1 // SPDX-License-Identifier: (LGPL-2.1 OR BSD-2-Clause)
2 /* Copyright (c) 2019 Facebook */
7 #include <linux/string.h>
8 #include <linux/bpf_verifier.h>
11 static const char *btf_kind_str(const struct btf_type *t)
13 return btf_type_str(t);
16 static bool is_ldimm64_insn(struct bpf_insn *insn)
18 return insn->code == (BPF_LD | BPF_IMM | BPF_DW);
21 static const struct btf_type *
22 skip_mods_and_typedefs(const struct btf *btf, u32 id, u32 *res_id)
24 return btf_type_skip_modifiers(btf, id, res_id);
27 static const char *btf__name_by_offset(const struct btf *btf, u32 offset)
29 return btf_name_by_offset(btf, offset);
32 static s64 btf__resolve_size(const struct btf *btf, u32 type_id)
34 const struct btf_type *t;
37 t = btf_type_by_id(btf, type_id);
38 t = btf_resolve_size(btf, t, &size);
44 enum libbpf_print_level {
53 #define pr_warn(fmt, log, ...) bpf_log((void *)log, fmt, "", ##__VA_ARGS__)
54 #define pr_info(fmt, log, ...) bpf_log((void *)log, fmt, "", ##__VA_ARGS__)
55 #define pr_debug(fmt, log, ...) bpf_log((void *)log, fmt, "", ##__VA_ARGS__)
56 #define libbpf_print(level, fmt, ...) bpf_log((void *)prog_name, fmt, ##__VA_ARGS__)
62 #include <linux/err.h>
67 #include "str_error.h"
68 #include "libbpf_internal.h"
71 static bool is_flex_arr(const struct btf *btf,
72 const struct bpf_core_accessor *acc,
73 const struct btf_array *arr)
75 const struct btf_type *t;
77 /* not a flexible array, if not inside a struct or has non-zero size */
78 if (!acc->name || arr->nelems > 0)
81 /* has to be the last member of enclosing struct */
82 t = btf_type_by_id(btf, acc->type_id);
83 return acc->idx == btf_vlen(t) - 1;
86 static const char *core_relo_kind_str(enum bpf_core_relo_kind kind)
89 case BPF_CORE_FIELD_BYTE_OFFSET: return "byte_off";
90 case BPF_CORE_FIELD_BYTE_SIZE: return "byte_sz";
91 case BPF_CORE_FIELD_EXISTS: return "field_exists";
92 case BPF_CORE_FIELD_SIGNED: return "signed";
93 case BPF_CORE_FIELD_LSHIFT_U64: return "lshift_u64";
94 case BPF_CORE_FIELD_RSHIFT_U64: return "rshift_u64";
95 case BPF_CORE_TYPE_ID_LOCAL: return "local_type_id";
96 case BPF_CORE_TYPE_ID_TARGET: return "target_type_id";
97 case BPF_CORE_TYPE_EXISTS: return "type_exists";
98 case BPF_CORE_TYPE_MATCHES: return "type_matches";
99 case BPF_CORE_TYPE_SIZE: return "type_size";
100 case BPF_CORE_ENUMVAL_EXISTS: return "enumval_exists";
101 case BPF_CORE_ENUMVAL_VALUE: return "enumval_value";
102 default: return "unknown";
106 static bool core_relo_is_field_based(enum bpf_core_relo_kind kind)
109 case BPF_CORE_FIELD_BYTE_OFFSET:
110 case BPF_CORE_FIELD_BYTE_SIZE:
111 case BPF_CORE_FIELD_EXISTS:
112 case BPF_CORE_FIELD_SIGNED:
113 case BPF_CORE_FIELD_LSHIFT_U64:
114 case BPF_CORE_FIELD_RSHIFT_U64:
121 static bool core_relo_is_type_based(enum bpf_core_relo_kind kind)
124 case BPF_CORE_TYPE_ID_LOCAL:
125 case BPF_CORE_TYPE_ID_TARGET:
126 case BPF_CORE_TYPE_EXISTS:
127 case BPF_CORE_TYPE_MATCHES:
128 case BPF_CORE_TYPE_SIZE:
135 static bool core_relo_is_enumval_based(enum bpf_core_relo_kind kind)
138 case BPF_CORE_ENUMVAL_EXISTS:
139 case BPF_CORE_ENUMVAL_VALUE:
146 int __bpf_core_types_are_compat(const struct btf *local_btf, __u32 local_id,
147 const struct btf *targ_btf, __u32 targ_id, int level)
149 const struct btf_type *local_type, *targ_type;
150 int depth = 32; /* max recursion depth */
152 /* caller made sure that names match (ignoring flavor suffix) */
153 local_type = btf_type_by_id(local_btf, local_id);
154 targ_type = btf_type_by_id(targ_btf, targ_id);
155 if (!btf_kind_core_compat(local_type, targ_type))
163 local_type = skip_mods_and_typedefs(local_btf, local_id, &local_id);
164 targ_type = skip_mods_and_typedefs(targ_btf, targ_id, &targ_id);
165 if (!local_type || !targ_type)
168 if (!btf_kind_core_compat(local_type, targ_type))
171 switch (btf_kind(local_type)) {
173 case BTF_KIND_STRUCT:
177 case BTF_KIND_ENUM64:
180 /* just reject deprecated bitfield-like integers; all other
181 * integers are by default compatible between each other
183 return btf_int_offset(local_type) == 0 && btf_int_offset(targ_type) == 0;
185 local_id = local_type->type;
186 targ_id = targ_type->type;
189 local_id = btf_array(local_type)->type;
190 targ_id = btf_array(targ_type)->type;
192 case BTF_KIND_FUNC_PROTO: {
193 struct btf_param *local_p = btf_params(local_type);
194 struct btf_param *targ_p = btf_params(targ_type);
195 __u16 local_vlen = btf_vlen(local_type);
196 __u16 targ_vlen = btf_vlen(targ_type);
199 if (local_vlen != targ_vlen)
202 for (i = 0; i < local_vlen; i++, local_p++, targ_p++) {
206 skip_mods_and_typedefs(local_btf, local_p->type, &local_id);
207 skip_mods_and_typedefs(targ_btf, targ_p->type, &targ_id);
208 err = __bpf_core_types_are_compat(local_btf, local_id, targ_btf, targ_id,
214 /* tail recurse for return type check */
215 skip_mods_and_typedefs(local_btf, local_type->type, &local_id);
216 skip_mods_and_typedefs(targ_btf, targ_type->type, &targ_id);
220 pr_warn("unexpected kind %s relocated, local [%d], target [%d]\n",
221 btf_kind_str(local_type), local_id, targ_id);
227 * Turn bpf_core_relo into a low- and high-level spec representation,
228 * validating correctness along the way, as well as calculating resulting
229 * field bit offset, specified by accessor string. Low-level spec captures
230 * every single level of nestedness, including traversing anonymous
231 * struct/union members. High-level one only captures semantically meaningful
232 * "turning points": named fields and array indicies.
233 * E.g., for this case:
244 * struct sample *s = ...;
246 * int x = &s->a[3]; // access string = '0:1:2:3'
248 * Low-level spec has 1:1 mapping with each element of access string (it's
249 * just a parsed access string representation): [0, 1, 2, 3].
251 * High-level spec will capture only 3 points:
252 * - initial zero-index access by pointer (&s->... is the same as &s[0]...);
253 * - field 'a' access (corresponds to '2' in low-level spec);
254 * - array element #3 access (corresponds to '3' in low-level spec).
256 * Type-based relocations (TYPE_EXISTS/TYPE_MATCHES/TYPE_SIZE,
257 * TYPE_ID_LOCAL/TYPE_ID_TARGET) don't capture any field information. Their
258 * spec and raw_spec are kept empty.
260 * Enum value-based relocations (ENUMVAL_EXISTS/ENUMVAL_VALUE) use access
261 * string to specify enumerator's value index that need to be relocated.
263 int bpf_core_parse_spec(const char *prog_name, const struct btf *btf,
264 const struct bpf_core_relo *relo,
265 struct bpf_core_spec *spec)
267 int access_idx, parsed_len, i;
268 struct bpf_core_accessor *acc;
269 const struct btf_type *t;
270 const char *name, *spec_str;
274 spec_str = btf__name_by_offset(btf, relo->access_str_off);
275 if (str_is_empty(spec_str) || *spec_str == ':')
278 memset(spec, 0, sizeof(*spec));
280 spec->root_type_id = relo->type_id;
281 spec->relo_kind = relo->kind;
283 /* type-based relocations don't have a field access string */
284 if (core_relo_is_type_based(relo->kind)) {
285 if (strcmp(spec_str, "0"))
290 /* parse spec_str="0:1:2:3:4" into array raw_spec=[0, 1, 2, 3, 4] */
292 if (*spec_str == ':')
294 if (sscanf(spec_str, "%d%n", &access_idx, &parsed_len) != 1)
296 if (spec->raw_len == BPF_CORE_SPEC_MAX_LEN)
298 spec_str += parsed_len;
299 spec->raw_spec[spec->raw_len++] = access_idx;
302 if (spec->raw_len == 0)
305 t = skip_mods_and_typedefs(btf, relo->type_id, &id);
309 access_idx = spec->raw_spec[0];
310 acc = &spec->spec[0];
312 acc->idx = access_idx;
315 if (core_relo_is_enumval_based(relo->kind)) {
316 if (!btf_is_any_enum(t) || spec->raw_len > 1 || access_idx >= btf_vlen(t))
319 /* record enumerator name in a first accessor */
320 name_off = btf_is_enum(t) ? btf_enum(t)[access_idx].name_off
321 : btf_enum64(t)[access_idx].name_off;
322 acc->name = btf__name_by_offset(btf, name_off);
326 if (!core_relo_is_field_based(relo->kind))
329 sz = btf__resolve_size(btf, id);
332 spec->bit_offset = access_idx * sz * 8;
334 for (i = 1; i < spec->raw_len; i++) {
335 t = skip_mods_and_typedefs(btf, id, &id);
339 access_idx = spec->raw_spec[i];
340 acc = &spec->spec[spec->len];
342 if (btf_is_composite(t)) {
343 const struct btf_member *m;
346 if (access_idx >= btf_vlen(t))
349 bit_offset = btf_member_bit_offset(t, access_idx);
350 spec->bit_offset += bit_offset;
352 m = btf_members(t) + access_idx;
354 name = btf__name_by_offset(btf, m->name_off);
355 if (str_is_empty(name))
359 acc->idx = access_idx;
365 } else if (btf_is_array(t)) {
366 const struct btf_array *a = btf_array(t);
369 t = skip_mods_and_typedefs(btf, a->type, &id);
373 flex = is_flex_arr(btf, acc - 1, a);
374 if (!flex && access_idx >= a->nelems)
377 spec->spec[spec->len].type_id = id;
378 spec->spec[spec->len].idx = access_idx;
381 sz = btf__resolve_size(btf, id);
384 spec->bit_offset += access_idx * sz * 8;
386 pr_warn("prog '%s': relo for [%u] %s (at idx %d) captures type [%d] of unexpected kind %s\n",
387 prog_name, relo->type_id, spec_str, i, id, btf_kind_str(t));
395 /* Check two types for compatibility for the purpose of field access
396 * relocation. const/volatile/restrict and typedefs are skipped to ensure we
397 * are relocating semantically compatible entities:
398 * - any two STRUCTs/UNIONs are compatible and can be mixed;
399 * - any two FWDs are compatible, if their names match (modulo flavor suffix);
400 * - any two PTRs are always compatible;
401 * - for ENUMs, names should be the same (ignoring flavor suffix) or at
402 * least one of enums should be anonymous;
403 * - for ENUMs, check sizes, names are ignored;
404 * - for INT, size and signedness are ignored;
405 * - any two FLOATs are always compatible;
406 * - for ARRAY, dimensionality is ignored, element types are checked for
407 * compatibility recursively;
408 * - everything else shouldn't be ever a target of relocation.
409 * These rules are not set in stone and probably will be adjusted as we get
410 * more experience with using BPF CO-RE relocations.
412 static int bpf_core_fields_are_compat(const struct btf *local_btf,
414 const struct btf *targ_btf,
417 const struct btf_type *local_type, *targ_type;
420 local_type = skip_mods_and_typedefs(local_btf, local_id, &local_id);
421 targ_type = skip_mods_and_typedefs(targ_btf, targ_id, &targ_id);
422 if (!local_type || !targ_type)
425 if (btf_is_composite(local_type) && btf_is_composite(targ_type))
427 if (!btf_kind_core_compat(local_type, targ_type))
430 switch (btf_kind(local_type)) {
435 case BTF_KIND_ENUM64:
436 case BTF_KIND_ENUM: {
437 const char *local_name, *targ_name;
438 size_t local_len, targ_len;
440 local_name = btf__name_by_offset(local_btf,
441 local_type->name_off);
442 targ_name = btf__name_by_offset(targ_btf, targ_type->name_off);
443 local_len = bpf_core_essential_name_len(local_name);
444 targ_len = bpf_core_essential_name_len(targ_name);
445 /* one of them is anonymous or both w/ same flavor-less names */
446 return local_len == 0 || targ_len == 0 ||
447 (local_len == targ_len &&
448 strncmp(local_name, targ_name, local_len) == 0);
451 /* just reject deprecated bitfield-like integers; all other
452 * integers are by default compatible between each other
454 return btf_int_offset(local_type) == 0 &&
455 btf_int_offset(targ_type) == 0;
457 local_id = btf_array(local_type)->type;
458 targ_id = btf_array(targ_type)->type;
466 * Given single high-level named field accessor in local type, find
467 * corresponding high-level accessor for a target type. Along the way,
468 * maintain low-level spec for target as well. Also keep updating target
471 * Searching is performed through recursive exhaustive enumeration of all
472 * fields of a struct/union. If there are any anonymous (embedded)
473 * structs/unions, they are recursively searched as well. If field with
474 * desired name is found, check compatibility between local and target types,
475 * before returning result.
477 * 1 is returned, if field is found.
478 * 0 is returned if no compatible field is found.
479 * <0 is returned on error.
481 static int bpf_core_match_member(const struct btf *local_btf,
482 const struct bpf_core_accessor *local_acc,
483 const struct btf *targ_btf,
485 struct bpf_core_spec *spec,
488 const struct btf_type *local_type, *targ_type;
489 const struct btf_member *local_member, *m;
490 const char *local_name, *targ_name;
494 targ_type = skip_mods_and_typedefs(targ_btf, targ_id, &targ_id);
497 if (!btf_is_composite(targ_type))
500 local_id = local_acc->type_id;
501 local_type = btf_type_by_id(local_btf, local_id);
502 local_member = btf_members(local_type) + local_acc->idx;
503 local_name = btf__name_by_offset(local_btf, local_member->name_off);
505 n = btf_vlen(targ_type);
506 m = btf_members(targ_type);
507 for (i = 0; i < n; i++, m++) {
510 bit_offset = btf_member_bit_offset(targ_type, i);
512 /* too deep struct/union/array nesting */
513 if (spec->raw_len == BPF_CORE_SPEC_MAX_LEN)
516 /* speculate this member will be the good one */
517 spec->bit_offset += bit_offset;
518 spec->raw_spec[spec->raw_len++] = i;
520 targ_name = btf__name_by_offset(targ_btf, m->name_off);
521 if (str_is_empty(targ_name)) {
522 /* embedded struct/union, we need to go deeper */
523 found = bpf_core_match_member(local_btf, local_acc,
526 if (found) /* either found or error */
528 } else if (strcmp(local_name, targ_name) == 0) {
529 /* matching named field */
530 struct bpf_core_accessor *targ_acc;
532 targ_acc = &spec->spec[spec->len++];
533 targ_acc->type_id = targ_id;
535 targ_acc->name = targ_name;
537 *next_targ_id = m->type;
538 found = bpf_core_fields_are_compat(local_btf,
542 spec->len--; /* pop accessor */
545 /* member turned out not to be what we looked for */
546 spec->bit_offset -= bit_offset;
554 * Try to match local spec to a target type and, if successful, produce full
555 * target spec (high-level, low-level + bit offset).
557 static int bpf_core_spec_match(struct bpf_core_spec *local_spec,
558 const struct btf *targ_btf, __u32 targ_id,
559 struct bpf_core_spec *targ_spec)
561 const struct btf_type *targ_type;
562 const struct bpf_core_accessor *local_acc;
563 struct bpf_core_accessor *targ_acc;
567 memset(targ_spec, 0, sizeof(*targ_spec));
568 targ_spec->btf = targ_btf;
569 targ_spec->root_type_id = targ_id;
570 targ_spec->relo_kind = local_spec->relo_kind;
572 if (core_relo_is_type_based(local_spec->relo_kind)) {
573 if (local_spec->relo_kind == BPF_CORE_TYPE_MATCHES)
574 return bpf_core_types_match(local_spec->btf,
575 local_spec->root_type_id,
578 return bpf_core_types_are_compat(local_spec->btf,
579 local_spec->root_type_id,
583 local_acc = &local_spec->spec[0];
584 targ_acc = &targ_spec->spec[0];
586 if (core_relo_is_enumval_based(local_spec->relo_kind)) {
587 size_t local_essent_len, targ_essent_len;
588 const char *targ_name;
590 /* has to resolve to an enum */
591 targ_type = skip_mods_and_typedefs(targ_spec->btf, targ_id, &targ_id);
592 if (!btf_is_any_enum(targ_type))
595 local_essent_len = bpf_core_essential_name_len(local_acc->name);
597 for (i = 0; i < btf_vlen(targ_type); i++) {
598 if (btf_is_enum(targ_type))
599 name_off = btf_enum(targ_type)[i].name_off;
601 name_off = btf_enum64(targ_type)[i].name_off;
603 targ_name = btf__name_by_offset(targ_spec->btf, name_off);
604 targ_essent_len = bpf_core_essential_name_len(targ_name);
605 if (targ_essent_len != local_essent_len)
607 if (strncmp(local_acc->name, targ_name, local_essent_len) == 0) {
608 targ_acc->type_id = targ_id;
610 targ_acc->name = targ_name;
612 targ_spec->raw_spec[targ_spec->raw_len] = targ_acc->idx;
613 targ_spec->raw_len++;
620 if (!core_relo_is_field_based(local_spec->relo_kind))
623 for (i = 0; i < local_spec->len; i++, local_acc++, targ_acc++) {
624 targ_type = skip_mods_and_typedefs(targ_spec->btf, targ_id,
629 if (local_acc->name) {
630 matched = bpf_core_match_member(local_spec->btf,
633 targ_spec, &targ_id);
637 /* for i=0, targ_id is already treated as array element
638 * type (because it's the original struct), for others
639 * we should find array element type first
642 const struct btf_array *a;
645 if (!btf_is_array(targ_type))
648 a = btf_array(targ_type);
649 flex = is_flex_arr(targ_btf, targ_acc - 1, a);
650 if (!flex && local_acc->idx >= a->nelems)
652 if (!skip_mods_and_typedefs(targ_btf, a->type,
657 /* too deep struct/union/array nesting */
658 if (targ_spec->raw_len == BPF_CORE_SPEC_MAX_LEN)
661 targ_acc->type_id = targ_id;
662 targ_acc->idx = local_acc->idx;
663 targ_acc->name = NULL;
665 targ_spec->raw_spec[targ_spec->raw_len] = targ_acc->idx;
666 targ_spec->raw_len++;
668 sz = btf__resolve_size(targ_btf, targ_id);
671 targ_spec->bit_offset += local_acc->idx * sz * 8;
678 static int bpf_core_calc_field_relo(const char *prog_name,
679 const struct bpf_core_relo *relo,
680 const struct bpf_core_spec *spec,
681 __u64 *val, __u32 *field_sz, __u32 *type_id,
684 const struct bpf_core_accessor *acc;
685 const struct btf_type *t;
686 __u32 byte_off, byte_sz, bit_off, bit_sz, field_type_id;
687 const struct btf_member *m;
688 const struct btf_type *mt;
694 if (relo->kind == BPF_CORE_FIELD_EXISTS) {
700 return -EUCLEAN; /* request instruction poisoning */
702 acc = &spec->spec[spec->len - 1];
703 t = btf_type_by_id(spec->btf, acc->type_id);
705 /* a[n] accessor needs special handling */
707 if (relo->kind == BPF_CORE_FIELD_BYTE_OFFSET) {
708 *val = spec->bit_offset / 8;
709 /* remember field size for load/store mem size */
710 sz = btf__resolve_size(spec->btf, acc->type_id);
714 *type_id = acc->type_id;
715 } else if (relo->kind == BPF_CORE_FIELD_BYTE_SIZE) {
716 sz = btf__resolve_size(spec->btf, acc->type_id);
721 pr_warn("prog '%s': relo %d at insn #%d can't be applied to array access\n",
722 prog_name, relo->kind, relo->insn_off / 8);
730 m = btf_members(t) + acc->idx;
731 mt = skip_mods_and_typedefs(spec->btf, m->type, &field_type_id);
732 bit_off = spec->bit_offset;
733 bit_sz = btf_member_bitfield_size(t, acc->idx);
735 bitfield = bit_sz > 0;
738 byte_off = bit_off / 8 / byte_sz * byte_sz;
739 /* figure out smallest int size necessary for bitfield load */
740 while (bit_off + bit_sz - byte_off * 8 > byte_sz * 8) {
742 /* bitfield can't be read with 64-bit read */
743 pr_warn("prog '%s': relo %d at insn #%d can't be satisfied for bitfield\n",
744 prog_name, relo->kind, relo->insn_off / 8);
748 byte_off = bit_off / 8 / byte_sz * byte_sz;
751 sz = btf__resolve_size(spec->btf, field_type_id);
755 byte_off = spec->bit_offset / 8;
756 bit_sz = byte_sz * 8;
759 /* for bitfields, all the relocatable aspects are ambiguous and we
760 * might disagree with compiler, so turn off validation of expected
761 * value, except for signedness
764 *validate = !bitfield;
766 switch (relo->kind) {
767 case BPF_CORE_FIELD_BYTE_OFFSET:
771 *type_id = field_type_id;
774 case BPF_CORE_FIELD_BYTE_SIZE:
777 case BPF_CORE_FIELD_SIGNED:
778 *val = (btf_is_any_enum(mt) && BTF_INFO_KFLAG(mt->info)) ||
779 (btf_int_encoding(mt) & BTF_INT_SIGNED);
781 *validate = true; /* signedness is never ambiguous */
783 case BPF_CORE_FIELD_LSHIFT_U64:
784 #if __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__
785 *val = 64 - (bit_off + bit_sz - byte_off * 8);
787 *val = (8 - byte_sz) * 8 + (bit_off - byte_off * 8);
790 case BPF_CORE_FIELD_RSHIFT_U64:
793 *validate = true; /* right shift is never ambiguous */
795 case BPF_CORE_FIELD_EXISTS:
803 static int bpf_core_calc_type_relo(const struct bpf_core_relo *relo,
804 const struct bpf_core_spec *spec,
805 __u64 *val, bool *validate)
809 /* by default, always check expected value in bpf_insn */
813 /* type-based relos return zero when target type is not found */
819 switch (relo->kind) {
820 case BPF_CORE_TYPE_ID_TARGET:
821 *val = spec->root_type_id;
822 /* type ID, embedded in bpf_insn, might change during linking,
823 * so enforcing it is pointless
828 case BPF_CORE_TYPE_EXISTS:
829 case BPF_CORE_TYPE_MATCHES:
832 case BPF_CORE_TYPE_SIZE:
833 sz = btf__resolve_size(spec->btf, spec->root_type_id);
838 case BPF_CORE_TYPE_ID_LOCAL:
839 /* BPF_CORE_TYPE_ID_LOCAL is handled specially and shouldn't get here */
847 static int bpf_core_calc_enumval_relo(const struct bpf_core_relo *relo,
848 const struct bpf_core_spec *spec,
851 const struct btf_type *t;
853 switch (relo->kind) {
854 case BPF_CORE_ENUMVAL_EXISTS:
857 case BPF_CORE_ENUMVAL_VALUE:
859 return -EUCLEAN; /* request instruction poisoning */
860 t = btf_type_by_id(spec->btf, spec->spec[0].type_id);
862 *val = btf_enum(t)[spec->spec[0].idx].val;
864 *val = btf_enum64_value(btf_enum64(t) + spec->spec[0].idx);
873 /* Calculate original and target relocation values, given local and target
874 * specs and relocation kind. These values are calculated for each candidate.
875 * If there are multiple candidates, resulting values should all be consistent
876 * with each other. Otherwise, libbpf will refuse to proceed due to ambiguity.
877 * If instruction has to be poisoned, *poison will be set to true.
879 static int bpf_core_calc_relo(const char *prog_name,
880 const struct bpf_core_relo *relo,
882 const struct bpf_core_spec *local_spec,
883 const struct bpf_core_spec *targ_spec,
884 struct bpf_core_relo_res *res)
886 int err = -EOPNOTSUPP;
891 res->validate = true;
892 res->fail_memsz_adjust = false;
893 res->orig_sz = res->new_sz = 0;
894 res->orig_type_id = res->new_type_id = 0;
896 if (core_relo_is_field_based(relo->kind)) {
897 err = bpf_core_calc_field_relo(prog_name, relo, local_spec,
898 &res->orig_val, &res->orig_sz,
899 &res->orig_type_id, &res->validate);
900 err = err ?: bpf_core_calc_field_relo(prog_name, relo, targ_spec,
901 &res->new_val, &res->new_sz,
902 &res->new_type_id, NULL);
905 /* Validate if it's safe to adjust load/store memory size.
906 * Adjustments are performed only if original and new memory
909 res->fail_memsz_adjust = false;
910 if (res->orig_sz != res->new_sz) {
911 const struct btf_type *orig_t, *new_t;
913 orig_t = btf_type_by_id(local_spec->btf, res->orig_type_id);
914 new_t = btf_type_by_id(targ_spec->btf, res->new_type_id);
916 /* There are two use cases in which it's safe to
917 * adjust load/store's mem size:
918 * - reading a 32-bit kernel pointer, while on BPF
919 * size pointers are always 64-bit; in this case
920 * it's safe to "downsize" instruction size due to
921 * pointer being treated as unsigned integer with
922 * zero-extended upper 32-bits;
923 * - reading unsigned integers, again due to
924 * zero-extension is preserving the value correctly.
926 * In all other cases it's incorrect to attempt to
927 * load/store field because read value will be
928 * incorrect, so we poison relocated instruction.
930 if (btf_is_ptr(orig_t) && btf_is_ptr(new_t))
932 if (btf_is_int(orig_t) && btf_is_int(new_t) &&
933 btf_int_encoding(orig_t) != BTF_INT_SIGNED &&
934 btf_int_encoding(new_t) != BTF_INT_SIGNED)
937 /* mark as invalid mem size adjustment, but this will
938 * only be checked for LDX/STX/ST insns
940 res->fail_memsz_adjust = true;
942 } else if (core_relo_is_type_based(relo->kind)) {
943 err = bpf_core_calc_type_relo(relo, local_spec, &res->orig_val, &res->validate);
944 err = err ?: bpf_core_calc_type_relo(relo, targ_spec, &res->new_val, NULL);
945 } else if (core_relo_is_enumval_based(relo->kind)) {
946 err = bpf_core_calc_enumval_relo(relo, local_spec, &res->orig_val);
947 err = err ?: bpf_core_calc_enumval_relo(relo, targ_spec, &res->new_val);
951 if (err == -EUCLEAN) {
952 /* EUCLEAN is used to signal instruction poisoning request */
955 } else if (err == -EOPNOTSUPP) {
956 /* EOPNOTSUPP means unknown/unsupported relocation */
957 pr_warn("prog '%s': relo #%d: unrecognized CO-RE relocation %s (%d) at insn #%d\n",
958 prog_name, relo_idx, core_relo_kind_str(relo->kind),
959 relo->kind, relo->insn_off / 8);
966 * Turn instruction for which CO_RE relocation failed into invalid one with
967 * distinct signature.
969 static void bpf_core_poison_insn(const char *prog_name, int relo_idx,
970 int insn_idx, struct bpf_insn *insn)
972 pr_debug("prog '%s': relo #%d: substituting insn #%d w/ invalid insn\n",
973 prog_name, relo_idx, insn_idx);
974 insn->code = BPF_JMP | BPF_CALL;
978 /* if this instruction is reachable (not a dead code),
979 * verifier will complain with the following message:
980 * invalid func unknown#195896080
982 insn->imm = 195896080; /* => 0xbad2310 => "bad relo" */
985 static int insn_bpf_size_to_bytes(struct bpf_insn *insn)
987 switch (BPF_SIZE(insn->code)) {
988 case BPF_DW: return 8;
989 case BPF_W: return 4;
990 case BPF_H: return 2;
991 case BPF_B: return 1;
996 static int insn_bytes_to_bpf_size(__u32 sz)
999 case 8: return BPF_DW;
1000 case 4: return BPF_W;
1001 case 2: return BPF_H;
1002 case 1: return BPF_B;
1008 * Patch relocatable BPF instruction.
1010 * Patched value is determined by relocation kind and target specification.
1011 * For existence relocations target spec will be NULL if field/type is not found.
1012 * Expected insn->imm value is determined using relocation kind and local
1013 * spec, and is checked before patching instruction. If actual insn->imm value
1014 * is wrong, bail out with error.
1016 * Currently supported classes of BPF instruction are:
1017 * 1. rX = <imm> (assignment with immediate operand);
1018 * 2. rX += <imm> (arithmetic operations with immediate operand);
1019 * 3. rX = <imm64> (load with 64-bit immediate value);
1020 * 4. rX = *(T *)(rY + <off>), where T is one of {u8, u16, u32, u64};
1021 * 5. *(T *)(rX + <off>) = rY, where T is one of {u8, u16, u32, u64};
1022 * 6. *(T *)(rX + <off>) = <imm>, where T is one of {u8, u16, u32, u64}.
1024 int bpf_core_patch_insn(const char *prog_name, struct bpf_insn *insn,
1025 int insn_idx, const struct bpf_core_relo *relo,
1026 int relo_idx, const struct bpf_core_relo_res *res)
1028 __u64 orig_val, new_val;
1031 class = BPF_CLASS(insn->code);
1035 /* poison second part of ldimm64 to avoid confusing error from
1036 * verifier about "unknown opcode 00"
1038 if (is_ldimm64_insn(insn))
1039 bpf_core_poison_insn(prog_name, relo_idx, insn_idx + 1, insn + 1);
1040 bpf_core_poison_insn(prog_name, relo_idx, insn_idx, insn);
1044 orig_val = res->orig_val;
1045 new_val = res->new_val;
1050 if (BPF_SRC(insn->code) != BPF_K)
1052 if (res->validate && insn->imm != orig_val) {
1053 pr_warn("prog '%s': relo #%d: unexpected insn #%d (ALU/ALU64) value: got %u, exp %llu -> %llu\n",
1054 prog_name, relo_idx,
1055 insn_idx, insn->imm, (unsigned long long)orig_val,
1056 (unsigned long long)new_val);
1059 orig_val = insn->imm;
1060 insn->imm = new_val;
1061 pr_debug("prog '%s': relo #%d: patched insn #%d (ALU/ALU64) imm %llu -> %llu\n",
1062 prog_name, relo_idx, insn_idx,
1063 (unsigned long long)orig_val, (unsigned long long)new_val);
1068 if (res->validate && insn->off != orig_val) {
1069 pr_warn("prog '%s': relo #%d: unexpected insn #%d (LDX/ST/STX) value: got %u, exp %llu -> %llu\n",
1070 prog_name, relo_idx, insn_idx, insn->off, (unsigned long long)orig_val,
1071 (unsigned long long)new_val);
1074 if (new_val > SHRT_MAX) {
1075 pr_warn("prog '%s': relo #%d: insn #%d (LDX/ST/STX) value too big: %llu\n",
1076 prog_name, relo_idx, insn_idx, (unsigned long long)new_val);
1079 if (res->fail_memsz_adjust) {
1080 pr_warn("prog '%s': relo #%d: insn #%d (LDX/ST/STX) accesses field incorrectly. "
1081 "Make sure you are accessing pointers, unsigned integers, or fields of matching type and size.\n",
1082 prog_name, relo_idx, insn_idx);
1086 orig_val = insn->off;
1087 insn->off = new_val;
1088 pr_debug("prog '%s': relo #%d: patched insn #%d (LDX/ST/STX) off %llu -> %llu\n",
1089 prog_name, relo_idx, insn_idx, (unsigned long long)orig_val,
1090 (unsigned long long)new_val);
1092 if (res->new_sz != res->orig_sz) {
1093 int insn_bytes_sz, insn_bpf_sz;
1095 insn_bytes_sz = insn_bpf_size_to_bytes(insn);
1096 if (insn_bytes_sz != res->orig_sz) {
1097 pr_warn("prog '%s': relo #%d: insn #%d (LDX/ST/STX) unexpected mem size: got %d, exp %u\n",
1098 prog_name, relo_idx, insn_idx, insn_bytes_sz, res->orig_sz);
1102 insn_bpf_sz = insn_bytes_to_bpf_size(res->new_sz);
1103 if (insn_bpf_sz < 0) {
1104 pr_warn("prog '%s': relo #%d: insn #%d (LDX/ST/STX) invalid new mem size: %u\n",
1105 prog_name, relo_idx, insn_idx, res->new_sz);
1109 insn->code = BPF_MODE(insn->code) | insn_bpf_sz | BPF_CLASS(insn->code);
1110 pr_debug("prog '%s': relo #%d: patched insn #%d (LDX/ST/STX) mem_sz %u -> %u\n",
1111 prog_name, relo_idx, insn_idx, res->orig_sz, res->new_sz);
1117 if (!is_ldimm64_insn(insn) ||
1118 insn[0].src_reg != 0 || insn[0].off != 0 ||
1119 insn[1].code != 0 || insn[1].dst_reg != 0 ||
1120 insn[1].src_reg != 0 || insn[1].off != 0) {
1121 pr_warn("prog '%s': relo #%d: insn #%d (LDIMM64) has unexpected form\n",
1122 prog_name, relo_idx, insn_idx);
1126 imm = (__u32)insn[0].imm | ((__u64)insn[1].imm << 32);
1127 if (res->validate && imm != orig_val) {
1128 pr_warn("prog '%s': relo #%d: unexpected insn #%d (LDIMM64) value: got %llu, exp %llu -> %llu\n",
1129 prog_name, relo_idx,
1130 insn_idx, (unsigned long long)imm,
1131 (unsigned long long)orig_val, (unsigned long long)new_val);
1135 insn[0].imm = new_val;
1136 insn[1].imm = new_val >> 32;
1137 pr_debug("prog '%s': relo #%d: patched insn #%d (LDIMM64) imm64 %llu -> %llu\n",
1138 prog_name, relo_idx, insn_idx,
1139 (unsigned long long)imm, (unsigned long long)new_val);
1143 pr_warn("prog '%s': relo #%d: trying to relocate unrecognized insn #%d, code:0x%x, src:0x%x, dst:0x%x, off:0x%x, imm:0x%x\n",
1144 prog_name, relo_idx, insn_idx, insn->code,
1145 insn->src_reg, insn->dst_reg, insn->off, insn->imm);
1152 /* Output spec definition in the format:
1153 * [<type-id>] (<type-name>) + <raw-spec> => <offset>@<spec>,
1154 * where <spec> is a C-syntax view of recorded field access, e.g.: x.a[3].b
1156 int bpf_core_format_spec(char *buf, size_t buf_sz, const struct bpf_core_spec *spec)
1158 const struct btf_type *t;
1163 #define append_buf(fmt, args...) \
1166 r = snprintf(buf, buf_sz, fmt, ##args); \
1174 type_id = spec->root_type_id;
1175 t = btf_type_by_id(spec->btf, type_id);
1176 s = btf__name_by_offset(spec->btf, t->name_off);
1178 append_buf("<%s> [%u] %s %s",
1179 core_relo_kind_str(spec->relo_kind),
1180 type_id, btf_kind_str(t), str_is_empty(s) ? "<anon>" : s);
1182 if (core_relo_is_type_based(spec->relo_kind))
1185 if (core_relo_is_enumval_based(spec->relo_kind)) {
1186 t = skip_mods_and_typedefs(spec->btf, type_id, NULL);
1187 if (btf_is_enum(t)) {
1188 const struct btf_enum *e;
1189 const char *fmt_str;
1191 e = btf_enum(t) + spec->raw_spec[0];
1192 s = btf__name_by_offset(spec->btf, e->name_off);
1193 fmt_str = BTF_INFO_KFLAG(t->info) ? "::%s = %d" : "::%s = %u";
1194 append_buf(fmt_str, s, e->val);
1196 const struct btf_enum64 *e;
1197 const char *fmt_str;
1199 e = btf_enum64(t) + spec->raw_spec[0];
1200 s = btf__name_by_offset(spec->btf, e->name_off);
1201 fmt_str = BTF_INFO_KFLAG(t->info) ? "::%s = %lld" : "::%s = %llu";
1202 append_buf(fmt_str, s, (unsigned long long)btf_enum64_value(e));
1207 if (core_relo_is_field_based(spec->relo_kind)) {
1208 for (i = 0; i < spec->len; i++) {
1209 if (spec->spec[i].name)
1210 append_buf(".%s", spec->spec[i].name);
1211 else if (i > 0 || spec->spec[i].idx > 0)
1212 append_buf("[%u]", spec->spec[i].idx);
1216 for (i = 0; i < spec->raw_len; i++)
1217 append_buf("%s%d", i == 0 ? "" : ":", spec->raw_spec[i]);
1219 if (spec->bit_offset % 8)
1220 append_buf(" @ offset %u.%u)", spec->bit_offset / 8, spec->bit_offset % 8);
1222 append_buf(" @ offset %u)", spec->bit_offset / 8);
1231 * Calculate CO-RE relocation target result.
1233 * The outline and important points of the algorithm:
1234 * 1. For given local type, find corresponding candidate target types.
1235 * Candidate type is a type with the same "essential" name, ignoring
1236 * everything after last triple underscore (___). E.g., `sample`,
1237 * `sample___flavor_one`, `sample___flavor_another_one`, are all candidates
1238 * for each other. Names with triple underscore are referred to as
1239 * "flavors" and are useful, among other things, to allow to
1240 * specify/support incompatible variations of the same kernel struct, which
1241 * might differ between different kernel versions and/or build
1244 * N.B. Struct "flavors" could be generated by bpftool's BTF-to-C
1245 * converter, when deduplicated BTF of a kernel still contains more than
1246 * one different types with the same name. In that case, ___2, ___3, etc
1247 * are appended starting from second name conflict. But start flavors are
1248 * also useful to be defined "locally", in BPF program, to extract same
1249 * data from incompatible changes between different kernel
1250 * versions/configurations. For instance, to handle field renames between
1251 * kernel versions, one can use two flavors of the struct name with the
1252 * same common name and use conditional relocations to extract that field,
1253 * depending on target kernel version.
1254 * 2. For each candidate type, try to match local specification to this
1255 * candidate target type. Matching involves finding corresponding
1256 * high-level spec accessors, meaning that all named fields should match,
1257 * as well as all array accesses should be within the actual bounds. Also,
1258 * types should be compatible (see bpf_core_fields_are_compat for details).
1259 * 3. It is supported and expected that there might be multiple flavors
1260 * matching the spec. As long as all the specs resolve to the same set of
1261 * offsets across all candidates, there is no error. If there is any
1262 * ambiguity, CO-RE relocation will fail. This is necessary to accommodate
1263 * imperfection of BTF deduplication, which can cause slight duplication of
1264 * the same BTF type, if some directly or indirectly referenced (by
1265 * pointer) type gets resolved to different actual types in different
1266 * object files. If such a situation occurs, deduplicated BTF will end up
1267 * with two (or more) structurally identical types, which differ only in
1268 * types they refer to through pointer. This should be OK in most cases and
1270 * 4. Candidate types search is performed by linearly scanning through all
1271 * types in target BTF. It is anticipated that this is overall more
1272 * efficient memory-wise and not significantly worse (if not better)
1273 * CPU-wise compared to prebuilding a map from all local type names to
1274 * a list of candidate type names. It's also sped up by caching resolved
1275 * list of matching candidates per each local "root" type ID, that has at
1276 * least one bpf_core_relo associated with it. This list is shared
1277 * between multiple relocations for the same type ID and is updated as some
1278 * of the candidates are pruned due to structural incompatibility.
1280 int bpf_core_calc_relo_insn(const char *prog_name,
1281 const struct bpf_core_relo *relo,
1283 const struct btf *local_btf,
1284 struct bpf_core_cand_list *cands,
1285 struct bpf_core_spec *specs_scratch,
1286 struct bpf_core_relo_res *targ_res)
1288 struct bpf_core_spec *local_spec = &specs_scratch[0];
1289 struct bpf_core_spec *cand_spec = &specs_scratch[1];
1290 struct bpf_core_spec *targ_spec = &specs_scratch[2];
1291 struct bpf_core_relo_res cand_res;
1292 const struct btf_type *local_type;
1293 const char *local_name;
1298 local_id = relo->type_id;
1299 local_type = btf_type_by_id(local_btf, local_id);
1300 local_name = btf__name_by_offset(local_btf, local_type->name_off);
1304 err = bpf_core_parse_spec(prog_name, local_btf, relo, local_spec);
1306 const char *spec_str;
1308 spec_str = btf__name_by_offset(local_btf, relo->access_str_off);
1309 pr_warn("prog '%s': relo #%d: parsing [%d] %s %s + %s failed: %d\n",
1310 prog_name, relo_idx, local_id, btf_kind_str(local_type),
1311 str_is_empty(local_name) ? "<anon>" : local_name,
1312 spec_str ?: "<?>", err);
1316 bpf_core_format_spec(spec_buf, sizeof(spec_buf), local_spec);
1317 pr_debug("prog '%s': relo #%d: %s\n", prog_name, relo_idx, spec_buf);
1319 /* TYPE_ID_LOCAL relo is special and doesn't need candidate search */
1320 if (relo->kind == BPF_CORE_TYPE_ID_LOCAL) {
1321 /* bpf_insn's imm value could get out of sync during linking */
1322 memset(targ_res, 0, sizeof(*targ_res));
1323 targ_res->validate = false;
1324 targ_res->poison = false;
1325 targ_res->orig_val = local_spec->root_type_id;
1326 targ_res->new_val = local_spec->root_type_id;
1330 /* libbpf doesn't support candidate search for anonymous types */
1331 if (str_is_empty(local_name)) {
1332 pr_warn("prog '%s': relo #%d: <%s> (%d) relocation doesn't support anonymous types\n",
1333 prog_name, relo_idx, core_relo_kind_str(relo->kind), relo->kind);
1337 for (i = 0, j = 0; i < cands->len; i++) {
1338 err = bpf_core_spec_match(local_spec, cands->cands[i].btf,
1339 cands->cands[i].id, cand_spec);
1341 bpf_core_format_spec(spec_buf, sizeof(spec_buf), cand_spec);
1342 pr_warn("prog '%s': relo #%d: error matching candidate #%d %s: %d\n ",
1343 prog_name, relo_idx, i, spec_buf, err);
1347 bpf_core_format_spec(spec_buf, sizeof(spec_buf), cand_spec);
1348 pr_debug("prog '%s': relo #%d: %s candidate #%d %s\n", prog_name,
1349 relo_idx, err == 0 ? "non-matching" : "matching", i, spec_buf);
1354 err = bpf_core_calc_relo(prog_name, relo, relo_idx, local_spec, cand_spec, &cand_res);
1359 *targ_res = cand_res;
1360 *targ_spec = *cand_spec;
1361 } else if (cand_spec->bit_offset != targ_spec->bit_offset) {
1362 /* if there are many field relo candidates, they
1363 * should all resolve to the same bit offset
1365 pr_warn("prog '%s': relo #%d: field offset ambiguity: %u != %u\n",
1366 prog_name, relo_idx, cand_spec->bit_offset,
1367 targ_spec->bit_offset);
1369 } else if (cand_res.poison != targ_res->poison ||
1370 cand_res.new_val != targ_res->new_val) {
1371 /* all candidates should result in the same relocation
1372 * decision and value, otherwise it's dangerous to
1373 * proceed due to ambiguity
1375 pr_warn("prog '%s': relo #%d: relocation decision ambiguity: %s %llu != %s %llu\n",
1376 prog_name, relo_idx,
1377 cand_res.poison ? "failure" : "success",
1378 (unsigned long long)cand_res.new_val,
1379 targ_res->poison ? "failure" : "success",
1380 (unsigned long long)targ_res->new_val);
1384 cands->cands[j++] = cands->cands[i];
1388 * For BPF_CORE_FIELD_EXISTS relo or when used BPF program has field
1389 * existence checks or kernel version/config checks, it's expected
1390 * that we might not find any candidates. In this case, if field
1391 * wasn't found in any candidate, the list of candidates shouldn't
1392 * change at all, we'll just handle relocating appropriately,
1393 * depending on relo's kind.
1399 * If no candidates were found, it might be both a programmer error,
1400 * as well as expected case, depending whether instruction w/
1401 * relocation is guarded in some way that makes it unreachable (dead
1402 * code) if relocation can't be resolved. This is handled in
1403 * bpf_core_patch_insn() uniformly by replacing that instruction with
1404 * BPF helper call insn (using invalid helper ID). If that instruction
1405 * is indeed unreachable, then it will be ignored and eliminated by
1406 * verifier. If it was an error, then verifier will complain and point
1407 * to a specific instruction number in its log.
1410 pr_debug("prog '%s': relo #%d: no matching targets found\n",
1411 prog_name, relo_idx);
1413 /* calculate single target relo result explicitly */
1414 err = bpf_core_calc_relo(prog_name, relo, relo_idx, local_spec, NULL, targ_res);
1422 static bool bpf_core_names_match(const struct btf *local_btf, size_t local_name_off,
1423 const struct btf *targ_btf, size_t targ_name_off)
1425 const char *local_n, *targ_n;
1426 size_t local_len, targ_len;
1428 local_n = btf__name_by_offset(local_btf, local_name_off);
1429 targ_n = btf__name_by_offset(targ_btf, targ_name_off);
1431 if (str_is_empty(targ_n))
1432 return str_is_empty(local_n);
1434 targ_len = bpf_core_essential_name_len(targ_n);
1435 local_len = bpf_core_essential_name_len(local_n);
1437 return targ_len == local_len && strncmp(local_n, targ_n, local_len) == 0;
1440 static int bpf_core_enums_match(const struct btf *local_btf, const struct btf_type *local_t,
1441 const struct btf *targ_btf, const struct btf_type *targ_t)
1443 __u16 local_vlen = btf_vlen(local_t);
1444 __u16 targ_vlen = btf_vlen(targ_t);
1447 if (local_t->size != targ_t->size)
1450 if (local_vlen > targ_vlen)
1453 /* iterate over the local enum's variants and make sure each has
1454 * a symbolic name correspondent in the target
1456 for (i = 0; i < local_vlen; i++) {
1457 bool matched = false;
1458 __u32 local_n_off, targ_n_off;
1460 local_n_off = btf_is_enum(local_t) ? btf_enum(local_t)[i].name_off :
1461 btf_enum64(local_t)[i].name_off;
1463 for (j = 0; j < targ_vlen; j++) {
1464 targ_n_off = btf_is_enum(targ_t) ? btf_enum(targ_t)[j].name_off :
1465 btf_enum64(targ_t)[j].name_off;
1467 if (bpf_core_names_match(local_btf, local_n_off, targ_btf, targ_n_off)) {
1479 static int bpf_core_composites_match(const struct btf *local_btf, const struct btf_type *local_t,
1480 const struct btf *targ_btf, const struct btf_type *targ_t,
1481 bool behind_ptr, int level)
1483 const struct btf_member *local_m = btf_members(local_t);
1484 __u16 local_vlen = btf_vlen(local_t);
1485 __u16 targ_vlen = btf_vlen(targ_t);
1488 if (local_vlen > targ_vlen)
1491 /* check that all local members have a match in the target */
1492 for (i = 0; i < local_vlen; i++, local_m++) {
1493 const struct btf_member *targ_m = btf_members(targ_t);
1494 bool matched = false;
1496 for (j = 0; j < targ_vlen; j++, targ_m++) {
1497 if (!bpf_core_names_match(local_btf, local_m->name_off,
1498 targ_btf, targ_m->name_off))
1501 err = __bpf_core_types_match(local_btf, local_m->type, targ_btf,
1502 targ_m->type, behind_ptr, level - 1);
1515 /* Check that two types "match".
1517 * The matching relation is defined as follows:
1518 * - modifiers and typedefs are stripped (and, hence, effectively ignored)
1519 * - generally speaking types need to be of same kind (struct vs. struct, union
1521 * - exceptions are struct/union behind a pointer which could also match a
1522 * forward declaration of a struct or union, respectively, and enum vs.
1523 * enum64 (see below)
1524 * Then, depending on type:
1526 * - match if size and signedness match
1527 * - arrays & pointers:
1528 * - target types are recursively matched
1529 * - structs & unions:
1530 * - local members need to exist in target with the same name
1531 * - for each member we recursively check match unless it is already behind a
1532 * pointer, in which case we only check matching names and compatible kind
1534 * - local variants have to have a match in target by symbolic name (but not
1536 * - size has to match (but enum may match enum64 and vice versa)
1537 * - function pointers:
1538 * - number and position of arguments in local type has to match target
1539 * - for each argument and the return value we recursively check match
1541 int __bpf_core_types_match(const struct btf *local_btf, __u32 local_id, const struct btf *targ_btf,
1542 __u32 targ_id, bool behind_ptr, int level)
1544 const struct btf_type *local_t, *targ_t;
1545 int depth = 32; /* max recursion depth */
1546 __u16 local_k, targ_k;
1551 local_t = btf_type_by_id(local_btf, local_id);
1552 targ_t = btf_type_by_id(targ_btf, targ_id);
1559 local_t = skip_mods_and_typedefs(local_btf, local_id, &local_id);
1560 targ_t = skip_mods_and_typedefs(targ_btf, targ_id, &targ_id);
1561 if (!local_t || !targ_t)
1564 if (!bpf_core_names_match(local_btf, local_t->name_off, targ_btf, targ_t->name_off))
1567 local_k = btf_kind(local_t);
1568 targ_k = btf_kind(targ_t);
1572 return local_k == targ_k;
1573 case BTF_KIND_FWD: {
1574 bool local_f = BTF_INFO_KFLAG(local_t->info);
1577 if (local_k == targ_k)
1578 return local_f == BTF_INFO_KFLAG(targ_t->info);
1580 /* for forward declarations kflag dictates whether the
1581 * target is a struct (0) or union (1)
1583 return (targ_k == BTF_KIND_STRUCT && !local_f) ||
1584 (targ_k == BTF_KIND_UNION && local_f);
1586 if (local_k != targ_k)
1589 /* match if the forward declaration is for the same kind */
1590 return local_f == BTF_INFO_KFLAG(targ_t->info);
1594 case BTF_KIND_ENUM64:
1595 if (!btf_is_any_enum(targ_t))
1598 return bpf_core_enums_match(local_btf, local_t, targ_btf, targ_t);
1599 case BTF_KIND_STRUCT:
1600 case BTF_KIND_UNION:
1602 bool targ_f = BTF_INFO_KFLAG(targ_t->info);
1604 if (local_k == targ_k)
1607 if (targ_k != BTF_KIND_FWD)
1610 return (local_k == BTF_KIND_UNION) == targ_f;
1612 if (local_k != targ_k)
1615 return bpf_core_composites_match(local_btf, local_t, targ_btf, targ_t,
1618 case BTF_KIND_INT: {
1622 if (local_k != targ_k)
1625 local_sgn = btf_int_encoding(local_t) & BTF_INT_SIGNED;
1626 targ_sgn = btf_int_encoding(targ_t) & BTF_INT_SIGNED;
1628 return local_t->size == targ_t->size && local_sgn == targ_sgn;
1631 if (local_k != targ_k)
1636 local_id = local_t->type;
1637 targ_id = targ_t->type;
1639 case BTF_KIND_ARRAY: {
1640 const struct btf_array *local_array = btf_array(local_t);
1641 const struct btf_array *targ_array = btf_array(targ_t);
1643 if (local_k != targ_k)
1646 if (local_array->nelems != targ_array->nelems)
1649 local_id = local_array->type;
1650 targ_id = targ_array->type;
1653 case BTF_KIND_FUNC_PROTO: {
1654 struct btf_param *local_p = btf_params(local_t);
1655 struct btf_param *targ_p = btf_params(targ_t);
1656 __u16 local_vlen = btf_vlen(local_t);
1657 __u16 targ_vlen = btf_vlen(targ_t);
1660 if (local_k != targ_k)
1663 if (local_vlen != targ_vlen)
1666 for (i = 0; i < local_vlen; i++, local_p++, targ_p++) {
1667 err = __bpf_core_types_match(local_btf, local_p->type, targ_btf,
1668 targ_p->type, behind_ptr, level - 1);
1673 /* tail recurse for return type check */
1674 local_id = local_t->type;
1675 targ_id = targ_t->type;
1679 pr_warn("unexpected kind %s relocated, local [%d], target [%d]\n",
1680 btf_kind_str(local_t), local_id, targ_id);
projects / linux-2.6-microblaze.git / blob