2 * Copyright (C) 2017-2018 Netronome Systems, Inc.
4 * This software is licensed under the GNU General License Version 2,
5 * June 1991 as shown in the file COPYING in the top-level directory of this
8 * THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS"
9 * WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING,
10 * BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
11 * FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE
12 * OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME
13 * THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
16 #include <linux/bpf.h>
17 #include <linux/bpf_verifier.h>
18 #include <linux/bug.h>
19 #include <linux/kdev_t.h>
20 #include <linux/list.h>
21 #include <linux/lockdep.h>
22 #include <linux/netdevice.h>
23 #include <linux/printk.h>
24 #include <linux/proc_ns.h>
25 #include <linux/rhashtable.h>
26 #include <linux/rtnetlink.h>
27 #include <linux/rwsem.h>
29 /* Protects offdevs, members of bpf_offload_netdev and offload members
31 * RTNL lock cannot be taken when holding this lock.
33 static DECLARE_RWSEM(bpf_devs_lock);
35 struct bpf_offload_dev {
36 const struct bpf_prog_offload_ops *ops;
37 struct list_head netdevs;
41 struct bpf_offload_netdev {
43 struct net_device *netdev;
44 struct bpf_offload_dev *offdev;
45 struct list_head progs;
46 struct list_head maps;
47 struct list_head offdev_netdevs;
50 static const struct rhashtable_params offdevs_params = {
52 .key_len = sizeof(struct net_device *),
53 .key_offset = offsetof(struct bpf_offload_netdev, netdev),
54 .head_offset = offsetof(struct bpf_offload_netdev, l),
55 .automatic_shrinking = true,
58 static struct rhashtable offdevs;
59 static bool offdevs_inited;
61 static int bpf_dev_offload_check(struct net_device *netdev)
65 if (!netdev->netdev_ops->ndo_bpf)
70 static struct bpf_offload_netdev *
71 bpf_offload_find_netdev(struct net_device *netdev)
73 lockdep_assert_held(&bpf_devs_lock);
77 return rhashtable_lookup_fast(&offdevs, &netdev, offdevs_params);
80 int bpf_prog_offload_init(struct bpf_prog *prog, union bpf_attr *attr)
82 struct bpf_offload_netdev *ondev;
83 struct bpf_prog_offload *offload;
86 if (attr->prog_type != BPF_PROG_TYPE_SCHED_CLS &&
87 attr->prog_type != BPF_PROG_TYPE_XDP)
93 offload = kzalloc(sizeof(*offload), GFP_USER);
99 offload->netdev = dev_get_by_index(current->nsproxy->net_ns,
101 err = bpf_dev_offload_check(offload->netdev);
105 down_write(&bpf_devs_lock);
106 ondev = bpf_offload_find_netdev(offload->netdev);
111 offload->offdev = ondev->offdev;
112 prog->aux->offload = offload;
113 list_add_tail(&offload->offloads, &ondev->progs);
114 dev_put(offload->netdev);
115 up_write(&bpf_devs_lock);
119 up_write(&bpf_devs_lock);
122 dev_put(offload->netdev);
127 int bpf_prog_offload_verifier_prep(struct bpf_prog *prog)
129 struct bpf_prog_offload *offload;
132 down_read(&bpf_devs_lock);
133 offload = prog->aux->offload;
135 ret = offload->offdev->ops->prepare(prog);
136 offload->dev_state = !ret;
138 up_read(&bpf_devs_lock);
143 int bpf_prog_offload_verify_insn(struct bpf_verifier_env *env,
144 int insn_idx, int prev_insn_idx)
146 struct bpf_prog_offload *offload;
149 down_read(&bpf_devs_lock);
150 offload = env->prog->aux->offload;
152 ret = offload->offdev->ops->insn_hook(env, insn_idx,
154 up_read(&bpf_devs_lock);
159 int bpf_prog_offload_finalize(struct bpf_verifier_env *env)
161 struct bpf_prog_offload *offload;
164 down_read(&bpf_devs_lock);
165 offload = env->prog->aux->offload;
167 if (offload->offdev->ops->finalize)
168 ret = offload->offdev->ops->finalize(env);
172 up_read(&bpf_devs_lock);
178 bpf_prog_offload_replace_insn(struct bpf_verifier_env *env, u32 off,
179 struct bpf_insn *insn)
181 const struct bpf_prog_offload_ops *ops;
182 struct bpf_prog_offload *offload;
183 int ret = -EOPNOTSUPP;
185 down_read(&bpf_devs_lock);
186 offload = env->prog->aux->offload;
188 ops = offload->offdev->ops;
189 if (!offload->opt_failed && ops->replace_insn)
190 ret = ops->replace_insn(env, off, insn);
191 offload->opt_failed |= ret;
193 up_read(&bpf_devs_lock);
197 bpf_prog_offload_remove_insns(struct bpf_verifier_env *env, u32 off, u32 cnt)
199 struct bpf_prog_offload *offload;
200 int ret = -EOPNOTSUPP;
202 down_read(&bpf_devs_lock);
203 offload = env->prog->aux->offload;
205 if (!offload->opt_failed && offload->offdev->ops->remove_insns)
206 ret = offload->offdev->ops->remove_insns(env, off, cnt);
207 offload->opt_failed |= ret;
209 up_read(&bpf_devs_lock);
212 static void __bpf_prog_offload_destroy(struct bpf_prog *prog)
214 struct bpf_prog_offload *offload = prog->aux->offload;
216 if (offload->dev_state)
217 offload->offdev->ops->destroy(prog);
219 /* Make sure BPF_PROG_GET_NEXT_ID can't find this dead program */
220 bpf_prog_free_id(prog, true);
222 list_del_init(&offload->offloads);
224 prog->aux->offload = NULL;
227 void bpf_prog_offload_destroy(struct bpf_prog *prog)
229 down_write(&bpf_devs_lock);
230 if (prog->aux->offload)
231 __bpf_prog_offload_destroy(prog);
232 up_write(&bpf_devs_lock);
235 static int bpf_prog_offload_translate(struct bpf_prog *prog)
237 struct bpf_prog_offload *offload;
240 down_read(&bpf_devs_lock);
241 offload = prog->aux->offload;
243 ret = offload->offdev->ops->translate(prog);
244 up_read(&bpf_devs_lock);
249 static unsigned int bpf_prog_warn_on_exec(const void *ctx,
250 const struct bpf_insn *insn)
252 WARN(1, "attempt to execute device eBPF program on the host!");
256 int bpf_prog_offload_compile(struct bpf_prog *prog)
258 prog->bpf_func = bpf_prog_warn_on_exec;
260 return bpf_prog_offload_translate(prog);
263 struct ns_get_path_bpf_prog_args {
264 struct bpf_prog *prog;
265 struct bpf_prog_info *info;
268 static struct ns_common *bpf_prog_offload_info_fill_ns(void *private_data)
270 struct ns_get_path_bpf_prog_args *args = private_data;
271 struct bpf_prog_aux *aux = args->prog->aux;
272 struct ns_common *ns;
276 down_read(&bpf_devs_lock);
279 args->info->ifindex = aux->offload->netdev->ifindex;
280 net = dev_net(aux->offload->netdev);
284 args->info->ifindex = 0;
288 up_read(&bpf_devs_lock);
294 int bpf_prog_offload_info_fill(struct bpf_prog_info *info,
295 struct bpf_prog *prog)
297 struct ns_get_path_bpf_prog_args args = {
301 struct bpf_prog_aux *aux = prog->aux;
302 struct inode *ns_inode;
308 res = ns_get_path_cb(&ns_path, bpf_prog_offload_info_fill_ns, &args);
315 down_read(&bpf_devs_lock);
318 up_read(&bpf_devs_lock);
322 ulen = info->jited_prog_len;
323 info->jited_prog_len = aux->offload->jited_len;
324 if (info->jited_prog_len && ulen) {
325 uinsns = u64_to_user_ptr(info->jited_prog_insns);
326 ulen = min_t(u32, info->jited_prog_len, ulen);
327 if (copy_to_user(uinsns, aux->offload->jited_image, ulen)) {
328 up_read(&bpf_devs_lock);
333 up_read(&bpf_devs_lock);
335 ns_inode = ns_path.dentry->d_inode;
336 info->netns_dev = new_encode_dev(ns_inode->i_sb->s_dev);
337 info->netns_ino = ns_inode->i_ino;
343 const struct bpf_prog_ops bpf_offload_prog_ops = {
346 static int bpf_map_offload_ndo(struct bpf_offloaded_map *offmap,
347 enum bpf_netdev_command cmd)
349 struct netdev_bpf data = {};
350 struct net_device *netdev;
355 data.offmap = offmap;
356 /* Caller must make sure netdev is valid */
357 netdev = offmap->netdev;
359 return netdev->netdev_ops->ndo_bpf(netdev, &data);
362 struct bpf_map *bpf_map_offload_map_alloc(union bpf_attr *attr)
364 struct net *net = current->nsproxy->net_ns;
365 struct bpf_offload_netdev *ondev;
366 struct bpf_offloaded_map *offmap;
369 if (!capable(CAP_SYS_ADMIN))
370 return ERR_PTR(-EPERM);
371 if (attr->map_type != BPF_MAP_TYPE_ARRAY &&
372 attr->map_type != BPF_MAP_TYPE_HASH)
373 return ERR_PTR(-EINVAL);
375 offmap = kzalloc(sizeof(*offmap), GFP_USER);
377 return ERR_PTR(-ENOMEM);
379 bpf_map_init_from_attr(&offmap->map, attr);
382 down_write(&bpf_devs_lock);
383 offmap->netdev = __dev_get_by_index(net, attr->map_ifindex);
384 err = bpf_dev_offload_check(offmap->netdev);
388 ondev = bpf_offload_find_netdev(offmap->netdev);
394 err = bpf_map_offload_ndo(offmap, BPF_OFFLOAD_MAP_ALLOC);
398 list_add_tail(&offmap->offloads, &ondev->maps);
399 up_write(&bpf_devs_lock);
405 up_write(&bpf_devs_lock);
411 static void __bpf_map_offload_destroy(struct bpf_offloaded_map *offmap)
413 WARN_ON(bpf_map_offload_ndo(offmap, BPF_OFFLOAD_MAP_FREE));
414 /* Make sure BPF_MAP_GET_NEXT_ID can't find this dead map */
415 bpf_map_free_id(&offmap->map, true);
416 list_del_init(&offmap->offloads);
417 offmap->netdev = NULL;
420 void bpf_map_offload_map_free(struct bpf_map *map)
422 struct bpf_offloaded_map *offmap = map_to_offmap(map);
425 down_write(&bpf_devs_lock);
427 __bpf_map_offload_destroy(offmap);
428 up_write(&bpf_devs_lock);
434 int bpf_map_offload_lookup_elem(struct bpf_map *map, void *key, void *value)
436 struct bpf_offloaded_map *offmap = map_to_offmap(map);
439 down_read(&bpf_devs_lock);
441 ret = offmap->dev_ops->map_lookup_elem(offmap, key, value);
442 up_read(&bpf_devs_lock);
447 int bpf_map_offload_update_elem(struct bpf_map *map,
448 void *key, void *value, u64 flags)
450 struct bpf_offloaded_map *offmap = map_to_offmap(map);
453 if (unlikely(flags > BPF_EXIST))
456 down_read(&bpf_devs_lock);
458 ret = offmap->dev_ops->map_update_elem(offmap, key, value,
460 up_read(&bpf_devs_lock);
465 int bpf_map_offload_delete_elem(struct bpf_map *map, void *key)
467 struct bpf_offloaded_map *offmap = map_to_offmap(map);
470 down_read(&bpf_devs_lock);
472 ret = offmap->dev_ops->map_delete_elem(offmap, key);
473 up_read(&bpf_devs_lock);
478 int bpf_map_offload_get_next_key(struct bpf_map *map, void *key, void *next_key)
480 struct bpf_offloaded_map *offmap = map_to_offmap(map);
483 down_read(&bpf_devs_lock);
485 ret = offmap->dev_ops->map_get_next_key(offmap, key, next_key);
486 up_read(&bpf_devs_lock);
491 struct ns_get_path_bpf_map_args {
492 struct bpf_offloaded_map *offmap;
493 struct bpf_map_info *info;
496 static struct ns_common *bpf_map_offload_info_fill_ns(void *private_data)
498 struct ns_get_path_bpf_map_args *args = private_data;
499 struct ns_common *ns;
503 down_read(&bpf_devs_lock);
505 if (args->offmap->netdev) {
506 args->info->ifindex = args->offmap->netdev->ifindex;
507 net = dev_net(args->offmap->netdev);
511 args->info->ifindex = 0;
515 up_read(&bpf_devs_lock);
521 int bpf_map_offload_info_fill(struct bpf_map_info *info, struct bpf_map *map)
523 struct ns_get_path_bpf_map_args args = {
524 .offmap = map_to_offmap(map),
527 struct inode *ns_inode;
531 res = ns_get_path_cb(&ns_path, bpf_map_offload_info_fill_ns, &args);
538 ns_inode = ns_path.dentry->d_inode;
539 info->netns_dev = new_encode_dev(ns_inode->i_sb->s_dev);
540 info->netns_ino = ns_inode->i_ino;
546 static bool __bpf_offload_dev_match(struct bpf_prog *prog,
547 struct net_device *netdev)
549 struct bpf_offload_netdev *ondev1, *ondev2;
550 struct bpf_prog_offload *offload;
552 if (!bpf_prog_is_dev_bound(prog->aux))
555 offload = prog->aux->offload;
558 if (offload->netdev == netdev)
561 ondev1 = bpf_offload_find_netdev(offload->netdev);
562 ondev2 = bpf_offload_find_netdev(netdev);
564 return ondev1 && ondev2 && ondev1->offdev == ondev2->offdev;
567 bool bpf_offload_dev_match(struct bpf_prog *prog, struct net_device *netdev)
571 down_read(&bpf_devs_lock);
572 ret = __bpf_offload_dev_match(prog, netdev);
573 up_read(&bpf_devs_lock);
577 EXPORT_SYMBOL_GPL(bpf_offload_dev_match);
579 bool bpf_offload_prog_map_match(struct bpf_prog *prog, struct bpf_map *map)
581 struct bpf_offloaded_map *offmap;
584 if (!bpf_map_is_dev_bound(map))
585 return bpf_map_offload_neutral(map);
586 offmap = map_to_offmap(map);
588 down_read(&bpf_devs_lock);
589 ret = __bpf_offload_dev_match(prog, offmap->netdev);
590 up_read(&bpf_devs_lock);
595 int bpf_offload_dev_netdev_register(struct bpf_offload_dev *offdev,
596 struct net_device *netdev)
598 struct bpf_offload_netdev *ondev;
601 ondev = kzalloc(sizeof(*ondev), GFP_KERNEL);
605 ondev->netdev = netdev;
606 ondev->offdev = offdev;
607 INIT_LIST_HEAD(&ondev->progs);
608 INIT_LIST_HEAD(&ondev->maps);
610 down_write(&bpf_devs_lock);
611 err = rhashtable_insert_fast(&offdevs, &ondev->l, offdevs_params);
613 netdev_warn(netdev, "failed to register for BPF offload\n");
614 goto err_unlock_free;
617 list_add(&ondev->offdev_netdevs, &offdev->netdevs);
618 up_write(&bpf_devs_lock);
622 up_write(&bpf_devs_lock);
626 EXPORT_SYMBOL_GPL(bpf_offload_dev_netdev_register);
628 void bpf_offload_dev_netdev_unregister(struct bpf_offload_dev *offdev,
629 struct net_device *netdev)
631 struct bpf_offload_netdev *ondev, *altdev;
632 struct bpf_offloaded_map *offmap, *mtmp;
633 struct bpf_prog_offload *offload, *ptmp;
637 down_write(&bpf_devs_lock);
638 ondev = rhashtable_lookup_fast(&offdevs, &netdev, offdevs_params);
642 WARN_ON(rhashtable_remove_fast(&offdevs, &ondev->l, offdevs_params));
643 list_del(&ondev->offdev_netdevs);
645 /* Try to move the objects to another netdev of the device */
646 altdev = list_first_entry_or_null(&offdev->netdevs,
647 struct bpf_offload_netdev,
650 list_for_each_entry(offload, &ondev->progs, offloads)
651 offload->netdev = altdev->netdev;
652 list_splice_init(&ondev->progs, &altdev->progs);
654 list_for_each_entry(offmap, &ondev->maps, offloads)
655 offmap->netdev = altdev->netdev;
656 list_splice_init(&ondev->maps, &altdev->maps);
658 list_for_each_entry_safe(offload, ptmp, &ondev->progs, offloads)
659 __bpf_prog_offload_destroy(offload->prog);
660 list_for_each_entry_safe(offmap, mtmp, &ondev->maps, offloads)
661 __bpf_map_offload_destroy(offmap);
664 WARN_ON(!list_empty(&ondev->progs));
665 WARN_ON(!list_empty(&ondev->maps));
668 up_write(&bpf_devs_lock);
670 EXPORT_SYMBOL_GPL(bpf_offload_dev_netdev_unregister);
672 struct bpf_offload_dev *
673 bpf_offload_dev_create(const struct bpf_prog_offload_ops *ops, void *priv)
675 struct bpf_offload_dev *offdev;
678 down_write(&bpf_devs_lock);
679 if (!offdevs_inited) {
680 err = rhashtable_init(&offdevs, &offdevs_params);
682 up_write(&bpf_devs_lock);
685 offdevs_inited = true;
687 up_write(&bpf_devs_lock);
689 offdev = kzalloc(sizeof(*offdev), GFP_KERNEL);
691 return ERR_PTR(-ENOMEM);
695 INIT_LIST_HEAD(&offdev->netdevs);
699 EXPORT_SYMBOL_GPL(bpf_offload_dev_create);
701 void bpf_offload_dev_destroy(struct bpf_offload_dev *offdev)
703 WARN_ON(!list_empty(&offdev->netdevs));
706 EXPORT_SYMBOL_GPL(bpf_offload_dev_destroy);
708 void *bpf_offload_dev_priv(struct bpf_offload_dev *offdev)
712 EXPORT_SYMBOL_GPL(bpf_offload_dev_priv);
projects / linux-2.6-microblaze.git / blob