298 struct btf_var_secinfo *vs = btf_var_secinfos(sec) + i;
3300 t = btf__type_by_id(obj->btf, vs->type);
3301 ext_name = btf__name_by_offset(obj->btf, t->name_off);
3302 ext = find_extern_by_name(obj, ext_name);
3304 pr_warn("failed to find extern definition for BTF var '%s'\n",
3308 btf_var(t)->linkage = BTF_VAR_GLOBAL_ALLOCATED;
3309 vs->offset = ext->kcfg.data_off;
3315 struct bpf_program *
3316 bpf_object__find_program_by_title(const struct bpf_object *obj,
3319 struct bpf_program *pos;
3321 bpf_object__for_each_program(pos, obj) {
3322 if (pos->sec_name && !strcmp(pos->sec_name, title))
3328 static bool prog_is_subprog(const struct bpf_object *obj,
3329 const struct bpf_program *prog)
3331 /* For legacy reasons, libbpf supports an entry-point BPF programs
3332 * without SEC() attribute, i.e., those in the .text section. But if
3333 * there are 2 or more such programs in the .text section, they all
3334 * must be subprograms called from entry-point BPF programs in
3335 * designated SEC()'tions, otherwise there is no way to distinguish
3336 * which of those programs should be loaded vs which are a subprogram.
3337 * Similarly, if there is a function/program in .text and at least one
3338 * other BPF program with custom SEC() attribute, then we just assume
3339 * .text programs are subprograms (even if they are not called from
3340 * other programs), because libbpf never explicitly supported mixing
3341 * SEC()-designated BPF programs and .text entry-point BPF programs.
3343 return prog->sec_idx == obj->efile.text_shndx && obj->nr_programs > 1;
3346 struct bpf_program *
3347 bpf_object__find_program_by_name(const struct bpf_object *obj,
3350 struct bpf_program *prog;
3352 bpf_object__for_each_program(prog, obj) {
3353 if (prog_is_subprog(obj, prog))
3355 if (!strcmp(prog->name, name))
3361 static bool bpf_object__shndx_is_data(const struct bpf_object *obj,
3364 return shndx == obj->efile.data_shndx ||
3365 shndx == obj->efile.bss_shndx ||
3366 shndx == obj->efile.rodata_shndx;
3369 static bool bpf_object__shndx_is_maps(const struct bpf_object *obj,
3372 return shndx == obj->efile.maps_shndx ||
3373 shndx == obj->efile.btf_maps_shndx;
3376 static enum libbpf_map_type
3377 bpf_object__section_to_libbpf_map_type(const struct bpf_object *obj, int shndx)
3379 if (shndx == obj->efile.data_shndx)
3380 return LIBBPF_MAP_DATA;
3381 else if (shndx == obj->efile.bss_shndx)
3382 return LIBBPF_MAP_BSS;
3383 else if (shndx == obj->efile.rodata_shndx)
3384 return LIBBPF_MAP_RODATA;
3385 else if (shndx == obj->efile.symbols_shndx)
3386 return LIBBPF_MAP_KCONFIG;
3388 return LIBBPF_MAP_UNSPEC;
3391 static int bpf_program__record_reloc(struct bpf_program *prog,
3392 struct reloc_desc *reloc_desc,
3393 __u32 insn_idx, const char *sym_name,
3394 const GElf_Sym *sym, const GElf_Rel *rel)
3396 struct bpf_insn *insn = &prog->insns[insn_idx];
3397 size_t map_idx, nr_maps = prog->obj->nr_maps;
3398 struct bpf_object *obj = prog->obj;
3399 __u32 shdr_idx = sym->st_shndx;
3400 enum libbpf_map_type type;
3401 const char *sym_sec_name;
3402 struct bpf_map *map;
3404 reloc_desc->processed = false;
3406 /* sub-program call relocation */
3407 if (insn->code == (BPF_JMP | BPF_CALL)) {
3408 if (insn->src_reg != BPF_PSEUDO_CALL) {
3409 pr_warn("prog '%s': incorrect bpf_call opcode\n", prog->name);
3410 return -LIBBPF_ERRNO__RELOC;
3412 /* text_shndx can be 0, if no default "main" program exists */
3413 if (!shdr_idx || shdr_idx != obj->efile.text_shndx) {
3414 sym_sec_name = elf_sec_name(obj, elf_sec_by_idx(obj, shdr_idx));
3415 pr_warn("prog '%s': bad call relo against '%s' in section '%s'\n",
3416 prog->name, sym_name, sym_sec_name);
3417 return -LIBBPF_ERRNO__RELOC;
3419 if (sym->st_value % BPF_INSN_SZ) {
3420 pr_warn("prog '%s': bad call relo against '%s' at offset %zu\n",
3421 prog->name, sym_name, (size_t)sym->st_value);
3422 return -LIBBPF_ERRNO__RELOC;
3424 reloc_desc->type = RELO_CALL;
3425 reloc_desc->insn_idx = insn_idx;
3426 reloc_desc->sym_off = sym->st_value;
3430 if (!is_ldimm64(insn)) {
3431 pr_warn("prog '%s': invalid relo against '%s' for insns[%d].code 0x%x\n",
3432 prog->name, sym_name, insn_idx, insn->code);
3433 return -LIBBPF_ERRNO__RELOC;
3436 if (sym_is_extern(sym)) {
3437 int sym_idx = GELF_R_SYM(rel->r_info);
3438 int i, n = obj->nr_extern;
3439 struct extern_desc *ext;
3441 for (i = 0; i < n; i++) {
3442 ext = &obj->externs[i];
3443 if (ext->sym_idx == sym_idx)
3447 pr_warn("prog '%s': extern relo failed to find extern for '%s' (%d)\n",
3448 prog->name, sym_name, sym_idx);
3449 return -LIBBPF_ERRNO__RELOC;
3451 pr_debug("prog '%s': found extern #%d '%s' (sym %d) for insn #%u\n",
3452 prog->name, i, ext->name, ext->sym_idx, insn_idx);
3453 reloc_desc->type = RELO_EXTERN;
3454 reloc_desc->insn_idx = insn_idx;
3455 reloc_desc->sym_off = i; /* sym_off stores extern index */
3459 if (!shdr_idx || shdr_idx >= SHN_LORESERVE) {
3460 pr_warn("prog '%s': invalid relo against '%s' in special section 0x%x; forgot to initialize global var?..\n",
3461 prog->name, sym_name, shdr_idx);
3462 return -LIBBPF_ERRNO__RELOC;
3465 /* loading subprog addresses */
3466 if (sym_is_subprog(sym, obj->efile.text_shndx)) {
3467 /* global_func: sym->st_value = offset in the section, insn->imm = 0.
3468 * local_func: sym->st_value = 0, insn->imm = offset in the section.
3470 if ((sym->st_value % BPF_INSN_SZ) || (insn->imm % BPF_INSN_SZ)) {
3471 pr_warn("prog '%s': bad subprog addr relo against '%s' at offset %zu+%d\n",
3472 prog->name, sym_name, (size_t)sym->st_value, insn->imm);
3473 return -LIBBPF_ERRNO__RELOC;
3476 reloc_desc->type = RELO_SUBPROG_ADDR;
3477 reloc_desc->insn_idx = insn_idx;
3478 reloc_desc->sym_off = sym->st_value;
3482 type = bpf_object__section_to_libbpf_map_type(obj, shdr_idx);
3483 sym_sec_name = elf_sec_name(obj, elf_sec_by_idx(obj, shdr_idx));
3485 /* generic map reference relocation */
3486 if (type == LIBBPF_MAP_UNSPEC) {
3487 if (!bpf_object__shndx_is_maps(obj, shdr_idx)) {
3488 pr_warn("prog '%s': bad map relo against '%s' in section '%s'\n",
3489 prog->name, sym_name, sym_sec_name);
3490 return -LIBBPF_ERRNO__RELOC;
3492 for (map_idx = 0; map_idx < nr_maps; map_idx++) {
3493 map = &obj->maps[map_idx];
3494 if (map->libbpf_type != type ||
3495 map->sec_idx != sym->st_shndx ||
3496 map->sec_offset != sym->st_value)
3498 pr_debug("prog '%s': found map %zd (%s, sec %d, off %zu) for insn #%u\n",
3499 prog->name, map_idx, map->name, map->sec_idx,
3500 map->sec_offset, insn_idx);
3503 if (map_idx >= nr_maps) {
3504 pr_warn("prog '%s': map relo failed to find map for section '%s', off %zu\n",
3505 prog->name, sym_sec_name, (size_t)sym->st_value);
3506 return -LIBBPF_ERRNO__RELOC;
3508 reloc_desc->type = RELO_LD64;
3509 reloc_desc->insn_idx = insn_idx;
3510 reloc_desc->map_idx = map_idx;
3511 reloc_desc->sym_off = 0; /* sym->st_value determines map_idx */
3515 /* global data map relocation */
3516 if (!bpf_object__shndx_is_data(obj, shdr_idx)) {
3517 pr_warn("prog '%s': bad data relo against section '%s'\n",
3518 prog->name, sym_sec_name);
3519 return -LIBBPF_ERRNO__RELOC;
3521 for (map_idx = 0; map_idx < nr_maps; map_idx++) {
3522 map = &obj->maps[map_idx];
3523 if (map->libbpf_type != type)
3525 pr_debug("prog '%s': found data map %zd (%s, sec %d, off %zu) for insn %u\n",
3526 prog->name, map_idx, map->name, map->sec_idx,
3527 map->sec_offset, insn_idx);
3530 if (map_idx >= nr_maps) {
3531 pr_warn("prog '%s': data relo failed to find map for section '%s'\n",
3532 prog->name, sym_sec_name);
3533 return -LIBBPF_ERRNO__RELOC;
3536 reloc_desc->type = RELO_DATA;
3537 reloc_desc->insn_idx = insn_idx;
3538 reloc_desc->map_idx = map_idx;
3539 reloc_desc->sym_off = sym->st_value;
3543 static bool prog_contains_insn(const struct bpf_program *prog, size_t insn_idx)
3545 return insn_idx >= prog->sec_insn_off &&
3546 insn_idx < prog->sec_insn_off + prog->sec_insn_cnt;
3549 static struct bpf_program *find_prog_by_sec_insn(const struct bpf_object *obj,
3550 size_t sec_idx, size_t insn_idx)
3552 int l = 0, r = obj->nr_programs - 1, m;
3553 struct bpf_program *prog;
3556 m = l + (r - l + 1) / 2;
3557 prog = &obj->programs[m];
3559 if (prog->sec_idx < sec_idx ||
3560 (prog->sec_idx == sec_idx && prog->sec_insn_off <= insn_idx))
3565 /* matching program could be at index l, but it still might be the
3566 * wrong one, so we need to double check conditions for the last time
3568 prog = &obj->programs[l];
3569 if (prog->sec_idx == sec_idx && prog_contains_insn(prog, insn_idx))
3575 bpf_object__collect_prog_relos(struct bpf_object *obj, GElf_Shdr *shdr, Elf_Data *data)
3577 Elf_Data *symbols = obj->efile.symbols;
3578 const char *relo_sec_name, *sec_name;
3579 size_t sec_idx = shdr->sh_info;
3580 struct bpf_program *prog;
3581 struct reloc_desc *relos;
3583 const char *sym_name;
3588 relo_sec_name = elf_sec_str(obj, shdr->sh_name);
3589 sec_name = elf_sec_name(obj, elf_sec_by_idx(obj, sec_idx));
3590 if (!relo_sec_name || !sec_name)
3593 pr_debug("sec '%s': collecting relocation for section(%zu) '%s'\n",
3594 relo_sec_name, sec_idx, sec_name);
3595 nrels = shdr->sh_size / shdr->sh_entsize;
3597 for (i = 0; i < nrels; i++) {
3598 if (!gelf_getrel(data, i, &rel)) {
3599 pr_warn("sec '%s': failed to get relo #%d\n", relo_sec_name, i);
3600 return -LIBBPF_ERRNO__FORMAT;
3602 if (!gelf_getsym(symbols, GELF_R_SYM(rel.r_info), &sym)) {
3603 pr_warn("sec '%s': symbol 0x%zx not found for relo #%d\n",
3604 relo_sec_name, (size_t)GELF_R_SYM(rel.r_info), i);
3605 return -LIBBPF_ERRNO__FORMAT;
3607 if (rel.r_offset % BPF_INSN_SZ) {
3608 pr_warn("sec '%s': invalid offset 0x%zx for relo #%d\n",
3609 relo_sec_name, (size_t)GELF_R_SYM(rel.r_info), i);
3610 return -LIBBPF_ERRNO__FORMAT;
3613 insn_idx = rel.r_offset / BPF_INSN_SZ;
3614 /* relocations against static functions are recorded as
3615 * relocations against the section that contains a function;
3616 * in such case, symbol will be STT_SECTION and sym.st_name
3617 * will point to empty string (0), so fetch section name
3620 if (GELF_ST_TYPE(sym.st_info) == STT_SECTION && sym.st_name == 0)
3621 sym_name = elf_sec_name(obj, elf_sec_by_idx(obj, sym.st_shndx));
3623 sym_name = elf_sym_str(obj, sym.st_name);
3624 sym_name = sym_name ?: "<?";
3626 pr_debug("sec '%s': relo #%d: insn #%u against '%s'\n",
3627 relo_sec_name, i, insn_idx, sym_name);
3629 prog = find_prog_by_sec_insn(obj, sec_idx, insn_idx);
3631 pr_warn("sec '%s': relo #%d: program not found in section '%s' for insn #%u\n",
3632 relo_sec_name, i, sec_name, insn_idx);
3633 return -LIBBPF_ERRNO__RELOC;
3636 relos = libbpf_reallocarray(prog->reloc_desc,
3637 prog->nr_reloc + 1, sizeof(*relos));
3640 prog->reloc_desc = relos;
3642 /* adjust insn_idx to local BPF program frame of reference */
3643 insn_idx -= prog->sec_insn_off;
3644 err = bpf_program__record_reloc(prog, &relos[prog->nr_reloc],
3645 insn_idx, sym_name, &sym, &rel);
3654 static int bpf_map_find_btf_info(struct bpf_object *obj, struct bpf_map *map)
3656 struct bpf_map_def *def = &map->def;
3657 __u32 key_type_id = 0, value_type_id = 0;
3660 /* if it's BTF-defined map, we don't need to search for type IDs.
3661 * For struct_ops map, it does not need btf_key_type_id and
3662 * btf_value_type_id.
3664 if (map->sec_idx == obj->efile.btf_maps_shndx ||
3665 bpf_map__is_struct_ops(map))
3668 if (!bpf_map__is_internal(map)) {
3669 ret = btf__get_map_kv_tids(obj->btf, map->name, def->key_size,
3670 def->value_size, &key_type_id,
3674 * LLVM annotates global data differently in BTF, that is,
3675 * only as '.data', '.bss' or '.rodata'.
3677 ret = btf__find_by_name(obj->btf,
3678 libbpf_type_to_btf_name[map->libbpf_type]);
3683 map->btf_key_type_id = key_type_id;
3684 map->btf_value_type_id = bpf_map__is_internal(map) ?
3685 ret : value_type_id;
3689 int bpf_map__reuse_fd(struct bpf_map *map, int fd)
3691 struct bpf_map_info info = {};
3692 __u32 len = sizeof(info);
3696 err = bpf_obj_get_info_by_fd(fd, &info, &len);
3700 new_name = strdup(info.name);
3704 new_fd = open("/", O_RDONLY | O_CLOEXEC);
3707 goto err_free_new_name;
3710 new_fd = dup3(fd, new_fd, O_CLOEXEC);
3713 goto err_close_new_fd;
3716 err = zclose(map->fd);
3719 goto err_close_new_fd;
3724 map->name = new_name;
3725 map->def.type = info.type;
3726 map->def.key_size = info.key_size;
3727 map->def.value_size = info.value_size;
3728 map->def.max_entries = info.max_entries;
3729 map->def.map_flags = info.map_flags;
3730 map->btf_key_type_id = info.btf_key_type_id;
3731 map->btf_value_type_id = info.btf_value_type_id;
3743 __u32 bpf_map__max_entries(const struct bpf_map *map)
3745 return map->def.max_entries;
3748 int bpf_map__set_max_entries(struct bpf_map *map, __u32 max_entries)
3752 map->def.max_entries = max_entries;
3756 int bpf_map__resize(struct bpf_map *map, __u32 max_entries)
3758 if (!map || !max_entries)
3761 return bpf_map__set_max_entries(map, max_entries);
3765 bpf_object__probe_loading(struct bpf_object *obj)
3767 struct bpf_load_program_attr attr;
3768 char *cp, errmsg[STRERR_BUFSIZE];
3769 struct bpf_insn insns[] = {
3770 BPF_MOV64_IMM(BPF_REG_0, 0),
3775 /* make sure basic loading works */
3777 memset(&attr, 0, sizeof(attr));
3778 attr.prog_type = BPF_PROG_TYPE_SOCKET_FILTER;
3780 attr.insns_cnt = ARRAY_SIZE(insns);
3781 attr.license = "GPL";
3783 ret = bpf_load_program_xattr(&attr, NULL, 0);
3786 cp = libbpf_strerror_r(ret, errmsg, sizeof(errmsg));
3787 pr_warn("Error in %s():%s(%d). Couldn't load trivial BPF "
3788 "program. Make sure your kernel supports BPF "
3789 "(CONFIG_BPF_SYSCALL=y) and/or that RLIMIT_MEMLOCK is "
3790 "set to big enough value.\n", __func__, cp, ret);
3798 static int probe_fd(int fd)
3805 static int probe_kern_prog_name(void)
3807 struct bpf_load_program_attr attr;
3808 struct bpf_insn insns[] = {
3809 BPF_MOV64_IMM(BPF_REG_0, 0),
3814 /* make sure loading with name works */
3816 memset(&attr, 0, sizeof(attr));
3817 attr.prog_type = BPF_PROG_TYPE_SOCKET_FILTER;
3819 attr.insns_cnt = ARRAY_SIZE(insns);
3820 attr.license = "GPL";
3822 ret = bpf_load_program_xattr(&attr, NULL, 0);
3823 return probe_fd(ret);
3826 static int probe_kern_global_data(void)
3828 struct bpf_load_program_attr prg_attr;
3829 struct bpf_create_map_attr map_attr;
3830 char *cp, errmsg[STRERR_BUFSIZE];
3831 struct bpf_insn insns[] = {
3832 BPF_LD_MAP_VALUE(BPF_REG_1, 0, 16),
3833 BPF_ST_MEM(BPF_DW, BPF_REG_1, 0, 42),
3834 BPF_MOV64_IMM(BPF_REG_0, 0),
3839 memset(&map_attr, 0, sizeof(map_attr));
3840 map_attr.map_type = BPF_MAP_TYPE_ARRAY;
3841 map_attr.key_size = sizeof(int);
3842 map_attr.value_size = 32;
3843 map_attr.max_entries = 1;
3845 map = bpf_create_map_xattr(&map_attr);
3848 cp = libbpf_strerror_r(ret, errmsg, sizeof(errmsg));
3849 pr_warn("Error in %s():%s(%d). Couldn't create simple array map.\n",
3850 __func__, cp, -ret);
3856 memset(&prg_attr, 0, sizeof(prg_attr));
3857 prg_attr.prog_type = BPF_PROG_TYPE_SOCKET_FILTER;
3858 prg_attr.insns = insns;
3859 prg_attr.insns_cnt = ARRAY_SIZE(insns);
3860 prg_attr.license = "GPL";
3862 ret = bpf_load_program_xattr(&prg_attr, NULL, 0);
3864 return probe_fd(ret);
3867 static int probe_kern_btf(void)
3869 static const char strs[] = "\0int";
3872 BTF_TYPE_INT_ENC(1, BTF_INT_SIGNED, 0, 32, 4),
3875 return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
3876 strs, sizeof(strs)));
3879 static int probe_kern_btf_func(void)
3881 static const char strs[] = "\0int\0x\0a";
3882 /* void x(int a) {} */
3885 BTF_TYPE_INT_ENC(1, BTF_INT_SIGNED, 0, 32, 4), /* [1] */
3886 /* FUNC_PROTO */ /* [2] */
3887 BTF_TYPE_ENC(0, BTF_INFO_ENC(BTF_KIND_FUNC_PROTO, 0, 1), 0),
3888 BTF_PARAM_ENC(7, 1),
3889 /* FUNC x */ /* [3] */
3890 BTF_TYPE_ENC(5, BTF_INFO_ENC(BTF_KIND_FUNC, 0, 0), 2),
3893 return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
3894 strs, sizeof(strs)));
3897 static int probe_kern_btf_func_global(void)
3899 static const char strs[] = "\0int\0x\0a";
3900 /* static void x(int a) {} */
3903 BTF_TYPE_INT_ENC(1, BTF_INT_SIGNED, 0, 32, 4), /* [1] */
3904 /* FUNC_PROTO */ /* [2] */
3905 BTF_TYPE_ENC(0, BTF_INFO_ENC(BTF_KIND_FUNC_PROTO, 0, 1), 0),
3906 BTF_PARAM_ENC(7, 1),
3907 /* FUNC x BTF_FUNC_GLOBAL */ /* [3] */
3908 BTF_TYPE_ENC(5, BTF_INFO_ENC(BTF_KIND_FUNC, 0, BTF_FUNC_GLOBAL), 2),
3911 return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
3912 strs, sizeof(strs)));
3915 static int probe_kern_btf_datasec(void)
3917 static const char strs[] = "\0x\0.data";
3921 BTF_TYPE_INT_ENC(0, BTF_INT_SIGNED, 0, 32, 4), /* [1] */
3922 /* VAR x */ /* [2] */
3923 BTF_TYPE_ENC(1, BTF_INFO_ENC(BTF_KIND_VAR, 0, 0), 1),
3925 /* DATASEC val */ /* [3] */
3926 BTF_TYPE_ENC(3, BTF_INFO_ENC(BTF_KIND_DATASEC, 0, 1), 4),
3927 BTF_VAR_SECINFO_ENC(2, 0, 4),
3930 return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
3931 strs, sizeof(strs)));
3934 static int probe_kern_btf_float(void)
3936 static const char strs[] = "\0float";
3939 BTF_TYPE_FLOAT_ENC(1, 4),
3942 return probe_fd(libbpf__load_raw_btf((char *)types, sizeof(types),
3943 strs, sizeof(strs)));
3946 static int probe_kern_array_mmap(void)
3948 struct bpf_create_map_attr attr = {
3949 .map_type = BPF_MAP_TYPE_ARRAY,
3950 .map_flags = BPF_F_MMAPABLE,
3951 .key_size = sizeof(int),
3952 .value_size = sizeof(int),
3956 return probe_fd(bpf_create_map_xattr(&attr));
3959 static int probe_kern_exp_attach_type(void)
3961 struct bpf_load_program_attr attr;
3962 struct bpf_insn insns[] = {
3963 BPF_MOV64_IMM(BPF_REG_0, 0),
3967 memset(&attr, 0, sizeof(attr));
3968 /* use any valid combination of program type and (optional)
3969 * non-zero expected attach type (i.e., not a BPF_CGROUP_INET_INGRESS)
3970 * to see if kernel supports expected_attach_type field for
3971 * BPF_PROG_LOAD command
3973 attr.prog_type = BPF_PROG_TYPE_CGROUP_SOCK;
3974 attr.expected_attach_type = BPF_CGROUP_INET_SOCK_CREATE;
3976 attr.insns_cnt = ARRAY_SIZE(insns);
3977 attr.license = "GPL";
3979 return probe_fd(bpf_load_program_xattr(&attr, NULL, 0));
3982 static int probe_kern_probe_read_kernel(void)
3984 struct bpf_load_program_attr attr;
3985 struct bpf_insn insns[] = {
3986 BPF_MOV64_REG(BPF_REG_1, BPF_REG_10), /* r1 = r10 (fp) */
3987 BPF_ALU64_IMM(BPF_ADD, BPF_REG_1, -8), /* r1 += -8 */
3988 BPF_MOV64_IMM(BPF_REG_2, 8), /* r2 = 8 */
3989 BPF_MOV64_IMM(BPF_REG_3, 0), /* r3 = 0 */
3990 BPF_RAW_INSN(BPF_JMP | BPF_CALL, 0, 0, 0, BPF_FUNC_probe_read_kernel),
3994 memset(&attr, 0, sizeof(attr));
3995 attr.prog_type = BPF_PROG_TYPE_KPROBE;
3997 attr.insns_cnt = ARRAY_SIZE(insns);
3998 attr.license = "GPL";
4000 return probe_fd(bpf_load_program_xattr(&attr, NULL, 0));
4003 static int probe_prog_bind_map(void)
4005 struct bpf_load_program_attr prg_attr;
4006 struct bpf_create_map_attr map_attr;
4007 char *cp, errmsg[STRERR_BUFSIZE];
4008 struct bpf_insn insns[] = {
4009 BPF_MOV64_IMM(BPF_REG_0, 0),
4014 memset(&map_attr, 0, sizeof(map_attr));
4015 map_attr.map_type = BPF_MAP_TYPE_ARRAY;
4016 map_attr.key_size = sizeof(int);
4017 map_attr.value_size = 32;
4018 map_attr.max_entries = 1;
4020 map = bpf_create_map_xattr(&map_attr);
4023 cp = libbpf_strerror_r(ret, errmsg, sizeof(errmsg));
4024 pr_warn("Error in %s():%s(%d). Couldn't create simple array map.\n",
4025 __func__, cp, -ret);
4029 memset(&prg_attr, 0, sizeof(prg_attr));
4030 prg_attr.prog_type = BPF_PROG_TYPE_SOCKET_FILTER;
4031 prg_attr.insns = insns;
4032 prg_attr.insns_cnt = ARRAY_SIZE(insns);
4033 prg_attr.license = "GPL";
4035 prog = bpf_load_program_xattr(&prg_attr, NULL, 0);
4041 ret = bpf_prog_bind_map(prog, map, NULL);
4049 static int probe_module_btf(void)
4051 static const char strs[] = "\0int";
4054 BTF_TYPE_INT_ENC(1, BTF_INT_SIGNED, 0, 32, 4),
4056 struct bpf_btf_info info;
4057 __u32 len = sizeof(info);
4061 fd = libbpf__load_raw_btf((char *)types, sizeof(types), strs, sizeof(strs));
4063 return 0; /* BTF not supported at all */
4065 memset(&info, 0, sizeof(info));
4066 info.name = ptr_to_u64(name);
4067 info.name_len = sizeof(name);
4069 /* check that BPF_OBJ_GET_INFO_BY_FD supports specifying name pointer;
4070 * kernel's module BTF support coincides with support for
4071 * name/name_len fields in struct bpf_btf_info.
4073 err = bpf_obj_get_info_by_fd(fd, &info, &len);
4078 enum kern_feature_result {
4084 typedef int (*feature_probe_fn)(void);
4086 static struct kern_feature_desc {
4088 feature_probe_fn probe;
4089 enum kern_feature_result res;
4090 } feature_probes[__FEAT_CNT] = {
4091 [FEAT_PROG_NAME] = {
4092 "BPF program name", probe_kern_prog_name,
4094 [FEAT_GLOBAL_DATA] = {
4095 "global variables", probe_kern_global_data,
4098 "minimal BTF", probe_kern_btf,
4101 "BTF functions", probe_kern_btf_func,
4103 [FEAT_BTF_GLOBAL_FUNC] = {
4104 "BTF global function", probe_kern_btf_func_global,
4106 [FEAT_BTF_DATASEC] = {
4107 "BTF data section and variable", probe_kern_btf_datasec,
4109 [FEAT_ARRAY_MMAP] = {
4110 "ARRAY map mmap()", probe_kern_array_mmap,
4112 [FEAT_EXP_ATTACH_TYPE] = {
4113 "BPF_PROG_LOAD expected_attach_type attribute",
4114 probe_kern_exp_attach_type,
4116 [FEAT_PROBE_READ_KERN] = {
4117 "bpf_probe_read_kernel() helper", probe_kern_probe_read_kernel,
4119 [FEAT_PROG_BIND_MAP] = {
4120 "BPF_PROG_BIND_MAP support", probe_prog_bind_map,
4122 [FEAT_MODULE_BTF] = {
4123 "module BTF support", probe_module_btf,
4125 [FEAT_BTF_FLOAT] = {
4126 "BTF_KIND_FLOAT support", probe_kern_btf_float,
4130 static bool kernel_supports(enum kern_feature_id feat_id)
4132 struct kern_feature_desc *feat = &feature_probes[feat_id];
4135 if (READ_ONCE(feat->res) == FEAT_UNKNOWN) {
4136 ret = feat->probe();
4138 WRITE_ONCE(feat->res, FEAT_SUPPORTED);
4139 } else if (ret == 0) {
4140 WRITE_ONCE(feat->res, FEAT_MISSING);
4142 pr_warn("Detection of kernel %s support failed: %d\n", feat->desc, ret);
4143 WRITE_ONCE(feat->res, FEAT_MISSING);
4147 return READ_ONCE(feat->res) == FEAT_SUPPORTED;
4150 static bool map_is_reuse_compat(const struct bpf_map *map, int map_fd)
4152 struct bpf_map_info map_info = {};
4153 char msg[STRERR_BUFSIZE];
4156 map_info_len = sizeof(map_info);
4158 if (bpf_obj_get_info_by_fd(map_fd, &map_info, &map_info_len)) {
4159 pr_warn("failed to get map info for map FD %d: %s\n",
4160 map_fd, libbpf_strerror_r(errno, msg, sizeof(msg)));
4164 return (map_info.type == map->def.type &&
4165 map_info.key_size == map->def.key_size &&
4166 map_info.value_size == map->def.value_size &&
4167 map_info.max_entries == map->def.max_entries &&
4168 map_info.map_flags == map->def.map_flags);
4172 bpf_object__reuse_map(struct bpf_map *map)
4174 char *cp, errmsg[STRERR_BUFSIZE];
4177 pin_fd = bpf_obj_get(map->pin_path);
4180 if (err == -ENOENT) {
4181 pr_debug("found no pinned map to reuse at '%s'\n",
4186 cp = libbpf_strerror_r(-err, errmsg, sizeof(errmsg));
4187 pr_warn("couldn't retrieve pinned map '%s': %s\n",
4192 if (!map_is_reuse_compat(map, pin_fd)) {
4193 pr_warn("couldn't reuse pinned map at '%s': parameter mismatch\n",
4199 err = bpf_map__reuse_fd(map, pin_fd);
4205 pr_debug("reused pinned map at '%s'\n", map->pin_path);
4211 bpf_object__populate_internal_map(struct bpf_object *obj, struct bpf_map *map)
4213 enum libbpf_map_type map_type = map->libbpf_type;
4214 char *cp, errmsg[STRERR_BUFSIZE];
4217 err = bpf_map_update_elem(map->fd, &zero, map->mmaped, 0);
4220 cp = libbpf_strerror_r(err, errmsg, sizeof(errmsg));
4221 pr_warn("Error setting initial map(%s) contents: %s\n",
4226 /* Freeze .rodata and .kconfig map as read-only from syscall side. */
4227 if (map_type == LIBBPF_MAP_RODATA || map_type == LIBBPF_MAP_KCONFIG) {
4228 err = bpf_map_freeze(map->fd);
4231 cp = libbpf_strerror_r(err, errmsg, sizeof(errmsg));
4232 pr_warn("Error freezing map(%s) as read-only: %s\n",
4240 static void bpf_map__destroy(struct bpf_map *map);
4242 static int bpf_object__create_map(struct bpf_object *obj, struct bpf_map *map)
4244 struct bpf_create_map_attr create_attr;
4245 struct bpf_map_def *def = &map->def;
4247 memset(&create_attr, 0, sizeof(create_attr));
4249 if (kernel_supports(FEAT_PROG_NAME))
4250 create_attr.name = map->name;
4251 create_attr.map_ifindex = map->map_ifindex;
4252 create_attr.map_type = def->type;
4253 create_attr.map_flags = def->map_flags;
4254 create_attr.key_size = def->key_size;
4255 create_attr.value_size = def->value_size;
4256 create_attr.numa_node = map->numa_node;
4258 if (def->type == BPF_MAP_TYPE_PERF_EVENT_ARRAY && !def->max_entries) {
4261 nr_cpus = libbpf_num_possible_cpus();
4263 pr_warn("map '%s': failed to determine number of system CPUs: %d\n",
4264 map->name, nr_cpus);
4267 pr_debug("map '%s': setting size to %d\n", map->name, nr_cpus);
4268 create_attr.max_entries = nr_cpus;
4270 create_attr.max_entries = def->max_entries;
4273 if (bpf_map__is_struct_ops(map))
4274 create_attr.btf_vmlinux_value_type_id =
4275 map->btf_vmlinux_value_type_id;
4277 create_attr.btf_fd = 0;
4278 create_attr.btf_key_type_id = 0;
4279 create_attr.btf_value_type_id = 0;
4280 if (obj->btf && btf__fd(obj->btf) >= 0 && !bpf_map_find_btf_info(obj, map)) {
4281 create_attr.btf_fd = btf__fd(obj->btf);
4282 create_attr.btf_key_type_id = map->btf_key_type_id;
4283 create_attr.btf_value_type_id = map->btf_value_type_id;
4286 if (bpf_map_type__is_map_in_map(def->type)) {
4287 if (map->inner_map) {
4290 err = bpf_object__create_map(obj, map->inner_map);
4292 pr_warn("map '%s': failed to create inner map: %d\n",
4296 map->inner_map_fd = bpf_map__fd(map->inner_map);
4298 if (map->inner_map_fd >= 0)
4299 create_attr.inner_map_fd = map->inner_map_fd;
4302 map->fd = bpf_create_map_xattr(&create_attr);
4303 if (map->fd < 0 && (create_attr.btf_key_type_id ||
4304 create_attr.btf_value_type_id)) {
4305 char *cp, errmsg[STRERR_BUFSIZE];
4308 cp = libbpf_strerror_r(err, errmsg, sizeof(errmsg));
4309 pr_warn("Error in bpf_create_map_xattr(%s):%s(%d). Retrying without BTF.\n",
4310 map->name, cp, err);
4311 create_attr.btf_fd = 0;
4312 create_attr.btf_key_type_id = 0;
4313 create_attr.btf_value_type_id = 0;
4314 map->btf_key_type_id = 0;
4315 map->btf_value_type_id = 0;
4316 map->fd = bpf_create_map_xattr(&create_attr);
4322 if (bpf_map_type__is_map_in_map(def->type) && map->inner_map) {
4323 bpf_map__destroy(map->inner_map);
4324 zfree(&map->inner_map);
4330 static int init_map_slots(struct bpf_map *map)
4332 const struct bpf_map *targ_map;
4336 for (i = 0; i < map->init_slots_sz; i++) {
4337 if (!map->init_slots[i])
4340 targ_map = map->init_slots[i];
4341 fd = bpf_map__fd(targ_map);
4342 err = bpf_map_update_elem(map->fd, &i, &fd, 0);
4345 pr_warn("map '%s': failed to initialize slot [%d] to map '%s' fd=%d: %d\n",
4346 map->name, i, targ_map->name,
4350 pr_debug("map '%s': slot [%d] set to map '%s' fd=%d\n",
4351 map->name, i, targ_map->name, fd);
4354 zfree(&map->init_slots);
4355 map->init_slots_sz = 0;
4361 bpf_object__create_maps(struct bpf_object *obj)
4363 struct bpf_map *map;
4364 char *cp, errmsg[STRERR_BUFSIZE];
4368 for (i = 0; i < obj->nr_maps; i++) {
4369 map = &obj->maps[i];
4371 if (map->pin_path) {
4372 err = bpf_object__reuse_map(map);
4374 pr_warn("map '%s': error reusing pinned map\n",
4381 pr_debug("map '%s': skipping creation (preset fd=%d)\n",
4382 map->name, map->fd);
4384 err = bpf_object__create_map(obj, map);
4388 pr_debug("map '%s': created successfully, fd=%d\n",
4389 map->name, map->fd);
4391 if (bpf_map__is_internal(map)) {
4392 err = bpf_object__populate_internal_map(obj, map);
4399 if (map->init_slots_sz) {
4400 err = init_map_slots(map);
4408 if (map->pin_path && !map->pinned) {
4409 err = bpf_map__pin(map, NULL);
4411 pr_warn("map '%s': failed to auto-pin at '%s': %d\n",
4412 map->name, map->pin_path, err);
4422 cp = libbpf_strerror_r(err, errmsg, sizeof(errmsg));
4423 pr_warn("map '%s': failed to create: %s(%d)\n", map->name, cp, err);
4425 for (j = 0; j < i; j++)
4426 zclose(obj->maps[j].fd);
4430 #define BPF_CORE_SPEC_MAX_LEN 64
4432 /* represents BPF CO-RE field or array element accessor */
4433 struct bpf_core_accessor {
4434 __u32 type_id; /* struct/union type or array element type */
4435 __u32 idx; /* field index or array index */
4436 const char *name; /* field name or NULL for array accessor */
4439 struct bpf_core_spec {
4440 const struct btf *btf;
4441 /* high-level spec: named fields and array indices only */
4442 struct bpf_core_accessor spec[BPF_CORE_SPEC_MAX_LEN];
4443 /* original unresolved (no skip_mods_or_typedefs) root type ID */
4445 /* CO-RE relocation kind */
4446 enum bpf_core_relo_kind relo_kind;
4447 /* high-level spec length */
4449 /* raw, low-level spec: 1-to-1 with accessor spec string */
4450 int raw_spec[BPF_CORE_SPEC_MAX_LEN];
4451 /* raw spec length */
4453 /* field bit offset represented by spec */
4457 static bool str_is_empty(const char *s)
4462 static bool is_flex_arr(const struct btf *btf,
4463 const struct bpf_core_accessor *acc,
4464 const struct btf_array *arr)
4466 const struct btf_type *t;
4468 /* not a flexible array, if not inside a struct or has non-zero size */
4469 if (!acc->name || arr->nelems > 0)
4472 /* has to be the last member of enclosing struct */
4473 t = btf__type_by_id(btf, acc->type_id);
4474 return acc->idx == btf_vlen(t) - 1;
4477 static const char *core_relo_kind_str(enum bpf_core_relo_kind kind)
4480 case BPF_FIELD_BYTE_OFFSET: return "byte_off";
4481 case BPF_FIELD_BYTE_SIZE: return "byte_sz";
4482 case BPF_FIELD_EXISTS: return "field_exists";
4483 case BPF_FIELD_SIGNED: return "signed";
4484 case BPF_FIELD_LSHIFT_U64: return "lshift_u64";
4485 case BPF_FIELD_RSHIFT_U64: return "rshift_u64";
4486 case BPF_TYPE_ID_LOCAL: return "local_type_id";
4487 case BPF_TYPE_ID_TARGET: return "target_type_id";
4488 case BPF_TYPE_EXISTS: return "type_exists";
4489 case BPF_TYPE_SIZE: return "type_size";
4490 case BPF_ENUMVAL_EXISTS: return "enumval_exists";
4491 case BPF_ENUMVAL_VALUE: return "enumval_value";
4492 default: return "unknown";
4496 static bool core_relo_is_field_based(enum bpf_core_relo_kind kind)
4499 case BPF_FIELD_BYTE_OFFSET:
4500 case BPF_FIELD_BYTE_SIZE:
4501 case BPF_FIELD_EXISTS:
4502 case BPF_FIELD_SIGNED:
4503 case BPF_FIELD_LSHIFT_U64:
4504 case BPF_FIELD_RSHIFT_U64:
4511 static bool core_relo_is_type_based(enum bpf_core_relo_kind kind)
4514 case BPF_TYPE_ID_LOCAL:
4515 case BPF_TYPE_ID_TARGET:
4516 case BPF_TYPE_EXISTS:
4524 static bool core_relo_is_enumval_based(enum bpf_core_relo_kind kind)
4527 case BPF_ENUMVAL_EXISTS:
4528 case BPF_ENUMVAL_VALUE:
4536 * Turn bpf_core_relo into a low- and high-level spec representation,
4537 * validating correctness along the way, as well as calculating resulting
4538 * field bit offset, specified by accessor string. Low-level spec captures
4539 * every single level of nestedness, including traversing anonymous
4540 * struct/union members. High-level one only captures semantically meaningful
4541 * "turning points": named fields and array indicies.
4542 * E.g., for this case:
4545 * int __unimportant;
4553 * struct sample *s = ...;
4555 * int x = &s->a[3]; // access string = '0:1:2:3'
4557 * Low-level spec has 1:1 mapping with each element of access string (it's
4558 * just a parsed access string representation): [0, 1, 2, 3].
4560 * High-level spec will capture only 3 points:
4561 * - intial zero-index access by pointer (&s->... is the same as &s[0]...);
4562 * - field 'a' access (corresponds to '2' in low-level spec);
4563 * - array element #3 access (corresponds to '3' in low-level spec).
4565 * Type-based relocations (TYPE_EXISTS/TYPE_SIZE,
4566 * TYPE_ID_LOCAL/TYPE_ID_TARGET) don't capture any field information. Their
4567 * spec and raw_spec are kept empty.
4569 * Enum value-based relocations (ENUMVAL_EXISTS/ENUMVAL_VALUE) use access
4570 * string to specify enumerator's value index that need to be relocated.
4572 static int bpf_core_parse_spec(const struct btf *btf,
4574 const char *spec_str,
4575 enum bpf_core_relo_kind relo_kind,
4576 struct bpf_core_spec *spec)
4578 int access_idx, parsed_len, i;
4579 struct bpf_core_accessor *acc;
4580 const struct btf_type *t;
4585 if (str_is_empty(spec_str) || *spec_str == ':')
4588 memset(spec, 0, sizeof(*spec));
4590 spec->root_type_id = type_id;
4591 spec->relo_kind = relo_kind;
4593 /* type-based relocations don't have a field access string */
4594 if (core_relo_is_type_based(relo_kind)) {
4595 if (strcmp(spec_str, "0"))
4600 /* parse spec_str="0:1:2:3:4" into array raw_spec=[0, 1, 2, 3, 4] */
4602 if (*spec_str == ':')
4604 if (sscanf(spec_str, "%d%n", &access_idx, &parsed_len) != 1)
4606 if (spec->raw_len == BPF_CORE_SPEC_MAX_LEN)
4608 spec_str += parsed_len;
4609 spec->raw_spec[spec->raw_len++] = access_idx;
4612 if (spec->raw_len == 0)
4615 t = skip_mods_and_typedefs(btf, type_id, &id);
4619 access_idx = spec->raw_spec[0];
4620 acc = &spec->spec[0];
4622 acc->idx = access_idx;
4625 if (core_relo_is_enumval_based(relo_kind)) {
4626 if (!btf_is_enum(t) || spec->raw_len > 1 || access_idx >= btf_vlen(t))
4629 /* record enumerator name in a first accessor */
4630 acc->name = btf__name_by_offset(btf, btf_enum(t)[access_idx].name_off);
4634 if (!core_relo_is_field_based(relo_kind))
4637 sz = btf__resolve_size(btf, id);
4640 spec->bit_offset = access_idx * sz * 8;
4642 for (i = 1; i < spec->raw_len; i++) {
4643 t = skip_mods_and_typedefs(btf, id, &id);
4647 access_idx = spec->raw_spec[i];
4648 acc = &spec->spec[spec->len];
4650 if (btf_is_composite(t)) {
4651 const struct btf_member *m;
4654 if (access_idx >= btf_vlen(t))
4657 bit_offset = btf_member_bit_offset(t, access_idx);
4658 spec->bit_offset += bit_offset;
4660 m = btf_members(t) + access_idx;
4662 name = btf__name_by_offset(btf, m->name_off);
4663 if (str_is_empty(name))
4667 acc->idx = access_idx;
4673 } else if (btf_is_array(t)) {
4674 const struct btf_array *a = btf_array(t);
4677 t = skip_mods_and_typedefs(btf, a->type, &id);
4681 flex = is_flex_arr(btf, acc - 1, a);
4682 if (!flex && access_idx >= a->nelems)
4685 spec->spec[spec->len].type_id = id;
4686 spec->spec[spec->len].idx = access_idx;
4689 sz = btf__resolve_size(btf, id);
4692 spec->bit_offset += access_idx * sz * 8;
4694 pr_warn("relo for [%u] %s (at idx %d) captures type [%d] of unexpected kind %s\n",
4695 type_id, spec_str, i, id, btf_kind_str(t));
4703 static bool bpf_core_is_flavor_sep(const char *s)
4705 /* check X___Y name pattern, where X and Y are not underscores */
4706 return s[0] != '_' && /* X */
4707 s[1] == '_' && s[2] == '_' && s[3] == '_' && /* ___ */
4708 s[4] != '_'; /* Y */
4711 /* Given 'some_struct_name___with_flavor' return the length of a name prefix
4712 * before last triple underscore. Struct name part after last triple
4713 * underscore is ignored by BPF CO-RE relocation during relocation matching.
4715 static size_t bpf_core_essential_name_len(const char *name)
4717 size_t n = strlen(name);
4720 for (i = n - 5; i >= 0; i--) {
4721 if (bpf_core_is_flavor_sep(name + i))
4729 const struct btf *btf;
4730 const struct btf_type *t;
4735 /* dynamically sized list of type IDs and its associated struct btf */
4736 struct core_cand_list {
4737 struct core_cand *cands;
4741 static void bpf_core_free_cands(struct core_cand_list *cands)
4747 static int bpf_core_add_cands(struct core_cand *local_cand,
4748 size_t local_essent_len,
4749 const struct btf *targ_btf,
4750 const char *targ_btf_name,
4752 struct core_cand_list *cands)
4754 struct core_cand *new_cands, *cand;
4755 const struct btf_type *t;
4756 const char *targ_name;
4757 size_t targ_essent_len;
4760 n = btf__get_nr_types(targ_btf);
4761 for (i = targ_start_id; i <= n; i++) {
4762 t = btf__type_by_id(targ_btf, i);
4763 if (btf_kind(t) != btf_kind(local_cand->t))
4766 targ_name = btf__name_by_offset(targ_btf, t->name_off);
4767 if (str_is_empty(targ_name))
4770 targ_essent_len = bpf_core_essential_name_len(targ_name);
4771 if (targ_essent_len != local_essent_len)
4774 if (strncmp(local_cand->name, targ_name, local_essent_len) != 0)
4777 pr_debug("CO-RE relocating [%d] %s %s: found target candidate [%d] %s %s in [%s]\n",
4778 local_cand->id, btf_kind_str(local_cand->t),
4779 local_cand->name, i, btf_kind_str(t), targ_name,
4781 new_cands = libbpf_reallocarray(cands->cands, cands->len + 1,
4782 sizeof(*cands->cands));
4786 cand = &new_cands[cands->len];
4787 cand->btf = targ_btf;
4789 cand->name = targ_name;
4792 cands->cands = new_cands;
4798 static int load_module_btfs(struct bpf_object *obj)
4800 struct bpf_btf_info info;
4801 struct module_btf *mod_btf;
4807 if (obj->btf_modules_loaded)
4810 /* don't do this again, even if we find no module BTFs */
4811 obj->btf_modules_loaded = true;
4813 /* kernel too old to support module BTFs */
4814 if (!kernel_supports(FEAT_MODULE_BTF))
4818 err = bpf_btf_get_next_id(id, &id);
4819 if (err && errno == ENOENT)
4823 pr_warn("failed to iterate BTF objects: %d\n", err);
4827 fd = bpf_btf_get_fd_by_id(id);
4829 if (errno == ENOENT)
4830 continue; /* expected race: BTF was unloaded */
4832 pr_warn("failed to get BTF object #%d FD: %d\n", id, err);
4837 memset(&info, 0, sizeof(info));
4838 info.name = ptr_to_u64(name);
4839 info.name_len = sizeof(name);
4841 err = bpf_obj_get_info_by_fd(fd, &info, &len);
4844 pr_warn("failed to get BTF object #%d info: %d\n", id, err);
4848 /* ignore non-module BTFs */
4849 if (!info.kernel_btf || strcmp(name, "vmlinux") == 0) {
4854 btf = btf_get_from_fd(fd, obj->btf_vmlinux);
4856 pr_warn("failed to load module [%s]'s BTF object #%d: %ld\n",
4857 name, id, PTR_ERR(btf));
4862 err = libbpf_ensure_mem((void **)&obj->btf_modules, &obj->btf_module_cap,
4863 sizeof(*obj->btf_modules), obj->btf_module_cnt + 1);
4867 mod_btf = &obj->btf_modules[obj->btf_module_cnt++];
4872 mod_btf->name = strdup(name);
4873 if (!mod_btf->name) {
4887 static struct core_cand_list *
4888 bpf_core_find_cands(struct bpf_object *obj, const struct btf *local_btf, __u32 local_type_id)
4890 struct core_cand local_cand = {};
4891 struct core_cand_list *cands;
4892 const struct btf *main_btf;
4893 size_t local_essent_len;
4896 local_cand.btf = local_btf;
4897 local_cand.t = btf__type_by_id(local_btf, local_type_id);
4899 return ERR_PTR(-EINVAL);
4901 local_cand.name = btf__name_by_offset(local_btf, local_cand.t->name_off);
4902 if (str_is_empty(local_cand.name))
4903 return ERR_PTR(-EINVAL);
4904 local_essent_len = bpf_core_essential_name_len(local_cand.name);
4906 cands = calloc(1, sizeof(*cands));
4908 return ERR_PTR(-ENOMEM);
4910 /* Attempt to find target candidates in vmlinux BTF first */
4911 main_btf = obj->btf_vmlinux_override ?: obj->btf_vmlinux;
4912 err = bpf_core_add_cands(&local_cand, local_essent_len, main_btf, "vmlinux", 1, cands);
4916 /* if vmlinux BTF has any candidate, don't got for module BTFs */
4920 /* if vmlinux BTF was overridden, don't attempt to load module BTFs */
4921 if (obj->btf_vmlinux_override)
4924 /* now look through module BTFs, trying to still find candidates */
4925 err = load_module_btfs(obj);
4929 for (i = 0; i < obj->btf_module_cnt; i++) {
4930 err = bpf_core_add_cands(&local_cand, local_essent_len,
4931 obj->btf_modules[i].btf,
4932 obj->btf_modules[i].name,
4933 btf__get_nr_types(obj->btf_vmlinux) + 1,
4941 bpf_core_free_cands(cands);
4942 return ERR_PTR(err);
4945 /* Check two types for compatibility for the purpose of field access
4946 * relocation. const/volatile/restrict and typedefs are skipped to ensure we
4947 * are relocating semantically compatible entities:
4948 * - any two STRUCTs/UNIONs are compatible and can be mixed;
4949 * - any two FWDs are compatible, if their names match (modulo flavor suffix);
4950 * - any two PTRs are always compatible;
4951 * - for ENUMs, names should be the same (ignoring flavor suffix) or at
4952 * least one of enums should be anonymous;
4953 * - for ENUMs, check sizes, names are ignored;
4954 * - for INT, size and signedness are ignored;
4955 * - for ARRAY, dimensionality is ignored, element types are checked for
4956 * compatibility recursively;
4957 * - everything else shouldn't be ever a target of relocation.
4958 * These rules are not set in stone and probably will be adjusted as we get
4959 * more experience with using BPF CO-RE relocations.
4961 static int bpf_core_fields_are_compat(const struct btf *local_btf,
4963 const struct btf *targ_btf,
4966 const struct btf_type *local_type, *targ_type;
4969 local_type = skip_mods_and_typedefs(local_btf, local_id, &local_id);
4970 targ_type = skip_mods_and_typedefs(targ_btf, targ_id, &targ_id);
4971 if (!local_type || !targ_type)
4974 if (btf_is_composite(local_type) && btf_is_composite(targ_type))
4976 if (btf_kind(local_type) != btf_kind(targ_type))
4979 switch (btf_kind(local_type)) {
4983 case BTF_KIND_ENUM: {
4984 const char *local_name, *targ_name;
4985 size_t local_len, targ_len;
4987 local_name = btf__name_by_offset(local_btf,
4988 local_type->name_off);
4989 targ_name = btf__name_by_offset(targ_btf, targ_type->name_off);
4990 local_len = bpf_core_essential_name_len(local_name);
4991 targ_len = bpf_core_essential_name_len(targ_name);
4992 /* one of them is anonymous or both w/ same flavor-less names */
4993 return local_len == 0 || targ_len == 0 ||
4994 (local_len == targ_len &&
4995 strncmp(local_name, targ_name, local_len) == 0);
4998 /* just reject deprecated bitfield-like integers; all other
4999 * integers are by default compatible between each other
5001 return btf_int_offset(local_type) == 0 &&
5002 btf_int_offset(targ_type) == 0;
5003 case BTF_KIND_ARRAY:
5004 local_id = btf_array(local_type)->type;
5005 targ_id = btf_array(targ_type)->type;
5008 pr_warn("unexpected kind %d relocated, local [%d], target [%d]\n",
5009 btf_kind(local_type), local_id, targ_id);
5015 * Given single high-level named field accessor in local type, find
5016 * corresponding high-level accessor for a target type. Along the way,
5017 * maintain low-level spec for target as well. Also keep updating target
5020 * Searching is performed through recursive exhaustive enumeration of all
5021 * fields of a struct/union. If there are any anonymous (embedded)
5022 * structs/unions, they are recursively searched as well. If field with
5023 * desired name is found, check compatibility between local and target types,
5024 * before returning result.
5026 * 1 is returned, if field is found.
5027 * 0 is returned if no compatible field is found.
5028 * <0 is returned on error.
5030 static int bpf_core_match_member(const struct btf *local_btf,
5031 const struct bpf_core_accessor *local_acc,
5032 const struct btf *targ_btf,
5034 struct bpf_core_spec *spec,
5035 __u32 *next_targ_id)
5037 const struct btf_type *local_type, *targ_type;
5038 const struct btf_member *local_member, *m;
5039 const char *local_name, *targ_name;
5043 targ_type = skip_mods_and_typedefs(targ_btf, targ_id, &targ_id);
5046 if (!btf_is_composite(targ_type))
5049 local_id = local_acc->type_id;
5050 local_type = btf__type_by_id(local_btf, local_id);
5051 local_member = btf_members(local_type) + local_acc->idx;
5052 local_name = btf__name_by_offset(local_btf, local_member->name_off);
5054 n = btf_vlen(targ_type);
5055 m = btf_members(targ_type);
5056 for (i = 0; i < n; i++, m++) {
5059 bit_offset = btf_member_bit_offset(targ_type, i);
5061 /* too deep struct/union/array nesting */
5062 if (spec->raw_len == BPF_CORE_SPEC_MAX_LEN)
5065 /* speculate this member will be the good one */
5066 spec->bit_offset += bit_offset;
5067 spec->raw_spec[spec->raw_len++] = i;
5069 targ_name = btf__name_by_offset(targ_btf, m->name_off);
5070 if (str_is_empty(targ_name)) {
5071 /* embedded struct/union, we need to go deeper */
5072 found = bpf_core_match_member(local_btf, local_acc,
5074 spec, next_targ_id);
5075 if (found) /* either found or error */
5077 } else if (strcmp(local_name, targ_name) == 0) {
5078 /* matching named field */
5079 struct bpf_core_accessor *targ_acc;
5081 targ_acc = &spec->spec[spec->len++];
5082 targ_acc->type_id = targ_id;
5084 targ_acc->name = targ_name;
5086 *next_targ_id = m->type;
5087 found = bpf_core_fields_are_compat(local_btf,
5091 spec->len--; /* pop accessor */
5094 /* member turned out not to be what we looked for */
5095 spec->bit_offset -= bit_offset;
5102 /* Check local and target types for compatibility. This check is used for
5103 * type-based CO-RE relocations and follow slightly different rules than
5104 * field-based relocations. This function assumes that root types were already
5105 * checked for name match. Beyond that initial root-level name check, names
5106 * are completely ignored. Compatibility rules are as follows:
5107 * - any two STRUCTs/UNIONs/FWDs/ENUMs/INTs are considered compatible, but
5108 * kind should match for local and target types (i.e., STRUCT is not
5109 * compatible with UNION);
5110 * - for ENUMs, the size is ignored;
5111 * - for INT, size and signedness are ignored;
5112 * - for ARRAY, dimensionality is ignored, element types are checked for
5113 * compatibility recursively;
5114 * - CONST/VOLATILE/RESTRICT modifiers are ignored;
5115 * - TYPEDEFs/PTRs are compatible if types they pointing to are compatible;
5116 * - FUNC_PROTOs are compatible if they have compatible signature: same
5117 * number of input args and compatible return and argument types.
5118 * These rules are not set in stone and probably will be adjusted as we get
5119 * more experience with using BPF CO-RE relocations.
5121 static int bpf_core_types_are_compat(const struct btf *local_btf, __u32 local_id,
5122 const struct btf *targ_btf, __u32 targ_id)
5124 const struct btf_type *local_type, *targ_type;
5125 int depth = 32; /* max recursion depth */
5127 /* caller made sure that names match (ignoring flavor suffix) */
5128 local_type = btf__type_by_id(local_btf, local_id);
5129 targ_type = btf__type_by_id(targ_btf, targ_id);
5130 if (btf_kind(local_type) != btf_kind(targ_type))
5138 local_type = skip_mods_and_typedefs(local_btf, local_id, &local_id);
5139 targ_type = skip_mods_and_typedefs(targ_btf, targ_id, &targ_id);
5140 if (!local_type || !targ_type)
5143 if (btf_kind(local_type) != btf_kind(targ_type))
5146 switch (btf_kind(local_type)) {
5148 case BTF_KIND_STRUCT:
5149 case BTF_KIND_UNION:
5154 /* just reject deprecated bitfield-like integers; all other
5155 * integers are by default compatible between each other
5157 return btf_int_offset(local_type) == 0 && btf_int_offset(targ_type) == 0;
5159 local_id = local_type->type;
5160 targ_id = targ_type->type;
5162 case BTF_KIND_ARRAY:
5163 local_id = btf_array(local_type)->type;
5164 targ_id = btf_array(targ_type)->type;
5166 case BTF_KIND_FUNC_PROTO: {
5167 struct btf_param *local_p = btf_params(local_type);
5168 struct btf_param *targ_p = btf_params(targ_type);
5169 __u16 local_vlen = btf_vlen(local_type);
5170 __u16 targ_vlen = btf_vlen(targ_type);
5173 if (local_vlen != targ_vlen)
5176 for (i = 0; i < local_vlen; i++, local_p++, targ_p++) {
5177 skip_mods_and_typedefs(local_btf, local_p->type, &local_id);
5178 skip_mods_and_typedefs(targ_btf, targ_p->type, &targ_id);
5179 err = bpf_core_types_are_compat(local_btf, local_id, targ_btf, targ_id);
5184 /* tail recurse for return type check */
5185 skip_mods_and_typedefs(local_btf, local_type->type, &local_id);
5186 skip_mods_and_typedefs(targ_btf, targ_type->type, &targ_id);
5190 pr_warn("unexpected kind %s relocated, local [%d], target [%d]\n",
5191 btf_kind_str(local_type), local_id, targ_id);
5197 * Try to match local spec to a target type and, if successful, produce full
5198 * target spec (high-level, low-level + bit offset).
5200 static int bpf_core_spec_match(struct bpf_core_spec *local_spec,
5201 const struct btf *targ_btf, __u32 targ_id,
5202 struct bpf_core_spec *targ_spec)
5204 const struct btf_type *targ_type;
5205 const struct bpf_core_accessor *local_acc;
5206 struct bpf_core_accessor *targ_acc;
5209 memset(targ_spec, 0, sizeof(*targ_spec));
5210 targ_spec->btf = targ_btf;
5211 targ_spec->root_type_id = targ_id;
5212 targ_spec->relo_kind = local_spec->relo_kind;
5214 if (core_relo_is_type_based(local_spec->relo_kind)) {
5215 return bpf_core_types_are_compat(local_spec->btf,
5216 local_spec->root_type_id,
5220 local_acc = &local_spec->spec[0];
5221 targ_acc = &targ_spec->spec[0];
5223 if (core_relo_is_enumval_based(local_spec->relo_kind)) {
5224 size_t local_essent_len, targ_essent_len;
5225 const struct btf_enum *e;
5226 const char *targ_name;
5228 /* has to resolve to an enum */
5229 targ_type = skip_mods_and_typedefs(targ_spec->btf, targ_id, &targ_id);
5230 if (!btf_is_enum(targ_type))
5233 local_essent_len = bpf_core_essential_name_len(local_acc->name);
5235 for (i = 0, e = btf_enum(targ_type); i < btf_vlen(targ_type); i++, e++) {
5236 targ_name = btf__name_by_offset(targ_spec->btf, e->name_off);
5237 targ_essent_len = bpf_core_essential_name_len(targ_name);
5238 if (targ_essent_len != local_essent_len)
5240 if (strncmp(local_acc->name, targ_name, local_essent_len) == 0) {
5241 targ_acc->type_id = targ_id;
5243 targ_acc->name = targ_name;
5245 targ_spec->raw_spec[targ_spec->raw_len] = targ_acc->idx;
5246 targ_spec->raw_len++;
5253 if (!core_relo_is_field_based(local_spec->relo_kind))
5256 for (i = 0; i < local_spec->len; i++, local_acc++, targ_acc++) {
5257 targ_type = skip_mods_and_typedefs(targ_spec->btf, targ_id,
5262 if (local_acc->name) {
5263 matched = bpf_core_match_member(local_spec->btf,
5266 targ_spec, &targ_id);
5270 /* for i=0, targ_id is already treated as array element
5271 * type (because it's the original struct), for others
5272 * we should find array element type first
5275 const struct btf_array *a;
5278 if (!btf_is_array(targ_type))
5281 a = btf_array(targ_type);
5282 flex = is_flex_arr(targ_btf, targ_acc - 1, a);
5283 if (!flex && local_acc->idx >= a->nelems)
5285 if (!skip_mods_and_typedefs(targ_btf, a->type,
5290 /* too deep struct/union/array nesting */
5291 if (targ_spec->raw_len == BPF_CORE_SPEC_MAX_LEN)
5294 targ_acc->type_id = targ_id;
5295 targ_acc->idx = local_acc->idx;
5296 targ_acc->name = NULL;
5298 targ_spec->raw_spec[targ_spec->raw_len] = targ_acc->idx;
5299 targ_spec->raw_len++;
5301 sz = btf__resolve_size(targ_btf, targ_id);
5304 targ_spec->bit_offset += local_acc->idx * sz * 8;
5311 static int bpf_core_calc_field_relo(const struct bpf_program *prog,
5312 const struct bpf_core_relo *relo,
5313 const struct bpf_core_spec *spec,
5314 __u32 *val, __u32 *field_sz, __u32 *type_id,
5317 const struct bpf_core_accessor *acc;
5318 const struct btf_type *t;
5319 __u32 byte_off, byte_sz, bit_off, bit_sz, field_type_id;
5320 const struct btf_member *m;
5321 const struct btf_type *mt;
5327 if (relo->kind == BPF_FIELD_EXISTS) {
5328 *val = spec ? 1 : 0;
5333 return -EUCLEAN; /* request instruction poisoning */
5335 acc = &spec->spec[spec->len - 1];
5336 t = btf__type_by_id(spec->btf, acc->type_id);
5338 /* a[n] accessor needs special handling */
5340 if (relo->kind == BPF_FIELD_BYTE_OFFSET) {
5341 *val = spec->bit_offset / 8;
5342 /* remember field size for load/store mem size */
5343 sz = btf__resolve_size(spec->btf, acc->type_id);
5347 *type_id = acc->type_id;
5348 } else if (relo->kind == BPF_FIELD_BYTE_SIZE) {
5349 sz = btf__resolve_size(spec->btf, acc->type_id);
5354 pr_warn("prog '%s': relo %d at insn #%d can't be applied to array access\n",
5355 prog->name, relo->kind, relo->insn_off / 8);
5363 m = btf_members(t) + acc->idx;
5364 mt = skip_mods_and_typedefs(spec->btf, m->type, &field_type_id);
5365 bit_off = spec->bit_offset;
5366 bit_sz = btf_member_bitfield_size(t, acc->idx);
5368 bitfield = bit_sz > 0;
5371 byte_off = bit_off / 8 / byte_sz * byte_sz;
5372 /* figure out smallest int size necessary for bitfield load */
5373 while (bit_off + bit_sz - byte_off * 8 > byte_sz * 8) {
5375 /* bitfield can't be read with 64-bit read */
5376 pr_warn("prog '%s': relo %d at insn #%d can't be satisfied for bitfield\n",
5377 prog->name, relo->kind, relo->insn_off / 8);
5381 byte_off = bit_off / 8 / byte_sz * byte_sz;
5384 sz = btf__resolve_size(spec->btf, field_type_id);
5388 byte_off = spec->bit_offset / 8;
5389 bit_sz = byte_sz * 8;
5392 /* for bitfields, all the relocatable aspects are ambiguous and we
5393 * might disagree with compiler, so turn off validation of expected
5394 * value, except for signedness
5397 *validate = !bitfield;
5399 switch (relo->kind) {
5400 case BPF_FIELD_BYTE_OFFSET:
5403 *field_sz = byte_sz;
5404 *type_id = field_type_id;
5407 case BPF_FIELD_BYTE_SIZE:
5410 case BPF_FIELD_SIGNED:
5411 /* enums will be assumed unsigned */
5412 *val = btf_is_enum(mt) ||
5413 (btf_int_encoding(mt) & BTF_INT_SIGNED);
5415 *validate = true; /* signedness is never ambiguous */
5417 case BPF_FIELD_LSHIFT_U64:
5418 #if __BYTE_ORDER == __LITTLE_ENDIAN
5419 *val = 64 - (bit_off + bit_sz - byte_off * 8);
5421 *val = (8 - byte_sz) * 8 + (bit_off - byte_off * 8);
5424 case BPF_FIELD_RSHIFT_U64:
5427 *validate = true; /* right shift is never ambiguous */
5429 case BPF_FIELD_EXISTS:
5437 static int bpf_core_calc_type_relo(const struct bpf_core_relo *relo,
5438 const struct bpf_core_spec *spec,
5443 /* type-based relos return zero when target type is not found */
5449 switch (relo->kind) {
5450 case BPF_TYPE_ID_TARGET:
5451 *val = spec->root_type_id;
5453 case BPF_TYPE_EXISTS:
5457 sz = btf__resolve_size(spec->btf, spec->root_type_id);
5462 case BPF_TYPE_ID_LOCAL:
5463 /* BPF_TYPE_ID_LOCAL is handled specially and shouldn't get here */
5471 static int bpf_core_calc_enumval_relo(const struct bpf_core_relo *relo,
5472 const struct bpf_core_spec *spec,
5475 const struct btf_type *t;
5476 const struct btf_enum *e;
5478 switch (relo->kind) {
5479 case BPF_ENUMVAL_EXISTS:
5480 *val = spec ? 1 : 0;
5482 case BPF_ENUMVAL_VALUE:
5484 return -EUCLEAN; /* request instruction poisoning */
5485 t = btf__type_by_id(spec->btf, spec->spec[0].type_id);
5486 e = btf_enum(t) + spec->spec[0].idx;
5496 struct bpf_core_relo_res
5498 /* expected value in the instruction, unless validate == false */
5500 /* new value that needs to be patched up to */
5502 /* relocation unsuccessful, poison instruction, but don't fail load */
5504 /* some relocations can't be validated against orig_val */
5506 /* for field byte offset relocations or the forms:
5507 * *(T *)(rX + <off>) = rY
5508 * rX = *(T *)(rY + <off>),
5509 * we remember original and resolved field size to adjust direct
5510 * memory loads of pointers and integers; this is necessary for 32-bit
5511 * host kernel architectures, but also allows to automatically
5512 * relocate fields that were resized from, e.g., u32 to u64, etc.
5514 bool fail_memsz_adjust;
5521 /* Calculate original and target relocation values, given local and target
5522 * specs and relocation kind. These values are calculated for each candidate.
5523 * If there are multiple candidates, resulting values should all be consistent
5524 * with each other. Otherwise, libbpf will refuse to proceed due to ambiguity.
5525 * If instruction has to be poisoned, *poison will be set to true.
5527 static int bpf_core_calc_relo(const struct bpf_program *prog,
5528 const struct bpf_core_relo *relo,
5530 const struct bpf_core_spec *local_spec,
5531 const struct bpf_core_spec *targ_spec,
5532 struct bpf_core_relo_res *res)
5534 int err = -EOPNOTSUPP;
5538 res->poison = false;
5539 res->validate = true;
5540 res->fail_memsz_adjust = false;
5541 res->orig_sz = res->new_sz = 0;
5542 res->orig_type_id = res->new_type_id = 0;
5544 if (core_relo_is_field_based(relo->kind)) {
5545 err = bpf_core_calc_field_relo(prog, relo, local_spec,
5546 &res->orig_val, &res->orig_sz,
5547 &res->orig_type_id, &res->validate);
5548 err = err ?: bpf_core_calc_field_relo(prog, relo, targ_spec,
5549 &res->new_val, &res->new_sz,
5550 &res->new_type_id, NULL);
5553 /* Validate if it's safe to adjust load/store memory size.
5554 * Adjustments are performed only if original and new memory
5557 res->fail_memsz_adjust = false;
5558 if (res->orig_sz != res->new_sz) {
5559 const struct btf_type *orig_t, *new_t;
5561 orig_t = btf__type_by_id(local_spec->btf, res->orig_type_id);
5562 new_t = btf__type_by_id(targ_spec->btf, res->new_type_id);
5564 /* There are two use cases in which it's safe to
5565 * adjust load/store's mem size:
5566 * - reading a 32-bit kernel pointer, while on BPF
5567 * size pointers are always 64-bit; in this case
5568 * it's safe to "downsize" instruction size due to
5569 * pointer being treated as unsigned integer with
5570 * zero-extended upper 32-bits;
5571 * - reading unsigned integers, again due to
5572 * zero-extension is preserving the value correctly.
5574 * In all other cases it's incorrect to attempt to
5575 * load/store field because read value will be
5576 * incorrect, so we poison relocated instruction.
5578 if (btf_is_ptr(orig_t) && btf_is_ptr(new_t))
5580 if (btf_is_int(orig_t) && btf_is_int(new_t) &&
5581 btf_int_encoding(orig_t) != BTF_INT_SIGNED &&
5582 btf_int_encoding(new_t) != BTF_INT_SIGNED)
5585 /* mark as invalid mem size adjustment, but this will
5586 * only be checked for LDX/STX/ST insns
5588 res->fail_memsz_adjust = true;
5590 } else if (core_relo_is_type_based(relo->kind)) {
5591 err = bpf_core_calc_type_relo(relo, local_spec, &res->orig_val);
5592 err = err ?: bpf_core_calc_type_relo(relo, targ_spec, &res->new_val);
5593 } else if (core_relo_is_enumval_based(relo->kind)) {
5594 err = bpf_core_calc_enumval_relo(relo, local_spec, &res->orig_val);
5595 err = err ?: bpf_core_calc_enumval_relo(relo, targ_spec, &res->new_val);
5599 if (err == -EUCLEAN) {
5600 /* EUCLEAN is used to signal instruction poisoning request */
5603 } else if (err == -EOPNOTSUPP) {
5604 /* EOPNOTSUPP means unknown/unsupported relocation */
5605 pr_warn("prog '%s': relo #%d: unrecognized CO-RE relocation %s (%d) at insn #%d\n",
5606 prog->name, relo_idx, core_relo_kind_str(relo->kind),
5607 relo->kind, relo->insn_off / 8);
5614 * Turn instruction for which CO_RE relocation failed into invalid one with
5615 * distinct signature.
5617 static void bpf_core_poison_insn(struct bpf_program *prog, int relo_idx,
5618 int insn_idx, struct bpf_insn *insn)
5620 pr_debug("prog '%s': relo #%d: substituting insn #%d w/ invalid insn\n",
5621 prog->name, relo_idx, insn_idx);
5622 insn->code = BPF_JMP | BPF_CALL;
5626 /* if this instruction is reachable (not a dead code),
5627 * verifier will complain with the following message:
5628 * invalid func unknown#195896080
5630 insn->imm = 195896080; /* => 0xbad2310 => "bad relo" */
5633 static int insn_bpf_size_to_bytes(struct bpf_insn *insn)
5635 switch (BPF_SIZE(insn->code)) {
5636 case BPF_DW: return 8;
5637 case BPF_W: return 4;
5638 case BPF_H: return 2;
5639 case BPF_B: return 1;
5644 static int insn_bytes_to_bpf_size(__u32 sz)
5647 case 8: return BPF_DW;
5648 case 4: return BPF_W;
5649 case 2: return BPF_H;
5650 case 1: return BPF_B;
5656 * Patch relocatable BPF instruction.
5658 * Patched value is determined by relocation kind and target specification.
5659 * For existence relocations target spec will be NULL if field/type is not found.
5660 * Expected insn->imm value is determined using relocation kind and local
5661 * spec, and is checked before patching instruction. If actual insn->imm value
5662 * is wrong, bail out with error.
5664 * Currently supported classes of BPF instruction are:
5665 * 1. rX = <imm> (assignment with immediate operand);
5666 * 2. rX += <imm> (arithmetic operations with immediate operand);
5667 * 3. rX = <imm64> (load with 64-bit immediate value);
5668 * 4. rX = *(T *)(rY + <off>), where T is one of {u8, u16, u32, u64};
5669 * 5. *(T *)(rX + <off>) = rY, where T is one of {u8, u16, u32, u64};
5670 * 6. *(T *)(rX + <off>) = <imm>, where T is one of {u8, u16, u32, u64}.
5672 static int bpf_core_patch_insn(struct bpf_program *prog,
5673 const struct bpf_core_relo *relo,
5675 const struct bpf_core_relo_res *res)
5677 __u32 orig_val, new_val;
5678 struct bpf_insn *insn;
5682 if (relo->insn_off % BPF_INSN_SZ)
5684 insn_idx = relo->insn_off / BPF_INSN_SZ;
5685 /* adjust insn_idx from section frame of reference to the local
5686 * program's frame of reference; (sub-)program code is not yet
5687 * relocated, so it's enough to just subtract in-section offset
5689 insn_idx = insn_idx - prog->sec_insn_off;
5690 insn = &prog->insns[insn_idx];
5691 class = BPF_CLASS(insn->code);
5695 /* poison second part of ldimm64 to avoid confusing error from
5696 * verifier about "unknown opcode 00"
5698 if (is_ldimm64(insn))
5699 bpf_core_poison_insn(prog, relo_idx, insn_idx + 1, insn + 1);
5700 bpf_core_poison_insn(prog, relo_idx, insn_idx, insn);
5704 orig_val = res->orig_val;
5705 new_val = res->new_val;
5710 if (BPF_SRC(insn->code) != BPF_K)
5712 if (res->validate && insn->imm != orig_val) {
5713 pr_warn("prog '%s': relo #%d: unexpected insn #%d (ALU/ALU64) value: got %u, exp %u -> %u\n",
5714 prog->name, relo_idx,
5715 insn_idx, insn->imm, orig_val, new_val);
5718 orig_val = insn->imm;
5719 insn->imm = new_val;
5720 pr_debug("prog '%s': relo #%d: patched insn #%d (ALU/ALU64) imm %u -> %u\n",
5721 prog->name, relo_idx, insn_idx,
5727 if (res->validate && insn->off != orig_val) {
5728 pr_warn("prog '%s': relo #%d: unexpected insn #%d (LDX/ST/STX) value: got %u, exp %u -> %u\n",
5729 prog->name, relo_idx, insn_idx, insn->off, orig_val, new_val);
5732 if (new_val > SHRT_MAX) {
5733 pr_warn("prog '%s': relo #%d: insn #%d (LDX/ST/STX) value too big: %u\n",
5734 prog->name, relo_idx, insn_idx, new_val);
5737 if (res->fail_memsz_adjust) {
5738 pr_warn("prog '%s': relo #%d: insn #%d (LDX/ST/STX) accesses field incorrectly. "
5739 "Make sure you are accessing pointers, unsigned integers, or fields of matching type and size.\n",
5740 prog->name, relo_idx, insn_idx);
5744 orig_val = insn->off;
5745 insn->off = new_val;
5746 pr_debug("prog '%s': relo #%d: patched insn #%d (LDX/ST/STX) off %u -> %u\n",
5747 prog->name, relo_idx, insn_idx, orig_val, new_val);
5749 if (res->new_sz != res->orig_sz) {
5750 int insn_bytes_sz, insn_bpf_sz;
5752 insn_bytes_sz = insn_bpf_size_to_bytes(insn);
5753 if (insn_bytes_sz != res->orig_sz) {
5754 pr_warn("prog '%s': relo #%d: insn #%d (LDX/ST/STX) unexpected mem size: got %d, exp %u\n",
5755 prog->name, relo_idx, insn_idx, insn_bytes_sz, res->orig_sz);
5759 insn_bpf_sz = insn_bytes_to_bpf_size(res->new_sz);
5760 if (insn_bpf_sz < 0) {
5761 pr_warn("prog '%s': relo #%d: insn #%d (LDX/ST/STX) invalid new mem size: %u\n",
5762 prog->name, relo_idx, insn_idx, res->new_sz);
5766 insn->code = BPF_MODE(insn->code) | insn_bpf_sz | BPF_CLASS(insn->code);
5767 pr_debug("prog '%s': relo #%d: patched insn #%d (LDX/ST/STX) mem_sz %u -> %u\n",
5768 prog->name, relo_idx, insn_idx, res->orig_sz, res->new_sz);
5774 if (!is_ldimm64(insn) ||
5775 insn[0].src_reg != 0 || insn[0].off != 0 ||
5776 insn_idx + 1 >= prog->insns_cnt ||
5777 insn[1].code != 0 || insn[1].dst_reg != 0 ||
5778 insn[1].src_reg != 0 || insn[1].off != 0) {
5779 pr_warn("prog '%s': relo #%d: insn #%d (LDIMM64) has unexpected form\n",
5780 prog->name, relo_idx, insn_idx);
5784 imm = insn[0].imm + ((__u64)insn[1].imm << 32);
5785 if (res->validate && imm != orig_val) {
5786 pr_warn("prog '%s': relo #%d: unexpected insn #%d (LDIMM64) value: got %llu, exp %u -> %u\n",
5787 prog->name, relo_idx,
5788 insn_idx, (unsigned long long)imm,
5793 insn[0].imm = new_val;
5794 insn[1].imm = 0; /* currently only 32-bit values are supported */
5795 pr_debug("prog '%s': relo #%d: patched insn #%d (LDIMM64) imm64 %llu -> %u\n",
5796 prog->name, relo_idx, insn_idx,
5797 (unsigned long long)imm, new_val);
5801 pr_warn("prog '%s': relo #%d: trying to relocate unrecognized insn #%d, code:0x%x, src:0x%x, dst:0x%x, off:0x%x, imm:0x%x\n",
5802 prog->name, relo_idx, insn_idx, insn->code,
5803 insn->src_reg, insn->dst_reg, insn->off, insn->imm);
5810 /* Output spec definition in the format:
5811 * [<type-id>] (<type-name>) + <raw-spec> => <offset>@<spec>,
5812 * where <spec> is a C-syntax view of recorded field access, e.g.: x.a[3].b
5814 static void bpf_core_dump_spec(int level, const struct bpf_core_spec *spec)
5816 const struct btf_type *t;
5817 const struct btf_enum *e;
5822 type_id = spec->root_type_id;
5823 t = btf__type_by_id(spec->btf, type_id);
5824 s = btf__name_by_offset(spec->btf, t->name_off);
5826 libbpf_print(level, "[%u] %s %s", type_id, btf_kind_str(t), str_is_empty(s) ? "<anon>" : s);
5828 if (core_relo_is_type_based(spec->relo_kind))
5831 if (core_relo_is_enumval_based(spec->relo_kind)) {
5832 t = skip_mods_and_typedefs(spec->btf, type_id, NULL);
5833 e = btf_enum(t) + spec->raw_spec[0];
5834 s = btf__name_by_offset(spec->btf, e->name_off);
5836 libbpf_print(level, "::%s = %u", s, e->val);
5840 if (core_relo_is_field_based(spec->relo_kind)) {
5841 for (i = 0; i < spec->len; i++) {
5842 if (spec->spec[i].name)
5843 libbpf_print(level, ".%s", spec->spec[i].name);
5844 else if (i > 0 || spec->spec[i].idx > 0)
5845 libbpf_print(level, "[%u]", spec->spec[i].idx);
5848 libbpf_print(level, " (");
5849 for (i = 0; i < spec->raw_len; i++)
5850 libbpf_print(level, "%s%d", i == 0 ? "" : ":", spec->raw_spec[i]);
5852 if (spec->bit_offset % 8)
5853 libbpf_print(level, " @ offset %u.%u)",
5854 spec->bit_offset / 8, spec->bit_offset % 8);
5856 libbpf_print(level, " @ offset %u)", spec->bit_offset / 8);
5861 static size_t bpf_core_hash_fn(const void *key, void *ctx)
5866 static bool bpf_core_equal_fn(const void *k1, const void *k2, void *ctx)
5871 static void *u32_as_hash_key(__u32 x)
5873 return (void *)(uintptr_t)x;
5877 * CO-RE relocate single instruction.
5879 * The outline and important points of the algorithm:
5880 * 1. For given local type, find corresponding candidate target types.
5881 * Candidate type is a type with the same "essential" name, ignoring
5882 * everything after last triple underscore (___). E.g., `sample`,
5883 * `sample___flavor_one`, `sample___flavor_another_one`, are all candidates
5884 * for each other. Names with triple underscore are referred to as
5885 * "flavors" and are useful, among other things, to allow to
5886 * specify/support incompatible variations of the same kernel struct, which
5887 * might differ between different kernel versions and/or build
5890 * N.B. Struct "flavors" could be generated by bpftool's BTF-to-C
5891 * converter, when deduplicated BTF of a kernel still contains more than
5892 * one different types with the same name. In that case, ___2, ___3, etc
5893 * are appended starting from second name conflict. But start flavors are
5894 * also useful to be defined "locally", in BPF program, to extract same
5895 * data from incompatible changes between different kernel
5896 * versions/configurations. For instance, to handle field renames between
5897 * kernel versions, one can use two flavors of the struct name with the
5898 * same common name and use conditional relocations to extract that field,
5899 * depending on target kernel version.
5900 * 2. For each candidate type, try to match local specification to this
5901 * candidate target type. Matching involves finding corresponding
5902 * high-level spec accessors, meaning that all named fields should match,
5903 * as well as all array accesses should be within the actual bounds. Also,
5904 * types should be compatible (see bpf_core_fields_are_compat for details).
5905 * 3. It is supported and expected that there might be multiple flavors
5906 * matching the spec. As long as all the specs resolve to the same set of
5907 * offsets across all candidates, there is no error. If there is any
5908 * ambiguity, CO-RE relocation will fail. This is necessary to accomodate
5909 * imprefection of BTF deduplication, which can cause slight duplication of
5910 * the same BTF type, if some directly or indirectly referenced (by
5911 * pointer) type gets resolved to different actual types in different
5912 * object files. If such situation occurs, deduplicated BTF will end up
5913 * with two (or more) structurally identical types, which differ only in
5914 * types they refer to through pointer. This should be OK in most cases and
5916 * 4. Candidate types search is performed by linearly scanning through all
5917 * types in target BTF. It is anticipated that this is overall more
5918 * efficient memory-wise and not significantly worse (if not better)
5919 * CPU-wise compared to prebuilding a map from all local type names to
5920 * a list of candidate type names. It's also sped up by caching resolved
5921 * list of matching candidates per each local "root" type ID, that has at
5922 * least one bpf_core_relo associated with it. This list is shared
5923 * between multiple relocations for the same type ID and is updated as some
5924 * of the candidates are pruned due to structural incompatibility.
5926 static int bpf_core_apply_relo(struct bpf_program *prog,
5927 const struct bpf_core_relo *relo,
5929 const struct btf *local_btf,
5930 struct hashmap *cand_cache)
5932 struct bpf_core_spec local_spec, cand_spec, targ_spec = {};
5933 const void *type_key = u32_as_hash_key(relo->type_id);
5934 struct bpf_core_relo_res cand_res, targ_res;
5935 const struct btf_type *local_type;
5936 const char *local_name;
5937 struct core_cand_list *cands = NULL;
5939 const char *spec_str;
5942 local_id = relo->type_id;
5943 local_type = btf__type_by_id(local_btf, local_id);
5947 local_name = btf__name_by_offset(local_btf, local_type->name_off);
5951 spec_str = btf__name_by_offset(local_btf, relo->access_str_off);
5952 if (str_is_empty(spec_str))
5955 err = bpf_core_parse_spec(local_btf, local_id, spec_str, relo->kind, &local_spec);
5957 pr_warn("prog '%s': relo #%d: parsing [%d] %s %s + %s failed: %d\n",
5958 prog->name, relo_idx, local_id, btf_kind_str(local_type),
5959 str_is_empty(local_name) ? "<anon>" : local_name,
5964 pr_debug("prog '%s': relo #%d: kind <%s> (%d), spec is ", prog->name,
5965 relo_idx, core_relo_kind_str(relo->kind), relo->kind);
5966 bpf_core_dump_spec(LIBBPF_DEBUG, &local_spec);
5967 libbpf_print(LIBBPF_DEBUG, "\n");
5969 /* TYPE_ID_LOCAL relo is special and doesn't need candidate search */
5970 if (relo->kind == BPF_TYPE_ID_LOCAL) {
5971 targ_res.validate = true;
5972 targ_res.poison = false;
5973 targ_res.orig_val = local_spec.root_type_id;
5974 targ_res.new_val = local_spec.root_type_id;
5978 /* libbpf doesn't support candidate search for anonymous types */
5979 if (str_is_empty(spec_str)) {
5980 pr_warn("prog '%s': relo #%d: <%s> (%d) relocation doesn't support anonymous types\n",
5981 prog->name, relo_idx, core_relo_kind_str(relo->kind), relo->kind);
5985 if (!hashmap__find(cand_cache, type_key, (void **)&cands)) {
5986 cands = bpf_core_find_cands(prog->obj, local_btf, local_id);
5987 if (IS_ERR(cands)) {
5988 pr_warn("prog '%s': relo #%d: target candidate search failed for [%d] %s %s: %ld\n",
5989 prog->name, relo_idx, local_id, btf_kind_str(local_type),
5990 local_name, PTR_ERR(cands));
5991 return PTR_ERR(cands);
5993 err = hashmap__set(cand_cache, type_key, cands, NULL, NULL);
5995 bpf_core_free_cands(cands);
6000 for (i = 0, j = 0; i < cands->len; i++) {
6001 err = bpf_core_spec_match(&local_spec, cands->cands[i].btf,
6002 cands->cands[i].id, &cand_spec);
6004 pr_warn("prog '%s': relo #%d: error matching candidate #%d ",
6005 prog->name, relo_idx, i);
6006 bpf_core_dump_spec(LIBBPF_WARN, &cand_spec);
6007 libbpf_print(LIBBPF_WARN, ": %d\n", err);
6011 pr_debug("prog '%s': relo #%d: %s candidate #%d ", prog->name,
6012 relo_idx, err == 0 ? "non-matching" : "matching", i);
6013 bpf_core_dump_spec(LIBBPF_DEBUG, &cand_spec);
6014 libbpf_print(LIBBPF_DEBUG, "\n");
6019 err = bpf_core_calc_relo(prog, relo, relo_idx, &local_spec, &cand_spec, &cand_res);
6024 targ_res = cand_res;
6025 targ_spec = cand_spec;
6026 } else if (cand_spec.bit_offset != targ_spec.bit_offset) {
6027 /* if there are many field relo candidates, they
6028 * should all resolve to the same bit offset
6030 pr_warn("prog '%s': relo #%d: field offset ambiguity: %u != %u\n",
6031 prog->name, relo_idx, cand_spec.bit_offset,
6032 targ_spec.bit_offset);
6034 } else if (cand_res.poison != targ_res.poison || cand_res.new_val != targ_res.new_val) {
6035 /* all candidates should result in the same relocation
6036 * decision and value, otherwise it's dangerous to
6037 * proceed due to ambiguity
6039 pr_warn("prog '%s': relo #%d: relocation decision ambiguity: %s %u != %s %u\n",
6040 prog->name, relo_idx,
6041 cand_res.poison ? "failure" : "success", cand_res.new_val,
6042 targ_res.poison ? "failure" : "success", targ_res.new_val);
6046 cands->cands[j++] = cands->cands[i];
6050 * For BPF_FIELD_EXISTS relo or when used BPF program has field
6051 * existence checks or kernel version/config checks, it's expected
6052 * that we might not find any candidates. In this case, if field
6053 * wasn't found in any candidate, the list of candidates shouldn't
6054 * change at all, we'll just handle relocating appropriately,
6055 * depending on relo's kind.
6061 * If no candidates were found, it might be both a programmer error,
6062 * as well as expected case, depending whether instruction w/
6063 * relocation is guarded in some way that makes it unreachable (dead
6064 * code) if relocation can't be resolved. This is handled in
6065 * bpf_core_patch_insn() uniformly by replacing that instruction with
6066 * BPF helper call insn (using invalid helper ID). If that instruction
6067 * is indeed unreachable, then it will be ignored and eliminated by
6068 * verifier. If it was an error, then verifier will complain and point
6069 * to a specific instruction number in its log.
6072 pr_debug("prog '%s': relo #%d: no matching targets found\n",
6073 prog->name, relo_idx);
6075 /* calculate single target relo result explicitly */
6076 err = bpf_core_calc_relo(prog, relo, relo_idx, &local_spec, NULL, &targ_res);
6082 /* bpf_core_patch_insn() should know how to handle missing targ_spec */
6083 err = bpf_core_patch_insn(prog, relo, relo_idx, &targ_res);
6085 pr_warn("prog '%s': relo #%d: failed to patch insn at offset %d: %d\n",
6086 prog->name, relo_idx, relo->insn_off, err);
6094 bpf_object__relocate_core(struct bpf_object *obj, const char *targ_btf_path)
6096 const struct btf_ext_info_sec *sec;
6097 const struct bpf_core_relo *rec;
6098 const struct btf_ext_info *seg;
6099 struct hashmap_entry *entry;
6100 struct hashmap *cand_cache = NULL;
6101 struct bpf_program *prog;
6102 const char *sec_name;
6103 int i, err = 0, insn_idx, sec_idx;
6105 if (obj->btf_ext->core_relo_info.len == 0)
6108 if (targ_btf_path) {
6109 obj->btf_vmlinux_override = btf__parse(targ_btf_path, NULL);
6110 if (IS_ERR_OR_NULL(obj->btf_vmlinux_override)) {
6111 err = PTR_ERR(obj->btf_vmlinux_override);
6112 pr_warn("failed to parse target BTF: %d\n", err);
6117 cand_cache = hashmap__new(bpf_core_hash_fn, bpf_core_equal_fn, NULL);
6118 if (IS_ERR(cand_cache)) {
6119 err = PTR_ERR(cand_cache);
6123 seg = &obj->btf_ext->core_relo_info;
6124 for_each_btf_ext_sec(seg, sec) {
6125 sec_name = btf__name_by_offset(obj->btf, sec->sec_name_off);
6126 if (str_is_empty(sec_name)) {
6130 /* bpf_object's ELF is gone by now so it's not easy to find
6131 * section index by section name, but we can find *any*
6132 * bpf_program within desired section name and use it's
6133 * prog->sec_idx to do a proper search by section index and
6134 * instruction offset
6137 for (i = 0; i < obj->nr_programs; i++) {
6138 prog = &obj->programs[i];
6139 if (strcmp(prog->sec_name, sec_name) == 0)
6143 pr_warn("sec '%s': failed to find a BPF program\n", sec_name);
6146 sec_idx = prog->sec_idx;
6148 pr_debug("sec '%s': found %d CO-RE relocations\n",
6149 sec_name, sec->num_info);
6151 for_each_btf_ext_rec(seg, sec, i, rec) {
6152 insn_idx = rec->insn_off / BPF_INSN_SZ;
6153 prog = find_prog_by_sec_insn(obj, sec_idx, insn_idx);
6155 pr_warn("sec '%s': failed to find program at insn #%d for CO-RE offset relocation #%d\n",
6156 sec_name, insn_idx, i);
6160 /* no need to apply CO-RE relocation if the program is
6161 * not going to be loaded
6166 err = bpf_core_apply_relo(prog, rec, i, obj->btf, cand_cache);
6168 pr_warn("prog '%s': relo #%d: failed to relocate: %d\n",
6169 prog->name, i, err);
6176 /* obj->btf_vmlinux and module BTFs are freed after object load */
6177 btf__free(obj->btf_vmlinux_override);
6178 obj->btf_vmlinux_override = NULL;
6180 if (!IS_ERR_OR_NULL(cand_cache)) {
6181 hashmap__for_each_entry(cand_cache, entry, i) {
6182 bpf_core_free_cands(entry->value);
6184 hashmap__free(cand_cache);
6189 /* Relocate data references within program code:
6191 * - global variable references;
6192 * - extern references.
6195 bpf_object__relocate_data(struct bpf_object *obj, struct bpf_program *prog)
6199 for (i = 0; i < prog->nr_reloc; i++) {
6200 struct reloc_desc *relo = &prog->reloc_desc[i];
6201 struct bpf_insn *insn = &prog->insns[relo->insn_idx];
6202 struct extern_desc *ext;
6204 switch (relo->type) {
6206 insn[0].src_reg = BPF_PSEUDO_MAP_FD;
6207 insn[0].imm = obj->maps[relo->map_idx].fd;
6208 relo->processed = true;
6211 insn[0].src_reg = BPF_PSEUDO_MAP_VALUE;
6212 insn[1].imm = insn[0].imm + relo->sym_off;
6213 insn[0].imm = obj->maps[relo->map_idx].fd;
6214 relo->processed = true;
6217 ext = &obj->externs[relo->sym_off];
6218 if (ext->type == EXT_KCFG) {
6219 insn[0].src_reg = BPF_PSEUDO_MAP_VALUE;
6220 insn[0].imm = obj->maps[obj->kconfig_map_idx].fd;
6221 insn[1].imm = ext->kcfg.data_off;
6222 } else /* EXT_KSYM */ {
6223 if (ext->ksym.type_id) { /* typed ksyms */
6224 insn[0].src_reg = BPF_PSEUDO_BTF_ID;
6225 insn[0].imm = ext->ksym.kernel_btf_id;
6226 insn[1].imm = ext->ksym.kernel_btf_obj_fd;
6227 } else { /* typeless ksyms */
6228 insn[0].imm = (__u32)ext->ksym.addr;
6229 insn[1].imm = ext->ksym.addr >> 32;
6232 relo->processed = true;
6234 case RELO_SUBPROG_ADDR:
6235 insn[0].src_reg = BPF_PSEUDO_FUNC;
6236 /* will be handled as a follow up pass */
6239 /* will be handled as a follow up pass */
6242 pr_warn("prog '%s': relo #%d: bad relo type %d\n",
6243 prog->name, i, relo->type);
6251 static int adjust_prog_btf_ext_info(const struct bpf_object *obj,
6252 const struct bpf_program *prog,
6253 const struct btf_ext_info *ext_info,
6254 void **prog_info, __u32 *prog_rec_cnt,
6257 void *copy_start = NULL, *copy_end = NULL;
6258 void *rec, *rec_end, *new_prog_info;
6259 const struct btf_ext_info_sec *sec;
6260 size_t old_sz, new_sz;
6261 const char *sec_name;
6264 for_each_btf_ext_sec(ext_info, sec) {
6265 sec_name = btf__name_by_offset(obj->btf, sec->sec_name_off);
6268 if (strcmp(sec_name, prog->sec_name) != 0)
6271 for_each_btf_ext_rec(ext_info, sec, i, rec) {
6272 __u32 insn_off = *(__u32 *)rec / BPF_INSN_SZ;
6274 if (insn_off < prog->sec_insn_off)
6276 if (insn_off >= prog->sec_insn_off + prog->sec_insn_cnt)
6281 copy_end = rec + ext_info->rec_size;
6287 /* append func/line info of a given (sub-)program to the main
6288 * program func/line info
6290 old_sz = (size_t)(*prog_rec_cnt) * ext_info->rec_size;
6291 new_sz = old_sz + (copy_end - copy_start);
6292 new_prog_info = realloc(*prog_info, new_sz);
6295 *prog_info = new_prog_info;
6296 *prog_rec_cnt = new_sz / ext_info->rec_size;
6297 memcpy(new_prog_info + old_sz, copy_start, copy_end - copy_start);
6299 /* Kernel instruction offsets are in units of 8-byte
6300 * instructions, while .BTF.ext instruction offsets generated
6301 * by Clang are in units of bytes. So convert Clang offsets
6302 * into kernel offsets and adjust offset according to program
6303 * relocated position.
6305 off_adj = prog->sub_insn_off - prog->sec_insn_off;
6306 rec = new_prog_info + old_sz;
6307 rec_end = new_prog_info + new_sz;
6308 for (; rec < rec_end; rec += ext_info->rec_size) {
6309 __u32 *insn_off = rec;
6311 *insn_off = *insn_off / BPF_INSN_SZ + off_adj;
6313 *prog_rec_sz = ext_info->rec_size;
6321 reloc_prog_func_and_line_info(const struct bpf_object *obj,
6322 struct bpf_program *main_prog,
6323 const struct bpf_program *prog)
6327 /* no .BTF.ext relocation if .BTF.ext is missing or kernel doesn't
6328 * supprot func/line info
6330 if (!obj->btf_ext || !kernel_supports(FEAT_BTF_FUNC))
6333 /* only attempt func info relocation if main program's func_info
6334 * relocation was successful
6336 if (main_prog != prog && !main_prog->func_info)
6339 err = adjust_prog_btf_ext_info(obj, prog, &obj->btf_ext->func_info,
6340 &main_prog->func_info,
6341 &main_prog->func_info_cnt,
6342 &main_prog->func_info_rec_size);
6344 if (err != -ENOENT) {
6345 pr_warn("prog '%s': error relocating .BTF.ext function info: %d\n",
6349 if (main_prog->func_info) {
6351 * Some info has already been found but has problem
6352 * in the last btf_ext reloc. Must have to error out.
6354 pr_warn("prog '%s': missing .BTF.ext function info.\n", prog->name);
6357 /* Have problem loading the very first info. Ignore the rest. */
6358 pr_warn("prog '%s': missing .BTF.ext function info for the main program, skipping all of .BTF.ext func info.\n",
6363 /* don't relocate line info if main program's relocation failed */
6364 if (main_prog != prog && !main_prog->line_info)
6367 err = adjust_prog_btf_ext_info(obj, prog, &obj->btf_ext->line_info,
6368 &main_prog->line_info,
6369 &main_prog->line_info_cnt,
6370 &main_prog->line_info_rec_size);
6372 if (err != -ENOENT) {
6373 pr_warn("prog '%s': error relocating .BTF.ext line info: %d\n",
6377 if (main_prog->line_info) {
6379 * Some info has already been found but has problem
6380 * in the last btf_ext reloc. Must have to error out.
6382 pr_warn("prog '%s': missing .BTF.ext line info.\n", prog->name);
6385 /* Have problem loading the very first info. Ignore the rest. */
6386 pr_warn("prog '%s': missing .BTF.ext line info for the main program, skipping all of .BTF.ext line info.\n",
6392 static int cmp_relo_by_insn_idx(const void *key, const void *elem)
6394 size_t insn_idx = *(const size_t *)key;
6395 const struct reloc_desc *relo = elem;
6397 if (insn_idx == relo->insn_idx)
6399 return insn_idx < relo->insn_idx ? -1 : 1;
6402 static struct reloc_desc *find_prog_insn_relo(const struct bpf_program *prog, size_t insn_idx)
6404 return bsearch(&insn_idx, prog->reloc_desc, prog->nr_reloc,
6405 sizeof(*prog->reloc_desc), cmp_relo_by_insn_idx);
6409 bpf_object__reloc_code(struct bpf_object *obj, struct bpf_program *main_prog,
6410 struct bpf_program *prog)
6412 size_t sub_insn_idx, insn_idx, new_cnt;
6413 struct bpf_program *subprog;
6414 struct bpf_insn *insns, *insn;
6415 struct reloc_desc *relo;
6418 err = reloc_prog_func_and_line_info(obj, main_prog, prog);
6422 for (insn_idx = 0; insn_idx < prog->sec_insn_cnt; insn_idx++) {
6423 insn = &main_prog->insns[prog->sub_insn_off + insn_idx];
6424 if (!insn_is_subprog_call(insn) && !insn_is_pseudo_func(insn))
6427 relo = find_prog_insn_relo(prog, insn_idx);
6428 if (relo && relo->type != RELO_CALL && relo->type != RELO_SUBPROG_ADDR) {
6429 pr_warn("prog '%s': unexpected relo for insn #%zu, type %d\n",
6430 prog->name, insn_idx, relo->type);
6431 return -LIBBPF_ERRNO__RELOC;
6434 /* sub-program instruction index is a combination of
6435 * an offset of a symbol pointed to by relocation and
6436 * call instruction's imm field; for global functions,
6437 * call always has imm = -1, but for static functions
6438 * relocation is against STT_SECTION and insn->imm
6439 * points to a start of a static function
6441 * for subprog addr relocation, the relo->sym_off + insn->imm is
6442 * the byte offset in the corresponding section.
6444 if (relo->type == RELO_CALL)
6445 sub_insn_idx = relo->sym_off / BPF_INSN_SZ + insn->imm + 1;
6447 sub_insn_idx = (relo->sym_off + insn->imm) / BPF_INSN_SZ;
6448 } else if (insn_is_pseudo_func(insn)) {
6450 * RELO_SUBPROG_ADDR relo is always emitted even if both
6451 * functions are in the same section, so it shouldn't reach here.
6453 pr_warn("prog '%s': missing subprog addr relo for insn #%zu\n",
6454 prog->name, insn_idx);
6455 return -LIBBPF_ERRNO__RELOC;
6457 /* if subprogram call is to a static function within
6458 * the same ELF section, there won't be any relocation
6459 * emitted, but it also means there is no additional
6460 * offset necessary, insns->imm is relative to
6461 * instruction's original position within the section
6463 sub_insn_idx = prog->sec_insn_off + insn_idx + insn->imm + 1;
6466 /* we enforce that sub-programs should be in .text section */
6467 subprog = find_prog_by_sec_insn(obj, obj->efile.text_shndx, sub_insn_idx);
6469 pr_warn("prog '%s': no .text section found yet sub-program call exists\n",
6471 return -LIBBPF_ERRNO__RELOC;
6474 /* if it's the first call instruction calling into this
6475 * subprogram (meaning this subprog hasn't been processed
6476 * yet) within the context of current main program:
6477 * - append it at the end of main program's instructions blog;
6478 * - process is recursively, while current program is put on hold;
6479 * - if that subprogram calls some other not yet processes
6480 * subprogram, same thing will happen recursively until
6481 * there are no more unprocesses subprograms left to append
6484 if (subprog->sub_insn_off == 0) {
6485 subprog->sub_insn_off = main_prog->insns_cnt;
6487 new_cnt = main_prog->insns_cnt + subprog->insns_cnt;
6488 insns = libbpf_reallocarray(main_prog->insns, new_cnt, sizeof(*insns));
6490 pr_warn("prog '%s': failed to realloc prog code\n", main_prog->name);
6493 main_prog->insns = insns;
6494 main_prog->insns_cnt = new_cnt;
6496 memcpy(main_prog->insns + subprog->sub_insn_off, subprog->insns,
6497 subprog->insns_cnt * sizeof(*insns));
6499 pr_debug("prog '%s': added %zu insns from sub-prog '%s'\n",
6500 main_prog->name, subprog->insns_cnt, subprog->name);
6502 err = bpf_object__reloc_code(obj, main_prog, subprog);
6507 /* main_prog->insns memory could have been re-allocated, so
6508 * calculate pointer again
6510 insn = &main_prog->insns[prog->sub_insn_off + insn_idx];
6511 /* calculate correct instruction position within current main
6512 * prog; each main prog can have a different set of
6513 * subprograms appended (potentially in different order as
6514 * well), so position of any subprog can be different for
6515 * different main programs */
6516 insn->imm = subprog->sub_insn_off - (prog->sub_insn_off + insn_idx) - 1;
6519 relo->processed = true;
6521 pr_debug("prog '%s': insn #%zu relocated, imm %d points to subprog '%s' (now at %zu offset)\n",
6522 prog->name, insn_idx, insn->imm, subprog->name, subprog->sub_insn_off);
6529 * Relocate sub-program calls.
6531 * Algorithm operates as follows. Each entry-point BPF program (referred to as
6532 * main prog) is processed separately. For each subprog (non-entry functions,
6533 * that can be called from either entry progs or other subprogs) gets their
6534 * sub_insn_off reset to zero. This serves as indicator that this subprogram
6535 * hasn't been yet appended and relocated within current main prog. Once its
6536 * relocated, sub_insn_off will point at the position within current main prog
6537 * where given subprog was appended. This will further be used to relocate all
6538 * the call instructions jumping into this subprog.
6540 * We start with main program and process all call instructions. If the call
6541 * is into a subprog that hasn't been processed (i.e., subprog->sub_insn_off
6542 * is zero), subprog instructions are appended at the end of main program's
6543 * instruction array. Then main program is "put on hold" while we recursively
6544 * process newly appended subprogram. If that subprogram calls into another
6545 * subprogram that hasn't been appended, new subprogram is appended again to
6546 * the *main* prog's instructions (subprog's instructions are always left
6547 * untouched, as they need to be in unmodified state for subsequent main progs
6548 * and subprog instructions are always sent only as part of a main prog) and
6549 * the process continues recursively. Once all the subprogs called from a main
6550 * prog or any of its subprogs are appended (and relocated), all their
6551 * positions within finalized instructions array are known, so it's easy to
6552 * rewrite call instructions with correct relative offsets, corresponding to
6553 * desired target subprog.
6555 * Its important to realize that some subprogs might not be called from some
6556 * main prog and any of its called/used subprogs. Those will keep their
6557 * subprog->sub_insn_off as zero at all times and won't be appended to current
6558 * main prog and won't be relocated within the context of current main prog.
6559 * They might still be used from other main progs later.
6561 * Visually this process can be shown as below. Suppose we have two main
6562 * programs mainA and mainB and BPF object contains three subprogs: subA,
6563 * subB, and subC. mainA calls only subA, mainB calls only subC, but subA and
6564 * subC both call subB:
6566 * +--------+ +-------+
6568 * +--+---+ +--+-+-+ +---+--+
6569 * | subA | | subB | | subC |
6570 * +--+---+ +------+ +---+--+
6573 * +---+-------+ +------+----+
6574 * | mainA | | mainB |
6575 * +-----------+ +-----------+
6577 * We'll start relocating mainA, will find subA, append it and start
6578 * processing sub A recursively:
6580 * +-----------+------+
6582 * +-----------+------+
6584 * At this point we notice that subB is used from subA, so we append it and
6585 * relocate (there are no further subcalls from subB):
6587 * +-----------+------+------+
6588 * | mainA | subA | subB |
6589 * +-----------+------+------+
6591 * At this point, we relocate subA calls, then go one level up and finish with
6592 * relocatin mainA calls. mainA is done.
6594 * For mainB process is similar but results in different order. We start with
6595 * mainB and skip subA and subB, as mainB never calls them (at least
6596 * directly), but we see subC is needed, so we append and start processing it:
6598 * +-----------+------+
6600 * +-----------+------+
6601 * Now we see subC needs subB, so we go back to it, append and relocate it:
6603 * +-----------+------+------+
6604 * | mainB | subC | subB |
6605 * +-----------+------+------+
6607 * At this point we unwind recursion, relocate calls in subC, then in mainB.
6610 bpf_object__relocate_calls(struct bpf_object *obj, struct bpf_program *prog)
6612 struct bpf_program *subprog;
6615 /* mark all subprogs as not relocated (yet) within the context of
6616 * current main program
6618 for (i = 0; i < obj->nr_programs; i++) {
6619 subprog = &obj->programs[i];
6620 if (!prog_is_subprog(obj, subprog))
6623 subprog->sub_insn_off = 0;
6624 for (j = 0; j < subprog->nr_reloc; j++)
6625 if (subprog->reloc_desc[j].type == RELO_CALL)
6626 subprog->reloc_desc[j].processed = false;
6629 err = bpf_object__reloc_code(obj, prog, prog);
6638 bpf_object__relocate(struct bpf_object *obj, const char *targ_btf_path)
6640 struct bpf_program *prog;
6645 err = bpf_object__relocate_core(obj, targ_btf_path);
6647 pr_warn("failed to perform CO-RE relocations: %d\n",
6652 /* relocate data references first for all programs and sub-programs,
6653 * as they don't change relative to code locations, so subsequent
6654 * subprogram processing won't need to re-calculate any of them
6656 for (i = 0; i < obj->nr_programs; i++) {
6657 prog = &obj->programs[i];
6658 err = bpf_object__relocate_data(obj, prog);
6660 pr_warn("prog '%s': failed to relocate data references: %d\n",
6665 /* now relocate subprogram calls and append used subprograms to main
6666 * programs; each copy of subprogram code needs to be relocated
6667 * differently for each main program, because its code location might
6670 for (i = 0; i < obj->nr_programs; i++) {
6671 prog = &obj->programs[i];
6672 /* sub-program's sub-calls are relocated within the context of
6673 * its main program only
6675 if (prog_is_subprog(obj, prog))
6678 err = bpf_object__relocate_calls(obj, prog);
6680 pr_warn("prog '%s': failed to relocate calls: %d\n",
6685 /* free up relocation descriptors */
6686 for (i = 0; i < obj->nr_programs; i++) {
6687 prog = &obj->programs[i];
6688 zfree(&prog->reloc_desc);
6694 static int bpf_object__collect_st_ops_relos(struct bpf_object *obj,
6695 GElf_Shdr *shdr, Elf_Data *data);
6697 static int bpf_object__collect_map_relos(struct bpf_object *obj,
6698 GElf_Shdr *shdr, Elf_Data *data)
6700 const int bpf_ptr_sz = 8, host_ptr_sz = sizeof(void *);
6701 int i, j, nrels, new_sz;
6702 const struct btf_var_secinfo *vi = NULL;
6703 const struct btf_type *sec, *var, *def;
6704 struct bpf_map *map = NULL, *targ_map;
6705 const struct btf_member *member;
6706 const char *name, *mname;
6713 if (!obj->efile.btf_maps_sec_btf_id || !obj->btf)
6715 sec = btf__type_by_id(obj->btf, obj->efile.btf_maps_sec_btf_id);
6719 symbols = obj->efile.symbols;
6720 nrels = shdr->sh_size / shdr->sh_entsize;
6721 for (i = 0; i < nrels; i++) {
6722 if (!gelf_getrel(data, i, &rel)) {
6723 pr_warn(".maps relo #%d: failed to get ELF relo\n", i);
6724 return -LIBBPF_ERRNO__FORMAT;
6726 if (!gelf_getsym(symbols, GELF_R_SYM(rel.r_info), &sym)) {
6727 pr_warn(".maps relo #%d: symbol %zx not found\n",
6728 i, (size_t)GELF_R_SYM(rel.r_info));
6729 return -LIBBPF_ERRNO__FORMAT;
6731 name = elf_sym_str(obj, sym.st_name) ?: "<?>";
6732 if (sym.st_shndx != obj->efile.btf_maps_shndx) {
6733 pr_warn(".maps relo #%d: '%s' isn't a BTF-defined map\n",
6735 return -LIBBPF_ERRNO__RELOC;
6738 pr_debug(".maps relo #%d: for %zd value %zd rel.r_offset %zu name %d ('%s')\n",
6739 i, (ssize_t)(rel.r_info >> 32), (size_t)sym.st_value,
6740 (size_t)rel.r_offset, sym.st_name, name);
6742 for (j = 0; j < obj->nr_maps; j++) {
6743 map = &obj->maps[j];
6744 if (map->sec_idx != obj->efile.btf_maps_shndx)
6747 vi = btf_var_secinfos(sec) + map->btf_var_idx;
6748 if (vi->offset <= rel.r_offset &&
6749 rel.r_offset + bpf_ptr_sz <= vi->offset + vi->size)
6752 if (j == obj->nr_maps) {
6753 pr_warn(".maps relo #%d: cannot find map '%s' at rel.r_offset %zu\n",
6754 i, name, (size_t)rel.r_offset);
6758 if (!bpf_map_type__is_map_in_map(map->def.type))
6760 if (map->def.type == BPF_MAP_TYPE_HASH_OF_MAPS &&
6761 map->def.key_size != sizeof(int)) {
6762 pr_warn(".maps relo #%d: hash-of-maps '%s' should have key size %zu.\n",
6763 i, map->name, sizeof(int));
6767 targ_map = bpf_object__find_map_by_name(obj, name);
6771 var = btf__type_by_id(obj->btf, vi->type);
6772 def = skip_mods_and_typedefs(obj->btf, var->type, NULL);
6773 if (btf_vlen(def) == 0)
6775 member = btf_members(def) + btf_vlen(def) - 1;
6776 mname = btf__name_by_offset(obj->btf, member->name_off);
6777 if (strcmp(mname, "values"))
6780 moff = btf_member_bit_offset(def, btf_vlen(def) - 1) / 8;
6781 if (rel.r_offset - vi->offset < moff)
6784 moff = rel.r_offset - vi->offset - moff;
6785 /* here we use BPF pointer size, which is always 64 bit, as we
6786 * are parsing ELF that was built for BPF target
6788 if (moff % bpf_ptr_sz)
6791 if (moff >= map->init_slots_sz) {
6793 tmp = libbpf_reallocarray(map->init_slots, new_sz, host_ptr_sz);
6796 map->init_slots = tmp;
6797 memset(map->init_slots + map->init_slots_sz, 0,
6798 (new_sz - map->init_slots_sz) * host_ptr_sz);
6799 map->init_slots_sz = new_sz;
6801 map->init_slots[moff] = targ_map;
6803 pr_debug(".maps relo #%d: map '%s' slot [%d] points to map '%s'\n",
6804 i, map->name, moff, name);
6810 static int cmp_relocs(const void *_a, const void *_b)
6812 const struct reloc_desc *a = _a;
6813 const struct reloc_desc *b = _b;
6815 if (a->insn_idx != b->insn_idx)
6816 return a->insn_idx < b->insn_idx ? -1 : 1;
6818 /* no two relocations should have the same insn_idx, but ... */
6819 if (a->type != b->type)
6820 return a->type < b->type ? -1 : 1;
6825 static int bpf_object__collect_relos(struct bpf_object *obj)
6829 for (i = 0; i < obj->efile.nr_reloc_sects; i++) {
6830 GElf_Shdr *shdr = &obj->efile.reloc_sects[i].shdr;
6831 Elf_Data *data = obj->efile.reloc_sects[i].data;
6832 int idx = shdr->sh_info;
6834 if (shdr->sh_type != SHT_REL) {
6835 pr_warn("internal error at %d\n", __LINE__);
6836 return -LIBBPF_ERRNO__INTERNAL;
6839 if (idx == obj->efile.st_ops_shndx)
6840 err = bpf_object__collect_st_ops_relos(obj, shdr, data);
6841 else if (idx == obj->efile.btf_maps_shndx)
6842 err = bpf_object__collect_map_relos(obj, shdr, data);
6844 err = bpf_object__collect_prog_relos(obj, shdr, data);
6849 for (i = 0; i < obj->nr_programs; i++) {
6850 struct bpf_program *p = &obj->programs[i];
6855 qsort(p->reloc_desc, p->nr_reloc, sizeof(*p->reloc_desc), cmp_relocs);
6860 static bool insn_is_helper_call(struct bpf_insn *insn, enum bpf_func_id *func_id)
6862 if (BPF_CLASS(insn->code) == BPF_JMP &&
6863 BPF_OP(insn->code) == BPF_CALL &&
6864 BPF_SRC(insn->code) == BPF_K &&
6865 insn->src_reg == 0 &&
6866 insn->dst_reg == 0) {
6867 *func_id = insn->imm;
6873 static int bpf_object__sanitize_prog(struct bpf_object* obj, struct bpf_program *prog)
6875 struct bpf_insn *insn = prog->insns;
6876 enum bpf_func_id func_id;
6879 for (i = 0; i < prog->insns_cnt; i++, insn++) {
6880 if (!insn_is_helper_call(insn, &func_id))
6883 /* on kernels that don't yet support
6884 * bpf_probe_read_{kernel,user}[_str] helpers, fall back
6885 * to bpf_probe_read() which works well for old kernels
6888 case BPF_FUNC_probe_read_kernel:
6889 case BPF_FUNC_probe_read_user:
6890 if (!kernel_supports(FEAT_PROBE_READ_KERN))
6891 insn->imm = BPF_FUNC_probe_read;
6893 case BPF_FUNC_probe_read_kernel_str:
6894 case BPF_FUNC_probe_read_user_str:
6895 if (!kernel_supports(FEAT_PROBE_READ_KERN))
6896 insn->imm = BPF_FUNC_probe_read_str;
6906 load_program(struct bpf_program *prog, struct bpf_insn *insns, int insns_cnt,
6907 char *license, __u32 kern_version, int *pfd)
6909 struct bpf_prog_load_params load_attr = {};
6910 char *cp, errmsg[STRERR_BUFSIZE];
6911 size_t log_buf_size = 0;
6912 char *log_buf = NULL;
6915 if (prog->type == BPF_PROG_TYPE_UNSPEC) {
6917 * The program type must be set. Most likely we couldn't find a proper
6918 * section definition at load time, and thus we didn't infer the type.
6920 pr_warn("prog '%s': missing BPF prog type, check ELF section name '%s'\n",
6921 prog->name, prog->sec_name);
6925 if (!insns || !insns_cnt)
6928 load_attr.prog_type = prog->type;
6929 /* old kernels might not support specifying expected_attach_type */
6930 if (!kernel_supports(FEAT_EXP_ATTACH_TYPE) && prog->sec_def &&
6931 prog->sec_def->is_exp_attach_type_optional)
6932 load_attr.expected_attach_type = 0;
6934 load_attr.expected_attach_type = prog->expected_attach_type;
6935 if (kernel_supports(FEAT_PROG_NAME))
6936 load_attr.name = prog->name;
6937 load_attr.insns = insns;
6938 load_attr.insn_cnt = insns_cnt;
6939 load_attr.license = license;
6940 load_attr.attach_btf_id = prog->attach_btf_id;
6941 if (prog->attach_prog_fd)
6942 load_attr.attach_prog_fd = prog->attach_prog_fd;
6944 load_attr.attach_btf_obj_fd = prog->attach_btf_obj_fd;
6945 load_attr.attach_btf_id = prog->attach_btf_id;
6946 load_attr.kern_version = kern_version;
6947 load_attr.prog_ifindex = prog->prog_ifindex;
6949 /* specify func_info/line_info only if kernel supports them */
6950 btf_fd = bpf_object__btf_fd(prog->obj);
6951 if (btf_fd >= 0 && kernel_supports(FEAT_BTF_FUNC)) {
6952 load_attr.prog_btf_fd = btf_fd;
6953 load_attr.func_info = prog->func_info;
6954 load_attr.func_info_rec_size = prog->func_info_rec_size;
6955 load_attr.func_info_cnt = prog->func_info_cnt;
6956 load_attr.line_info = prog->line_info;
6957 load_attr.line_info_rec_size = prog->line_info_rec_size;
6958 load_attr.line_info_cnt = prog->line_info_cnt;
6960 load_attr.log_level = prog->log_level;
6961 load_attr.prog_flags = prog->prog_flags;
6965 log_buf = malloc(log_buf_size);
6972 load_attr.log_buf = log_buf;
6973 load_attr.log_buf_sz = log_buf_size;
6974 ret = libbpf__bpf_prog_load(&load_attr);
6977 if (log_buf && load_attr.log_level)
6978 pr_debug("verifier log:\n%s", log_buf);
6980 if (prog->obj->rodata_map_idx >= 0 &&
6981 kernel_supports(FEAT_PROG_BIND_MAP)) {
6982 struct bpf_map *rodata_map =
6983 &prog->obj->maps[prog->obj->rodata_map_idx];
6985 if (bpf_prog_bind_map(ret, bpf_map__fd(rodata_map), NULL)) {
6986 cp = libbpf_strerror_r(errno, errmsg, sizeof(errmsg));
6987 pr_warn("prog '%s': failed to bind .rodata map: %s\n",
6989 /* Don't fail hard if can't bind rodata. */
6998 if (!log_buf || errno == ENOSPC) {
6999 log_buf_size = max((size_t)BPF_LOG_BUF_SIZE,
7005 ret = errno ? -errno : -LIBBPF_ERRNO__LOAD;
7006 cp = libbpf_strerror_r(errno, errmsg, sizeof(errmsg));
7007 pr_warn("load bpf program failed: %s\n", cp);
7010 if (log_buf && log_buf[0] != '\0') {
7011 ret = -LIBBPF_ERRNO__VERIFY;
7012 pr_warn("-- BEGIN DUMP LOG ---\n");
7013 pr_warn("\n%s\n", log_buf);
7014 pr_warn("-- END LOG --\n");
7015 } else if (load_attr.insn_cnt >= BPF_MAXINSNS) {
7016 pr_warn("Program too large (%zu insns), at most %d insns\n",
7017 load_attr.insn_cnt, BPF_MAXINSNS);
7018 ret = -LIBBPF_ERRNO__PROG2BIG;
7019 } else if (load_attr.prog_type != BPF_PROG_TYPE_KPROBE) {
7020 /* Wrong program type? */
7023 load_attr.prog_type = BPF_PROG_TYPE_KPROBE;
7024 load_attr.expected_attach_type = 0;
7025 load_attr.log_buf = NULL;
7026 load_attr.log_buf_sz = 0;
7027 fd = libbpf__bpf_prog_load(&load_attr);
7030 ret = -LIBBPF_ERRNO__PROGTYPE;
7040 static int libbpf_find_attach_btf_id(struct bpf_program *prog, int *btf_obj_fd, int *btf_type_id);
7042 int bpf_program__load(struct bpf_program *prog, char *license, __u32 kern_ver)
7046 if (prog->obj->loaded) {
7047 pr_warn("prog '%s': can't load after object was loaded\n", prog->name);
7051 if ((prog->type == BPF_PROG_TYPE_TRACING ||
7052 prog->type == BPF_PROG_TYPE_LSM ||
7053 prog->type == BPF_PROG_TYPE_EXT) && !prog->attach_btf_id) {
7054 int btf_obj_fd = 0, btf_type_id = 0;
7056 err = libbpf_find_attach_btf_id(prog, &btf_obj_fd, &btf_type_id);
7060 prog->attach_btf_obj_fd = btf_obj_fd;
7061 prog->attach_btf_id = btf_type_id;
7064 if (prog->instances.nr < 0 || !prog->instances.fds) {
7065 if (prog->preprocessor) {
7066 pr_warn("Internal error: can't load program '%s'\n",
7068 return -LIBBPF_ERRNO__INTERNAL;
7071 prog->instances.fds = malloc(sizeof(int));
7072 if (!prog->instances.fds) {
7073 pr_warn("Not enough memory for BPF fds\n");
7076 prog->instances.nr = 1;
7077 prog->instances.fds[0] = -1;
7080 if (!prog->preprocessor) {
7081 if (prog->instances.nr != 1) {
7082 pr_warn("prog '%s': inconsistent nr(%d) != 1\n",
7083 prog->name, prog->instances.nr);
7085 err = load_program(prog, prog->insns, prog->insns_cnt,
7086 license, kern_ver, &fd);
7088 prog->instances.fds[0] = fd;
7092 for (i = 0; i < prog->instances.nr; i++) {
7093 struct bpf_prog_prep_result result;
7094 bpf_program_prep_t preprocessor = prog->preprocessor;
7096 memset(&result, 0, sizeof(result));
7097 err = preprocessor(prog, i, prog->insns,
7098 prog->insns_cnt, &result);
7100 pr_warn("Preprocessing the %dth instance of program '%s' failed\n",
7105 if (!result.new_insn_ptr || !result.new_insn_cnt) {
7106 pr_debug("Skip loading the %dth instance of program '%s'\n",
7108 prog->instances.fds[i] = -1;
7114 err = load_program(prog, result.new_insn_ptr,
7115 result.new_insn_cnt, license, kern_ver, &fd);
7117 pr_warn("Loading the %dth instance of program '%s' failed\n",
7124 prog->instances.fds[i] = fd;
7128 pr_warn("failed to load program '%s'\n", prog->name);
7129 zfree(&prog->insns);
7130 prog->insns_cnt = 0;
7135 bpf_object__load_progs(struct bpf_object *obj, int log_level)
7137 struct bpf_program *prog;
7141 for (i = 0; i < obj->nr_programs; i++) {
7142 prog = &obj->programs[i];
7143 err = bpf_object__sanitize_prog(obj, prog);
7148 for (i = 0; i < obj->nr_programs; i++) {
7149 prog = &obj->programs[i];
7150 if (prog_is_subprog(obj, prog))
7153 pr_debug("prog '%s': skipped loading\n", prog->name);
7156 prog->log_level |= log_level;
7157 err = bpf_program__load(prog, obj->license, obj->kern_version);
7164 static const struct bpf_sec_def *find_sec_def(const char *sec_name);
7166 static struct bpf_object *
7167 __bpf_object__open(const char *path, const void *obj_buf, size_t obj_buf_sz,
7168 const struct bpf_object_open_opts *opts)
7170 const char *obj_name, *kconfig;
7171 struct bpf_program *prog;
7172 struct bpf_object *obj;
7176 if (elf_version(EV_CURRENT) == EV_NONE) {
7177 pr_warn("failed to init libelf for %s\n",
7178 path ? : "(mem buf)");
7179 return ERR_PTR(-LIBBPF_ERRNO__LIBELF);
7182 if (!OPTS_VALID(opts, bpf_object_open_opts))
7183 return ERR_PTR(-EINVAL);
7185 obj_name = OPTS_GET(opts, object_name, NULL);
7188 snprintf(tmp_name, sizeof(tmp_name), "%lx-%lx",
7189 (unsigned long)obj_buf,
7190 (unsigned long)obj_buf_sz);
7191 obj_name = tmp_name;
7194 pr_debug("loading object '%s' from buffer\n", obj_name);
7197 obj = bpf_object__new(path, obj_buf, obj_buf_sz, obj_name);
7201 kconfig = OPTS_GET(opts, kconfig, NULL);
7203 obj->kconfig = strdup(kconfig);
7205 return ERR_PTR(-ENOMEM);
7208 err = bpf_object__elf_init(obj);
7209 err = err ? : bpf_object__check_endianness(obj);
7210 err = err ? : bpf_object__elf_collect(obj);
7211 err = err ? : bpf_object__collect_externs(obj);
7212 err = err ? : bpf_object__finalize_btf(obj);
7213 err = err ? : bpf_object__init_maps(obj, opts);
7214 err = err ? : bpf_object__collect_relos(obj);
7217 bpf_object__elf_finish(obj);
7219 bpf_object__for_each_program(prog, obj) {
7220 prog->sec_def = find_sec_def(prog->sec_name);
7221 if (!prog->sec_def) {
7222 /* couldn't guess, but user might manually specify */
7223 pr_debug("prog '%s': unrecognized ELF section name '%s'\n",
7224 prog->name, prog->sec_name);
7228 if (prog->sec_def->is_sleepable)
7229 prog->prog_flags |= BPF_F_SLEEPABLE;
7230 bpf_program__set_type(prog, prog->sec_def->prog_type);
7231 bpf_program__set_expected_attach_type(prog,
7232 prog->sec_def->expected_attach_type);
7234 if (prog->sec_def->prog_type == BPF_PROG_TYPE_TRACING ||
7235 prog->sec_def->prog_type == BPF_PROG_TYPE_EXT)
7236 prog->attach_prog_fd = OPTS_GET(opts, attach_prog_fd, 0);
7241 bpf_object__close(obj);
7242 return ERR_PTR(err);
7245 static struct bpf_object *
7246 __bpf_object__open_xattr(struct bpf_object_open_attr *attr, int flags)
7248 DECLARE_LIBBPF_OPTS(bpf_object_open_opts, opts,
7249 .relaxed_maps = flags & MAPS_RELAX_COMPAT,
7252 /* param validation */
7256 pr_debug("loading %s\n", attr->file);
7257 return __bpf_object__open(attr->file, NULL, 0, &opts);
7260 struct bpf_object *bpf_object__open_xattr(struct bpf_object_open_attr *attr)
7262 return __bpf_object__open_xattr(attr, 0);
7265 struct bpf_object *bpf_object__open(const char *path)
7267 struct bpf_object_open_attr attr = {
7269 .prog_type = BPF_PROG_TYPE_UNSPEC,
7272 return bpf_object__open_xattr(&attr);
7276 bpf_object__open_file(const char *path, const struct bpf_object_open_opts *opts)
7279 return ERR_PTR(-EINVAL);
7281 pr_debug("loading %s\n", path);
7283 return __bpf_object__open(path, NULL, 0, opts);
7287 bpf_object__open_mem(const void *obj_buf, size_t obj_buf_sz,
7288 const struct bpf_object_open_opts *opts)
7290 if (!obj_buf || obj_buf_sz == 0)
7291 return ERR_PTR(-EINVAL);
7293 return __bpf_object__open(NULL, obj_buf, obj_buf_sz, opts);
7297 bpf_object__open_buffer(const void *obj_buf, size_t obj_buf_sz,
7300 DECLARE_LIBBPF_OPTS(bpf_object_open_opts, opts,
7301 .object_name = name,
7302 /* wrong default, but backwards-compatible */
7303 .relaxed_maps = true,
7306 /* returning NULL is wrong, but backwards-compatible */
7307 if (!obj_buf || obj_buf_sz == 0)
7310 return bpf_object__open_mem(obj_buf, obj_buf_sz, &opts);
7313 int bpf_object__unload(struct bpf_object *obj)
7320 for (i = 0; i < obj->nr_maps; i++) {
7321 zclose(obj->maps[i].fd);
7322 if (obj->maps[i].st_ops)
7323 zfree(&obj->maps[i].st_ops->kern_vdata);
7326 for (i = 0; i < obj->nr_programs; i++)
7327 bpf_program__unload(&obj->programs[i]);
7332 static int bpf_object__sanitize_maps(struct bpf_object *obj)
7336 bpf_object__for_each_map(m, obj) {
7337 if (!bpf_map__is_internal(m))
7339 if (!kernel_supports(FEAT_GLOBAL_DATA)) {
7340 pr_warn("kernel doesn't support global data\n");
7343 if (!kernel_supports(FEAT_ARRAY_MMAP))
7344 m->def.map_flags ^= BPF_F_MMAPABLE;
7350 static int bpf_object__read_kallsyms_file(struct bpf_object *obj)
7352 char sym_type, sym_name[500];
7353 unsigned long long sym_addr;
7354 struct extern_desc *ext;
7358 f = fopen("/proc/kallsyms", "r");
7361 pr_warn("failed to open /proc/kallsyms: %d\n", err);
7366 ret = fscanf(f, "%llx %c %499s%*[^\n]\n",
7367 &sym_addr, &sym_type, sym_name);
7368 if (ret == EOF && feof(f))
7371 pr_warn("failed to read kallsyms entry: %d\n", ret);
7376 ext = find_extern_by_name(obj, sym_name);
7377 if (!ext || ext->type != EXT_KSYM)
7380 if (ext->is_set && ext->ksym.addr != sym_addr) {
7381 pr_warn("extern (ksym) '%s' resolution is ambiguous: 0x%llx or 0x%llx\n",
7382 sym_name, ext->ksym.addr, sym_addr);
7388 ext->ksym.addr = sym_addr;
7389 pr_debug("extern (ksym) %s=0x%llx\n", sym_name, sym_addr);
7398 static int bpf_object__resolve_ksyms_btf_id(struct bpf_object *obj)
7400 struct extern_desc *ext;
7402 int i, j, id, btf_fd, err;
7404 for (i = 0; i < obj->nr_extern; i++) {
7405 const struct btf_type *targ_var, *targ_type;
7406 __u32 targ_type_id, local_type_id;
7407 const char *targ_var_name;
7410 ext = &obj->externs[i];
7411 if (ext->type != EXT_KSYM || !ext->ksym.type_id)
7414 btf = obj->btf_vmlinux;
7416 id = btf__find_by_name_kind(btf, ext->name, BTF_KIND_VAR);
7417 if (id == -ENOENT) {
7418 err = load_module_btfs(obj);
7422 for (j = 0; j < obj->btf_module_cnt; j++) {
7423 btf = obj->btf_modules[j].btf;
7424 /* we assume module BTF FD is always >0 */
7425 btf_fd = obj->btf_modules[j].fd;
7426 id = btf__find_by_name_kind(btf, ext->name, BTF_KIND_VAR);
7432 pr_warn("extern (ksym) '%s': failed to find BTF ID in kernel BTF(s).\n",
7437 /* find local type_id */
7438 local_type_id = ext->ksym.type_id;
7440 /* find target type_id */
7441 targ_var = btf__type_by_id(btf, id);
7442 targ_var_name = btf__name_by_offset(btf, targ_var->name_off);
7443 targ_type = skip_mods_and_typedefs(btf, targ_var->type, &targ_type_id);
7445 ret = bpf_core_types_are_compat(obj->btf, local_type_id,
7448 const struct btf_type *local_type;
7449 const char *targ_name, *local_name;
7451 local_type = btf__type_by_id(obj->btf, local_type_id);
7452 local_name = btf__name_by_offset(obj->btf, local_type->name_off);
7453 targ_name = btf__name_by_offset(btf, targ_type->name_off);
7455 pr_warn("extern (ksym) '%s': incompatible types, expected [%d] %s %s, but kernel has [%d] %s %s\n",
7456 ext->name, local_type_id,
7457 btf_kind_str(local_type), local_name, targ_type_id,
7458 btf_kind_str(targ_type), targ_name);
7463 ext->ksym.kernel_btf_obj_fd = btf_fd;
7464 ext->ksym.kernel_btf_id = id;
7465 pr_debug("extern (ksym) '%s': resolved to [%d] %s %s\n",
7466 ext->name, id, btf_kind_str(targ_var), targ_var_name);
7471 static int bpf_object__resolve_externs(struct bpf_object *obj,
7472 const char *extra_kconfig)
7474 bool need_config = false, need_kallsyms = false;
7475 bool need_vmlinux_btf = false;
7476 struct extern_desc *ext;
7477 void *kcfg_data = NULL;
7480 if (obj->nr_extern == 0)
7483 if (obj->kconfig_map_idx >= 0)
7484 kcfg_data = obj->maps[obj->kconfig_map_idx].mmaped;
7486 for (i = 0; i < obj->nr_extern; i++) {
7487 ext = &obj->externs[i];
7489 if (ext->type == EXT_KCFG &&
7490 strcmp(ext->name, "LINUX_KERNEL_VERSION") == 0) {
7491 void *ext_val = kcfg_data + ext->kcfg.data_off;
7492 __u32 kver = get_kernel_version();
7495 pr_warn("failed to get kernel version\n");
7498 err = set_kcfg_value_num(ext, ext_val, kver);
7501 pr_debug("extern (kcfg) %s=0x%x\n", ext->name, kver);
7502 } else if (ext->type == EXT_KCFG &&
7503 strncmp(ext->name, "CONFIG_", 7) == 0) {
7505 } else if (ext->type == EXT_KSYM) {
7506 if (ext->ksym.type_id)
7507 need_vmlinux_btf = true;
7509 need_kallsyms = true;
7511 pr_warn("unrecognized extern '%s'\n", ext->name);
7515 if (need_config && extra_kconfig) {
7516 err = bpf_object__read_kconfig_mem(obj, extra_kconfig, kcfg_data);
7519 need_config = false;
7520 for (i = 0; i < obj->nr_extern; i++) {
7521 ext = &obj->externs[i];
7522 if (ext->type == EXT_KCFG && !ext->is_set) {
7529 err = bpf_object__read_kconfig_file(obj, kcfg_data);
7533 if (need_kallsyms) {
7534 err = bpf_object__read_kallsyms_file(obj);
7538 if (need_vmlinux_btf) {
7539 err = bpf_object__resolve_ksyms_btf_id(obj);
7543 for (i = 0; i < obj->nr_extern; i++) {
7544 ext = &obj->externs[i];
7546 if (!ext->is_set && !ext->is_weak) {
7547 pr_warn("extern %s (strong) not resolved\n", ext->name);
7549 } else if (!ext->is_set) {
7550 pr_debug("extern %s (weak) not resolved, defaulting to zero\n",
7558 int bpf_object__load_xattr(struct bpf_object_load_attr *attr)
7560 struct bpf_object *obj;
7570 pr_warn("object '%s': load can't be attempted twice\n", obj->name);
7574 err = bpf_object__probe_loading(obj);
7575 err = err ? : bpf_object__load_vmlinux_btf(obj, false);
7576 err = err ? : bpf_object__resolve_externs(obj, obj->kconfig);
7577 err = err ? : bpf_object__sanitize_and_load_btf(obj);
7578 err = err ? : bpf_object__sanitize_maps(obj);
7579 err = err ? : bpf_object__init_kern_struct_ops_maps(obj);
7580 err = err ? : bpf_object__create_maps(obj);
7581 err = err ? : bpf_object__relocate(obj, attr->target_btf_path);
7582 err = err ? : bpf_object__load_progs(obj, attr->log_level);
7584 /* clean up module BTFs */
7585 for (i = 0; i < obj->btf_module_cnt; i++) {
7586 close(obj->btf_modules[i].fd);
7587 btf__free(obj->btf_modules[i].btf);
7588 free(obj->btf_modules[i].name);
7590 free(obj->btf_modules);
7592 /* clean up vmlinux BTF */
7593 btf__free(obj->btf_vmlinux);
7594 obj->btf_vmlinux = NULL;
7596 obj->loaded = true; /* doesn't matter if successfully or not */
7603 /* unpin any maps that were auto-pinned during load */
7604 for (i = 0; i < obj->nr_maps; i++)
7605 if (obj->maps[i].pinned && !obj->maps[i].reused)
7606 bpf_map__unpin(&obj->maps[i], NULL);
7608 bpf_object__unload(obj);
7609 pr_warn("failed to load object '%s'\n", obj->path);
7613 int bpf_object__load(struct bpf_object *obj)
7615 struct bpf_object_load_attr attr = {
7619 return bpf_object__load_xattr(&attr);
7622 static int make_parent_dir(const char *path)
7624 char *cp, errmsg[STRERR_BUFSIZE];
7628 dname = strdup(path);
7632 dir = dirname(dname);
7633 if (mkdir(dir, 0700) && errno != EEXIST)
7638 cp = libbpf_strerror_r(-err, errmsg, sizeof(errmsg));
7639 pr_warn("failed to mkdir %s: %s\n", path, cp);
7644 static int check_path(const char *path)
7646 char *cp, errmsg[STRERR_BUFSIZE];
7647 struct statfs st_fs;
7654 dname = strdup(path);
7658 dir = dirname(dname);
7659 if (statfs(dir, &st_fs)) {
7660 cp = libbpf_strerror_r(errno, errmsg, sizeof(errmsg));
7661 pr_warn("failed to statfs %s: %s\n", dir, cp);
7666 if (!err && st_fs.f_type != BPF_FS_MAGIC) {
7667 pr_warn("specified path %s is not on BPF FS\n", path);
7674 int bpf_program__pin_instance(struct bpf_program *prog, const char *path,
7677 char *cp, errmsg[STRERR_BUFSIZE];
7680 err = make_parent_dir(path);
7684 err = check_path(path);
7689 pr_warn("invalid program pointer\n");
7693 if (instance < 0 || instance >= prog->instances.nr) {
7694 pr_warn("invalid prog instance %d of prog %s (max %d)\n",
7695 instance, prog->name, prog->instances.nr);
7699 if (bpf_obj_pin(prog->instances.fds[instance], path)) {
7701 cp = libbpf_strerror_r(err, errmsg, sizeof(errmsg));
7702 pr_warn("failed to pin program: %s\n", cp);
7705 pr_debug("pinned program '%s'\n", path);
7710 int bpf_program__unpin_instance(struct bpf_program *prog, const char *path,
7715 err = check_path(path);
7720 pr_warn("invalid program pointer\n");
7724 if (instance < 0 || instance >= prog->instances.nr) {
7725 pr_warn("invalid prog instance %d of prog %s (max %d)\n",
7726 instance, prog->name, prog->instances.nr);
7733 pr_debug("unpinned program '%s'\n", path);
7738 int bpf_program__pin(struct bpf_program *prog, const char *path)
7742 err = make_parent_dir(path);
7746 err = check_path(path);
7751 pr_warn("invalid program pointer\n");
7755 if (prog->instances.nr <= 0) {
7756 pr_warn("no instances of prog %s to pin\n", prog->name);
7760 if (prog->instances.nr == 1) {
7761 /* don't create subdirs when pinning single instance */
7762 return bpf_program__pin_instance(prog, path, 0);
7765 for (i = 0; i < prog->instances.nr; i++) {
7769 len = snprintf(buf, PATH_MAX, "%s/%d", path, i);
7773 } else if (len >= PATH_MAX) {
7774 err = -ENAMETOOLONG;
7778 err = bpf_program__pin_instance(prog, buf, i);
7786 for (i = i - 1; i >= 0; i--) {
7790 len = snprintf(buf, PATH_MAX, "%s/%d", path, i);
7793 else if (len >= PATH_MAX)
7796 bpf_program__unpin_instance(prog, buf, i);
7804 int bpf_program__unpin(struct bpf_program *prog, const char *path)
7808 err = check_path(path);
7813 pr_warn("invalid program pointer\n");
7817 if (prog->instances.nr <= 0) {
7818 pr_warn("no instances of prog %s to pin\n", prog->name);
7822 if (prog->instances.nr == 1) {
7823 /* don't create subdirs when pinning single instance */
7824 return bpf_program__unpin_instance(prog, path, 0);
7827 for (i = 0; i < prog->instances.nr; i++) {
7831 len = snprintf(buf, PATH_MAX, "%s/%d", path, i);
7834 else if (len >= PATH_MAX)
7835 return -ENAMETOOLONG;
7837 err = bpf_program__unpin_instance(prog, buf, i);
7849 int bpf_map__pin(struct bpf_map *map, const char *path)
7851 char *cp, errmsg[STRERR_BUFSIZE];
7855 pr_warn("invalid map pointer\n");
7859 if (map->pin_path) {
7860 if (path && strcmp(path, map->pin_path)) {
7861 pr_warn("map '%s' already has pin path '%s' different from '%s'\n",
7862 bpf_map__name(map), map->pin_path, path);
7864 } else if (map->pinned) {
7865 pr_debug("map '%s' already pinned at '%s'; not re-pinning\n",
7866 bpf_map__name(map), map->pin_path);
7871 pr_warn("missing a path to pin map '%s' at\n",
7872 bpf_map__name(map));
7874 } else if (map->pinned) {
7875 pr_warn("map '%s' already pinned\n", bpf_map__name(map));
7879 map->pin_path = strdup(path);
7880 if (!map->pin_path) {
7886 err = make_parent_dir(map->pin_path);
7890 err = check_path(map->pin_path);
7894 if (bpf_obj_pin(map->fd, map->pin_path)) {
7900 pr_debug("pinned map '%s'\n", map->pin_path);
7905 cp = libbpf_strerror_r(-err, errmsg, sizeof(errmsg));
7906 pr_warn("failed to pin map: %s\n", cp);
7910 int bpf_map__unpin(struct bpf_map *map, const char *path)
7915 pr_warn("invalid map pointer\n");
7919 if (map->pin_path) {
7920 if (path && strcmp(path, map->pin_path)) {
7921 pr_warn("map '%s' already has pin path '%s' different from '%s'\n",
7922 bpf_map__name(map), map->pin_path, path);
7925 path = map->pin_path;
7927 pr_warn("no path to unpin map '%s' from\n",
7928 bpf_map__name(map));
7932 err = check_path(path);
7940 map->pinned = false;
7941 pr_debug("unpinned map '%s' from '%s'\n", bpf_map__name(map), path);
7946 int bpf_map__set_pin_path(struct bpf_map *map, const char *path)
7956 free(map->pin_path);
7957 map->pin_path = new;
7961 const char *bpf_map__get_pin_path(const struct bpf_map *map)
7963 return map->pin_path;
7966 bool bpf_map__is_pinned(const struct bpf_map *map)
7971 static void sanitize_pin_path(char *s)
7973 /* bpffs disallows periods in path names */
7981 int bpf_object__pin_maps(struct bpf_object *obj, const char *path)
7983 struct bpf_map *map;
7990 pr_warn("object not yet loaded; load it first\n");
7994 bpf_object__for_each_map(map, obj) {
7995 char *pin_path = NULL;
8001 len = snprintf(buf, PATH_MAX, "%s/%s", path,
8002 bpf_map__name(map));
8005 goto err_unpin_maps;
8006 } else if (len >= PATH_MAX) {
8007 err = -ENAMETOOLONG;
8008 goto err_unpin_maps;
8010 sanitize_pin_path(buf);
8012 } else if (!map->pin_path) {
8016 err = bpf_map__pin(map, pin_path);
8018 goto err_unpin_maps;
8024 while ((map = bpf_map__prev(map, obj))) {
8028 bpf_map__unpin(map, NULL);
8034 int bpf_object__unpin_maps(struct bpf_object *obj, const char *path)
8036 struct bpf_map *map;
8042 bpf_object__for_each_map(map, obj) {
8043 char *pin_path = NULL;
8049 len = snprintf(buf, PATH_MAX, "%s/%s", path,
8050 bpf_map__name(map));
8053 else if (len >= PATH_MAX)
8054 return -ENAMETOOLONG;
8055 sanitize_pin_path(buf);
8057 } else if (!map->pin_path) {
8061 err = bpf_map__unpin(map, pin_path);
8069 int bpf_object__pin_programs(struct bpf_object *obj, const char *path)
8071 struct bpf_program *prog;
8078 pr_warn("object not yet loaded; load it first\n");
8082 bpf_object__for_each_program(prog, obj) {
8086 len = snprintf(buf, PATH_MAX, "%s/%s", path,
8090 goto err_unpin_programs;
8091 } else if (len >= PATH_MAX) {
8092 err = -ENAMETOOLONG;
8093 goto err_unpin_programs;
8096 err = bpf_program__pin(prog, buf);
8098 goto err_unpin_programs;
8104 while ((prog = bpf_program__prev(prog, obj))) {
8108 len = snprintf(buf, PATH_MAX, "%s/%s", path,
8112 else if (len >= PATH_MAX)
8115 bpf_program__unpin(prog, buf);
8121 int bpf_object__unpin_programs(struct bpf_object *obj, const char *path)
8123 struct bpf_program *prog;
8129 bpf_object__for_each_program(prog, obj) {
8133 len = snprintf(buf, PATH_MAX, "%s/%s", path,
8137 else if (len >= PATH_MAX)
8138 return -ENAMETOOLONG;
8140 err = bpf_program__unpin(prog, buf);
8148 int bpf_object__pin(struct bpf_object *obj, const char *path)
8152 err = bpf_object__pin_maps(obj, path);
8156 err = bpf_object__pin_programs(obj, path);
8158 bpf_object__unpin_maps(obj, path);
8165 static void bpf_map__destroy(struct bpf_map *map)
8167 if (map->clear_priv)
8168 map->clear_priv(map, map->priv);
8170 map->clear_priv = NULL;
8172 if (map->inner_map) {
8173 bpf_map__destroy(map->inner_map);
8174 zfree(&map->inner_map);
8177 zfree(&map->init_slots);
8178 map->init_slots_sz = 0;
8181 munmap(map->mmaped, bpf_map_mmap_sz(map));
8186 zfree(&map->st_ops->data);
8187 zfree(&map->st_ops->progs);
8188 zfree(&map->st_ops->kern_func_off);
8189 zfree(&map->st_ops);
8193 zfree(&map->pin_path);
8199 void bpf_object__close(struct bpf_object *obj)
8203 if (IS_ERR_OR_NULL(obj))
8206 if (obj->clear_priv)
8207 obj->clear_priv(obj, obj->priv);
8209 bpf_object__elf_finish(obj);
8210 bpf_object__unload(obj);
8211 btf__free(obj->btf);
8212 btf_ext__free(obj->btf_ext);
8214 for (i = 0; i < obj->nr_maps; i++)
8215 bpf_map__destroy(&obj->maps[i]);
8217 zfree(&obj->kconfig);
8218 zfree(&obj->externs);
8224 if (obj->programs && obj->nr_programs) {
8225 for (i = 0; i < obj->nr_programs; i++)
8226 bpf_program__exit(&obj->programs[i]);
8228 zfree(&obj->programs);
8230 list_del(&obj->list);
8235 bpf_object__next(struct bpf_object *prev)
8237 struct bpf_object *next;
8240 next = list_first_entry(&bpf_objects_list,
8244 next = list_next_entry(prev, list);
8246 /* Empty list is noticed here so don't need checking on entry. */
8247 if (&next->list == &bpf_objects_list)
8253 const char *bpf_object__name(const struct bpf_object *obj)
8255 return obj ? obj->name : ERR_PTR(-EINVAL);
8258 unsigned int bpf_object__kversion(const struct bpf_object *obj)
8260 return obj ? obj->kern_version : 0;
8263 struct btf *bpf_object__btf(const struct bpf_object *obj)
8265 return obj ? obj->btf : NULL;
8268 int bpf_object__btf_fd(const struct bpf_object *obj)
8270 return obj->btf ? btf__fd(obj->btf) : -1;
8273 int bpf_object__set_priv(struct bpf_object *obj, void *priv,
8274 bpf_object_clear_priv_t clear_priv)
8276 if (obj->priv && obj->clear_priv)
8277 obj->clear_priv(obj, obj->priv);
8280 obj->clear_priv = clear_priv;
8284 void *bpf_object__priv(const struct bpf_object *obj)
8286 return obj ? obj->priv : ERR_PTR(-EINVAL);
8289 static struct bpf_program *
8290 __bpf_program__iter(const struct bpf_program *p, const struct bpf_object *obj,
8293 size_t nr_programs = obj->nr_programs;
8300 /* Iter from the beginning */
8301 return forward ? &obj->programs[0] :
8302 &obj->programs[nr_programs - 1];
8304 if (p->obj != obj) {
8305 pr_warn("error: program handler doesn't match object\n");
8309 idx = (p - obj->programs) + (forward ? 1 : -1);
8310 if (idx >= obj->nr_programs || idx < 0)
8312 return &obj->programs[idx];
8315 struct bpf_program *
8316 bpf_program__next(struct bpf_program *prev, const struct bpf_object *obj)
8318 struct bpf_program *prog = prev;
8321 prog = __bpf_program__iter(prog, obj, true);
8322 } while (prog && prog_is_subprog(obj, prog));
8327 struct bpf_program *
8328 bpf_program__prev(struct bpf_program *next, const struct bpf_object *obj)
8330 struct bpf_program *prog = next;
8333 prog = __bpf_program__iter(prog, obj, false);
8334 } while (prog && prog_is_subprog(obj, prog));
8339 int bpf_program__set_priv(struct bpf_program *prog, void *priv,
8340 bpf_program_clear_priv_t clear_priv)
8342 if (prog->priv && prog->clear_priv)
8343 prog->clear_priv(prog, prog->priv);
8346 prog->clear_priv = clear_priv;
8350 void *bpf_program__priv(const struct bpf_program *prog)
8352 return prog ? prog->priv : ERR_PTR(-EINVAL);
8355 void bpf_program__set_ifindex(struct bpf_program *prog, __u32 ifindex)
8357 prog->prog_ifindex = ifindex;
8360 const char *bpf_program__name(const struct bpf_program *prog)
8365 const char *bpf_program__section_name(const struct bpf_program *prog)
8367 return prog->sec_name;
8370 const char *bpf_program__title(const struct bpf_program *prog, bool needs_copy)
8374 title = prog->sec_name;
8376 title = strdup(title);
8378 pr_warn("failed to strdup program title\n");
8379 return ERR_PTR(-ENOMEM);
8386 bool bpf_program__autoload(const struct bpf_program *prog)
8391 int bpf_program__set_autoload(struct bpf_program *prog, bool autoload)
8393 if (prog->obj->loaded)
8396 prog->load = autoload;
8400 int bpf_program__fd(const struct bpf_program *prog)
8402 return bpf_program__nth_fd(prog, 0);
8405 size_t bpf_program__size(const struct bpf_program *prog)
8407 return prog->insns_cnt * BPF_INSN_SZ;
8410 int bpf_program__set_prep(struct bpf_program *prog, int nr_instances,
8411 bpf_program_prep_t prep)
8415 if (nr_instances <= 0 || !prep)
8418 if (prog->instances.nr > 0 || prog->instances.fds) {
8419 pr_warn("Can't set pre-processor after loading\n");
8423 instances_fds = malloc(sizeof(int) * nr_instances);
8424 if (!instances_fds) {
8425 pr_warn("alloc memory failed for fds\n");
8429 /* fill all fd with -1 */
8430 memset(instances_fds, -1, sizeof(int) * nr_instances);
8432 prog->instances.nr = nr_instances;
8433 prog->instances.fds = instances_fds;
8434 prog->preprocessor = prep;
8438 int bpf_program__nth_fd(const struct bpf_program *prog, int n)
8445 if (n >= prog->instances.nr || n < 0) {
8446 pr_warn("Can't get the %dth fd from program %s: only %d instances\n",
8447 n, prog->name, prog->instances.nr);
8451 fd = prog->instances.fds[n];
8453 pr_warn("%dth instance of program '%s' is invalid\n",
8461 enum bpf_prog_type bpf_program__get_type(struct bpf_program *prog)
8466 void bpf_program__set_type(struct bpf_program *prog, enum bpf_prog_type type)
8471 static bool bpf_program__is_type(const struct bpf_program *prog,
8472 enum bpf_prog_type type)
8474 return prog ? (prog->type == type) : false;
8477 #define BPF_PROG_TYPE_FNS(NAME, TYPE) \
8478 int bpf_program__set_##NAME(struct bpf_program *prog) \
8482 bpf_program__set_type(prog, TYPE); \
8486 bool bpf_program__is_##NAME(const struct bpf_program *prog) \
8488 return bpf_program__is_type(prog, TYPE); \
8491 BPF_PROG_TYPE_FNS(socket_filter, BPF_PROG_TYPE_SOCKET_FILTER);
8492 BPF_PROG_TYPE_FNS(lsm, BPF_PROG_TYPE_LSM);
8493 BPF_PROG_TYPE_FNS(kprobe, BPF_PROG_TYPE_KPROBE);
8494 BPF_PROG_TYPE_FNS(sched_cls, BPF_PROG_TYPE_SCHED_CLS);
8495 BPF_PROG_TYPE_FNS(sched_act, BPF_PROG_TYPE_SCHED_ACT);
8496 BPF_PROG_TYPE_FNS(tracepoint, BPF_PROG_TYPE_TRACEPOINT);
8497 BPF_PROG_TYPE_FNS(raw_tracepoint, BPF_PROG_TYPE_RAW_TRACEPOINT);
8498 BPF_PROG_TYPE_FNS(xdp, BPF_PROG_TYPE_XDP);
8499 BPF_PROG_TYPE_FNS(perf_event, BPF_PROG_TYPE_PERF_EVENT);
8500 BPF_PROG_TYPE_FNS(tracing, BPF_PROG_TYPE_TRACING);
8501 BPF_PROG_TYPE_FNS(struct_ops, BPF_PROG_TYPE_STRUCT_OPS);
8502 BPF_PROG_TYPE_FNS(extension, BPF_PROG_TYPE_EXT);
8503 BPF_PROG_TYPE_FNS(sk_lookup, BPF_PROG_TYPE_SK_LOOKUP);
8505 enum bpf_attach_type
8506 bpf_program__get_expected_attach_type(struct bpf_program *prog)
8508 return prog->expected_attach_type;
8511 void bpf_program__set_expected_attach_type(struct bpf_program *prog,
8512 enum bpf_attach_type type)
8514 prog->expected_attach_type = type;
8517 #define BPF_PROG_SEC_IMPL(string, ptype, eatype, eatype_optional, \
8518 attachable, attach_btf) \
8521 .len = sizeof(string) - 1, \
8522 .prog_type = ptype, \
8523 .expected_attach_type = eatype, \
8524 .is_exp_attach_type_optional = eatype_optional, \
8525 .is_attachable = attachable, \
8526 .is_attach_btf = attach_btf, \
8529 /* Programs that can NOT be attached. */
8530 #define BPF_PROG_SEC(string, ptype) BPF_PROG_SEC_IMPL(string, ptype, 0, 0, 0, 0)
8532 /* Programs that can be attached. */
8533 #define BPF_APROG_SEC(string, ptype, atype) \
8534 BPF_PROG_SEC_IMPL(string, ptype, atype, true, 1, 0)
8536 /* Programs that must specify expected attach type at load time. */
8537 #define BPF_EAPROG_SEC(string, ptype, eatype) \
8538 BPF_PROG_SEC_IMPL(string, ptype, eatype, false, 1, 0)
8540 /* Programs that use BTF to identify attach point */
8541 #define BPF_PROG_BTF(string, ptype, eatype) \
8542 BPF_PROG_SEC_IMPL(string, ptype, eatype, false, 0, 1)
8544 /* Programs that can be attached but attach type can't be identified by section
8545 * name. Kept for backward compatibility.
8547 #define BPF_APROG_COMPAT(string, ptype) BPF_PROG_SEC(string, ptype)
8549 #define SEC_DEF(sec_pfx, ptype, ...) { \
8551 .len = sizeof(sec_pfx) - 1, \
8552 .prog_type = BPF_PROG_TYPE_##ptype, \
8556 static struct bpf_link *attach_kprobe(const struct bpf_sec_def *sec,
8557 struct bpf_program *prog);
8558 static struct bpf_link *attach_tp(const struct bpf_sec_def *sec,
8559 struct bpf_program *prog);
8560 static struct bpf_link *attach_raw_tp(const struct bpf_sec_def *sec,
8561 struct bpf_program *prog);
8562 static struct bpf_link *attach_trace(const struct bpf_sec_def *sec,
8563 struct bpf_program *prog);
8564 static struct bpf_link *attach_lsm(const struct bpf_sec_def *sec,
8565 struct bpf_program *prog);
8566 static struct bpf_link *attach_iter(const struct bpf_sec_def *sec,
8567 struct bpf_program *prog);
8569 static const struct bpf_sec_def section_defs[] = {
8570 BPF_PROG_SEC("socket", BPF_PROG_TYPE_SOCKET_FILTER),
8571 BPF_PROG_SEC("sk_reuseport", BPF_PROG_TYPE_SK_REUSEPORT),
8572 SEC_DEF("kprobe/", KPROBE,
8573 .attach_fn = attach_kprobe),
8574 BPF_PROG_SEC("uprobe/", BPF_PROG_TYPE_KPROBE),
8575 SEC_DEF("kretprobe/", KPROBE,
8576 .attach_fn = attach_kprobe),
8577 BPF_PROG_SEC("uretprobe/", BPF_PROG_TYPE_KPROBE),
8578 BPF_PROG_SEC("classifier", BPF_PROG_TYPE_SCHED_CLS),
8579 BPF_PROG_SEC("action", BPF_PROG_TYPE_SCHED_ACT),
8580 SEC_DEF("tracepoint/", TRACEPOINT,
8581 .attach_fn = attach_tp),
8582 SEC_DEF("tp/", TRACEPOINT,
8583 .attach_fn = attach_tp),
8584 SEC_DEF("raw_tracepoint/", RAW_TRACEPOINT,
8585 .attach_fn = attach_raw_tp),
8586 SEC_DEF("raw_tp/", RAW_TRACEPOINT,
8587 .attach_fn = attach_raw_tp),
8588 SEC_DEF("tp_btf/", TRACING,
8589 .expected_attach_type = BPF_TRACE_RAW_TP,
8590 .is_attach_btf = true,
8591 .attach_fn = attach_trace),
8592 SEC_DEF("fentry/", TRACING,
8593 .expected_attach_type = BPF_TRACE_FENTRY,
8594 .is_attach_btf = true,
8595 .attach_fn = attach_trace),
8596 SEC_DEF("fmod_ret/", TRACING,
8597 .expected_attach_type = BPF_MODIFY_RETURN,
8598 .is_attach_btf = true,
8599 .attach_fn = attach_trace),
8600 SEC_DEF("fexit/", TRACING,
8601 .expected_attach_type = BPF_TRACE_FEXIT,
8602 .is_attach_btf = true,
8603 .attach_fn = attach_trace),
8604 SEC_DEF("fentry.s/", TRACING,
8605 .expected_attach_type = BPF_TRACE_FENTRY,
8606 .is_attach_btf = true,
8607 .is_sleepable = true,
8608 .attach_fn = attach_trace),
8609 SEC_DEF("fmod_ret.s/", TRACING,
8610 .expected_attach_type = BPF_MODIFY_RETURN,
8611 .is_attach_btf = true,
8612 .is_sleepable = true,
8613 .attach_fn = attach_trace),
8614 SEC_DEF("fexit.s/", TRACING,
8615 .expected_attach_type = BPF_TRACE_FEXIT,
8616 .is_attach_btf = true,
8617 .is_sleepable = true,
8618 .attach_fn = attach_trace),
8619 SEC_DEF("freplace/", EXT,
8620 .is_attach_btf = true,
8621 .attach_fn = attach_trace),
8622 SEC_DEF("lsm/", LSM,
8623 .is_attach_btf = true,
8624 .expected_attach_type = BPF_LSM_MAC,
8625 .attach_fn = attach_lsm),
8626 SEC_DEF("lsm.s/", LSM,
8627 .is_attach_btf = true,
8628 .is_sleepable = true,
8629 .expected_attach_type = BPF_LSM_MAC,
8630 .attach_fn = attach_lsm),
8631 SEC_DEF("iter/", TRACING,
8632 .expected_attach_type = BPF_TRACE_ITER,
8633 .is_attach_btf = true,
8634 .attach_fn = attach_iter),
8635 BPF_EAPROG_SEC("xdp_devmap/", BPF_PROG_TYPE_XDP,
8637 BPF_EAPROG_SEC("xdp_cpumap/", BPF_PROG_TYPE_XDP,
8639 BPF_APROG_SEC("xdp", BPF_PROG_TYPE_XDP,
8641 BPF_PROG_SEC("perf_event", BPF_PROG_TYPE_PERF_EVENT),
8642 BPF_PROG_SEC("lwt_in", BPF_PROG_TYPE_LWT_IN),
8643 BPF_PROG_SEC("lwt_out", BPF_PROG_TYPE_LWT_OUT),
8644 BPF_PROG_SEC("lwt_xmit", BPF_PROG_TYPE_LWT_XMIT),
8645 BPF_PROG_SEC("lwt_seg6local", BPF_PROG_TYPE_LWT_SEG6LOCAL),
8646 BPF_APROG_SEC("cgroup_skb/ingress", BPF_PROG_TYPE_CGROUP_SKB,
8647 BPF_CGROUP_INET_INGRESS),
8648 BPF_APROG_SEC("cgroup_skb/egress", BPF_PROG_TYPE_CGROUP_SKB,
8649 BPF_CGROUP_INET_EGRESS),
8650 BPF_APROG_COMPAT("cgroup/skb", BPF_PROG_TYPE_CGROUP_SKB),
8651 BPF_EAPROG_SEC("cgroup/sock_create", BPF_PROG_TYPE_CGROUP_SOCK,
8652 BPF_CGROUP_INET_SOCK_CREATE),
8653 BPF_EAPROG_SEC("cgroup/sock_release", BPF_PROG_TYPE_CGROUP_SOCK,
8654 BPF_CGROUP_INET_SOCK_RELEASE),
8655 BPF_APROG_SEC("cgroup/sock", BPF_PROG_TYPE_CGROUP_SOCK,
8656 BPF_CGROUP_INET_SOCK_CREATE),
8657 BPF_EAPROG_SEC("cgroup/post_bind4", BPF_PROG_TYPE_CGROUP_SOCK,
8658 BPF_CGROUP_INET4_POST_BIND),
8659 BPF_EAPROG_SEC("cgroup/post_bind6", BPF_PROG_TYPE_CGROUP_SOCK,
8660 BPF_CGROUP_INET6_POST_BIND),
8661 BPF_APROG_SEC("cgroup/dev", BPF_PROG_TYPE_CGROUP_DEVICE,
8663 BPF_APROG_SEC("sockops", BPF_PROG_TYPE_SOCK_OPS,
8664 BPF_CGROUP_SOCK_OPS),
8665 BPF_APROG_SEC("sk_skb/stream_parser", BPF_PROG_TYPE_SK_SKB,
8666 BPF_SK_SKB_STREAM_PARSER),
8667 BPF_APROG_SEC("sk_skb/stream_verdict", BPF_PROG_TYPE_SK_SKB,
8668 BPF_SK_SKB_STREAM_VERDICT),
8669 BPF_APROG_COMPAT("sk_skb", BPF_PROG_TYPE_SK_SKB),
8670 BPF_APROG_SEC("sk_msg", BPF_PROG_TYPE_SK_MSG,
8671 BPF_SK_MSG_VERDICT),
8672 BPF_APROG_SEC("lirc_mode2", BPF_PROG_TYPE_LIRC_MODE2,
8674 BPF_APROG_SEC("flow_dissector", BPF_PROG_TYPE_FLOW_DISSECTOR,
8675 BPF_FLOW_DISSECTOR),
8676 BPF_EAPROG_SEC("cgroup/bind4", BPF_PROG_TYPE_CGROUP_SOCK_ADDR,
8677 BPF_CGROUP_INET4_BIND),
8678 BPF_EAPROG_SEC("cgroup/bind6", BPF_PROG_TYPE_CGROUP_SOCK_ADDR,
8679 BPF_CGROUP_INET6_BIND),
8680 BPF_EAPROG_SEC("cgroup/connect4", BPF_PROG_TYPE_CGROUP_SOCK_ADDR,
8681 BPF_CGROUP_INET4_CONNECT),
8682 BPF_EAPROG_SEC("cgroup/connect6", BPF_PROG_TYPE_CGROUP_SOCK_ADDR,
8683 BPF_CGROUP_INET6_CONNECT),
8684 BPF_EAPROG_SEC("cgroup/sendmsg4", BPF_PROG_TYPE_CGROUP_SOCK_ADDR,
8685 BPF_CGROUP_UDP4_SENDMSG),
8686 BPF_EAPROG_SEC("cgroup/sendmsg6", BPF_PROG_TYPE_CGROUP_SOCK_ADDR,
8687 BPF_CGROUP_UDP6_SENDMSG),
8688 BPF_EAPROG_SEC("cgroup/recvmsg4", BPF_PROG_TYPE_CGROUP_SOCK_ADDR,
8689 BPF_CGROUP_UDP4_RECVMSG),
8690 BPF_EAPROG_SEC("cgroup/recvmsg6", BPF_PROG_TYPE_CGROUP_SOCK_ADDR,
8691 BPF_CGROUP_UDP6_RECVMSG),
8692 BPF_EAPROG_SEC("cgroup/getpeername4", BPF_PROG_TYPE_CGROUP_SOCK_ADDR,
8693 BPF_CGROUP_INET4_GETPEERNAME),
8694 BPF_EAPROG_SEC("cgroup/getpeername6", BPF_PROG_TYPE_CGROUP_SOCK_ADDR,
8695 BPF_CGROUP_INET6_GETPEERNAME),
8696 BPF_EAPROG_SEC("cgroup/getsockname4", BPF_PROG_TYPE_CGROUP_SOCK_ADDR,
8697 BPF_CGROUP_INET4_GETSOCKNAME),
8698 BPF_EAPROG_SEC("cgroup/getsockname6", BPF_PROG_TYPE_CGROUP_SOCK_ADDR,
8699 BPF_CGROUP_INET6_GETSOCKNAME),
8700 BPF_EAPROG_SEC("cgroup/sysctl", BPF_PROG_TYPE_CGROUP_SYSCTL,
8702 BPF_EAPROG_SEC("cgroup/getsockopt", BPF_PROG_TYPE_CGROUP_SOCKOPT,
8703 BPF_CGROUP_GETSOCKOPT),
8704 BPF_EAPROG_SEC("cgroup/setsockopt", BPF_PROG_TYPE_CGROUP_SOCKOPT,
8705 BPF_CGROUP_SETSOCKOPT),
8706 BPF_PROG_SEC("struct_ops", BPF_PROG_TYPE_STRUCT_OPS),
8707 BPF_EAPROG_SEC("sk_lookup/", BPF_PROG_TYPE_SK_LOOKUP,
8711 #undef BPF_PROG_SEC_IMPL
8713 #undef BPF_APROG_SEC
8714 #undef BPF_EAPROG_SEC
8715 #undef BPF_APROG_COMPAT
8718 #define MAX_TYPE_NAME_SIZE 32
8720 static const struct bpf_sec_def *find_sec_def(const char *sec_name)
8722 int i, n = ARRAY_SIZE(section_defs);
8724 for (i = 0; i < n; i++) {
8725 if (strncmp(sec_name,
8726 section_defs[i].sec, section_defs[i].len))
8728 return §ion_defs[i];
8733 static char *libbpf_get_type_names(bool attach_type)
8735 int i, len = ARRAY_SIZE(section_defs) * MAX_TYPE_NAME_SIZE;
8743 /* Forge string buf with all available names */
8744 for (i = 0; i < ARRAY_SIZE(section_defs); i++) {
8745 if (attach_type && !section_defs[i].is_attachable)
8748 if (strlen(buf) + strlen(section_defs[i].sec) + 2 > len) {
8753 strcat(buf, section_defs[i].sec);
8759 int libbpf_prog_type_by_name(const char *name, enum bpf_prog_type *prog_type,
8760 enum bpf_attach_type *expected_attach_type)
8762 const struct bpf_sec_def *sec_def;
8768 sec_def = find_sec_def(name);
8770 *prog_type = sec_def->prog_type;
8771 *expected_attach_type = sec_def->expected_attach_type;
8775 pr_debug("failed to guess program type from ELF section '%s'\n", name);
8776 type_names = libbpf_get_type_names(false);
8777 if (type_names != NULL) {
8778 pr_debug("supported section(type) names are:%s\n", type_names);
8785 static struct bpf_map *find_struct_ops_map_by_offset(struct bpf_object *obj,
8788 struct bpf_map *map;
8791 for (i = 0; i < obj->nr_maps; i++) {
8792 map = &obj->maps[i];
8793 if (!bpf_map__is_struct_ops(map))
8795 if (map->sec_offset <= offset &&
8796 offset - map->sec_offset < map->def.value_size)
8803 /* Collect the reloc from ELF and populate the st_ops->progs[] */
8804 static int bpf_object__collect_st_ops_relos(struct bpf_object *obj,
8805 GElf_Shdr *shdr, Elf_Data *data)
8807 const struct btf_member *member;
8808 struct bpf_struct_ops *st_ops;
8809 struct bpf_program *prog;
8810 unsigned int shdr_idx;
8811 const struct btf *btf;
8812 struct bpf_map *map;
8814 unsigned int moff, insn_idx;
8821 symbols = obj->efile.symbols;
8823 nrels = shdr->sh_size / shdr->sh_entsize;
8824 for (i = 0; i < nrels; i++) {
8825 if (!gelf_getrel(data, i, &rel)) {
8826 pr_warn("struct_ops reloc: failed to get %d reloc\n", i);
8827 return -LIBBPF_ERRNO__FORMAT;
8830 if (!gelf_getsym(symbols, GELF_R_SYM(rel.r_info), &sym)) {
8831 pr_warn("struct_ops reloc: symbol %zx not found\n",
8832 (size_t)GELF_R_SYM(rel.r_info));
8833 return -LIBBPF_ERRNO__FORMAT;
8836 name = elf_sym_str(obj, sym.st_name) ?: "<?>";
8837 map = find_struct_ops_map_by_offset(obj, rel.r_offset);
8839 pr_warn("struct_ops reloc: cannot find map at rel.r_offset %zu\n",
8840 (size_t)rel.r_offset);
8844 moff = rel.r_offset - map->sec_offset;
8845 shdr_idx = sym.st_shndx;
8846 st_ops = map->st_ops;
8847 pr_debug("struct_ops reloc %s: for %lld value %lld shdr_idx %u rel.r_offset %zu map->sec_offset %zu name %d (\'%s\')\n",
8849 (long long)(rel.r_info >> 32),
8850 (long long)sym.st_value,
8851 shdr_idx, (size_t)rel.r_offset,
8852 map->sec_offset, sym.st_name, name);
8854 if (shdr_idx >= SHN_LORESERVE) {
8855 pr_warn("struct_ops reloc %s: rel.r_offset %zu shdr_idx %u unsupported non-static function\n",
8856 map->name, (size_t)rel.r_offset, shdr_idx);
8857 return -LIBBPF_ERRNO__RELOC;
8859 if (sym.st_value % BPF_INSN_SZ) {
8860 pr_warn("struct_ops reloc %s: invalid target program offset %llu\n",
8861 map->name, (unsigned long long)sym.st_value);
8862 return -LIBBPF_ERRNO__FORMAT;
8864 insn_idx = sym.st_value / BPF_INSN_SZ;
8866 member = find_member_by_offset(st_ops->type, moff * 8);
8868 pr_warn("struct_ops reloc %s: cannot find member at moff %u\n",
8872 member_idx = member - btf_members(st_ops->type);
8873 name = btf__name_by_offset(btf, member->name_off);
8875 if (!resolve_func_ptr(btf, member->type, NULL)) {
8876 pr_warn("struct_ops reloc %s: cannot relocate non func ptr %s\n",
8881 prog = find_prog_by_sec_insn(obj, shdr_idx, insn_idx);
8883 pr_warn("struct_ops reloc %s: cannot find prog at shdr_idx %u to relocate func ptr %s\n",
8884 map->name, shdr_idx, name);
8888 if (prog->type == BPF_PROG_TYPE_UNSPEC) {
8889 const struct bpf_sec_def *sec_def;
8891 sec_def = find_sec_def(prog->sec_name);
8893 sec_def->prog_type != BPF_PROG_TYPE_STRUCT_OPS) {
8895 prog->type = sec_def->prog_type;
8899 prog->type = BPF_PROG_TYPE_STRUCT_OPS;
8900 prog->attach_btf_id = st_ops->type_id;
8901 prog->expected_attach_type = member_idx;
8902 } else if (prog->type != BPF_PROG_TYPE_STRUCT_OPS ||
8903 prog->attach_btf_id != st_ops->type_id ||
8904 prog->expected_attach_type != member_idx) {
8907 st_ops->progs[member_idx] = prog;
8913 pr_warn("struct_ops reloc %s: cannot use prog %s in sec %s with type %u attach_btf_id %u expected_attach_type %u for func ptr %s\n",
8914 map->name, prog->name, prog->sec_name, prog->type,
8915 prog->attach_btf_id, prog->expected_attach_type, name);
8919 #define BTF_TRACE_PREFIX "btf_trace_"
8920 #define BTF_LSM_PREFIX "bpf_lsm_"
8921 #define BTF_ITER_PREFIX "bpf_iter_"
8922 #define BTF_MAX_NAME_SIZE 128
8924 static int find_btf_by_prefix_kind(const struct btf *btf, const char *prefix,
8925 const char *name, __u32 kind)
8927 char btf_type_name[BTF_MAX_NAME_SIZE];
8930 ret = snprintf(btf_type_name, sizeof(btf_type_name),
8931 "%s%s", prefix, name);
8932 /* snprintf returns the number of characters written excluding the
8933 * the terminating null. So, if >= BTF_MAX_NAME_SIZE are written, it
8934 * indicates truncation.
8936 if (ret < 0 || ret >= sizeof(btf_type_name))
8937 return -ENAMETOOLONG;
8938 return btf__find_by_name_kind(btf, btf_type_name, kind);
8941 static inline int find_attach_btf_id(struct btf *btf, const char *name,
8942 enum bpf_attach_type attach_type)
8946 if (attach_type == BPF_TRACE_RAW_TP)
8947 err = find_btf_by_prefix_kind(btf, BTF_TRACE_PREFIX, name,
8949 else if (attach_type == BPF_LSM_MAC)
8950 err = find_btf_by_prefix_kind(btf, BTF_LSM_PREFIX, name,
8952 else if (attach_type == BPF_TRACE_ITER)
8953 err = find_btf_by_prefix_kind(btf, BTF_ITER_PREFIX, name,
8956 err = btf__find_by_name_kind(btf, name, BTF_KIND_FUNC);
8961 int libbpf_find_vmlinux_btf_id(const char *name,
8962 enum bpf_attach_type attach_type)
8967 btf = libbpf_find_kernel_btf();
8969 pr_warn("vmlinux BTF is not found\n");
8973 err = find_attach_btf_id(btf, name, attach_type);
8975 pr_warn("%s is not found in vmlinux BTF\n", name);
8981 static int libbpf_find_prog_btf_id(const char *name, __u32 attach_prog_fd)
8983 struct bpf_prog_info_linear *info_linear;
8984 struct bpf_prog_info *info;
8985 struct btf *btf = NULL;
8988 info_linear = bpf_program__get_prog_info_linear(attach_prog_fd, 0);
8989 if (IS_ERR_OR_NULL(info_linear)) {
8990 pr_warn("failed get_prog_info_linear for FD %d\n",
8994 info = &info_linear->info;
8995 if (!info->btf_id) {
8996 pr_warn("The target program doesn't have BTF\n");
8999 if (btf__get_from_id(info->btf_id, &btf)) {
9000 pr_warn("Failed to get BTF of the program\n");
9003 err = btf__find_by_name_kind(btf, name, BTF_KIND_FUNC);
9006 pr_warn("%s is not found in prog's BTF\n", name);
9014 static int find_kernel_btf_id(struct bpf_object *obj, const char *attach_name,
9015 enum bpf_attach_type attach_type,
9016 int *btf_obj_fd, int *btf_type_id)
9020 ret = find_attach_btf_id(obj->btf_vmlinux, attach_name, attach_type);
9022 *btf_obj_fd = 0; /* vmlinux BTF */
9029 ret = load_module_btfs(obj);
9033 for (i = 0; i < obj->btf_module_cnt; i++) {
9034 const struct module_btf *mod = &obj->btf_modules[i];
9036 ret = find_attach_btf_id(mod->btf, attach_name, attach_type);
9038 *btf_obj_fd = mod->fd;
9051 static int libbpf_find_attach_btf_id(struct bpf_program *prog, int *btf_obj_fd, int *btf_type_id)
9053 enum bpf_attach_type attach_type = prog->expected_attach_type;
9054 __u32 attach_prog_fd = prog->attach_prog_fd;
9055 const char *name = prog->sec_name, *attach_name;
9056 const struct bpf_sec_def *sec = NULL;
9062 for (i = 0; i < ARRAY_SIZE(section_defs); i++) {
9063 if (!section_defs[i].is_attach_btf)
9065 if (strncmp(name, section_defs[i].sec, section_defs[i].len))
9068 sec = §ion_defs[i];
9073 pr_warn("failed to identify BTF ID based on ELF section name '%s'\n", name);
9076 attach_name = name + sec->len;
9078 /* BPF program's BTF ID */
9079 if (attach_prog_fd) {
9080 err = libbpf_find_prog_btf_id(attach_name, attach_prog_fd);
9082 pr_warn("failed to find BPF program (FD %d) BTF ID for '%s': %d\n",
9083 attach_prog_fd, attach_name, err);
9091 /* kernel/module BTF ID */
9092 err = find_kernel_btf_id(prog->obj, attach_name, attach_type, btf_obj_fd, btf_type_id);
9094 pr_warn("failed to find kernel BTF type ID of '%s': %d\n", attach_name, err);
9100 int libbpf_attach_type_by_name(const char *name,
9101 enum bpf_attach_type *attach_type)
9109 for (i = 0; i < ARRAY_SIZE(section_defs); i++) {
9110 if (strncmp(name, section_defs[i].sec, section_defs[i].len))
9112 if (!section_defs[i].is_attachable)
9114 *attach_type = section_defs[i].expected_attach_type;
9117 pr_debug("failed to guess attach type based on ELF section name '%s'\n", name);
9118 type_names = libbpf_get_type_names(true);
9119 if (type_names != NULL) {
9120 pr_debug("attachable section(type) names are:%s\n", type_names);
9127 int bpf_map__fd(const struct bpf_map *map)
9129 return map ? map->fd : -EINVAL;
9132 const struct bpf_map_def *bpf_map__def(const struct bpf_map *map)
9134 return map ? &map->def : ERR_PTR(-EINVAL);
9137 const char *bpf_map__name(const struct bpf_map *map)
9139 return map ? map->name : NULL;
9142 enum bpf_map_type bpf_map__type(const struct bpf_map *map)
9144 return map->def.type;
9147 int bpf_map__set_type(struct bpf_map *map, enum bpf_map_type type)
9151 map->def.type = type;
9155 __u32 bpf_map__map_flags(const struct bpf_map *map)
9157 return map->def.map_flags;
9160 int bpf_map__set_map_flags(struct bpf_map *map, __u32 flags)
9164 map->def.map_flags = flags;
9168 __u32 bpf_map__numa_node(const struct bpf_map *map)
9170 return map->numa_node;
9173 int bpf_map__set_numa_node(struct bpf_map *map, __u32 numa_node)
9177 map->numa_node = numa_node;
9181 __u32 bpf_map__key_size(const struct bpf_map *map)
9183 return map->def.key_size;
9186 int bpf_map__set_key_size(struct bpf_map *map, __u32 size)
9190 map->def.key_size = size;
9194 __u32 bpf_map__value_size(const struct bpf_map *map)
9196 return map->def.value_size;
9199 int bpf_map__set_value_size(struct bpf_map *map, __u32 size)
9203 map->def.value_size = size;
9207 __u32 bpf_map__btf_key_type_id(const struct bpf_map *map)
9209 return map ? map->btf_key_type_id : 0;
9212 __u32 bpf_map__btf_value_type_id(const struct bpf_map *map)
9214 return map ? map->btf_value_type_id : 0;
9217 int bpf_map__set_priv(struct bpf_map *map, void *priv,
9218 bpf_map_clear_priv_t clear_priv)
9224 if (map->clear_priv)
9225 map->clear_priv(map, map->priv);
9229 map->clear_priv = clear_priv;
9233 void *bpf_map__priv(const struct bpf_map *map)
9235 return map ? map->priv : ERR_PTR(-EINVAL);
9238 int bpf_map__set_initial_value(struct bpf_map *map,
9239 const void *data, size_t size)
9241 if (!map->mmaped || map->libbpf_type == LIBBPF_MAP_KCONFIG ||
9242 size != map->def.value_size || map->fd >= 0)
9245 memcpy(map->mmaped, data, size);
9249 bool bpf_map__is_offload_neutral(const struct bpf_map *map)
9251 return map->def.type == BPF_MAP_TYPE_PERF_EVENT_ARRAY;
9254 bool bpf_map__is_internal(const struct bpf_map *map)
9256 return map->libbpf_type != LIBBPF_MAP_UNSPEC;
9259 __u32 bpf_map__ifindex(const struct bpf_map *map)
9261 return map->map_ifindex;
9264 int bpf_map__set_ifindex(struct bpf_map *map, __u32 ifindex)
9268 map->map_ifindex = ifindex;
9272 int bpf_map__set_inner_map_fd(struct bpf_map *map, int fd)
9274 if (!bpf_map_type__is_map_in_map(map->def.type)) {
9275 pr_warn("error: unsupported map type\n");
9278 if (map->inner_map_fd != -1) {
9279 pr_warn("error: inner_map_fd already specified\n");
9282 map->inner_map_fd = fd;
9286 static struct bpf_map *
9287 __bpf_map__iter(const struct bpf_map *m, const struct bpf_object *obj, int i)
9290 struct bpf_map *s, *e;
9292 if (!obj || !obj->maps)
9296 e = obj->maps + obj->nr_maps;
9298 if ((m < s) || (m >= e)) {
9299 pr_warn("error in %s: map handler doesn't belong to object\n",
9304 idx = (m - obj->maps) + i;
9305 if (idx >= obj->nr_maps || idx < 0)
9307 return &obj->maps[idx];
9311 bpf_map__next(const struct bpf_map *prev, const struct bpf_object *obj)
9316 return __bpf_map__iter(prev, obj, 1);
9320 bpf_map__prev(const struct bpf_map *next, const struct bpf_object *obj)
9325 return obj->maps + obj->nr_maps - 1;
9328 return __bpf_map__iter(next, obj, -1);
9332 bpf_object__find_map_by_name(const struct bpf_object *obj, const char *name)
9334 struct bpf_map *pos;
9336 bpf_object__for_each_map(pos, obj) {
9337 if (pos->name && !strcmp(pos->name, name))
9344 bpf_object__find_map_fd_by_name(const struct bpf_object *obj, const char *name)
9346 return bpf_map__fd(bpf_object__find_map_by_name(obj, name));
9350 bpf_object__find_map_by_offset(struct bpf_object *obj, size_t offset)
9352 return ERR_PTR(-ENOTSUP);
9355 long libbpf_get_error(const void *ptr)
9357 return PTR_ERR_OR_ZERO(ptr);
9360 int bpf_prog_load(const char *file, enum bpf_prog_type type,
9361 struct bpf_object **pobj, int *prog_fd)
9363 struct bpf_prog_load_attr attr;
9365 memset(&attr, 0, sizeof(struct bpf_prog_load_attr));
9367 attr.prog_type = type;
9368 attr.expected_attach_type = 0;
9370 return bpf_prog_load_xattr(&attr, pobj, prog_fd);
9373 int bpf_prog_load_xattr(const struct bpf_prog_load_attr *attr,
9374 struct bpf_object **pobj, int *prog_fd)
9376 struct bpf_object_open_attr open_attr = {};
9377 struct bpf_program *prog, *first_prog = NULL;
9378 struct bpf_object *obj;
9379 struct bpf_map *map;
9387 open_attr.file = attr->file;
9388 open_attr.prog_type = attr->prog_type;
9390 obj = bpf_object__open_xattr(&open_attr);
9391 if (IS_ERR_OR_NULL(obj))
9394 bpf_object__for_each_program(prog, obj) {
9395 enum bpf_attach_type attach_type = attr->expected_attach_type;
9397 * to preserve backwards compatibility, bpf_prog_load treats
9398 * attr->prog_type, if specified, as an override to whatever
9399 * bpf_object__open guessed
9401 if (attr->prog_type != BPF_PROG_TYPE_UNSPEC) {
9402 bpf_program__set_type(prog, attr->prog_type);
9403 bpf_program__set_expected_attach_type(prog,
9406 if (bpf_program__get_type(prog) == BPF_PROG_TYPE_UNSPEC) {
9408 * we haven't guessed from section name and user
9409 * didn't provide a fallback type, too bad...
9411 bpf_object__close(obj);
9415 prog->prog_ifindex = attr->ifindex;
9416 prog->log_level = attr->log_level;
9417 prog->prog_flags |= attr->prog_flags;
9422 bpf_object__for_each_map(map, obj) {
9423 if (!bpf_map__is_offload_neutral(map))
9424 map->map_ifindex = attr->ifindex;
9428 pr_warn("object file doesn't contain bpf program\n");
9429 bpf_object__close(obj);
9433 err = bpf_object__load(obj);
9435 bpf_object__close(obj);
9440 *prog_fd = bpf_program__fd(first_prog);
9445 int (*detach)(struct bpf_link *link);
9446 int (*destroy)(struct bpf_link *link);
9447 char *pin_path; /* NULL, if not pinned */
9448 int fd; /* hook FD, -1 if not applicable */
9452 /* Replace link's underlying BPF program with the new one */
9453 int bpf_link__update_program(struct bpf_link *link, struct bpf_program *prog)
9455 return bpf_link_update(bpf_link__fd(link), bpf_program__fd(prog), NULL);
9458 /* Release "ownership" of underlying BPF resource (typically, BPF program
9459 * attached to some BPF hook, e.g., tracepoint, kprobe, etc). Disconnected
9460 * link, when destructed through bpf_link__destroy() call won't attempt to
9461 * detach/unregisted that BPF resource. This is useful in situations where,
9462 * say, attached BPF program has to outlive userspace program that attached it
9463 * in the system. Depending on type of BPF program, though, there might be
9464 * additional steps (like pinning BPF program in BPF FS) necessary to ensure
9465 * exit of userspace program doesn't trigger automatic detachment and clean up
9466 * inside the kernel.
9468 void bpf_link__disconnect(struct bpf_link *link)
9470 link->disconnected = true;
9473 int bpf_link__destroy(struct bpf_link *link)
9477 if (IS_ERR_OR_NULL(link))
9480 if (!link->disconnected && link->detach)
9481 err = link->detach(link);
9483 link->destroy(link);
9485 free(link->pin_path);
9491 int bpf_link__fd(const struct bpf_link *link)
9496 const char *bpf_link__pin_path(const struct bpf_link *link)
9498 return link->pin_path;
9501 static int bpf_link__detach_fd(struct bpf_link *link)
9503 return close(link->fd);
9506 struct bpf_link *bpf_link__open(const char *path)
9508 struct bpf_link *link;
9511 fd = bpf_obj_get(path);
9514 pr_warn("failed to open link at %s: %d\n", path, fd);
9518 link = calloc(1, sizeof(*link));
9521 return ERR_PTR(-ENOMEM);
9523 link->detach = &bpf_link__detach_fd;
9526 link->pin_path = strdup(path);
9527 if (!link->pin_path) {
9528 bpf_link__destroy(link);
9529 return ERR_PTR(-ENOMEM);
9535 int bpf_link__detach(struct bpf_link *link)
9537 return bpf_link_detach(link->fd) ? -errno : 0;
9540 int bpf_link__pin(struct bpf_link *link, const char *path)
9546 err = make_parent_dir(path);
9549 err = check_path(path);
9553 link->pin_path = strdup(path);
9554 if (!link->pin_path)
9557 if (bpf_obj_pin(link->fd, link->pin_path)) {
9559 zfree(&link->pin_path);
9563 pr_debug("link fd=%d: pinned at %s\n", link->fd, link->pin_path);
9567 int bpf_link__unpin(struct bpf_link *link)
9571 if (!link->pin_path)
9574 err = unlink(link->pin_path);
9578 pr_debug("link fd=%d: unpinned from %s\n", link->fd, link->pin_path);
9579 zfree(&link->pin_path);
9583 static int bpf_link__detach_perf_event(struct bpf_link *link)
9587 err = ioctl(link->fd, PERF_EVENT_IOC_DISABLE, 0);
9595 struct bpf_link *bpf_program__attach_perf_event(struct bpf_program *prog,
9598 char errmsg[STRERR_BUFSIZE];
9599 struct bpf_link *link;
9603 pr_warn("prog '%s': invalid perf event FD %d\n",
9605 return ERR_PTR(-EINVAL);
9607 prog_fd = bpf_program__fd(prog);
9609 pr_warn("prog '%s': can't attach BPF program w/o FD (did you load it?)\n",
9611 return ERR_PTR(-EINVAL);
9614 link = calloc(1, sizeof(*link));
9616 return ERR_PTR(-ENOMEM);
9617 link->detach = &bpf_link__detach_perf_event;
9620 if (ioctl(pfd, PERF_EVENT_IOC_SET_BPF, prog_fd) < 0) {
9623 pr_warn("prog '%s': failed to attach to pfd %d: %s\n",
9624 prog->name, pfd, libbpf_strerror_r(err, errmsg, sizeof(errmsg)));
9626 pr_warn("prog '%s': try add PERF_SAMPLE_CALLCHAIN to or remove exclude_callchain_[kernel|user] from pfd %d\n",
9628 return ERR_PTR(err);
9630 if (ioctl(pfd, PERF_EVENT_IOC_ENABLE, 0) < 0) {
9633 pr_warn("prog '%s': failed to enable pfd %d: %s\n",
9634 prog->name, pfd, libbpf_strerror_r(err, errmsg, sizeof(errmsg)));
9635 return ERR_PTR(err);
9641 * this function is expected to parse integer in the range of [0, 2^31-1] from
9642 * given file using scanf format string fmt. If actual parsed value is
9643 * negative, the result might be indistinguishable from error
9645 static int parse_uint_from_file(const char *file, const char *fmt)
9647 char buf[STRERR_BUFSIZE];
9651 f = fopen(file, "r");
9654 pr_debug("failed to open '%s': %s\n", file,
9655 libbpf_strerror_r(err, buf, sizeof(buf)));
9658 err = fscanf(f, fmt, &ret);
9660 err = err == EOF ? -EIO : -errno;
9661 pr_debug("failed to parse '%s': %s\n", file,
9662 libbpf_strerror_r(err, buf, sizeof(buf)));
9670 static int determine_kprobe_perf_type(void)
9672 const char *file = "/sys/bus/event_source/devices/kprobe/type";
9674 return parse_uint_from_file(file, "%d\n");
9677 static int determine_uprobe_perf_type(void)
9679 const char *file = "/sys/bus/event_source/devices/uprobe/type";
9681 return parse_uint_from_file(file, "%d\n");
9684 static int determine_kprobe_retprobe_bit(void)
9686 const char *file = "/sys/bus/event_source/devices/kprobe/format/retprobe";
9688 return parse_uint_from_file(file, "config:%d\n");
9691 static int determine_uprobe_retprobe_bit(void)
9693 const char *file = "/sys/bus/event_source/devices/uprobe/format/retprobe";
9695 return parse_uint_from_file(file, "config:%d\n");
9698 static int perf_event_open_probe(bool uprobe, bool retprobe, const char *name,
9699 uint64_t offset, int pid)
9701 struct perf_event_attr attr = {};
9702 char errmsg[STRERR_BUFSIZE];
9705 type = uprobe ? determine_uprobe_perf_type()
9706 : determine_kprobe_perf_type();
9708 pr_warn("failed to determine %s perf type: %s\n",
9709 uprobe ? "uprobe" : "kprobe",
9710 libbpf_strerror_r(type, errmsg, sizeof(errmsg)));
9714 int bit = uprobe ? determine_uprobe_retprobe_bit()
9715 : determine_kprobe_retprobe_bit();
9718 pr_warn("failed to determine %s retprobe bit: %s\n",
9719 uprobe ? "uprobe" : "kprobe",
9720 libbpf_strerror_r(bit, errmsg, sizeof(errmsg)));
9723 attr.config |= 1 << bit;
9725 attr.size = sizeof(attr);
9727 attr.config1 = ptr_to_u64(name); /* kprobe_func or uprobe_path */
9728 attr.config2 = offset; /* kprobe_addr or probe_offset */
9730 /* pid filter is meaningful only for uprobes */
9731 pfd = syscall(__NR_perf_event_open, &attr,
9732 pid < 0 ? -1 : pid /* pid */,
9733 pid == -1 ? 0 : -1 /* cpu */,
9734 -1 /* group_fd */, PERF_FLAG_FD_CLOEXEC);
9737 pr_warn("%s perf_event_open() failed: %s\n",
9738 uprobe ? "uprobe" : "kprobe",
9739 libbpf_strerror_r(err, errmsg, sizeof(errmsg)));
9745 struct bpf_link *bpf_program__attach_kprobe(struct bpf_program *prog,
9747 const char *func_name)
9749 char errmsg[STRERR_BUFSIZE];
9750 struct bpf_link *link;
9753 pfd = perf_event_open_probe(false /* uprobe */, retprobe, func_name,
9754 0 /* offset */, -1 /* pid */);
9756 pr_warn("prog '%s': failed to create %s '%s' perf event: %s\n",
9757 prog->name, retprobe ? "kretprobe" : "kprobe", func_name,
9758 libbpf_strerror_r(pfd, errmsg, sizeof(errmsg)));
9759 return ERR_PTR(pfd);
9761 link = bpf_program__attach_perf_event(prog, pfd);
9764 err = PTR_ERR(link);
9765 pr_warn("prog '%s': failed to attach to %s '%s': %s\n",
9766 prog->name, retprobe ? "kretprobe" : "kprobe", func_name,
9767 libbpf_strerror_r(err, errmsg, sizeof(errmsg)));
9773 static struct bpf_link *attach_kprobe(const struct bpf_sec_def *sec,
9774 struct bpf_program *prog)
9776 const char *func_name;
9779 func_name = prog->sec_name + sec->len;
9780 retprobe = strcmp(sec->sec, "kretprobe/") == 0;
9782 return bpf_program__attach_kprobe(prog, retprobe, func_name);
9785 struct bpf_link *bpf_program__attach_uprobe(struct bpf_program *prog,
9786 bool retprobe, pid_t pid,
9787 const char *binary_path,
9790 char errmsg[STRERR_BUFSIZE];
9791 struct bpf_link *link;
9794 pfd = perf_event_open_probe(true /* uprobe */, retprobe,
9795 binary_path, func_offset, pid);
9797 pr_warn("prog '%s': failed to create %s '%s:0x%zx' perf event: %s\n",
9798 prog->name, retprobe ? "uretprobe" : "uprobe",
9799 binary_path, func_offset,
9800 libbpf_strerror_r(pfd, errmsg, sizeof(errmsg)));
9801 return ERR_PTR(pfd);
9803 link = bpf_program__attach_perf_event(prog, pfd);
9806 err = PTR_ERR(link);
9807 pr_warn("prog '%s': failed to attach to %s '%s:0x%zx': %s\n",
9808 prog->name, retprobe ? "uretprobe" : "uprobe",
9809 binary_path, func_offset,
9810 libbpf_strerror_r(err, errmsg, sizeof(errmsg)));
9816 static int determine_tracepoint_id(const char *tp_category,
9817 const char *tp_name)
9819 char file[PATH_MAX];
9822 ret = snprintf(file, sizeof(file),
9823 "/sys/kernel/debug/tracing/events/%s/%s/id",
9824 tp_category, tp_name);
9827 if (ret >= sizeof(file)) {
9828 pr_debug("tracepoint %s/%s path is too long\n",
9829 tp_category, tp_name);
9832 return parse_uint_from_file(file, "%d\n");
9835 static int perf_event_open_tracepoint(const char *tp_category,
9836 const char *tp_name)
9838 struct perf_event_attr attr = {};
9839 char errmsg[STRERR_BUFSIZE];
9840 int tp_id, pfd, err;
9842 tp_id = determine_tracepoint_id(tp_category, tp_name);
9844 pr_warn("failed to determine tracepoint '%s/%s' perf event ID: %s\n",
9845 tp_category, tp_name,
9846 libbpf_strerror_r(tp_id, errmsg, sizeof(errmsg)));
9850 attr.type = PERF_TYPE_TRACEPOINT;
9851 attr.size = sizeof(attr);
9852 attr.config = tp_id;
9854 pfd = syscall(__NR_perf_event_open, &attr, -1 /* pid */, 0 /* cpu */,
9855 -1 /* group_fd */, PERF_FLAG_FD_CLOEXEC);
9858 pr_warn("tracepoint '%s/%s' perf_event_open() failed: %s\n",
9859 tp_category, tp_name,
9860 libbpf_strerror_r(err, errmsg, sizeof(errmsg)));
9866 struct bpf_link *bpf_program__attach_tracepoint(struct bpf_program *prog,
9867 const char *tp_category,
9868 const char *tp_name)
9870 char errmsg[STRERR_BUFSIZE];
9871 struct bpf_link *link;
9874 pfd = perf_event_open_tracepoint(tp_category, tp_name);
9876 pr_warn("prog '%s': failed to create tracepoint '%s/%s' perf event: %s\n",
9877 prog->name, tp_category, tp_name,
9878 libbpf_strerror_r(pfd, errmsg, sizeof(errmsg)));
9879 return ERR_PTR(pfd);
9881 link = bpf_program__attach_perf_event(prog, pfd);
9884 err = PTR_ERR(link);
9885 pr_warn("prog '%s': failed to attach to tracepoint '%s/%s': %s\n",
9886 prog->name, tp_category, tp_name,
9887 libbpf_strerror_r(err, errmsg, sizeof(errmsg)));
9893 static struct bpf_link *attach_tp(const struct bpf_sec_def *sec,
9894 struct bpf_program *prog)
9896 char *sec_name, *tp_cat, *tp_name;
9897 struct bpf_link *link;
9899 sec_name = strdup(prog->sec_name);
9901 return ERR_PTR(-ENOMEM);
9903 /* extract "tp/<category>/<name>" */
9904 tp_cat = sec_name + sec->len;
9905 tp_name = strchr(tp_cat, '/');
9907 link = ERR_PTR(-EINVAL);
9913 link = bpf_program__attach_tracepoint(prog, tp_cat, tp_name);
9919 struct bpf_link *bpf_program__attach_raw_tracepoint(struct bpf_program *prog,
9920 const char *tp_name)
9922 char errmsg[STRERR_BUFSIZE];
9923 struct bpf_link *link;
9926 prog_fd = bpf_program__fd(prog);
9928 pr_warn("prog '%s': can't attach before loaded\n", prog->name);
9929 return ERR_PTR(-EINVAL);
9932 link = calloc(1, sizeof(*link));
9934 return ERR_PTR(-ENOMEM);
9935 link->detach = &bpf_link__detach_fd;
9937 pfd = bpf_raw_tracepoint_open(tp_name, prog_fd);
9941 pr_warn("prog '%s': failed to attach to raw tracepoint '%s': %s\n",
9942 prog->name, tp_name, libbpf_strerror_r(pfd, errmsg, sizeof(errmsg)));
9943 return ERR_PTR(pfd);
9949 static struct bpf_link *attach_raw_tp(const struct bpf_sec_def *sec,
9950 struct bpf_program *prog)
9952 const char *tp_name = prog->sec_name + sec->len;
9954 return bpf_program__attach_raw_tracepoint(prog, tp_name);
9957 /* Common logic for all BPF program types that attach to a btf_id */
9958 static struct bpf_link *bpf_program__attach_btf_id(struct bpf_program *prog)
9960 char errmsg[STRERR_BUFSIZE];
9961 struct bpf_link *link;
9964 prog_fd = bpf_program__fd(prog);
9966 pr_warn("prog '%s': can't attach before loaded\n", prog->name);
9967 return ERR_PTR(-EINVAL);
9970 link = calloc(1, sizeof(*link));
9972 return ERR_PTR(-ENOMEM);
9973 link->detach = &bpf_link__detach_fd;
9975 pfd = bpf_raw_tracepoint_open(NULL, prog_fd);
9979 pr_warn("prog '%s': failed to attach: %s\n",
9980 prog->name, libbpf_strerror_r(pfd, errmsg, sizeof(errmsg)));
9981 return ERR_PTR(pfd);
9984 return (struct bpf_link *)link;
9987 struct bpf_link *bpf_program__attach_trace(struct bpf_program *prog)
9989 return bpf_program__attach_btf_id(prog);
9992 struct bpf_link *bpf_program__attach_lsm(struct bpf_program *prog)
9994 return bpf_program__attach_btf_id(prog);
9997 static struct bpf_link *attach_trace(const struct bpf_sec_def *sec,
9998 struct bpf_program *prog)
10000 return bpf_program__attach_trace(prog);
10003 static struct bpf_link *attach_lsm(const struct bpf_sec_def *sec,
10004 struct bpf_program *prog)
10006 return bpf_program__attach_lsm(prog);
10009 static struct bpf_link *attach_iter(const struct bpf_sec_def *sec,
10010 struct bpf_program *prog)
10012 return bpf_program__attach_iter(prog, NULL);
10015 static struct bpf_link *
10016 bpf_program__attach_fd(struct bpf_program *prog, int target_fd, int btf_id,
10017 const char *target_name)
10019 DECLARE_LIBBPF_OPTS(bpf_link_create_opts, opts,
10020 .target_btf_id = btf_id);
10021 enum bpf_attach_type attach_type;
10022 char errmsg[STRERR_BUFSIZE];
10023 struct bpf_link *link;
10024 int prog_fd, link_fd;
10026 prog_fd = bpf_program__fd(prog);
10028 pr_warn("prog '%s': can't attach before loaded\n", prog->name);
10029 return ERR_PTR(-EINVAL);
10032 link = calloc(1, sizeof(*link));
10034 return ERR_PTR(-ENOMEM);
10035 link->detach = &bpf_link__detach_fd;
10037 attach_type = bpf_program__get_expected_attach_type(prog);
10038 link_fd = bpf_link_create(prog_fd, target_fd, attach_type, &opts);
10042 pr_warn("prog '%s': failed to attach to %s: %s\n",
10043 prog->name, target_name,
10044 libbpf_strerror_r(link_fd, errmsg, sizeof(errmsg)));
10045 return ERR_PTR(link_fd);
10047 link->fd = link_fd;
10052 bpf_program__attach_cgroup(struct bpf_program *prog, int cgroup_fd)
10054 return bpf_program__attach_fd(prog, cgroup_fd, 0, "cgroup");
10058 bpf_program__attach_netns(struct bpf_program *prog, int netns_fd)
10060 return bpf_program__attach_fd(prog, netns_fd, 0, "netns");
10063 struct bpf_link *bpf_program__attach_xdp(struct bpf_program *prog, int ifindex)
10065 /* target_fd/target_ifindex use the same field in LINK_CREATE */
10066 return bpf_program__attach_fd(prog, ifindex, 0, "xdp");
10069 struct bpf_link *bpf_program__attach_freplace(struct bpf_program *prog,
10071 const char *attach_func_name)
10075 if (!!target_fd != !!attach_func_name) {
10076 pr_warn("prog '%s': supply none or both of target_fd and attach_func_name\n",
10078 return ERR_PTR(-EINVAL);
10081 if (prog->type != BPF_PROG_TYPE_EXT) {
10082 pr_warn("prog '%s': only BPF_PROG_TYPE_EXT can attach as freplace",
10084 return ERR_PTR(-EINVAL);
10088 btf_id = libbpf_find_prog_btf_id(attach_func_name, target_fd);
10090 return ERR_PTR(btf_id);
10092 return bpf_program__attach_fd(prog, target_fd, btf_id, "freplace");
10094 /* no target, so use raw_tracepoint_open for compatibility
10097 return bpf_program__attach_trace(prog);
10102 bpf_program__attach_iter(struct bpf_program *prog,
10103 const struct bpf_iter_attach_opts *opts)
10105 DECLARE_LIBBPF_OPTS(bpf_link_create_opts, link_create_opts);
10106 char errmsg[STRERR_BUFSIZE];
10107 struct bpf_link *link;
10108 int prog_fd, link_fd;
10109 __u32 target_fd = 0;
10111 if (!OPTS_VALID(opts, bpf_iter_attach_opts))
10112 return ERR_PTR(-EINVAL);
10114 link_create_opts.iter_info = OPTS_GET(opts, link_info, (void *)0);
10115 link_create_opts.iter_info_len = OPTS_GET(opts, link_info_len, 0);
10117 prog_fd = bpf_program__fd(prog);
10119 pr_warn("prog '%s': can't attach before loaded\n", prog->name);
10120 return ERR_PTR(-EINVAL);
10123 link = calloc(1, sizeof(*link));
10125 return ERR_PTR(-ENOMEM);
10126 link->detach = &bpf_link__detach_fd;
10128 link_fd = bpf_link_create(prog_fd, target_fd, BPF_TRACE_ITER,
10129 &link_create_opts);
10133 pr_warn("prog '%s': failed to attach to iterator: %s\n",
10134 prog->name, libbpf_strerror_r(link_fd, errmsg, sizeof(errmsg)));
10135 return ERR_PTR(link_fd);
10137 link->fd = link_fd;
10141 struct bpf_link *bpf_program__attach(struct bpf_program *prog)
10143 const struct bpf_sec_def *sec_def;
10145 sec_def = find_sec_def(prog->sec_name);
10146 if (!sec_def || !sec_def->attach_fn)
10147 return ERR_PTR(-ESRCH);
10149 return sec_def->attach_fn(sec_def, prog);
10152 static int bpf_link__detach_struct_ops(struct bpf_link *link)
10156 if (bpf_map_delete_elem(link->fd, &zero))
10162 struct bpf_link *bpf_map__attach_struct_ops(struct bpf_map *map)
10164 struct bpf_struct_ops *st_ops;
10165 struct bpf_link *link;
10169 if (!bpf_map__is_struct_ops(map) || map->fd == -1)
10170 return ERR_PTR(-EINVAL);
10172 link = calloc(1, sizeof(*link));
10174 return ERR_PTR(-EINVAL);
10176 st_ops = map->st_ops;
10177 for (i = 0; i < btf_vlen(st_ops->type); i++) {
10178 struct bpf_program *prog = st_ops->progs[i];
10185 prog_fd = bpf_program__fd(prog);
10186 kern_data = st_ops->kern_vdata + st_ops->kern_func_off[i];
10187 *(unsigned long *)kern_data = prog_fd;
10190 err = bpf_map_update_elem(map->fd, &zero, st_ops->kern_vdata, 0);
10194 return ERR_PTR(err);
10197 link->detach = bpf_link__detach_struct_ops;
10198 link->fd = map->fd;
10203 enum bpf_perf_event_ret
10204 bpf_perf_event_read_simple(void *mmap_mem, size_t mmap_size, size_t page_size,
10205 void **copy_mem, size_t *copy_size,
10206 bpf_perf_event_print_t fn, void *private_data)
10208 struct perf_event_mmap_page *header = mmap_mem;
10209 __u64 data_head = ring_buffer_read_head(header);
10210 __u64 data_tail = header->data_tail;
10211 void *base = ((__u8 *)header) + page_size;
10212 int ret = LIBBPF_PERF_EVENT_CONT;
10213 struct perf_event_header *ehdr;
10216 while (data_head != data_tail) {
10217 ehdr = base + (data_tail & (mmap_size - 1));
10218 ehdr_size = ehdr->size;
10220 if (((void *)ehdr) + ehdr_size > base + mmap_size) {
10221 void *copy_start = ehdr;
10222 size_t len_first = base + mmap_size - copy_start;
10223 size_t len_secnd = ehdr_size - len_first;
10225 if (*copy_size < ehdr_size) {
10227 *copy_mem = malloc(ehdr_size);
10230 ret = LIBBPF_PERF_EVENT_ERROR;
10233 *copy_size = ehdr_size;
10236 memcpy(*copy_mem, copy_start, len_first);
10237 memcpy(*copy_mem + len_first, base, len_secnd);
10241 ret = fn(ehdr, private_data);
10242 data_tail += ehdr_size;
10243 if (ret != LIBBPF_PERF_EVENT_CONT)
10247 ring_buffer_write_tail(header, data_tail);
10251 struct perf_buffer;
10253 struct perf_buffer_params {
10254 struct perf_event_attr *attr;
10255 /* if event_cb is specified, it takes precendence */
10256 perf_buffer_event_fn event_cb;
10257 /* sample_cb and lost_cb are higher-level common-case callbacks */
10258 perf_buffer_sample_fn sample_cb;
10259 perf_buffer_lost_fn lost_cb;
10266 struct perf_cpu_buf {
10267 struct perf_buffer *pb;
10268 void *base; /* mmap()'ed memory */
10269 void *buf; /* for reconstructing segmented data */
10276 struct perf_buffer {
10277 perf_buffer_event_fn event_cb;
10278 perf_buffer_sample_fn sample_cb;
10279 perf_buffer_lost_fn lost_cb;
10280 void *ctx; /* passed into callbacks */
10284 struct perf_cpu_buf **cpu_bufs;
10285 struct epoll_event *events;
10286 int cpu_cnt; /* number of allocated CPU buffers */
10287 int epoll_fd; /* perf event FD */
10288 int map_fd; /* BPF_MAP_TYPE_PERF_EVENT_ARRAY BPF map FD */
10291 static void perf_buffer__free_cpu_buf(struct perf_buffer *pb,
10292 struct perf_cpu_buf *cpu_buf)
10296 if (cpu_buf->base &&
10297 munmap(cpu_buf->base, pb->mmap_size + pb->page_size))
10298 pr_warn("failed to munmap cpu_buf #%d\n", cpu_buf->cpu);
10299 if (cpu_buf->fd >= 0) {
10300 ioctl(cpu_buf->fd, PERF_EVENT_IOC_DISABLE, 0);
10301 close(cpu_buf->fd);
10303 free(cpu_buf->buf);
10307 void perf_buffer__free(struct perf_buffer *pb)
10311 if (IS_ERR_OR_NULL(pb))
10313 if (pb->cpu_bufs) {
10314 for (i = 0; i < pb->cpu_cnt; i++) {
10315 struct perf_cpu_buf *cpu_buf = pb->cpu_bufs[i];
10320 bpf_map_delete_elem(pb->map_fd, &cpu_buf->map_key);
10321 perf_buffer__free_cpu_buf(pb, cpu_buf);
10323 free(pb->cpu_bufs);
10325 if (pb->epoll_fd >= 0)
10326 close(pb->epoll_fd);
10331 static struct perf_cpu_buf *
10332 perf_buffer__open_cpu_buf(struct perf_buffer *pb, struct perf_event_attr *attr,
10333 int cpu, int map_key)
10335 struct perf_cpu_buf *cpu_buf;
10336 char msg[STRERR_BUFSIZE];
10339 cpu_buf = calloc(1, sizeof(*cpu_buf));
10341 return ERR_PTR(-ENOMEM);
10344 cpu_buf->cpu = cpu;
10345 cpu_buf->map_key = map_key;
10347 cpu_buf->fd = syscall(__NR_perf_event_open, attr, -1 /* pid */, cpu,
10348 -1, PERF_FLAG_FD_CLOEXEC);
10349 if (cpu_buf->fd < 0) {
10351 pr_warn("failed to open perf buffer event on cpu #%d: %s\n",
10352 cpu, libbpf_strerror_r(err, msg, sizeof(msg)));
10356 cpu_buf->base = mmap(NULL, pb->mmap_size + pb->page_size,
10357 PROT_READ | PROT_WRITE, MAP_SHARED,
10359 if (cpu_buf->base == MAP_FAILED) {
10360 cpu_buf->base = NULL;
10362 pr_warn("failed to mmap perf buffer on cpu #%d: %s\n",
10363 cpu, libbpf_strerror_r(err, msg, sizeof(msg)));
10367 if (ioctl(cpu_buf->fd, PERF_EVENT_IOC_ENABLE, 0) < 0) {
10369 pr_warn("failed to enable perf buffer event on cpu #%d: %s\n",
10370 cpu, libbpf_strerror_r(err, msg, sizeof(msg)));
10377 perf_buffer__free_cpu_buf(pb, cpu_buf);
10378 return (struct perf_cpu_buf *)ERR_PTR(err);
10381 static struct perf_buffer *__perf_buffer__new(int map_fd, size_t page_cnt,
10382 struct perf_buffer_params *p);
10384 struct perf_buffer *perf_buffer__new(int map_fd, size_t page_cnt,
10385 const struct perf_buffer_opts *opts)
10387 struct perf_buffer_params p = {};
10388 struct perf_event_attr attr = { 0, };
10390 attr.config = PERF_COUNT_SW_BPF_OUTPUT;
10391 attr.type = PERF_TYPE_SOFTWARE;
10392 attr.sample_type = PERF_SAMPLE_RAW;
10393 attr.sample_period = 1;
10394 attr.wakeup_events = 1;
10397 p.sample_cb = opts ? opts->sample_cb : NULL;
10398 p.lost_cb = opts ? opts->lost_cb : NULL;
10399 p.ctx = opts ? opts->ctx : NULL;
10401 return __perf_buffer__new(map_fd, page_cnt, &p);
10404 struct perf_buffer *
10405 perf_buffer__new_raw(int map_fd, size_t page_cnt,
10406 const struct perf_buffer_raw_opts *opts)
10408 struct perf_buffer_params p = {};
10410 p.attr = opts->attr;
10411 p.event_cb = opts->event_cb;
10413 p.cpu_cnt = opts->cpu_cnt;
10414 p.cpus = opts->cpus;
10415 p.map_keys = opts->map_keys;
10417 return __perf_buffer__new(map_fd, page_cnt, &p);
10420 static struct perf_buffer *__perf_buffer__new(int map_fd, size_t page_cnt,
10421 struct perf_buffer_params *p)
10423 const char *online_cpus_file = "/sys/devices/system/cpu/online";
10424 struct bpf_map_info map;
10425 char msg[STRERR_BUFSIZE];
10426 struct perf_buffer *pb;
10427 bool *online = NULL;
10428 __u32 map_info_len;
10431 if (page_cnt & (page_cnt - 1)) {
10432 pr_warn("page count should be power of two, but is %zu\n",
10434 return ERR_PTR(-EINVAL);
10437 /* best-effort sanity checks */
10438 memset(&map, 0, sizeof(map));
10439 map_info_len = sizeof(map);
10440 err = bpf_obj_get_info_by_fd(map_fd, &map, &map_info_len);
10443 /* if BPF_OBJ_GET_INFO_BY_FD is supported, will return
10444 * -EBADFD, -EFAULT, or -E2BIG on real error
10446 if (err != -EINVAL) {
10447 pr_warn("failed to get map info for map FD %d: %s\n",
10448 map_fd, libbpf_strerror_r(err, msg, sizeof(msg)));
10449 return ERR_PTR(err);
10451 pr_debug("failed to get map info for FD %d; API not supported? Ignoring...\n",
10454 if (map.type != BPF_MAP_TYPE_PERF_EVENT_ARRAY) {
10455 pr_warn("map '%s' should be BPF_MAP_TYPE_PERF_EVENT_ARRAY\n",
10457 return ERR_PTR(-EINVAL);
10461 pb = calloc(1, sizeof(*pb));
10463 return ERR_PTR(-ENOMEM);
10465 pb->event_cb = p->event_cb;
10466 pb->sample_cb = p->sample_cb;
10467 pb->lost_cb = p->lost_cb;
10470 pb->page_size = getpagesize();
10471 pb->mmap_size = pb->page_size * page_cnt;
10472 pb->map_fd = map_fd;
10474 pb->epoll_fd = epoll_create1(EPOLL_CLOEXEC);
10475 if (pb->epoll_fd < 0) {
10477 pr_warn("failed to create epoll instance: %s\n",
10478 libbpf_strerror_r(err, msg, sizeof(msg)));
10482 if (p->cpu_cnt > 0) {
10483 pb->cpu_cnt = p->cpu_cnt;
10485 pb->cpu_cnt = libbpf_num_possible_cpus();
10486 if (pb->cpu_cnt < 0) {
10490 if (map.max_entries && map.max_entries < pb->cpu_cnt)
10491 pb->cpu_cnt = map.max_entries;
10494 pb->events = calloc(pb->cpu_cnt, sizeof(*pb->events));
10497 pr_warn("failed to allocate events: out of memory\n");
10500 pb->cpu_bufs = calloc(pb->cpu_cnt, sizeof(*pb->cpu_bufs));
10501 if (!pb->cpu_bufs) {
10503 pr_warn("failed to allocate buffers: out of memory\n");
10507 err = parse_cpu_mask_file(online_cpus_file, &online, &n);
10509 pr_warn("failed to get online CPU mask: %d\n", err);
10513 for (i = 0, j = 0; i < pb->cpu_cnt; i++) {
10514 struct perf_cpu_buf *cpu_buf;
10517 cpu = p->cpu_cnt > 0 ? p->cpus[i] : i;
10518 map_key = p->cpu_cnt > 0 ? p->map_keys[i] : i;
10520 /* in case user didn't explicitly requested particular CPUs to
10521 * be attached to, skip offline/not present CPUs
10523 if (p->cpu_cnt <= 0 && (cpu >= n || !online[cpu]))
10526 cpu_buf = perf_buffer__open_cpu_buf(pb, p->attr, cpu, map_key);
10527 if (IS_ERR(cpu_buf)) {
10528 err = PTR_ERR(cpu_buf);
10532 pb->cpu_bufs[j] = cpu_buf;
10534 err = bpf_map_update_elem(pb->map_fd, &map_key,
10538 pr_warn("failed to set cpu #%d, key %d -> perf FD %d: %s\n",
10539 cpu, map_key, cpu_buf->fd,
10540 libbpf_strerror_r(err, msg, sizeof(msg)));
10544 pb->events[j].events = EPOLLIN;
10545 pb->events[j].data.ptr = cpu_buf;
10546 if (epoll_ctl(pb->epoll_fd, EPOLL_CTL_ADD, cpu_buf->fd,
10547 &pb->events[j]) < 0) {
10549 pr_warn("failed to epoll_ctl cpu #%d perf FD %d: %s\n",
10551 libbpf_strerror_r(err, msg, sizeof(msg)));
10564 perf_buffer__free(pb);
10565 return ERR_PTR(err);
10568 struct perf_sample_raw {
10569 struct perf_event_header header;
10574 struct perf_sample_lost {
10575 struct perf_event_header header;
10578 uint64_t sample_id;
10581 static enum bpf_perf_event_ret
10582 perf_buffer__process_record(struct perf_event_header *e, void *ctx)
10584 struct perf_cpu_buf *cpu_buf = ctx;
10585 struct perf_buffer *pb = cpu_buf->pb;
10588 /* user wants full control over parsing perf event */
10590 return pb->event_cb(pb->ctx, cpu_buf->cpu, e);
10593 case PERF_RECORD_SAMPLE: {
10594 struct perf_sample_raw *s = data;
10597 pb->sample_cb(pb->ctx, cpu_buf->cpu, s->data, s->size);
10600 case PERF_RECORD_LOST: {
10601 struct perf_sample_lost *s = data;
10604 pb->lost_cb(pb->ctx, cpu_buf->cpu, s->lost);
10608 pr_warn("unknown perf sample type %d\n", e->type);
10609 return LIBBPF_PERF_EVENT_ERROR;
10611 return LIBBPF_PERF_EVENT_CONT;
10614 static int perf_buffer__process_records(struct perf_buffer *pb,
10615 struct perf_cpu_buf *cpu_buf)
10617 enum bpf_perf_event_ret ret;
10619 ret = bpf_perf_event_read_simple(cpu_buf->base, pb->mmap_size,
10620 pb->page_size, &cpu_buf->buf,
10621 &cpu_buf->buf_size,
10622 perf_buffer__process_record, cpu_buf);
10623 if (ret != LIBBPF_PERF_EVENT_CONT)
10628 int perf_buffer__epoll_fd(const struct perf_buffer *pb)
10630 return pb->epoll_fd;
10633 int perf_buffer__poll(struct perf_buffer *pb, int timeout_ms)
10637 cnt = epoll_wait(pb->epoll_fd, pb->events, pb->cpu_cnt, timeout_ms);
10638 for (i = 0; i < cnt; i++) {
10639 struct perf_cpu_buf *cpu_buf = pb->events[i].data.ptr;
10641 err = perf_buffer__process_records(pb, cpu_buf);
10643 pr_warn("error while processing records: %d\n", err);
10647 return cnt < 0 ? -errno : cnt;
10650 /* Return number of PERF_EVENT_ARRAY map slots set up by this perf_buffer
10653 size_t perf_buffer__buffer_cnt(const struct perf_buffer *pb)
10655 return pb->cpu_cnt;
10659 * Return perf_event FD of a ring buffer in *buf_idx* slot of
10660 * PERF_EVENT_ARRAY BPF map. This FD can be polled for new data using
10661 * select()/poll()/epoll() Linux syscalls.
10663 int perf_buffer__buffer_fd(const struct perf_buffer *pb, size_t buf_idx)
10665 struct perf_cpu_buf *cpu_buf;
10667 if (buf_idx >= pb->cpu_cnt)
10670 cpu_buf = pb->cpu_bufs[buf_idx];
10674 return cpu_buf->fd;
10678 * Consume data from perf ring buffer corresponding to slot *buf_idx* in
10679 * PERF_EVENT_ARRAY BPF map without waiting/polling. If there is no data to
10680 * consume, do nothing and return success.
10685 int perf_buffer__consume_buffer(struct perf_buffer *pb, size_t buf_idx)
10687 struct perf_cpu_buf *cpu_buf;
10689 if (buf_idx >= pb->cpu_cnt)
10692 cpu_buf = pb->cpu_bufs[buf_idx];
10696 return perf_buffer__process_records(pb, cpu_buf);
10699 int perf_buffer__consume(struct perf_buffer *pb)
10703 for (i = 0; i < pb->cpu_cnt; i++) {
10704 struct perf_cpu_buf *cpu_buf = pb->cpu_bufs[i];
10709 err = perf_buffer__process_records(pb, cpu_buf);
10711 pr_warn("perf_buffer: failed to process records in buffer #%d: %d\n", i, err);
10718 struct bpf_prog_info_array_desc {
10719 int array_offset; /* e.g. offset of jited_prog_insns */
10720 int count_offset; /* e.g. offset of jited_prog_len */
10721 int size_offset; /* > 0: offset of rec size,
10722 * < 0: fix size of -size_offset
10726 static struct bpf_prog_info_array_desc bpf_prog_info_array_desc[] = {
10727 [BPF_PROG_INFO_JITED_INSNS] = {
10728 offsetof(struct bpf_prog_info, jited_prog_insns),
10729 offsetof(struct bpf_prog_info, jited_prog_len),
10732 [BPF_PROG_INFO_XLATED_INSNS] = {
10733 offsetof(struct bpf_prog_info, xlated_prog_insns),
10734 offsetof(struct bpf_prog_info, xlated_prog_len),
10737 [BPF_PROG_INFO_MAP_IDS] = {
10738 offsetof(struct bpf_prog_info, map_ids),
10739 offsetof(struct bpf_prog_info, nr_map_ids),
10740 -(int)sizeof(__u32),
10742 [BPF_PROG_INFO_JITED_KSYMS] = {
10743 offsetof(struct bpf_prog_info, jited_ksyms),
10744 offsetof(struct bpf_prog_info, nr_jited_ksyms),
10745 -(int)sizeof(__u64),
10747 [BPF_PROG_INFO_JITED_FUNC_LENS] = {
10748 offsetof(struct bpf_prog_info, jited_func_lens),
10749 offsetof(struct bpf_prog_info, nr_jited_func_lens),
10750 -(int)sizeof(__u32),
10752 [BPF_PROG_INFO_FUNC_INFO] = {
10753 offsetof(struct bpf_prog_info, func_info),
10754 offsetof(struct bpf_prog_info, nr_func_info),
10755 offsetof(struct bpf_prog_info, func_info_rec_size),
10757 [BPF_PROG_INFO_LINE_INFO] = {
10758 offsetof(struct bpf_prog_info, line_info),
10759 offsetof(struct bpf_prog_info, nr_line_info),
10760 offsetof(struct bpf_prog_info, line_info_rec_size),
10762 [BPF_PROG_INFO_JITED_LINE_INFO] = {
10763 offsetof(struct bpf_prog_info, jited_line_info),
10764 offsetof(struct bpf_prog_info, nr_jited_line_info),
10765 offsetof(struct bpf_prog_info, jited_line_info_rec_size),
10767 [BPF_PROG_INFO_PROG_TAGS] = {
10768 offsetof(struct bpf_prog_info, prog_tags),
10769 offsetof(struct bpf_prog_info, nr_prog_tags),
10770 -(int)sizeof(__u8) * BPF_TAG_SIZE,
10775 static __u32 bpf_prog_info_read_offset_u32(struct bpf_prog_info *info,
10778 __u32 *array = (__u32 *)info;
10781 return array[offset / sizeof(__u32)];
10782 return -(int)offset;
10785 static __u64 bpf_prog_info_read_offset_u64(struct bpf_prog_info *info,
10788 __u64 *array = (__u64 *)info;
10791 return array[offset / sizeof(__u64)];
10792 return -(int)offset;
10795 static void bpf_prog_info_set_offset_u32(struct bpf_prog_info *info, int offset,
10798 __u32 *array = (__u32 *)info;
10801 array[offset / sizeof(__u32)] = val;
10804 static void bpf_prog_info_set_offset_u64(struct bpf_prog_info *info, int offset,
10807 __u64 *array = (__u64 *)info;
10810 array[offset / sizeof(__u64)] = val;
10813 struct bpf_prog_info_linear *
10814 bpf_program__get_prog_info_linear(int fd, __u64 arrays)
10816 struct bpf_prog_info_linear *info_linear;
10817 struct bpf_prog_info info = {};
10818 __u32 info_len = sizeof(info);
10819 __u32 data_len = 0;
10823 if (arrays >> BPF_PROG_INFO_LAST_ARRAY)
10824 return ERR_PTR(-EINVAL);
10826 /* step 1: get array dimensions */
10827 err = bpf_obj_get_info_by_fd(fd, &info, &info_len);
10829 pr_debug("can't get prog info: %s", strerror(errno));
10830 return ERR_PTR(-EFAULT);
10833 /* step 2: calculate total size of all arrays */
10834 for (i = BPF_PROG_INFO_FIRST_ARRAY; i < BPF_PROG_INFO_LAST_ARRAY; ++i) {
10835 bool include_array = (arrays & (1UL << i)) > 0;
10836 struct bpf_prog_info_array_desc *desc;
10839 desc = bpf_prog_info_array_desc + i;
10841 /* kernel is too old to support this field */
10842 if (info_len < desc->array_offset + sizeof(__u32) ||
10843 info_len < desc->count_offset + sizeof(__u32) ||
10844 (desc->size_offset > 0 && info_len < desc->size_offset))
10845 include_array = false;
10847 if (!include_array) {
10848 arrays &= ~(1UL << i); /* clear the bit */
10852 count = bpf_prog_info_read_offset_u32(&info, desc->count_offset);
10853 size = bpf_prog_info_read_offset_u32(&info, desc->size_offset);
10855 data_len += count * size;
10858 /* step 3: allocate continuous memory */
10859 data_len = roundup(data_len, sizeof(__u64));
10860 info_linear = malloc(sizeof(struct bpf_prog_info_linear) + data_len);
10862 return ERR_PTR(-ENOMEM);
10864 /* step 4: fill data to info_linear->info */
10865 info_linear->arrays = arrays;
10866 memset(&info_linear->info, 0, sizeof(info));
10867 ptr = info_linear->data;
10869 for (i = BPF_PROG_INFO_FIRST_ARRAY; i < BPF_PROG_INFO_LAST_ARRAY; ++i) {
10870 struct bpf_prog_info_array_desc *desc;
10873 if ((arrays & (1UL << i)) == 0)
10876 desc = bpf_prog_info_array_desc + i;
10877 count = bpf_prog_info_read_offset_u32(&info, desc->count_offset);
10878 size = bpf_prog_info_read_offset_u32(&info, desc->size_offset);
10879 bpf_prog_info_set_offset_u32(&info_linear->info,
10880 desc->count_offset, count);
10881 bpf_prog_info_set_offset_u32(&info_linear->info,
10882 desc->size_offset, size);
10883 bpf_prog_info_set_offset_u64(&info_linear->info,
10884 desc->array_offset,
10886 ptr += count * size;
10889 /* step 5: call syscall again to get required arrays */
10890 err = bpf_obj_get_info_by_fd(fd, &info_linear->info, &info_len);
10892 pr_debug("can't get prog info: %s", strerror(errno));
10894 return ERR_PTR(-EFAULT);
10897 /* step 6: verify the data */
10898 for (i = BPF_PROG_INFO_FIRST_ARRAY; i < BPF_PROG_INFO_LAST_ARRAY; ++i) {
10899 struct bpf_prog_info_array_desc *desc;
10902 if ((arrays & (1UL << i)) == 0)
10905 desc = bpf_prog_info_array_desc + i;
10906 v1 = bpf_prog_info_read_offset_u32(&info, desc->count_offset);
10907 v2 = bpf_prog_info_read_offset_u32(&info_linear->info,
10908 desc->count_offset);
10910 pr_warn("%s: mismatch in element count\n", __func__);
10912 v1 = bpf_prog_info_read_offset_u32(&info, desc->size_offset);
10913 v2 = bpf_prog_info_read_offset_u32(&info_linear->info,
10914 desc->size_offset);
10916 pr_warn("%s: mismatch in rec size\n", __func__);
10919 /* step 7: update info_len and data_len */
10920 info_linear->info_len = sizeof(struct bpf_prog_info);
10921 info_linear->data_len = data_len;
10923 return info_linear;
10926 void bpf_program__bpil_addr_to_offs(struct bpf_prog_info_linear *info_linear)
10930 for (i = BPF_PROG_INFO_FIRST_ARRAY; i < BPF_PROG_INFO_LAST_ARRAY; ++i) {
10931 struct bpf_prog_info_array_desc *desc;
10934 if ((info_linear->arrays & (1UL << i)) == 0)
10937 desc = bpf_prog_info_array_desc + i;
10938 addr = bpf_prog_info_read_offset_u64(&info_linear->info,
10939 desc->array_offset);
10940 offs = addr - ptr_to_u64(info_linear->data);
10941 bpf_prog_info_set_offset_u64(&info_linear->info,
10942 desc->array_offset, offs);
10946 void bpf_program__bpil_offs_to_addr(struct bpf_prog_info_linear *info_linear)
10950 for (i = BPF_PROG_INFO_FIRST_ARRAY; i < BPF_PROG_INFO_LAST_ARRAY; ++i) {
10951 struct bpf_prog_info_array_desc *desc;
10954 if ((info_linear->arrays & (1UL << i)) == 0)
10957 desc = bpf_prog_info_array_desc + i;
10958 offs = bpf_prog_info_read_offset_u64(&info_linear->info,
10959 desc->array_offset);
10960 addr = offs + ptr_to_u64(info_linear->data);
10961 bpf_prog_info_set_offset_u64(&info_linear->info,
10962 desc->array_offset, addr);
10966 int bpf_program__set_attach_target(struct bpf_program *prog,
10967 int attach_prog_fd,
10968 const char *attach_func_name)
10970 int btf_obj_fd = 0, btf_id = 0, err;
10972 if (!prog || attach_prog_fd < 0 || !attach_func_name)
10975 if (prog->obj->loaded)
10978 if (attach_prog_fd) {
10979 btf_id = libbpf_find_prog_btf_id(attach_func_name,
10984 /* load btf_vmlinux, if not yet */
10985 err = bpf_object__load_vmlinux_btf(prog->obj, true);
10988 err = find_kernel_btf_id(prog->obj, attach_func_name,
10989 prog->expected_attach_type,
10990 &btf_obj_fd, &btf_id);
10995 prog->attach_btf_id = btf_id;
10996 prog->attach_btf_obj_fd = btf_obj_fd;
10997 prog->attach_prog_fd = attach_prog_fd;
11001 int parse_cpu_mask_str(const char *s, bool **mask, int *mask_sz)
11003 int err = 0, n, len, start, end = -1;
11009 /* Each sub string separated by ',' has format \d+-\d+ or \d+ */
11011 if (*s == ',' || *s == '\n') {
11015 n = sscanf(s, "%d%n-%d%n", &start, &len, &end, &len);
11016 if (n <= 0 || n > 2) {
11017 pr_warn("Failed to get CPU range %s: %d\n", s, n);
11020 } else if (n == 1) {
11023 if (start < 0 || start > end) {
11024 pr_warn("Invalid CPU range [%d,%d] in %s\n",
11029 tmp = realloc(*mask, end + 1);
11035 memset(tmp + *mask_sz, 0, start - *mask_sz);
11036 memset(tmp + start, 1, end - start + 1);
11037 *mask_sz = end + 1;
11041 pr_warn("Empty CPU range\n");
11051 int parse_cpu_mask_file(const char *fcpu, bool **mask, int *mask_sz)
11053 int fd, err = 0, len;
11056 fd = open(fcpu, O_RDONLY);
11059 pr_warn("Failed to open cpu mask file %s: %d\n", fcpu, err);
11062 len = read(fd, buf, sizeof(buf));
11065 err = len ? -errno : -EINVAL;
11066 pr_warn("Failed to read cpu mask from %s: %d\n", fcpu, err);
11069 if (len >= sizeof(buf)) {
11070 pr_warn("CPU mask is too big in file %s\n", fcpu);
11075 return parse_cpu_mask_str(buf, mask, mask_sz);
11078 int libbpf_num_possible_cpus(void)
11080 static const char *fcpu = "/sys/devices/system/cpu/possible";
11082 int err, n, i, tmp_cpus;
11085 tmp_cpus = READ_ONCE(cpus);
11089 err = parse_cpu_mask_file(fcpu, &mask, &n);
11094 for (i = 0; i < n; i++) {
11100 WRITE_ONCE(cpus, tmp_cpus);
11104 int bpf_object__open_skeleton(struct bpf_object_skeleton *s,
11105 const struct bpf_object_open_opts *opts)
11107 DECLARE_LIBBPF_OPTS(bpf_object_open_opts, skel_opts,
11108 .object_name = s->name,
11110 struct bpf_object *obj;
11113 /* Attempt to preserve opts->object_name, unless overriden by user
11114 * explicitly. Overwriting object name for skeletons is discouraged,
11115 * as it breaks global data maps, because they contain object name
11116 * prefix as their own map name prefix. When skeleton is generated,
11117 * bpftool is making an assumption that this name will stay the same.
11120 memcpy(&skel_opts, opts, sizeof(*opts));
11121 if (!opts->object_name)
11122 skel_opts.object_name = s->name;
11125 obj = bpf_object__open_mem(s->data, s->data_sz, &skel_opts);
11127 pr_warn("failed to initialize skeleton BPF object '%s': %ld\n",
11128 s->name, PTR_ERR(obj));
11129 return PTR_ERR(obj);
11134 for (i = 0; i < s->map_cnt; i++) {
11135 struct bpf_map **map = s->maps[i].map;
11136 const char *name = s->maps[i].name;
11137 void **mmaped = s->maps[i].mmaped;
11139 *map = bpf_object__find_map_by_name(obj, name);
11141 pr_warn("failed to find skeleton map '%s'\n", name);
11145 /* externs shouldn't be pre-setup from user code */
11146 if (mmaped && (*map)->libbpf_type != LIBBPF_MAP_KCONFIG)
11147 *mmaped = (*map)->mmaped;
11150 for (i = 0; i < s->prog_cnt; i++) {
11151 struct bpf_program **prog = s->progs[i].prog;
11152 const char *name = s->progs[i].name;
11154 *prog = bpf_object__find_program_by_name(obj, name);
11156 pr_warn("failed to find skeleton program '%s'\n", name);
11164 int bpf_object__load_skeleton(struct bpf_object_skeleton *s)
11168 err = bpf_object__load(*s->obj);
11170 pr_warn("failed to load BPF skeleton '%s': %d\n", s->name, err);
11174 for (i = 0; i < s->map_cnt; i++) {
11175 struct bpf_map *map = *s->maps[i].map;
11176 size_t mmap_sz = bpf_map_mmap_sz(map);
11177 int prot, map_fd = bpf_map__fd(map);
11178 void **mmaped = s->maps[i].mmaped;
11183 if (!(map->def.map_flags & BPF_F_MMAPABLE)) {
11188 if (map->def.map_flags & BPF_F_RDONLY_PROG)
11191 prot = PROT_READ | PROT_WRITE;
11193 /* Remap anonymous mmap()-ed "map initialization image" as
11194 * a BPF map-backed mmap()-ed memory, but preserving the same
11195 * memory address. This will cause kernel to change process'
11196 * page table to point to a different piece of kernel memory,
11197 * but from userspace point of view memory address (and its
11198 * contents, being identical at this point) will stay the
11199 * same. This mapping will be released by bpf_object__close()
11200 * as per normal clean up procedure, so we don't need to worry
11201 * about it from skeleton's clean up perspective.
11203 *mmaped = mmap(map->mmaped, mmap_sz, prot,
11204 MAP_SHARED | MAP_FIXED, map_fd, 0);
11205 if (*mmaped == MAP_FAILED) {
11208 pr_warn("failed to re-mmap() map '%s': %d\n",
11209 bpf_map__name(map), err);
11217 int bpf_object__attach_skeleton(struct bpf_object_skeleton *s)
11221 for (i = 0; i < s->prog_cnt; i++) {
11222 struct bpf_program *prog = *s->progs[i].prog;
11223 struct bpf_link **link = s->progs[i].link;
11224 const struct bpf_sec_def *sec_def;
11229 sec_def = find_sec_def(prog->sec_name);
11230 if (!sec_def || !sec_def->attach_fn)
11233 *link = sec_def->attach_fn(sec_def, prog);
11234 if (IS_ERR(*link)) {
11235 pr_warn("failed to auto-attach program '%s': %ld\n",
11236 bpf_program__name(prog), PTR_ERR(*link));
11237 return PTR_ERR(*link);
11244 void bpf_object__detach_skeleton(struct bpf_object_skeleton *s)
11248 for (i = 0; i < s->prog_cnt; i++) {
11249 struct bpf_link **link = s->progs[i].link;
11251 bpf_link__destroy(*link);
11256 void bpf_object__destroy_skeleton(struct bpf_object_skeleton *s)
11259 bpf_object__detach_skeleton(s);
11261 bpf_object__close(*s->obj);