From b51b61744f79ff2ae9d0aaec9ad17543d1b58bff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E4=BA=91=E5=BE=AE?= <1067852565@qq.com> Date: Wed, 18 Sep 2024 04:47:17 +0000 Subject: [PATCH] update --- README.md | 139 +- analysis/bpf/timeline_commits_6m.py | 21 +- analysis/bpf/timeline_features.py | 2 +- analysis/bpf/timeline_libbpf_commit.py | 45 + data/commit_survey.csv | 2213 + docs/README.md | 161 - docs/distribute.txt | 267 +- docs/report_ebpf.md | 448 +- imgs/cumulative_bpf_features_timeline.png | Bin 46350 -> 56366 bytes ...ction_verifier_features_bugs_over_time.png | Bin 67277 -> 67329 bytes ...imeline_commit_classification_smoothed.png | Bin 109887 -> 99155 bytes imgs/timeline_commit_complexity_smoothed.png | Bin 68100 -> 59395 bytes ..._libbpf_commit_classification_smoothed.png | Bin 0 -> 100122 bytes ...ated_implementation_component_smoothed.png | Bin 122196 -> 104155 bytes ...major_related_logic_component_smoothed.png | Bin 106289 -> 99926 bytes ..._usecases_or_submodule_events_smoothed.png | Bin 154576 -> 135916 bytes output_commit_survey1.txt | 106360 +++++++++++++++ output_commit_syrvey.txt | 18703 +++ 18 files changed, 127939 insertions(+), 420 deletions(-) create mode 100644 analysis/bpf/timeline_libbpf_commit.py delete mode 100644 docs/README.md create mode 100644 imgs/timeline_libbpf_commit_classification_smoothed.png create mode 100644 output_commit_survey1.txt diff --git a/README.md b/README.md index 1cf668c..d1d82f2 100644 --- a/README.md +++ b/README.md @@ -1,34 +1,42 @@ # Code-Survey: Uncovering Insights in Complex Systems with LLM -- **Do we really kno how complex systems like the Linux works?** -- **How can we understand the high-level design cohice and evolution of a Super Complex system, like the Linux kernel?** +- Do we really know how complex systems like the Linux works? +- How can we understand the high-level design cohice and evolution of a Super Complex system, like the Linux kernel? **Code-Survey** is `the first step` here to change that. -> Imagine if you can ask every kernel developer, or graduate student who is studying kernel, to do a survey and answer questions about every commit, what can you find with the results? +> Imagine if you can ask every entry-level kernel developer, or a Graduate Student who is studying kernel, to do a survey and answer questions about every commit, what can you find with the results? -Code-Survey helps you `explore` and `analyze`. the world's largest and most intricate codebases, like the Linux kernel. By carefully **design a survey** and **transforming** `unstructured data` like commits, mailing lists into organized, ``structed and easy-to-analyze data`, Code-Survey makes it simpler to uncover valuable insights in modern complex software systems. +Code-Survey helps you `explore` and `analyze` the world's largest and most intricate codebases, like the Linux kernel. By carefully **design a survey** and **transforming** `unstructured data` like commits, mails into organized, `structed and easy-to-analyze data`, then you can do `quantitative` analysis on it. Code-Survey makes it simpler to uncover valuable insights in modern complex software systems. -With the power of AI and Large Language Models (LLMs), you can ask questions, run queries, and gain a deeper understanding of how systems evolve over time. AI Agents can also help you analysis that. Whether you're a developer, researcher, or enthusiast, Code-Survey bridges the gap between `design`, `implementation`, `maintenance`, `reliability` and `security`, making complex systems more accessible. +Code-Survey is the first step trying to bridges the gap between high level `design`, `implementation`, `maintenance`, `reliability` and `security` using LLM, making complex systems more accessible. Unlike other approaches: -- **No human can do that before, but AI can.** -- **No chatbots, document search, or code generation: everyone is doing so.** -- **Just using data like git message and email data. Hundreds lines of codes in Python. Just Apply to other project or subsystems by design your code-survey!** +- No human can do that before, but AI can. +- No chatbots, RAG document search, or code generation: **stop the stupid AI!** +- Just using data like git message and email data. Design a survey and run with hundreds lines of codes in Python. Just Apply to other project or subsystems by designing your code-survey! **Let's do Code-Survey!** ## What can `Code-Survey` help answer? -- How do new feature introductions affect software stability and performance over the time? -- What identifiable phases exist in a feature’s lifecycle? Is it new, mature, refactored or deprecated? -- What dependencies have emerged between features and componeents, and how do they affect software evolution? -- How does bug frequency correlate with feature complexity, and how are regressions managed? +- How do new feature introductions in component affect software stability and performance over the time? +- What identifiable phases exist in a component lifecycle? Is it new, mature, refactored or deprecated? +- What dependencies have emerged between features and component, and how do they affect software evolution? +- How does bug frequency correlate with feature complexity? - What were the trade-offs considered in design decisions, and how do they manifest in the system's implementation? - How does the collaboration between developers affect the consistency and coherence of feature development? -## Workflow / Methodology +Here is an example of analysis: **[docs/report_ebpf.md](docs/report_ebpf.md).** (Not yet complete...more is adding) + +## Workflow / Methodolog + +The core idea of Code-survey is to treat LLMs like human participants in a survey: + +- they can process data faster and cheaper, but are also prone to errors and limitations. +- By applying traditional human survey methods, we can efficiently conduct LLM-based surveys, while human experts provide oversight and validation to ensure accuracy. +- You can let LLM help you with survey design and data ``` [Human Experts design survey] -> [LLM Agent complete survey] -> [Human Experts (LLM) evaluate survey results samples] -> [Human Experts (LLM) give the report] @@ -53,53 +61,73 @@ There are also 4 key steps to allow LLM Agent asistant to design the survey. The The **Linux-bpf dataset** focuses on the eBPF subsystem and is continuously updated via CI. The dataset includes: - **680+ expert-selected commits**: Features, commit details, types (Map, Helper, Kfunc, Prog, etc.). Human experts tagged these commits and can be analyzed by LLM Agents. [dataset here](data/feature_commit_details.csv) -- **12,000+ BPF-related commits**: LLM Agent surveys and summaries. [dataset here](data/commit_survey.csv) +- **12,000+ BPF-related commits**: LLM Agent surveys and summaries. You can download [dataset here](data/commit_survey.csv). - **150,000+ BPF subsystem-related emails**: LLM Agent surveys and summaries(`TODO`). +**To see more details abot what we find, check the analysis in [report_ebpf.md](docs/report_ebpf.md).** + A simplest approach to see how these data works is just **Upload the CSV to ChatGPT**(**Or other platforms) and Ask questions to let it Analysis for you! -To see more details, check the analysis in [report_ebpf.md](docs/report_ebpf.md). +Note this is just a very simple demo now --- there are hundreds of ways to improve the survey accuracy: + +- It's using gpt4o API, o1 model can be much better; +- You can simply run it multiple times to get multiple survey results and then average them. This is typically a real survey d and the result would be much better, but we need time and more money for API. +- More Advance Agent design with multi-steps and reasonging, or multi-agent; +- Better prompt engineering; + ## Survey Example -You can find this example in [survey/commit_survey.yml](survey/commit_survey.yml), which analysis the commits in the Linux kernel eBPF subsystem. +You can find this example in [survey/commit_survey.yml](survey/commit_survey.yml), which analysis all the 10000+ bpf commits in the Linux kernel eBPF subsystem. ```yml -# Configuration for LLM Agent in Code-survey -title: "Feature Classification Survey" -description: "A survey about the use cases and summary of feature in Linux eBPF. Note there might be some times the commit message is not related to the feature itself. If that happens you need to focus on the feature itself and ignore the commit message. Pay attention to the feature itself." +title: "Commit Classification Survey" +description: "A survey about the commit in Linux eBPF, to help better understand the design and evolution of bpf subsystem. For choice, try to be as specific as possible based on the commit message and code changes. If the commit message is not clear or does not provide enough information, you can choose the 'I'm not sure' option." +hint: "For example, when seems not related to eBPF, confirm it's a rare cases really has nothing to do with eBPF in all it's contents, such as btrfs or misspelled commit message. Do not tag subsystem changes related to eBPF as not." questions: - - id: summary - type: fill_in - question: "Please provide a summary of the Feature in one short sentence not longer than 100 words. Only output one sentence." - required: true - - - id: keywords - type: fill_in - question: "Please extract no more than 3 keywords from the Feature. Only output 3 keywords." - required: true - - - id: feature_classification - type: multiple_choice - question: "What may be the main use cases of the feature? You can select multiple options." - choices: - - value: It's used to improve the security of the Linux. e.g. used for controlling access to the system etc. - - value: It's used to improve the network of the Linux. e.g. used for improving the network performance etc. - - value: It's used to improve the observability of the Linux. e.g. used for monitoring tracing the system improve the performance etc. - - value: It's a performance optimization unrelated to security networking or observability. - - value: It relates to a specific hardware feature (e.g. accelerated offload hardware tracing etc.) - - value: The feature relate other use cases not listed above. - - value: It does not relate to any of the above it's a general feature for runtime such as verifier instructions etc. You should not other use cases if you select this option. - - value: It's a merge or include multiple features. - - - id: feature_complexity - type: single_choice - question: "What is the estimated complexity of implementing this commit?" - choices: - - value: Simple and can be used without much configuration. e.g. a simple helper function. - - value: Moderate and requires some setup or understanding of the system. e.g. a new map type or a new link type. - - value: Complex and needs expert knowledge or significant changes to existing systems. Like adding a completely new subsystem support or a completely new program type don't exist before. - - value: It's a merge commit not related to any of the above. +- id: summary + type: fill_in + question: "Please provide a summary of It in one short sentence not longer than 30 words. Only output one sentence." + required: true + +- id: keywords + type: fill_in + question: "Please extract no more than 3 keywords from the commit. Only output 3 keywords without any special characters." + required: true + +- id: commit_classification + type: single_choice + question: "What may be the main type of the commit?" + choices: + - value: A bug fix. It primarily resolves a bug or issue in the code. + - value: A new feature. It adds a new capability or feature that was not previously present. + - value: A performance optimization. It improves the performance of existing code such as reducing latency or improving throughput. + - value: A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality. + - value: A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error. + - value: A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure. + - value: A build system or CI/CD change. It affects the build process continuous integration or deployment pipelines. + - value: A security fix. It resolves a security vulnerability or strengthens security measures. + - value: It's like a merge commit. It merges changes from another branch or repository. + - value: It's other type of commit. It does not fit into any of the categories listed above. + - value: I'm not sure about the type of the commit. The nature of It is unclear or uncertain. + +- id: major_related_implementation_component + type: single_choice + question: "What major implementation component is modified by the commit? It's typically where the code changes happened." + choices: + - value: The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel. + - value: The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures. + - value: The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call. + - value: The syscall interface. It changes the system calls through which user-space programs interact with eBPF. + - value: The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed. + - value: The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications. + - value: The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps. + - value: The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs. + - value: The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events. + - value: It's like a merge commit. It includes significant changes across multiple components of the system. + - value: It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem. + - value: It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed. + - value: I'm not sure about the implementation component of the commit. The component affected by It is unclear. ...... ``` @@ -150,6 +178,13 @@ For a more detailed explanation and the general approach, see the [docs/best-pra ## References -1. [How to Communicate When Submitting Patches: An Empirical Study of the Linux Kernel](https://dl.acm.org/doi/abs/10.1145/3359210) -2. [Differentiating Communication Styles of Leaders on the Linux Kernel Mailing List](https://dl.acm.org/doi/abs/10.1145/2957792) +Linux development: + +1. [Submitting patches: the essential guide to getting your code into the kernel](https://www.kernel.org/doc/html/v4.10/process/submitting-patches.html) +2. [how to ask question in maillist](https://www.linuxquestions.org/questions/linux-kernel-70/how-to-ask-question-in-maillist-4175719442/) +3. [How to Communicate When Submitting Patches: An Empirical Study of the Linux Kernel](https://dl.acm.org/doi/abs/10.1145/3359210) +3. [Differentiating Communication Styles of Leaders on the Linux Kernel Mailing List](https://dl.acm.org/doi/abs/10.1145/2957792) + +AI model: +- [Introducing OpenAI o1-preview](https://openai.com/index/introducing-openai-o1-preview/) They can reason through complex tasks and solve harder problems than previous models in science, coding, and math. \ No newline at end of file diff --git a/analysis/bpf/timeline_commits_6m.py b/analysis/bpf/timeline_commits_6m.py index 7bf44d2..6687e39 100644 --- a/analysis/bpf/timeline_commits_6m.py +++ b/analysis/bpf/timeline_commits_6m.py @@ -48,10 +48,11 @@ def parse_usecases(usecase_str): # Apply the parsing function to the 'usecases_or_submodule_events' column survey_data['parsed_usecases'] = survey_data['usecases_or_submodule_events'].apply(parse_usecases) -# Filter out 'merge' commits based on 'commit_classification' +# Filter out 'merge' commits based on 'major_related_implementation_component' +# because some important commits might be classified as 'merge' in classification, but it's related to the major component # Assuming 'commit_classification' contains phrases like 'merge' and 'not related' filter_pattern = re.compile(r'merge', re.IGNORECASE) -filtered_data = survey_data[~survey_data['commit_classification'].str.contains(filter_pattern, na=False)] +filtered_data = survey_data[~survey_data['major_related_implementation_component'].str.contains(filter_pattern, na=False)] print(f"Total commits before filtering: {survey_data.shape[0]}") print(f"Total commits after filtering out 'unrelated' and 'merge' commits: {filtered_data.shape[0]}") @@ -121,8 +122,8 @@ def plot_frequency_timeline(field_name, title, max_labels, threshold, save_path, print(f"\nGenerating timeline for: {title}") # Group by 6-month intervals and category, count commits - # Changed '6M' to '6MS' to align with possible deprecation - monthly_counts = filtered_data.resample('6MS')[field_name].value_counts().unstack() + # Changed '6M' to '3MS' to align with possible deprecation + monthly_counts = filtered_data.resample('3MS')[field_name].value_counts().unstack() # Determine significant categories if field_name == 'usecases_or_submodule_events': @@ -151,7 +152,7 @@ def plot_frequency_timeline(field_name, title, max_labels, threshold, save_path, smoothed_counts = apply_moving_average(monthly_counts, window=smoothing_window) # Plotting - fig, ax = plt.subplots(figsize=(14, 8)) + fig, ax = plt.subplots(figsize=(10, 6)) # Plot each category for column in smoothed_counts.columns: @@ -200,8 +201,8 @@ def plot_usecases_timeline(title, save_path, max_labels=8, threshold=0.005, smoo exploded_data = exploded_data.dropna(subset=['parsed_usecases']) # Group by 6-month intervals and use case, count commits - # Changed '6M' to '6MS' to align with possible deprecation - monthly_counts = exploded_data.resample('6MS')['parsed_usecases'].value_counts().unstack() + # Changed '6M' to '3MS' to align with possible deprecation + monthly_counts = exploded_data.resample('3MS')['parsed_usecases'].value_counts().unstack() # Determine significant categories significant_categories = get_significant_categories(flattened_usecases, max_labels, threshold) @@ -226,7 +227,7 @@ def plot_usecases_timeline(title, save_path, max_labels=8, threshold=0.005, smoo smoothed_counts = apply_moving_average(monthly_counts, window=smoothing_window) # Plotting - fig, ax = plt.subplots(figsize=(14, 8)) + fig, ax = plt.subplots(figsize=(10, 6)) # Plot each category for column in smoothed_counts.columns: @@ -269,7 +270,7 @@ def plot_usecases_timeline(title, save_path, max_labels=8, threshold=0.005, smoo max_labels=settings['max_labels'], threshold=settings['threshold'], save_path=save_path, - smoothing_window=2 # Adjust window size as needed + smoothing_window=4 # Adjust window size as needed ) # Generate timeline chart for use cases or submodule events with smoothing_window=2 @@ -278,7 +279,7 @@ def plot_usecases_timeline(title, save_path, max_labels=8, threshold=0.005, smoo save_path='imgs/timeline_usecases_or_submodule_events_smoothed.png', max_labels=12, threshold=0.005, # Adjusted threshold for more use cases - smoothing_window=2 # Adjust window size as needed + smoothing_window=4 # Adjust window size as needed ) print("\nAll smoothed timeline charts have been saved successfully.") diff --git a/analysis/bpf/timeline_features.py b/analysis/bpf/timeline_features.py index f6d4bf2..16f8c67 100644 --- a/analysis/bpf/timeline_features.py +++ b/analysis/bpf/timeline_features.py @@ -21,7 +21,7 @@ 'attach_types': 'events' }) -df['feature_type'] = df['feature_type'].where(df['feature_type'].isin(['helper/kfunc']), 'other') +# df['feature_type'] = df['feature_type'].where(df['feature_type'].isin(['helper/kfunc']), 'other') # Remove 'argument_constants' df = df[df['feature_type'] != 'argument_constants'] diff --git a/analysis/bpf/timeline_libbpf_commit.py b/analysis/bpf/timeline_libbpf_commit.py new file mode 100644 index 0000000..289e1c4 --- /dev/null +++ b/analysis/bpf/timeline_libbpf_commit.py @@ -0,0 +1,45 @@ +import pandas as pd +import matplotlib.pyplot as plt +import os +from timeline_commits_6m import plot_frequency_timeline, get_significant_categories, apply_moving_average + +# Ensure the 'imgs' directory exists +os.makedirs('imgs', exist_ok=True) + +# Load the CSV file +file_path = 'data/commit_survey.csv' # Update this with your actual file path +survey_data = pd.read_csv(file_path) + +# Convert 'commit_date_timestamp' to datetime +survey_data['commit_date'] = pd.to_datetime(survey_data['commit_date_timestamp'], unit='s') + +# Set 'commit_date' as the DataFrame index +survey_data.set_index('commit_date', inplace=True) + +# Sort the DataFrame by date +survey_data.sort_index(inplace=True) + +# Filter data to focus only on libbpf related commits +libbpf_data = survey_data[survey_data['major_related_implementation_component'].str.contains('libbpf', case=False, na=False)] + +# Check how many libbpf commits are present +print(f"Total libbpf commits: {libbpf_data.shape[0]}") + +# Define settings specifically for libbpf commit classifications +field_settings = { + 'commit_classification': {'title': 'libbpf Commit Classification Over Time', 'max_labels': 6, 'threshold': 0.02} +} + +# Generate timeline charts for libbpf commit classifications +for field, settings in field_settings.items(): + save_path = f'imgs/timeline_libbpf_{field}_smoothed.png' + plot_frequency_timeline( + field_name=field, + title=settings['title'], + max_labels=settings['max_labels'], + threshold=settings['threshold'], + save_path=save_path, + smoothing_window=4 # Adjust window size as needed + ) + +print("\nlibbpf commit classification timeline chart has been saved successfully.") diff --git a/data/commit_survey.csv b/data/commit_survey.csv index f5dde16..f9bea82 100644 --- a/data/commit_survey.csv +++ b/data/commit_survey.csv @@ -9343,3 +9343,2216 @@ acf1c3d68e9a31f10d92bc67ad4673cdae5e8d92,acf1c3d68e9a31f10d92bc67ad4673cdae5e8d9 "a5aa8e529e3667eb377ec132d4b4926dee065a45","a5aa8e529e3667eb377ec132d4b4926dee065a45","Magnus Karlsson","magnus.karlsson@intel.com","1598603180","Daniel Borkmann","daniel@iogearbox.net","1598901304","f520b395f065d5b13837659dda893f11c732198d","c2d3d6a474629e30428b1622af3d551f560cd1d8","xsk: Move xsk_tx_list and its lock to buffer pool Move the xsk_tx_list and the xsk_tx_list_lock from the umem to the buffer pool. This so that we in a later commit can share the umem between multiple HW queues. There is one xsk_tx_list per device and queue id, so it should be located in the buffer pool. Signed-off-by: Magnus Karlsson Signed-off-by: Daniel Borkmann Acked-by: Björn Töpel Link: https://lore.kernel.org/bpf/1598603189-32145-7-git-send-email-magnus.karlsson@intel.com","include/net/xdp_sock.h | 4 +---; include/net/xsk_buff_pool.h | 5 +++++; net/xdp/xdp_umem.c | 26 --------------------------; net/xdp/xdp_umem.h | 2 --; net/xdp/xsk.c | 15 ++++++---------; net/xdp/xsk_buff_pool.c | 26 ++++++++++++++++++++++++++; 6 files changed, 38 insertions(+), 40 deletions(-)","Refactors xsk_tx_list and lock to buffer pool for better umem sharing across hardware queues.","xsk_tx_list,buffer,pool","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" "c2d3d6a474629e30428b1622af3d551f560cd1d8","c2d3d6a474629e30428b1622af3d551f560cd1d8","Magnus Karlsson","magnus.karlsson@intel.com","1598603179","Daniel Borkmann","daniel@iogearbox.net","1598901304","c9230b8f507b6b88f957755903b905aaf128eeda","7361f9c3d71955c624fdad5676c99fc88a8249e9","xsk: Move queue_id, dev and need_wakeup to buffer pool Move queue_id, dev, and need_wakeup from the umem to the buffer pool. This so that we in a later commit can share the umem between multiple HW queues. There is one buffer pool per dev and queue id, so these variables should belong to the buffer pool, not the umem. Need_wakeup is also something that is set on a per napi level, so there is usually one per device and queue id. So move this to the buffer pool too. Signed-off-by: Magnus Karlsson Signed-off-by: Daniel Borkmann Acked-by: Björn Töpel Link: https://lore.kernel.org/bpf/1598603189-32145-6-git-send-email-magnus.karlsson@intel.com","include/net/xdp_sock.h | 3 ---; include/net/xsk_buff_pool.h | 4 ++++; net/xdp/xdp_umem.c | 22 ++--------------------; net/xdp/xdp_umem.h | 4 ----; net/xdp/xsk.c | 34 +++++++++++++---------------------; net/xdp/xsk.h | 7 -------; net/xdp/xsk_buff_pool.c | 39 ++++++++++++++++++++++-----------------; net/xdp/xsk_diag.c | 4 ++--; 8 files changed, 43 insertions(+), 74 deletions(-)","Moved queue_id dev and need_wakeup from umem to buffer pool to facilitate sharing umem between multiple hardware queues.","queue_id,buffer pool,umem","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" "7361f9c3d71955c624fdad5676c99fc88a8249e9","7361f9c3d71955c624fdad5676c99fc88a8249e9","Magnus Karlsson","magnus.karlsson@intel.com","1598603178","Daniel Borkmann","daniel@iogearbox.net","1598901304","e4b32a5a66952ce1ca37a0ec74b304cc552e9d77","1c1efc2af158869795d3334a12fed2afd9c51539","xsk: Move fill and completion rings to buffer pool Move the fill and completion rings from the umem to the buffer pool. This so that we in a later commit can share the umem between multiple HW queue ids. In this case, we need one fill and completion ring per queue id. As the buffer pool is per queue id and napi id this is a natural place for it and one umem struture can be shared between these buffer pools. Signed-off-by: Magnus Karlsson Signed-off-by: Daniel Borkmann Acked-by: Björn Töpel Link: https://lore.kernel.org/bpf/1598603189-32145-5-git-send-email-magnus.karlsson@intel.com","include/net/xdp_sock.h | 4 ++--; include/net/xsk_buff_pool.h | 2 +-; net/xdp/xdp_umem.c | 15 --------------; net/xdp/xsk.c | 48 +++++++++++++++++++++++++--------------------; net/xdp/xsk_buff_pool.c | 20 ++++++++++++++-----; net/xdp/xsk_diag.c | 12 +++++++-----; 6 files changed, 52 insertions(+), 49 deletions(-)","This commit repositions the fill and completion rings to the buffer pool to enable umem sharing across multiple hardware queue ids.","fill,completion,buffer","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"1c1efc2af158869795d3334a12fed2afd9c51539","1c1efc2af158869795d3334a12fed2afd9c51539","Magnus Karlsson","magnus.karlsson@intel.com","1598603177","Daniel Borkmann","daniel@iogearbox.net","1598901304","a6672208e4712a1148e93e2f88a0bafe1c6d72ed","c4655761d3cf62bf5f86650e79349c1bfa5c6285","xsk: Create and free buffer pool independently from umem Create and free the buffer pool independently from the umem. Move these operations that are performed on the buffer pool from the umem create and destroy functions to new create and destroy functions just for the buffer pool. This so that in later commits we can instantiate multiple buffer pools per umem when sharing a umem between HW queues and/or devices. We also erradicate the back pointer from the umem to the buffer pool as this will not work when we introduce the possibility to have multiple buffer pools per umem. Signed-off-by: Magnus Karlsson Signed-off-by: Daniel Borkmann Acked-by: Björn Töpel Link: https://lore.kernel.org/bpf/1598603189-32145-4-git-send-email-magnus.karlsson@intel.com","include/net/xdp_sock.h | 3 +-; include/net/xsk_buff_pool.h | 13 +++-; net/xdp/xdp_umem.c | 164 ++++----------------------------------------; net/xdp/xdp_umem.h | 4 +-; net/xdp/xsk.c | 74 +++++++++++++++++---; net/xdp/xsk.h | 3 +; net/xdp/xsk_buff_pool.c | 150 ++++++++++++++++++++++++++++++++++++----; net/xdp/xsk_queue.h | 12 ++--; 8 files changed, 236 insertions(+), 187 deletions(-)","This commit decouples buffer pool operations from UMEM to allow multiple buffer pools per UMEM.","buffer pool, UMEM, xsk","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"c4655761d3cf62bf5f86650e79349c1bfa5c6285","c4655761d3cf62bf5f86650e79349c1bfa5c6285","Magnus Karlsson","magnus.karlsson@intel.com","1598603176","Daniel Borkmann","daniel@iogearbox.net","1598901304","b45ecd0449986910dcac7fc869893d60a627480a","1742b3d528690ae7773cf7bf2f01a90ee1de2fe0","xsk: i40e: ice: ixgbe: mlx5: Rename xsk zero-copy driver interfaces Rename the AF_XDP zero-copy driver interface functions to better reflect what they do after the replacement of umems with buffer pools in the previous commit. Mostly it is about replacing the umem name from the function names with xsk_buff and also have them take the a buffer pool pointer instead of a umem. The various ring functions have also been renamed in the process so that they have the same naming convention as the internal functions in xsk_queue.h. This so that it will be clearer what they do and also for consistency. Signed-off-by: Magnus Karlsson Signed-off-by: Daniel Borkmann Acked-by: Björn Töpel Link: https://lore.kernel.org/bpf/1598603189-32145-3-git-send-email-magnus.karlsson@intel.com","drivers/net/ethernet/intel/i40e/i40e_main.c | 6 +-; drivers/net/ethernet/intel/i40e/i40e_xsk.c | 34 +++---; drivers/net/ethernet/intel/ice/ice_base.c | 6 +-; drivers/net/ethernet/intel/ice/ice_xsk.c | 28 ++---; drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 6 +-; drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 32 +++---; drivers/net/ethernet/mellanox/mlx5/core/en/xdp.c | 4 +-; .../net/ethernet/mellanox/mlx5/core/en/xsk/pool.c | 12 +--; .../net/ethernet/mellanox/mlx5/core/en/xsk/rx.h | 8 +-; .../net/ethernet/mellanox/mlx5/core/en/xsk/tx.c | 10 +-; .../net/ethernet/mellanox/mlx5/core/en/xsk/tx.h | 6 +-; drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 2 +-; drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 4 +-; include/net/xdp_sock.h | 1 +; include/net/xdp_sock_drv.h | 114 +++++++++++----------; net/ethtool/channels.c | 2 +-; net/ethtool/ioctl.c | 2 +-; net/xdp/xdp_umem.c | 24 ++---; net/xdp/xsk.c | 45 ++++----; 19 files changed, 179 insertions(+), 167 deletions(-)","The commit renames xsk zero-copy driver interfaces to replace umems with buffer pools for clarity and consistency.","xsk, refactor, buffer","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","It's not related to any above. E.g. It affects a logic component in eBPF that is not listed here and not related to other events.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"1742b3d528690ae7773cf7bf2f01a90ee1de2fe0","1742b3d528690ae7773cf7bf2f01a90ee1de2fe0","Magnus Karlsson","magnus.karlsson@intel.com","1598603175","Daniel Borkmann","daniel@iogearbox.net","1598901303","eeb0924a4023c43b42bbe2f552b3481c1fd19442","29523c5e6716521f6e2fb59d7785e2bc0b1a993a","xsk: i40e: ice: ixgbe: mlx5: Pass buffer pool to driver instead of umem Replace the explicit umem reference passed to the driver in AF_XDP zero-copy mode with the buffer pool instead. This in preparation for extending the functionality of the zero-copy mode so that umems can be shared between queues on the same netdev and also between netdevs. In this commit, only an umem reference has been added to the buffer pool struct. But later commits will add other entities to it. These are going to be entities that are different between different queue ids and netdevs even though the umem is shared between them. Signed-off-by: Magnus Karlsson Signed-off-by: Daniel Borkmann Acked-by: Björn Töpel Link: https://lore.kernel.org/bpf/1598603189-32145-2-git-send-email-magnus.karlsson@intel.com","drivers/net/ethernet/intel/i40e/i40e_ethtool.c | 2 +-; drivers/net/ethernet/intel/i40e/i40e_main.c | 29 +--; drivers/net/ethernet/intel/i40e/i40e_txrx.c | 10 +-; drivers/net/ethernet/intel/i40e/i40e_txrx.h | 2 +-; drivers/net/ethernet/intel/i40e/i40e_xsk.c | 81 ++++----; drivers/net/ethernet/intel/i40e/i40e_xsk.h | 4 +-; drivers/net/ethernet/intel/ice/ice.h | 18 +-; drivers/net/ethernet/intel/ice/ice_base.c | 16 +-; drivers/net/ethernet/intel/ice/ice_lib.c | 2 +-; drivers/net/ethernet/intel/ice/ice_main.c | 10 +-; drivers/net/ethernet/intel/ice/ice_txrx.c | 8 +-; drivers/net/ethernet/intel/ice/ice_txrx.h | 2 +-; drivers/net/ethernet/intel/ice/ice_xsk.c | 136 ++++++-------; drivers/net/ethernet/intel/ice/ice_xsk.h | 7 +-; drivers/net/ethernet/intel/ixgbe/ixgbe.h | 2 +-; drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 34 ++--; .../net/ethernet/intel/ixgbe/ixgbe_txrx_common.h | 7 +-; drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 61 +++---; drivers/net/ethernet/mellanox/mlx5/core/Makefile | 2 +-; drivers/net/ethernet/mellanox/mlx5/core/en.h | 19 +-; drivers/net/ethernet/mellanox/mlx5/core/en/xdp.c | 5 +-; .../net/ethernet/mellanox/mlx5/core/en/xsk/pool.c | 217 +++++++++++++++++++++; .../net/ethernet/mellanox/mlx5/core/en/xsk/pool.h | 27 +++; .../net/ethernet/mellanox/mlx5/core/en/xsk/rx.h | 10 +-; .../net/ethernet/mellanox/mlx5/core/en/xsk/setup.c | 12 +-; .../net/ethernet/mellanox/mlx5/core/en/xsk/setup.h | 2 +-; .../net/ethernet/mellanox/mlx5/core/en/xsk/tx.c | 14 +-; .../net/ethernet/mellanox/mlx5/core/en/xsk/tx.h | 6 +-; .../net/ethernet/mellanox/mlx5/core/en/xsk/umem.c | 217 ---------------------; .../net/ethernet/mellanox/mlx5/core/en/xsk/umem.h | 29 ---; .../net/ethernet/mellanox/mlx5/core/en_ethtool.c | 2 +-; .../ethernet/mellanox/mlx5/core/en_fs_ethtool.c | 2 +-; drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 49 ++---; drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 16 +-; include/linux/netdevice.h | 10 +-; include/net/xdp_sock_drv.h | 7 +-; include/net/xsk_buff_pool.h | 4 +-; net/ethtool/channels.c | 2 +-; net/ethtool/ioctl.c | 2 +-; net/xdp/xdp_umem.c | 45 ++---; net/xdp/xsk_buff_pool.c | 5 +-; 41 files changed, 575 insertions(+), 560 deletions(-)","The commit refactors AF_XDP zero-copy mode to use a buffer pool instead of umem for better resource sharing.","AF_XDP, buffer pool, zero-copy","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here."", 'Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"29523c5e6716521f6e2fb59d7785e2bc0b1a993a","29523c5e6716521f6e2fb59d7785e2bc0b1a993a","Alexei Starovoitov","ast@kernel.org","1598891492","Daniel Borkmann","daniel@iogearbox.net","1598900170","3824404a0537ca3dbbe6b05bd8548db31c174016","9667305c6374df8672be46bc496f52f040999531","bpf: Fix build without BPF_LSM. resolve_btfids doesn't like empty set. Add unused ID when BPF_LSM is off. Fixes: 1e6c62a88215 (""bpf: Introduce sleepable BPF programs"") Reported-by: Björn Töpel Signed-off-by: Alexei Starovoitov Signed-off-by: Daniel Borkmann Tested-by: Song Liu Acked-by: KP Singh Link: https://lore.kernel.org/bpf/20200831163132.66521-1-alexei.starovoitov@gmail.com","kernel/bpf/verifier.c | 2 ++; 1 file changed, 2 insertions(+)","Fixes build issue when BPF_LSM is disabled by adding unused ID to resolve_btfids.","BPF_LSM, resolve_btfids, unused","A build system or CI/CD change. It affects the build process continuous integration or deployment pipelines.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"9667305c6374df8672be46bc496f52f040999531","9667305c6374df8672be46bc496f52f040999531","Alexei Starovoitov","ast@kernel.org","1598889115","Daniel Borkmann","daniel@iogearbox.net","1598900097","98e3e2e1e28369f82efd1d3eb267e3b12c28ff98","10496f261ed30592c6a7f8315f6b5ec055db624a","bpf: Fix build without BPF_SYSCALL, but with BPF_JIT. When CONFIG_BPF_SYSCALL is not set, but CONFIG_BPF_JIT=y the kernel build fails: In file included from ../kernel/bpf/trampoline.c:11: ../kernel/bpf/trampoline.c: In function ‘bpf_trampoline_update’: ../kernel/bpf/trampoline.c:220:39: error: ‘call_rcu_tasks_trace’ undeclared ../kernel/bpf/trampoline.c: In function ‘__bpf_prog_enter_sleepable’: ../kernel/bpf/trampoline.c:411:2: error: implicit declaration of function ‘rcu_read_lock_trace’ ../kernel/bpf/trampoline.c: In function ‘__bpf_prog_exit_sleepable’: ../kernel/bpf/trampoline.c:416:2: error: implicit declaration of function ‘rcu_read_unlock_trace’ This is due to: obj-$(CONFIG_BPF_JIT) += trampoline.o obj-$(CONFIG_BPF_JIT) += dispatcher.o There is a number of functions that arch/x86/net/bpf_jit_comp.c is using from these two files, but none of them will be used when only cBPF is on (which is the case for BPF_SYSCALL=n BPF_JIT=y). Add rcu_trace functions to rcupdate_trace.h. The JITed code won't execute them and BPF trampoline logic won't be used without BPF_SYSCALL. Fixes: 1e6c62a88215 (""bpf: Introduce sleepable BPF programs"") Reported-by: kernel test robot Signed-off-by: Alexei Starovoitov Signed-off-by: Daniel Borkmann Acked-by: Paul E. McKenney Link: https://lore.kernel.org/bpf/20200831155155.62754-1-alexei.starovoitov@gmail.com","include/linux/rcupdate_trace.h | 9 ++++++++-; 1 file changed, 8 insertions(+), 1 deletion(-)","The commit fixes a build error for CONFIG_BPF_JIT with CONFIG_BPF_SYSCALL disabled by adding needed rcu_trace functions.","fix,build,error","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"3168c158ad3535af1cd7423c9f8cd5ac549f2f9c","3168c158ad3535af1cd7423c9f8cd5ac549f2f9c","Tony Ambardar","tony.ambardar@gmail.com","1598832184","Daniel Borkmann","daniel@iogearbox.net","1598885811","d160e52df1d32b63527198ff82931620d1cecc44","c8146fe292a726d71e302719df90b53e2f84f7a5","libbpf: Fix build failure from uninitialized variable warning While compiling libbpf, some GCC versions (at least 8.4.0) have difficulty determining control flow and a emit warning for potentially uninitialized usage of 'map', which results in a build error if using ""-Werror"": In file included from libbpf.c:56: libbpf.c: In function '__bpf_object__open': libbpf_internal.h:59:2: warning: 'map' may be used uninitialized in this function [-Wmaybe-uninitialized] libbpf_print(level, ""libbpf: "" fmt, ##__VA_ARGS__); \ ^~~~~~~~~~~~ libbpf.c:5032:18: note: 'map' was declared here struct bpf_map *map, *targ_map; ^~~ The warning/error is false based on code inspection, so silence it with a NULL initialization. Fixes: 646f02ffdd49 (""libbpf: Add BTF-defined map-in-map support"") Reference: 063e68813391 (""libbpf: Fix false uninitialized variable warning"") Signed-off-by: Tony Ambardar Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200831000304.1696435-1-Tony.Ambardar@gmail.com","tools/lib/bpf/libbpf.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","The commit fixes a build failure in libbpf by addressing an uninitialized variable warning issued by GCC.","build, uninitialized, libbpf","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"c8146fe292a726d71e302719df90b53e2f84f7a5","c8146fe292a726d71e302719df90b53e2f84f7a5","David S. Miller","davem@davemloft.net","1598656368","David S. Miller","davem@davemloft.net","1598656368","ca7b3fdae74b6a9c4c0c6848679643e30ae9c333","5438dd45831ee33869779bd1919b05816ae4dbc9 fa4505675e093e895b7ec49a76d44f6b5ad9602e","Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf Daniel Borkmann says: ==================== pull-request: bpf 2020-08-28 The following pull-request contains BPF updates for your *net* tree. We've added 4 non-merge commits during the last 4 day(s) which contain a total of 4 files changed, 7 insertions(+), 4 deletions(-). The main changes are: 1) Fix out of bounds access for BPF_OBJ_GET_INFO_BY_FD retrieval, from Yonghong Song. 2) Fix wrong __user annotation in bpf_stats sysctl handler, from Tobias Klauser. 3) Few fixes for BPF selftest scripting in test_{progs,maps}, from Jesper Dangaard Brouer. ==================== Signed-off-by: David S. Miller ","","This is a merge commit incorporating BPF updates into the net tree.","BPF,merge,updates","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"10496f261ed30592c6a7f8315f6b5ec055db624a","10496f261ed30592c6a7f8315f6b5ec055db624a","Daniel Borkmann","daniel@iogearbox.net","1598642433","Daniel Borkmann","daniel@iogearbox.net","1598642438","0751db49ba3afe3976061f9c6fd7ed2c44b6a5fe","d557ea39a5f894630c403b78703ac92b08b7dd62 e68a144547fc7a956952260539cb7b8bb9afbcc0","Merge branch 'bpf-sleepable' Alexei Starovoitov says: ==================== v2->v3: - switched to minimal allowlist approach. Essentially that means that syscall entry, few btrfs allow_error_inject functions, should_fail_bio(), and two LSM hooks: file_mprotect and bprm_committed_creds are the only hooks that allow attaching of sleepable BPF programs. When comprehensive analysis of LSM hooks will be done this allowlist will be extended. - added patch 1 that fixes prototypes of two mm functions to reliably work with error injection. It's also necessary for resolve_btfids tool to recognize these two funcs, but that's secondary. v1->v2: - split fmod_ret fix into separate patch - added denylist v1: This patch set introduces the minimal viable support for sleepable bpf programs. In this patch only fentry/fexit/fmod_ret and lsm progs can be sleepable. Only array and pre-allocated hash and lru maps allowed. Here is 'perf report' difference of sleepable vs non-sleepable: 3.86% bench [k] __srcu_read_unlock 3.22% bench [k] __srcu_read_lock 0.92% bench [k] bpf_prog_740d4210cdcd99a3_bench_trigger_fentry_sleep 0.50% bench [k] bpf_trampoline_10297 0.26% bench [k] __bpf_prog_exit_sleepable 0.21% bench [k] __bpf_prog_enter_sleepable vs 0.88% bench [k] bpf_prog_740d4210cdcd99a3_bench_trigger_fentry 0.84% bench [k] bpf_trampoline_10297 0.13% bench [k] __bpf_prog_enter 0.12% bench [k] __bpf_prog_exit vs 0.79% bench [k] bpf_prog_740d4210cdcd99a3_bench_trigger_fentry_sleep 0.72% bench [k] bpf_trampoline_10381 0.31% bench [k] __bpf_prog_exit_sleepable 0.29% bench [k] __bpf_prog_enter_sleepable Sleepable vs non-sleepable program invocation overhead is only marginally higher due to rcu_trace. srcu approach is much slower. ==================== Signed-off-by: Daniel Borkmann ","","Merged 'bpf-sleepable' branch enabling limited support for sleepable BPF programs and allowing attachments to specific LSM hooks and functions.","bpf,sleepable,lsm","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"e68a144547fc7a956952260539cb7b8bb9afbcc0","e68a144547fc7a956952260539cb7b8bb9afbcc0","Alexei Starovoitov","ast@kernel.org","1598565674","Daniel Borkmann","daniel@iogearbox.net","1598642433","0751db49ba3afe3976061f9c6fd7ed2c44b6a5fe","2b288740a1072235166b2706e139f2725b5ea26f","selftests/bpf: Add sleepable tests Modify few tests to sanity test sleepable bpf functionality. Running 'bench trig-fentry-sleep' vs 'bench trig-fentry' and 'perf report': sleepable with SRCU: 3.86% bench [k] __srcu_read_unlock 3.22% bench [k] __srcu_read_lock 0.92% bench [k] bpf_prog_740d4210cdcd99a3_bench_trigger_fentry_sleep 0.50% bench [k] bpf_trampoline_10297 0.26% bench [k] __bpf_prog_exit_sleepable 0.21% bench [k] __bpf_prog_enter_sleepable sleepable with RCU_TRACE: 0.79% bench [k] bpf_prog_740d4210cdcd99a3_bench_trigger_fentry_sleep 0.72% bench [k] bpf_trampoline_10381 0.31% bench [k] __bpf_prog_exit_sleepable 0.29% bench [k] __bpf_prog_enter_sleepable non-sleepable with RCU: 0.88% bench [k] bpf_prog_740d4210cdcd99a3_bench_trigger_fentry 0.84% bench [k] bpf_trampoline_10297 0.13% bench [k] __bpf_prog_enter 0.12% bench [k] __bpf_prog_exit Signed-off-by: Alexei Starovoitov Signed-off-by: Daniel Borkmann Acked-by: KP Singh Link: https://lore.kernel.org/bpf/20200827220114.69225-6-alexei.starovoitov@gmail.com","tools/testing/selftests/bpf/bench.c | 2 +; tools/testing/selftests/bpf/benchs/bench_trigger.c | 17 ++++++; tools/testing/selftests/bpf/prog_tests/test_lsm.c | 9 +++; tools/testing/selftests/bpf/progs/lsm.c | 66 +++++++++++++++++++++-; tools/testing/selftests/bpf/progs/trigger_bench.c | 7 +++; 5 files changed, 99 insertions(+), 2 deletions(-)","The commit adds tests to verify the functionality of sleepable eBPF programs.","sleepable,tests,eBPF","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"2b288740a1072235166b2706e139f2725b5ea26f","2b288740a1072235166b2706e139f2725b5ea26f","Alexei Starovoitov","ast@kernel.org","1598565673","Daniel Borkmann","daniel@iogearbox.net","1598642433","e8580afd3ccfba2986f1a1451985c798edaea25a","07be4c4a3e7a0db148e44b16c5190e753d1c8569","libbpf: Support sleepable progs Pass request to load program as sleepable via "".s"" suffix in the section name. If it happens in the future that all map types and helpers are allowed with BPF_F_SLEEPABLE flag ""fmod_ret/"" and ""lsm/"" can be aliased to ""fmod_ret.s/"" and ""lsm.s/"" to make all lsm and fmod_ret programs sleepable by default. The fentry and fexit programs would always need to have sleepable vs non-sleepable distinction, since not all fentry/fexit progs will be attached to sleepable kernel functions. Signed-off-by: Alexei Starovoitov Signed-off-by: Daniel Borkmann Acked-by: KP Singh Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200827220114.69225-5-alexei.starovoitov@gmail.com","tools/lib/bpf/libbpf.c | 25 ++++++++++++++++++++++++-; 1 file changed, 24 insertions(+), 1 deletion(-)","The commit enables support for sleepable programs in libbpf via a section name suffix.","sleepable, libbpf, section","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"07be4c4a3e7a0db148e44b16c5190e753d1c8569","07be4c4a3e7a0db148e44b16c5190e753d1c8569","Alexei Starovoitov","ast@kernel.org","1598565672","Daniel Borkmann","daniel@iogearbox.net","1598642433","6069d0aed091b6505371ef8e405a6c5c7efd4c1c","1e6c62a8821557720a9b2ea9617359b264f2f67c","bpf: Add bpf_copy_from_user() helper. Sleepable BPF programs can now use copy_from_user() to access user memory. Signed-off-by: Alexei Starovoitov Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Acked-by: KP Singh Link: https://lore.kernel.org/bpf/20200827220114.69225-4-alexei.starovoitov@gmail.com","include/linux/bpf.h | 1 +; include/uapi/linux/bpf.h | 8 ++++++++; kernel/bpf/helpers.c | 22 ++++++++++++++++++++++; kernel/trace/bpf_trace.c | 2 ++; tools/include/uapi/linux/bpf.h | 8 ++++++++; 5 files changed, 41 insertions(+)","This commit introduces the bpf_copy_from_user helper to facilitate user memory access in sleepable BPF programs.","bpf helper copy_from_user","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"1e6c62a8821557720a9b2ea9617359b264f2f67c","1e6c62a8821557720a9b2ea9617359b264f2f67c","Alexei Starovoitov","ast@kernel.org","1598565671","Daniel Borkmann","daniel@iogearbox.net","1598642433","9e0f87524683decc2375f7464a999989c151f9a9","76cd61739fd107a7f7ec4c24a045e98d8ee150f0","bpf: Introduce sleepable BPF programs Introduce sleepable BPF programs that can request such property for themselves via BPF_F_SLEEPABLE flag at program load time. In such case they will be able to use helpers like bpf_copy_from_user() that might sleep. At present only fentry/fexit/fmod_ret and lsm programs can request to be sleepable and only when they are attached to kernel functions that are known to allow sleeping. The non-sleepable programs are relying on implicit rcu_read_lock() and migrate_disable() to protect life time of programs, maps that they use and per-cpu kernel structures used to pass info between bpf programs and the kernel. The sleepable programs cannot be enclosed into rcu_read_lock(). migrate_disable() maps to preempt_disable() in non-RT kernels, so the progs should not be enclosed in migrate_disable() as well. Therefore rcu_read_lock_trace is used to protect the life time of sleepable progs. There are many networking and tracing program types. In many cases the 'struct bpf_prog *' pointer itself is rcu protected within some other kernel data structure and the kernel code is using rcu_dereference() to load that program pointer and call BPF_PROG_RUN() on it. All these cases are not touched. Instead sleepable bpf programs are allowed with bpf trampoline only. The program pointers are hard-coded into generated assembly of bpf trampoline and synchronize_rcu_tasks_trace() is used to protect the life time of the program. The same trampoline can hold both sleepable and non-sleepable progs. When rcu_read_lock_trace is held it means that some sleepable bpf program is running from bpf trampoline. Those programs can use bpf arrays and preallocated hash/lru maps. These map types are waiting on programs to complete via synchronize_rcu_tasks_trace(); Updates to trampoline now has to do synchronize_rcu_tasks_trace() and synchronize_rcu_tasks() to wait for sleepable progs to finish and for trampoline assembly to finish. This is the first step of introducing sleepable progs. Eventually dynamically allocated hash maps can be allowed and networking program types can become sleepable too. Signed-off-by: Alexei Starovoitov Signed-off-by: Daniel Borkmann Reviewed-by: Josef Bacik Acked-by: Andrii Nakryiko Acked-by: KP Singh Link: https://lore.kernel.org/bpf/20200827220114.69225-3-alexei.starovoitov@gmail.com","arch/x86/net/bpf_jit_comp.c | 32 +++++++++++------; include/linux/bpf.h | 3 ++; include/uapi/linux/bpf.h | 8 +++++; init/Kconfig | 1 +; kernel/bpf/arraymap.c | 1 +; kernel/bpf/hashtab.c | 12 +++----; kernel/bpf/syscall.c | 13 +++++--; kernel/bpf/trampoline.c | 28 +++++++++++++--; kernel/bpf/verifier.c | 81 ++++++++++++++++++++++++++++++++++++++++--; tools/include/uapi/linux/bpf.h | 8 +++++; 10 files changed, 162 insertions(+), 25 deletions(-)","Introduce sleepable BPF programs allowing the use of certain helpers by enabling sleep capability in specified conditions.","sleepable,BPF,helpers","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"76cd61739fd107a7f7ec4c24a045e98d8ee150f0","76cd61739fd107a7f7ec4c24a045e98d8ee150f0","Alexei Starovoitov","ast@kernel.org","1598565670","Daniel Borkmann","daniel@iogearbox.net","1598642432","62d8464d469978b7a64b29164b877194075fd68e","d557ea39a5f894630c403b78703ac92b08b7dd62","mm/error_inject: Fix allow_error_inject function signatures. 'static' and 'static noinline' function attributes make no guarantees that gcc/clang won't optimize them. The compiler may decide to inline 'static' function and in such case ALLOW_ERROR_INJECT becomes meaningless. The compiler could have inlined __add_to_page_cache_locked() in one callsite and didn't inline in another. In such case injecting errors into it would cause unpredictable behavior. It's worse with 'static noinline' which won't be inlined, but it still can be optimized. Like the compiler may decide to remove one argument or constant propagate the value depending on the callsite. To avoid such issues make sure that these functions are global noinline. Fixes: af3b854492f3 (""mm/page_alloc.c: allow error injection"") Fixes: cfcbfb1382db (""mm/filemap.c: enable error injection at add_to_page_cache()"") Signed-off-by: Alexei Starovoitov Signed-off-by: Daniel Borkmann Reviewed-by: Josef Bacik Link: https://lore.kernel.org/bpf/20200827220114.69225-2-alexei.starovoitov@gmail.com","mm/filemap.c | 8 ++++----; mm/page_alloc.c | 2 +-; 2 files changed, 5 insertions(+), 5 deletions(-)","Fixes function signature to prevent compiler optimization issues with error injection.","fix,error,injection","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"d557ea39a5f894630c403b78703ac92b08b7dd62","d557ea39a5f894630c403b78703ac92b08b7dd62","Martin KaFai Lau","kafai@fb.com","1598577499","Daniel Borkmann","daniel@iogearbox.net","1598622090","714f7ac76f01cccffac5b91d4a6f04d6c7603f83","134fede4eecfcbe7900e789f625fa6f9c3a8cd0e","bpf: selftests: Add test for different inner map size This patch tests the inner map size can be different for reuseport_sockarray but has to be the same for arraymap. A new subtest ""diff_size"" is added for this. The existing test is moved to a subtest ""lookup_update"". Signed-off-by: Martin KaFai Lau Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200828011819.1970825-1-kafai@fb.com",".../selftests/bpf/prog_tests/btf_map_in_map.c | 35 +++++++++++++++++++++-; .../selftests/bpf/progs/test_btf_map_in_map.c | 31 +++++++++++++++++++; 2 files changed, 65 insertions(+), 1 deletion(-)","The commit adds a test for verifying different inner map sizes in BPF selftests.","selftests,map,test","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"134fede4eecfcbe7900e789f625fa6f9c3a8cd0e","134fede4eecfcbe7900e789f625fa6f9c3a8cd0e","Martin KaFai Lau","kafai@fb.com","1598577493","Daniel Borkmann","daniel@iogearbox.net","1598622090","ac0ff7502836e57adf3e1d442dd6814a08e5a8b4","f4d05259213ff1e91f767c91dcab455f68308fac","bpf: Relax max_entries check for most of the inner map types Most of the maps do not use max_entries during verification time. Thus, those map_meta_equal() do not need to enforce max_entries when it is inserted as an inner map during runtime. The max_entries check is removed from the default implementation bpf_map_meta_equal(). The prog_array_map and xsk_map are exception. Its map_gen_lookup uses max_entries to generate inline lookup code. Thus, they will implement its own map_meta_equal() to enforce max_entries. Since there are only two cases now, the max_entries check is not refactored and stays in its own .c file. Signed-off-by: Martin KaFai Lau Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200828011813.1970516-1-kafai@fb.com","kernel/bpf/arraymap.c | 9 ++++++++-; kernel/bpf/map_in_map.c | 3 +--; net/xdp/xskmap.c | 9 ++++++++-; 3 files changed, 17 insertions(+), 4 deletions(-)","The commit relaxes max_entries check for inner map types except prog_array_map and xsk_map which implement their own enforcement.","max_entries,inner map,relax","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"f4d05259213ff1e91f767c91dcab455f68308fac","f4d05259213ff1e91f767c91dcab455f68308fac","Martin KaFai Lau","kafai@fb.com","1598577486","Daniel Borkmann","daniel@iogearbox.net","1598622090","9d9bb0f7f1913ac00d3e4f743efb486c06ed9785","b0c9eb37817943840a1a82dbc998c491609a0afd","bpf: Add map_meta_equal map ops Some properties of the inner map is used in the verification time. When an inner map is inserted to an outer map at runtime, bpf_map_meta_equal() is currently used to ensure those properties of the inserting inner map stays the same as the verification time. In particular, the current bpf_map_meta_equal() checks max_entries which turns out to be too restrictive for most of the maps which do not use max_entries during the verification time. It limits the use case that wants to replace a smaller inner map with a larger inner map. There are some maps do use max_entries during verification though. For example, the map_gen_lookup in array_map_ops uses the max_entries to generate the inline lookup code. To accommodate differences between maps, the map_meta_equal is added to bpf_map_ops. Each map-type can decide what to check when its map is used as an inner map during runtime. Also, some map types cannot be used as an inner map and they are currently black listed in bpf_map_meta_alloc() in map_in_map.c. It is not unusual that the new map types may not aware that such blacklist exists. This patch enforces an explicit opt-in and only allows a map to be used as an inner map if it has implemented the map_meta_equal ops. It is based on the discussion in [1]. All maps that support inner map has its map_meta_equal points to bpf_map_meta_equal in this patch. A later patch will relax the max_entries check for most maps. bpf_types.h counts 28 map types. This patch adds 23 "".map_meta_equal"" by using coccinelle. -5 for BPF_MAP_TYPE_PROG_ARRAY BPF_MAP_TYPE_(PERCPU)_CGROUP_STORAGE BPF_MAP_TYPE_STRUCT_OPS BPF_MAP_TYPE_ARRAY_OF_MAPS BPF_MAP_TYPE_HASH_OF_MAPS The ""if (inner_map->inner_map_meta)"" check in bpf_map_meta_alloc() is moved such that the same error is returned. [1]: https://lore.kernel.org/bpf/20200522022342.899756-1-kafai@fb.com/ Signed-off-by: Martin KaFai Lau Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200828011806.1970400-1-kafai@fb.com","include/linux/bpf.h | 16 ++++++++++++++++; kernel/bpf/arraymap.c | 9 +++++++++; kernel/bpf/bpf_inode_storage.c | 1 +; kernel/bpf/cpumap.c | 1 +; kernel/bpf/devmap.c | 2 ++; kernel/bpf/hashtab.c | 4 ++++; kernel/bpf/lpm_trie.c | 1 +; kernel/bpf/map_in_map.c | 21 ++++++++-------------; kernel/bpf/map_in_map.h | 2 --; kernel/bpf/queue_stack_maps.c | 2 ++; kernel/bpf/reuseport_array.c | 1 +; kernel/bpf/ringbuf.c | 1 +; kernel/bpf/stackmap.c | 1 +; kernel/bpf/syscall.c | 1 +; net/core/bpf_sk_storage.c | 1 +; net/core/sock_map.c | 2 ++; net/xdp/xskmap.c | 1 +; 17 files changed, 52 insertions(+), 15 deletions(-)","The commit introduces map_meta_equal operations to allow flexible inner map verification, enabling the replacement of smaller with larger maps.","map_meta_equal, inner_map, verification","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"b0c9eb37817943840a1a82dbc998c491609a0afd","b0c9eb37817943840a1a82dbc998c491609a0afd","Yonghong Song","yhs@fb.com","1598591962","Daniel Borkmann","daniel@iogearbox.net","1598618004","ba3ab56b0661dd01c0de5432e344c975ff4495ff","661b37cd437ef49cd28444f79b9b0c71ea76e8c8","bpf: Make bpf_link_info.iter similar to bpf_iter_link_info bpf_link_info.iter is used by link_query to return bpf_iter_link_info to user space. Fields may be different, e.g., map_fd vs. map_id, so we cannot reuse the exact structure. But make them similar, e.g., struct bpf_link_info { /* common fields */ union { struct { ... } raw_tracepoint; struct { ... } tracing; ... struct { /* common fields for iter */ union { struct { __u32 map_id; } map; /* other structs for other targets */ }; }; }; }; so the structure is extensible the same way as bpf_iter_link_info. Fixes: 6b0a249a301e (""bpf: Implement link_query for bpf iterators"") Signed-off-by: Yonghong Song Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200828051922.758950-1-yhs@fb.com","include/uapi/linux/bpf.h | 6 ++++--; tools/include/uapi/linux/bpf.h | 6 ++++--; 2 files changed, 8 insertions(+), 4 deletions(-)","The commit aligns the bpf_link_info.iter structure with bpf_iter_link_info to improve extensibility for BPF iterators.","bpf_link_info iter extensible","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"661b37cd437ef49cd28444f79b9b0c71ea76e8c8","661b37cd437ef49cd28444f79b9b0c71ea76e8c8","Jesper Dangaard Brouer","brouer@redhat.com","1598518416","Daniel Borkmann","daniel@iogearbox.net","1598616267","2e2568cac71c35133d7cbc16cee21188ea54baa8","2e80be60c465a4f8559327340eaf40845dd7797a","tools, bpf/build: Cleanup feature files on make clean The system for ""Auto-detecting system features"" located under tools/build/ are (currently) used by perf, libbpf and bpftool. It can contain stalled feature detection files, which are not cleaned up by libbpf and bpftool on make clean (side-note: perf tool is correct). Fix this by making the users invoke the make clean target. Some details about the changes. The libbpf Makefile already had a clean-config target (which seems to be copy-pasted from perf), but this target was not ""connected"" (a make dependency) to clean target. Choose not to rename target as someone might be using it. Did change the output from ""CLEAN config"" to ""CLEAN feature-detect"", to make it more clear what happens. This is related to the complaint and troubleshooting in the following link: https://lore.kernel.org/lkml/20200818122007.2d1cfe2d@carbon/ Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Daniel Borkmann Acked-by: Jiri Olsa Link: https://lore.kernel.org/lkml/20200818122007.2d1cfe2d@carbon/ Link: https://lore.kernel.org/bpf/159851841661.1072907.13770213104521805592.stgit@firesoul","tools/bpf/bpftool/Makefile | 6 +++++-; tools/build/Makefile | 2 ++; tools/lib/bpf/Makefile | 4 ++--; 3 files changed, 9 insertions(+), 3 deletions(-)","The commit ensures feature-detect files are properly cleaned in the Makefiles for bpf tools.","Makefile,cleanup,feature-detect","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"fa4505675e093e895b7ec49a76d44f6b5ad9602e","fa4505675e093e895b7ec49a76d44f6b5ad9602e","Jesper Dangaard Brouer","brouer@redhat.com","1598429856","Daniel Borkmann","daniel@iogearbox.net","1598615899","bddd75fbe80efe818d4d2ada27ba2823095bcd2b","7787b6fc938e16aa418613c4a765c1dbb268ed9f","selftests/bpf: Fix massive output from test_maps When stdout output from the selftests tool 'test_maps' gets redirected into e.g file or pipe, then the output lines increase a lot (from 21 to 33949 lines). This is caused by the printf that happens before the fork() call, and there are user-space buffered printf data that seems to be duplicated into the forked process. To fix this fflush() stdout before the fork loop in __run_parallel(). Fixes: 1a97cf1fe503 (""selftests/bpf: speedup test_maps"") Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/159842985651.1050885.2154399297503372406.stgit@firesoul","tools/testing/selftests/bpf/test_maps.c | 2 ++; 1 file changed, 2 insertions(+)","Fixes massive stdout output issue in selftests/bpf by flushing stdout before forking in test_maps.","selftests, output, fflush","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"2e80be60c465a4f8559327340eaf40845dd7797a","2e80be60c465a4f8559327340eaf40845dd7797a","Andrii Nakryiko","andriin@fb.com","1598501469","Alexei Starovoitov","ast@kernel.org","1598505218","74f743dc3b07ecfd4ddd563b9ebd658d28c603fe","f5493c514cdbcd8c3f9f3ffca4f68b97f122e60a","libbpf: Fix compilation warnings for 64-bit printf args Fix compilation warnings due to __u64 defined differently as `unsigned long` or `unsigned long long` on different architectures (e.g., ppc64le differs from x86-64). Also cast one argument to size_t to fix printf warning of similar nature. Fixes: eacaaed784e2 (""libbpf: Implement enum value-based CO-RE relocations"") Fixes: 50e09460d9f8 (""libbpf: Skip well-known ELF sections when iterating ELF"") Reported-by: Naresh Kamboju Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200827041109.3613090-1-andriin@fb.com","tools/lib/bpf/libbpf.c | 8 +++++---; 1 file changed, 5 insertions(+), 3 deletions(-)","Fixes compilation warnings in libbpf due to differing 64-bit printf argument definitions across architectures.","libbpf,printf,warnings","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","It's not related to any above. E.g. It affects a logic component in eBPF that is not listed here and not related to other events.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"f5493c514cdbcd8c3f9f3ffca4f68b97f122e60a","f5493c514cdbcd8c3f9f3ffca4f68b97f122e60a","Yonghong Song","yhs@fb.com","1598337969","Alexei Starovoitov","ast@kernel.org","1598503652","4fe8df8ebf245dd886d1ee17c7bd65e5b4ca2e2b","2921c90d471889242c24cff529043afb378937fa","selftests/bpf: Add verifier tests for xor operation Added some test_verifier bounds check test cases for xor operations. $ ./test_verifier ... #78/u bounds check for reg = 0, reg xor 1 OK #78/p bounds check for reg = 0, reg xor 1 OK #79/u bounds check for reg32 = 0, reg32 xor 1 OK #79/p bounds check for reg32 = 0, reg32 xor 1 OK #80/u bounds check for reg = 2, reg xor 3 OK #80/p bounds check for reg = 2, reg xor 3 OK #81/u bounds check for reg = any, reg xor 3 OK #81/p bounds check for reg = any, reg xor 3 OK #82/u bounds check for reg32 = any, reg32 xor 3 OK #82/p bounds check for reg32 = any, reg32 xor 3 OK #83/u bounds check for reg > 0, reg xor 3 OK #83/p bounds check for reg > 0, reg xor 3 OK #84/u bounds check for reg32 > 0, reg32 xor 3 OK #84/p bounds check for reg32 > 0, reg32 xor 3 OK ... Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Cc: John Fastabend Link: https://lore.kernel.org/bpf/20200825064609.2018077-1-yhs@fb.com","tools/testing/selftests/bpf/verifier/bounds.c | 146 ++++++++++++++++++++++++++; 1 file changed, 146 insertions(+)","This commit introduces new test cases for checking bounds on xor operations in the eBPF verifier.","verifier,test xor","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"2921c90d471889242c24cff529043afb378937fa","2921c90d471889242c24cff529043afb378937fa","Yonghong Song","yhs@fb.com","1598337968","Alexei Starovoitov","ast@kernel.org","1598503652","a6f1eb96fe481e2fda78ab1aa665009ea52a244d","ef05afa66c59c2031a3798916ef3ff3778232129","bpf: Fix a verifier failure with xor bpf selftest test_progs/test_sk_assign failed with llvm 11 and llvm 12. Compared to llvm 10, llvm 11 and 12 generates xor instruction which is not handled properly in verifier. The following illustrates the problem: 16: (b4) w5 = 0 17: ... R5_w=inv0 ... ... 132: (a4) w5 ^= 1 133: ... R5_w=inv(id=0,umax_value=4294967295,var_off=(0x0; 0xffffffff)) ... ... 37: (bc) w8 = w5 38: ... R5=inv(id=0,umax_value=4294967295,var_off=(0x0; 0xffffffff)) R8_w=inv(id=0,umax_value=4294967295,var_off=(0x0; 0xffffffff)) ... ... 41: (bc) w3 = w8 42: ... R3_w=inv(id=0,umax_value=4294967295,var_off=(0x0; 0xffffffff)) ... 45: (56) if w3 != 0x0 goto pc+1 ... R3_w=inv0 ... 46: (b7) r1 = 34 47: R1_w=inv34 R7=pkt(id=0,off=26,r=38,imm=0) 47: (0f) r7 += r1 48: R1_w=invP34 R3_w=inv0 R7_w=pkt(id=0,off=60,r=38,imm=0) 48: (b4) w9 = 0 49: R1_w=invP34 R3_w=inv0 R7_w=pkt(id=0,off=60,r=38,imm=0) 49: (69) r1 = *(u16 *)(r7 +0) invalid access to packet, off=60 size=2, R7(id=0,off=60,r=38) R7 offset is outside of the packet At above insn 132, w5 = 0, but after w5 ^= 1, we give a really conservative value of w5. At insn 45, in reality the condition should be always false. But due to conservative value for w3, the verifier evaluates it could be true and this later leads to verifier failure complaining potential packet out-of-bound access. This patch implemented proper XOR support in verifier. In the above example, we have: 132: R5=invP0 132: (a4) w5 ^= 1 133: R5_w=invP1 ... 37: (bc) w8 = w5 ... 41: (bc) w3 = w8 42: R3_w=invP1 ... 45: (56) if w3 != 0x0 goto pc+1 47: R3_w=invP1 ... processed 353 insns ... and the verifier can verify the program successfully. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200825064608.2017937-1-yhs@fb.com","kernel/bpf/verifier.c | 66 +++++++++++++++++++++++++++++++++++++++++++++++++++; 1 file changed, 66 insertions(+)","Fix a verifier issue with XOR instruction handling in eBPF verifier causing failure with LLVM 11 and 12.","verifier,XOR,instruction","A bug fix. It primarily resolves a bug or issue in the code.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"ef05afa66c59c2031a3798916ef3ff3778232129","ef05afa66c59c2031a3798916ef3ff3778232129","Alex Gartrell","alexgartrell@gmail.com","1598428549","Alexei Starovoitov","ast@kernel.org","1598479535","19d3acfa474a5c0ad18f52ef0ac7279a2e63f7a6","1fc0e18b6e06cbc174a814d8fe69d37212287d1f","libbpf: Fix unintentional success return code in bpf_object__load There are code paths where EINVAL is returned directly without setting errno. In that case, errno could be 0, which would mask the failure. For example, if a careless programmer set log_level to 10000 out of laziness, they would have to spend a long time trying to figure out why. Fixes: 4f33ddb4e3e2 (""libbpf: Propagate EPERM to caller on program load"") Signed-off-by: Alex Gartrell Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200826075549.1858580-1-alexgartrell@gmail.com","tools/lib/bpf/libbpf.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Fix incorrect success return in libbpf due to unset errno on EINVAL code paths.","libbpf,errno,EINVAL","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"1fc0e18b6e06cbc174a814d8fe69d37212287d1f","1fc0e18b6e06cbc174a814d8fe69d37212287d1f","Alexei Starovoitov","ast@kernel.org","1598471277","Alexei Starovoitov","ast@kernel.org","1598471436","9c85e9701630619b177f54108794bed961bd1b93","7100ff7c62682c2332300ffde8706578e1098e13 1410620cf20e7e23cce17983e9a81af659b28583","Merge branch 'resolve_prog_type' Udip Pant says: ==================== This patch series adds changes in verifier to make decisions such as granting of read / write access or enforcement of return code status based on the program type of the target program while using dynamic program extension (of type BPF_PROG_TYPE_EXT). The BPF_PROG_TYPE_EXT type can be used to extend types such as XDP, SKB and others. Since the BPF_PROG_TYPE_EXT program type on itself is just a placeholder for those, we need this extended check for those extended programs to actually work with proper access, while using this option. Patch #1 includes changes in the verifier. Patch #2 adds selftests to verify write access on a packet for a valid extension program type Patch #3 adds selftests to verify proper check for the return code Patch #4 adds selftests to ensure access permissions and restrictions for some map types such sockmap. Changelogs: v2 -> v3: * more comprehensive resolution of the program type in the verifier based on the target program (and not just for the packet access) * selftests for checking return code and map access * Also moved this patch to 'bpf-next' from 'bpf' tree v1 -> v2: * extraction of the logic to resolve prog type into a separate method * selftests to check for packet access for a valid freplace prog ==================== Acked-by: Yonghong Song Acked-by: Toke Høiland-Jørgensen Signed-off-by: Alexei Starovoitov ","","This commit merges updates enhancing the eBPF verifier with checks for BPF_PROG_TYPE_EXT and adds selftests for access and return code validation.","verifier,selftests,program","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", 'Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', 'Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.']" +"1410620cf20e7e23cce17983e9a81af659b28583","1410620cf20e7e23cce17983e9a81af659b28583","Udip Pant","udippant@fb.com","1598397603","Alexei Starovoitov","ast@kernel.org","1598471276","9c85e9701630619b177f54108794bed961bd1b93","50d19736aff497a4c25ec7e36375195bfd8570cd","selftests/bpf: Test for map update access from within EXT programs This adds further tests to ensure access permissions and restrictions are applied properly for some map types such as sock-map. It also adds another negative tests to assert static functions cannot be replaced. In the 'unreliable' mode it still fails with error 'tracing progs cannot use bpf_spin_lock yet' with the change in the verifier Signed-off-by: Udip Pant Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200825232003.2877030-5-udippant@fb.com",".../selftests/bpf/prog_tests/fexit_bpf2bpf.c | 33 ++++++++++++++++--; .../selftests/bpf/progs/freplace_attach_probe.c | 40 ++++++++++++++++++++++; .../selftests/bpf/progs/freplace_cls_redirect.c | 34 ++++++++++++++++++; 3 files changed, 104 insertions(+), 3 deletions(-)","This commit adds and modifies self-tests for map update access and function replacement in eBPF EXT programs.","selftests map-access EXT","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"50d19736aff497a4c25ec7e36375195bfd8570cd","50d19736aff497a4c25ec7e36375195bfd8570cd","Udip Pant","udippant@fb.com","1598397602","Alexei Starovoitov","ast@kernel.org","1598471276","e47a69ea55e1b60a83aaea5c1ea8907efdccf974","6dc03dc71387e1dc65cf14efb49e5cf7062a2d46","selftests/bpf: Test for checking return code for the extended prog This adds test to enforce same check for the return code for the extended prog as it is enforced for the target program. It asserts failure for a return code, which is permitted without the patch in this series, while it is restricted after the application of this patch. Signed-off-by: Udip Pant Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200825232003.2877030-4-udippant@fb.com",".../selftests/bpf/prog_tests/fexit_bpf2bpf.c | 40 ++++++++++++++++++++++; .../selftests/bpf/progs/freplace_connect_v4_prog.c | 19 ++++++++++; 2 files changed, 59 insertions(+)","This commit adds test cases to enforce the same return code checks for extended eBPF programs as the target program.","test,return code,extended","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"6dc03dc71387e1dc65cf14efb49e5cf7062a2d46","6dc03dc71387e1dc65cf14efb49e5cf7062a2d46","Udip Pant","udippant@fb.com","1598397601","Alexei Starovoitov","ast@kernel.org","1598471276","46675c899ce84ed38a4d43e93796afa7ca600468","7e40781cc8b767dd6530910ae12d75978d7d68e1","selftests/bpf: Add test for freplace program with write access This adds a selftest that tests the behavior when a freplace target program attempts to make a write access on a packet. The expectation is that the read or write access is granted based on the program type of the linked program and not itself (which is of type, for e.g., BPF_PROG_TYPE_EXT). This test fails without the associated patch on the verifier. Signed-off-by: Udip Pant Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200825232003.2877030-3-udippant@fb.com",".../selftests/bpf/prog_tests/fexit_bpf2bpf.c | 1 +; tools/testing/selftests/bpf/progs/fexit_bpf2bpf.c | 27 ++++++++++++++++++++++; .../testing/selftests/bpf/progs/test_pkt_access.c | 20 ++++++++++++++++; 3 files changed, 48 insertions(+)","The commit introduces a selftest for verifying write access handling in freplace target BPF programs based on linked program type.","selftest,freplace,write","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"7e40781cc8b767dd6530910ae12d75978d7d68e1","7e40781cc8b767dd6530910ae12d75978d7d68e1","Udip Pant","udippant@fb.com","1598397600","Alexei Starovoitov","ast@kernel.org","1598471276","6317f0b454db58419bd7a7205a853853493c4b83","7100ff7c62682c2332300ffde8706578e1098e13","bpf: verifier: Use target program's type for access verifications This patch adds changes in verifier to make decisions such as granting of read / write access or enforcement of return code status based on the program type of the target program while using dynamic program extension (of type BPF_PROG_TYPE_EXT). The BPF_PROG_TYPE_EXT type can be used to extend types such as XDP, SKB and others. Since the BPF_PROG_TYPE_EXT program type on itself is just a placeholder for those, we need this extended check for those extended programs to actually work with proper access, while using this option. Specifically, it introduces following changes: - may_access_direct_pkt_data: allow access to packet data based on the target prog - check_return_code: enforce return code based on the target prog (currently, this check is skipped for EXT program) - check_ld_abs: check for 'may_access_skb' based on the target prog - check_map_prog_compatibility: enforce the map compatibility check based on the target prog - may_update_sockmap: allow sockmap update based on the target prog Some other occurrences of prog->type is left as it without replacing with the 'resolved' type: - do_check_common() and check_attach_btf_id(): already have specific logic to handle the EXT prog type - jit_subprogs() and bpf_check(): Not changed for jit compilation or while inferring env->ops Next few patches in this series include selftests for some of these cases. Signed-off-by: Udip Pant Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200825232003.2877030-2-udippant@fb.com","kernel/bpf/verifier.c | 32 +++++++++++++++++++++-----------; 1 file changed, 21 insertions(+), 11 deletions(-)","The commit updates the eBPF verifier to use target program types for dynamic extension access verification.","verifier, access, extension","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', 'Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"7100ff7c62682c2332300ffde8706578e1098e13","7100ff7c62682c2332300ffde8706578e1098e13","Colin Ian King","colin.king@canonical.com","1598432347","Alexei Starovoitov","ast@kernel.org","1598458774","0fa941f8730a39a9cd096aa04bbde16c139f8488","d83971761fa278dcffa855110f024bf043ce6e6e","selftests/bpf: Fix spelling mistake ""scoket"" -> ""socket"" There is a spelling mistake in a check error message. Fix it. Signed-off-by: Colin Ian King Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200826085907.43095-1-colin.king@canonical.com","tools/testing/selftests/bpf/prog_tests/d_path.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","The commit fixes a spelling error in the eBPF selftest error message.","spelling,error,fix","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"d83971761fa278dcffa855110f024bf043ce6e6e","d83971761fa278dcffa855110f024bf043ce6e6e","Jiri Olsa","jolsa@kernel.org","1598437125","Alexei Starovoitov","ast@kernel.org","1598451648","6b7db7aedb2e89259675001473be1c458b4b5041","cd04b04de119a222c83936f7e9dbd46a650cb688","selftests/bpf: Fix open call in trigger_fstat_events Alexei reported compile breakage on newer systems with following error: In file included from /usr/include/fcntl.h:290:0, 4814 from ./test_progs.h:29, 4815 from .../bpf-next/tools/testing/selftests/bpf/prog_tests/d_path.c:3: 4816In function ‘open’, 4817 inlined from ‘trigger_fstat_events’ at .../bpf-next/tools/testing/selftests/bpf/prog_tests/d_path.c:50:10, 4818 inlined from ‘test_d_path’ at .../bpf-next/tools/testing/selftests/bpf/prog_tests/d_path.c:119:6: 4819/usr/include/x86_64-linux-gnu/bits/fcntl2.h:50:4: error: call to ‘__open_missing_mode’ declared with attribute error: open with O_CREAT or O_TMPFILE in second argument needs 3 arguments 4820 __open_missing_mode (); 4821 ^~~~~~~~~~~~~~~~~~~~~~ We're missing permission bits as 3rd argument for open call with O_CREAT flag specified. Fixes: e4d1af4b16f8 (""selftests/bpf: Add test for d_path helper"") Reported-by: Alexei Starovoitov Signed-off-by: Jiri Olsa Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200826101845.747617-1-jolsa@kernel.org","tools/testing/selftests/bpf/prog_tests/d_path.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Fixes a compile-time error in eBPF selftests by correcting the open system call parameters.","selftests,bpf,compile","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"cd04b04de119a222c83936f7e9dbd46a650cb688","cd04b04de119a222c83936f7e9dbd46a650cb688","Jiri Olsa","jolsa@kernel.org","1598383284","Alexei Starovoitov","ast@kernel.org","1598395275","2ab07ebea5e027f2852ec423ef669a3d9f3810ec","e4d1af4b16f80a90d9cf3a09bee2012dcde45638","selftests/bpf: Add set test to resolve_btfids Adding test to for sets resolve_btfids. We're checking that testing set gets properly resolved and sorted. Signed-off-by: Jiri Olsa Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200825192124.710397-15-jolsa@kernel.org",".../selftests/bpf/prog_tests/resolve_btfids.c | 39 +++++++++++++++++++++-; 1 file changed, 38 insertions(+), 1 deletion(-)","This commit adds a test for checking the resolution and sorting of BTF IDs in the selftests for BPF.","selftests, BTF IDs, resolve","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"e4d1af4b16f80a90d9cf3a09bee2012dcde45638","e4d1af4b16f80a90d9cf3a09bee2012dcde45638","Jiri Olsa","jolsa@kernel.org","1598383283","Alexei Starovoitov","ast@kernel.org","1598395275","c81a467dd57c7d30acbe937fa2d07353987dc3ce","762f85156835258c85a32bf81b283300b6c6bd17","selftests/bpf: Add test for d_path helper Adding test for d_path helper which is pretty much copied from Wenbo Zhang's test for bpf_get_fd_path, which never made it in. The test is doing fstat/close on several fd types, and verifies we got the d_path helper working on kernel probes for vfs_getattr/filp_close functions. Original-patch-by: Wenbo Zhang Signed-off-by: Jiri Olsa Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200825192124.710397-14-jolsa@kernel.org","tools/testing/selftests/bpf/prog_tests/d_path.c | 147 ++++++++++++++++++++++++; tools/testing/selftests/bpf/progs/test_d_path.c | 58 ++++++++++; 2 files changed, 205 insertions(+)","This commit adds a self-test for the d_path helper in eBPF using kernel probes.","selftests,d_path,kernel","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['kprobe/ftrace like type kernel dynamic probe programs. It affects kernel-level probes used for tracing kernel functions. It can be other kernel probes in perf-events.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"762f85156835258c85a32bf81b283300b6c6bd17","762f85156835258c85a32bf81b283300b6c6bd17","Jiri Olsa","jolsa@kernel.org","1598383282","Alexei Starovoitov","ast@kernel.org","1598395275","f5476f2772a5bdc444a60e283b49789a841da55a","68a26bc7922ebf8bbf418f8e9d69364d965433e9","selftests/bpf: Add verifier test for d_path helper Adding verifier test for attaching tracing program and calling d_path helper from within and testing that it's allowed for dentry_open function and denied for 'd_path' function with appropriate error. Signed-off-by: Jiri Olsa Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200825192124.710397-13-jolsa@kernel.org","tools/testing/selftests/bpf/test_verifier.c | 19 +++++++++++++-; tools/testing/selftests/bpf/verifier/d_path.c | 37 +++++++++++++++++++++++++++; 2 files changed, 55 insertions(+), 1 deletion(-)","This commit introduces a verifier test for the d_path helper in eBPF tracing programs.","verifier,test,d_path","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', 'kprobe/ftrace like type kernel dynamic probe programs. It affects kernel-level probes used for tracing kernel functions. It can be other kernel probes in perf-events.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"68a26bc7922ebf8bbf418f8e9d69364d965433e9","68a26bc7922ebf8bbf418f8e9d69364d965433e9","Jiri Olsa","jolsa@kernel.org","1598383281","Alexei Starovoitov","ast@kernel.org","1598395275","935ad42f80bdc1ebc4e08eada4b472d02c3e44d3","6e22ab9da79343532cd3cde39df25e5a5478c692","bpf: Update .BTF_ids section in btf.rst with sets info Updating btf.rst doc with info about BTF_SET_START/END macros. Signed-off-by: Jiri Olsa Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200825192124.710397-12-jolsa@kernel.org","Documentation/bpf/btf.rst | 25 +++++++++++++++++++++++++; 1 file changed, 25 insertions(+)","Update documentation btf.rst to include information about BTF_SET_START and BTF_SET_END macros.","BTF_ids,BTF_SET_START,btf.rst","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","It's not related to any above. E.g. It affects a logic component in eBPF that is not listed here and not related to other events.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"6e22ab9da79343532cd3cde39df25e5a5478c692","6e22ab9da79343532cd3cde39df25e5a5478c692","Jiri Olsa","jolsa@kernel.org","1598383280","Alexei Starovoitov","ast@kernel.org","1598395275","0421c44d1e43134bdf0abcdf575b0520e99796ec","eae2e83e62633a2659e3bc690facba1c2fc9c45b","bpf: Add d_path helper Adding d_path helper function that returns full path for given 'struct path' object, which needs to be the kernel BTF 'path' object. The path is returned in buffer provided 'buf' of size 'sz' and is zero terminated. bpf_d_path(&file->f_path, buf, size); The helper calls directly d_path function, so there's only limited set of function it can be called from. Adding just very modest set for the start. Updating also bpf.h tools uapi header and adding 'path' to bpf_helpers_doc.py script. Signed-off-by: Jiri Olsa Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Acked-by: KP Singh Link: https://lore.kernel.org/bpf/20200825192124.710397-11-jolsa@kernel.org","include/uapi/linux/bpf.h | 14 ++++++++++++; kernel/trace/bpf_trace.c | 48 ++++++++++++++++++++++++++++++++++++++++++; scripts/bpf_helpers_doc.py | 2 ++; tools/include/uapi/linux/bpf.h | 14 ++++++++++++; 4 files changed, 78 insertions(+)","The commit introduces a d_path helper function to obtain the full path from a given kernel BTF 'path' object in eBPF programs.","d_path,helper,BTF","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"eae2e83e62633a2659e3bc690facba1c2fc9c45b","eae2e83e62633a2659e3bc690facba1c2fc9c45b","Jiri Olsa","jolsa@kernel.org","1598383279","Alexei Starovoitov","ast@kernel.org","1598395061","22f56b258d678de272acfe98e53fb98c01ec10ad","faaf4a790d93794b46d67e2fd69b8e5c8cae2d41","bpf: Add BTF_SET_START/END macros Adding support to define sorted set of BTF ID values. Following defines sorted set of BTF ID values: BTF_SET_START(btf_allowlist_d_path) BTF_ID(func, vfs_truncate) BTF_ID(func, vfs_fallocate) BTF_ID(func, dentry_open) BTF_ID(func, vfs_getattr) BTF_ID(func, filp_close) BTF_SET_END(btf_allowlist_d_path) It defines following 'struct btf_id_set' variable to access values and count: struct btf_id_set btf_allowlist_d_path; Adding 'allowed' callback to struct bpf_func_proto, to allow verifier the check on allowed callers. Adding btf_id_set_contains function, which will be used by allowed callbacks to verify the caller's BTF ID value is within allowed set. Also removing extra '\' in __BTF_ID_LIST macro. Added BTF_SET_START_GLOBAL macro for global sets. Signed-off-by: Jiri Olsa Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200825192124.710397-10-jolsa@kernel.org","include/linux/bpf.h | 4 ++++; include/linux/btf_ids.h | 51 ++++++++++++++++++++++++++++++++++++++++++-; kernel/bpf/btf.c | 14 ++++++++++++; kernel/bpf/verifier.c | 5 +++++; tools/include/linux/btf_ids.h | 51 ++++++++++++++++++++++++++++++++++++++++++-; 5 files changed, 123 insertions(+), 2 deletions(-)","This commit introduces BTF set macros and related verifier checks to manage BTF ID values in sorted sets.","BTF,set,verifier","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"faaf4a790d93794b46d67e2fd69b8e5c8cae2d41","faaf4a790d93794b46d67e2fd69b8e5c8cae2d41","Jiri Olsa","jolsa@kernel.org","1598383278","Alexei Starovoitov","ast@kernel.org","1598395061","8c1f317df4976e485f72c66b0a9c735874b111d9","1c6d28a6ac56de5b0af9239a1b02aea4c3011ea3","bpf: Add btf_struct_ids_match function Adding btf_struct_ids_match function to check if given address provided by BTF object + offset is also address of another nested BTF object. This allows to pass an argument to helper, which is defined via parent BTF object + offset, like for bpf_d_path (added in following changes): SEC(""fentry/filp_close"") int BPF_PROG(prog_close, struct file *file, void *id) { ... ret = bpf_d_path(&file->f_path, ... The first bpf_d_path argument is hold by verifier as BTF file object plus offset of f_path member. The btf_struct_ids_match function will walk the struct file object and check if there's nested struct path object on the given offset. Signed-off-by: Jiri Olsa Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200825192124.710397-9-jolsa@kernel.org","include/linux/bpf.h | 2 ++; kernel/bpf/btf.c | 31 +++++++++++++++++++++++++++++++; kernel/bpf/verifier.c | 17 +++++++++++------; 3 files changed, 44 insertions(+), 6 deletions(-)","Introduced btf_struct_ids_match function to verify nested BTF object offsets for eBPF helper arguments.","BTF,helper,offset","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"1c6d28a6ac56de5b0af9239a1b02aea4c3011ea3","1c6d28a6ac56de5b0af9239a1b02aea4c3011ea3","Jiri Olsa","jolsa@kernel.org","1598383277","Alexei Starovoitov","ast@kernel.org","1598395061","26bb496869f662a2a271ad0a81028b309fb72ce5","dafe58fc1917a96c657a0f56a12f262e5d9fb324","bpf: Factor btf_struct_access function Adding btf_struct_walk function that walks through the struct type + given offset and returns following values: enum bpf_struct_walk_result { /* < 0 error */ WALK_SCALAR = 0, WALK_PTR, WALK_STRUCT, }; WALK_SCALAR - when SCALAR_VALUE is found WALK_PTR - when pointer value is found, its ID is stored in 'next_btf_id' output param WALK_STRUCT - when nested struct object is found, its ID is stored in 'next_btf_id' output param It will be used in following patches to get all nested struct objects for given type and offset. The btf_struct_access now calls btf_struct_walk function, as long as it gets nested structs as return value. Signed-off-by: Jiri Olsa Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200825192124.710397-8-jolsa@kernel.org","kernel/bpf/btf.c | 75 ++++++++++++++++++++++++++++++++++++++++++++++++--------; 1 file changed, 65 insertions(+), 10 deletions(-)","Refactors BTF structure access by adding a function to process struct types and offsets.","btf,struct,access","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","I'm not sure about the implementation component of the commit. The component affected by It is unclear.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"dafe58fc1917a96c657a0f56a12f262e5d9fb324","dafe58fc1917a96c657a0f56a12f262e5d9fb324","Jiri Olsa","jolsa@kernel.org","1598383276","Alexei Starovoitov","ast@kernel.org","1598395061","c46799d9c81e5e9622d8b7d19d6e46ad33a1e1de","887c31a39c49e261581a3d108607c9dea55b12d9","bpf: Remove recursion call in btf_struct_access Andrii suggested we can simply jump to again label instead of making recursion call. Suggested-by: Andrii Nakryiko Signed-off-by: Jiri Olsa Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200825192124.710397-7-jolsa@kernel.org","kernel/bpf/btf.c | 11 +++++------; 1 file changed, 5 insertions(+), 6 deletions(-)","This commit replaces recursion in the btf_struct_access function with a jump to a label for improved efficiency.","recursion, function, label","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"887c31a39c49e261581a3d108607c9dea55b12d9","887c31a39c49e261581a3d108607c9dea55b12d9","Jiri Olsa","jolsa@kernel.org","1598383275","Alexei Starovoitov","ast@kernel.org","1598395061","3b4db03236c2cf18b2a3c8129ac986e007d99d6b","69ff304792709dcdc5c8918b236cf06fe7db448f","bpf: Add type_id pointer as argument to __btf_resolve_size Adding type_id pointer as argument to __btf_resolve_size to return also BTF ID of the resolved type. It will be used in following changes. Signed-off-by: Jiri Olsa Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200825192124.710397-6-jolsa@kernel.org","kernel/bpf/btf.c | 13 +++++++++----; 1 file changed, 9 insertions(+), 4 deletions(-)","The commit adds a type_id pointer argument to __btf_resolve_size to provide BTF ID of the resolved type.","type_id,__btf_resolve_size,BTF","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"69ff304792709dcdc5c8918b236cf06fe7db448f","69ff304792709dcdc5c8918b236cf06fe7db448f","Jiri Olsa","jolsa@kernel.org","1598383274","Alexei Starovoitov","ast@kernel.org","1598395061","6295284e82769a23f95b086179173873570d6278","6298399bfc101f8e8cf35a916f26aa32bdf04278","bpf: Add elem_id pointer as argument to __btf_resolve_size If the resolved type is array, make btf_resolve_size return also ID of the elem type. It will be needed in following changes. Signed-off-by: Jiri Olsa Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200825192124.710397-5-jolsa@kernel.org","kernel/bpf/btf.c | 10 +++++++---; 1 file changed, 7 insertions(+), 3 deletions(-)","Enhance btf_resolve_size to return element type ID for arrays in eBPF BTF.","btf_resolve_size,elem_id,array","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"6298399bfc101f8e8cf35a916f26aa32bdf04278","6298399bfc101f8e8cf35a916f26aa32bdf04278","Jiri Olsa","jolsa@kernel.org","1598383273","Alexei Starovoitov","ast@kernel.org","1598395061","21fbccfaaff2150e9d3115845208fdb2e63c7c6a","a5f53b1d59c2fd35ebb55bbe47b05d596c0d466c","bpf: Move btf_resolve_size into __btf_resolve_size Moving btf_resolve_size into __btf_resolve_size and keeping btf_resolve_size public with just first 3 arguments, because the rest of the arguments are not used by outside callers. Following changes are adding more arguments, which are not useful to outside callers. They will be added to the __btf_resolve_size function. Signed-off-by: Jiri Olsa Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200825192124.710397-4-jolsa@kernel.org","include/linux/btf.h | 3 +--; kernel/bpf/bpf_struct_ops.c | 6 ++----; kernel/bpf/btf.c | 21 ++++++++++++++-------; 3 files changed, 17 insertions(+), 13 deletions(-)","Refactor btf_resolve_size by creating a separate internal function for additional arguments not needed by external calls.","btf_resolve_size, refactor, arguments","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"a5f53b1d59c2fd35ebb55bbe47b05d596c0d466c","a5f53b1d59c2fd35ebb55bbe47b05d596c0d466c","Jiri Olsa","jolsa@kernel.org","1598383272","Alexei Starovoitov","ast@kernel.org","1598395061","08dea3308f1c0f0c847d21997065fffe4642e610","193a983c5bc4c62f66d62a9a6f9084cf3f2a0db2","tools resolve_btfids: Add support for set symbols The set symbol does not have the unique number suffix, so we need to give it a special parsing function. This was omitted in the first batch, because there was no set support yet, so it slipped in the testing. Signed-off-by: Jiri Olsa Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200825192124.710397-3-jolsa@kernel.org","tools/bpf/resolve_btfids/main.c | 20 +++++++++++++++++++-; 1 file changed, 19 insertions(+), 1 deletion(-)","Adds parsing support for set symbols in resolve_btfids tool.","set symbols, resolve_btfids, parsing","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"193a983c5bc4c62f66d62a9a6f9084cf3f2a0db2","193a983c5bc4c62f66d62a9a6f9084cf3f2a0db2","Jiri Olsa","jolsa@kernel.org","1598383271","Alexei Starovoitov","ast@kernel.org","1598395061","7d495677e76d509c4b3d16904e07e913ed7c0a3f","2532f849b5134c4c62a20e5aaca33d9fb08af528","tools resolve_btfids: Add size check to get_id function To make sure we don't crash on malformed symbols. Signed-off-by: Jiri Olsa Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200825192124.710397-2-jolsa@kernel.org","tools/bpf/resolve_btfids/main.c | 9 ++++++++-; 1 file changed, 8 insertions(+), 1 deletion(-)","This commit adds a size check to the get_id function in resolve_btfids to prevent crashes from malformed symbols.","size check, get_id, resolvebtfids","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"2532f849b5134c4c62a20e5aaca33d9fb08af528","2532f849b5134c4c62a20e5aaca33d9fb08af528","Alexei Starovoitov","ast@kernel.org","1598394226","Alexei Starovoitov","ast@kernel.org","1598394226","c92e91cc28bde6f4cb5999c8b7480c861cafdd0e","cd324d7abb3d850ae083bda1239f800abe21fe25","bpf: Disallow BPF_PRELOAD in allmodconfig builds The CC_CAN_LINK checks that the host compiler can link, but bpf_preload relies on libbpf which in turn needs libelf to be present during linking. allmodconfig runs in odd setups with cross compilers and missing host libraries like libelf. Instead of extending kconfig with every possible library that bpf_preload might need disallow building BPF_PRELOAD in such build-only configurations. Signed-off-by: Alexei Starovoitov ","kernel/bpf/preload/Kconfig | 3 +++; 1 file changed, 3 insertions(+)","The commit disables BPF_PRELOAD in allmodconfig builds due to dependencies on missing host libraries like libelf.","BPF_PRELOAD, allmodconfig, libelf","A build system or CI/CD change. It affects the build process continuous integration or deployment pipelines.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"cd324d7abb3d850ae083bda1239f800abe21fe25","cd324d7abb3d850ae083bda1239f800abe21fe25","KP Singh","kpsingh@google.com","1598380159","Alexei Starovoitov","ast@kernel.org","1598392804","f24d4ea8decc92139a1acaaf8e68024420293bb5","30897832d8b97e93833fb52c0a02951db3692ed2","bpf: Add selftests for local_storage inode_local_storage: * Hook to the file_open and inode_unlink LSM hooks. * Create and unlink a temporary file. * Store some information in the inode's bpf_local_storage during file_open. * Verify that this information exists when the file is unlinked. sk_local_storage: * Hook to the socket_post_create and socket_bind LSM hooks. * Open and bind a socket and set the sk_storage in the socket_post_create hook using the start_server helper. * Verify if the information is set in the socket_bind hook. Signed-off-by: KP Singh Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200825182919.1118197-8-kpsingh@chromium.org",".../selftests/bpf/prog_tests/test_local_storage.c | 60 +++++++++; tools/testing/selftests/bpf/progs/local_storage.c | 140 +++++++++++++++++++++; 2 files changed, 200 insertions(+)","Added selftests for local_storage using LSM hooks in inode and socket operations.","selftests, local_storage, LSM hooks","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['LSM type related programs. It relates to eBPF programs used with Linux Security Modules (LSMs) for security enhancements.']" +"30897832d8b97e93833fb52c0a02951db3692ed2","30897832d8b97e93833fb52c0a02951db3692ed2","KP Singh","kpsingh@google.com","1598380158","Alexei Starovoitov","ast@kernel.org","1598392804","7e10ebe1b8b5961832641bd4336dc23e35bb0c1c","8ea636848aca35b9f97c5b5dee30225cf2dd0fe6","bpf: Allow local storage to be used from LSM programs Adds support for both bpf_{sk, inode}_storage_{get, delete} to be used in LSM programs. These helpers are not used for tracing programs (currently) as their usage is tied to the life-cycle of the object and should only be used where the owning object won't be freed (when the owning object is passed as an argument to the LSM hook). Thus, they are safer to use in LSM hooks than tracing. Usage of local storage in tracing programs will probably follow a per function based whitelist approach. Since the UAPI helper signature for bpf_sk_storage expect a bpf_sock, it, leads to a compilation warning for LSM programs, it's also updated to accept a void * pointer instead. Signed-off-by: KP Singh Signed-off-by: Alexei Starovoitov Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200825182919.1118197-7-kpsingh@chromium.org","include/net/bpf_sk_storage.h | 2 ++; include/uapi/linux/bpf.h | 7 +++++--; kernel/bpf/bpf_lsm.c | 21 ++++++++++++++++++++-; net/core/bpf_sk_storage.c | 25 +++++++++++++++++++++++++; tools/include/uapi/linux/bpf.h | 7 +++++--; 5 files changed, 57 insertions(+), 5 deletions(-)","This commit enables local storage usage for LSM programs by updating bpf storage helpers and fixing related compilation issues.","local storage, LSM programs, bpf helpers","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['LSM type related programs. It relates to eBPF programs used with Linux Security Modules (LSMs) for security enhancements.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"8ea636848aca35b9f97c5b5dee30225cf2dd0fe6","8ea636848aca35b9f97c5b5dee30225cf2dd0fe6","KP Singh","kpsingh@google.com","1598380157","Alexei Starovoitov","ast@kernel.org","1598392804","fd26d1b828552b8e1e4dc53fe61e928cfeaf7f61","450af8d0f6be2e7dd2a528a3fb054bb726bf1747","bpf: Implement bpf_local_storage for inodes Similar to bpf_local_storage for sockets, add local storage for inodes. The life-cycle of storage is managed with the life-cycle of the inode. i.e. the storage is destroyed along with the owning inode. The BPF LSM allocates an __rcu pointer to the bpf_local_storage in the security blob which are now stackable and can co-exist with other LSMs. Signed-off-by: KP Singh Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200825182919.1118197-6-kpsingh@chromium.org","include/linux/bpf_lsm.h | 29 +++; include/linux/bpf_types.h | 3 +; include/uapi/linux/bpf.h | 40 +++-; kernel/bpf/Makefile | 1 +; kernel/bpf/bpf_inode_storage.c | 273 ++++++++++++++++++++++++; kernel/bpf/syscall.c | 3 +-; kernel/bpf/verifier.c | 10 +; security/bpf/hooks.c | 6 +; tools/bpf/bpftool/Documentation/bpftool-map.rst | 2 +-; tools/bpf/bpftool/bash-completion/bpftool | 3 +-; tools/bpf/bpftool/map.c | 3 +-; tools/include/uapi/linux/bpf.h | 40 +++-; tools/lib/bpf/libbpf_probes.c | 5 +-; 13 files changed, 410 insertions(+), 8 deletions(-)","Implemented bpf_local_storage for inodes, aligning storage lifecycle with inode lifecycle for enhanced BPF LSM functionality.","bpf_local_storage,inodes,LSM","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['LSM type related programs. It relates to eBPF programs used with Linux Security Modules (LSMs) for security enhancements.']" +"450af8d0f6be2e7dd2a528a3fb054bb726bf1747","450af8d0f6be2e7dd2a528a3fb054bb726bf1747","KP Singh","kpsingh@google.com","1598380156","Alexei Starovoitov","ast@kernel.org","1598392804","e674df8ab7e5029d14c2eeedfd97b75097d697cd","f836a56e84ffc9f1a1cd73f77e10404ca46a4616","bpf: Split bpf_local_storage to bpf_sk_storage A purely mechanical change: bpf_sk_storage.c = bpf_sk_storage.c + bpf_local_storage.c bpf_sk_storage.h = bpf_sk_storage.h + bpf_local_storage.h Signed-off-by: KP Singh Signed-off-by: Alexei Starovoitov Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200825182919.1118197-5-kpsingh@chromium.org","include/linux/bpf_local_storage.h | 163 +++++++++; include/net/bpf_sk_storage.h | 61 +---; kernel/bpf/Makefile | 1 +; kernel/bpf/bpf_local_storage.c | 600 ++++++++++++++++++++++++++++++++++; net/core/bpf_sk_storage.c | 672 +-------------------------------------; 5 files changed, 766 insertions(+), 731 deletions(-)","The commit mechanically refactors bpf_local_storage by separating it into bpf_sk_storage across related source and header files.","bpf,storage,refactor","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"f836a56e84ffc9f1a1cd73f77e10404ca46a4616","f836a56e84ffc9f1a1cd73f77e10404ca46a4616","KP Singh","kpsingh@google.com","1598380155","Alexei Starovoitov","ast@kernel.org","1598392804","c8ecb11c7e153aa30411b1691ff434ea68530217","4cc9ce4e739961a7b9e6b2f3b27a72124d356373","bpf: Generalize bpf_sk_storage Refactor the functionality in bpf_sk_storage.c so that concept of storage linked to kernel objects can be extended to other objects like inode, task_struct etc. Each new local storage will still be a separate map and provide its own set of helpers. This allows for future object specific extensions and still share a lot of the underlying implementation. This includes the changes suggested by Martin in: https://lore.kernel.org/bpf/20200725013047.4006241-1-kafai@fb.com/ adding new map operations to support bpf_local_storage maps: * storages for different kernel objects to optionally have different memory charging strategy (map_local_storage_charge, map_local_storage_uncharge) * Functionality to extract the storage pointer from a pointer to the owning object (map_owner_storage_ptr) Co-developed-by: Martin KaFai Lau Signed-off-by: Martin KaFai Lau Signed-off-by: KP Singh Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200825182919.1118197-4-kpsingh@chromium.org","include/linux/bpf.h | 8 ++; include/net/bpf_sk_storage.h | 52 +++++++++; include/uapi/linux/bpf.h | 8 +-; net/core/bpf_sk_storage.c | 238 +++++++++++++++++++++++++++--------------; tools/include/uapi/linux/bpf.h | 8 +-; 5 files changed, 228 insertions(+), 86 deletions(-)","Refactor bpf_sk_storage to enable linking storage with multiple kernel objects like inode and task_struct for future extensions.","bpf_sk_storage, storage, refactor","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"4cc9ce4e739961a7b9e6b2f3b27a72124d356373","4cc9ce4e739961a7b9e6b2f3b27a72124d356373","KP Singh","kpsingh@google.com","1598380154","Alexei Starovoitov","ast@kernel.org","1598392803","0c3c8823c8857a15d185ed8c59e4cd00f307adb8","1f00d375af84fbcdb6dd6c79fd7c3d02d2390338","bpf: Generalize caching for sk_storage. Provide the a ability to define local storage caches on a per-object type basis. The caches and caching indices for different objects should not be inter-mixed as suggested in: https://lore.kernel.org/bpf/20200630193441.kdwnkestulg5erii@kafai-mbp.dhcp.thefacebook.com/ ""Caching a sk-storage at idx=0 of a sk should not stop an inode-storage to be cached at the same idx of a inode."" Signed-off-by: KP Singh Signed-off-by: Alexei Starovoitov Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200825182919.1118197-3-kpsingh@chromium.org","include/net/bpf_sk_storage.h | 19 +++++++++++++++++++; net/core/bpf_sk_storage.c | 31 +++++++++++++++----------------; 2 files changed, 34 insertions(+), 16 deletions(-)","The commit enhances local storage caching capabilities for various object types in the BPF subsystem.","caching, sk_storage, objects","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"1f00d375af84fbcdb6dd6c79fd7c3d02d2390338","1f00d375af84fbcdb6dd6c79fd7c3d02d2390338","KP Singh","kpsingh@google.com","1598380153","Alexei Starovoitov","ast@kernel.org","1598392798","32aa5b0c83e792c2487bf1a2e15c73fcceb19110","0fcdfffe80346d015b920228203d0269284d8b13","bpf: Renames in preparation for bpf_local_storage A purely mechanical change to split the renaming from the actual generalization. Flags/consts: SK_STORAGE_CREATE_FLAG_MASK BPF_LOCAL_STORAGE_CREATE_FLAG_MASK BPF_SK_STORAGE_CACHE_SIZE BPF_LOCAL_STORAGE_CACHE_SIZE MAX_VALUE_SIZE BPF_LOCAL_STORAGE_MAX_VALUE_SIZE Structs: bucket bpf_local_storage_map_bucket bpf_sk_storage_map bpf_local_storage_map bpf_sk_storage_data bpf_local_storage_data bpf_sk_storage_elem bpf_local_storage_elem bpf_sk_storage bpf_local_storage The ""sk"" member in bpf_local_storage is also updated to ""owner"" in preparation for changing the type to void * in a subsequent patch. Functions: selem_linked_to_sk selem_linked_to_storage selem_alloc bpf_selem_alloc __selem_unlink_sk bpf_selem_unlink_storage_nolock __selem_link_sk bpf_selem_link_storage_nolock selem_unlink_sk __bpf_selem_unlink_storage sk_storage_update bpf_local_storage_update __sk_storage_lookup bpf_local_storage_lookup bpf_sk_storage_map_free bpf_local_storage_map_free bpf_sk_storage_map_alloc bpf_local_storage_map_alloc bpf_sk_storage_map_alloc_check bpf_local_storage_map_alloc_check bpf_sk_storage_map_check_btf bpf_local_storage_map_check_btf Signed-off-by: KP Singh Signed-off-by: Alexei Starovoitov Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200825182919.1118197-2-kpsingh@chromium.org","include/net/sock.h | 4 +-; net/core/bpf_sk_storage.c | 488 ++++++++++++-----------; tools/testing/selftests/bpf/progs/map_ptr_kern.c | 6 +-; 3 files changed, 255 insertions(+), 243 deletions(-)","Renames functions and structures for bpf_local_storage generalization preparation.","renames, bpf_local_storage, generalization","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"0fcdfffe80346d015b920228203d0269284d8b13","0fcdfffe80346d015b920228203d0269284d8b13","Yonghong Song","yhs@fb.com","1598308087","Alexei Starovoitov","ast@kernel.org","1598328913","7ee8b1d806fa55f59819b006b7848ed70d9e8831","f0c328f8af5d920a68f8217aec76d9a45288cef1","selftests/bpf: Enable tc verbose mode for test_sk_assign Currently test_sk_assign failed verifier with llvm11/llvm12. During debugging, I found the default verifier output is truncated like below Verifier analysis: Skipped 2200 bytes, use 'verb' option for the full verbose log. [...] off=23,r=34,imm=0) R5=inv0 R6=ctx(id=0,off=0,imm=0) R7=pkt(id=0,off=0,r=34,imm=0) R10=fp0 80: (0f) r7 += r2 last_idx 80 first_idx 21 regs=4 stack=0 before 78: (16) if w3 == 0x11 goto pc+1 when I am using ""./test_progs -vv -t assign"". The reason is tc verbose mode is not enabled. This patched enabled tc verbose mode and the output looks like below Verifier analysis: 0: (bf) r6 = r1 1: (b4) w0 = 2 2: (61) r1 = *(u32 *)(r6 +80) 3: (61) r7 = *(u32 *)(r6 +76) 4: (bf) r2 = r7 5: (07) r2 += 14 6: (2d) if r2 > r1 goto pc+61 R0_w=inv2 R1_w=pkt_end(id=0,off=0,imm=0) R2_w=pkt(id=0,off=14,r=14,imm=0) ... Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200824222807.100200-1-yhs@fb.com","tools/testing/selftests/bpf/prog_tests/sk_assign.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","This commit enables the verbose mode in tc for test_sk_assign to enhance debugging capabilities.","selftests tc verbose","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"7787b6fc938e16aa418613c4a765c1dbb268ed9f","7787b6fc938e16aa418613c4a765c1dbb268ed9f","Tobias Klauser","tklauser@distanz.ch","1598278847","Alexei Starovoitov","ast@kernel.org","1598328700","d4c939ae5c785993e24366a29adb3b5b5b4ad90e","2b10af318ad305b8e56f1f7ad78ea3ba20aadc01","bpf, sysctl: Let bpf_stats_handler take a kernel pointer buffer Commit 32927393dc1c (""sysctl: pass kernel pointers to ->proc_handler"") changed ctl_table.proc_handler to take a kernel pointer. Adjust the signature of bpf_stats_handler to match ctl_table.proc_handler which fixes the following sparse warning: kernel/sysctl.c:226:49: warning: incorrect type in argument 3 (different address spaces) kernel/sysctl.c:226:49: expected void * kernel/sysctl.c:226:49: got void [noderef] __user *buffer kernel/sysctl.c:2640:35: warning: incorrect type in initializer (incompatible argument 3 (different address spaces)) kernel/sysctl.c:2640:35: expected int ( [usertype] *proc_handler )( ... ) kernel/sysctl.c:2640:35: got int ( * )( ... ) Fixes: 32927393dc1c (""sysctl: pass kernel pointers to ->proc_handler"") Signed-off-by: Tobias Klauser Signed-off-by: Alexei Starovoitov Cc: Christoph Hellwig Link: https://lore.kernel.org/bpf/20200824142047.22043-1-tklauser@distanz.ch","kernel/sysctl.c | 3 +--; 1 file changed, 1 insertion(+), 2 deletions(-)","The commit modifies bpf_stats_handler to take a kernel pointer for compatibility with sysctl changes.","bpf,sysctl,sparse","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"2b10af318ad305b8e56f1f7ad78ea3ba20aadc01","2b10af318ad305b8e56f1f7ad78ea3ba20aadc01","Jesper Dangaard Brouer","brouer@redhat.com","1598270240","Alexei Starovoitov","ast@kernel.org","1598328564","70369357e05057e8ef291804edc593212d4661ce","b474959d5afda6e341a02c85f9595d85d39189ae","selftests/bpf: Fix test_progs-flavor run getting number of tests Commit 643e7233aa94 (""selftests/bpf: Test_progs option for getting number of tests"") introduced ability to getting number of tests, which is targeted towards scripting. As demonstrate in the commit the number can be use as a shell variable for further scripting. The test_progs program support ""flavor"", which is detected by the binary have a ""-flavor"" in the executable name. One example is test_progs-no_alu32, which load bpf-progs compiled with disabled alu32, located in dir 'no_alu32/'. The problem is that invoking a ""flavor"" binary prints to stdout e.g.: ""Switching to flavor 'no_alu32' subdirectory..."" Thus, intermixing with the number of tests, making it unusable for scripting. Fix the issue by only printing ""flavor"" info when verbose -v option is used. Fixes: 643e7233aa94 (""selftests/bpf: Test_progs option for getting number of tests"") Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/159827024012.923543.7104106594870150597.stgit@firesoul","tools/testing/selftests/bpf/test_progs.c | 4 +++-; 1 file changed, 3 insertions(+), 1 deletion(-)","This commit fixes the stdout output in test_progs when using a flavor by limiting it to verbose mode to aid script usability.","selftests, verbose, output","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"b474959d5afda6e341a02c85f9595d85d39189ae","b474959d5afda6e341a02c85f9595d85d39189ae","Yonghong Song","yhs@fb.com","1598037054","Alexei Starovoitov","ast@kernel.org","1598328187","eb61755165d1e65bdd944d7b48239392c59e31d6","99408c422d336db32bfab5cbebc10038a70cf7d2","bpf: Fix a buffer out-of-bound access when filling raw_tp link_info Commit f2e10bff16a0 (""bpf: Add support for BPF_OBJ_GET_INFO_BY_FD for bpf_link"") added link query for raw_tp. One of fields in link_info is to fill a user buffer with tp_name. The Scurrent checking only declares ""ulen && !ubuf"" as invalid. So ""!ulen && ubuf"" will be valid. Later on, we do ""copy_to_user(ubuf, tp_name, ulen - 1)"" which may overwrite user memory incorrectly. This patch fixed the problem by disallowing ""!ulen && ubuf"" case as well. Fixes: f2e10bff16a0 (""bpf: Add support for BPF_OBJ_GET_INFO_BY_FD for bpf_link"") Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200821191054.714731-1-yhs@fb.com","kernel/bpf/syscall.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","This commit fixes a buffer out-of-bound access issue in filling raw_tp link_info for BPF link querying.","buffer, out-of-bound, raw_tp","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.']" +"f0c328f8af5d920a68f8217aec76d9a45288cef1","f0c328f8af5d920a68f8217aec76d9a45288cef1","Daniel T. Lee","danieltimlee@gmail.com","1598172814","Alexei Starovoitov","ast@kernel.org","1598327975","21b45294c5ef83066fac094eab783df052db0015","3677d0a13171bb1dc8db0af84d48dea14a899962","samples: bpf: Refactor tracepoint tracing programs with libbpf For the problem of increasing fragmentation of the bpf loader programs, instead of using bpf_loader.o, which is used in samples/bpf, this commit refactors the existing tracepoint tracing programs with libbbpf bpf loader. - Adding a tracepoint event and attaching a bpf program to it was done through bpf_program_attach(). - Instead of using the existing BPF MAP definition, MAP definition has been refactored with the new BTF-defined MAP format. Signed-off-by: Daniel T. Lee Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200823085334.9413-4-danieltimlee@gmail.com","samples/bpf/Makefile | 6 ++--; samples/bpf/cpustat_kern.c | 36 +++++++++++------------; samples/bpf/cpustat_user.c | 47 +++++++++++++++++++++++++-----; samples/bpf/offwaketime_kern.c | 52 ++++++++++++++++-----------------; samples/bpf/offwaketime_user.c | 66 ++++++++++++++++++++++++++++++++----------; samples/bpf/syscall_tp_kern.c | 24 +++++++--------; samples/bpf/syscall_tp_user.c | 54 ++++++++++++++++++++++++++--------; 7 files changed, 192 insertions(+), 93 deletions(-)","The commit refactors existing tracepoint tracing programs to use libbpf for eBPF program loading and updates BPF MAP definitions to BTF format.","refactor,libbpf,tracepoint","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.']" +"3677d0a13171bb1dc8db0af84d48dea14a899962","3677d0a13171bb1dc8db0af84d48dea14a899962","Daniel T. Lee","danieltimlee@gmail.com","1598172813","Alexei Starovoitov","ast@kernel.org","1598327975","3de96b317e44d7e1eb175a4be093101f317e88ff","35a8b6dd339f04cbcb0b2d085334263542a12b70","samples: bpf: Refactor kprobe tracing programs with libbpf For the problem of increasing fragmentation of the bpf loader programs, instead of using bpf_loader.o, which is used in samples/bpf, this commit refactors the existing kprobe tracing programs with libbbpf bpf loader. - For kprobe events pointing to system calls, the SYSCALL() macro in trace_common.h was used. - Adding a kprobe event and attaching a bpf program to it was done through bpf_program_attach(). - Instead of using the existing BPF MAP definition, MAP definition has been refactored with the new BTF-defined MAP format. Signed-off-by: Daniel T. Lee Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200823085334.9413-3-danieltimlee@gmail.com","samples/bpf/Makefile | 10 ++--; samples/bpf/lathist_kern.c | 24 ++++----; samples/bpf/lathist_user.c | 42 ++++++++++++--; samples/bpf/spintest_kern.c | 36 ++++++------; samples/bpf/spintest_user.c | 68 ++++++++++++++++++-----; samples/bpf/test_current_task_under_cgroup_kern.c | 27 ++++-----; samples/bpf/test_current_task_under_cgroup_user.c | 52 +++++++++++++----; samples/bpf/test_probe_write_user_kern.c | 12 ++--; samples/bpf/test_probe_write_user_user.c | 49 ++++++++++++----; samples/bpf/trace_output_kern.c | 15 ++---; samples/bpf/trace_output_user.c | 55 ++++++++++++------; 11 files changed, 272 insertions(+), 118 deletions(-)","Refactored kprobe tracing programs using libbpf to reduce fragmentation in bpf loader programs.","refactor,kprobe,libbpf","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['kprobe/ftrace like type kernel dynamic probe programs. It affects kernel-level probes used for tracing kernel functions. It can be other kernel probes in perf-events.']" +"35a8b6dd339f04cbcb0b2d085334263542a12b70","35a8b6dd339f04cbcb0b2d085334263542a12b70","Daniel T. Lee","danieltimlee@gmail.com","1598172812","Alexei Starovoitov","ast@kernel.org","1598327975","e0f6b8f5dab540a8b4882403f2c49749566fd2e3","8c3b3d971f2e4d72d8768457c40b513ca5d1f906","samples: bpf: Cleanup bpf_load.o from Makefile Since commit cc7f641d637b (""samples: bpf: Refactor BPF map performance test with libbpf"") has ommited the removal of bpf_load.o from Makefile, this commit removes the bpf_load.o rule for targets where bpf_load.o is not used. Fixes: cc7f641d637b (""samples: bpf: Refactor BPF map performance test with libbpf"") Signed-off-by: Daniel T. Lee Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200823085334.9413-2-danieltimlee@gmail.com","samples/bpf/Makefile | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","This commit cleans up the Makefile by removing an unused bpf_load.o rule in BPF samples.","cleanup, Makefile, bpf_load","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"8c3b3d971f2e4d72d8768457c40b513ca5d1f906","8c3b3d971f2e4d72d8768457c40b513ca5d1f906","Lorenz Bauer","lmb@cloudflare.com","1598258723","Alexei Starovoitov","ast@kernel.org","1598305906","c1de23513b83f98f87a43b34ca54a8341f465f25","f872e4bc47f100ccbbe9469cd12e5ac78e4b6eda","selftests: bpf: Fix sockmap update nits Address review by Yonghong, to bring the new tests in line with the usual code style. Signed-off-by: Lorenz Bauer Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200824084523.13104-1-lmb@cloudflare.com","tools/testing/selftests/bpf/prog_tests/sockmap_basic.c | 12 +++++-------; 1 file changed, 5 insertions(+), 7 deletions(-)","The commit fixes style issues in the selftests for sockmap to align with usual code practices.","selftests,sockmap,style","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"f872e4bc47f100ccbbe9469cd12e5ac78e4b6eda","f872e4bc47f100ccbbe9469cd12e5ac78e4b6eda","Andrii Nakryiko","andriin@fb.com","1598050613","Alexei Starovoitov","ast@kernel.org","1598305800","52992b015c1b760af63ef5cdcb524b142de11f46","3418c56de81fd73f2265c8915f4b910bcc141cb7","libbpf: Fix type compatibility check copy-paste error Fix copy-paste error in types compatibility check. Local type is accidentally used instead of target type for the very first type check strictness check. This can result in potentially less strict candidate comparison. Fix the error. Fixes: 3fc32f40c402 (""libbpf: Implement type-based CO-RE relocations support"") Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200821225653.2180782-1-andriin@fb.com","tools/lib/bpf/libbpf.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Fixes a copy-paste error in libbpf for type compatibility checks, ensuring correct type comparison.","libbpf, copy-paste, error","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"3418c56de81fd73f2265c8915f4b910bcc141cb7","3418c56de81fd73f2265c8915f4b910bcc141cb7","Andrii Nakryiko","andriin@fb.com","1598050556","Alexei Starovoitov","ast@kernel.org","1598305699","7fda40b14656a8f540ce6d70c8dfc7b47d6ed9d8","07ff4f012635b05d344dbf0f2db87ba5e8c4c27a","libbpf: Avoid false unuinitialized variable warning in bpf_core_apply_relo Some versions of GCC report uninitialized targ_spec usage. GCC is wrong, but let's avoid unnecessary warnings. Fixes: ddc7c3042614 (""libbpf: implement BPF CO-RE offset relocation algorithm"") Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200821225556.2178419-1-andriin@fb.com","tools/lib/bpf/libbpf.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","The commit addresses a false uninitialized variable warning in the BPF CO-RE offset relocation algorithm within libbpf.","libbpf, warning, GCC","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"07ff4f012635b05d344dbf0f2db87ba5e8c4c27a","07ff4f012635b05d344dbf0f2db87ba5e8c4c27a","Jakub Sitnicki","jakub@cloudflare.com","1598004146","Alexei Starovoitov","ast@kernel.org","1598305610","33caca1cb666bbce438ee6cd9fc0d670681dd9fa","4d0d1673416bee2099e93c6636c51754e2100024","bpf: sk_lookup: Add user documentation Describe the purpose of BPF sk_lookup program, how it can be attached, when it gets invoked, and what information gets passed to it. Point the reader to examples and further documentation. Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200821100226.403844-1-jakub@cloudflare.com","Documentation/bpf/index.rst | 1 +; Documentation/bpf/prog_sk_lookup.rst | 98 ++++++++++++++++++++++++++++++++++++; 2 files changed, 99 insertions(+)","The commit adds documentation for the BPF sk_lookup program, describing its purpose, attachment, invocation, and associated information.","documentation, sk_lookup, BPF","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"4d0d1673416bee2099e93c6636c51754e2100024","4d0d1673416bee2099e93c6636c51754e2100024","Jianlin Lv","Jianlin.Lv@arm.com","1597987697","Alexei Starovoitov","ast@kernel.org","1598305428","1a21a4f3b72e8e5de42048077f70fa7055bb2258","890f4365e47ecbf554c043448ccec7ea10435120","docs: Correct subject prefix and update LLVM info bpf_devel_QA.rst:152 The subject prefix information is not accurate, it should be 'PATCH bpf-next v2' Also update LLVM version info and add information about ‘-DLLVM_TARGETS_TO_BUILD’ to prompt the developer to build the desired target. Signed-off-by: Jianlin Lv Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200821052817.46887-1-Jianlin.Lv@arm.com","Documentation/bpf/bpf_devel_QA.rst | 19 ++++++++++++-------; 1 file changed, 12 insertions(+), 7 deletions(-)","The commit updates eBPF documentation for subject prefix and LLVM version details.","documentation, LLVM, subject","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"890f4365e47ecbf554c043448ccec7ea10435120","890f4365e47ecbf554c043448ccec7ea10435120","Alexei Starovoitov","ast@kernel.org","1598304901","Alexei Starovoitov","ast@kernel.org","1598305158","b1faac2bd96331562c4ef6cd40e05c4947d13969","9c0f8cbdc0e9cf8a2a3a96045778b8d759f172c2 267cf9fa43d1c9d525d5d818a8651f2900e3aa9e","Merge branch 'bpf-tcp-header-opts' Martin KaFai Lau says: ==================== The earlier effort in BPF-TCP-CC allows the TCP Congestion Control algorithm to be written in BPF. It opens up opportunities to allow a faster turnaround time in testing/releasing new congestion control ideas to production environment. The same flexibility can be extended to writing TCP header option. It is not uncommon that people want to test new TCP header option to improve the TCP performance. Another use case is for data-center that has a more controlled environment and has more flexibility in putting header options for internal traffic only. This patch set introduces the necessary BPF logic and API to allow bpf program to write and parse header options. There are also some changes to TCP and they are mostly to provide the needed sk and skb info to the bpf program to make decision. Patch 9 is the main patch and has more details on the API and design. The set includes an example which sends the max delay ack in the BPF TCP header option and the receiving side can then adjust its RTO accordingly. v5: - Move some of the comments from git commit message to the UAPI bpf.h in patch 9 - Some variable clean up in the tests (patch 11). v4: - Since bpf-next is currently closed, tag the set with RFC to keep the review cadence - Separate tcp changes in its own patches (5, 6, 7). It is a bit tricky since most of the tcp changes is to call out the bpf prog to write and parse the header. The write and parse callout has been modularized into a few bpf_skops_* function in v3. This revision (v4) tries to move those bpf_skops_* functions into separate TCP patches. However, they will be half implemented to highlight the changes to the TCP stack, mainly: - when the bpf prog will be called in the TCP stack and - what information needs to pump through the TCP stack to the actual bpf prog callsite. The bpf_skops_* functions will be fully implemented in patch 9 together with other bpf pieces. - Use struct_size() in patch 1 (Eric) - Add saw_unknown to struct tcp_options_received in patch 4 (Eric) v3: - Add kdoc for tcp_make_synack (Jakub Kicinski) - Add BPF_WRITE_HDR_TCP_CURRENT_MSS and BPF_WRITE_HDR_TCP_SYNACK_COOKIE in bpf.h to give a clearer meaning to sock_ops->args[0] when writing header option. - Rename BPF_SOCK_OPS_PARSE_UNKWN_HDR_OPT_CB_FLAG to BPF_SOCK_OPS_PARSE_UNKNOWN_HDR_OPT_CB_FLAG v2: - Instead of limiting the bpf prog to write experimental option (kind:254, magic:0xeB9F), this revision allows the bpf prog to write any TCP header option through the bpf_store_hdr_opt() helper. That will allow different bpf-progs to write its own option and the helper will guarantee there is no duplication. - Add bpf_load_hdr_opt() helper to search a particular option by kind. Some of the get_syn logic is refactored to bpf_sock_ops_get_syn(). - Since bpf prog is no longer limited to option (254, 0xeB9F), the TCP_SKB_CB(skb)->bpf_hdr_opt_off is no longer needed. Instead, when there is any option kernel cannot recognize, the bpf prog will be called if the BPF_SOCK_OPS_PARSE_UNKWN_HDR_OPT_CB_FLAG is set. [ The ""unknown_opt"" is learned in tcp_parse_options() in patch 4. ] - Add BPF_SOCK_OPS_PARSE_ALL_HDR_OPT_CB_FLAG. If this flag is set, the bpf-prog will be called on all tcp packet received at an established sk. It will be useful to ensure a previously written header option is received by the peer. e.g. The latter test is using this on the active-side during syncookie. - The test_tcp_hdr_options.c is adjusted accordingly to test writing both experimental and regular TCP header option. - The test_misc_tcp_hdr_options.c is added to mainly test different cases on the new helpers. - Break up the TCP_BPF_RTO_MIN and TCP_BPF_DELACK_MAX into two patches. - Directly store the tcp_hdrlen in ""struct saved_syn"" instead of going back to the tcp header to obtain it by ""th->doff * 4"" - Add a new optval(==2) for setsockopt(TCP_SAVE_SYN) such that it will also store the mac header (patch 9). ==================== Signed-off-by: Alexei Starovoitov ","","The commit merges changes for BPF logic enabling writing and parsing of TCP header options.","BPF, TCP, merge","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"267cf9fa43d1c9d525d5d818a8651f2900e3aa9e","267cf9fa43d1c9d525d5d818a8651f2900e3aa9e","Martin KaFai Lau","kafai@fb.com","1597950083","Alexei Starovoitov","ast@kernel.org","1598304900","b1faac2bd96331562c4ef6cd40e05c4947d13969","ad2f8eb0095e9036724d9cf0eb6960f1e6d52d21","tcp: bpf: Optionally store mac header in TCP_SAVE_SYN This patch is adapted from Eric's patch in an earlier discussion [1]. The TCP_SAVE_SYN currently only stores the network header and tcp header. This patch allows it to optionally store the mac header also if the setsockopt's optval is 2. It requires one more bit for the ""save_syn"" bit field in tcp_sock. This patch achieves this by moving the syn_smc bit next to the is_mptcp. The syn_smc is currently used with the TCP experimental option. Since syn_smc is only used when CONFIG_SMC is enabled, this patch also puts the ""IS_ENABLED(CONFIG_SMC)"" around it like the is_mptcp did with ""IS_ENABLED(CONFIG_MPTCP)"". The mac_hdrlen is also stored in the ""struct saved_syn"" to allow a quick offset from the bpf prog if it chooses to start getting from the network header or the tcp header. [1]: https://lore.kernel.org/netdev/CANn89iLJNWh6bkH7DNhy_kmcAexuUCccqERqe7z2QsvPhGrYPQ@mail.gmail.com/ Suggested-by: Eric Dumazet Signed-off-by: Martin KaFai Lau Signed-off-by: Alexei Starovoitov Reviewed-by: Eric Dumazet Link: https://lore.kernel.org/bpf/20200820190123.2886935-1-kafai@fb.com","include/linux/tcp.h | 13 ++++++++-----; include/net/request_sock.h | 1 +; include/uapi/linux/bpf.h | 1 +; net/core/filter.c | 27 ++++++++++++++++++++++-----; net/ipv4/tcp.c | 3 ++-; net/ipv4/tcp_input.c | 14 +++++++++++++-; tools/include/uapi/linux/bpf.h | 1 +; 7 files changed, 48 insertions(+), 12 deletions(-)","The commit optionally allows storing the MAC header in the TCP_SAVE_SYN using setsockopt with a specified optval.","TCP_SAVE_SYN, mac header, setsockopt","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"ad2f8eb0095e9036724d9cf0eb6960f1e6d52d21","ad2f8eb0095e9036724d9cf0eb6960f1e6d52d21","Martin KaFai Lau","kafai@fb.com","1597950077","Alexei Starovoitov","ast@kernel.org","1598304900","f037047269c01e554e96d3829399543e9dc36f38","8085e1dc1f3c885e1e9c1ef8031b3eabc1cccf25","bpf: selftests: Tcp header options This patch adds tests for the new bpf tcp header option feature. test_tcp_hdr_options.c: - It tests header option writing and parsing in 3WHS: regular connection establishment, fastopen, and syncookie. - In syncookie, the passive side's bpf prog is asking the active side to resend its bpf header option by specifying a RESEND bit in the outgoing SYNACK. handle_active_estab() and write_nodata_opt() has some details. - handle_passive_estab() has comments on fastopen. - It also has test for header writing and parsing in FIN packet. - Most of the tests is writing an experimental option 254 with magic 0xeB9F. - The no_exprm_estab() also tests writing a regular TCP option without any magic. test_misc_tcp_options.c: - It is an one directional test. Active side writes option and passive side parses option. The focus is to exercise the new helpers and API. - Testing the new helper: bpf_load_hdr_opt() and bpf_store_hdr_opt(). - Testing the bpf_getsockopt(TCP_BPF_SYN). - Negative tests for the above helpers. - Testing the sock_ops->skb_data. Signed-off-by: Martin KaFai Lau Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200820190117.2886749-1-kafai@fb.com",".../selftests/bpf/prog_tests/tcp_hdr_options.c | 622 ++++++++++++++++++++; .../bpf/progs/test_misc_tcp_hdr_options.c | 325 +++++++++++; .../selftests/bpf/progs/test_tcp_hdr_options.c | 623 +++++++++++++++++++++; tools/testing/selftests/bpf/test_tcp_hdr_options.h | 151 +++++; 4 files changed, 1721 insertions(+)","This commit introduces test cases for the new eBPF TCP header option functionality in various TCP scenarios.","selftests,TCP header,eBPF","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', 'tc related type programs. It affects programs managing traffic control (tc) for queuing or prioritizing network traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"8085e1dc1f3c885e1e9c1ef8031b3eabc1cccf25","8085e1dc1f3c885e1e9c1ef8031b3eabc1cccf25","Martin KaFai Lau","kafai@fb.com","1597950071","Alexei Starovoitov","ast@kernel.org","1598304900","4e1e7aa42c32b5c4afcd2a54770f77cfff2329c3","0813a841566f0962a5551be7749b43c45f0022a0","bpf: selftests: Add fastopen_connect to network_helpers This patch adds a fastopen_connect() helper which will be used in a later test. Signed-off-by: Martin KaFai Lau Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200820190111.2886196-1-kafai@fb.com","tools/testing/selftests/bpf/network_helpers.c | 37 +++++++++++++++++++++++++++; tools/testing/selftests/bpf/network_helpers.h | 2 ++; 2 files changed, 39 insertions(+)","The commit adds a fastopen_connect() helper to the eBPF network selftests suite for future testing purposes.","fastopen_connect,selftests,network","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"0813a841566f0962a5551be7749b43c45f0022a0","0813a841566f0962a5551be7749b43c45f0022a0","Martin KaFai Lau","kafai@fb.com","1597950064","Alexei Starovoitov","ast@kernel.org","1598304900","a45be1bed738fd2cb3dbaff13037073a61c03e98","c9985d09e18965131958102f4b67fa1e742df335","bpf: tcp: Allow bpf prog to write and parse TCP header option [ Note: The TCP changes here is mainly to implement the bpf pieces into the bpf_skops_*() functions introduced in the earlier patches. ] The earlier effort in BPF-TCP-CC allows the TCP Congestion Control algorithm to be written in BPF. It opens up opportunities to allow a faster turnaround time in testing/releasing new congestion control ideas to production environment. The same flexibility can be extended to writing TCP header option. It is not uncommon that people want to test new TCP header option to improve the TCP performance. Another use case is for data-center that has a more controlled environment and has more flexibility in putting header options for internal only use. For example, we want to test the idea in putting maximum delay ACK in TCP header option which is similar to a draft RFC proposal [1]. This patch introduces the necessary BPF API and use them in the TCP stack to allow BPF_PROG_TYPE_SOCK_OPS program to parse and write TCP header options. It currently supports most of the TCP packet except RST. Supported TCP header option: ─────────────────────────── This patch allows the bpf-prog to write any option kind. Different bpf-progs can write its own option by calling the new helper bpf_store_hdr_opt(). The helper will ensure there is no duplicated option in the header. By allowing bpf-prog to write any option kind, this gives a lot of flexibility to the bpf-prog. Different bpf-prog can write its own option kind. It could also allow the bpf-prog to support a recently standardized option on an older kernel. Sockops Callback Flags: ────────────────────── The bpf program will only be called to parse/write tcp header option if the following newly added callback flags are enabled in tp->bpf_sock_ops_cb_flags: BPF_SOCK_OPS_PARSE_UNKNOWN_HDR_OPT_CB_FLAG BPF_SOCK_OPS_PARSE_ALL_HDR_OPT_CB_FLAG BPF_SOCK_OPS_WRITE_HDR_OPT_CB_FLAG A few words on the PARSE CB flags. When the above PARSE CB flags are turned on, the bpf-prog will be called on packets received at a sk that has at least reached the ESTABLISHED state. The parsing of the SYN-SYNACK-ACK will be discussed in the ""3 Way HandShake"" section. The default is off for all of the above new CB flags, i.e. the bpf prog will not be called to parse or write bpf hdr option. There are details comment on these new cb flags in the UAPI bpf.h. sock_ops->skb_data and bpf_load_hdr_opt() ───────────────────────────────────────── sock_ops->skb_data and sock_ops->skb_data_end covers the whole TCP header and its options. They are read only. The new bpf_load_hdr_opt() helps to read a particular option ""kind"" from the skb_data. Please refer to the comment in UAPI bpf.h. It has details on what skb_data contains under different sock_ops->op. 3 Way HandShake ─────────────── The bpf-prog can learn if it is sending SYN or SYNACK by reading the sock_ops->skb_tcp_flags. * Passive side When writing SYNACK (i.e. sock_ops->op == BPF_SOCK_OPS_WRITE_HDR_OPT_CB), the received SYN skb will be available to the bpf prog. The bpf prog can use the SYN skb (which may carry the header option sent from the remote bpf prog) to decide what bpf header option should be written to the outgoing SYNACK skb. The SYN packet can be obtained by getsockopt(TCP_BPF_SYN*). More on this later. Also, the bpf prog can learn if it is in syncookie mode (by checking sock_ops->args[0] == BPF_WRITE_HDR_TCP_SYNACK_COOKIE). The bpf prog can store the received SYN pkt by using the existing bpf_setsockopt(TCP_SAVE_SYN). The example in a later patch does it. [ Note that the fullsock here is a listen sk, bpf_sk_storage is not very useful here since the listen sk will be shared by many concurrent connection requests. Extending bpf_sk_storage support to request_sock will add weight to the minisock and it is not necessary better than storing the whole ~100 bytes SYN pkt. ] When the connection is established, the bpf prog will be called in the existing PASSIVE_ESTABLISHED_CB callback. At that time, the bpf prog can get the header option from the saved syn and then apply the needed operation to the newly established socket. The later patch will use the max delay ack specified in the SYN header and set the RTO of this newly established connection as an example. The received ACK (that concludes the 3WHS) will also be available to the bpf prog during PASSIVE_ESTABLISHED_CB through the sock_ops->skb_data. It could be useful in syncookie scenario. More on this later. There is an existing getsockopt ""TCP_SAVED_SYN"" to return the whole saved syn pkt which includes the IP[46] header and the TCP header. A few ""TCP_BPF_SYN*"" getsockopt has been added to allow specifying where to start getting from, e.g. starting from TCP header, or from IP[46] header. The new getsockopt(TCP_BPF_SYN*) will also know where it can get the SYN's packet from: - (a) the just received syn (available when the bpf prog is writing SYNACK) and it is the only way to get SYN during syncookie mode. or - (b) the saved syn (available in PASSIVE_ESTABLISHED_CB and also other existing CB). The bpf prog does not need to know where the SYN pkt is coming from. The getsockopt(TCP_BPF_SYN*) will hide this details. Similarly, a flags ""BPF_LOAD_HDR_OPT_TCP_SYN"" is also added to bpf_load_hdr_opt() to read a particular header option from the SYN packet. * Fastopen Fastopen should work the same as the regular non fastopen case. This is a test in a later patch. * Syncookie For syncookie, the later example patch asks the active side's bpf prog to resend the header options in ACK. The server can use bpf_load_hdr_opt() to look at the options in this received ACK during PASSIVE_ESTABLISHED_CB. * Active side The bpf prog will get a chance to write the bpf header option in the SYN packet during WRITE_HDR_OPT_CB. The received SYNACK pkt will also be available to the bpf prog during the existing ACTIVE_ESTABLISHED_CB callback through the sock_ops->skb_data and bpf_load_hdr_opt(). * Turn off header CB flags after 3WHS If the bpf prog does not need to write/parse header options beyond the 3WHS, the bpf prog can clear the bpf_sock_ops_cb_flags to avoid being called for header options. Or the bpf-prog can select to leave the UNKNOWN_HDR_OPT_CB_FLAG on so that the kernel will only call it when there is option that the kernel cannot handle. [1]: draft-wang-tcpm-low-latency-opt-00 https://tools.ietf.org/html/draft-wang-tcpm-low-latency-opt-00 Signed-off-by: Martin KaFai Lau Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200820190104.2885895-1-kafai@fb.com","include/linux/bpf-cgroup.h | 25 +++; include/linux/filter.h | 4 +; include/net/tcp.h | 49 ++++++; include/uapi/linux/bpf.h | 300 ++++++++++++++++++++++++++++++++-; net/core/filter.c | 365 +++++++++++++++++++++++++++++++++++++++++; net/ipv4/tcp_input.c | 20 ++-; net/ipv4/tcp_minisocks.c | 1 +; net/ipv4/tcp_output.c | 104 +++++++++++-; tools/include/uapi/linux/bpf.h | 300 ++++++++++++++++++++++++++++++++-; 9 files changed, 1150 insertions(+), 18 deletions(-)","This commit allows eBPF programs to read and write TCP header options by extending the BPF socket options API.","TCP, BPF, options","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"c9985d09e18965131958102f4b67fa1e742df335","c9985d09e18965131958102f4b67fa1e742df335","Martin KaFai Lau","kafai@fb.com","1597950058","Alexei Starovoitov","ast@kernel.org","1598304900","7218417c9ec1b4fa86eedf3b0a8d5bd75405b2e0","331fca4315efa3bbd258fbdf8209d59d253c0480","bpf: sock_ops: Change some members of sock_ops_kern from u32 to u8 A later patch needs to add a few pointers and a few u8 to sock_ops_kern. Hence, this patch saves some spaces by moving some of the existing members from u32 to u8 so that the later patch can still fit everything in a cacheline. Signed-off-by: Martin KaFai Lau Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200820190058.2885640-1-kafai@fb.com","include/linux/filter.h | 4 ++--; net/core/filter.c | 15 ++++++++++-----; 2 files changed, 12 insertions(+), 7 deletions(-)","The commit optimizes memory usage in sock_ops_kern by changing data type sizes to fit future requirements within a cacheline.","sock_ops_kern,u32,u8","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"331fca4315efa3bbd258fbdf8209d59d253c0480","331fca4315efa3bbd258fbdf8209d59d253c0480","Martin KaFai Lau","kafai@fb.com","1597950052","Alexei Starovoitov","ast@kernel.org","1598304900","4e0deda112d49208d596074c77eb4259859935ef","00d211a4ea6f48e8e3b758813fe23ad28193d3bf","bpf: tcp: Add bpf_skops_hdr_opt_len() and bpf_skops_write_hdr_opt() The bpf prog needs to parse the SYN header to learn what options have been sent by the peer's bpf-prog before writing its options into SYNACK. This patch adds a ""syn_skb"" arg to tcp_make_synack() and send_synack(). This syn_skb will eventually be made available (as read-only) to the bpf prog. This will be the only SYN packet available to the bpf prog during syncookie. For other regular cases, the bpf prog can also use the saved_syn. When writing options, the bpf prog will first be called to tell the kernel its required number of bytes. It is done by the new bpf_skops_hdr_opt_len(). The bpf prog will only be called when the new BPF_SOCK_OPS_WRITE_HDR_OPT_CB_FLAG is set in tp->bpf_sock_ops_cb_flags. When the bpf prog returns, the kernel will know how many bytes are needed and then update the ""*remaining"" arg accordingly. 4 byte alignment will be included in the ""*remaining"" before this function returns. The 4 byte aligned number of bytes will also be stored into the opts->bpf_opt_len. ""bpf_opt_len"" is a newly added member to the struct tcp_out_options. Then the new bpf_skops_write_hdr_opt() will call the bpf prog to write the header options. The bpf prog is only called if it has reserved spaces before (opts->bpf_opt_len > 0). The bpf prog is the last one getting a chance to reserve header space and writing the header option. These two functions are half implemented to highlight the changes in TCP stack. The actual codes preparing the bpf running context and invoking the bpf prog will be added in the later patch with other necessary bpf pieces. Signed-off-by: Martin KaFai Lau Signed-off-by: Alexei Starovoitov Reviewed-by: Eric Dumazet Link: https://lore.kernel.org/bpf/20200820190052.2885316-1-kafai@fb.com","include/net/tcp.h | 6 ++-; include/uapi/linux/bpf.h | 3 +-; net/ipv4/tcp_input.c | 5 +-; net/ipv4/tcp_ipv4.c | 5 +-; net/ipv4/tcp_output.c | 105 ++++++++++++++++++++++++++++++++++++-----; net/ipv6/tcp_ipv6.c | 5 +-; tools/include/uapi/linux/bpf.h | 3 +-; 7 files changed, 109 insertions(+), 23 deletions(-)","The commit introduces functions to extend eBPF program capabilities for handling TCP SYN header options in TCP connections.","bpf,tcp,SYN","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"00d211a4ea6f48e8e3b758813fe23ad28193d3bf","00d211a4ea6f48e8e3b758813fe23ad28193d3bf","Martin KaFai Lau","kafai@fb.com","1597950046","Alexei Starovoitov","ast@kernel.org","1598304900","1543e8e58d1f61fd95fec80b8675809acac18436","72be0fe6ba76282704cb84952bd5a1eb47910290","bpf: tcp: Add bpf_skops_parse_hdr() The patch adds a function bpf_skops_parse_hdr(). It will call the bpf prog to parse the TCP header received at a tcp_sock that has at least reached the ESTABLISHED state. For the packets received during the 3WHS (SYN, SYNACK and ACK), the received skb will be available to the bpf prog during the callback in bpf_skops_established() introduced in the previous patch and in the bpf_skops_write_hdr_opt() that will be added in the next patch. Calling bpf prog to parse header is controlled by two new flags in tp->bpf_sock_ops_cb_flags: BPF_SOCK_OPS_PARSE_UNKNOWN_HDR_OPT_CB_FLAG and BPF_SOCK_OPS_PARSE_ALL_HDR_OPT_CB_FLAG. When BPF_SOCK_OPS_PARSE_UNKNOWN_HDR_OPT_CB_FLAG is set, the bpf prog will only be called when there is unknown option in the TCP header. When BPF_SOCK_OPS_PARSE_ALL_HDR_OPT_CB_FLAG is set, the bpf prog will be called on all received TCP header. This function is half implemented to highlight the changes in TCP stack. The actual codes preparing the bpf running context and invoking the bpf prog will be added in the later patch with other necessary bpf pieces. Signed-off-by: Martin KaFai Lau Signed-off-by: Alexei Starovoitov Reviewed-by: Eric Dumazet Link: https://lore.kernel.org/bpf/20200820190046.2885054-1-kafai@fb.com","include/uapi/linux/bpf.h | 4 +++-; net/ipv4/tcp_input.c | 36 ++++++++++++++++++++++++++++++++++++; tools/include/uapi/linux/bpf.h | 4 +++-; 3 files changed, 42 insertions(+), 2 deletions(-)","Adds a function to parse TCP headers using bpf programs with flags controlling header parsing behavior.","bpf,tcp,parse","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', 'tc related type programs. It affects programs managing traffic control (tc) for queuing or prioritizing network traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"72be0fe6ba76282704cb84952bd5a1eb47910290","72be0fe6ba76282704cb84952bd5a1eb47910290","Martin KaFai Lau","kafai@fb.com","1597950039","Alexei Starovoitov","ast@kernel.org","1598304900","09bb1361ab8aed72d9809fa71114c026b07450bf","7656d68455891f7fc6689f95415fd59e7a1d629b","bpf: tcp: Add bpf_skops_established() In tcp_init_transfer(), it currently calls the bpf prog to give it a chance to handle the just ""ESTABLISHED"" event (e.g. do setsockopt on the newly established sk). Right now, it is done by calling the general purpose tcp_call_bpf(). In the later patch, it also needs to pass the just-received skb which concludes the 3 way handshake. E.g. the SYNACK received at the active side. The bpf prog can then learn some specific header options written by the peer's bpf-prog and potentially do setsockopt on the newly established sk. Thus, instead of reusing the general purpose tcp_call_bpf(), a new function bpf_skops_established() is added to allow passing the ""skb"" to the bpf prog. The actual skb passing from bpf_skops_established() to the bpf prog will happen together in a later patch which has the necessary bpf pieces. A ""skb"" arg is also added to tcp_init_transfer() such that it can then be passed to bpf_skops_established(). Calling the new bpf_skops_established() instead of tcp_call_bpf() should be a noop in this patch. Signed-off-by: Martin KaFai Lau Signed-off-by: Alexei Starovoitov Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200820190039.2884750-1-kafai@fb.com","include/net/tcp.h | 2 +-; net/ipv4/tcp_fastopen.c | 2 +-; net/ipv4/tcp_input.c | 32 ++++++++++++++++++++++++++++----; 3 files changed, 30 insertions(+), 6 deletions(-)","This commit introduces a function to allow eBPF handling of TCP 'ESTABLISHED' events by passing socket buffers (skb).","tcp,skops,skb","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"7656d68455891f7fc6689f95415fd59e7a1d629b","7656d68455891f7fc6689f95415fd59e7a1d629b","Martin KaFai Lau","kafai@fb.com","1597950033","Alexei Starovoitov","ast@kernel.org","1598304900","256a095608155286f836b9019ee268225b404224","ca584ba070864c606f3a54faaafe774726d5b4a1","tcp: Add saw_unknown to struct tcp_options_received In a later patch, the bpf prog only wants to be called to handle a header option if that particular header option cannot be handled by the kernel. This unknown option could be written by the peer's bpf-prog. It could also be a new standard option that the running kernel does not support it while a bpf-prog can handle it. This patch adds a ""saw_unknown"" bit to ""struct tcp_options_received"" and it uses an existing one byte hole to do that. ""saw_unknown"" will be set in tcp_parse_options() if it sees an option that the kernel cannot handle. Signed-off-by: Martin KaFai Lau Signed-off-by: Alexei Starovoitov Reviewed-by: Eric Dumazet Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200820190033.2884430-1-kafai@fb.com","include/linux/tcp.h | 2 ++; net/ipv4/tcp_input.c | 22 ++++++++++++++++------; 2 files changed, 18 insertions(+), 6 deletions(-)","The commit introduces a new field ""saw_unknown"" to track unsupported TCP header options in kernel processing.","tcp,unknown,header","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"ca584ba070864c606f3a54faaafe774726d5b4a1","ca584ba070864c606f3a54faaafe774726d5b4a1","Martin KaFai Lau","kafai@fb.com","1597950027","Alexei Starovoitov","ast@kernel.org","1598304900","b3288fe9d41eb22da482f526b897e561afab3bdc","2b8ee4f05d4f6a6c427ad30dd6c1bb49eb2efd3b","tcp: bpf: Add TCP_BPF_RTO_MIN for bpf_setsockopt This patch adds bpf_setsockopt(TCP_BPF_RTO_MIN) to allow bpf prog to set the min rto of a connection. It could be used together with the earlier patch which has added bpf_setsockopt(TCP_BPF_DELACK_MAX). A later selftest patch will communicate the max delay ack in a bpf tcp header option and then the receiving side can use bpf_setsockopt(TCP_BPF_RTO_MIN) to set a shorter rto. Signed-off-by: Martin KaFai Lau Signed-off-by: Alexei Starovoitov Reviewed-by: Eric Dumazet Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200820190027.2884170-1-kafai@fb.com","include/net/inet_connection_sock.h | 1 +; include/net/tcp.h | 2 +-; include/uapi/linux/bpf.h | 1 +; net/core/filter.c | 7 +++++++; net/ipv4/tcp.c | 2 ++; tools/include/uapi/linux/bpf.h | 1 +; 6 files changed, 13 insertions(+), 1 deletion(-)","This commit introduces bpf_setsockopt to set the minimum RTO for TCP connections.","TCP,RTO,bpf_setsockopt","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"2b8ee4f05d4f6a6c427ad30dd6c1bb49eb2efd3b","2b8ee4f05d4f6a6c427ad30dd6c1bb49eb2efd3b","Martin KaFai Lau","kafai@fb.com","1597950021","Alexei Starovoitov","ast@kernel.org","1598304899","f09853ff821ef7331b9efdfce55e56d98f28e7ee","70a217f1976f75a6cfe8223e5669ad7b405daaad","tcp: bpf: Add TCP_BPF_DELACK_MAX setsockopt This change is mostly from an internal patch and adapts it from sysctl config to the bpf_setsockopt setup. The bpf_prog can set the max delay ack by using bpf_setsockopt(TCP_BPF_DELACK_MAX). This max delay ack can be communicated to its peer through bpf header option. The receiving peer can then use this max delay ack and set a potentially lower rto by using bpf_setsockopt(TCP_BPF_RTO_MIN) which will be introduced in the next patch. Another later selftest patch will also use it like the above to show how to write and parse bpf tcp header option. Signed-off-by: Martin KaFai Lau Signed-off-by: Alexei Starovoitov Reviewed-by: Eric Dumazet Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200820190021.2884000-1-kafai@fb.com","include/net/inet_connection_sock.h | 1 +; include/uapi/linux/bpf.h | 1 +; net/core/filter.c | 8 ++++++++; net/ipv4/tcp.c | 2 ++; net/ipv4/tcp_output.c | 2 ++; tools/include/uapi/linux/bpf.h | 1 +; 6 files changed, 15 insertions(+)","The commit introduces setsockopt TCP_BPF_DELACK_MAX to enable bpf programs to configure maximum delayed ACKs for TCP connections.","setsockopt, TCP_BPF_DELACK_MAX, bpf","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"70a217f1976f75a6cfe8223e5669ad7b405daaad","70a217f1976f75a6cfe8223e5669ad7b405daaad","Martin KaFai Lau","kafai@fb.com","1597950014","Alexei Starovoitov","ast@kernel.org","1598304899","56f92c968ad9e132de0c19761b648cdc3d38c518","9c0f8cbdc0e9cf8a2a3a96045778b8d759f172c2","tcp: Use a struct to represent a saved_syn The TCP_SAVE_SYN has both the network header and tcp header. The total length of the saved syn packet is currently stored in the first 4 bytes (u32) of an array and the actual packet data is stored after that. A later patch will add a bpf helper that allows to get the tcp header alone from the saved syn without the network header. It will be more convenient to have a direct offset to a specific header instead of re-parsing it. This requires to separately store the network hdrlen. The total header length (i.e. network + tcp) is still needed for the current usage in getsockopt. Although this total length can be obtained by looking into the tcphdr and then get the (th->doff << 2), this patch chooses to directly store the tcp hdrlen in the second four bytes of this newly created ""struct saved_syn"". By using a new struct, it can give a readable name to each individual header length. Signed-off-by: Martin KaFai Lau Signed-off-by: Alexei Starovoitov Reviewed-by: Eric Dumazet Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200820190014.2883694-1-kafai@fb.com","include/linux/tcp.h | 7 ++++++-; include/net/request_sock.h | 8 +++++++-; net/core/filter.c | 4 ++--; net/ipv4/tcp.c | 9 +++++----; net/ipv4/tcp_input.c | 16 +++++++++-------; 5 files changed, 29 insertions(+), 15 deletions(-)","This commit refactors how saved SYN packets are represented in TCP using a struct for better header management.","TCP,SYN,struct","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","I'm not sure about the logic component of the commit. The affected logic component is unclear.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"9d045ed1ebe1a6115d3fa9930c5371defb31d95a","9d045ed1ebe1a6115d3fa9930c5371defb31d95a","Linus Torvalds","torvalds@linux-foundation.org","1598205153","Linus Torvalds","torvalds@linux-foundation.org","1598205153","ef6bef33629f73ff2dd70b388194a95158579dc4","f320ac6e131669345c7f4abefbb228b570eb9199 eeaac3634ee0e3f35548be35275efeca888e9b23","Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net Pull networking fixes from David Miller: ""Nothing earth shattering here, lots of small fixes (f.e. missing RCU protection, bad ref counting, missing memset(), etc.) all over the place: 1) Use get_file_rcu() in task_file iterator, from Yonghong Song. 2) There are two ways to set remote source MAC addresses in macvlan driver, but only one of which validates things properly. Fix this. From Alvin Šipraga. 3) Missing of_node_put() in gianfar probing, from Sumera Priyadarsini. 4) Preserve device wanted feature bits across multiple netlink ethtool requests, from Maxim Mikityanskiy. 5) Fix rcu_sched stall in task and task_file bpf iterators, from Yonghong Song. 6) Avoid reset after device destroy in ena driver, from Shay Agroskin. 7) Missing memset() in netlink policy export reallocation path, from Johannes Berg. 8) Fix info leak in __smc_diag_dump(), from Peilin Ye. 9) Decapsulate ECN properly for ipv6 in ipv4 tunnels, from Mark Tomlinson. 10) Fix number of data stream negotiation in SCTP, from David Laight. 11) Fix double free in connection tracker action module, from Alaa Hleihel. 12) Don't allow empty NHA_GROUP attributes, from Nikolay Aleksandrov"" * git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (46 commits) net: nexthop: don't allow empty NHA_GROUP bpf: Fix two typos in uapi/linux/bpf.h net: dsa: b53: check for timeout tipc: call rcu_read_lock() in tipc_aead_encrypt_done() net/sched: act_ct: Fix skb double-free in tcf_ct_handle_fragments() error flow net: sctp: Fix negotiation of the number of data streams. dt-bindings: net: renesas, ether: Improve schema validation gre6: Fix reception with IP6_TNL_F_RCV_DSCP_COPY hv_netvsc: Fix the queue_mapping in netvsc_vf_xmit() hv_netvsc: Remove ""unlikely"" from netvsc_select_queue bpf: selftests: global_funcs: Check err_str before strstr bpf: xdp: Fix XDP mode when no mode flags specified selftests/bpf: Remove test_align leftovers tools/resolve_btfids: Fix sections with wrong alignment net/smc: Prevent kernel-infoleak in __smc_diag_dump() sfc: fix build warnings on 32-bit net: phy: mscc: Fix a couple of spelling mistakes ""spcified"" -> ""specified"" libbpf: Fix map index used in error message net: gemini: Fix missing free_netdev() in error path of gemini_ethernet_port_probe() net: atlantic: Use readx_poll_timeout() for large timeout ...","","This commit merges networking fixes from the 'net' repository into the main kernel tree.","networking, fixes, merge","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"9c0f8cbdc0e9cf8a2a3a96045778b8d759f172c2","9c0f8cbdc0e9cf8a2a3a96045778b8d759f172c2","Andrii Nakryiko","andriin@fb.com","1597965159","Alexei Starovoitov","ast@kernel.org","1598049622","dda535077729918dc5752f275d2ca26b370f31e8","50e09460d9f8dee9fbaaa3194c7921753d75cd96","libbpf: Normalize and improve logging across few functions Make libbpf logs follow similar pattern and provide more context like section name or program name, where appropriate. Also, add BPF_INSN_SZ constant and use it throughout to clean up code a little bit. This commit doesn't have any functional changes and just removes some code changes out of the way before bigger refactoring in libbpf internals. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200820231250.1293069-6-andriin@fb.com","tools/lib/bpf/libbpf.c | 117 ++++++++++++++++++++++++++++---------------------; 1 file changed, 67 insertions(+), 50 deletions(-)","The commit standardizes and improves logging in libbpf by adding context and introducing a BPF_INSN_SZ constant.","libbpf,logging,refactoring","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"50e09460d9f8dee9fbaaa3194c7921753d75cd96","50e09460d9f8dee9fbaaa3194c7921753d75cd96","Andrii Nakryiko","andriin@fb.com","1597965158","Alexei Starovoitov","ast@kernel.org","1598049622","32f091aebdcbf0f28defd547e508a4daac7aaa43","819c23af561c4dc8c35faaacacdfa9ba81bacf5f","libbpf: Skip well-known ELF sections when iterating ELF Skip and don't log ELF sections that libbpf knows about and ignores during ELF processing. This allows to not unnecessarily log details about those ELF sections and cleans up libbpf debug log. Ignored sections include DWARF data, string table, empty .text section and few special (e.g., .llvm_addrsig) useless sections. With such ELF sections out of the way, log unrecognized ELF sections at pr_info level to increase visibility. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200820231250.1293069-5-andriin@fb.com","tools/lib/bpf/libbpf.c | 55 ++++++++++++++++++++++++++++++++++++++++++++------; 1 file changed, 49 insertions(+), 6 deletions(-)","This commit improves libbpf by skipping well-known ELF sections to enhance debug log cleanliness and increase visibility for unrecognized sections.","libbpf,ELF,sections","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"819c23af561c4dc8c35faaacacdfa9ba81bacf5f","819c23af561c4dc8c35faaacacdfa9ba81bacf5f","Andrii Nakryiko","andriin@fb.com","1597965157","Alexei Starovoitov","ast@kernel.org","1598049622","b51ad26cd794b10c8734826850d790caadb1b959","88a82120282bdef4c331e20991e3057f417beae4","libbpf: Add __noinline macro to bpf_helpers.h __noinline is pretty frequently used, especially with BPF subprograms, so add them along the __always_inline, for user convenience and completeness. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200820231250.1293069-4-andriin@fb.com","tools/lib/bpf/bpf_helpers.h | 3 +++; 1 file changed, 3 insertions(+)","This commit adds a __noinline macro to bpf_helpers.h for user convenience with BPF subprograms.","libbpf,__noinline,bpf_helpers","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"88a82120282bdef4c331e20991e3057f417beae4","88a82120282bdef4c331e20991e3057f417beae4","Andrii Nakryiko","andriin@fb.com","1597965156","Alexei Starovoitov","ast@kernel.org","1598049622","72be2dc690af608389a303cf8694fdaab98a694e","3ac2e20fba07e57cd229091a568ac14a5434e6bb","libbpf: Factor out common ELF operations and improve logging Factor out common ELF operations done throughout the libbpf. This simplifies usage across multiple places in libbpf, as well as hide error reporting from higher-level functions and make error logging more consistent. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200820231250.1293069-3-andriin@fb.com","tools/lib/bpf/libbpf.c | 367 +++++++++++++++++++++++++++----------------------; 1 file changed, 206 insertions(+), 161 deletions(-)","Refactor libbpf for consistent logging and simplified ELF operations.","libbpf, ELF, logging","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"3ac2e20fba07e57cd229091a568ac14a5434e6bb","3ac2e20fba07e57cd229091a568ac14a5434e6bb","Andrii Nakryiko","andriin@fb.com","1597965155","Alexei Starovoitov","ast@kernel.org","1598049622","a3b4e0abcd4ac176ae689d55012fd93bf9b9ea00","3c4a594bc81a9fd1118c34c0b959aa732f34478e","selftests/bpf: BPF object files should depend only on libbpf headers There is no need to re-build BPF object files if any of the sources of libbpf change. So record more precise dependency only on libbpf/bpf_*.h headers. This eliminates unnecessary re-builds. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200820231250.1293069-2-andriin@fb.com","tools/testing/selftests/bpf/Makefile | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Adjusts Makefile to rebuild BPF objects only when libbpf headers change, avoiding unnecessary recompilation.","selftests,bpf,libbpf","A build system or CI/CD change. It affects the build process continuous integration or deployment pipelines.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"3c4a594bc81a9fd1118c34c0b959aa732f34478e","3c4a594bc81a9fd1118c34c0b959aa732f34478e","Alexei Starovoitov","ast@kernel.org","1598048172","Alexei Starovoitov","ast@kernel.org","1598048393","50361f2ed977f724fc78f240c2a01df9f130f87f","dca5612f8eb9d0cf1dc254eb2adff1f16a588a7d bb23c0e1c57f3b40c8d2713401c1b42df911d424","Merge branch 'update-sockmap-from-prog' Lorenz Bauer says: ==================== We're currently building a control plane for our BPF socket dispatch work. As part of that, we have a need to create a copy of an existing sockhash, to allow us to change the keys. I previously proposed allowing privileged userspace to look up sockets, which doesn't work due to security concerns (see [1]). In follow up discussions during BPF office hours we identified bpf_iter as a possible solution: instead of accessing sockets from user space we can iterate the source sockhash, and insert the values into a new map. Enabling this requires two pieces: the ability to iterate sockmap and sockhash, as well as being able to call map_update_elem from BPF. This patch set implements the latter: it's now possible to update sockmap from BPF context. As a next step, we can implement bpf_iter for sockmap. === I've done some more fixups, and audited the safe contexts more thoroughly. As a result I'm removing CGROUP_SKB, SK_MSG and SK_SKB for now. Changes in v3: - Use CHECK as much as possible (Yonghong) - Reject ARG_PTR_TO_MAP_VALUE_OR_NULL for sockmap (Yonghong) - Remove CGROUP_SKB, SK_MSG, SK_SKB from safe contexts - Test that the verifier rejects update from unsafe context Changes in v2: - Fix warning in patch #2 (Jakub K) - Renamed override_map_arg_type (John) - Only allow updating sockmap from known safe contexts (John) - Use __s64 for sockmap updates from user space (Yonghong) - Various small test fixes around test macros and such (Yonghong) Thank your for your reviews! 1: https://lore.kernel.org/bpf/20200310174711.7490-1-lmb@cloudflare.com/ ==================== Signed-off-by: Alexei Starovoitov ","","The commit merges changes enabling BPF to update sockmap from safe contexts for improved socket control.","sockmap,bpf,context","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"bb23c0e1c57f3b40c8d2713401c1b42df911d424","bb23c0e1c57f3b40c8d2713401c1b42df911d424","Lorenz Bauer","lmb@cloudflare.com","1598005788","Alexei Starovoitov","ast@kernel.org","1598048172","50361f2ed977f724fc78f240c2a01df9f130f87f","0126240f448d5bba29d0d1593aa527d3bf67b916","selftests: bpf: Test sockmap update from BPF Add a test which copies a socket from a sockmap into another sockmap or sockhash. This excercises bpf_map_update_elem support from BPF context. Compare the socket cookies from source and destination to ensure that the copy succeeded. Also check that the verifier rejects map_update from unsafe contexts. Signed-off-by: Lorenz Bauer Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200821102948.21918-7-lmb@cloudflare.com",".../selftests/bpf/prog_tests/sockmap_basic.c | 78 ++++++++++++++++++++++; .../bpf/progs/test_sockmap_invalid_update.c | 23 +++++++; .../selftests/bpf/progs/test_sockmap_update.c | 48 +++++++++++++; 3 files changed, 149 insertions(+)","This commit adds tests to verify the functionality of sockmap updates from the BPF context.","sockmap,test,BPF","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"0126240f448d5bba29d0d1593aa527d3bf67b916","0126240f448d5bba29d0d1593aa527d3bf67b916","Lorenz Bauer","lmb@cloudflare.com","1598005787","Alexei Starovoitov","ast@kernel.org","1598048172","04bc8ea13709d775a46afe969872e703ebdedd4b","912f442cfb1fc695510e055bdae5f4a88e4de6b8","bpf: sockmap: Allow update from BPF Allow calling bpf_map_update_elem on sockmap and sockhash from a BPF context. The synchronization required for this is a bit fiddly: we need to prevent the socket from changing its state while we add it to the sockmap, since we rely on getting a callback via sk_prot->unhash. However, we can't just lock_sock like in sock_map_sk_acquire because that might sleep. So instead we disable softirq processing and use bh_lock_sock to prevent further modification. Yet, this is still not enough. BPF can be called in contexts where the current CPU might have locked a socket. If the BPF can get a hold of such a socket, inserting it into a sockmap would lead to a deadlock. One straight forward example are sock_ops programs that have ctx->sk, but the same problem exists for kprobes, etc. We deal with this by allowing sockmap updates only from known safe contexts. Improper usage is rejected by the verifier. I've audited the enabled contexts to make sure they can't run in a locked context. It's possible that CGROUP_SKB and others are safe as well, but the auditing here is much more difficult. In any case, we can extend the safe contexts when the need arises. Signed-off-by: Lorenz Bauer Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200821102948.21918-6-lmb@cloudflare.com","kernel/bpf/verifier.c | 38 ++++++++++++++++++++++++++++++++++++--; net/core/sock_map.c | 24 ++++++++++++++++++++++++; 2 files changed, 60 insertions(+), 2 deletions(-)","Enable BPF updates to sockmap and sockhash safely by ensuring proper synchronization and context validation.","BPF,sockmap,sockhash","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"912f442cfb1fc695510e055bdae5f4a88e4de6b8","912f442cfb1fc695510e055bdae5f4a88e4de6b8","Lorenz Bauer","lmb@cloudflare.com","1598005786","Alexei Starovoitov","ast@kernel.org","1598048171","4b5729a9ac1a0edc42fdcb1f9a9eef7438265ca6","13b79d3ffbb8add9e2a6d604db2b49f241b97303","bpf: Override the meaning of ARG_PTR_TO_MAP_VALUE for sockmap and sockhash The verifier assumes that map values are simple blobs of memory, and therefore treats ARG_PTR_TO_MAP_VALUE, etc. as such. However, there are map types where this isn't true. For example, sockmap and sockhash store sockets. In general this isn't a big problem: we can just write helpers that explicitly requests PTR_TO_SOCKET instead of ARG_PTR_TO_MAP_VALUE. The one exception are the standard map helpers like map_update_elem, map_lookup_elem, etc. Here it would be nice we could overload the function prototype for different kinds of maps. Unfortunately, this isn't entirely straight forward: We only know the type of the map once we have resolved meta->map_ptr in check_func_arg. This means we can't swap out the prototype in check_helper_call until we're half way through the function. Instead, modify check_func_arg to treat ARG_PTR_TO_MAP_VALUE to mean ""the native type for the map"" instead of ""pointer to memory"" for sockmap and sockhash. This means we don't have to modify the function prototype at all Signed-off-by: Lorenz Bauer Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200821102948.21918-5-lmb@cloudflare.com","kernel/bpf/verifier.c | 35 +++++++++++++++++++++++++++++++++++; 1 file changed, 35 insertions(+)","The commit modifies the verifier to correctly interpret ARG_PTR_TO_MAP_VALUE for sockmap and sockhash in eBPF maps.","verifier,sockmap,sockhash","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"13b79d3ffbb8add9e2a6d604db2b49f241b97303","13b79d3ffbb8add9e2a6d604db2b49f241b97303","Lorenz Bauer","lmb@cloudflare.com","1598005785","Alexei Starovoitov","ast@kernel.org","1598048171","c602cd19048be12ad6da651937b1c6ed80661afa","38e12f908a5effce93ae69ebe5e52b75e5d1cf38","bpf: sockmap: Call sock_map_update_elem directly Don't go via map->ops to call sock_map_update_elem, since we know what function to call in bpf_map_update_value. Since we currently don't allow calling map_update_elem from BPF context, we can remove ops->map_update_elem and rename the function to sock_map_update_elem_sys. Signed-off-by: Lorenz Bauer Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200821102948.21918-4-lmb@cloudflare.com","include/linux/bpf.h | 7 +++++++; kernel/bpf/syscall.c | 5 +++--; net/core/sock_map.c | 6 ++----; 3 files changed, 12 insertions(+), 6 deletions(-)","The commit modifies the bpf subsystem to call sock_map_update_elem directly, simplifying the function call and removing unnecessary operations.","bpf,sockmap,refactor","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"38e12f908a5effce93ae69ebe5e52b75e5d1cf38","38e12f908a5effce93ae69ebe5e52b75e5d1cf38","Lorenz Bauer","lmb@cloudflare.com","1598005784","Alexei Starovoitov","ast@kernel.org","1598048171","4fd35ba06c15bcc96632029028b159781844a57d","7b219da43f94a3b4d5a8aa4cc52b75b34f0301ec","bpf: sockmap: Merge sockmap and sockhash update functions Merge the two very similar functions sock_map_update_elem and sock_hash_update_elem into one. Signed-off-by: Lorenz Bauer Signed-off-by: Alexei Starovoitov Acked-by: John Fastabend Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200821102948.21918-3-lmb@cloudflare.com","net/core/sock_map.c | 49 +++++++------------------------------------------; 1 file changed, 7 insertions(+), 42 deletions(-)","The commit merges similar functions in sockmap and sockhash to streamline code structure.","sockmap,sockhash,functions","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"7b219da43f94a3b4d5a8aa4cc52b75b34f0301ec","7b219da43f94a3b4d5a8aa4cc52b75b34f0301ec","Lorenz Bauer","lmb@cloudflare.com","1598005783","Alexei Starovoitov","ast@kernel.org","1598048171","9e8b69676747ae4417cb3110697a45ccd5898539","dca5612f8eb9d0cf1dc254eb2adff1f16a588a7d","net: sk_msg: Simplify sk_psock initialization Initializing psock->sk_proto and other saved callbacks is only done in sk_psock_update_proto, after sk_psock_init has returned. The logic for this is difficult to follow, and needlessly complex. Instead, initialize psock->sk_proto whenever we allocate a new psock. Additionally, assert the following invariants: * The SK has no ULP: ULP does it's own finagling of sk->sk_prot * sk_user_data is unused: we need it to store sk_psock Protect our access to sk_user_data with sk_callback_lock, which is what other users like reuseport arrays, etc. do. The result is that an sk_psock is always fully initialized, and that psock->sk_proto is always the ""original"" struct proto. The latter allows us to use psock->sk_proto when initializing IPv6 TCP / UDP callbacks for sockmap. Signed-off-by: Lorenz Bauer Signed-off-by: Alexei Starovoitov Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200821102948.21918-2-lmb@cloudflare.com","include/linux/skmsg.h | 17 -----------------; net/core/skmsg.c | 34 ++++++++++++++++++++++++++++------; net/core/sock_map.c | 14 ++++----------; net/ipv4/tcp_bpf.c | 13 +++++--------; net/ipv4/udp_bpf.c | 9 ++++-----; 5 files changed, 41 insertions(+), 46 deletions(-)","The commit simplifies sk_psock initialization logic by initializing psock->sk_proto on allocation and protecting sk_user_data access using sk_callback_lock.","sk_psock,simplify,initialization","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"dca5612f8eb9d0cf1dc254eb2adff1f16a588a7d","dca5612f8eb9d0cf1dc254eb2adff1f16a588a7d","Andrii Nakryiko","andriin@fb.com","1598029167","Alexei Starovoitov","ast@kernel.org","1598045215","6dd0ff49bdd024e655b5862a33f63578ab0fec29","ad8edd0d76d0dad65868d9aaa6e3e9ed50199b29","libbpf: Add perf_buffer APIs for better integration with outside epoll loop Add a set of APIs to perf_buffer manage to allow applications to integrate perf buffer polling into existing epoll-based infrastructure. One example is applications using libevent already and wanting to plug perf_buffer polling, instead of relying on perf_buffer__poll() and waste an extra thread to do it. But perf_buffer is still extremely useful to set up and consume perf buffer rings even for such use cases. So to accomodate such new use cases, add three new APIs: - perf_buffer__buffer_cnt() returns number of per-CPU buffers maintained by given instance of perf_buffer manager; - perf_buffer__buffer_fd() returns FD of perf_event corresponding to a specified per-CPU buffer; this FD is then polled independently; - perf_buffer__consume_buffer() consumes data from single per-CPU buffer, identified by its slot index. To support a simpler, but less efficient, way to integrate perf_buffer into external polling logic, also expose underlying epoll FD through perf_buffer__epoll_fd() API. It will need to be followed by perf_buffer__poll(), wasting extra syscall, or perf_buffer__consume(), wasting CPU to iterate buffers with no data. But could be simpler and more convenient for some cases. These APIs allow for great flexiblity, but do not sacrifice general usability of perf_buffer. Also exercise and check new APIs in perf_buffer selftest. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Reviewed-by: Alan Maguire Link: https://lore.kernel.org/bpf/20200821165927.849538-1-andriin@fb.com","tools/lib/bpf/libbpf.c | 56 ++++++++++++++++++-; tools/lib/bpf/libbpf.h | 4 ++; tools/lib/bpf/libbpf.map | 8 +++; .../testing/selftests/bpf/prog_tests/perf_buffer.c | 65 ++++++++++++++++++----; 4 files changed, 121 insertions(+), 12 deletions(-)","This commit introduces new libbpf APIs to better integrate perf_buffer management with external epoll-based systems.","libbpf,perf_buffer,epoll","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"ad8edd0d76d0dad65868d9aaa6e3e9ed50199b29","ad8edd0d76d0dad65868d9aaa6e3e9ed50199b29","Alexei Starovoitov","ast@kernel.org","1598043699","Alexei Starovoitov","ast@kernel.org","1598044542","c46a23fc3d9d58a4007e65db5f4502b0c6d10a1a","149cb3395504736485df1b93133e710dcf215c56 e60495eafdba24a466a6ae62da86245a958954bc","Merge branch 'link_query-bpf_iter' Yonghong Song says: ==================== ""link"" has been an important concept for bpf ecosystem to connect bpf program with other properties. Currently, the information related information can be queried from userspace through bpf command BPF_LINK_GET_NEXT_ID, BPF_LINK_GET_FD_BY_ID and BPF_OBJ_GET_INFO_BY_FD. The information is also available by ""cating"" /proc//fdinfo/. Raw_tracepoint, tracing, cgroup, netns and xdp links are already supported in the kernel and bpftool. This patch added support for bpf iterator. Patch #1 added generic support for link querying interface. Patch #2 implemented callback functions for map element bpf iterators. Patch #3 added bpftool support. Changelogs: v3 -> v4: . return target specific link_info even if target_name buffer is empty. (Andrii) v2 -> v3: . remove extra '\t' when fdinfo prints map_id to make parsing consistent. (Andrii) v1 -> v2: . fix checkpatch.pl warnings. (Jakub) ==================== Acked-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov ","","The commit merges a branch adding support for BPF iterator link querying in bpftool.","BPF,bpftool,iterator","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', 'cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).', ""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"e60495eafdba24a466a6ae62da86245a958954bc","e60495eafdba24a466a6ae62da86245a958954bc","Yonghong Song","yhs@fb.com","1598035460","Alexei Starovoitov","ast@kernel.org","1598043699","c46a23fc3d9d58a4007e65db5f4502b0c6d10a1a","b76f22269028fb252727a696084c70494d80a52c","bpftool: Implement link_query for bpf iterators The link query for bpf iterators is implemented. Besides being shown to the user what bpf iterator the link represents, the target_name is also used to filter out what additional information should be printed out, e.g., whether map_id should be shown or not. The following is an example of bpf_iter link dump, plain output or pretty output. $ bpftool link show 11: iter prog 59 target_name task pids test_progs(1749) 34: iter prog 173 target_name bpf_map_elem map_id 127 pids test_progs_1(1753) $ bpftool -p link show [{ ""id"": 11, ""type"": ""iter"", ""prog_id"": 59, ""target_name"": ""task"", ""pids"": [{ ""pid"": 1749, ""comm"": ""test_progs"" } ] },{ ""id"": 34, ""type"": ""iter"", ""prog_id"": 173, ""target_name"": ""bpf_map_elem"", ""map_id"": 127, ""pids"": [{ ""pid"": 1753, ""comm"": ""test_progs_1"" } ] } ] Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200821184420.574430-1-yhs@fb.com","tools/bpf/bpftool/link.c | 44 +++++++++++++++++++++++++++++++++++++++++---; 1 file changed, 41 insertions(+), 3 deletions(-)","Implemented link_query functionality for bpf iterators in bpftool allowing output filtering based on target_name.","bpftool,link_query,bpf","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"b76f22269028fb252727a696084c70494d80a52c","b76f22269028fb252727a696084c70494d80a52c","Yonghong Song","yhs@fb.com","1598035459","Alexei Starovoitov","ast@kernel.org","1598043699","7643dc0e93c047a8fa5aa58a274e5fcd22a574e3","6b0a249a301e2af9adda84adbced3a2988248b95","bpf: Implement link_query callbacks in map element iterators For bpf_map_elem and bpf_sk_local_storage bpf iterators, additional map_id should be shown for fdinfo and userspace query. For example, the following is for a bpf_map_elem iterator. $ cat /proc/1753/fdinfo/9 pos: 0 flags: 02000000 mnt_id: 14 link_type: iter link_id: 34 prog_tag: 104be6d3fe45e6aa prog_id: 173 target_name: bpf_map_elem map_id: 127 Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200821184419.574240-1-yhs@fb.com","include/linux/bpf.h | 4 ++++; kernel/bpf/map_iter.c | 15 +++++++++++++++; net/core/bpf_sk_storage.c | 2 ++; 3 files changed, 21 insertions(+)","Implement link_query callbacks in bpf map element iterators for improved fdinfo query and mapping transparency.","link_query, iterators, map_id","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"6b0a249a301e2af9adda84adbced3a2988248b95","6b0a249a301e2af9adda84adbced3a2988248b95","Yonghong Song","yhs@fb.com","1598035458","Alexei Starovoitov","ast@kernel.org","1598043699","889c95fb17b222cd9b2d1809845b6e988692525b","149cb3395504736485df1b93133e710dcf215c56","bpf: Implement link_query for bpf iterators This patch implemented bpf_link callback functions show_fdinfo and fill_link_info to support link_query interface. The general interface for show_fdinfo and fill_link_info will print/fill the target_name. Each targets can register show_fdinfo and fill_link_info callbacks to print/fill more target specific information. For example, the below is a fdinfo result for a bpf task iterator. $ cat /proc/1749/fdinfo/7 pos: 0 flags: 02000000 mnt_id: 14 link_type: iter link_id: 11 prog_tag: 990e1f8152f7e54f prog_id: 59 target_name: task Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200821184418.574122-1-yhs@fb.com","include/linux/bpf.h | 6 +++++; include/uapi/linux/bpf.h | 7 +++++; kernel/bpf/bpf_iter.c | 58 ++++++++++++++++++++++++++++++++++++++++++; tools/include/uapi/linux/bpf.h | 7 +++++; 4 files changed, 78 insertions(+)","This commit implements the bpf_link interface to enable link_query for bpf iterators showcasing related file descriptor information.","bpf_link, link_query, iterators","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"4af7b32f84aa4cd60e39b355bc8a1eab6cd8d8a4","4af7b32f84aa4cd60e39b355bc8a1eab6cd8d8a4","David S. Miller","davem@davemloft.net","1598039690","David S. Miller","davem@davemloft.net","1598039690","083be545074f0520c7f69ab01e91707c0b41182a","774d977abfd024e6f73484544b9abe5a5cd62de7 b16fc097bc283184cde40e5b30d15705e1590410","Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf Alexei Starovoitov says: ==================== pull-request: bpf 2020-08-21 The following pull-request contains BPF updates for your *net* tree. We've added 11 non-merge commits during the last 5 day(s) which contain a total of 12 files changed, 78 insertions(+), 24 deletions(-). The main changes are: 1) three fixes in BPF task iterator logic, from Yonghong. 2) fix for compressed dwarf sections in vmlinux, from Jiri. 3) fix xdp attach regression, from Andrii. ==================== Signed-off-by: David S. Miller ","","This commit merges BPF changes into the net tree including task iterator fixes, a compressed dwarf sections fix, and an xdp attach regression fix.","BPF,fixes,merge","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"b16fc097bc283184cde40e5b30d15705e1590410","b16fc097bc283184cde40e5b30d15705e1590410","Tobias Klauser","tklauser@distanz.ch","1598017002","Alexei Starovoitov","ast@kernel.org","1598037977","3b24593dd4fc9c32fafee99286ef20710c36e14b","c210773d6c6f595f5922d56b7391fe343bc7310e","bpf: Fix two typos in uapi/linux/bpf.h Also remove trailing whitespaces in bpf_skb_get_tunnel_key example code. Signed-off-by: Tobias Klauser Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200821133642.18870-1-tklauser@distanz.ch","include/uapi/linux/bpf.h | 10 +++++-----; tools/include/uapi/linux/bpf.h | 10 +++++-----; 2 files changed, 10 insertions(+), 10 deletions(-)","The commit corrects typos and cleans up whitespace in bpf_skb_get_tunnel_key example code in uapi/linux/bpf.h.","typos, whitespace, cleanup","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","I'm not sure about the implementation component of the commit. The component affected by It is unclear.","I'm not sure about the logic component of the commit. The affected logic component is unclear.","[""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"0c5f1acc2a14416bf30023f373558d369afdbfc8","0c5f1acc2a14416bf30023f373558d369afdbfc8","Tiezhu Yang","yangtiezhu@loongson.cn","1597753837","Arnaldo Carvalho de Melo","acme@redhat.com","1598016143","10fa6cac6c842e7d6dfa6909b7cb619a005c0932","a74eaf1605d42391c2357a70e94e5a2c7780fea9","perf top: Skip side-band event setup if HAVE_LIBBPF_SUPPORT is not set When I execute 'perf top' without HAVE_LIBBPF_SUPPORT, there exists the following segmentation fault, skip the side-band event setup to fix it, this is similar with commit 1101c872c8c7 (""perf record: Skip side-band event setup if HAVE_LIBBPF_SUPPORT is not set""). [yangtiezhu@linux perf]$ ./perf top perf: Segmentation fault Obtained 6 stack frames. ./perf(sighandler_dump_stack+0x5c) [0x12011b604] [0xffffffc010] ./perf(perf_mmap__read_init+0x3e) [0x1201feeae] ./perf() [0x1200d715c] /lib64/libpthread.so.0(+0xab9c) [0xffee10ab9c] /lib64/libc.so.6(+0x128f4c) [0xffedc08f4c] Segmentation fault [yangtiezhu@linux perf]$ I use git bisect to find commit b38d85ef49cf (""perf bpf: Decouple creating the evlist from adding the SB event"") is the first bad commit, so also add the Fixes tag. Committer testing: First build perf explicitely disabling libbpf: $ make NO_LIBBPF=1 O=/tmp/build/perf -C tools/perf install-bin && perf test python Now make sure it isn't linked: $ perf -vv | grep -w bpf bpf: [ OFF ] # HAVE_LIBBPF_SUPPORT $ $ nm ~/bin/perf | grep libbpf $ And now try to run 'perf top': # perf top perf: Segmentation fault -------- backtrace -------- perf[0x5bcd6d] /lib64/libc.so.6(+0x3ca6f)[0x7fd0f5a66a6f] perf(perf_mmap__read_init+0x1e)[0x5e1afe] perf[0x4cc468] /lib64/libpthread.so.0(+0x9431)[0x7fd0f645a431] /lib64/libc.so.6(clone+0x42)[0x7fd0f5b2b912] # Applying this patch fixes the issue. Fixes: b38d85ef49cf (""perf bpf: Decouple creating the evlist from adding the SB event"") Signed-off-by: Tiezhu Yang Tested-by: Arnaldo Carvalho de Melo Cc: Alexander Shishkin Cc: Jiri Olsa Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Xuefeng Li Link: http://lore.kernel.org/lkml/1597753837-16222-1-git-send-email-yangtiezhu@loongson.cn Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/builtin-top.c | 2 ++; 1 file changed, 2 insertions(+)","The commit fixes a segmentation fault in 'perf top' by skipping side-band event setup when HAVE_LIBBPF_SUPPORT is missing.","segmentation,fault,libbpf","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"4b04e0decd2518e54e3f371abf3d883b3198663d","4b04e0decd2518e54e3f371abf3d883b3198663d","Sumanth Korikkar","sumanthk@linux.ibm.com","1597649274","Arnaldo Carvalho de Melo","acme@redhat.com","1598016143","23587f90b77b3c9fc8f5de84c6bb80ee5f75f679","da2968ff879b9e74688cdc658f646971991d2c56","perf test: Fix basic bpf filtering test BPF basic filtering test fails on s390x (when vmlinux debuginfo is utilized instead of /proc/kallsyms) Info: - bpf_probe_load installs the bpf code at do_epoll_wait. - For s390x, do_epoll_wait resolves to 3 functions including inlines. found inline addr: 0x43769e Probe point found: __s390_sys_epoll_wait+6 found inline addr: 0x437290 Probe point found: do_epoll_wait+0 found inline addr: 0x4375d6 Probe point found: __se_sys_epoll_wait+6 - add_bpf_event creates evsel for every probe in a BPF object. This results in 3 evsels. Solution: - Expected result = 50% of the samples to be collected from epoll_wait * number of entries present in the evlist. Committer testing: # perf test 42 42: BPF filter : 42.1: Basic BPF filtering : Ok 42.2: BPF pinning : Ok 42.3: BPF prologue generation : Ok 42.4: BPF relocation checker : Ok # Signed-off-by: Sumanth Korikkar Reviewed-by: Thomas Richter Tested-by: Arnaldo Carvalho de Melo Cc: bpf@vger.kernel.org Cc: Heiko Carstens Cc: Jiri Olsa Cc: Sven Schnelle LPU-Reference: 20200817072754.58344-1-sumanthk@linux.ibm.com Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/tests/bpf.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Fixes an issue with basic BPF filtering tests on the s390x architecture by adjusting probe point expectations.","BPF,filtering,s390x","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.']" +"c210773d6c6f595f5922d56b7391fe343bc7310e","c210773d6c6f595f5922d56b7391fe343bc7310e","Yauheni Kaliuta","yauheni.kaliuta@redhat.com","1597924723","Alexei Starovoitov","ast@kernel.org","1597959074","d62c557e148a44a174ca14b55b6efd552ec0b39c","c8a36f1945b2b1b3f9823b66fc2181dc069cf803","bpf: selftests: global_funcs: Check err_str before strstr The error path in libbpf.c:load_program() has calls to pr_warn() which ends up for global_funcs tests to test_global_funcs.c:libbpf_debug_print(). For the tests with no struct test_def::err_str initialized with a string, it causes call of strstr() with NULL as the second argument and it segfaults. Fix it by calling strstr() only for non-NULL err_str. Signed-off-by: Yauheni Kaliuta Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200820115843.39454-1-yauheni.kaliuta@redhat.com","tools/testing/selftests/bpf/prog_tests/test_global_funcs.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Fix a segmentation fault in eBPF selftests by checking if err_str is non-NULL before calling strstr.","selftests, global_funcs, segfault","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"c8a36f1945b2b1b3f9823b66fc2181dc069cf803","c8a36f1945b2b1b3f9823b66fc2181dc069cf803","Andrii Nakryiko","andriin@fb.com","1597901321","Alexei Starovoitov","ast@kernel.org","1597958832","d58459c8ddf651a7125a9e809ca4036aa841814f","5597432dde62befd3ab92e6ef9e073564e277ea8","bpf: xdp: Fix XDP mode when no mode flags specified 7f0a838254bd (""bpf, xdp: Maintain info on attached XDP BPF programs in net_device"") inadvertently changed which XDP mode is assumed when no mode flags are specified explicitly. Previously, driver mode was preferred, if driver supported it. If not, generic SKB mode was chosen. That commit changed default to SKB mode always. This patch fixes the issue and restores the original logic. Fixes: 7f0a838254bd (""bpf, xdp: Maintain info on attached XDP BPF programs in net_device"") Reported-by: Lorenzo Bianconi Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Tested-by: Lorenzo Bianconi Link: https://lore.kernel.org/bpf/20200820052841.1559757-1-andriin@fb.com","net/core/dev.c | 14 ++++++++------; 1 file changed, 8 insertions(+), 6 deletions(-)","The commit fixes the default XDP mode assumption when no mode flags are provided, restoring the original driver preference logic.","XDP mode, default, fix","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"5597432dde62befd3ab92e6ef9e073564e277ea8","5597432dde62befd3ab92e6ef9e073564e277ea8","Veronika Kabatova","vkabatov@redhat.com","1597853230","Alexei Starovoitov","ast@kernel.org","1597958725","30df4e9f66d41c6e798e321b0d2c06e0830f9ecc","51f6463aacfbfd322bcaadc606da56acef644b05","selftests/bpf: Remove test_align leftovers Calling generic selftests ""make install"" fails as rsync expects all files from TEST_GEN_PROGS to be present. The binary is not generated anymore (commit 3b09d27cc93d) so we can safely remove it from there and also from gitignore. Fixes: 3b09d27cc93d (""selftests/bpf: Move test_align under test_progs"") Signed-off-by: Veronika Kabatova Signed-off-by: Alexei Starovoitov Acked-by: Jesper Dangaard Brouer Link: https://lore.kernel.org/bpf/20200819160710.1345956-1-vkabatov@redhat.com","tools/testing/selftests/bpf/.gitignore | 1 -; tools/testing/selftests/bpf/Makefile | 2 +-; 2 files changed, 1 insertion(+), 2 deletions(-)","Remove test_align leftovers in selftests/bpf to fix 'make install' errors.","selftests,bpf,gitignore","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"51f6463aacfbfd322bcaadc606da56acef644b05","51f6463aacfbfd322bcaadc606da56acef644b05","Jiri Olsa","jolsa@kernel.org","1597829022","Alexei Starovoitov","ast@kernel.org","1597958240","b0c83afdb2a5096ffa62c9e66a5e04dcc0ca2d73","1e891e513e16c145cc9b45b1fdb8bf4a4f2f9557","tools/resolve_btfids: Fix sections with wrong alignment The data of compressed section should be aligned to 4 (for 32bit) or 8 (for 64 bit) bytes. The binutils ld sets sh_addralign to 1, which makes libelf fail with misaligned section error during the update as reported by Jesper: FAILED elf_update(WRITE): invalid section alignment While waiting for ld fix, we can fix compressed sections sh_addralign value manually. Adding warning in -vv mode when the fix is triggered: $ ./tools/bpf/resolve_btfids/resolve_btfids -vv vmlinux ... section(36) .comment, size 44, link 0, flags 30, type=1 section(37) .debug_aranges, size 45684, link 0, flags 800, type=1 - fixing wrong alignment sh_addralign 16, expected 8 section(38) .debug_info, size 129104957, link 0, flags 800, type=1 - fixing wrong alignment sh_addralign 1, expected 8 section(39) .debug_abbrev, size 1152583, link 0, flags 800, type=1 - fixing wrong alignment sh_addralign 1, expected 8 section(40) .debug_line, size 7374522, link 0, flags 800, type=1 - fixing wrong alignment sh_addralign 1, expected 8 section(41) .debug_frame, size 702463, link 0, flags 800, type=1 section(42) .debug_str, size 1017571, link 0, flags 830, type=1 - fixing wrong alignment sh_addralign 1, expected 8 section(43) .debug_loc, size 3019453, link 0, flags 800, type=1 - fixing wrong alignment sh_addralign 1, expected 8 section(44) .debug_ranges, size 1744583, link 0, flags 800, type=1 - fixing wrong alignment sh_addralign 16, expected 8 section(45) .symtab, size 2955888, link 46, flags 0, type=2 section(46) .strtab, size 2613072, link 0, flags 0, type=3 ... update ok for vmlinux Another workaround is to disable compressed debug info data CONFIG_DEBUG_INFO_COMPRESSED kernel option. Fixes: fbbb68de80a4 (""bpf: Add resolve_btfids tool to resolve BTF IDs in ELF object"") Reported-by: Jesper Dangaard Brouer Signed-off-by: Jiri Olsa Signed-off-by: Alexei Starovoitov Acked-by: Jesper Dangaard Brouer Acked-by: Yonghong Song Cc: Mark Wielaard Cc: Nick Clifton Link: https://lore.kernel.org/bpf/20200819092342.259004-1-jolsa@kernel.org","tools/bpf/resolve_btfids/main.c | 36 ++++++++++++++++++++++++++++++++++++; 1 file changed, 36 insertions(+)","This commit manually fixes section alignment in resolve_btfids tool to prevent elf_update errors.","alignment, resolve_btfids, tool","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"149cb3395504736485df1b93133e710dcf215c56","149cb3395504736485df1b93133e710dcf215c56","Andrii Nakryiko","andriin@fb.com","1597904051","Daniel Borkmann","daniel@iogearbox.net","1597934709","8552dcb8df7192a54b41d7424427fe400c8a3dcc","37a6a9e7676381cdf6868d2c013893074a1ee7b6","selftests/bpf: List newest Clang built-ins needed for some CO-RE selftests Record which built-ins are optional and needed for some of recent BPF CO-RE subtests. Document Clang diff that fixed corner-case issue with __builtin_btf_type_id(). Suggested-by: Alexei Starovoitov Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200820061411.1755905-4-andriin@fb.com","tools/testing/selftests/bpf/README.rst | 21 +++++++++++++++++++++; .../selftests/bpf/progs/test_core_reloc_type_id.c | 4 +++-; 2 files changed, 24 insertions(+), 1 deletion(-)","The commit documents Clang built-ins required for BPF CO-RE selftests and fixes a related Clang issue in the BPF selftests.","Clang, CO-RE, selftests","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"37a6a9e7676381cdf6868d2c013893074a1ee7b6","37a6a9e7676381cdf6868d2c013893074a1ee7b6","Andrii Nakryiko","andriin@fb.com","1597904050","Daniel Borkmann","daniel@iogearbox.net","1597934709","469cc9c331f4ced836bdb6cffc77198350ce5776","dda1ec9fc7f8383cb469a82614dbce61f357f3f8","selftests/bpf: Fix two minor compilation warnings reported by GCC 4.9 GCC 4.9 seems to be more strict in some regards. Fix two minor issue it reported. Fixes: 1c1052e0140a (""tools/testing/selftests/bpf: Add self-tests for new helper bpf_get_ns_current_pid_tgid."") Fixes: 2d7824ffd25c (""selftests: bpf: Add test for sk_assign"") Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200820061411.1755905-3-andriin@fb.com","tools/testing/selftests/bpf/prog_tests/sk_assign.c | 3 ++-; tools/testing/selftests/bpf/test_current_pid_tgid_new_ns.c | 1 +; 2 files changed, 3 insertions(+), 1 deletion(-)","This commit addresses minor compilation warnings in BPF self-tests identified by GCC 4.9.","selftests, compilation, GCC","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"dda1ec9fc7f8383cb469a82614dbce61f357f3f8","dda1ec9fc7f8383cb469a82614dbce61f357f3f8","Andrii Nakryiko","andriin@fb.com","1597904049","Daniel Borkmann","daniel@iogearbox.net","1597934709","2003d136a95b6e9884d38d3bc108bac9ec8cafb1","9b2f6fecf3b77d2457a13f77a563c07304f15775","libbpf: Fix libbpf build on compilers missing __builtin_mul_overflow GCC compilers older than version 5 don't support __builtin_mul_overflow yet. Given GCC 4.9 is the minimal supported compiler for building kernel and the fact that libbpf is a dependency of resolve_btfids, which is dependency of CONFIG_DEBUG_INFO_BTF=y, this needs to be handled. This patch fixes the issue by falling back to slower detection of integer overflow in such cases. Fixes: 029258d7b228 (""libbpf: Remove any use of reallocarray() in libbpf"") Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200820061411.1755905-2-andriin@fb.com","tools/lib/bpf/libbpf_internal.h | 10 ++++++++++; 1 file changed, 10 insertions(+)","The commit fixes the libbpf build issue for GCC compilers below version 5 by using an alternative integer overflow detection method.","libbpf, GCC, overflow","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"9b2f6fecf3b77d2457a13f77a563c07304f15775","9b2f6fecf3b77d2457a13f77a563c07304f15775","Andrii Nakryiko","andriin@fb.com","1597904048","Daniel Borkmann","daniel@iogearbox.net","1597934709","afc42c68923d9e671ccd9384ef1a0d52ecbf2d2b","0bc23a1d1c8a1b4a5e4b973a7a80a6d067bd3eef","libbpf: Fix detection of BPF helper call instruction BPF_CALL | BPF_JMP32 is explicitly not allowed by verifier for BPF helper calls, so don't detect it as a valid call. Also drop the check on func_id pointer, as it's currently always non-null. Fixes: 109cea5a594f (""libbpf: Sanitize BPF program code for bpf_probe_read_{kernel, user}[_str]"") Reported-by: Yonghong Song Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200820061411.1755905-1-andriin@fb.com","tools/lib/bpf/libbpf.c | 10 ++++------; 1 file changed, 4 insertions(+), 6 deletions(-)","This commit fixes BPF helper call detection in libbpf by excluding invalid BPF_CALL | BPF_JMP32 combinations.","libbpf,helper,fix","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"1e891e513e16c145cc9b45b1fdb8bf4a4f2f9557","1e891e513e16c145cc9b45b1fdb8bf4a4f2f9557","Toke Høiland-Jørgensen","toke@redhat.com","1597835134","Daniel Borkmann","daniel@iogearbox.net","1597933287","b085115994c30914ea631640962d3a41a508e59a","00fa1d83a8b50351c830521d00135e823c46e7d0","libbpf: Fix map index used in error message The error message emitted by bpf_object__init_user_btf_maps() was using the wrong section ID. Signed-off-by: Toke Høiland-Jørgensen Signed-off-by: Daniel Borkmann Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200819110534.9058-1-toke@redhat.com","tools/lib/bpf/libbpf.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Fixes the map index error message in libbpf's user BTF map initialization.","libbpf,error,map","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"0bc23a1d1c8a1b4a5e4b973a7a80a6d067bd3eef","0bc23a1d1c8a1b4a5e4b973a7a80a6d067bd3eef","Daniel Borkmann","daniel@iogearbox.net","1597932156","Daniel Borkmann","daniel@iogearbox.net","1597932164","087830af34fd6bab9403c53b909d3356478739e4","6e9cab2e3fa597419ec8a117a9f3e3ebc251c120 edb65ee5aa2550f6035c8fb169a359bc18acb84a","Merge branch 'bpf-umd-debug' Alexei Starovoitov says: ==================== This patch set is the first real user of user mode driver facility. The general use case for user mode driver is to ship vmlinux with preloaded BPF programs. In this particular case the user mode driver populates bpffs instance with two BPF iterators. In several months BPF_LSM project would need to preload the kernel with its own set of BPF programs and attach to LSM hooks instead of bpffs. BPF iterators and BPF_LSM are unstable from uapi perspective. They are tracing based and peek into arbitrary kernel data structures. One can question why a kernel module cannot embed BPF programs inside. The reason is that libbpf is necessary to load them. First libbpf loads BPF Type Format, then creates BPF maps, populates them. Then it relocates code sections inside BPF programs, loads BPF programs, and finally attaches them to events. Theoretically libbpf can be rewritten to work in the kernel, but that is massive undertaking. The maintenance of in-kernel libbpf and user space libbpf would be another challenge. Another obstacle to embedding BPF programs into kernel module is sys_bpf api. Loading of programs, BTF, maps goes through the verifier. It validates and optimizes the code. It's possible to provide in-kernel api to all of sys_bpf commands (load progs, create maps, update maps, load BTF, etc), but that is huge amount of work and forever maintenance headache. Hence the decision is to ship vmlinux with user mode drivers that load BPF programs. Just like kernel modules extend vmlinux BPF programs are safe extensions of the kernel and some of them need to ship with vmlinux. This patch set adds a kernel module with user mode driver that populates bpffs with two BPF iterators. $ mount bpffs /my/bpffs/ -t bpf $ ls -la /my/bpffs/ total 4 drwxrwxrwt 2 root root 0 Jul 2 00:27 . drwxr-xr-x 19 root root 4096 Jul 2 00:09 .. -rw------- 1 root root 0 Jul 2 00:27 maps.debug -rw------- 1 root root 0 Jul 2 00:27 progs.debug The user mode driver will load BPF Type Formats, create BPF maps, populate BPF maps, load two BPF programs, attach them to BPF iterators, and finally send two bpf_link IDs back to the kernel. The kernel will pin two bpf_links into newly mounted bpffs instance under names ""progs.debug"" and ""maps.debug"". These two files become human readable. $ cat /my/bpffs/progs.debug id name attached 11 dump_bpf_map bpf_iter_bpf_map 12 dump_bpf_prog bpf_iter_bpf_prog 27 test_pkt_access 32 test_main test_pkt_access test_pkt_access 33 test_subprog1 test_pkt_access_subprog1 test_pkt_access 34 test_subprog2 test_pkt_access_subprog2 test_pkt_access 35 test_subprog3 test_pkt_access_subprog3 test_pkt_access 36 new_get_skb_len get_skb_len test_pkt_access 37 new_get_skb_ifindex get_skb_ifindex test_pkt_access 38 new_get_constant get_constant test_pkt_access The BPF program dump_bpf_prog() in iterators.bpf.c is printing this data about all BPF programs currently loaded in the system. This information is unstable and will change from kernel to kernel. In some sence this output is similar to 'bpftool prog show' that is using stable api to retreive information about BPF programs. The BPF subsytems grows quickly and there is always demand to show as much info about BPF things as possible. But we cannot expose all that info via stable uapi of bpf syscall, since the details change so much. Right now a BPF program can be attached to only one other BPF program. Folks are working on patches to enable multi-attach, but for debugging it's necessary to see the current state. There is no uapi for that, but above output shows it: 37 new_get_skb_ifindex get_skb_ifindex test_pkt_access 38 new_get_constant get_constant test_pkt_access [1] [2] [3] [1] is the full name of BPF prog from BTF. [2] is the name of function inside target BPF prog. [3] is the name of target BPF prog. [2] and [3] are not exposed via uapi, since they will change from single to multi soon. There are many other cases where bpf internals are useful for debugging, but shouldn't be exposed via uapi due to high rate of changes. systemd mounts /sys/fs/bpf at the start, so this kernel module with user mode driver needs to be available early. BPF_LSM most likely would need to preload BPF programs even earlier. Few interesting observations: - though bpffs comes with two human readble files ""progs.debug"" and ""maps.debug"" they can be removed. 'rm -f /sys/fs/bpf/progs.debug' will remove bpf_link and kernel will automatically unload corresponding BPF progs, maps, BTFs. In the future '-o remount' will be able to restore them. This is not implemented yet. - 'ps aux|grep bpf_preload' shows nothing. User mode driver loaded BPF iterators and exited. Nothing is lingering in user space at this point. - We can consider giving 0644 permissions to ""progs.debug"" and ""maps.debug"" to allow unprivileged users see BPF things loaded in the system. We cannot do so with ""bpftool prog show"", since it's using cap_sys_admin parts of bpf syscall. - The functionality split between core kernel, bpf_preload kernel module and user mode driver is very similar to bpfilter style of interaction. - Similar BPF iterators can be used as unstable extensions to /proc. Like mounting /proc can prepopolate some subdirectory in there with a BPF iterator that will print QUIC sockets instead of tcp and udp. Changelog: v5->v6: - refactored Makefiles with Andrii's help - switched to explicit $(MAKE) style - switched to userldlibs instead of userldflags - fixed build issue with libbpf Makefile due to invocation from kbuild - fixed menuconfig order as spotted by Daniel - introduced CONFIG_USERMODE_DRIVER bool that is selected by bpfilter and bpf_preload v4->v5: - addressed Song and Andrii feedback. s/pages/max_entries/ v3->v4: - took THIS_MODULE in patch 3 as suggested by Daniel to simplify the code. - converted BPF iterator to use BTF (when available) to print full BPF program name instead of 16-byte truncated version. This is something I've been using drgn scripts for. Take a look at get_name() in iterators.bpf.c to see how short it is comparing to what user space bpftool would have to do to print the same full name: . get prog info via obj_info_by_fd . do get_fd_by_id from info->btf_id . fetch potentially large BTF of the program from the kernel . parse that BTF in user space to figure out all type boundaries and string section . read info->func_info to get btf_id of func_proto from there . find that btf_id in the parsed BTF That's quite a bit work for bpftool comparing to few lines in get_name(). I guess would be good to make bpftool do this info extraction anyway. While doing this BTF reading in the kernel realized that the verifier is not smart enough to follow double pointers (added to my todo list), otherwise get_name() would have been even shorter. v2->v3: - fixed module unload race (Daniel) - added selftest (Daniel) - fixed build bot warning v1->v2: - changed names to 'progs.debug' and 'maps.debug' to hopefully better indicate instability of the text output. Having dot in the name also guarantees that these special files will not conflict with normal bpf objects pinned in bpffs, since dot is disallowed for normal pins. - instead of hard coding link_name in the core bpf moved into UMD. - cleanedup error handling. - addressed review comments from Yonghong and Andrii. ==================== Signed-off-by: Daniel Borkmann ","","The commit merges the 'bpf-umd-debug' branch, introducing a user mode driver to pre-load BPF programs into vmlinux.","BPF, user mode, driver","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"edb65ee5aa2550f6035c8fb169a359bc18acb84a","edb65ee5aa2550f6035c8fb169a359bc18acb84a","Alexei Starovoitov","ast@kernel.org","1597811279","Daniel Borkmann","daniel@iogearbox.net","1597932156","087830af34fd6bab9403c53b909d3356478739e4","d71fa5c9763c24dd997a2fa4feb7a13a95bab42c","selftests/bpf: Add bpffs preload test. Add a test that mounts two bpffs instances and checks progs.debug and maps.debug for sanity data. Signed-off-by: Alexei Starovoitov Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200819042759.51280-5-alexei.starovoitov@gmail.com",".../testing/selftests/bpf/prog_tests/test_bpffs.c | 94 ++++++++++++++++++++++; 1 file changed, 94 insertions(+)","This commit introduces a test that mounts two bpffs instances to verify debug data validity in progs.debug and maps.debug.","bpffs debug test","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"d71fa5c9763c24dd997a2fa4feb7a13a95bab42c","d71fa5c9763c24dd997a2fa4feb7a13a95bab42c","Alexei Starovoitov","ast@kernel.org","1597811278","Daniel Borkmann","daniel@iogearbox.net","1597932156","cc0059ab68f8884169ba1176acd05da5148c83ad","f0fdfefb2d4da5b76c3f810be0edb2ab90360224","bpf: Add kernel module with user mode driver that populates bpffs. Add kernel module with user mode driver that populates bpffs with BPF iterators. $ mount bpffs /my/bpffs/ -t bpf $ ls -la /my/bpffs/ total 4 drwxrwxrwt 2 root root 0 Jul 2 00:27 . drwxr-xr-x 19 root root 4096 Jul 2 00:09 .. -rw------- 1 root root 0 Jul 2 00:27 maps.debug -rw------- 1 root root 0 Jul 2 00:27 progs.debug The user mode driver will load BPF Type Formats, create BPF maps, populate BPF maps, load two BPF programs, attach them to BPF iterators, and finally send two bpf_link IDs back to the kernel. The kernel will pin two bpf_links into newly mounted bpffs instance under names ""progs.debug"" and ""maps.debug"". These two files become human readable. $ cat /my/bpffs/progs.debug id name attached 11 dump_bpf_map bpf_iter_bpf_map 12 dump_bpf_prog bpf_iter_bpf_prog 27 test_pkt_access 32 test_main test_pkt_access test_pkt_access 33 test_subprog1 test_pkt_access_subprog1 test_pkt_access 34 test_subprog2 test_pkt_access_subprog2 test_pkt_access 35 test_subprog3 test_pkt_access_subprog3 test_pkt_access 36 new_get_skb_len get_skb_len test_pkt_access 37 new_get_skb_ifindex get_skb_ifindex test_pkt_access 38 new_get_constant get_constant test_pkt_access The BPF program dump_bpf_prog() in iterators.bpf.c is printing this data about all BPF programs currently loaded in the system. This information is unstable and will change from kernel to kernel as "".debug"" suffix conveys. Signed-off-by: Alexei Starovoitov Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200819042759.51280-4-alexei.starovoitov@gmail.com","init/Kconfig | 2 +; kernel/Makefile | 2 +-; kernel/bpf/Makefile | 1 +; kernel/bpf/inode.c | 116 +++++++++++++++++++++-; kernel/bpf/preload/Kconfig | 23 +++++; kernel/bpf/preload/Makefile | 23 +++++; kernel/bpf/preload/bpf_preload.h | 16 +++; kernel/bpf/preload/bpf_preload_kern.c | 91 +++++++++++++++++; kernel/bpf/preload/bpf_preload_umd_blob.S | 7 ++; kernel/bpf/preload/iterators/bpf_preload_common.h | 13 +++; kernel/bpf/preload/iterators/iterators.c | 94 ++++++++++++++++++; net/bpfilter/Kconfig | 1 +; tools/lib/bpf/Makefile | 7 +-; 13 files changed, 390 insertions(+), 6 deletions(-)","This commit adds a kernel module with a user mode driver to populate bpffs with BPF iterators.","kernel,module,bpffs","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"f0fdfefb2d4da5b76c3f810be0edb2ab90360224","f0fdfefb2d4da5b76c3f810be0edb2ab90360224","Alexei Starovoitov","ast@kernel.org","1597811277","Daniel Borkmann","daniel@iogearbox.net","1597932156","453bb56dfa2c9e377bf1086ddf76670f5a4a56e2","005142b8a1f0f32d33fbe04b728464c1b7acfa0e","bpf: Add BPF program and map iterators as built-in BPF programs. The program and map iterators work similar to seq_file-s. Once the program is pinned in bpffs it can be read with ""cat"" tool to print human readable output. In this case about BPF programs and maps. For example: $ cat /sys/fs/bpf/progs.debug id name attached 5 dump_bpf_map bpf_iter_bpf_map 6 dump_bpf_prog bpf_iter_bpf_prog $ cat /sys/fs/bpf/maps.debug id name max_entries 3 iterator.rodata 1 To avoid kernel build dependency on clang 10 separate bpf skeleton generation into manual ""make"" step and instead check-in generated .skel.h into git. Unlike 'bpftool prog show' in-kernel BTF name is used (when available) to print full name of BPF program instead of 16-byte truncated name. Signed-off-by: Alexei Starovoitov Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200819042759.51280-3-alexei.starovoitov@gmail.com","kernel/bpf/preload/iterators/.gitignore | 2 +; kernel/bpf/preload/iterators/Makefile | 57 ++++; kernel/bpf/preload/iterators/README | 4 +; kernel/bpf/preload/iterators/iterators.bpf.c | 114 +++++++; kernel/bpf/preload/iterators/iterators.skel.h | 410 ++++++++++++++++++++++++++; 5 files changed, 587 insertions(+)","Add BPF program and map iterators as built-in BPF programs with manual BPF skeleton generation step.","BPF, iterators, skeleton","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"005142b8a1f0f32d33fbe04b728464c1b7acfa0e","005142b8a1f0f32d33fbe04b728464c1b7acfa0e","Alexei Starovoitov","ast@kernel.org","1597811276","Daniel Borkmann","daniel@iogearbox.net","1597932156","bf08f0b09cdf8308afb0e66cc9132f2be866d9a9","6e9cab2e3fa597419ec8a117a9f3e3ebc251c120","bpf: Factor out bpf_link_by_id() helper. Refactor the code a bit to extract bpf_link_by_id() helper. It's similar to existing bpf_prog_by_id(). Signed-off-by: Alexei Starovoitov Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Acked-by: Song Liu Link: https://lore.kernel.org/bpf/20200819042759.51280-2-alexei.starovoitov@gmail.com","include/linux/bpf.h | 1 +; kernel/bpf/syscall.c | 46 ++++++++++++++++++++++++++++------------------; 2 files changed, 29 insertions(+), 18 deletions(-)","Refactored code to introduce bpf_link_by_id() helper for better manageability.","refactor, helper, bpf","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"6e9cab2e3fa597419ec8a117a9f3e3ebc251c120","6e9cab2e3fa597419ec8a117a9f3e3ebc251c120","Xu Wang","vulab@iscas.ac.cn","1597805604","Daniel Borkmann","daniel@iogearbox.net","1597932070","64fcb5fea8464e0a07075efdb1627bdc45a8dc7c","c1447efdafff23eae9b1bd81caa38412ae21410e","libbpf: Simplify the return expression of build_map_pin_path() Simplify the return expression. Signed-off-by: Xu Wang Signed-off-by: Daniel Borkmann Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200819025324.14680-1-vulab@iscas.ac.cn","tools/lib/bpf/libbpf.c | 8 ++------; 1 file changed, 2 insertions(+), 6 deletions(-)","The commit simplifies the return expression in the build_map_pin_path function in libbpf.","libbpf,simplify,return","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"c1447efdafff23eae9b1bd81caa38412ae21410e","c1447efdafff23eae9b1bd81caa38412ae21410e","Alexei Starovoitov","ast@kernel.org","1597871979","Alexei Starovoitov","ast@kernel.org","1597872874","894182d69e4e76d2a0fc8d81390440874686ba92","defcffeb517b3965e64f4e5531db3b452dccbfc5 3357490555eacd39c2bf3e355a0e435f658d806f","Merge branch 'type-and-enum-value-relos' Andrii Nakryiko says: ==================== This patch set adds libbpf support for two new classes of CO-RE relocations: type-based (TYPE_EXISTS/TYPE_SIZE/TYPE_ID_LOCAL/TYPE_ID_TARGET) and enum value-vased (ENUMVAL_EXISTS/ENUMVAL_VALUE): - TYPE_EXISTS allows to detect presence in kernel BTF of a locally-recorded BTF type. Useful for feature detection (new functionality often comes with new internal kernel types), as well as handling type renames and bigger refactorings. - TYPE_SIZE allows to get the real size (in bytes) of a specified kernel type. Useful for dumping internal structure as-is through perfbuf or ringbuf. - TYPE_ID_LOCAL/TYPE_ID_TARGET allow to capture BTF type ID of a BTF type in program's BTF or kernel BTF, respectively. These could be used for high-performance and space-efficient generic data dumping/logging by relying on small and cheap BTF type ID as a data layout descriptor, for post-processing on user-space side. - ENUMVAL_EXISTS can be used for detecting the presence of enumerator value in kernel's enum type. Most direct application is to detect BPF helper support in kernel. - ENUMVAL_VALUE allows to relocate real integer value of kernel enumerator value, which is subject to change (e.g., always a potential issue for internal, non-UAPI, kernel enums). I've indicated potential applications for these relocations, but relocations themselves are generic and unassuming and are designed to work correctly even in unintended applications. Furthermore, relocated values become constants, known to the verifier and could and would be used for dead branch code detection and elimination. This makes them ideal to do all sorts of feature detection and guarding functionality that's not available on some older (but still supported by BPF program) kernels, while having to compile and maintain one unified source code. Selftests are added for all the new features. Selftests utilizing new Clang built-ins are designed such that they will compile with older Clangs and will be skipped during test runs. So this shouldn't cause any build and test failures on systems with slightly outdated Clang compiler. LLVM patches adding these relocation in Clang: - __builtin_btf_type_id() ([0], [1], [2]); - __builtin_preserve_type_info(), __builtin_preserve_enum_value() ([3], [4]). [0] https://reviews.llvm.org/D74572 [1] https://reviews.llvm.org/D74668 [2] https://reviews.llvm.org/D85174 [3] https://reviews.llvm.org/D83878 [4] https://reviews.llvm.org/D83242 v2->v3: - fix feature detection for __builtin_btf_type_id() test (Yonghong); - fix extra empty lines at the end of files (Yonghong); v1->v2: - selftests detect built-in support and are skipped if not found (Alexei). ==================== Signed-off-by: Alexei Starovoitov ","","This commit merges changes adding libbpf support for new CO-RE relocations related to types and enum values with selftests included.","libbpf,relocations,CO-RE","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"3357490555eacd39c2bf3e355a0e435f658d806f","3357490555eacd39c2bf3e355a0e435f658d806f","Andrii Nakryiko","andriin@fb.com","1597866319","Alexei Starovoitov","ast@kernel.org","1597871979","894182d69e4e76d2a0fc8d81390440874686ba92","eacaaed784e2c9da69dea3030c81062c1fd66a37","selftests/bpf: Add tests for ENUMVAL_EXISTS/ENUMVAL_VALUE relocations Add tests validating existence and value relocations for enum value-based relocations. If __builtin_preserve_enum_value() built-in is not supported, skip tests. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200819194519.3375898-6-andriin@fb.com",".../testing/selftests/bpf/prog_tests/core_reloc.c | 56 +++++++++++++++; .../selftests/bpf/progs/btf__core_reloc_enumval.c | 3 +; .../bpf/progs/btf__core_reloc_enumval___diff.c | 3 +; .../progs/btf__core_reloc_enumval___err_missing.c | 3 +; .../progs/btf__core_reloc_enumval___val3_missing.c | 3 +; .../testing/selftests/bpf/progs/core_reloc_types.h | 84 ++++++++++++++++++++++; .../selftests/bpf/progs/test_core_reloc_enumval.c | 72 +++++++++++++++++++; 7 files changed, 224 insertions(+)","This commit enhances the self-tests in eBPF suite for enum value relocations.","selftests, ENUMVAL_EXISTS, core_reloc","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"eacaaed784e2c9da69dea3030c81062c1fd66a37","eacaaed784e2c9da69dea3030c81062c1fd66a37","Andrii Nakryiko","andriin@fb.com","1597866318","Alexei Starovoitov","ast@kernel.org","1597871979","b720446ede6b0e701fc5543c3aca6e69c7c6d6a9","4836bf5e2ec6e410c7f0c044402951484901a676","libbpf: Implement enum value-based CO-RE relocations Implement two relocations of a new enumerator value-based CO-RE relocation kind: ENUMVAL_EXISTS and ENUMVAL_VALUE. First, ENUMVAL_EXISTS, allows to detect the presence of a named enumerator value in the target (kernel) BTF. This is useful to do BPF helper/map/program type support detection from BPF program side. bpf_core_enum_value_exists() macro helper is provided to simplify built-in usage. Second, ENUMVAL_VALUE, allows to capture enumerator integer value and relocate it according to the target BTF, if it changes. This is useful to have a guarantee against intentional or accidental re-ordering/re-numbering of some of the internal (non-UAPI) enumerations, where kernel developers don't care about UAPI backwards compatiblity concerns. bpf_core_enum_value() allows to capture this succinctly and use correct enum values in code. LLVM uses ldimm64 instruction to capture enumerator value-based relocations, so add support for ldimm64 instruction patching as well. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200819194519.3375898-5-andriin@fb.com","tools/lib/bpf/bpf_core_read.h | 28 ++++++++; tools/lib/bpf/libbpf.c | 145 ++++++++++++++++++++++++++++++++++++++--; tools/lib/bpf/libbpf_internal.h | 2 +; 3 files changed, 170 insertions(+), 5 deletions(-)","The commit implements enum value-based CO-RE relocations in libbpf to enhance BPF program support detection.","libbpf,enum,relocations","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"4836bf5e2ec6e410c7f0c044402951484901a676","4836bf5e2ec6e410c7f0c044402951484901a676","Andrii Nakryiko","andriin@fb.com","1597866317","Alexei Starovoitov","ast@kernel.org","1597871979","cafddeaf11ed1724638274dddd6be1acf101c5f5","124a892d1c416dc4f639031afb79d47857d9b0b0","selftests/bpf: Add CO-RE relo test for TYPE_ID_LOCAL/TYPE_ID_TARGET Add tests for BTF type ID relocations. To allow testing this, enhance core_relo.c test runner to allow dynamic initialization of test inputs. If Clang doesn't have necessary support for new functionality, test is skipped. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200819194519.3375898-4-andriin@fb.com",".../testing/selftests/bpf/prog_tests/core_reloc.c | 168 ++++++++++++++++++++-; .../selftests/bpf/progs/btf__core_reloc_type_id.c | 3 +; .../btf__core_reloc_type_id___missing_targets.c | 3 +; .../testing/selftests/bpf/progs/core_reloc_types.h | 41 +++++; .../bpf/progs/test_core_reloc_type_based.c | 14 --; .../selftests/bpf/progs/test_core_reloc_type_id.c | 113 ++++++++++++++; 6 files changed, 323 insertions(+), 19 deletions(-)","This commit adds BTF type ID relocation tests to the eBPF selftests for better Core and BTF handling.","BTF,tests,CO-RE","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"124a892d1c416dc4f639031afb79d47857d9b0b0","124a892d1c416dc4f639031afb79d47857d9b0b0","Andrii Nakryiko","andriin@fb.com","1597866316","Alexei Starovoitov","ast@kernel.org","1597871979","accca582aff803e67fe432b19bf482ca0b5c9d98","3fc32f40c40207bf85ce1b007f18981c4673df96","selftests/bpf: Test TYPE_EXISTS and TYPE_SIZE CO-RE relocations Add selftests for TYPE_EXISTS and TYPE_SIZE relocations, testing correctness of relocations and handling of type compatiblity/incompatibility. If __builtin_preserve_type_info() is not supported by compiler, skip tests. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200819194519.3375898-3-andriin@fb.com",".../testing/selftests/bpf/prog_tests/core_reloc.c | 125 ++++++++++---; .../bpf/progs/btf__core_reloc_type_based.c | 3 +; .../btf__core_reloc_type_based___all_missing.c | 3 +; .../progs/btf__core_reloc_type_based___diff_sz.c | 3 +; .../btf__core_reloc_type_based___fn_wrong_args.c | 3 +; .../progs/btf__core_reloc_type_based___incompat.c | 3 +; .../testing/selftests/bpf/progs/core_reloc_types.h | 202 ++++++++++++++++++++-; .../selftests/bpf/progs/test_core_reloc_kernel.c | 2 +; .../bpf/progs/test_core_reloc_type_based.c | 124 +++++++++++++; 9 files changed, 446 insertions(+), 22 deletions(-)","This commit adds selftests for TYPE_EXISTS and TYPE_SIZE CO-RE relocations to verify type compatibility and relocate handling in eBPF programs.","selftests, TYPE_EXISTS, CO-RE","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"3fc32f40c40207bf85ce1b007f18981c4673df96","3fc32f40c40207bf85ce1b007f18981c4673df96","Andrii Nakryiko","andriin@fb.com","1597866315","Alexei Starovoitov","ast@kernel.org","1597871979","1a97d48c7887152a80f435822642bb494366b3f9","defcffeb517b3965e64f4e5531db3b452dccbfc5","libbpf: Implement type-based CO-RE relocations support Implement support for TYPE_EXISTS/TYPE_SIZE/TYPE_ID_LOCAL/TYPE_ID_REMOTE relocations. These are examples of type-based relocations, as opposed to field-based relocations supported already. The difference is that they are calculating relocation values based on the type itself, not a field within a struct/union. Type-based relos have slightly different semantics when matching local types to kernel target types, see comments in bpf_core_types_are_compat() for details. Their behavior on failure to find target type in kernel BTF also differs. Instead of ""poisoning"" relocatable instruction and failing load subsequently in kernel, they return 0 (which is rarely a valid return result, so user BPF code can use that to detect success/failure of the relocation and deal with it without extra ""guarding"" relocations). Also, it's always possible to check existence of the type in target kernel with TYPE_EXISTS relocation, similarly to a field-based FIELD_EXISTS. TYPE_ID_LOCAL relocation is a bit special in that it always succeeds (barring any libbpf/Clang bugs) and resolved to BTF ID using **local** BTF info of BPF program itself. Tests in subsequent patches demonstrate the usage and semantics of new relocations. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200819194519.3375898-2-andriin@fb.com","tools/lib/bpf/bpf_core_read.h | 52 ++++++++-; tools/lib/bpf/libbpf.c | 231 ++++++++++++++++++++++++++++++++++++----; tools/lib/bpf/libbpf_internal.h | 4 +; 3 files changed, 263 insertions(+), 24 deletions(-)","Implement type-based CO-RE relocations support in libbpf for handling type-specific relocations.","CO-RE,libbpf,relocations","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"defcffeb517b3965e64f4e5531db3b452dccbfc5","defcffeb517b3965e64f4e5531db3b452dccbfc5","Maciej Żenczykowski","maze@google.com","1597802427","Alexei Starovoitov","ast@kernel.org","1597871438","4f8ce3f51a11609b12481998eb5bef4085a071ac","596b5ef458f903d4362fb3c69967b6d8a23334bd","net-veth: Add type safety to veth_xdp_to_ptr() and veth_ptr_to_xdp() This reduces likelihood of incorrect use. Test: builds Signed-off-by: Maciej Żenczykowski Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200819020027.4072288-1-zenczykowski@gmail.com","drivers/net/veth.c | 6 +++---; 1 file changed, 3 insertions(+), 3 deletions(-)","The commit adds type safety to functions in veth to reduce incorrect use.","type safety,veth,functions","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"596b5ef458f903d4362fb3c69967b6d8a23334bd","596b5ef458f903d4362fb3c69967b6d8a23334bd","Maciej Żenczykowski","maze@google.com","1597799230","Alexei Starovoitov","ast@kernel.org","1597870969","fd3ad5165cdb78b0e52481b349157d08930d1d27","b558b6c24068d87ffcd95dad3bf0d9bd2ac290e9","net-tun: Eliminate two tun/xdp related function calls from vhost-net This provides a minor performance boost by virtue of inlining instead of cross module function calls. Test: builds Signed-off-by: Maciej Żenczykowski Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200819010710.3959310-2-zenczykowski@gmail.com","drivers/net/tun.c | 18 ------------------; include/linux/if_tun.h | 15 ++++++++++++---; 2 files changed, 12 insertions(+), 21 deletions(-)","This commit inlines two tun/xdp related function calls to boost vhost-net performance.","tun,xdp,performance","A performance optimization. It improves the performance of existing code such as reducing latency or improving throughput.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"b558b6c24068d87ffcd95dad3bf0d9bd2ac290e9","b558b6c24068d87ffcd95dad3bf0d9bd2ac290e9","Maciej Żenczykowski","maze@google.com","1597799229","Alexei Starovoitov","ast@kernel.org","1597870969","3087016afa79360897607b3ac0c61f103cfadd98","37081156149fd532d534efd8ea99ca362ed62e5b","net-tun: Add type safety to tun_xdp_to_ptr() and tun_ptr_to_xdp() This reduces likelihood of incorrect use. Test: builds Signed-off-by: Maciej Żenczykowski Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200819010710.3959310-1-zenczykowski@gmail.com","drivers/net/tun.c | 6 +++---; include/linux/if_tun.h | 8 ++++----; 2 files changed, 7 insertions(+), 7 deletions(-)","The commit adds type safety to tun_xdp_to_ptr() and tun_ptr_to_xdp() functions to reduce incorrect usage in the TUN network driver.","type safety, TUN, network","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', 'tc related type programs. It affects programs managing traffic control (tc) for queuing or prioritizing network traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"37081156149fd532d534efd8ea99ca362ed62e5b","37081156149fd532d534efd8ea99ca362ed62e5b","Alexei Starovoitov","ast@kernel.org","1597801106","Alexei Starovoitov","ast@kernel.org","1597801152","db9db9e5bf0e08e319156582f83936d0f74a95cd","00b2e95325f8c9dd56a7dae691b01e321838a557 22dd1ac91a77675238d10059c479ab6fa6160c60","Merge branch 'libbpf-minimize-feature-detection' Andrii Nakryiko says: ==================== Get rid of two feature detectors: reallocarray and libelf-mmap. Optional feature detections complicate libbpf Makefile and cause more troubles for various applications that want to integrate libbpf as part of their build. Patch #1 replaces all reallocarray() uses into libbpf-internal reallocarray() implementation. Patches #2 and #3 makes sure we won't re-introduce reallocarray() accidentally. Patch #2 also removes last use of libbpf_internal.h header inside bpftool. There is still nlattr.h that's used by both libbpf and bpftool, but that's left for a follow up patch to split. Patch #4 removed libelf-mmap feature detector and all its uses, as it's trivial to handle missing mmap support in libbpf, the way objtool has been doing it for a while. v1->v2 and v2->v3: - rebase to latest bpf-next (Alexei). ==================== Signed-off-by: Alexei Starovoitov ","","This commit merges changes from 'libbpf-minimize-feature-detection' branch to remove feature detectors and simplify the build process.","libbpf, reallocarray, detectors","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"22dd1ac91a77675238d10059c479ab6fa6160c60","22dd1ac91a77675238d10059c479ab6fa6160c60","Andrii Nakryiko","andriin@fb.com","1597800967","Alexei Starovoitov","ast@kernel.org","1597801105","db9db9e5bf0e08e319156582f83936d0f74a95cd","85367030a6c7ef3373347cf816c698995074f6f0","tools: Remove feature-libelf-mmap feature detection It's trivial to handle missing ELF_C_MMAP_READ support in libelf the way that objtool has solved it in (""774bec3fddcc objtool: Add fallback from ELF_C_READ_MMAP to ELF_C_READ""). So instead of having an entire feature detector for that, just do what objtool does for perf and libbpf. And keep their Makefiles a bit simpler. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200819013607.3607269-5-andriin@fb.com","tools/build/Makefile.feature | 1 -; tools/build/feature/Makefile | 4 ----; tools/build/feature/test-all.c | 4 ----; tools/build/feature/test-libelf-mmap.c | 9 ---------; tools/lib/bpf/Makefile | 6 +-----; tools/lib/bpf/libbpf.c | 14 ++++++--------; tools/perf/Makefile.config | 4 ----; tools/perf/util/symbol.h | 2 +-; 8 files changed, 8 insertions(+), 36 deletions(-)","This commit removes libelf-mmap feature detection for simplification of Makefiles in libbpf and perf.","libelf mmap Makefiles","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"85367030a6c7ef3373347cf816c698995074f6f0","85367030a6c7ef3373347cf816c698995074f6f0","Andrii Nakryiko","andriin@fb.com","1597800966","Alexei Starovoitov","ast@kernel.org","1597801105","b0f4b19f18ec9d8d64893a4b7a3e4790851185e2","7084566a236fbc98beb11430d8d67dd08b2ac151","libbpf: Centralize poisoning and poison reallocarray() Most of libbpf source files already include libbpf_internal.h, so it's a good place to centralize identifier poisoning. So move kernel integer type poisoning there. And also add reallocarray to a poison list to prevent accidental use of it. libbpf_reallocarray() should be used universally instead. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200819013607.3607269-4-andriin@fb.com","tools/lib/bpf/bpf.c | 3 ---; tools/lib/bpf/bpf_prog_linfo.c | 3 ---; tools/lib/bpf/btf.c | 3 ---; tools/lib/bpf/btf_dump.c | 3 ---; tools/lib/bpf/hashmap.c | 3 +++; tools/lib/bpf/libbpf.c | 3 ---; tools/lib/bpf/libbpf_internal.h | 7 +++++++; tools/lib/bpf/libbpf_probes.c | 3 ---; tools/lib/bpf/netlink.c | 3 ---; tools/lib/bpf/nlattr.c | 9 +++------; tools/lib/bpf/ringbuf.c | 3 ---; tools/lib/bpf/xsk.c | 3 ---; 12 files changed, 13 insertions(+), 33 deletions(-)","The commit centralizes identifier poisoning in libbpf_internal.h and adds reallocarray to a poisoning list for safer coding.","libbpf, poisoning, reallocarray","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"7084566a236fbc98beb11430d8d67dd08b2ac151","7084566a236fbc98beb11430d8d67dd08b2ac151","Andrii Nakryiko","andriin@fb.com","1597800965","Alexei Starovoitov","ast@kernel.org","1597801105","aadfd16122367ca5ea11b4084d12007d8c47ad58","029258d7b22894fabcecb1626e1b87d18a6823f4","tools/bpftool: Remove libbpf_internal.h usage in bpftool Most netlink-related functions were unique to bpftool usage, so I moved them into net.c. Few functions are still used by both bpftool and libbpf itself internally, so I've copy-pasted them (libbpf_nl_get_link, libbpf_netlink_open). It's a bit of duplication of code, but better separation of libbpf as a library with public API and bpftool, relying on unexposed functions in libbpf. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200819013607.3607269-3-andriin@fb.com","tools/bpf/bpftool/gen.c | 2 -; tools/bpf/bpftool/net.c | 299 +++++++++++++++++++++++++++++++++++++---; tools/lib/bpf/libbpf_internal.h | 12 --; tools/lib/bpf/netlink.c | 125 +----------------; 4 files changed, 288 insertions(+), 150 deletions(-)","The commit removes libbpf_internal.h usage in bpftool and reorganizes netlink-related functions for better separation between bpftool and libbpf.","bpftool,libbpf,netlink","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"029258d7b22894fabcecb1626e1b87d18a6823f4","029258d7b22894fabcecb1626e1b87d18a6823f4","Andrii Nakryiko","andriin@fb.com","1597800964","Alexei Starovoitov","ast@kernel.org","1597801105","15b1b7ecf8e298c62341d0d81578763d69216511","00b2e95325f8c9dd56a7dae691b01e321838a557","libbpf: Remove any use of reallocarray() in libbpf Re-implement glibc's reallocarray() for libbpf internal-only use. reallocarray(), unfortunately, is not available in all versions of glibc, so requires extra feature detection and using reallocarray() stub from and COMPAT_NEED_REALLOCARRAY. All this complicates build of libbpf unnecessarily and is just a maintenance burden. Instead, it's trivial to implement libbpf-specific internal version and use it throughout libbpf. Which is what this patch does, along with converting some realloc() uses that should really have been reallocarray() in the first place. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200819013607.3607269-2-andriin@fb.com","tools/lib/bpf/Makefile | 6 +-----; tools/lib/bpf/btf.c | 11 +++++------; tools/lib/bpf/btf_dump.c | 6 ++----; tools/lib/bpf/libbpf.c | 21 ++++++++++-----------; tools/lib/bpf/libbpf_internal.h | 25 +++++++++++++++++++++++++; tools/lib/bpf/ringbuf.c | 5 ++---; 6 files changed, 45 insertions(+), 29 deletions(-)","The commit replaces reallocarray() with a libbpf-specific internal version to simplify the build process and maintenance of libbpf.","libbpf reallocation maintenance","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"00b2e95325f8c9dd56a7dae691b01e321838a557","00b2e95325f8c9dd56a7dae691b01e321838a557","Andrii Nakryiko","andriin@fb.com","1597790356","Alexei Starovoitov","ast@kernel.org","1597799566","2517471013a88dcb224eb6aabdc7160b409487a5","353c788c2054257359114f12827d86f8e3332e10","selftests/bpf: Add test validating failure on ambiguous relocation value Add test simulating ambiguous field size relocation, while fields themselves are at the exact same offset. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200818223921.2911963-5-andriin@fb.com",".../testing/selftests/bpf/prog_tests/core_reloc.c | 1 +; .../progs/btf__core_reloc_size___err_ambiguous.c | 4 ++++; .../testing/selftests/bpf/progs/core_reloc_types.h | 25 ++++++++++++++++++++++; 3 files changed, 30 insertions(+)","This commit adds a test to validate failure on ambiguous relocation value in eBPF selftests.","selftests,bpf,relocation","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"353c788c2054257359114f12827d86f8e3332e10","353c788c2054257359114f12827d86f8e3332e10","Andrii Nakryiko","andriin@fb.com","1597790355","Alexei Starovoitov","ast@kernel.org","1597799565","76da039698fb3c846183f722e82f3d03c854200d","28b93c64499ae09d9dc8c04123b15f8654a93c4c","libbpf: Improve relocation ambiguity detection Split the instruction patching logic into relocation value calculation and application of relocation to instruction. Using this, evaluate relocation against each matching candidate and validate that all candidates agree on relocated value. If not, report ambiguity and fail load. This logic is necessary to avoid dangerous (however unlikely) accidental match against two incompatible candidate types. Without this change, libbpf will pick a random type as *the* candidate and apply potentially invalid relocation. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200818223921.2911963-4-andriin@fb.com","tools/lib/bpf/libbpf.c | 170 ++++++++++++++++++++++++++++++++++++-------------; 1 file changed, 124 insertions(+), 46 deletions(-)","The commit refactors libbpf to improve relocation ambiguity detection by splitting and validating relocation logic.","relocation,libbpf,refactor","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"28b93c64499ae09d9dc8c04123b15f8654a93c4c","28b93c64499ae09d9dc8c04123b15f8654a93c4c","Andrii Nakryiko","andriin@fb.com","1597790354","Alexei Starovoitov","ast@kernel.org","1597799565","2bd626b180c389f75f281501b213c059c132bb6e","81ba0889027505b7d5136319117e473a69a923c4","libbpf: Clean up and improve CO-RE reloc logging Add logging of local/target type kind (struct/union/typedef/etc). Preserve unresolved root type ID (for cases of typedef). Improve the format of CO-RE reloc spec output format to contain only relevant and succinct info. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200818223921.2911963-3-andriin@fb.com","tools/lib/bpf/btf.c | 17 ++---; tools/lib/bpf/btf.h | 38 ---------; tools/lib/bpf/libbpf.c | 165 +++++++++++++++++++++++++---------------; tools/lib/bpf/libbpf_internal.h | 78 ++++++++++++++-----; 4 files changed, 169 insertions(+), 129 deletions(-)","This commit cleans up and improves logging for CO-RE relocations in libbpf, including better type kind logging and unresolved root type ID preservation.","libbpf, CO-RE, logging","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"81ba0889027505b7d5136319117e473a69a923c4","81ba0889027505b7d5136319117e473a69a923c4","Andrii Nakryiko","andriin@fb.com","1597790353","Alexei Starovoitov","ast@kernel.org","1597799565","957ecedc2c468935e1507297557bbcf4d3f35b60","a12a625ce7db91c8904233d6bec31c2cc935001f","libbpf: Improve error logging for mismatched BTF kind cases Instead of printing out integer value of BTF kind, print out a string representation of a kind. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200818223921.2911963-2-andriin@fb.com","tools/lib/bpf/libbpf.c | 59 +++++++++++++++++++++++++++++++++++---------------; 1 file changed, 41 insertions(+), 18 deletions(-)","The commit enhances libbpf error messages by displaying BTF kind names instead of integers.","libbpf,BTF,error","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"00fa1d83a8b50351c830521d00135e823c46e7d0","00fa1d83a8b50351c830521d00135e823c46e7d0","Yonghong Song","yhs@fb.com","1597789392","Alexei Starovoitov","ast@kernel.org","1597797383","586aac21b3840b28a2ad2c76e13dfe7c415b2970","e60572b8d4c39572be6857d1ec91fdf979f8775f","bpftool: Handle EAGAIN error code properly in pids collection When the error code is EAGAIN, the kernel signals the user space should retry the read() operation for bpf iterators. Let us do it. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200818222312.2181675-1-yhs@fb.com","tools/bpf/bpftool/pids.c | 2 ++; 1 file changed, 2 insertions(+)","The commit updates bpftool to handle EAGAIN errors properly when collecting pids for bpf iterators.","bpftool,EAGAIN,pids","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"e60572b8d4c39572be6857d1ec91fdf979f8775f","e60572b8d4c39572be6857d1ec91fdf979f8775f","Yonghong Song","yhs@fb.com","1597789390","Alexei Starovoitov","ast@kernel.org","1597797383","d4ab349e5c3baa0fb8f2f82ba9dd804e74ada523","e679654a704e5bd676ea6446fa7b764cbabf168a","bpf: Avoid visit same object multiple times Currently when traversing all tasks, the next tid is always increased by one. This may result in visiting the same task multiple times in a pid namespace. This patch fixed the issue by seting the next tid as pid_nr_ns(pid, ns) + 1, similar to funciton next_tgid(). Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Cc: Rik van Riel Link: https://lore.kernel.org/bpf/20200818222310.2181500-1-yhs@fb.com","kernel/bpf/task_iter.c | 3 ++-; 1 file changed, 2 insertions(+), 1 deletion(-)","The patch fixes task iteration to prevent revisiting tasks multiple times within a PID namespace.","task,iteration,PIN","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","It's not related to any above. E.g. It affects a logic component in eBPF that is not listed here and not related to other events.","[""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"e679654a704e5bd676ea6446fa7b764cbabf168a","e679654a704e5bd676ea6446fa7b764cbabf168a","Yonghong Song","yhs@fb.com","1597789389","Alexei Starovoitov","ast@kernel.org","1597797383","13c485d6f9b9100e862572e26aab52a6fe06ca26","3fb1a96a91120877488071a167d26d76be4be977","bpf: Fix a rcu_sched stall issue with bpf task/task_file iterator In our production system, we observed rcu stalls when 'bpftool prog` is running. rcu: INFO: rcu_sched self-detected stall on CPU rcu: \x097-....: (20999 ticks this GP) idle=302/1/0x4000000000000000 softirq=1508852/1508852 fqs=4913 \x09(t=21031 jiffies g=2534773 q=179750) NMI backtrace for cpu 7 CPU: 7 PID: 184195 Comm: bpftool Kdump: loaded Tainted: G W 5.8.0-00004-g68bfc7f8c1b4 #6 Hardware name: Quanta Twin Lakes MP/Twin Lakes Passive MP, BIOS F09_3A17 05/03/2019 Call Trace: dump_stack+0x57/0x70 nmi_cpu_backtrace.cold+0x14/0x53 ? lapic_can_unplug_cpu.cold+0x39/0x39 nmi_trigger_cpumask_backtrace+0xb7/0xc7 rcu_dump_cpu_stacks+0xa2/0xd0 rcu_sched_clock_irq.cold+0x1ff/0x3d9 ? tick_nohz_handler+0x100/0x100 update_process_times+0x5b/0x90 tick_sched_timer+0x5e/0xf0 __hrtimer_run_queues+0x12a/0x2a0 hrtimer_interrupt+0x10e/0x280 __sysvec_apic_timer_interrupt+0x51/0xe0 asm_call_on_stack+0xf/0x20 sysvec_apic_timer_interrupt+0x6f/0x80 asm_sysvec_apic_timer_interrupt+0x12/0x20 RIP: 0010:task_file_seq_get_next+0x71/0x220 Code: 00 00 8b 53 1c 49 8b 7d 00 89 d6 48 8b 47 20 44 8b 18 41 39 d3 76 75 48 8b 4f 20 8b 01 39 d0 76 61 41 89 d1 49 39 c1 48 19 c0 <48> 8b 49 08 21 d0 48 8d 04 c1 4c 8b 08 4d 85 c9 74 46 49 8b 41 38 RSP: 0018:ffffc90006223e10 EFLAGS: 00000297 RAX: ffffffffffffffff RBX: ffff888f0d172388 RCX: ffff888c8c07c1c0 RDX: 00000000000f017b RSI: 00000000000f017b RDI: ffff888c254702c0 RBP: ffffc90006223e68 R08: ffff888be2a1c140 R09: 00000000000f017b R10: 0000000000000002 R11: 0000000000100000 R12: ffff888f23c24118 R13: ffffc90006223e60 R14: ffffffff828509a0 R15: 00000000ffffffff task_file_seq_next+0x52/0xa0 bpf_seq_read+0xb9/0x320 vfs_read+0x9d/0x180 ksys_read+0x5f/0xe0 do_syscall_64+0x38/0x60 entry_SYSCALL_64_after_hwframe+0x44/0xa9 RIP: 0033:0x7f8815f4f76e Code: c0 e9 f6 fe ff ff 55 48 8d 3d 76 70 0a 00 48 89 e5 e8 36 06 02 00 66 0f 1f 44 00 00 64 8b 04 25 18 00 00 00 85 c0 75 14 0f 05 <48> 3d 00 f0 ff ff 77 52 c3 66 0f 1f 84 00 00 00 00 00 55 48 89 e5 RSP: 002b:00007fff8f9df578 EFLAGS: 00000246 ORIG_RAX: 0000000000000000 RAX: ffffffffffffffda RBX: 000000000170b9c0 RCX: 00007f8815f4f76e RDX: 0000000000001000 RSI: 00007fff8f9df5b0 RDI: 0000000000000007 RBP: 00007fff8f9e05f0 R08: 0000000000000049 R09: 0000000000000010 R10: 00007f881601fa40 R11: 0000000000000246 R12: 00007fff8f9e05a8 R13: 00007fff8f9e05a8 R14: 0000000001917f90 R15: 000000000000e22e Note that `bpftool prog` actually calls a task_file bpf iterator program to establish an association between prog/map/link/btf anon files and processes. In the case where the above rcu stall occured, we had a process having 1587 tasks and each task having roughly 81305 files. This implied 129 million bpf prog invocations. Unfortunwtely none of these files are prog/map/link/btf files so bpf iterator/prog needs to traverse all these files and not able to return to user space since there are no seq_file buffer overflow. This patch fixed the issue in bpf_seq_read() to limit the number of visited objects. If the maximum number of visited objects is reached, no more objects will be visited in the current syscall. If there is nothing written in the seq_file buffer, -EAGAIN will return to the user so user can try again. The maximum number of visited objects is set at 1 million. In our Intel Xeon D-2191 2.3GHZ 18-core server, bpf_seq_read() visiting 1 million files takes around 0.18 seconds. We did not use cond_resched() since for some iterators, e.g., netlink iterator, where rcu read_lock critical section spans between consecutive seq_ops->next(), which makes impossible to do cond_resched() in the key while loop of function bpf_seq_read(). Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Cc: Paul E. McKenney Link: https://lore.kernel.org/bpf/20200818222309.2181348-1-yhs@fb.com","kernel/bpf/bpf_iter.c | 15 ++++++++++++++-; 1 file changed, 14 insertions(+), 1 deletion(-)","This commit resolves an RCU stall issue by limiting object visits in bpf_seq_read during iterator execution.","RCU,iterator,seq_read","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"a12a625ce7db91c8904233d6bec31c2cc935001f","a12a625ce7db91c8904233d6bec31c2cc935001f","Alexei Starovoitov","ast@kernel.org","1597796175","Alexei Starovoitov","ast@kernel.org","1597796431","c79294afedb4b82d2879dc690a9a4d844cfdaf43","65bb2e0fc5a67200db95911207ef9662aaf7ab9d 68b08647c7d56ea15114435c3023adc017d11b81","Merge branch 'libbpf-probing-improvements' Andrii Nakryiko says: ==================== This patch set refactors libbpf feature probing to be done lazily on as-needed basis, instead of proactively testing all possible features libbpf knows about. This allows to scale such detections and mitigations better, without issuing unnecessary syscalls on each bpf_object__load() call. It's also now memoized globally, instead of per-bpf_object. Building on that, libbpf will now detect availability of bpf_probe_read_kernel() helper (which means also -user and -str variants), and will sanitize BPF program code by replacing such references to generic variants (bpf_probe_read[_str]()). This allows to migrate all BPF programs into proper -kernel/-user probing helpers, without the fear of breaking them for old kernels. With that, update BPF_CORE_READ() and related macros to use bpf_probe_read_kernel(), as it doesn't make much sense to do CO-RE relocations against user-space types. And the only class of cases in which BPF program might read kernel type from user-space are UAPI data structures which by definition are fixed in their memory layout and don't need relocating. This is exemplified by test_vmlinux test, which is fixed as part of this patch set as well. BPF_CORE_READ() is useful for chainingg bpf_probe_read_{kernel,user}() calls together even without relocation, so we might add user-space variants, if there is a need. While at making libbpf more useful for older kernels, also improve handling of a complete lack of BTF support in kernel by not even attempting to load BTF info into kernel. This eliminates annoying warning about lack of BTF support in the kernel and map creation retry without BTF. If user is using features that require kernel BTF support, it will still fail, of course. ==================== Signed-off-by: Alexei Starovoitov ","","This commit refactors libbpf for lazy feature probing and better compatibility with older kernels in merging a new branch.","libbpf, probing, compatibility","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"68b08647c7d56ea15114435c3023adc017d11b81","68b08647c7d56ea15114435c3023adc017d11b81","Andrii Nakryiko","andriin@fb.com","1597786436","Alexei Starovoitov","ast@kernel.org","1597796175","c79294afedb4b82d2879dc690a9a4d844cfdaf43","70785cfb19287b4b075a266887be5e024bf1206a","libbpf: Detect minimal BTF support and skip BTF loading, if missing Detect whether a kernel supports any BTF at all, and if not, don't even attempt loading BTF to avoid unnecessary log messages like: libbpf: Error loading BTF: Invalid argument(22) libbpf: Error loading .BTF into kernel: -22. BTF is optional, ignoring. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200818213356.2629020-8-andriin@fb.com","tools/lib/bpf/libbpf.c | 27 +++++++++++++++++++++++++++; 1 file changed, 27 insertions(+)","This commit enhances libbpf to skip BTF loading if the kernel lacks BTF support, preventing unnecessary error messages.","libbpf, BTF, support","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"70785cfb19287b4b075a266887be5e024bf1206a","70785cfb19287b4b075a266887be5e024bf1206a","Andrii Nakryiko","andriin@fb.com","1597786435","Alexei Starovoitov","ast@kernel.org","1597796175","99ac4b66ad36dabb4c06daef3703720854da25f9","02f47faa25db134f6043fb6b12a68b5d4c980bb6","libbpf: Switch tracing and CO-RE helper macros to bpf_probe_read_kernel() Now that libbpf can automatically fallback to bpf_probe_read() on old kernels not yet supporting bpf_probe_read_kernel(), switch libbpf BPF-side helper macros to use appropriate BPF helper for reading kernel data. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Cc: Ilya Leoshkevich Link: https://lore.kernel.org/bpf/20200818213356.2629020-7-andriin@fb.com","tools/lib/bpf/bpf_core_read.h | 40 ++++++++++++++++++++++------------------; tools/lib/bpf/bpf_tracing.h | 4 ++--; 2 files changed, 24 insertions(+), 20 deletions(-)","The commit updates libbpf macros to use bpf_probe_read_kernel() with fallback for older kernels.","libbpf, fallback, macros","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', 'kprobe/ftrace like type kernel dynamic probe programs. It affects kernel-level probes used for tracing kernel functions. It can be other kernel probes in perf-events.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"02f47faa25db134f6043fb6b12a68b5d4c980bb6","02f47faa25db134f6043fb6b12a68b5d4c980bb6","Andrii Nakryiko","andriin@fb.com","1597786434","Alexei Starovoitov","ast@kernel.org","1597796175","82961c0dc05e1d217448e8e82bc899a24e71a340","109cea5a594f921632ca599b385aaa0575971045","selftests/bpf: Fix test_vmlinux test to use bpf_probe_read_user() The test is reading UAPI kernel structure from user-space. So it doesn't need CO-RE relocations and has to use bpf_probe_read_user(). Fixes: acbd06206bbb (""selftests/bpf: Add vmlinux.h selftest exercising tracing of syscalls"") Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200818213356.2629020-6-andriin@fb.com","tools/testing/selftests/bpf/progs/test_vmlinux.c | 12 +++++++++---; 1 file changed, 9 insertions(+), 3 deletions(-)","The commit fixes a test to use bpf_probe_read_user instead of requiring CO-RE relocations for reading UAPI kernel structures from user-space.","selftests,bpf_probe_read_user,vmlinux","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.']" +"109cea5a594f921632ca599b385aaa0575971045","109cea5a594f921632ca599b385aaa0575971045","Andrii Nakryiko","andriin@fb.com","1597786433","Alexei Starovoitov","ast@kernel.org","1597796175","58f00ffee0aeb132a3db6ccb550902d1b4054130","bb180fb2401dfed0ba85699064e60d62af351ff9","libbpf: Sanitize BPF program code for bpf_probe_read_{kernel, user}[_str] Add BPF program code sanitization pass, replacing calls to BPF bpf_probe_read_{kernel,user}[_str]() helpers with bpf_probe_read[_str](), if libbpf detects that kernel doesn't support new variants. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200818213356.2629020-5-andriin@fb.com","tools/lib/bpf/libbpf.c | 80 ++++++++++++++++++++++++++++++++++++++++++++++++++; 1 file changed, 80 insertions(+)","The commit adds BPF program code sanitization to handle kernel support variations in helper functions in libbpf.","libbpf,sanitize,BPF","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"bb180fb2401dfed0ba85699064e60d62af351ff9","bb180fb2401dfed0ba85699064e60d62af351ff9","Andrii Nakryiko","andriin@fb.com","1597786432","Alexei Starovoitov","ast@kernel.org","1597796175","0c6ba401827dad65fc08dddd000da2ff60e138d1","47b6cb4d0add454859f386337e6079e01ac7db8f","libbpf: Factor out common logic of testing and closing FD Factor out common piece of logic that detects support for a feature based on successfully created FD. Also take care of closing FD, if it was created. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200818213356.2629020-4-andriin@fb.com","tools/lib/bpf/libbpf.c | 70 ++++++++++++--------------------------------------; 1 file changed, 17 insertions(+), 53 deletions(-)","Refactored common logic for feature support detection and file descriptor closing in libbpf.","libbpf,fd,refactor","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"47b6cb4d0add454859f386337e6079e01ac7db8f","47b6cb4d0add454859f386337e6079e01ac7db8f","Andrii Nakryiko","andriin@fb.com","1597786431","Alexei Starovoitov","ast@kernel.org","1597796175","b7c2e6477cdb0fca2e552933bde58fef27bfbd68","8d708236058601f1b08b0ca2a1cd9fff28034416","libbpf: Make kernel feature probing lazy Turn libbpf's kernel feature probing into lazily-performed checks. This allows to skip performing unnecessary feature checks, if a given BPF application doesn't rely on a particular kernel feature. As we grow number of feature probes, libbpf might perform less unnecessary syscalls and scale better with number of feature probes long-term. By decoupling feature checks from bpf_object, it's also possible to perform feature probing from libbpf static helpers and low-level APIs, if necessary. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200818213356.2629020-3-andriin@fb.com","tools/lib/bpf/libbpf.c | 150 ++++++++++++++++++++++++++++---------------------; 1 file changed, 86 insertions(+), 64 deletions(-)","The commit enhances libbpf by implementing lazy kernel feature probing to reduce unnecessary checks and syscalls.","libbpf,feature probing,optimizations","A performance optimization. It improves the performance of existing code such as reducing latency or improving throughput.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"8d708236058601f1b08b0ca2a1cd9fff28034416","8d708236058601f1b08b0ca2a1cd9fff28034416","Andrii Nakryiko","andriin@fb.com","1597786430","Alexei Starovoitov","ast@kernel.org","1597796175","a63a619bc9aa72891cb2b26374ef193b922beec2","65bb2e0fc5a67200db95911207ef9662aaf7ab9d","libbpf: Disable -Wswitch-enum compiler warning That compilation warning is more annoying, than helpful. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200818213356.2629020-2-andriin@fb.com","tools/lib/bpf/Makefile | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","The commit disables the -Wswitch-enum compiler warning in libbpf due to its annoyances.","libbpf, -Wswitch-enum, compiler","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"65bb2e0fc5a67200db95911207ef9662aaf7ab9d","65bb2e0fc5a67200db95911207ef9662aaf7ab9d","Xu Wang","vulab@iscas.ac.cn","1597734971","Alexei Starovoitov","ast@kernel.org","1597795860","219ed315a21db6a44cb3e74fe2584e2adbbec84a","2bf8c7e735ac8ab81eebd672caee41c77ec1b793","libbpf: Convert comma to semicolon Replace a comma between expression statements by a semicolon. Signed-off-by: Xu Wang Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200818071611.21923-1-vulab@iscas.ac.cn","tools/lib/bpf/libbpf.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","The commit replaces a comma with a semicolon in libbpf.c for correct expression syntax.","libbpf,semicolon,syntax","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"2bf8c7e735ac8ab81eebd672caee41c77ec1b793","2bf8c7e735ac8ab81eebd672caee41c77ec1b793","Daniel T. Lee","danieltimlee@gmail.com","1597727801","Alexei Starovoitov","ast@kernel.org","1597795803","b15eb8e2507ee71de81a04ac9bb4ac7b62e4d3ad","e3ec1e8ca02b7e6c935bba3f9b6da86c2e57d2eb","samples: bpf: Fix broken bpf programs due to removed symbol >From commit f1394b798814 (""block: mark blk_account_io_completion static"") symbol blk_account_io_completion() has been marked as static, which makes it no longer possible to attach kprobe to this event. Currently, there are broken samples due to this reason. As a solution to this, attach kprobe events to blk_account_io_done() to modify them to perform the same behavior as before. Signed-off-by: Daniel T. Lee Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200818051641.21724-1-danieltimlee@gmail.com","samples/bpf/task_fd_query_kern.c | 2 +-; samples/bpf/task_fd_query_user.c | 2 +-; samples/bpf/tracex3_kern.c | 2 +-; 3 files changed, 3 insertions(+), 3 deletions(-)","The commit fixes broken eBPF samples by updating kprobe attachments due to a symbol being marked as static.","bpf,kprobe,symbol","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['kprobe/ftrace like type kernel dynamic probe programs. It affects kernel-level probes used for tracing kernel functions. It can be other kernel probes in perf-events.']" +"3fb1a96a91120877488071a167d26d76be4be977","3fb1a96a91120877488071a167d26d76be4be977","Andrii Nakryiko","andriin@fb.com","1597769096","Alexei Starovoitov","ast@kernel.org","1597770172","be7f1711c23b8fab9b1b0acd22b2e12bc542c35e","cf28f3bbfca097d956f9021cb710dfad56adcc62","libbpf: Fix build on ppc64le architecture On ppc64le we get the following warning: In file included from btf_dump.c:16:0: btf_dump.c: In function ‘btf_dump_emit_struct_def’: ../include/linux/kernel.h:20:17: error: comparison of distinct pointer types lacks a cast [-Werror] (void) (&_max1 == &_max2); \ ^ btf_dump.c:882:11: note: in expansion of macro ‘max’ m_sz = max(0LL, btf__resolve_size(d->btf, m->type)); ^~~ Fix by explicitly casting to __s64, which is a return type from btf__resolve_size(). Fixes: 702eddc77a90 (""libbpf: Handle GCC built-in types for Arm NEON"") Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200818164456.1181661-1-andriin@fb.com","tools/lib/bpf/btf_dump.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Fixes PPC64LE architecture build warning by casting comparison pointers in libbpf.","Casting PPC64LE libbpf","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"cf28f3bbfca097d956f9021cb710dfad56adcc62","cf28f3bbfca097d956f9021cb710dfad56adcc62","Yonghong Song","yhs@fb.com","1597686134","Alexei Starovoitov","ast@kernel.org","1597700578","81cc36a94cc3d48b11364f133e34e8b9217a2f6b","7f9bf6e82461b97ce43a912cb4a959c5a41367ac","bpf: Use get_file_rcu() instead of get_file() for task_file iterator With latest `bpftool prog` command, we observed the following kernel panic. BUG: kernel NULL pointer dereference, address: 0000000000000000 #PF: supervisor instruction fetch in kernel mode #PF: error_code(0x0010) - not-present page PGD dfe894067 P4D dfe894067 PUD deb663067 PMD 0 Oops: 0010 [#1] SMP CPU: 9 PID: 6023 ... RIP: 0010:0x0 Code: Bad RIP value. RSP: 0000:ffffc900002b8f18 EFLAGS: 00010286 RAX: ffff8883a405f400 RBX: ffff888e46a6bf00 RCX: 000000008020000c RDX: 0000000000000000 RSI: 0000000000000001 RDI: ffff8883a405f400 RBP: ffff888e46a6bf50 R08: 0000000000000000 R09: ffffffff81129600 R10: ffff8883a405f300 R11: 0000160000000000 R12: 0000000000002710 R13: 000000e9494b690c R14: 0000000000000202 R15: 0000000000000009 FS: 00007fd9187fe700(0000) GS:ffff888e46a40000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: ffffffffffffffd6 CR3: 0000000de5d33002 CR4: 0000000000360ee0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: rcu_core+0x1a4/0x440 __do_softirq+0xd3/0x2c8 irq_exit+0x9d/0xa0 smp_apic_timer_interrupt+0x68/0x120 apic_timer_interrupt+0xf/0x20 RIP: 0033:0x47ce80 Code: Bad RIP value. RSP: 002b:00007fd9187fba40 EFLAGS: 00000206 ORIG_RAX: ffffffffffffff13 RAX: 0000000000000002 RBX: 00007fd931789160 RCX: 000000000000010c RDX: 00007fd9308cdfb4 RSI: 00007fd9308cdfb4 RDI: 00007ffedd1ea0a8 RBP: 00007fd9187fbab0 R08: 000000000000000e R09: 000000000000002a R10: 0000000000480210 R11: 00007fd9187fc570 R12: 00007fd9316cc400 R13: 0000000000000118 R14: 00007fd9308cdfb4 R15: 00007fd9317a9380 After further analysis, the bug is triggered by Commit eaaacd23910f (""bpf: Add task and task/file iterator targets"") which introduced task_file bpf iterator, which traverses all open file descriptors for all tasks in the current namespace. The latest `bpftool prog` calls a task_file bpf program to traverse all files in the system in order to associate processes with progs/maps, etc. When traversing files for a given task, rcu read_lock is taken to access all files in a file_struct. But it used get_file() to grab a file, which is not right. It is possible file->f_count is 0 and get_file() will unconditionally increase it. Later put_file() may cause all kind of issues with the above as one of sympotoms. The failure can be reproduced with the following steps in a few seconds: $ cat t.c #include #include #include #include #include #define N 10000 int fd[N]; int main() { int i; for (i = 0; i < N; i++) { fd[i] = open(""./note.txt"", 'r'); if (fd[i] < 0) { fprintf(stderr, ""failed\n""); return -1; } } for (i = 0; i < N; i++) close(fd[i]); return 0; } $ gcc -O2 t.c $ cat run.sh #/bin/bash for i in {1..100} do while true; do ./a.out; done & done $ ./run.sh $ while true; do bpftool prog >& /dev/null; done This patch used get_file_rcu() which only grabs a file if the file->f_count is not zero. This is to ensure the file pointer is always valid. The above reproducer did not fail for more than 30 minutes. Fixes: eaaacd23910f (""bpf: Add task and task/file iterator targets"") Suggested-by: Josef Bacik Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Reviewed-by: Josef Bacik Link: https://lore.kernel.org/bpf/20200817174214.252601-1-yhs@fb.com","kernel/bpf/task_iter.c | 3 ++-; 1 file changed, 2 insertions(+), 1 deletion(-)","Fixed a null pointer dereference in task_file bpf iterator by using get_file_rcu() instead of get_file().","bpf, iterator, kernel","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"1d4f5c15cf65ef10c67558d8906af5f2b08021cb","1d4f5c15cf65ef10c67558d8906af5f2b08021cb","Lee Jones","lee.jones@linaro.org","1597405163","Kalle Valo","kvalo@codeaurora.org","1597659618","471113734ea0586805235a17b1403b9432e906ae","691c7a4d4fd70f8a7b2b9057e0a72ddc06a30fdb","ath5k: Fix kerneldoc formatting issue Kerneldoc expects attributes/parameters to be in '@*.: ' format and gets confused if the variable does not follow the type/attribute definitions. Fixes the following W=1 kernel build warning(s): drivers/net/wireless/ath/ath5k/base.c:1111: warning: Function parameter or member 'ah' not described in 'ath5k_drain_tx_buffs' Cc: Jiri Slaby Cc: Nick Kossifidis Cc: Luis Chamberlain Cc: Kalle Valo Cc: ""David S. Miller"" Cc: Jakub Kicinski Cc: Alexei Starovoitov Cc: Daniel Borkmann Cc: Jesper Dangaard Brouer Cc: John Fastabend Cc: ""Luis R. Rodriguez"" Cc: linux-wireless@vger.kernel.org Cc: netdev@vger.kernel.org Cc: bpf@vger.kernel.org Signed-off-by: Lee Jones Signed-off-by: Kalle Valo Link: https://lore.kernel.org/r/20200814113933.1903438-21-lee.jones@linaro.org","drivers/net/wireless/ath/ath5k/base.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Fixes a kerneldoc formatting issue in the ath5k driver to eliminate build warnings.","kerneldoc, ath5k, formatting","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"10a3b7c1c35e061d426d1e6a0d0c9ef434bae143","10a3b7c1c35e061d426d1e6a0d0c9ef434bae143","David S. Miller","davem@davemloft.net","1597450343","David S. Miller","davem@davemloft.net","1597450343","07317ff5ace6ea15c954edd455632e0311054fde","c6165cf0dbb82ded90163dce3ac183fc7a913dc4 4fccd2ff74fbad222c69c7604307e0773a37ab8d","Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf Daniel Borkmann says: ==================== pull-request: bpf 2020-08-15 The following pull-request contains BPF updates for your *net* tree. We've added 23 non-merge commits during the last 4 day(s) which contain a total of 32 files changed, 421 insertions(+), 141 deletions(-). The main changes are: 1) Fix sock_ops ctx access splat due to register override, from John Fastabend. 2) Batch of various fixes to libbpf, bpftool, and selftests when testing build in 32-bit mode, from Andrii Nakryiko. 3) Fix vmlinux.h generation on ARM by mapping GCC built-in types (__Poly*_t) to equivalent ones clang can work with, from Jean-Philippe Brucker. 4) Fix build_id lookup in bpf_get_stackid() helper by walking all NOTE ELF sections instead of just first, from Jiri Olsa. 5) Avoid use of __builtin_offsetof() in libbpf for CO-RE, from Yonghong Song. 6) Fix segfault in test_mmap due to inconsistent length params, from Jianlin Lv. 7) Don't override errno in libbpf when logging errors, from Toke Høiland-Jørgensen. 8) Fix v4_to_v6 sockaddr conversion in sk_lookup test, from Stanislav Fomichev. 9) Add link to bpf-helpers(7) man page to BPF doc, from Joe Stringer. ==================== Signed-off-by: David S. Miller ","","The commit merges multiple updates and fixes to the BPF subsystem affecting various components including libbpf, bpftool, and selftests.","merge, BPF, fixes","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"4fccd2ff74fbad222c69c7604307e0773a37ab8d","4fccd2ff74fbad222c69c7604307e0773a37ab8d","Andrii Nakryiko","andriin@fb.com","1597351785","Alexei Starovoitov","ast@kernel.org","1597362341","29871d1e9eaaf2461ebc6e47b21b2587a1e0e1ea","0f993845d723c87656552837b412994d6086f086","selftests/bpf: Make test_varlen work with 32-bit user-space arch Despite bpftool generating data section memory layout that will work for 32-bit architectures on user-space side, BPF programs should be careful to not use ambiguous types like `long`, which have different size in 32-bit and 64-bit environments. Fix that in test by using __u64 explicitly, which is a recommended approach anyway. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200813204945.1020225-10-andriin@fb.com","tools/testing/selftests/bpf/prog_tests/varlen.c | 8 ++++----; tools/testing/selftests/bpf/progs/test_varlen.c | 6 +++---; 2 files changed, 7 insertions(+), 7 deletions(-)","This commit modifies BPF tests for compatibility with 32-bit user-space architectures using explicit data types.","BPF,test,32-bit","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"0f993845d723c87656552837b412994d6086f086","0f993845d723c87656552837b412994d6086f086","Andrii Nakryiko","andriin@fb.com","1597351784","Alexei Starovoitov","ast@kernel.org","1597362341","bf9c93f669615a61b4dbdcfa2e400fee402bdc73","5705d705832f74395c5465ce93192688f543006a","tools/bpftool: Generate data section struct with conservative alignment The comment in the code describes this in good details. Generate such a memory layout that would work both on 32-bit and 64-bit architectures for user-space. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200813204945.1020225-9-andriin@fb.com","tools/bpf/bpftool/gen.c | 14 ++++++++++++++; 1 file changed, 14 insertions(+)","This commit updates bpftool to generate a data section struct with conservative alignment for compatibility across 32-bit and 64-bit architectures.","bpftool,data section,alignment","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"5705d705832f74395c5465ce93192688f543006a","5705d705832f74395c5465ce93192688f543006a","Andrii Nakryiko","andriin@fb.com","1597351783","Alexei Starovoitov","ast@kernel.org","1597362341","dd1f3b6359b07a6ca234f35c255f828fd159c0e1","4c01925f583eaa7d9d003dc87a4b75b8140b4ff6","selftests/bpf: Correct various core_reloc 64-bit assumptions Ensure that types are memory layout- and field alignment-compatible regardless of 32/64-bitness mix of libbpf and BPF architecture. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200813204945.1020225-8-andriin@fb.com",".../testing/selftests/bpf/prog_tests/core_reloc.c | 20 +++----; .../testing/selftests/bpf/progs/core_reloc_types.h | 69 ++++++++++++----------; 2 files changed, 47 insertions(+), 42 deletions(-)","This commit makes core_reloc selftests compatible across mixed 32/64-bit environments.","core_reloc,selftests,compatibility","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"4c01925f583eaa7d9d003dc87a4b75b8140b4ff6","4c01925f583eaa7d9d003dc87a4b75b8140b4ff6","Andrii Nakryiko","andriin@fb.com","1597351782","Alexei Starovoitov","ast@kernel.org","1597362341","86d5cd277a6ebb83aa6dbfb7ab4a950f5cd22a32","eed7818adf03e874994b966aa33bc00204dd275a","libbpf: Enforce 64-bitness of BTF for BPF object files BPF object files are always targeting 64-bit BPF target architecture, so enforce that at BTF level as well. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200813204945.1020225-7-andriin@fb.com","tools/lib/bpf/libbpf.c | 4 ++++; 1 file changed, 4 insertions(+)","This commit enforces 64-bit BTF compliance for BPF object files in the libbpf library.","libbpf,BTF,64-bit","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"eed7818adf03e874994b966aa33bc00204dd275a","eed7818adf03e874994b966aa33bc00204dd275a","Andrii Nakryiko","andriin@fb.com","1597351781","Alexei Starovoitov","ast@kernel.org","1597362341","0134a65b8aed1982edac479c6edc59e9e8da5a51","44ad23dfbccbcd26d6ca504eba1ac55755864969","selftests/bpf: Fix btf_dump test cases on 32-bit arches Fix btf_dump test cases by hard-coding BPF's pointer size of 8 bytes for cases where it's impossible to deterimne the pointer size (no long type in BTF). In cases where it's known, validate libbpf correctly determines it as 8. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200813204945.1020225-6-andriin@fb.com","tools/testing/selftests/bpf/prog_tests/btf_dump.c | 27 +++++++++++++++++------; 1 file changed, 20 insertions(+), 7 deletions(-)","Fixes btf_dump test cases on 32-bit architectures by hard-coding BPF's pointer size and validating it.","btf_dump,test,32-bit","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"44ad23dfbccbcd26d6ca504eba1ac55755864969","44ad23dfbccbcd26d6ca504eba1ac55755864969","Andrii Nakryiko","andriin@fb.com","1597351780","Alexei Starovoitov","ast@kernel.org","1597362341","c084f7613c5f37093196b24f057fe96657a24aae","15728ad3e71c120278105f20fa65b3735e715e0f","libbpf: Handle BTF pointer sizes more carefully With libbpf and BTF it is pretty common to have libbpf built for one architecture, while BTF information was generated for a different architecture (typically, but not always, BPF). In such case, the size of a pointer might differ betweem architectures. libbpf previously was always making an assumption that pointer size for BTF is the same as native architecture pointer size, but that breaks for cases where libbpf is built as 32-bit library, while BTF is for 64-bit architecture. To solve this, add heuristic to determine pointer size by searching for `long` or `unsigned long` integer type and using its size as a pointer size. Also, allow to override the pointer size with a new API btf__set_pointer_size(), for cases where application knows which pointer size should be used. User application can check what libbpf ""guessed"" by looking at the result of btf__pointer_size(). If it's not 0, then libbpf successfully determined a pointer size, otherwise native arch pointer size will be used. For cases where BTF is parsed from ELF file, use ELF's class (32-bit or 64-bit) to determine pointer size. Fixes: 8a138aed4a80 (""bpf: btf: Add BTF support to libbpf"") Fixes: 351131b51c7a (""libbpf: add btf_dump API for BTF-to-C conversion"") Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200813204945.1020225-5-andriin@fb.com","tools/lib/bpf/btf.c | 83 ++++++++++++++++++++++++++++++++++++++++++++++--; tools/lib/bpf/btf.h | 2 ++; tools/lib/bpf/btf_dump.c | 4 ++-; tools/lib/bpf/libbpf.map | 2 ++; 4 files changed, 87 insertions(+), 4 deletions(-)","This commit improves libbpf by heuristically determining and allowing override of BTF pointer sizes for cross-architecture compatibility.","libbpf,BTF,pointer","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"15728ad3e71c120278105f20fa65b3735e715e0f","15728ad3e71c120278105f20fa65b3735e715e0f","Andrii Nakryiko","andriin@fb.com","1597351779","Alexei Starovoitov","ast@kernel.org","1597362341","e3535002fcf2fec5cddcf456ed3a54318289a689","9028bbcc3e12510cac13a9554f1a1e39667a4387","libbpf: Fix BTF-defined map-in-map initialization on 32-bit host arches Libbpf built in 32-bit mode should be careful about not conflating 64-bit BPF pointers in BPF ELF file and host architecture pointers. This patch fixes issue of incorrect initializating of map-in-map inner map slots due to such difference. Fixes: 646f02ffdd49 (""libbpf: Add BTF-defined map-in-map support"") Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200813204945.1020225-4-andriin@fb.com","tools/lib/bpf/libbpf.c | 16 ++++++++++------; 1 file changed, 10 insertions(+), 6 deletions(-)","Fixes BTF-defined map-in-map initialization issue for 32-bit host architectures in libbpf.","libbpf,BTF,initialization","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"9028bbcc3e12510cac13a9554f1a1e39667a4387","9028bbcc3e12510cac13a9554f1a1e39667a4387","Andrii Nakryiko","andriin@fb.com","1597351778","Alexei Starovoitov","ast@kernel.org","1597362341","c45138d4f18ade4245fb7ae7578f1d7b9533a0e3","09f44b753a7d120becc80213c3459183c8acd26b","selftest/bpf: Fix compilation warnings in 32-bit mode Fix compilation warnings emitted when compiling selftests for 32-bit platform (x86 in my case). Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200813204945.1020225-3-andriin@fb.com","tools/testing/selftests/bpf/prog_tests/bpf_obj_id.c | 8 ++++----; tools/testing/selftests/bpf/prog_tests/core_extern.c | 4 ++--; tools/testing/selftests/bpf/prog_tests/fexit_bpf2bpf.c | 6 +++---; tools/testing/selftests/bpf/prog_tests/flow_dissector.c | 2 +-; tools/testing/selftests/bpf/prog_tests/global_data.c | 6 +++---; tools/testing/selftests/bpf/prog_tests/prog_run_xattr.c | 2 +-; tools/testing/selftests/bpf/prog_tests/skb_ctx.c | 2 +-; tools/testing/selftests/bpf/test_btf.c | 8 ++++----; tools/testing/selftests/bpf/test_progs.h | 5 +++++; 9 files changed, 24 insertions(+), 19 deletions(-)","This commit fixes compilation warnings for selftests on 32-bit platforms.","compilation,warnings,selftests","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"09f44b753a7d120becc80213c3459183c8acd26b","09f44b753a7d120becc80213c3459183c8acd26b","Andrii Nakryiko","andriin@fb.com","1597351777","Alexei Starovoitov","ast@kernel.org","1597362341","797f74576998705a3d14183972e8bc227eef0793","a62f68c172c3954a78c9dbf7e68496c3e9c22aaf","tools/bpftool: Fix compilation warnings in 32-bit mode Fix few compilation warnings in bpftool when compiling in 32-bit mode. Abstract away u64 to pointer conversion into a helper function. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200813204945.1020225-2-andriin@fb.com","tools/bpf/bpftool/btf_dumper.c | 2 +-; tools/bpf/bpftool/link.c | 4 ++--; tools/bpf/bpftool/main.h | 10 +++++++++-; tools/bpf/bpftool/prog.c | 16 ++++++++--------; 4 files changed, 20 insertions(+), 12 deletions(-)","Fix compilation warnings in bpftool for 32-bit mode by abstracting u64 to pointer conversion into a helper function.","bpftool, warnings, 32-bit","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"a62f68c172c3954a78c9dbf7e68496c3e9c22aaf","a62f68c172c3954a78c9dbf7e68496c3e9c22aaf","Joe Stringer","joe@wand.net.nz","1597342087","Daniel Borkmann","daniel@iogearbox.net","1597351686","7d6ac54b166edcf78f278c0558a4787008856f68","9efa9e499799f939968aff1123cc7e8184960e48","doc: Add link to bpf helpers man page The bpf-helpers(7) man pages provide an invaluable description of the functions that an eBPF program can call at runtime. Link them here. Signed-off-by: Joe Stringer Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200813180807.2821735-1-joe@wand.net.nz","Documentation/bpf/index.rst | 7 +++++++; 1 file changed, 7 insertions(+)","The commit adds a link to the bpf helpers man page in the BPF documentation.","documentation, bpf-helpers, link","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","I'm not sure about the implementation component of the commit. The component affected by It is unclear.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"9efa9e499799f939968aff1123cc7e8184960e48","9efa9e499799f939968aff1123cc7e8184960e48","John Fastabend","john.fastabend@gmail.com","1597183553","Daniel Borkmann","daniel@iogearbox.net","1597351243","e3520d1a2f1dbaefcd4f6674a29997076c1d9194","8e0c1517565f06027b68caf2875620ddf6914eee","bpf, selftests: Add tests to sock_ops for loading sk Add tests to directly accesse sock_ops sk field. Then use it to ensure a bad pointer access will fault if something goes wrong. We do three tests: The first test ensures when we read sock_ops sk pointer into the same register that we don't fault as described earlier. Here r9 is chosen as the temp register. The xlated code is, 36: (7b) *(u64 *)(r1 +32) = r9 37: (61) r9 = *(u32 *)(r1 +28) 38: (15) if r9 == 0x0 goto pc+3 39: (79) r9 = *(u64 *)(r1 +32) 40: (79) r1 = *(u64 *)(r1 +0) 41: (05) goto pc+1 42: (79) r9 = *(u64 *)(r1 +32) The second test ensures the temp register selection does not collide with in-use register r9. Shown here r8 is chosen because r9 is the sock_ops pointer. The xlated code is as follows, 46: (7b) *(u64 *)(r9 +32) = r8 47: (61) r8 = *(u32 *)(r9 +28) 48: (15) if r8 == 0x0 goto pc+3 49: (79) r8 = *(u64 *)(r9 +32) 50: (79) r9 = *(u64 *)(r9 +0) 51: (05) goto pc+1 52: (79) r8 = *(u64 *)(r9 +32) And finally, ensure we didn't break the base case where dst_reg does not equal the source register, 56: (61) r2 = *(u32 *)(r1 +28) 57: (15) if r2 == 0x0 goto pc+1 58: (79) r2 = *(u64 *)(r1 +0) Notice it takes us an extra four instructions when src reg is the same as dst reg. One to save the reg, two to restore depending on the branch taken and a goto to jump over the second restore. Signed-off-by: John Fastabend Signed-off-by: Daniel Borkmann Acked-by: Song Liu Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/159718355325.4728.4163036953345999636.stgit@john-Precision-5820-Tower",".../testing/selftests/bpf/progs/test_tcpbpf_kern.c | 21 +++++++++++++++++++++; 1 file changed, 21 insertions(+)","Add tests to verify correct access and fault handling in sock_ops sk field in eBPF selftests.","tests,sock_ops,sk","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"8e0c1517565f06027b68caf2875620ddf6914eee","8e0c1517565f06027b68caf2875620ddf6914eee","John Fastabend","john.fastabend@gmail.com","1597183533","Daniel Borkmann","daniel@iogearbox.net","1597351243","051e08414da75fce447096328062eb773690fd14","86ed4be68fdee23df4843a59f91c1ac7fc05e860","bpf, selftests: Add tests for sock_ops load with r9, r8.r7 registers Loads in sock_ops case when using high registers requires extra logic to ensure the correct temporary value is used. We need to ensure the temp register does not use either the src_reg or dst_reg. Lets add an asm test to force the logic is triggered. The xlated code is here, 30: (7b) *(u64 *)(r9 +32) = r7 31: (61) r7 = *(u32 *)(r9 +28) 32: (15) if r7 == 0x0 goto pc+2 33: (79) r7 = *(u64 *)(r9 +0) 34: (63) *(u32 *)(r7 +916) = r8 35: (79) r7 = *(u64 *)(r9 +32) Notice r9 and r8 are not used for temp registers and r7 is chosen. Signed-off-by: John Fastabend Signed-off-by: Daniel Borkmann Acked-by: Song Liu Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/159718353345.4728.8805043614257933227.stgit@john-Precision-5820-Tower","tools/testing/selftests/bpf/progs/test_tcpbpf_kern.c | 7 +++++++; 1 file changed, 7 insertions(+)","This commit adds selftests for register handling in sock_ops eBPF programs using high registers.","selftests, sock_ops, registers","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"86ed4be68fdee23df4843a59f91c1ac7fc05e860","86ed4be68fdee23df4843a59f91c1ac7fc05e860","John Fastabend","john.fastabend@gmail.com","1597183514","Daniel Borkmann","daniel@iogearbox.net","1597351243","6f5fec77b38cc8db5d5195c2c5a3512484d02b66","84f44df664e9f0e261157e16ee1acd77cc1bb78d","bpf, selftests: Add tests for ctx access in sock_ops with single register To verify fix (""bpf: sock_ops ctx access may stomp registers in corner case"") we want to force compiler to generate the following code when accessing a field with BPF_TCP_SOCK_GET_COMMON, r1 = *(u32 *)(r1 + 96) // r1 is skops ptr Rather than depend on clang to do this we add the test with inline asm to the tcpbpf test. This saves us from having to create another runner and ensures that if we break this again test_tcpbpf will crash. With above code we get the xlated code, 11: (7b) *(u64 *)(r1 +32) = r9 12: (61) r9 = *(u32 *)(r1 +28) 13: (15) if r9 == 0x0 goto pc+4 14: (79) r9 = *(u64 *)(r1 +32) 15: (79) r1 = *(u64 *)(r1 +0) 16: (61) r1 = *(u32 *)(r1 +2348) 17: (05) goto pc+1 18: (79) r9 = *(u64 *)(r1 +32) We also add the normal case where src_reg != dst_reg so we can compare code generation easily from llvm-objdump and ensure that case continues to work correctly. The normal code is xlated to, 20: (b7) r1 = 0 21: (61) r1 = *(u32 *)(r3 +28) 22: (15) if r1 == 0x0 goto pc+2 23: (79) r1 = *(u64 *)(r3 +0) 24: (61) r1 = *(u32 *)(r1 +2348) Where the temp variable is not used. Signed-off-by: John Fastabend Signed-off-by: Daniel Borkmann Acked-by: Song Liu Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/159718351457.4728.3295119261717842496.stgit@john-Precision-5820-Tower","tools/testing/selftests/bpf/progs/test_tcpbpf_kern.c | 13 +++++++++++++; 1 file changed, 13 insertions(+)","This commit adds tests for sock_ops context access in eBPF to verify register handling fixes.","selftests,sock_ops,registers","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"84f44df664e9f0e261157e16ee1acd77cc1bb78d","84f44df664e9f0e261157e16ee1acd77cc1bb78d","John Fastabend","john.fastabend@gmail.com","1597183496","Daniel Borkmann","daniel@iogearbox.net","1597351240","84f92a8a8ac3470ab9fd5cf8c531acb85529225a","fd09af010788a884de1c39537c288830c3d305db","bpf: sock_ops sk access may stomp registers when dst_reg = src_reg Similar to patch (""bpf: sock_ops ctx access may stomp registers"") if the src_reg = dst_reg when reading the sk field of a sock_ops struct we generate xlated code, 53: (61) r9 = *(u32 *)(r9 +28) 54: (15) if r9 == 0x0 goto pc+3 56: (79) r9 = *(u64 *)(r9 +0) This stomps on the r9 reg to do the sk_fullsock check and then when reading the skops->sk field instead of the sk pointer we get the sk_fullsock. To fix use similar pattern noted in the previous fix and use the temp field to save/restore a register used to do sk_fullsock check. After the fix the generated xlated code reads, 52: (7b) *(u64 *)(r9 +32) = r8 53: (61) r8 = *(u32 *)(r9 +28) 54: (15) if r9 == 0x0 goto pc+3 55: (79) r8 = *(u64 *)(r9 +32) 56: (79) r9 = *(u64 *)(r9 +0) 57: (05) goto pc+1 58: (79) r8 = *(u64 *)(r9 +32) Here r9 register was in-use so r8 is chosen as the temporary register. In line 52 r8 is saved in temp variable and at line 54 restored in case fullsock != 0. Finally we handle fullsock == 0 case by restoring at line 58. This adds a new macro SOCK_OPS_GET_SK it is almost possible to merge this with SOCK_OPS_GET_FIELD, but I found the extra branch logic a bit more confusing than just adding a new macro despite a bit of duplicating code. Fixes: 1314ef561102e (""bpf: export bpf_sock for BPF_PROG_TYPE_SOCK_OPS prog type"") Signed-off-by: John Fastabend Signed-off-by: Daniel Borkmann Acked-by: Song Liu Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/159718349653.4728.6559437186853473612.stgit@john-Precision-5820-Tower","net/core/filter.c | 49 ++++++++++++++++++++++++++++++++++++++-----------; 1 file changed, 38 insertions(+), 11 deletions(-)","This commit fixes register stomping in bpf_sock_ops structures by using a temporary register for sk field access.","bpf,sock_ops,register","A bug fix. It primarily resolves a bug or issue in the code.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"fd09af010788a884de1c39537c288830c3d305db","fd09af010788a884de1c39537c288830c3d305db","John Fastabend","john.fastabend@gmail.com","1597183477","Daniel Borkmann","daniel@iogearbox.net","1597351236","6bc405c345a1c77f34c4fc82e6cf88f6c570c203","23ab656be263813acc3c20623757d3cd1496d9e1","bpf: sock_ops ctx access may stomp registers in corner case I had a sockmap program that after doing some refactoring started spewing this splat at me: [18610.807284] BUG: unable to handle kernel NULL pointer dereference at 0000000000000001 [...] [18610.807359] Call Trace: [18610.807370] ? 0xffffffffc114d0d5 [18610.807382] __cgroup_bpf_run_filter_sock_ops+0x7d/0xb0 [18610.807391] tcp_connect+0x895/0xd50 [18610.807400] tcp_v4_connect+0x465/0x4e0 [18610.807407] __inet_stream_connect+0xd6/0x3a0 [18610.807412] ? __inet_stream_connect+0x5/0x3a0 [18610.807417] inet_stream_connect+0x3b/0x60 [18610.807425] __sys_connect+0xed/0x120 After some debugging I was able to build this simple reproducer, __section(""sockops/reproducer_bad"") int bpf_reproducer_bad(struct bpf_sock_ops *skops) { volatile __maybe_unused __u32 i = skops->snd_ssthresh; return 0; } And along the way noticed that below program ran without splat, __section(""sockops/reproducer_good"") int bpf_reproducer_good(struct bpf_sock_ops *skops) { volatile __maybe_unused __u32 i = skops->snd_ssthresh; volatile __maybe_unused __u32 family; compiler_barrier(); family = skops->family; return 0; } So I decided to check out the code we generate for the above two programs and noticed each generates the BPF code you would expect, 0000000000000000 : ; volatile __maybe_unused __u32 i = skops->snd_ssthresh; 0: r1 = *(u32 *)(r1 + 96) 1: *(u32 *)(r10 - 4) = r1 ; return 0; 2: r0 = 0 3: exit 0000000000000000 : ; volatile __maybe_unused __u32 i = skops->snd_ssthresh; 0: r2 = *(u32 *)(r1 + 96) 1: *(u32 *)(r10 - 4) = r2 ; family = skops->family; 2: r1 = *(u32 *)(r1 + 20) 3: *(u32 *)(r10 - 8) = r1 ; return 0; 4: r0 = 0 5: exit So we get reasonable assembly, but still something was causing the null pointer dereference. So, we load the programs and dump the xlated version observing that line 0 above 'r* = *(u32 *)(r1 +96)' is going to be translated by the skops access helpers. int bpf_reproducer_bad(struct bpf_sock_ops * skops): ; volatile __maybe_unused __u32 i = skops->snd_ssthresh; 0: (61) r1 = *(u32 *)(r1 +28) 1: (15) if r1 == 0x0 goto pc+2 2: (79) r1 = *(u64 *)(r1 +0) 3: (61) r1 = *(u32 *)(r1 +2340) ; volatile __maybe_unused __u32 i = skops->snd_ssthresh; 4: (63) *(u32 *)(r10 -4) = r1 ; return 0; 5: (b7) r0 = 0 6: (95) exit int bpf_reproducer_good(struct bpf_sock_ops * skops): ; volatile __maybe_unused __u32 i = skops->snd_ssthresh; 0: (61) r2 = *(u32 *)(r1 +28) 1: (15) if r2 == 0x0 goto pc+2 2: (79) r2 = *(u64 *)(r1 +0) 3: (61) r2 = *(u32 *)(r2 +2340) ; volatile __maybe_unused __u32 i = skops->snd_ssthresh; 4: (63) *(u32 *)(r10 -4) = r2 ; family = skops->family; 5: (79) r1 = *(u64 *)(r1 +0) 6: (69) r1 = *(u16 *)(r1 +16) ; family = skops->family; 7: (63) *(u32 *)(r10 -8) = r1 ; return 0; 8: (b7) r0 = 0 9: (95) exit Then we look at lines 0 and 2 above. In the good case we do the zero check in r2 and then load 'r1 + 0' at line 2. Do a quick cross-check into the bpf_sock_ops check and we can confirm that is the 'struct sock *sk' pointer field. But, in the bad case, 0: (61) r1 = *(u32 *)(r1 +28) 1: (15) if r1 == 0x0 goto pc+2 2: (79) r1 = *(u64 *)(r1 +0) Oh no, we read 'r1 +28' into r1, this is skops->fullsock and then in line 2 we read the 'r1 +0' as a pointer. Now jumping back to our spat, [18610.807284] BUG: unable to handle kernel NULL pointer dereference at 0000000000000001 The 0x01 makes sense because that is exactly the fullsock value. And its not a valid dereference so we splat. To fix we need to guard the case when a program is doing a sock_ops field access with src_reg == dst_reg. This is already handled in the load case where the ctx_access handler uses a tmp register being careful to store the old value and restore it. To fix the get case test if src_reg == dst_reg and in this case do the is_fullsock test in the temporary register. Remembering to restore the temporary register before writing to either dst_reg or src_reg to avoid smashing the pointer into the struct holding the tmp variable. Adding this inline code to test_tcpbpf_kern will now be generated correctly from, 9: r2 = *(u32 *)(r2 + 96) to xlated code, 12: (7b) *(u64 *)(r2 +32) = r9 13: (61) r9 = *(u32 *)(r2 +28) 14: (15) if r9 == 0x0 goto pc+4 15: (79) r9 = *(u64 *)(r2 +32) 16: (79) r2 = *(u64 *)(r2 +0) 17: (61) r2 = *(u32 *)(r2 +2348) 18: (05) goto pc+1 19: (79) r9 = *(u64 *)(r2 +32) And in the normal case we keep the original code, because really this is an edge case. From this, 9: r2 = *(u32 *)(r6 + 96) to xlated code, 22: (61) r2 = *(u32 *)(r6 +28) 23: (15) if r2 == 0x0 goto pc+2 24: (79) r2 = *(u64 *)(r6 +0) 25: (61) r2 = *(u32 *)(r2 +2348) So three additional instructions if dst == src register, but I scanned my current code base and did not see this pattern anywhere so should not be a big deal. Further, it seems no one else has hit this or at least reported it so it must a fairly rare pattern. Fixes: 9b1f3d6e5af29 (""bpf: Refactor sock_ops_convert_ctx_access"") Signed-off-by: John Fastabend Signed-off-by: Daniel Borkmann Acked-by: Song Liu Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/159718347772.4728.2781381670567919577.stgit@john-Precision-5820-Tower","net/core/filter.c | 26 ++++++++++++++++++++++++--; 1 file changed, 24 insertions(+), 2 deletions(-)","Fixes a corner case bug in sock_ops context access that can cause null pointer dereference in eBPF programs.","sock_ops,corner case,fix","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"23ab656be263813acc3c20623757d3cd1496d9e1","23ab656be263813acc3c20623757d3cd1496d9e1","Toke Høiland-Jørgensen","toke@redhat.com","1597328945","Daniel Borkmann","daniel@iogearbox.net","1597350631","d06549aeba7a768fb50051dde65d3d8fb616fb56","b33164f2bd1cedb094c32cb466287116164457ae","libbpf: Prevent overriding errno when logging errors Turns out there were a few more instances where libbpf didn't save the errno before writing an error message, causing errno to be overridden by the printf() return and the error disappearing if logging is enabled. Signed-off-by: Toke Høiland-Jørgensen Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200813142905.160381-1-toke@redhat.com","tools/lib/bpf/libbpf.c | 12 +++++++-----; 1 file changed, 7 insertions(+), 5 deletions(-)","libbpf was adjusted to prevent errno from being overridden when logging errors.","libbpf,errno,logging","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"fa5c893181ed2ca2f96552f50073786d2cfce6c0","fa5c893181ed2ca2f96552f50073786d2cfce6c0","Daniel Díaz","daniel.diaz@linaro.org","1597270517","Arnaldo Carvalho de Melo","acme@redhat.com","1597323619","743b11cb4587927fae70fc42a5b4c74c9d3232f4","b2fe96a350deb93d080ee7136b1e9fcf6cda83e2","tools build feature: Quote CC and CXX for their arguments When using a cross-compilation environment, such as OpenEmbedded, the CC an CXX variables are set to something more than just a command: there are arguments (such as --sysroot) that need to be passed on to the compiler so that the right set of headers and libraries are used. For the particular case that our systems detected, CC is set to the following: export CC=""aarch64-linaro-linux-gcc --sysroot=/oe/build/tmp/work/machine/perf/1.0-r9/recipe-sysroot"" Without quotes, detection is as follows: Auto-detecting system features: ... dwarf: [ OFF ] ... dwarf_getlocations: [ OFF ] ... glibc: [ OFF ] ... gtk2: [ OFF ] ... libbfd: [ OFF ] ... libcap: [ OFF ] ... libelf: [ OFF ] ... libnuma: [ OFF ] ... numa_num_possible_cpus: [ OFF ] ... libperl: [ OFF ] ... libpython: [ OFF ] ... libcrypto: [ OFF ] ... libunwind: [ OFF ] ... libdw-dwarf-unwind: [ OFF ] ... zlib: [ OFF ] ... lzma: [ OFF ] ... get_cpuid: [ OFF ] ... bpf: [ OFF ] ... libaio: [ OFF ] ... libzstd: [ OFF ] ... disassembler-four-args: [ OFF ] Makefile.config:414: *** No gnu/libc-version.h found, please install glibc-dev[el]. Stop. Makefile.perf:230: recipe for target 'sub-make' failed make[1]: *** [sub-make] Error 2 Makefile:69: recipe for target 'all' failed make: *** [all] Error 2 With CC and CXX quoted, some of those features are now detected. Fixes: e3232c2f39ac (""tools build feature: Use CC and CXX from parent"") Signed-off-by: Daniel Díaz Reviewed-by: Thomas Hebb Cc: Alexei Starovoitov Cc: Andrii Nakryiko Cc: Daniel Borkmann Cc: Jiri Olsa Cc: John Fastabend Cc: KP Singh Cc: Martin KaFai Lau Cc: Namhyung Kim Cc: Song Liu Cc: Stephane Eranian Cc: Yonghong Song Link: http://lore.kernel.org/lkml/20200812221518.2869003-1-daniel.diaz@linaro.org Signed-off-by: Arnaldo Carvalho de Melo ","tools/build/Makefile.feature | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","This commit adds quotes around CC and CXX variables for cross-compilation in the tools build feature to correctly detect system features.","tools, build, feature","A build system or CI/CD change. It affects the build process continuous integration or deployment pipelines.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"b33164f2bd1cedb094c32cb466287116164457ae","b33164f2bd1cedb094c32cb466287116164457ae","Jiri Olsa","jolsa@kernel.org","1597235462","Alexei Starovoitov","ast@kernel.org","1597281289","0670a45b2d713a2d930155d76e05eaa4a39136b1","702eddc77a905782083b14ccd05b23840675fd18","bpf: Iterate through all PT_NOTE sections when looking for build id Currently when we look for build id within bpf_get_stackid helper call, we check the first NOTE section and we fail if build id is not there. However on some system (Fedora) there can be multiple NOTE sections in binaries and build id data is not always the first one, like: $ readelf -a /usr/bin/ls ... [ 2] .note.gnu.propert NOTE 0000000000000338 00000338 0000000000000020 0000000000000000 A 0 0 8358 [ 3] .note.gnu.build-i NOTE 0000000000000358 00000358 0000000000000024 0000000000000000 A 0 0 437c [ 4] .note.ABI-tag NOTE 000000000000037c 0000037c ... So the stack_map_get_build_id function will fail on build id retrieval and fallback to BPF_STACK_BUILD_ID_IP. This patch is changing the stack_map_get_build_id code to iterate through all the NOTE sections and try to get build id data from each of them. When tracing on sched_switch tracepoint that does bpf_get_stackid helper call kernel build, I can see about 60% increase of successful build id retrieval. The rest seems fails on -EFAULT. Signed-off-by: Jiri Olsa Signed-off-by: Alexei Starovoitov Acked-by: Song Liu Link: https://lore.kernel.org/bpf/20200812123102.20032-1-jolsa@kernel.org","kernel/bpf/stackmap.c | 24 ++++++++++++++----------; 1 file changed, 14 insertions(+), 10 deletions(-)","The commit modifies stack_map_get_build_id to iterate through all PT_NOTE sections ensuring correct build ID retrieval for bpf_get_stackid helper.","build ID, stack_map_get_build_id, NOTE","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.']" +"702eddc77a905782083b14ccd05b23840675fd18","702eddc77a905782083b14ccd05b23840675fd18","Jean-Philippe Brucker","jean-philippe@linaro.org","1597243150","Alexei Starovoitov","ast@kernel.org","1597281111","a35551fc9f48c2e498a012e4c4f4b35af1130b60","8faf7fc597d59b142af41ddd4a2d59485f75f88a","libbpf: Handle GCC built-in types for Arm NEON When building Arm NEON (SIMD) code from lib/raid6/neon.uc, GCC emits DWARF information using a base type ""__Poly8_t"", which is internal to GCC and not recognized by Clang. This causes build failures when building with Clang a vmlinux.h generated from an arm64 kernel that was built with GCC. vmlinux.h:47284:9: error: unknown type name '__Poly8_t' typedef __Poly8_t poly8x16_t[16]; ^~~~~~~~~ The polyX_t types are defined as unsigned integers in the ""Arm C Language Extension"" document (101028_Q220_00_en). Emit typedefs based on standard integer types for the GCC internal types, similar to those emitted by Clang. Including linux/kernel.h to use ARRAY_SIZE() incidentally redefined max(), causing a build bug due to different types, hence the seemingly unrelated change. Reported-by: Jakov Petrina Signed-off-by: Jean-Philippe Brucker Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200812143909.3293280-1-jean-philippe@linaro.org","tools/lib/bpf/btf_dump.c | 35 ++++++++++++++++++++++++++++++++++-; 1 file changed, 34 insertions(+), 1 deletion(-)","Handle GCC built-in types for Arm NEON in libbpf to fix Clang build issues.","GCC,NEON,Clang","A build system or CI/CD change. It affects the build process continuous integration or deployment pipelines.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"8faf7fc597d59b142af41ddd4a2d59485f75f88a","8faf7fc597d59b142af41ddd4a2d59485f75f88a","Andrii Nakryiko","andriin@fb.com","1597201147","Alexei Starovoitov","ast@kernel.org","1597280985","a28cae3c9981bd366b20b36ba05b18281952ad73","068d9d1eba72423e99162aad3586727180715c2a","tools/bpftool: Make skeleton code C++17-friendly by dropping typeof() Seems like C++17 standard mode doesn't recognize typeof() anymore. This can be tested by compiling test_cpp test with -std=c++17 or -std=c++1z options. The use of typeof in skeleton generated code is unnecessary, all types are well-known at the time of code generation, so remove all typeof()'s to make skeleton code more future-proof when interacting with C++ compilers. Fixes: 985ead416df3 (""bpftool: Add skeleton codegen command"") Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Acked-by: Song Liu Link: https://lore.kernel.org/bpf/20200812025907.1371956-1-andriin@fb.com","tools/bpf/bpftool/gen.c | 8 ++++----; 1 file changed, 4 insertions(+), 4 deletions(-)","This commit removes the typeof() usage in bpftool skeleton code to ensure compatibility with C++17.","bpftool,C++17,typeof","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"068d9d1eba72423e99162aad3586727180715c2a","068d9d1eba72423e99162aad3586727180715c2a","Andrii Nakryiko","andriin@fb.com","1597199363","Alexei Starovoitov","ast@kernel.org","1597280449","5a002b874b1bf8fc3f58ba74b3dd4d5c46bfe70c","da7bdfdd23b858e6d97a1e4b461548e23d16977f","bpf: Fix XDP FD-based attach/detach logic around XDP_FLAGS_UPDATE_IF_NOEXIST Enforce XDP_FLAGS_UPDATE_IF_NOEXIST only if new BPF program to be attached is non-NULL (i.e., we are not detaching a BPF program). Fixes: d4baa9368a5e (""bpf, xdp: Extract common XDP program attachment logic"") Reported-by: Stanislav Fomichev Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Tested-by: Stanislav Fomichev Acked-by: Toke Høiland-Jørgensen Link: https://lore.kernel.org/bpf/20200812022923.1217922-1-andriin@fb.com","net/core/dev.c | 8 ++++----; 1 file changed, 4 insertions(+), 4 deletions(-)","Fixes FD-based XDP attach/detach logic by enforcing XDP_FLAGS_UPDATE_IF_NOEXIST only when attaching a non-NULL BPF program.","XDP, attach, detach","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"facdaa917c4d5a376d09d25865f5a863f906234a","facdaa917c4d5a376d09d25865f5a863f906234a","Nitin Gupta","nigupta@nvidia.com","1597195860","Linus Torvalds","torvalds@linux-foundation.org","1597255076","e2c0df421a8383d512f8a220ea221fc862f6889e","471e78cc7687337abd10626196f5addb30b01824","mm: proactive compaction For some applications, we need to allocate almost all memory as hugepages. However, on a running system, higher-order allocations can fail if the memory is fragmented. Linux kernel currently does on-demand compaction as we request more hugepages, but this style of compaction incurs very high latency. Experiments with one-time full memory compaction (followed by hugepage allocations) show that kernel is able to restore a highly fragmented memory state to a fairly compacted memory state within <1 sec for a 32G system. Such data suggests that a more proactive compaction can help us allocate a large fraction of memory as hugepages keeping allocation latencies low. For a more proactive compaction, the approach taken here is to define a new sysctl called 'vm.compaction_proactiveness' which dictates bounds for external fragmentation which kcompactd tries to maintain. The tunable takes a value in range [0, 100], with a default of 20. Note that a previous version of this patch [1] was found to introduce too many tunables (per-order extfrag{low, high}), but this one reduces them to just one sysctl. Also, the new tunable is an opaque value instead of asking for specific bounds of ""external fragmentation"", which would have been difficult to estimate. The internal interpretation of this opaque value allows for future fine-tuning. Currently, we use a simple translation from this tunable to [low, high] ""fragmentation score"" thresholds (low=100-proactiveness, high=low+10%). The score for a node is defined as weighted mean of per-zone external fragmentation. A zone's present_pages determines its weight. To periodically check per-node score, we reuse per-node kcompactd threads, which are woken up every 500 milliseconds to check the same. If a node's score exceeds its high threshold (as derived from user-provided proactiveness value), proactive compaction is started until its score reaches its low threshold value. By default, proactiveness is set to 20, which implies threshold values of low=80 and high=90. This patch is largely based on ideas from Michal Hocko [2]. See also the LWN article [3]. Performance data ================ System: x64_64, 1T RAM, 80 CPU threads. Kernel: 5.6.0-rc3 + this patch echo madvise | sudo tee /sys/kernel/mm/transparent_hugepage/enabled echo madvise | sudo tee /sys/kernel/mm/transparent_hugepage/defrag Before starting the driver, the system was fragmented from a userspace program that allocates all memory and then for each 2M aligned section, frees 3/4 of base pages using munmap. The workload is mainly anonymous userspace pages, which are easy to move around. I intentionally avoided unmovable pages in this test to see how much latency we incur when hugepage allocations hit direct compaction. 1. Kernel hugepage allocation latencies With the system in such a fragmented state, a kernel driver then allocates as many hugepages as possible and measures allocation latency: (all latency values are in microseconds) - With vanilla 5.6.0-rc3 percentile latency –––––––––– ––––––– 5 7894 10 9496 25 12561 30 15295 40 18244 50 21229 60 27556 75 30147 80 31047 90 32859 95 33799 Total 2M hugepages allocated = 383859 (749G worth of hugepages out of 762G total free => 98% of free memory could be allocated as hugepages) - With 5.6.0-rc3 + this patch, with proactiveness=20 sysctl -w vm.compaction_proactiveness=20 percentile latency –––––––––– ––––––– 5 2 10 2 25 3 30 3 40 3 50 4 60 4 75 4 80 4 90 5 95 429 Total 2M hugepages allocated = 384105 (750G worth of hugepages out of 762G total free => 98% of free memory could be allocated as hugepages) 2. JAVA heap allocation In this test, we first fragment memory using the same method as for (1). Then, we start a Java process with a heap size set to 700G and request the heap to be allocated with THP hugepages. We also set THP to madvise to allow hugepage backing of this heap. /usr/bin/time java -Xms700G -Xmx700G -XX:+UseTransparentHugePages -XX:+AlwaysPreTouch The above command allocates 700G of Java heap using hugepages. - With vanilla 5.6.0-rc3 17.39user 1666.48system 27:37.89elapsed - With 5.6.0-rc3 + this patch, with proactiveness=20 8.35user 194.58system 3:19.62elapsed Elapsed time remains around 3:15, as proactiveness is further increased. Note that proactive compaction happens throughout the runtime of these workloads. The situation of one-time compaction, sufficient to supply hugepages for following allocation stream, can probably happen for more extreme proactiveness values, like 80 or 90. In the above Java workload, proactiveness is set to 20. The test starts with a node's score of 80 or higher, depending on the delay between the fragmentation step and starting the benchmark, which gives more-or-less time for the initial round of compaction. As t he benchmark consumes hugepages, node's score quickly rises above the high threshold (90) and proactive compaction starts again, which brings down the score to the low threshold level (80). Repeat. bpftrace also confirms proactive compaction running 20+ times during the runtime of this Java benchmark. kcompactd threads consume 100% of one of the CPUs while it tries to bring a node's score within thresholds. Backoff behavior ================ Above workloads produce a memory state which is easy to compact. However, if memory is filled with unmovable pages, proactive compaction should essentially back off. To test this aspect: - Created a kernel driver that allocates almost all memory as hugepages followed by freeing first 3/4 of each hugepage. - Set proactiveness=40 - Note that proactive_compact_node() is deferred maximum number of times with HPAGE_FRAG_CHECK_INTERVAL_MSEC of wait between each check (=> ~30 seconds between retries). [1] https://patchwork.kernel.org/patch/11098289/ [2] https://lore.kernel.org/linux-mm/20161230131412.GI13301@dhcp22.suse.cz/ [3] https://lwn.net/Articles/817905/ Signed-off-by: Nitin Gupta Signed-off-by: Andrew Morton Tested-by: Oleksandr Natalenko Reviewed-by: Vlastimil Babka Reviewed-by: Khalid Aziz Reviewed-by: Oleksandr Natalenko Cc: Vlastimil Babka Cc: Khalid Aziz Cc: Michal Hocko Cc: Mel Gorman Cc: Matthew Wilcox Cc: Mike Kravetz Cc: Joonsoo Kim Cc: David Rientjes Cc: Nitin Gupta Cc: Oleksandr Natalenko Link: http://lkml.kernel.org/r/20200616204527.19185-1-nigupta@nvidia.com Signed-off-by: Linus Torvalds ","Documentation/admin-guide/sysctl/vm.rst | 15 +++; include/linux/compaction.h | 2 +; kernel/sysctl.c | 9 ++; mm/compaction.c | 183 +++++++++++++++++++++++++++++++-; mm/internal.h | 1 +; mm/vmstat.c | 18 ++++; 6 files changed, 223 insertions(+), 5 deletions(-)","This commit introduces proactive memory compaction using a new sysctl for better hugepage allocation efficiency.","proactive, hugepages, compaction","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"3c7be18ac9a06bc67196bfdabb7c21e1bbacdc13","3c7be18ac9a06bc67196bfdabb7c21e1bbacdc13","Roman Gushchin","guro@fb.com","1597195817","Linus Torvalds","torvalds@linux-foundation.org","1597255075","d886a76c49c8bc157e600c07969ba0beb81d253b","5b32af91b5de6f95ad99e4eaaf57777376af124f","mm: memcg/percpu: account percpu memory to memory cgroups Percpu memory is becoming more and more widely used by various subsystems, and the total amount of memory controlled by the percpu allocator can make a good part of the total memory. As an example, bpf maps can consume a lot of percpu memory, and they are created by a user. Also, some cgroup internals (e.g. memory controller statistics) can be quite large. On a machine with many CPUs and big number of cgroups they can consume hundreds of megabytes. So the lack of memcg accounting is creating a breach in the memory isolation. Similar to the slab memory, percpu memory should be accounted by default. To implement the perpcu accounting it's possible to take the slab memory accounting as a model to follow. Let's introduce two types of percpu chunks: root and memcg. What makes memcg chunks different is an additional space allocated to store memcg membership information. If __GFP_ACCOUNT is passed on allocation, a memcg chunk should be be used. If it's possible to charge the corresponding size to the target memory cgroup, allocation is performed, and the memcg ownership data is recorded. System-wide allocations are performed using root chunks, so there is no additional memory overhead. To implement a fast reparenting of percpu memory on memcg removal, we don't store mem_cgroup pointers directly: instead we use obj_cgroup API, introduced for slab accounting. [akpm@linux-foundation.org: fix CONFIG_MEMCG_KMEM=n build errors and warning] [akpm@linux-foundation.org: move unreachable code, per Roman] [cuibixuan@huawei.com: mm/percpu: fix 'defined but not used' warning] Link: http://lkml.kernel.org/r/6d41b939-a741-b521-a7a2-e7296ec16219@huawei.com Signed-off-by: Roman Gushchin Signed-off-by: Bixuan Cui Signed-off-by: Andrew Morton Reviewed-by: Shakeel Butt Acked-by: Dennis Zhou Cc: Christoph Lameter Cc: David Rientjes Cc: Johannes Weiner Cc: Joonsoo Kim Cc: Mel Gorman Cc: Michal Hocko Cc: Pekka Enberg Cc: Tejun Heo Cc: Tobin C. Harding Cc: Vlastimil Babka Cc: Waiman Long Cc: Bixuan Cui Cc: Michal Koutný Cc: Stephen Rothwell Link: http://lkml.kernel.org/r/20200623184515.4132564-3-guro@fb.com Signed-off-by: Linus Torvalds ","mm/percpu-internal.h | 55 ++++++++++++++-; mm/percpu-km.c | 5 +-; mm/percpu-stats.c | 36 ++++++----; mm/percpu-vm.c | 5 +-; mm/percpu.c | 185 +++++++++++++++++++++++++++++++++++++++++++++------; 5 files changed, 246 insertions(+), 40 deletions(-)","The commit implements percpu memory accounting for memory cgroups to enhance memory isolation using the slab accounting model.","percpu,cgroups,isolation","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"5b32af91b5de6f95ad99e4eaaf57777376af124f","5b32af91b5de6f95ad99e4eaaf57777376af124f","Roman Gushchin","guro@fb.com","1597195814","Linus Torvalds","torvalds@linux-foundation.org","1597255075","219b5491a07cb78627c0eead0e0d9adf1a56fc95","00e4db51259a5f936fec1424b884f029479d3981","percpu: return number of released bytes from pcpu_free_area() Patch series ""mm: memcg accounting of percpu memory"", v3. This patchset adds percpu memory accounting to memory cgroups. It's based on the rework of the slab controller and reuses concepts and features introduced for the per-object slab accounting. Percpu memory is becoming more and more widely used by various subsystems, and the total amount of memory controlled by the percpu allocator can make a good part of the total memory. As an example, bpf maps can consume a lot of percpu memory, and they are created by a user. Also, some cgroup internals (e.g. memory controller statistics) can be quite large. On a machine with many CPUs and big number of cgroups they can consume hundreds of megabytes. So the lack of memcg accounting is creating a breach in the memory isolation. Similar to the slab memory, percpu memory should be accounted by default. Percpu allocations by their nature are scattered over multiple pages, so they can't be tracked on the per-page basis. So the per-object tracking introduced by the new slab controller is reused. The patchset implements charging of percpu allocations, adds memcg-level statistics, enables accounting for percpu allocations made by memory cgroup internals and provides some basic tests. To implement the accounting of percpu memory without a significant memory and performance overhead the following approach is used: all accounted allocations are placed into a separate percpu chunk (or chunks). These chunks are similar to default chunks, except that they do have an attached vector of pointers to obj_cgroup objects, which is big enough to save a pointer for each allocated object. On the allocation, if the allocation has to be accounted (__GFP_ACCOUNT is passed, the allocating process belongs to a non-root memory cgroup, etc), the memory cgroup is getting charged and if the maximum limit is not exceeded the allocation is performed using a memcg-aware chunk. Otherwise -ENOMEM is returned or the allocation is forced over the limit, depending on gfp (as any other kernel memory allocation). The memory cgroup information is saved in the obj_cgroup vector at the corresponding offset. On the release time the memcg information is restored from the vector and the cgroup is getting uncharged. Unaccounted allocations (at this point the absolute majority of all percpu allocations) are performed in the old way, so no additional overhead is expected. To avoid pinning dying memory cgroups by outstanding allocations, obj_cgroup API is used instead of directly saving memory cgroup pointers. obj_cgroup is basically a pointer to a memory cgroup with a standalone reference counter. The trick is that it can be atomically swapped to point at the parent cgroup, so that the original memory cgroup can be released prior to all objects, which has been charged to it. Because all charges and statistics are fully recursive, it's perfectly correct to uncharge the parent cgroup instead. This scheme is used in the slab memory accounting, and percpu memory can just follow the scheme. This patch (of 5): To implement accounting of percpu memory we need the information about the size of freed object. Return it from pcpu_free_area(). Signed-off-by: Roman Gushchin Signed-off-by: Andrew Morton Reviewed-by: Shakeel Butt Acked-by: Dennis Zhou Cc: Tejun Heo Cc: Christoph Lameter Cc: Johannes Weiner Cc: Michal Hocko Cc: David Rientjes Cc: Joonsoo Kim Cc: Mel Gorman Cc: Pekka Enberg Cc: Tobin C. Harding Cc: Vlastimil Babka Cc: Waiman Long cC: Michal Koutnýutny@suse.com> Cc: Bixuan Cui Cc: Michal Koutný Cc: Stephen Rothwell Link: http://lkml.kernel.org/r/20200623184515.4132564-1-guro@fb.com Link: http://lkml.kernel.org/r/20200608230819.832349-1-guro@fb.com Link: http://lkml.kernel.org/r/20200608230819.832349-2-guro@fb.com Signed-off-by: Linus Torvalds ","mm/percpu.c | 13 ++++++++++---; 1 file changed, 10 insertions(+), 3 deletions(-)","The commit enhances percpu memory accounting for memory cgroups by implementing allocation size tracking.","percpu,memory,cgroups","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"58277f502f429baee11725ca2d8cb3c43c7a6429","58277f502f429baee11725ca2d8cb3c43c7a6429","Arnaldo Carvalho de Melo","acme@redhat.com","1597231806","Arnaldo Carvalho de Melo","acme@redhat.com","1597232316","629a2564ef0dec8c08f7f2b43d3548bbfa77566e","fb893de323e2d39f7a1f6df425703a2edbdf56ea","perf trace beauty: Add script to autogenerate socket families table To use with 'perf trace', to convert the protocol families to strings, e.g: $ tools/perf/trace/beauty/socket.sh static const char *socket_families[] = { [0] = ""UNSPEC"", [1] = ""LOCAL"", [2] = ""INET"", [3] = ""AX25"", [4] = ""IPX"", [5] = ""APPLETALK"", [6] = ""NETROM"", [7] = ""BRIDGE"", [8] = ""ATMPVC"", [9] = ""X25"", [10] = ""INET6"", [11] = ""ROSE"", [12] = ""DECnet"", [13] = ""NETBEUI"", [14] = ""SECURITY"", [15] = ""KEY"", [16] = ""NETLINK"", [17] = ""PACKET"", [18] = ""ASH"", [19] = ""ECONET"", [20] = ""ATMSVC"", [21] = ""RDS"", [22] = ""SNA"", [23] = ""IRDA"", [24] = ""PPPOX"", [25] = ""WANPIPE"", [26] = ""LLC"", [27] = ""IB"", [28] = ""MPLS"", [29] = ""CAN"", [30] = ""TIPC"", [31] = ""BLUETOOTH"", [32] = ""IUCV"", [33] = ""RXRPC"", [34] = ""ISDN"", [35] = ""PHONET"", [36] = ""IEEE802154"", [37] = ""CAIF"", [38] = ""ALG"", [39] = ""NFC"", [40] = ""VSOCK"", [41] = ""KCM"", [42] = ""QIPCRTR"", [43] = ""SMC"", [44] = ""XDP"", }; $ This uses a copy of include/linux/socket.h that is kept in a directory to be used just for these table generation scripts and for checking if the kernel has a new file that maybe gets something new for these tables. This allows us to: - Avoid accessing files outside tools/, in the kernel sources, that may be changed in unexpected ways and thus break these scripts. - Notice when those files change and thus check if the changes don't break those scripts, update them to automatically get the new definitions, a new socket family, for instance. - Not add then to the tools/include/ where it may end up used while building the tools and end up requiring dragging yet more stuff from the kernel or plain break the build in some of the myriad environments where perf may be built. This will replace the previous static array in tools/perf/ that was dated and was already missing the AF_KCM, AF_QIPCRTR, AF_SMC and AF_XDP families. The next cset will wire this up to the perf build process. At some point this must be made into a library to be used in places such as libtraceevent, bpftrace, etc. Cc: Adrian Hunter Cc: Jiri Olsa Cc: Namhyung Kim Cc: Steven Rostedt Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/trace/beauty/include/linux/socket.h | 442 +++++++++++++++++++++++++; tools/perf/trace/beauty/socket.sh | 24 ++; 2 files changed, 466 insertions(+)","The commit introduces a script for automatically generating socket protocol families table for use with 'perf trace'.","autogenerate,socket,perf","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"da7bdfdd23b858e6d97a1e4b461548e23d16977f","da7bdfdd23b858e6d97a1e4b461548e23d16977f","Stanislav Fomichev","sdf@google.com","1596839926","Daniel Borkmann","daniel@iogearbox.net","1597153011","69683bc39eac273d84e170ebe458adce37e0f62c","0390c429dbed4068bd2cd8dded937d9a5ec24cd2","selftests/bpf: Fix v4_to_v6 in sk_lookup I'm getting some garbage in bytes 8 and 9 when doing conversion from sockaddr_in to sockaddr_in6 (leftover from AF_INET?). Let's explicitly clear the higher bytes. Fixes: 0ab5539f8584 (""selftests/bpf: Tests for BPF_SK_LOOKUP attach point"") Signed-off-by: Stanislav Fomichev Signed-off-by: Daniel Borkmann Reviewed-by: Jakub Sitnicki Link: https://lore.kernel.org/bpf/20200807223846.4190917-1-sdf@google.com","tools/testing/selftests/bpf/prog_tests/sk_lookup.c | 1 +; 1 file changed, 1 insertion(+)","The commit fixes garbage data in sk_lookup self-test by clearing higher bytes during sockaddr conversion.","fix, sk_lookup, selftests","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"0390c429dbed4068bd2cd8dded937d9a5ec24cd2","0390c429dbed4068bd2cd8dded937d9a5ec24cd2","Jianlin Lv","Jianlin.Lv@arm.com","1597073980","Daniel Borkmann","daniel@iogearbox.net","1597153005","467e1b67bae48778d9b916e6e42e0a7f4d3b62cc","63fe3fd393dc4e7ea3948e79947362ffbb0fd616","selftests/bpf: Fix segmentation fault in test_progs test_progs reports the segmentation fault as below: $ sudo ./test_progs -t mmap --verbose test_mmap:PASS:skel_open_and_load 0 nsec [...] test_mmap:PASS:adv_mmap1 0 nsec test_mmap:PASS:adv_mmap2 0 nsec test_mmap:PASS:adv_mmap3 0 nsec test_mmap:PASS:adv_mmap4 0 nsec Segmentation fault This issue was triggered because mmap() and munmap() used inconsistent length parameters; mmap() creates a new mapping of 3 * page_size, but the length parameter set in the subsequent re-map and munmap() functions is 4 * page_size; this leads to the destruction of the process space. To fix this issue, first create 4 pages of anonymous mapping, then do all the mmap() with MAP_FIXED. Another issue is that when unmap the second page fails, the length parameter to delete tmp1 mappings should be 4 * page_size. Signed-off-by: Jianlin Lv Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200810153940.125508-1-Jianlin.Lv@arm.com","tools/testing/selftests/bpf/prog_tests/mmap.c | 19 +++++++++++++------; 1 file changed, 13 insertions(+), 6 deletions(-)","Fixes segmentation fault caused by inconsistent mmap parameters in BPF selftests.","segmentation,mmap,munmap","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"63fe3fd393dc4e7ea3948e79947362ffbb0fd616","63fe3fd393dc4e7ea3948e79947362ffbb0fd616","Yonghong Song","yhs@fb.com","1597115332","Daniel Borkmann","daniel@iogearbox.net","1597151467","396dd9a9d0621eeeb0e919caf9c6653308b24219","444da3f52407d74c9aa12187ac6b01f76ee47d62","libbpf: Do not use __builtin_offsetof for offsetof Commit 5fbc220862fc (""tools/libpf: Add offsetof/container_of macro in bpf_helpers.h"") added a macro offsetof() to get the offset of a structure member: #define offsetof(TYPE, MEMBER) ((size_t)&((TYPE *)0)->MEMBER) In certain use cases, size_t type may not be available so Commit da7a35062bcc (""libbpf bpf_helpers: Use __builtin_offsetof for offsetof"") changed to use __builtin_offsetof which removed the dependency on type size_t, which I suggested. But using __builtin_offsetof will prevent CO-RE relocation generation in case that, e.g., TYPE is annotated with ""preserve_access_info"" where a relocation is desirable in case the member offset is changed in a different kernel version. So this patch reverted back to the original macro but using ""unsigned long"" instead of ""site_t"". Fixes: da7a35062bcc (""libbpf bpf_helpers: Use __builtin_offsetof for offsetof"") Signed-off-by: Yonghong Song Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Acked-by: Ian Rogers Link: https://lore.kernel.org/bpf/20200811030852.3396929-1-yhs@fb.com","tools/lib/bpf/bpf_helpers.h | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","This commit reverts to using the original offsetof macro in libbpf to facilitate CO-RE relocation.","libbpf, offsetof, relocation","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"00e4db51259a5f936fec1424b884f029479d3981","00e4db51259a5f936fec1424b884f029479d3981","Linus Torvalds","torvalds@linux-foundation.org","1597112498","Linus Torvalds","torvalds@linux-foundation.org","1597112498","3baaaa91e1f0f6264b95c313cfbc7209a96fb916","ed3854ff994b35cc11658d43d01a421bd5088d23 1101c872c8c7869c78dc106ae820040f36807eda","Merge tag 'perf-tools-2020-08-10' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux Pull perf tools updates from Arnaldo Carvalho de Melo: ""New features: - Introduce controlling how 'perf stat' and 'perf record' works via a control file descriptor, allowing starting with events configured but disabled until commands are received via the control file descriptor. This allows, for instance for tools such as Intel VTune to make further use of perf as its Linux platform driver. - Improve 'perf record' to to register in a perf.data file header the clockid used to help later correlate things like syslog files and perf events recorded. - Add basic syscall and find_next_bit benchmarks to 'perf bench'. - Allow using computed metrics in calculating other metrics. For instance: { .metric_expr = ""l2_rqsts.demand_data_rd_hit + l2_rqsts.pf_hit + l2_rqsts.rfo_hit"", .metric_name = ""DCache_L2_All_Hits"", }, { .metric_expr = ""max(l2_rqsts.all_demand_data_rd - l2_rqsts.demand_data_rd_hit, 0) + l2_rqsts.pf_miss + l2_rqsts.rfo_miss"", .metric_name = ""DCache_L2_All_Miss"", }, { .metric_expr = ""dcache_l2_all_hits + dcache_l2_all_miss"", .metric_name = ""DCache_L2_All"", } - Add suport for 'd_ratio', '>' and '<' operators to the expression resolver used in calculating metrics in 'perf stat'. Support for new kernel features: - Support TEXT_POKE and KSYMBOL_TYPE_OOL perf metadata events to cope with things like ftrace, trampolines, i.e. changes in the kernel text that gets in the way of properly decoding Intel PT hardware traces, for instance. Intel PT: - Add various knobs to reduce the volume of Intel PT traces by reducing the level of details such as decoding just some types of packets (e.g., FUP/TIP, PSB+), also filtering by time range. - Add new itrace options (log flags to the 'd' option, error flags to the 'e' one, etc), controlling how Intel PT is transformed into perf events, document some missing options (e.g., how to synthesize callchains). BPF: - Properly report BPF errors when parsing events. - Do not setup side-band events if LIBBPF is not linked, fixing a segfault. Libraries: - Improvements to the libtraceevent plugin mechanism. - Improve libtracevent support for KVM trace events SVM exit reasons. - Add a libtracevent plugins for decoding syscalls/sys_enter_futex and for tlb_flush. - Ensure sample_period is set libpfm4 events in 'perf test'. - Fixup libperf namespacing, to make sure what is in libperf has the perf_ namespace while what is now only in tools/perf/ doesn't use that prefix. Arch specific: - Improve the testing of vendor events and metrics in 'perf test'. - Allow no ARM CoreSight hardware tracer sink to be specified on command line. - Fix arm_spe_x recording when mixed with other perf events. - Add s390 idle functions 'psw_idle' and 'psw_idle_exit' to list of idle symbols. - List kernel supplied event aliases for arm64 in 'perf list'. - Add support for extended register capability in PowerPC 9 and 10. - Added nest IMC power9 metric events. Miscellaneous: - No need to setup sample_regs_intr/sample_regs_user for dummy events. - Update various copies of kernel headers, some causing perf to handle new syscalls, MSRs, etc. - Improve usage of flex and yacc, enabling warnings and addressing the fallout. - Add missing '--output' option to 'perf kmem' so that it can pass it along to 'perf record'. - 'perf probe' fixes related to adding multiple probes on the same address for the same event. - Make 'perf probe' warn if the target function is a GNU indirect function. - Remove //anon mmap events from 'perf inject jit' to fix supporting both using ELF files for generated functions and the perf-PID.map approaches"" * tag 'perf-tools-2020-08-10' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux: (144 commits) perf record: Skip side-band event setup if HAVE_LIBBPF_SUPPORT is not set perf tools powerpc: Add support for extended regs in power10 perf tools powerpc: Add support for extended register capability tools headers UAPI: Sync drm/i915_drm.h with the kernel sources tools arch x86: Sync asm/cpufeatures.h with the kernel sources tools arch x86: Sync the msr-index.h copy with the kernel sources tools headers UAPI: update linux/in.h copy tools headers API: Update close_range affected files perf script: Add 'tod' field to display time of day perf script: Change the 'enum perf_output_field' enumerators to be 64 bits perf data: Add support to store time of day in CTF data conversion perf tools: Move clockid_res_ns under clock struct perf header: Store clock references for -k/--clockid option perf tools: Add clockid_name function perf clockid: Move parse_clockid() to new clockid object tools lib traceevent: Handle possible strdup() error in tep_add_plugin_path() API libtraceevent: Fixed description of tep_add_plugin_path() API libtraceevent: Fixed type in PRINT_FMT_STING libtraceevent: Fixed broken indentation in parse_ip4_print_args() libtraceevent: Improve error handling of tep_plugin_add_option() API ...","","Merge perf tools updates introducing new features and kernel support enhancements.","perf, merge, updates","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"444da3f52407d74c9aa12187ac6b01f76ee47d62","444da3f52407d74c9aa12187ac6b01f76ee47d62","Jakub Kicinski","kuba@kernel.org","1597083671","David S. Miller","davem@davemloft.net","1597087011","92438be7eb3dfaf7c728361490c91e65367e9985","f19008e676366c44e9241af57f331b6c6edf9552","bitfield.h: don't compile-time validate _val in FIELD_FIT When ur_load_imm_any() is inlined into jeq_imm(), it's possible for the compiler to deduce a case where _val can only have the value of -1 at compile time. Specifically, /* struct bpf_insn: _s32 imm */ u64 imm = insn->imm; /* sign extend */ if (imm >> 32) { /* non-zero only if insn->imm is negative */ /* inlined from ur_load_imm_any */ u32 __imm = imm >> 32; /* therefore, always 0xffffffff */ if (__builtin_constant_p(__imm) && __imm > 255) compiletime_assert_XXX() This can result in tripping a BUILD_BUG_ON() in __BF_FIELD_CHECK() that checks that a given value is representable in one byte (interpreted as unsigned). FIELD_FIT() should return true or false at runtime for whether a value can fit for not. Don't break the build over a value that's too large for the mask. We'd prefer to keep the inlining and compiler optimizations though we know this case will always return false. Cc: stable@vger.kernel.org Fixes: 1697599ee301a (""bitfield.h: add FIELD_FIT() helper"") Link: https://lore.kernel.org/kernel-hardening/CAK7LNASvb0UDJ0U5wkYYRzTAdnEs64HjXpEUL7d=V0CXiAXcNw@mail.gmail.com/ Reported-by: Masahiro Yamada Debugged-by: Sami Tolvanen Signed-off-by: Jakub Kicinski Signed-off-by: Nick Desaulniers Signed-off-by: David S. Miller ","include/linux/bitfield.h | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Resolves a compile-time issue in FIELD_FIT by allowing runtime validation instead of build-time checks.","FIELD_FIT,compile-time,bitfield","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","I'm not sure about the logic component of the commit. The affected logic component is unclear.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"faabed295cccc2aba2b67f2e7b309f2892d55004","faabed295cccc2aba2b67f2e7b309f2892d55004","Masahiro Yamada","masahiroy@kernel.org","1596284838","Masahiro Yamada","masahiroy@kernel.org","1596990779","e5fa5b8a2d7437a5da376b5d8ecc7b044457e772","85569d19d0f57df5e6cbb918dbddd4f82c0117b5","kbuild: introduce hostprogs-always-y and userprogs-always-y To build host programs, you need to add the program names to 'hostprogs' to use the necessary build rule, but it is not enough to build them because there is no dependency. There are two types of host programs: built as the prerequisite of another (e.g. gen_crc32table in lib/Makefile), or always built when Kbuild visits the Makefile (e.g. genksyms in scripts/genksyms/Makefile). The latter is typical in Makefiles under scripts/, which contains host programs globally used during the kernel build. To build them, you need to add them to both 'hostprogs' and 'always-y'. This commit adds hostprogs-always-y as a shorthand. The same applies to user programs. net/bpfilter/Makefile builds bpfilter_umh on demand, hence always-y is unneeded. In contrast, programs under samples/ are added to both 'userprogs' and 'always-y' so they are always built when Kbuild visits the Makefiles. userprogs-always-y works as a shorthand. Signed-off-by: Masahiro Yamada Acked-by: Miguel Ojeda ","Documentation/kbuild/makefiles.rst | 31 ++++++++++++++++++++++++++++++-; samples/auxdisplay/Makefile | 3 +--; samples/binderfs/Makefile | 3 +--; samples/connector/Makefile | 3 +--; samples/hidraw/Makefile | 3 +--; samples/mei/Makefile | 4 +---; samples/pidfd/Makefile | 4 +---; samples/seccomp/Makefile | 4 +---; samples/timers/Makefile | 3 +--; samples/uhid/Makefile | 3 +--; samples/vfs/Makefile | 3 +--; samples/watch_queue/Makefile | 3 +--; samples/watchdog/Makefile | 3 +--; scripts/Makefile | 18 ++++++++----------; scripts/Makefile.clean | 12 +++++++++---; scripts/Makefile.lib | 11 +++++++++++; scripts/basic/Makefile | 3 +--; scripts/dtc/Makefile | 5 ++---; scripts/genksyms/Makefile | 3 +--; scripts/mod/Makefile | 4 ++--; scripts/selinux/genheaders/Makefile | 4 +---; scripts/selinux/mdp/Makefile | 3 +--; 22 files changed, 78 insertions(+), 55 deletions(-)","The commit introduces shorthand variables for building host and user programs always with Kbuild.","hostprogs userprogs kbuild","A build system or CI/CD change. It affects the build process continuous integration or deployment pipelines.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"64cae2fb48ee10a84b044c516dba1b44d7f4d161","64cae2fb48ee10a84b044c516dba1b44d7f4d161","David S. Miller","davem@davemloft.net","1596846788","David S. Miller","davem@davemloft.net","1596846788","e04b6acd0324246149c14b4bc5c6817493b1869c","7ee2492635d862fac39bc5ef234ffd3d8e9f833b b8c1a3090741f349322ad855d2b66d6e9752a60d","Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf Daniel Borkmann says: ==================== pull-request: bpf 2020-08-08 The following pull-request contains BPF updates for your *net* tree. We've added 11 non-merge commits during the last 2 day(s) which contain a total of 24 files changed, 216 insertions(+), 135 deletions(-). The main changes are: 1) Fix UAPI for BPF map iterator before it gets frozen to allow for more extensions/customization in future, from Yonghong Song. 2) Fix selftests build to undo verbose build output, from Andrii Nakryiko. 3) Fix inlining compilation error on bpf_do_trace_printk() due to variable argument lists, from Stanislav Fomichev. 4) Fix an uninitialized pointer warning at btf__parse_raw() in libbpf, from Daniel T. Lee. 5) Fix several compilation warnings in selftests with regards to ignoring return value, from Jianlin Lv. 6) Fix interruptions by switching off timeout for BPF tests, from Jiri Benc. ==================== Signed-off-by: David S. Miller ","","This commit merges various updates and fixes to the BPF subsystem from the BPF repository.","merge,BPF,fixes","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"4330a26bc4527f1d8918c398ebc983574f761cca","4330a26bc4527f1d8918c398ebc983574f761cca","Roman Gushchin","guro@fb.com","1596781263","Linus Torvalds","torvalds@linux-foundation.org","1596825204","e6798292398edc018c379bde258024f4b48264f4","f2fe7b09a52bc898ec030d4fa6f78725439c7c2c","mm: memcg/slab: deprecate memory.kmem.slabinfo Deprecate memory.kmem.slabinfo. An empty file will be presented if corresponding config options are enabled. The interface is implementation dependent, isn't present in cgroup v2, and is generally useful only for core mm debugging purposes. In other words, it doesn't provide any value for the absolute majority of users. A drgn-based replacement can be found in tools/cgroup/memcg_slabinfo.py. It does support cgroup v1 and v2, mimics memory.kmem.slabinfo output and also allows to get any additional information without a need to recompile the kernel. If a drgn-based solution is too slow for a task, a bpf-based tracing tool can be used, which can easily keep track of all slab allocations belonging to a memory cgroup. Signed-off-by: Roman Gushchin Signed-off-by: Andrew Morton Reviewed-by: Vlastimil Babka Reviewed-by: Shakeel Butt Acked-by: Johannes Weiner Cc: Christoph Lameter Cc: Michal Hocko Cc: Tejun Heo Link: http://lkml.kernel.org/r/20200623174037.3951353-11-guro@fb.com Signed-off-by: Linus Torvalds ","mm/memcontrol.c | 3 ---; mm/slab_common.c | 31 ++++---------------------------; 2 files changed, 4 insertions(+), 30 deletions(-)","The commit deprecates the memory.kmem.slabinfo interface to encourage using drgn-based and BPF-based tracing tools.","deprecate, slabinfo, memcg","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"b8c1a3090741f349322ad855d2b66d6e9752a60d","b8c1a3090741f349322ad855d2b66d6e9752a60d","Randy Dunlap","rdunlap@infradead.org","1596771101","Daniel Borkmann","daniel@iogearbox.net","1596819444","8b9588ae0dc62f817bd1cb679c5197607b8b9980","d5ca590525cfbd87ca307dcf498a566e2e7c1767","bpf: Delete repeated words in comments Drop repeated words in kernel/bpf/: {has, the} Signed-off-by: Randy Dunlap Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200807033141.10437-1-rdunlap@infradead.org","kernel/bpf/core.c | 2 +-; kernel/bpf/verifier.c | 2 +-; 2 files changed, 2 insertions(+), 2 deletions(-)","The commit removes duplicate words in comments within the eBPF subsystem code.","duplicate, words, comments","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","I'm not sure about the logic component of the commit. The affected logic component is unclear.","[""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"d5ca590525cfbd87ca307dcf498a566e2e7c1767","d5ca590525cfbd87ca307dcf498a566e2e7c1767","Andrii Nakryiko","andriin@fb.com","1596771057","Daniel Borkmann","daniel@iogearbox.net","1596819152","1a4f3008e76259ab71b36e24e04270a03c947812","7fb20f9e901e6df2f7dc032d88da5abff4117d37","selftests/bpf: Fix silent Makefile output 99aacebecb75 (""selftests: do not use .ONESHELL"") removed .ONESHELL, which changes how Makefile ""silences"" multi-command target recipes. selftests/bpf's Makefile relied (a somewhat unknowingly) on .ONESHELL behavior of silencing all commands within the recipe if the first command contains @ symbol. Removing .ONESHELL exposed this hack. This patch fixes the issue by explicitly silencing each command with $(Q). Also explicitly define fallback rule for building *.o from *.c, instead of relying on non-silent inherited rule. This was causing a non-silent output for bench.o object file. Fixes: 92f7440ecc93 (""selftests/bpf: More succinct Makefile output"") Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200807033058.848677-1-andriin@fb.com","tools/testing/selftests/bpf/Makefile | 48 +++++++++++++++++++-----------------; 1 file changed, 26 insertions(+), 22 deletions(-)","The commit modifies the selftests/bpf Makefile to fix silent output by explicitly silencing commands.","Makefile, silent, commands","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"7fb20f9e901e6df2f7dc032d88da5abff4117d37","7fb20f9e901e6df2f7dc032d88da5abff4117d37","Alan Maguire","alan.maguire@oracle.com","1596801029","Daniel Borkmann","daniel@iogearbox.net","1596818696","056b7d8a81a622376a675a16c2404e7474263595","929e54a989680c6f134b02293732030b897475dc","bpf, doc: Remove references to warning message when using bpf_trace_printk() The BPF helper bpf_trace_printk() no longer uses trace_printk(); it is now triggers a dedicated trace event. Hence the described warning is no longer present, so remove the discussion of it as it may confuse people. Fixes: ac5a72ea5c89 (""bpf: Use dedicated bpf_trace_printk event instead of trace_printk()"") Signed-off-by: Alan Maguire Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/1596801029-32395-1-git-send-email-alan.maguire@oracle.com","Documentation/bpf/bpf_design_QA.rst | 11 -----------; 1 file changed, 11 deletions(-)","This commit updates documentation to remove references to obsolete warnings related to bpf_trace_printk().","documentation bpf_trace_printk obsolescence","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"1101c872c8c7869c78dc106ae820040f36807eda","1101c872c8c7869c78dc106ae820040f36807eda","Jin Yao","yao.jin@linux.intel.com","1596594577","Arnaldo Carvalho de Melo","acme@redhat.com","1596803223","a97638eefebfa98a11260c9845d5c842cd798cfd","666559865823265ad2a53f72d08d42631b3dc532","perf record: Skip side-band event setup if HAVE_LIBBPF_SUPPORT is not set We received an error report that perf-record caused 'Segmentation fault' on a newly system (e.g. on the new installed ubuntu). (gdb) backtrace #0 __read_once_size (size=4, res=, p=0x14) at /root/0-jinyao/acme/tools/include/linux/compiler.h:139 #1 atomic_read (v=0x14) at /root/0-jinyao/acme/tools/include/asm/../../arch/x86/include/asm/atomic.h:28 #2 refcount_read (r=0x14) at /root/0-jinyao/acme/tools/include/linux/refcount.h:65 #3 perf_mmap__read_init (map=map@entry=0x0) at mmap.c:177 #4 0x0000561ce5c0de39 in perf_evlist__poll_thread (arg=0x561ce68584d0) at util/sideband_evlist.c:62 #5 0x00007fad78491609 in start_thread (arg=) at pthread_create.c:477 #6 0x00007fad7823c103 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 The root cause is, evlist__add_bpf_sb_event() just returns 0 if HAVE_LIBBPF_SUPPORT is not defined (inline function path). So it will not create a valid evsel for side-band event. But perf-record still creates BPF side band thread to process the side-band event, then the error happpens. We can reproduce this issue by removing the libelf-dev. e.g. 1. apt-get remove libelf-dev 2. perf record -a -- sleep 1 root@test:~# ./perf record -a -- sleep 1 perf: Segmentation fault Obtained 6 stack frames. ./perf(+0x28eee8) [0x5562d6ef6ee8] /lib/x86_64-linux-gnu/libc.so.6(+0x46210) [0x7fbfdc65f210] ./perf(+0x342e74) [0x5562d6faae74] ./perf(+0x257e39) [0x5562d6ebfe39] /lib/x86_64-linux-gnu/libpthread.so.0(+0x9609) [0x7fbfdc990609] /lib/x86_64-linux-gnu/libc.so.6(clone+0x43) [0x7fbfdc73b103] Segmentation fault (core dumped) To fix this issue, 1. We either install the missing libraries to let HAVE_LIBBPF_SUPPORT be defined. e.g. apt-get install libelf-dev and install other related libraries. 2. Use this patch to skip the side-band event setup if HAVE_LIBBPF_SUPPORT is not set. Committer notes: The side band thread is not used just with BPF, it is also used with --switch-output-event, so narrow the ifdef to the BPF specific part. Fixes: 23cbb41c939a (""perf record: Move side band evlist setup to separate routine"") Signed-off-by: Jin Yao Acked-by: Jiri Olsa Cc: Alexander Shishkin Cc: Andi Kleen Cc: Jin Yao Cc: Kan Liang Cc: Peter Zijlstra Link: http://lore.kernel.org/lkml/20200805022937.29184-1-yao.jin@linux.intel.com Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/builtin-record.c | 4 ++--; 1 file changed, 2 insertions(+), 2 deletions(-)","The commit resolves a segmentation fault in perf-record by bypassing side-band event setup without HAVE_LIBBPF_SUPPORT.","perf-record,segmentation fault,HAVE_LIBBPF_SUPPORT","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","It's not related to any above. E.g. It affects a logic component in eBPF that is not listed here and not related to other events.","[""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"929e54a989680c6f134b02293732030b897475dc","929e54a989680c6f134b02293732030b897475dc","Jianlin Lv","Jianlin.Lv@arm.com","1596710544","Alexei Starovoitov","ast@kernel.org","1596758322","54decdc098e14ce43550eeab1bda534da3efdfc3","6fc5916cc256b8e92cc7ad3b34cc4d2a7efa1d5c","bpf: Fix compilation warning of selftests Clang compiler version: 12.0.0 The following warning appears during the selftests/bpf compilation: prog_tests/send_signal.c:51:3: warning: ignoring return value of ‘write’, declared with attribute warn_unused_result [-Wunused-result] 51 | write(pipe_c2p[1], buf, 1); | ^~~~~~~~~~~~~~~~~~~~~~~~~~ prog_tests/send_signal.c:54:3: warning: ignoring return value of ‘read’, declared with attribute warn_unused_result [-Wunused-result] 54 | read(pipe_p2c[0], buf, 1); | ^~~~~~~~~~~~~~~~~~~~~~~~~ ...... prog_tests/stacktrace_build_id_nmi.c:13:2: warning: ignoring return value of ‘fscanf’,declared with attribute warn_unused_result [-Wunused-resul] 13 | fscanf(f, ""%llu"", &sample_freq); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ test_tcpnotify_user.c:133:2: warning:ignoring return value of ‘system’, declared with attribute warn_unused_result [-Wunused-result] 133 | system(test_script); | ^~~~~~~~~~~~~~~~~~~ test_tcpnotify_user.c:138:2: warning:ignoring return value of ‘system’, declared with attribute warn_unused_result [-Wunused-result] 138 | system(test_script); | ^~~~~~~~~~~~~~~~~~~ test_tcpnotify_user.c:143:2: warning:ignoring return value of ‘system’, declared with attribute warn_unused_result [-Wunused-result] 143 | system(test_script); | ^~~~~~~~~~~~~~~~~~~ Add code that fix compilation warning about ignoring return value and handles any errors; Check return value of library`s API make the code more secure. Signed-off-by: Jianlin Lv Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200806104224.95306-1-Jianlin.Lv@arm.com","tools/testing/selftests/bpf/prog_tests/send_signal.c | 18 ++++++++----------; .../selftests/bpf/prog_tests/stacktrace_build_id_nmi.c | 4 +++-; tools/testing/selftests/bpf/test_tcpnotify_user.c | 13 ++++++++++---; 3 files changed, 21 insertions(+), 14 deletions(-)","This commit addresses compilation warnings in BPF selftests by ensuring return values of functions are properly handled.","compilation,warnings,selftests","A bug fix. It primarily resolves a bug or issue in the code.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"6fc5916cc256b8e92cc7ad3b34cc4d2a7efa1d5c","6fc5916cc256b8e92cc7ad3b34cc4d2a7efa1d5c","Jiri Benc","jbenc@redhat.com","1596739199","Alexei Starovoitov","ast@kernel.org","1596758225","05c4d9d057a103a90177594ebb7258ecc0676061","0d360d64b01231cdb36e1936de889f308fd9317f","selftests: bpf: Switch off timeout Several bpf tests are interrupted by the default timeout of 45 seconds added by commit 852c8cbf34d3 (""selftests/kselftest/runner.sh: Add 45 second timeout per test""). In my case it was test_progs, test_tunnel.sh, test_lwt_ip_encap.sh and test_xdping.sh. There's not much value in having a timeout for bpf tests, switch it off. Signed-off-by: Jiri Benc Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/7a9198ed10917f4ecab4a3dd74bcda1200791efd.1596739059.git.jbenc@redhat.com","tools/testing/selftests/bpf/settings | 1 +; 1 file changed, 1 insertion(+)","The commit disables the timeout for certain BPF self-tests to prevent them from being interrupted prematurely.","bpf,selftests,timeout","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"0d360d64b01231cdb36e1936de889f308fd9317f","0d360d64b01231cdb36e1936de889f308fd9317f","Stanislav Fomichev","sdf@google.com","1596738372","Alexei Starovoitov","ast@kernel.org","1596757997","eb3b951c56f03ab30669639a1353db56620f1dc9","d48556f45608921fa07cb882f9dd15a8a1203427","bpf: Remove inline from bpf_do_trace_printk I get the following error during compilation on my side: kernel/trace/bpf_trace.c: In function 'bpf_do_trace_printk': kernel/trace/bpf_trace.c:386:34: error: function 'bpf_do_trace_printk' can never be inlined because it uses variable argument lists static inline __printf(1, 0) int bpf_do_trace_printk(const char *fmt, ...) ^ Fixes: ac5a72ea5c89 (""bpf: Use dedicated bpf_trace_printk event instead of trace_printk()"") Signed-off-by: Stanislav Fomichev Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200806182612.1390883-1-sdf@google.com","kernel/trace/bpf_trace.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","The commit removes the inline keyword from bpf_do_trace_printk to resolve a compilation error due to variable argument lists.","inline,compiler,error","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.']" +"d48556f45608921fa07cb882f9dd15a8a1203427","d48556f45608921fa07cb882f9dd15a8a1203427","Stanislav Fomichev","sdf@google.com","1596729145","Alexei Starovoitov","ast@kernel.org","1596757871","278c01d582231b446dfcf78f61927a6f9b59681e","932ac54a3e59335a847f7682b5124a788ab3c798","bpf: Add missing return to resolve_btfids int sets_patch(struct object *obj) doesn't have a 'return 0' at the end. Fixes: fbbb68de80a4 (""bpf: Add resolve_btfids tool to resolve BTF IDs in ELF object"") Signed-off-by: Stanislav Fomichev Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200806155225.637202-1-sdf@google.com","tools/bpf/resolve_btfids/main.c | 1 +; 1 file changed, 1 insertion(+)","Fixes missing return statement in resolve_btfids tool code.","bpf, resolve_btfids, return","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"932ac54a3e59335a847f7682b5124a788ab3c798","932ac54a3e59335a847f7682b5124a788ab3c798","Daniel T. Lee","danieltimlee@gmail.com","1596666839","Alexei Starovoitov","ast@kernel.org","1596757620","6e3d312032e3716fed044334c235458d93d79bab","0ac10dc1888cd1a8b994f32b51f0eaeba1e803ef","libbf: Fix uninitialized pointer at btf__parse_raw() Recently, from commit 94a1fedd63ed (""libbpf: Add btf__parse_raw() and generic btf__parse() APIs""), new API has been added to libbpf that allows to parse BTF from raw data file (btf__parse_raw()). The commit derives build failure of samples/bpf due to improper access of uninitialized pointer at btf_parse_raw(). btf.c: In function btf__parse_raw: btf.c:625:28: error: btf may be used uninitialized in this function 625 | return err ? ERR_PTR(err) : btf; | ~~~~~~~~~~~~~~~~~~~^~~~~ This commit fixes the build failure of samples/bpf by adding code of initializing btf pointer as NULL. Fixes: 94a1fedd63ed (""libbpf: Add btf__parse_raw() and generic btf__parse() APIs"") Signed-off-by: Daniel T. Lee Signed-off-by: Alexei Starovoitov Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200805223359.32109-1-danieltimlee@gmail.com","tools/lib/bpf/btf.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","This commit addresses a build failure in libbpf by initializing a previously uninitialized pointer in btf__parse_raw().","libbpf,build,fix","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"0ac10dc1888cd1a8b994f32b51f0eaeba1e803ef","0ac10dc1888cd1a8b994f32b51f0eaeba1e803ef","Alexei Starovoitov","ast@kernel.org","1596757154","Alexei Starovoitov","ast@kernel.org","1596757159","89c462f3b9f1fa1ea8e5d22f67d2f21fbf2766e1","6bcaf41f9613278cd5897fc80ab93033bda8efaa 74fc097de327b37e8fe3ff580ce7ffaa7c1740dd","Merge branch 'bpf_iter-uapi-fix' Yonghong Song says: ==================== Andrii raised a concern that current uapi for bpf iterator map element is a little restrictive and not suitable for future potential complex customization. This is a valid suggestion, considering people may indeed add more complex custimization to the iterator, e.g., cgroup_id + user_id, etc. for task or task_file. Another example might be map_id plus additional control so that the bpf iterator may bail out a bucket earlier if a bucket has too many elements which may hold lock too long and impact other parts of systems. Patch #1 modified uapi with kernel changes. Patch #2 adjusted libbpf api accordingly. Changelogs: v3 -> v4: . add a forward declaration of bpf_iter_link_info in tools/lib/bpf/bpf.h in case that libbpf is built against not-latest uapi bpf.h. . target the patch set to ""bpf"" instead of ""bpf-next"" v2 -> v3: . undo ""not reject iter_info.map.map_fd == 0"" from v1. In the future map_fd may become optional, so let us use map_fd == 0 indicating the map_fd is not set by user space. . add link_info_len to bpf_iter_attach_opts to ensure always correct link_info_len from user. Otherwise, libbpf may deduce incorrect link_info_len if it uses different uapi header than the user app. v1 -> v2: . ensure link_create target_fd/flags == 0 since they are not used. (Andrii) . if either of iter_info ptr == 0 or iter_info_len == 0, but not both, return error to user space. (Andrii) . do not reject iter_info.map.map_fd == 0, go ahead to use it trying to get a map reference since the map_fd is required for map_elem iterator. . use bpf_iter_link_info in bpf_iter_attach_opts instead of map_fd. this way, user space is responsible to set up bpf_iter_link_info and libbpf just passes the data to the kernel, simplifying libbpf design. (Andrii) ==================== Signed-off-by: Alexei Starovoitov ","","This commit merges changes to enhance the uapi for bpf iterator map element customization and updates libbpf accordingly.","uapi, iterator, customization","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"74fc097de327b37e8fe3ff580ce7ffaa7c1740dd","74fc097de327b37e8fe3ff580ce7ffaa7c1740dd","Yonghong Song","yhs@fb.com","1596606658","Alexei Starovoitov","ast@kernel.org","1596757154","89c462f3b9f1fa1ea8e5d22f67d2f21fbf2766e1","5e7b30205cef80f6bb922e61834437ca7bff5837","tools/bpf: Support new uapi for map element bpf iterator Previous commit adjusted kernel uapi for map element bpf iterator. This patch adjusted libbpf API due to uapi change. bpftool and bpf_iter selftests are also changed accordingly. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200805055058.1457623-1-yhs@fb.com","tools/bpf/bpftool/iter.c | 9 +++--; tools/include/uapi/linux/bpf.h | 15 +++++----; tools/lib/bpf/bpf.c | 3 ++; tools/lib/bpf/bpf.h | 5 ++-; tools/lib/bpf/libbpf.c | 6 ++--; tools/lib/bpf/libbpf.h | 5 +--; tools/testing/selftests/bpf/prog_tests/bpf_iter.c | 40 ++++++++++++++++++-----; 7 files changed, 58 insertions(+), 25 deletions(-)","This commit updates libbpf, bpftool, and selftests to align with new uapi changes for map element bpf iterator.","libbpf,uapi,iterator","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"5e7b30205cef80f6bb922e61834437ca7bff5837","5e7b30205cef80f6bb922e61834437ca7bff5837","Yonghong Song","yhs@fb.com","1596606656","Alexei Starovoitov","ast@kernel.org","1596757154","801934cf852ef6e5574ad7e489d299ead055b939","6bcaf41f9613278cd5897fc80ab93033bda8efaa","bpf: Change uapi for bpf iterator map elements Commit a5cbe05a6673 (""bpf: Implement bpf iterator for map elements"") added bpf iterator support for map elements. The map element bpf iterator requires info to identify a particular map. In the above commit, the attr->link_create.target_fd is used to carry map_fd and an enum bpf_iter_link_info is added to uapi to specify the target_fd actually representing a map_fd: enum bpf_iter_link_info { BPF_ITER_LINK_UNSPEC = 0, BPF_ITER_LINK_MAP_FD = 1, MAX_BPF_ITER_LINK_INFO, }; This is an extensible approach as we can grow enumerator for pid, cgroup_id, etc. and we can unionize target_fd for pid, cgroup_id, etc. But in the future, there are chances that more complex customization may happen, e.g., for tasks, it could be filtered based on both cgroup_id and user_id. This patch changed the uapi to have fields __aligned_u64 iter_info; __u32 iter_info_len; for additional iter_info for link_create. The iter_info is defined as union bpf_iter_link_info { struct { __u32 map_fd; } map; }; So future extension for additional customization will be easier. The bpf_iter_link_info will be passed to target callback to validate and generic bpf_iter framework does not need to deal it any more. Note that map_fd = 0 will be considered invalid and -EBADF will be returned to user space. Fixes: a5cbe05a6673 (""bpf: Implement bpf iterator for map elements"") Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200805055056.1457463-1-yhs@fb.com","include/linux/bpf.h | 10 ++++----; include/uapi/linux/bpf.h | 15 ++++++------; kernel/bpf/bpf_iter.c | 58 +++++++++++++++++++++++------------------------; kernel/bpf/map_iter.c | 37 +++++++++++++++++++++++-------; kernel/bpf/syscall.c | 2 +-; net/core/bpf_sk_storage.c | 37 +++++++++++++++++++++++-------; 6 files changed, 102 insertions(+), 57 deletions(-)","This commit updates the user API for bpf iterators to allow extensible future enhancements using iter_info.","bpf, iterator, iter_info","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"6bcaf41f9613278cd5897fc80ab93033bda8efaa","6bcaf41f9613278cd5897fc80ab93033bda8efaa","Andrii Nakryiko","andriin@fb.com","1596588477","Alexei Starovoitov","ast@kernel.org","1596757061","ad2b612cea54be484325839b8e0451c712a8e68b","8912fd6a61d7474ea9b43be93f136034d28868d5","selftests/bpf: Prevent runqslower from racing on building bpftool runqslower's Makefile is building/installing bpftool into $(OUTPUT)/sbin/bpftool, which coincides with $(DEFAULT_BPFTOOL). In practice this means that often when building selftests from scratch (after `make clean`), selftests are racing with runqslower to simultaneously build bpftool and one of the two processes fail due to file being busy. Prevent this race by explicitly order-depending on $(BPFTOOL_DEFAULT). Fixes: a2c9652f751e (""selftests: Refactor build to remove tools/lib/bpf from include path"") Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200805004757.2960750-1-andriin@fb.com","tools/testing/selftests/bpf/Makefile | 5 +++--; 1 file changed, 3 insertions(+), 2 deletions(-)","The commit updates the Makefile to prevent race conditions during bpftool build in selftests.","selftests, bpftool, Makefile","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"d1e325cf40fec5fec9b18aa2b537de7e3680ef6c","d1e325cf40fec5fec9b18aa2b537de7e3680ef6c","Jiri Olsa","jolsa@kernel.org","1596620080","Arnaldo Carvalho de Melo","acme@redhat.com","1596717306","f9a37becba77944805878464849b1f4de698316e","cc3365bbd07c26aa2e4c7435068292e03116d4e7","perf header: Store clock references for -k/--clockid option Add a new CLOCK_DATA feature that stores reference times when -k/--clockid option is specified. It contains the clock id and its reference time together with wall clock time taken at the 'same time', both values are in nanoseconds. The format of data is as below: struct { u32 version; /* version = 1 */ u32 clockid; u64 wall_clock_ns; u64 clockid_time_ns; }; This clock reference times will be used in following changes to display wall clock for perf events. It's available only for recording with clockid specified, because it's the only case where we can get reference time to wallclock time. It's can't do that with perf clock yet. Committer testing: $ perf record -h -k Usage: perf record [] [] or: perf record [] -- [] -k, --clockid clockid to use for events, see clock_gettime() $ perf record -k monotonic sleep 1 [ perf record: Woken up 1 times to write data ] [ perf record: Captured and wrote 0.017 MB perf.data (8 samples) ] $ perf report --header-only | grep clockid -A1 # event : name = cycles:u, , id = { 88815, 88816, 88817, 88818, 88819, 88820, 88821, 88822 }, size = 120, { sample_period, sample_freq } = 4000, sample_type = IP|TID|TIME|PERIOD, read_format = ID, disabled = 1, inherit = 1, exclude_kernel = 1, mmap = 1, comm = 1, freq = 1, enable_on_exec = 1, task = 1, precise_ip = 3, sample_id_all = 1, exclude_guest = 1, mmap2 = 1, comm_exec = 1, use_clockid = 1, ksymbol = 1, bpf_event = 1, clockid = 1 # CPU_TOPOLOGY info available, use -I to display -- # clockid frequency: 1000 MHz # cpu pmu capabilities: branches=32, max_precise=3, pmu_name=skylake # clockid: monotonic (1) # reference time: 2020-08-06 09:40:21.619290 = 1596717621.619290 (TOD) = 21931.077673635 (monotonic) $ Original-patch-by: David Ahern Signed-off-by: Jiri Olsa Tested-by: Arnaldo Carvalho de Melo Cc: Alexander Shishkin Cc: Andi Kleen Cc: David Ahern Cc: Geneviève Bastien Cc: Ian Rogers Cc: Jeremie Galarneau Cc: Michael Petlan Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Wang Nan Link: http://lore.kernel.org/lkml/20200805093444.314999-4-jolsa@kernel.org Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/Documentation/perf.data-file-format.txt | 13 +++; tools/perf/builtin-record.c | 41 ++++++++; tools/perf/util/env.h | 12 +++; tools/perf/util/header.c | 113 +++++++++++++++++++++; tools/perf/util/header.h | 1 +; 5 files changed, 180 insertions(+)","The commit introduces a CLOCK_DATA feature to store clock references for the perf tool's -k/--clockid option.","clockid, CLOCK_DATA, perf","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"47ec5303d73ea344e84f46660fff693c57641386","47ec5303d73ea344e84f46660fff693c57641386","Linus Torvalds","torvalds@linux-foundation.org","1596683601","Linus Torvalds","torvalds@linux-foundation.org","1596683601","a2252debab749de29620c43285295d60c4741119","8186749621ed6b8fc42644c399e8c755a2b6f630 c1055b76ad00aed0e8b79417080f212d736246b6","Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next Pull networking updates from David Miller: 1) Support 6Ghz band in ath11k driver, from Rajkumar Manoharan. 2) Support UDP segmentation in code TSO code, from Eric Dumazet. 3) Allow flashing different flash images in cxgb4 driver, from Vishal Kulkarni. 4) Add drop frames counter and flow status to tc flower offloading, from Po Liu. 5) Support n-tuple filters in cxgb4, from Vishal Kulkarni. 6) Various new indirect call avoidance, from Eric Dumazet and Brian Vazquez. 7) Fix BPF verifier failures on 32-bit pointer arithmetic, from Yonghong Song. 8) Support querying and setting hardware address of a port function via devlink, use this in mlx5, from Parav Pandit. 9) Support hw ipsec offload on bonding slaves, from Jarod Wilson. 10) Switch qca8k driver over to phylink, from Jonathan McDowell. 11) In bpftool, show list of processes holding BPF FD references to maps, programs, links, and btf objects. From Andrii Nakryiko. 12) Several conversions over to generic power management, from Vaibhav Gupta. 13) Add support for SO_KEEPALIVE et al. to bpf_setsockopt(), from Dmitry Yakunin. 14) Various https url conversions, from Alexander A. Klimov. 15) Timestamping and PHC support for mscc PHY driver, from Antoine Tenart. 16) Support bpf iterating over tcp and udp sockets, from Yonghong Song. 17) Support 5GBASE-T i40e NICs, from Aleksandr Loktionov. 18) Add kTLS RX HW offload support to mlx5e, from Tariq Toukan. 19) Fix the ->ndo_start_xmit() return type to be netdev_tx_t in several drivers. From Luc Van Oostenryck. 20) XDP support for xen-netfront, from Denis Kirjanov. 21) Support receive buffer autotuning in MPTCP, from Florian Westphal. 22) Support EF100 chip in sfc driver, from Edward Cree. 23) Add XDP support to mvpp2 driver, from Matteo Croce. 24) Support MPTCP in sock_diag, from Paolo Abeni. 25) Commonize UDP tunnel offloading code by creating udp_tunnel_nic infrastructure, from Jakub Kicinski. 26) Several pci_ --> dma_ API conversions, from Christophe JAILLET. 27) Add FLOW_ACTION_POLICE support to mlxsw, from Ido Schimmel. 28) Add SK_LOOKUP bpf program type, from Jakub Sitnicki. 29) Refactor a lot of networking socket option handling code in order to avoid set_fs() calls, from Christoph Hellwig. 30) Add rfc4884 support to icmp code, from Willem de Bruijn. 31) Support TBF offload in dpaa2-eth driver, from Ioana Ciornei. 32) Support XDP_REDIRECT in qede driver, from Alexander Lobakin. 33) Support PCI relaxed ordering in mlx5 driver, from Aya Levin. 34) Support TCP syncookies in MPTCP, from Flowian Westphal. 35) Fix several tricky cases of PMTU handling wrt. briding, from Stefano Brivio. * git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next: (2056 commits) net: thunderx: initialize VF's mailbox mutex before first usage usb: hso: remove bogus check for EINPROGRESS usb: hso: no complaint about kmalloc failure hso: fix bailout in error case of probe ip_tunnel_core: Fix build for archs without _HAVE_ARCH_IPV6_CSUM selftests/net: relax cpu affinity requirement in msg_zerocopy test mptcp: be careful on subflow creation selftests: rtnetlink: make kci_test_encap() return sub-test result selftests: rtnetlink: correct the final return value for the test net: dsa: sja1105: use detected device id instead of DT one on mismatch tipc: set ub->ifindex for local ipv6 address ipv6: add ipv6_dev_find() net: openvswitch: silence suspicious RCU usage warning Revert ""vxlan: fix tos value before xmit"" ptp: only allow phase values lower than 1 period farsync: switch from 'pci_' to 'dma_' API wan: wanxl: switch from 'pci_' to 'dma_' API hv_netvsc: do not use VF device if link is down dpaa2-eth: Fix passing zero to 'PTR_ERR' warning net: macb: Properly handle phylink on at91sam9x ...","","This commit merges networking updates, including enhancements to drivers, BPF features, and various networking functionalities.","networking, drivers, BPF","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"3950e975431bc914f7e81b8f2a2dbdf2064acb0f","3950e975431bc914f7e81b8f2a2dbdf2064acb0f","Linus Torvalds","torvalds@linux-foundation.org","1596576445","Linus Torvalds","torvalds@linux-foundation.org","1596576445","32adad006224780b83a23201f97368fb45bd4354","fd76a74d940ae3d6b8b2395cd12914630c7e1739 7fce69dff8db30cb93aace0bbebda09972027af7","Merge branch 'exec-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace Pull execve updates from Eric Biederman: ""During the development of v5.7 I ran into bugs and quality of implementation issues related to exec that could not be easily fixed because of the way exec is implemented. So I have been diggin into exec and cleaning up what I can. This cycle I have been looking at different ideas and different implementations to see what is possible to improve exec, and cleaning the way exec interfaces with in kernel users. Only cleaning up the interfaces of exec with rest of the kernel has managed to stabalize and make it through review in time for v5.9-rc1 resulting in 2 sets of changes this cycle. - Implement kernel_execve - Make the user mode driver code a better citizen With kernel_execve the code size got a little larger as the copying of parameters from userspace and copying of parameters from userspace is now separate. The good news is kernel threads no longer need to play games with set_fs to use exec. Which when combined with the rest of Christophs set_fs changes should security bugs with set_fs much more difficult"" * 'exec-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace: (23 commits) exec: Implement kernel_execve exec: Factor bprm_stack_limits out of prepare_arg_pages exec: Factor bprm_execve out of do_execve_common exec: Move bprm_mm_init into alloc_bprm exec: Move initialization of bprm->filename into alloc_bprm exec: Factor out alloc_bprm exec: Remove unnecessary spaces from binfmts.h umd: Stop using split_argv umd: Remove exit_umh bpfilter: Take advantage of the facilities of struct pid exit: Factor thread_group_exited out of pidfd_poll umd: Track user space drivers with struct pid bpfilter: Move bpfilter_umh back into init data exec: Remove do_execve_file umh: Stop calling do_execve_file umd: Transform fork_usermode_blob into fork_usermode_driver umd: Rename umd_info.cmdline umd_info.driver_name umd: For clarity rename umh_info umd_info umh: Separate the user mode driver and the user mode helper support umh: Remove call_usermodehelper_setup_file. ...","","This commit merges execve updates focusing on improving implementation quality and interface stability in the Linux kernel.","execve,updates,quality","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"2e7199bd773bff3220184d071ed9c9cd34950e51","2e7199bd773bff3220184d071ed9c9cd34950e51","David S. Miller","davem@davemloft.net","1596504460","David S. Miller","davem@davemloft.net","1596504460","37d2bee56e5687f8f50c60dee7c9767c7fe77770","76769c38b45d94f5492ff9be363ac7007fd8e58b 21594c44083c375697d418729c4b2e4522cf9f70","Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next Daniel Borkmann says: ==================== pull-request: bpf-next 2020-08-04 The following pull-request contains BPF updates for your *net-next* tree. We've added 73 non-merge commits during the last 9 day(s) which contain a total of 135 files changed, 4603 insertions(+), 1013 deletions(-). The main changes are: 1) Implement bpf_link support for XDP. Also add LINK_DETACH operation for the BPF syscall allowing processes with BPF link FD to force-detach, from Andrii Nakryiko. 2) Add BPF iterator for map elements and to iterate all BPF programs for efficient in-kernel inspection, from Yonghong Song and Alexei Starovoitov. 3) Separate bpf_get_{stack,stackid}() helpers for perf events in BPF to avoid unwinder errors, from Song Liu. 4) Allow cgroup local storage map to be shared between programs on the same cgroup. Also extend BPF selftests with coverage, from YiFei Zhu. 5) Add BPF exception tables to ARM64 JIT in order to be able to JIT BPF_PROBE_MEM load instructions, from Jean-Philippe Brucker. 6) Follow-up fixes on BPF socket lookup in combination with reuseport group handling. Also add related BPF selftests, from Jakub Sitnicki. 7) Allow to use socket storage in BPF_PROG_TYPE_CGROUP_SOCK-typed programs for socket create/release as well as bind functions, from Stanislav Fomichev. 8) Fix an info leak in xsk_getsockopt() when retrieving XDP stats via old struct xdp_statistics, from Peilin Ye. 9) Fix PT_REGS_RC{,_CORE}() macros in libbpf for MIPS arch, from Jerry Crunchtime. 10) Extend BPF kernel test infra with skb->family and skb->{local,remote}_ip{4,6} fields and allow user space to specify skb->dev via ifindex, from Dmitry Yakunin. 11) Fix a bpftool segfault due to missing program type name and make it more robust to prevent them in future gaps, from Quentin Monnet. 12) Consolidate cgroup helper functions across selftests and fix a v6 localhost resolver issue, from John Fastabend. ==================== Signed-off-by: David S. Miller ","","This commit merges bpf-next changes into the net-next tree, including numerous eBPF-related updates and enhancements.","merge,bpf-next,eBPF","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"21594c44083c375697d418729c4b2e4522cf9f70","21594c44083c375697d418729c4b2e4522cf9f70","Dmitry Yakunin","zeil@yandex-team.ru","1596445545","Daniel Borkmann","daniel@iogearbox.net","1596490343","44983546541e5292a69e16c4b3f4f94180b9e0e4","fa5cb548ced61b9d3095f32f8a7e427a248c65ee","bpf: Allow to specify ifindex for skb in bpf_prog_test_run_skb Now skb->dev is unconditionally set to the loopback device in current net namespace. But if we want to test bpf program which contains code branch based on ifindex condition (eg filters out localhost packets) it is useful to allow specifying of ifindex from userspace. This patch adds such option through ctx_in (__sk_buff) parameter. Signed-off-by: Dmitry Yakunin Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200803090545.82046-3-zeil@yandex-team.ru","net/bpf/test_run.c | 22 ++++++++++++++++++++--; tools/testing/selftests/bpf/prog_tests/skb_ctx.c | 5 +++++; 2 files changed, 25 insertions(+), 2 deletions(-)","The commit enables specifying ifindex for SKBs in bpf_prog_test_run_skb for testing code branches based on ifindex conditions.","ifindex,skb,test","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"fa5cb548ced61b9d3095f32f8a7e427a248c65ee","fa5cb548ced61b9d3095f32f8a7e427a248c65ee","Dmitry Yakunin","zeil@yandex-team.ru","1596445544","Daniel Borkmann","daniel@iogearbox.net","1596490319","04e21e7068cb009498667e619e213bb90ebea164","cfa3eb65a7d6da5664d4c9275fbb568a2446d6d9","bpf: Setup socket family and addresses in bpf_prog_test_run_skb Now it's impossible to test all branches of cgroup_skb bpf program which accesses skb->family and skb->{local,remote}_ip{4,6} fields because they are zeroed during socket allocation. This commit fills socket family and addresses from related fields in constructed skb. Signed-off-by: Dmitry Yakunin Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200803090545.82046-2-zeil@yandex-team.ru","net/bpf/test_run.c | 21 +++++++++++++++++++++; 1 file changed, 21 insertions(+)","This commit sets up socket family and addresses in bpf_prog_test_run_skb to enable testing all branches of cgroup_skb bpf programs.","socket,addresses,bpf","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"45365a06aa305c9eca1cbf48aef48a7a0cea3b4e","45365a06aa305c9eca1cbf48aef48a7a0cea3b4e","Linus Torvalds","torvalds@linux-foundation.org","1596488290","Linus Torvalds","torvalds@linux-foundation.org","1596488290","aa3e1cdbe77aab1ac5f16cbaaa8ed9147df82efe","cdc8fcb49905c0b67e355e027cb462ee168ffaa3 9a996c67a65d937b23408e56935ef23404c9418e","Merge tag 's390-5.9-1' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux Pull s390 updates from Heiko Carstens: - Add support for function error injection. - Add support for custom exception handlers, as required by BPF_PROBE_MEM. - Add support for BPF_PROBE_MEM. - Add trace events for idle enter / exit for the s390 specific idle implementation. - Remove unused zcore memmmap device. - Remove unused ""raw view"" from s390 debug feature. - AP bus + zcrypt device driver code refactoring. - Provide cex4 cca sysfs attributes for cex3 for zcrypt device driver. - Expose only minimal interface to walk physmem for mm/memblock. This is a common code change and it has been agreed on with Mike Rapoport and Andrew Morton that this can go upstream via the s390 tree. - Rework of the s390 vmem/vmmemap code to allow for future memory hot remove. - Get rid of FORCE_MAX_ZONEORDER to finally allow for order-10 allocations again, instead of only order-8 allocations. - Various small improvements and fixes. * tag 's390-5.9-1' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux: (48 commits) s390/vmemmap: coding style updates s390/vmemmap: avoid memset(PAGE_UNUSED) when adding consecutive sections s390/vmemmap: remember unused sub-pmd ranges s390/vmemmap: fallback to PTEs if mapping large PMD fails s390/vmem: cleanup empty page tables s390/vmemmap: take the vmem_mutex when populating/freeing s390/vmemmap: cleanup when vmemmap_populate() fails s390/vmemmap: extend modify_pagetable() to handle vmemmap s390/vmem: consolidate vmem_add_range() and vmem_remove_range() s390/vmem: rename vmem_add_mem() to vmem_add_range() s390: enable HAVE_FUNCTION_ERROR_INJECTION s390/pci: clarify comment in s390_mmio_read/write s390/time: improve comparison for tod steering s390/time: select CLOCKSOURCE_VALIDATE_LAST_CYCLE s390/time: use CLOCKSOURCE_MASK s390/bpf: implement BPF_PROBE_MEM s390/kernel: expand exception table logic to allow new handling options s390/kernel: unify EX_TABLE* implementations s390/mm: allow order 10 allocations s390/mm: avoid trimming to MAX_ORDER ...","","The commit merges updates for the s390 architecture, including support for BPF_PROBE_MEM and various improvements.","s390,merge,BPF_PROBE_MEM","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"0cb2f1372baa60af8456388a574af6133edd7d80","0cb2f1372baa60af8456388a574af6133edd7d80","Muchun Song","songmuchun@bytedance.com","1595918736","Steven Rostedt (VMware)","rostedt@goodmis.org","1596485694","08401eff6184681cd7f3b268b950591e5f8111f7","c58b6b0372de0d4cd0536d6585addd1b36b151ae","kprobes: Fix NULL pointer dereference at kprobe_ftrace_handler We found a case of kernel panic on our server. The stack trace is as follows(omit some irrelevant information): BUG: kernel NULL pointer dereference, address: 0000000000000080 RIP: 0010:kprobe_ftrace_handler+0x5e/0xe0 RSP: 0018:ffffb512c6550998 EFLAGS: 00010282 RAX: 0000000000000000 RBX: ffff8e9d16eea018 RCX: 0000000000000000 RDX: ffffffffbe1179c0 RSI: ffffffffc0535564 RDI: ffffffffc0534ec0 RBP: ffffffffc0534ec1 R08: ffff8e9d1bbb0f00 R09: 0000000000000004 R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 R13: ffff8e9d1f797060 R14: 000000000000bacc R15: ffff8e9ce13eca00 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000000080 CR3: 00000008453d0005 CR4: 00000000003606e0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: ftrace_ops_assist_func+0x56/0xe0 ftrace_call+0x5/0x34 tcpa_statistic_send+0x5/0x130 [ttcp_engine] The tcpa_statistic_send is the function being kprobed. After analysis, the root cause is that the fourth parameter regs of kprobe_ftrace_handler is NULL. Why regs is NULL? We use the crash tool to analyze the kdump. crash> dis tcpa_statistic_send -r : callq 0xffffffffbd8018c0 The tcpa_statistic_send calls ftrace_caller instead of ftrace_regs_caller. So it is reasonable that the fourth parameter regs of kprobe_ftrace_handler is NULL. In theory, we should call the ftrace_regs_caller instead of the ftrace_caller. After in-depth analysis, we found a reproducible path. Writing a simple kernel module which starts a periodic timer. The timer's handler is named 'kprobe_test_timer_handler'. The module name is kprobe_test.ko. 1) insmod kprobe_test.ko 2) bpftrace -e 'kretprobe:kprobe_test_timer_handler {}' 3) echo 0 > /proc/sys/kernel/ftrace_enabled 4) rmmod kprobe_test 5) stop step 2) kprobe 6) insmod kprobe_test.ko 7) bpftrace -e 'kretprobe:kprobe_test_timer_handler {}' We mark the kprobe as GONE but not disarm the kprobe in the step 4). The step 5) also do not disarm the kprobe when unregister kprobe. So we do not remove the ip from the filter. In this case, when the module loads again in the step 6), we will replace the code to ftrace_caller via the ftrace_module_enable(). When we register kprobe again, we will not replace ftrace_caller to ftrace_regs_caller because the ftrace is disabled in the step 3). So the step 7) will trigger kernel panic. Fix this problem by disarming the kprobe when the module is going away. Link: https://lkml.kernel.org/r/20200728064536.24405-1-songmuchun@bytedance.com Cc: stable@vger.kernel.org Fixes: ae6aa16fdc16 (""kprobes: introduce ftrace based optimization"") Acked-by: Masami Hiramatsu Signed-off-by: Muchun Song Co-developed-by: Chengming Zhou Signed-off-by: Chengming Zhou Signed-off-by: Steven Rostedt (VMware) ","kernel/kprobes.c | 7 +++++++; 1 file changed, 7 insertions(+)","Fixes a NULL pointer dereference issue in kprobe_ftrace_handler by ensuring kprobes disarm when the module is removed.","kprobes,NULL pointer,disarm","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['kprobe/ftrace like type kernel dynamic probe programs. It affects kernel-level probes used for tracing kernel functions. It can be other kernel probes in perf-events.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"cfa3eb65a7d6da5664d4c9275fbb568a2446d6d9","cfa3eb65a7d6da5664d4c9275fbb568a2446d6d9","Daniel Borkmann","daniel@iogearbox.net","1596465588","Daniel Borkmann","daniel@iogearbox.net","1596465591","6a78a898df8a336f40e0be88bc95bf1eaffea155","041549b7b2c7811ec40e705c439211f00ade2dda f86ca3cffef153555a3f4755b3a44881d962754f","Merge branch 'bpf-libbpf-btf-parsing' Andrii Nakryiko says: ==================== It's pretty common for applications to want to parse raw (binary) BTF data from file, as opposed to parsing it from ELF sections. It's also pretty common for tools to not care whether given file is ELF or raw BTF format. This patch series exposes internal raw BTF parsing API and adds generic variant of BTF parsing, which will efficiently determine the format of a given fail and will parse BTF appropriately. Patches #2 and #3 removes re-implementations of such APIs from bpftool and resolve_btfids tools. ==================== Signed-off-by: Daniel Borkmann ","","This commit merges changes to enhance BTF parsing capabilities in the libbpf library and associated tools.","BTF, parsing, libbpf","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"f86ca3cffef153555a3f4755b3a44881d962754f","f86ca3cffef153555a3f4755b3a44881d962754f","Andrii Nakryiko","andriin@fb.com","1596331939","Daniel Borkmann","daniel@iogearbox.net","1596465588","6a78a898df8a336f40e0be88bc95bf1eaffea155","8526df04570f5698c97ac661ad1f2f35293557a7","tools/resolve_btfids: Use libbpf's btf__parse() API Instead of re-implementing generic BTF parsing logic, use libbpf's API. Also add .gitignore for resolve_btfids's build artifacts. Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200802013219.864880-4-andriin@fb.com","tools/bpf/resolve_btfids/.gitignore | 4 +++; tools/bpf/resolve_btfids/main.c | 58 +------------------------------------; 2 files changed, 5 insertions(+), 57 deletions(-)","The commit updates the resolve_btfids tool to use libbpf's BTF parsing API, enhancing efficiency and maintainability.","libbpf,BTF,refactor","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"8526df04570f5698c97ac661ad1f2f35293557a7","8526df04570f5698c97ac661ad1f2f35293557a7","Andrii Nakryiko","andriin@fb.com","1596331938","Daniel Borkmann","daniel@iogearbox.net","1596465588","8f37ce4091a464062dc007399b41868ece56eff2","94a1fedd63edb672933bef44ca9213937e377c05","tools/bpftool: Use libbpf's btf__parse() API for parsing BTF from file Use generic libbpf API to parse BTF data from file, instead of re-implementing it in bpftool. Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200802013219.864880-3-andriin@fb.com","tools/bpf/bpftool/btf.c | 54 +------------------------------------------------; 1 file changed, 1 insertion(+), 53 deletions(-)","The commit updates bpftool to utilize libbpf's BTF parsing API instead of custom implementation.","bpftool,libbpf,BTF","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"94a1fedd63edb672933bef44ca9213937e377c05","94a1fedd63edb672933bef44ca9213937e377c05","Andrii Nakryiko","andriin@fb.com","1596331937","Daniel Borkmann","daniel@iogearbox.net","1596465588","819907a5a52a2fd723e3995302aa002e6d9fcef4","041549b7b2c7811ec40e705c439211f00ade2dda","libbpf: Add btf__parse_raw() and generic btf__parse() APIs Add public APIs to parse BTF from raw data file (e.g., /sys/kernel/btf/vmlinux), as well as generic btf__parse(), which will try to determine correct format, currently either raw or ELF. Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200802013219.864880-2-andriin@fb.com","tools/lib/bpf/btf.c | 114 ++++++++++++++++++++++++++++++++---------------; tools/lib/bpf/btf.h | 5 ++-; tools/lib/bpf/libbpf.map | 2 +; 3 files changed, 83 insertions(+), 38 deletions(-)","Introduced new APIs in libbpf for parsing BTF data from raw and ELF formatted files.","libbpf,BTF,APIs","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"041549b7b2c7811ec40e705c439211f00ade2dda","041549b7b2c7811ec40e705c439211f00ade2dda","Tianjia Zhang","tianjia.zhang@linux.alibaba.com","1596366940","Daniel Borkmann","daniel@iogearbox.net","1596465078","a055ff76cd9382915f32b7e38abfdff78cb7954c","a278f3d8191228212c553a5d4303fa603214b717","tools, bpftool: Fix wrong return value in do_dump() In case of btf_id does not exist, a negative error code -ENOENT should be returned. Fixes: c93cc69004df3 (""bpftool: add ability to dump BTF types"") Signed-off-by: Tianjia Zhang Signed-off-by: Daniel Borkmann Reviewed-by: Tobias Klauser Acked-by: Andrii Nakryiko Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200802111540.5384-1-tianjia.zhang@linux.alibaba.com","tools/bpf/bpftool/btf.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Fixes incorrect return value in bpftool do_dump() function when btf_id is missing.","bpftool, btf_id, do_dump","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"a278f3d8191228212c553a5d4303fa603214b717","a278f3d8191228212c553a5d4303fa603214b717","Andrii Nakryiko","andriin@fb.com","1596163364","Daniel Borkmann","daniel@iogearbox.net","1596464140","4c5ba1ba7722c3858ad4d4c90f7a1e4e01c5a5cf","b5cc46cdff76cdfe2cb45ab2636d847efb1012cc","tools, build: Propagate build failures from tools/build/Makefile.build The '&&' command seems to have a bad effect when $(cmd_$(1)) exits with non-zero effect: the command failure is masked (despite `set -e`) and all but the first command of $(dep-cmd) is executed (successfully, as they are mostly printfs), thus overall returning 0 in the end. This means in practice that despite compilation errors, tools's build Makefile will return success. We see this very reliably with libbpf's Makefile, which doesn't get compilation error propagated properly. This in turns causes issues with selftests build, as well as bpftool and other projects that rely on building libbpf. The fix is simple: don't use &&. Given `set -e`, we don't need to chain commands with &&. The shell will exit on first failure, giving desired behavior and propagating error properly. Fixes: 275e2d95591e (""tools build: Move dependency copy into function"") Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Acked-by: Jiri Olsa Link: https://lore.kernel.org/bpf/20200731024244.872574-1-andriin@fb.com","tools/build/Build.include | 3 ++-; 1 file changed, 2 insertions(+), 1 deletion(-)","This commit fixes the tools build Makefile to properly propagate build errors by removing '&&'.","build, Makefile, errors","A build system or CI/CD change. It affects the build process continuous integration or deployment pipelines.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"bd0b33b24897ba9ddad221e8ac5b6f0e38a2e004","bd0b33b24897ba9ddad221e8ac5b6f0e38a2e004","David S. Miller","davem@davemloft.net","1596355332","David S. Miller","davem@davemloft.net","1596355332","3f03062a9e759dba7b09df0feccbb58b8f7ab4cc","7126bd5c8bcbc015cf89864cf71d750e8f33f924 ac3a0c8472969a03c0496ae774b3a29eb26c8d5a","Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net Resolved kernel/bpf/btf.c using instructions from merge commit 69138b34a7248d2396ab85c8652e20c0c39beaba Signed-off-by: David S. Miller ","","This commit merges updates from the netdev branch into the Linux kernel, resolving BTF conflicts.","merge, netdev, BTF","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"b5cc46cdff76cdfe2cb45ab2636d847efb1012cc","b5cc46cdff76cdfe2cb45ab2636d847efb1012cc","Andrii Nakryiko","andriin@fb.com","1596228597","Alexei Starovoitov","ast@kernel.org","1596348642","0ffeb2e274d95724b100c61ae7d1a9770a7ef259","5a6b1a206d1f399c9ea19173bd9a945a657f1fbf","selftests/bpf: Fix spurious test failures in core_retro selftest core_retro selftest uses BPF program that's triggered on sys_enter system-wide, but has no protection from some unrelated process doing syscall while selftest is running. This leads to occasional test failures with unexpected PIDs being returned. Fix that by filtering out all processes that are not test_progs process. Fixes: fcda189a5133 (""selftests/bpf: Add test relying only on CO-RE and no recent kernel features"") Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200731204957.2047119-1-andriin@fb.com","tools/testing/selftests/bpf/prog_tests/core_retro.c | 8 ++++++--; tools/testing/selftests/bpf/progs/test_core_retro.c | 13 +++++++++++++; 2 files changed, 19 insertions(+), 2 deletions(-)","Fixes spurious test failures in core_retro selftest by filtering out unrelated processes during execution.","selftests, core_retro, filtering","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"5a6b1a206d1f399c9ea19173bd9a945a657f1fbf","5a6b1a206d1f399c9ea19173bd9a945a657f1fbf","Alexei Starovoitov","ast@kernel.org","1596339509","Alexei Starovoitov","ast@kernel.org","1596339539","585f89dd1a8b3bc02ccf7c0a431ee424b1fd81de","4939b2847d26c025e2e2118744226967f239a1ac e85f99aa7760e74bb5a7e8515948f99c264a275f","Merge branch 'link_detach' Andrii Nakryiko says: ==================== This patch set adds new BPF link operation, LINK_DETACH, allowing processes with BPF link FD to force-detach it from respective BPF hook, similarly how BPF link is auto-detached when such BPF hook (e.g., cgroup, net_device, netns, etc) is removed. This facility allows admin to forcefully undo BPF link attachment, while process that created BPF link in the first place is left intact. Once force-detached, BPF link stays valid in the kernel as long as there is at least one FD open against it. It goes into defunct state, just like auto-detached BPF link. bpftool also got `link detach` command to allow triggering this in non-programmatic fashion. v1->v2: - improve error reporting in `bpftool link detach` (Song). ==================== Signed-off-by: Alexei Starovoitov ","","The commit introduces LINK_DETACH for BPF links and enhances bpftool with detachment capabilities.","LINK_DETACH BPF bpftool","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","I'm not sure about the implementation component of the commit. The component affected by It is unclear.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"e85f99aa7760e74bb5a7e8515948f99c264a275f","e85f99aa7760e74bb5a7e8515948f99c264a275f","Andrii Nakryiko","andriin@fb.com","1596220110","Alexei Starovoitov","ast@kernel.org","1596339509","585f89dd1a8b3bc02ccf7c0a431ee424b1fd81de","0e8c7c07f090668566db2030a027a360ffd00938","tools/bpftool: Add documentation and bash-completion for `link detach` Add info on link detach sub-command to man page. Add detach to bash-completion as well. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Acked-by: Song Liu Acked-by: John Fastabend Signed-off-by: Alexei Starovoitov Acked-by: Song Liu Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200731182830.286260-5-andriin@fb.com","tools/bpf/bpftool/link.c | 37 ++++++++++++++++++++++++++++++++++++-; 1 file changed, 36 insertions(+), 1 deletion(-)","The commit adds a new 'link detach' subcommand to the bpftool for detaching BPF links with improved error handling.","link detach, bpftool, error","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"90806ccc90bbd0150267a97ae4003269597a6a6c","90806ccc90bbd0150267a97ae4003269597a6a6c","Andrii Nakryiko","andriin@fb.com","1596220108","Alexei Starovoitov","ast@kernel.org","1596339508","9a3eb6b6cda28f4689509797816966e648cf84fb","2e49527e52486dac910460b1b3f6fce6e21c6b48","selftests/bpf: Add link detach tests for cgroup, netns, and xdp bpf_links Add bpf_link__detach() testing to selftests for cgroup, netns, and xdp bpf_links. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Acked-by: Song Liu Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200731182830.286260-4-andriin@fb.com",".../testing/selftests/bpf/prog_tests/cgroup_link.c | 20 ++++++++-; tools/testing/selftests/bpf/prog_tests/sk_lookup.c | 51 ++++++++++------------; tools/testing/selftests/bpf/prog_tests/xdp_link.c | 14 ++++++; tools/testing/selftests/bpf/testing_helpers.c | 14 ++++++; tools/testing/selftests/bpf/testing_helpers.h | 3 ++; 5 files changed, 73 insertions(+), 29 deletions(-)","The commit adds self-tests for bpf_link detach functionality for cgroup, netns, and xdp bpf links.","selftests, bpf_link, detach","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', 'cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"2e49527e52486dac910460b1b3f6fce6e21c6b48","2e49527e52486dac910460b1b3f6fce6e21c6b48","Andrii Nakryiko","andriin@fb.com","1596220107","Alexei Starovoitov","ast@kernel.org","1596339508","49e845274097de42bf2d254945120233936f196a","73b11c2ab072d5b0599d1e12cc126f55ee306daf","libbpf: Add bpf_link detach APIs Add low-level bpf_link_detach() API. Also add higher-level bpf_link__detach() one. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Acked-by: Song Liu Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200731182830.286260-3-andriin@fb.com","tools/include/uapi/linux/bpf.h | 5 +++++; tools/lib/bpf/bpf.c | 10 ++++++++++; tools/lib/bpf/bpf.h | 2 ++; tools/lib/bpf/libbpf.c | 5 +++++; tools/lib/bpf/libbpf.h | 1 +; tools/lib/bpf/libbpf.map | 2 ++; 6 files changed, 25 insertions(+)","The commit introduces bpf_link detach APIs to libbpf for managing eBPF link lifecycle.","bpf_link, libbpf, detach","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"73b11c2ab072d5b0599d1e12cc126f55ee306daf","73b11c2ab072d5b0599d1e12cc126f55ee306daf","Andrii Nakryiko","andriin@fb.com","1596220106","Alexei Starovoitov","ast@kernel.org","1596339508","0b005d7d70f073d7d908e0d2a1fb263405f3971b","4939b2847d26c025e2e2118744226967f239a1ac","bpf: Add support for forced LINK_DETACH command Add LINK_DETACH command to force-detach bpf_link without destroying it. It has the same behavior as auto-detaching of bpf_link due to cgroup dying for bpf_cgroup_link or net_device being destroyed for bpf_xdp_link. In such case, bpf_link is still a valid kernel object, but is defuncts and doesn't hold BPF program attached to corresponding BPF hook. This functionality allows users with enough access rights to manually force-detach attached bpf_link without killing respective owner process. This patch implements LINK_DETACH for cgroup, xdp, and netns links, mostly re-using existing link release handling code. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Acked-by: Song Liu Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200731182830.286260-2-andriin@fb.com","include/linux/bpf.h | 1 +; include/uapi/linux/bpf.h | 5 +++++; kernel/bpf/cgroup.c | 15 ++++++++++++++-; kernel/bpf/net_namespace.c | 8 ++++++++; kernel/bpf/syscall.c | 26 ++++++++++++++++++++++++++; net/core/dev.c | 11 ++++++++++-; 6 files changed, 64 insertions(+), 2 deletions(-)","This commit introduces a mechanism to forcefully detach BPF links while keeping them valid in the kernel.","LINK_DETACH,bpf_link,detach","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).', 'XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"4939b2847d26c025e2e2118744226967f239a1ac","4939b2847d26c025e2e2118744226967f239a1ac","John Fastabend","john.fastabend@gmail.com","1596233354","Alexei Starovoitov","ast@kernel.org","1596338459","0051e49fa8855a6a93da7dbcd4b7d054281d731b","ffba964e4d1126bef5d636e8af70f052e50342fc","bpf, selftests: Use single cgroup helpers for both test_sockmap/progs Nearly every user of cgroup helpers does the same sequence of API calls. So push these into a single helper cgroup_setup_and_join. The cases that do a bit of extra logic are test_progs which currently uses an env variable to decide if it needs to setup the cgroup environment or can use an existingi environment. And then tests that are doing cgroup tests themselves. We skip these cases for now. Signed-off-by: John Fastabend Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/159623335418.30208.15807461815525100199.stgit@john-XPS-13-9370","tools/testing/selftests/bpf/cgroup_helpers.c | 23 ++++++++++++++++++++++; tools/testing/selftests/bpf/cgroup_helpers.h | 1 +; tools/testing/selftests/bpf/get_cgroup_id_user.c | 14 ++-----------; tools/testing/selftests/bpf/test_cgroup_storage.c | 17 +---------------; tools/testing/selftests/bpf/test_dev_cgroup.c | 15 ++------------; tools/testing/selftests/bpf/test_netcnt.c | 17 ++--------------; .../selftests/bpf/test_skb_cgroup_id_user.c | 8 +-------; tools/testing/selftests/bpf/test_sock.c | 8 +-------; tools/testing/selftests/bpf/test_sock_addr.c | 8 +-------; tools/testing/selftests/bpf/test_sock_fields.c | 14 +++----------; tools/testing/selftests/bpf/test_socket_cookie.c | 8 +-------; tools/testing/selftests/bpf/test_sockmap.c | 18 ++---------------; tools/testing/selftests/bpf/test_sysctl.c | 8 +-------; tools/testing/selftests/bpf/test_tcpbpf_user.c | 8 +-------; tools/testing/selftests/bpf/test_tcpnotify_user.c | 8 +-------; 15 files changed, 43 insertions(+), 132 deletions(-)","Refactor cgroup helper logic in BPF selftests to centralize setup and join operations.","cgroup, helper, selftests","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"ac3a0c8472969a03c0496ae774b3a29eb26c8d5a","ac3a0c8472969a03c0496ae774b3a29eb26c8d5a","Linus Torvalds","torvalds@linux-foundation.org","1596325644","Linus Torvalds","torvalds@linux-foundation.org","1596325644","76e80aef974c34140055d0015fca6e6f7c85722e","0ae3495b6502cf93634cbd027cb2f6f9f83a406f fda2ec62cf1aa7cbee52289dc8059cd3662795da","Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net Pull networking fixes from David Miller: 1) Encap offset calculation is incorrect in esp6, from Sabrina Dubroca. 2) Better parameter validation in pfkey_dump(), from Mark Salyzyn. 3) Fix several clang issues on powerpc in selftests, from Tanner Love. 4) cmsghdr_from_user_compat_to_kern() uses the wrong length, from Al Viro. 5) Out of bounds access in mlx5e driver, from Raed Salem. 6) Fix transfer buffer memleak in lan78xx, from Johan Havold. 7) RCU fixups in rhashtable, from Herbert Xu. 8) Fix ipv6 nexthop refcnt leak, from Xiyu Yang. 9) vxlan FDB dump must be done under RCU, from Ido Schimmel. 10) Fix use after free in mlxsw, from Ido Schimmel. 11) Fix map leak in HASH_OF_MAPS bpf code, from Andrii Nakryiko. 12) Fix bug in mac80211 Tx ack status reporting, from Vasanthakumar Thiagarajan. 13) Fix memory leaks in IPV6_ADDRFORM code, from Cong Wang. 14) Fix bpf program reference count leaks in mlx5 during mlx5e_alloc_rq(), from Xin Xiong. * git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (86 commits) vxlan: fix memleak of fdb rds: Prevent kernel-infoleak in rds_notify_queue_get() net/sched: The error lable position is corrected in ct_init_module net/mlx5e: fix bpf_prog reference count leaks in mlx5e_alloc_rq net/mlx5e: E-Switch, Specify flow_source for rule with no in_port net/mlx5e: E-Switch, Add misc bit when misc fields changed for mirroring net/mlx5e: CT: Support restore ipv6 tunnel net: gemini: Fix missing clk_disable_unprepare() in error path of gemini_ethernet_port_probe() ionic: unlock queue mutex in error path atm: fix atm_dev refcnt leaks in atmtcp_remove_persistent net: ethernet: mtk_eth_soc: fix MTU warnings net: nixge: fix potential memory leak in nixge_probe() devlink: ignore -EOPNOTSUPP errors on dumpit rxrpc: Fix race between recvmsg and sendmsg on immediate call failure MAINTAINERS: Replace Thor Thayer as Altera Triple Speed Ethernet maintainer selftests/bpf: fix netdevsim trap_flow_action_cookie read ipv6: fix memory leaks on IPV6_ADDRFORM path net/bpfilter: Initialize pos in __bpfilter_process_sockopt igb: reinit_locked() should be called with rtnl_lock e1000e: continue to init PHY even when failed to disable ULP ...","","The commit merges various networking fixes from the netdev branch into the mainline kernel.","networking,fixes,merge","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"69138b34a7248d2396ab85c8652e20c0c39beaba","69138b34a7248d2396ab85c8652e20c0c39beaba","David S. Miller","davem@davemloft.net","1596241187","David S. Miller","davem@davemloft.net","1596241187","5bf07d6e0376efc134983bef3719eeb7fa03c4e4","8d46215a1ff37b83e80e573563066548fc82084d 4f010246b4087ab931b060481014ec110e6a8a46","Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf Daniel Borkmann says: ==================== pull-request: bpf 2020-07-31 The following pull-request contains BPF updates for your *net* tree. We've added 5 non-merge commits during the last 21 day(s) which contain a total of 5 files changed, 126 insertions(+), 18 deletions(-). The main changes are: 1) Fix a map element leak in HASH_OF_MAPS map type, from Andrii Nakryiko. 2) Fix a NULL pointer dereference in __btf_resolve_helper_id() when no btf_vmlinux is available, from Peilin Ye. 3) Init pos variable in __bpfilter_process_sockopt(), from Christoph Hellwig. 4) Fix a cgroup sockopt verifier test by specifying expected attach type, from Jean-Philippe Brucker. Note that when net gets merged into net-next later on, there is a small merge conflict in kernel/bpf/btf.c between commit 5b801dfb7feb (""bpf: Fix NULL pointer dereference in __btf_resolve_helper_id()"") from the bpf tree and commit 138b9a0511c7 (""bpf: Remove btf_id helpers resolving"") from the net-next tree. Resolve as follows: remove the old hunk with the __btf_resolve_helper_id() function. Change the btf_resolve_helper_id() so it actually tests for a NULL btf_vmlinux and bails out: int btf_resolve_helper_id(struct bpf_verifier_log *log, const struct bpf_func_proto *fn, int arg) { int id; if (fn->arg_type[arg] != ARG_PTR_TO_BTF_ID || !btf_vmlinux) return -EINVAL; id = fn->btf_id[arg]; if (!id || id > btf_vmlinux->nr_types) return -EINVAL; return id; } Let me know if you run into any others issues (CC'ing Jiri Olsa so he's in the loop with regards to merge conflict resolution). ==================== Signed-off-by: David S. Miller ","","The commit merges BPF updates into the net tree including fixes for map leaks, NULL pointer dereference, and cgroup sockopt verifier test.","BPF,merge,fixes","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"8f3f330da28ede9d106cd9d5c5ccd6a3e7e9b50b","8f3f330da28ede9d106cd9d5c5ccd6a3e7e9b50b","Jason Wang","jasowang@redhat.com","1596169040","David S. Miller","davem@davemloft.net","1596241073","9e6cb04d277a46ffcec1c5769fe33f759023fb69","48040793fa6003d211f021c6ad273477bcd90d91","tun: add missing rcu annotation in tun_set_ebpf() We expecte prog_p to be protected by rcu, so adding the rcu annotation to fix the following sparse warning: drivers/net/tun.c:3003:36: warning: incorrect type in argument 2 (different address spaces) drivers/net/tun.c:3003:36: expected struct tun_prog [noderef] __rcu **prog_p drivers/net/tun.c:3003:36: got struct tun_prog **prog_p drivers/net/tun.c:3292:42: warning: incorrect type in argument 2 (different address spaces) drivers/net/tun.c:3292:42: expected struct tun_prog **prog_p drivers/net/tun.c:3292:42: got struct tun_prog [noderef] __rcu ** drivers/net/tun.c:3296:42: warning: incorrect type in argument 2 (different address spaces) drivers/net/tun.c:3296:42: expected struct tun_prog **prog_p drivers/net/tun.c:3296:42: got struct tun_prog [noderef] __rcu ** Reported-by: Michael S. Tsirkin Signed-off-by: Jason Wang Signed-off-by: David S. Miller ","drivers/net/tun.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Adds missing RCU annotation to tun_set_ebpf to resolve sparse warnings.","RCU, tun, annotation","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","It's not related to any above. E.g. It affects a logic component in eBPF that is not listed here and not related to other events.","[""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"e535d87d8b4f85fe1659aa38c8fb75226b56eec5","e535d87d8b4f85fe1659aa38c8fb75226b56eec5","David S. Miller","davem@davemloft.net","1596240354","David S. Miller","davem@davemloft.net","1596240354","f1aa5f4c78806b559c9221855a698b5051dd73c1","bbc8a99e952226c585ac17477a85ef1194501762 e692139e6af339a1495ef401b2d95f7f9d1c7a44","Merge tag 'mlx5-fixes-2020-07-30' of git://git.kernel.org/pub/scm/linux/kernel/git/saeed/linux Saeed Mahameed says: ==================== Mellanox, mlx5 fixes 2020-07-30 This small patchset introduces some fixes to mlx5 driver. Please pull and let me know if there is any problem. For -stable v4.18: ('net/mlx5e: fix bpf_prog reference count leaks in mlx5e_alloc_rq') For -stable v5.7: ('net/mlx5e: E-Switch, Add misc bit when misc fields changed for mirroring') ==================== Signed-off-by: David S. Miller ","","This commit merges Mellanox mlx5 driver fixes focusing on BPF program reference counting and mirroring changes.","mlx5, BPF, merge","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"48040793fa6003d211f021c6ad273477bcd90d91","48040793fa6003d211f021c6ad273477bcd90d91","Yousuk Seung","ysseung@google.com","1596149080","David S. Miller","davem@davemloft.net","1596240044","7a37d2d4390b9aa54bc87465b94ab358b4dedfcd","c6886957d2d959d5217994cd08d59c816fc23e70","tcp: add earliest departure time to SCM_TIMESTAMPING_OPT_STATS This change adds TCP_NLA_EDT to SCM_TIMESTAMPING_OPT_STATS that reports the earliest departure time(EDT) of the timestamped skb. By tracking EDT values of the skb from different timestamps, we can observe when and how much the value changed. This allows to measure the precise delay injected on the sender host e.g. by a bpf-base throttler. Signed-off-by: Yousuk Seung Signed-off-by: Eric Dumazet Acked-by: Neal Cardwell Acked-by: Soheil Hassas Yeganeh Acked-by: Yuchung Cheng Signed-off-by: David S. Miller ","include/linux/tcp.h | 3 ++-; include/uapi/linux/tcp.h | 1 +; net/core/skbuff.c | 2 +-; net/ipv4/tcp.c | 6 +++++-; 4 files changed, 9 insertions(+), 3 deletions(-)","This commit adds earliest departure time tracking to TCP timestamping to measure delays affected by BPF-based throttlers.","TCP,timestamping,EDT","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"0e4cd9f2654915be8d09a1bd1b405ce5426e64c4","0e4cd9f2654915be8d09a1bd1b405ce5426e64c4","Catalin Marinas","catalin.marinas@arm.com","1596215397","Catalin Marinas","catalin.marinas@arm.com","1596215397","0aeb119873c87509ff54cbc9c6946b271f3780bf","18aa3bd58b1428d1927fe11f85ad444423d4fc59 5f1f7f6c205a2e7f1d92229ac358254bd2826c2d","Merge branch 'for-next/read-barrier-depends' into for-next/core * for-next/read-barrier-depends: : Allow architectures to override __READ_ONCE() arm64: Reduce the number of header files pulled into vmlinux.lds.S compiler.h: Move compiletime_assert() macros into compiler_types.h checkpatch: Remove checks relating to [smp_]read_barrier_depends() include/linux: Remove smp_read_barrier_depends() from comments tools/memory-model: Remove smp_read_barrier_depends() from informal doc Documentation/barriers/kokr: Remove references to [smp_]read_barrier_depends() Documentation/barriers: Remove references to [smp_]read_barrier_depends() locking/barriers: Remove definitions for [smp_]read_barrier_depends() alpha: Replace smp_read_barrier_depends() usage with smp_[r]mb() vhost: Remove redundant use of read_barrier_depends() barrier asm/rwonce: Don't pull into 'asm-generic/rwonce.h' asm/rwonce: Remove smp_read_barrier_depends() invocation alpha: Override READ_ONCE() with barriered implementation asm/rwonce: Allow __READ_ONCE to be overridden by the architecture compiler.h: Split {READ,WRITE}_ONCE definitions out into rwonce.h tools: bpf: Use local copy of headers including uapi/linux/filter.h","","The commit merges cleanup and architecture-specific changes related to read barriers and header file management.","merge,read,barrier","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"ffba964e4d1126bef5d636e8af70f052e50342fc","ffba964e4d1126bef5d636e8af70f052e50342fc","Tiezhu Yang","yangtiezhu@loongson.cn","1596184142","Daniel Borkmann","daniel@iogearbox.net","1596212271","6f8ca410e8a974a1b0ba6a2d316f76cc4425822c","1acf8f90ea7ee59006d0474275922145ac291331","Documentation/bpf: Use valid and new links in index.rst There exists an error ""404 Not Found"" when I click the html link of ""Documentation/networking/filter.rst"" in the BPF documentation [1], fix it. Additionally, use the new links about ""BPF and XDP Reference Guide"" and ""bpf(2)"" to avoid redirects. [1] https://www.kernel.org/doc/html/latest/bpf/ Fixes: d9b9170a2653 (""docs: bpf: Rename README.rst to index.rst"") Fixes: cb3f0d56e153 (""docs: networking: convert filter.txt to ReST"") Signed-off-by: Tiezhu Yang Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/1596184142-18476-1-git-send-email-yangtiezhu@loongson.cn","Documentation/bpf/index.rst | 12 ++++++------; Documentation/networking/filter.rst | 2 ++; 2 files changed, 8 insertions(+), 6 deletions(-)","This commit updates BPF documentation to fix broken links and avoid redirects.","documentation,links,fix","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"1acf8f90ea7ee59006d0474275922145ac291331","1acf8f90ea7ee59006d0474275922145ac291331","Jerry Crunchtime","jerry.c.t@web.de","1596208081","Daniel Borkmann","daniel@iogearbox.net","1596208849","50962eb52b976def5e7846a393b1d8fc12307503","c64c9c282a9a7ec0515b725d5aaed68c32e403a4","libbpf: Fix register in PT_REGS MIPS macros The o32, n32 and n64 calling conventions require the return value to be stored in $v0 which maps to $2 register, i.e., the register 2. Fixes: c1932cd (""bpf: Add MIPS support to samples/bpf."") Signed-off-by: Jerry Crunchtime Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/43707d31-0210-e8f0-9226-1af140907641@web.de","tools/lib/bpf/bpf_tracing.h | 4 ++--; 1 file changed, 2 insertions(+), 2 deletions(-)","Fixed the register mapping in MIPS macros for the libbpf library.","libbpf, MIPS, macros","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"e692139e6af339a1495ef401b2d95f7f9d1c7a44","e692139e6af339a1495ef401b2d95f7f9d1c7a44","Xin Xiong","xiongx18@fudan.edu.cn","1596104981","Saeed Mahameed","saeedm@mellanox.com","1596160435","6f6da114c96b9222e23777edb4034de0407d3a81","6f7bbad18e8343da6318654f408dea0ccd6efb00","net/mlx5e: fix bpf_prog reference count leaks in mlx5e_alloc_rq The function invokes bpf_prog_inc(), which increases the reference count of a bpf_prog object ""rq->xdp_prog"" if the object isn't NULL. The refcount leak issues take place in two error handling paths. When either mlx5_wq_ll_create() or mlx5_wq_cyc_create() fails, the function simply returns the error code and forgets to drop the reference count increased earlier, causing a reference count leak of ""rq->xdp_prog"". Fix this issue by jumping to the error handling path err_rq_wq_destroy while either function fails. Fixes: 422d4c401edd (""net/mlx5e: RX, Split WQ objects for different RQ types"") Signed-off-by: Xin Xiong Signed-off-by: Xiyu Yang Signed-off-by: Xin Tan Signed-off-by: Saeed Mahameed ","drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 4 ++--; 1 file changed, 2 insertions(+), 2 deletions(-)","This commit fixes a bpf_prog reference count leak in mlx5e_alloc_rq for error handling paths in mlx5e.","bpf_prog, reference, leak","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"c64c9c282a9a7ec0515b725d5aaed68c32e403a4","c64c9c282a9a7ec0515b725d5aaed68c32e403a4","Jakub Sitnicki","jakub@cloudflare.com","1595764948","Daniel Borkmann","daniel@iogearbox.net","1596153648","0d5f58ae0796b1877e0b04d50f25877c5fc95466","50450fc716c1a570ee8d8bfe198ef5d3cfca36e4","udp, bpf: Ignore connections in reuseport group after BPF sk lookup When BPF sk lookup invokes reuseport handling for the selected socket, it should ignore the fact that reuseport group can contain connected UDP sockets. With BPF sk lookup this is not relevant as we are not scoring sockets to find the best match, which might be a connected UDP socket. Fix it by unconditionally accepting the socket selected by reuseport. This fixes the following two failures reported by test_progs. # ./test_progs -t sk_lookup ... #73/14 UDP IPv4 redir and reuseport with conns:FAIL ... #73/20 UDP IPv6 redir and reuseport with conns:FAIL ... Fixes: a57066b1a019 (""Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net"") Reported-by: Alexei Starovoitov Signed-off-by: Jakub Sitnicki Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200726120228.1414348-1-jakub@cloudflare.com","net/ipv4/udp.c | 2 +-; net/ipv6/udp.c | 2 +-; 2 files changed, 2 insertions(+), 2 deletions(-)","The commit fixes issues with UDP connections in reuseport group after BPF socket lookup by handling connected sockets properly.","UDP,BPF,reuseport","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"4bbca662df2523ff7ad3224463f1f28e6a118044","4bbca662df2523ff7ad3224463f1f28e6a118044","Hangbin Liu","liuhangbin@gmail.com","1595847895","David S. Miller","davem@davemloft.net","1596151987","0c8aff68b72c586ef7b71262351e545260975dde","8c0de6e96c9794cb523a516c465991a70245da1c","selftests/bpf: fix netdevsim trap_flow_action_cookie read When read netdevsim trap_flow_action_cookie, we need to init it first, or we will get ""Invalid argument"" error. Fixes: d3cbb907ae57 (""netdevsim: add ACL trap reporting cookie as a metadata"") Signed-off-by: Hangbin Liu Signed-off-by: David S. Miller ","tools/testing/selftests/bpf/test_offload.py | 3 +++; 1 file changed, 3 insertions(+)","Fix initialization issue in test to enable reading netdevsim trap_flow_action_cookie without errors.","selftests,bpf,netdevsim","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"4f010246b4087ab931b060481014ec110e6a8a46","4f010246b4087ab931b060481014ec110e6a8a46","Christoph Hellwig","hch@lst.de","1596125340","Daniel Borkmann","daniel@iogearbox.net","1596150452","e454d2a5f3dad27c81eaaba95127c681cdb6cce4","0ba58348414eb10249480635545758b40b3c33b6","net/bpfilter: Initialize pos in __bpfilter_process_sockopt __bpfilter_process_sockopt never initialized the pos variable passed to the pipe write. This has been mostly harmless in the past as pipes ignore the offset, but the switch to kernel_write now verified the position, which can lead to a failure depending on the exact stack initialization pattern. Initialize the variable to zero to make rw_verify_area happy. Fixes: 6955a76fbcd5 (""bpfilter: switch to kernel_write"") Reported-by: Christian Brauner Reported-by: Rodrigo Madera Signed-off-by: Christoph Hellwig Signed-off-by: Daniel Borkmann Tested-by: Rodrigo Madera Tested-by: Christian Brauner Reviewed-by: Christian Brauner Link: https://lore.kernel.org/bpf/20200730160900.187157-1-hch@lst.de","net/bpfilter/bpfilter_kern.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","This commit initializes the 'pos' variable in 'bpfilter' to prevent failures with kernel_write operations.","initialize,pos,kernel_write","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"50450fc716c1a570ee8d8bfe198ef5d3cfca36e4","50450fc716c1a570ee8d8bfe198ef5d3cfca36e4","Andrii Nakryiko","andriin@fb.com","1596064908","Daniel Borkmann","daniel@iogearbox.net","1596149587","081623f21697f9919d3120b820ddea93f776ceab","a6599abdeac30063baf89df166068b20758e0e86","libbpf: Make destructors more robust by handling ERR_PTR(err) cases Most of libbpf ""constructors"" on failure return ERR_PTR(err) result encoded as a pointer. It's a common mistake to eventually pass such malformed pointers into xxx__destroy()/xxx__free() ""destructors"". So instead of fixing up clean up code in selftests and user programs, handle such error pointers in destructors themselves. This works beautifully for NULL pointers passed to destructors, so might as well just work for error pointers. Suggested-by: Song Liu Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Acked-by: Song Liu Link: https://lore.kernel.org/bpf/20200729232148.896125-1-andriin@fb.com","tools/lib/bpf/btf.c | 4 ++--; tools/lib/bpf/btf_dump.c | 2 +-; tools/lib/bpf/libbpf.c | 9 ++++-----; 3 files changed, 7 insertions(+), 8 deletions(-)","The commit improves libbpf destructors by handling error pointers for more robust cleanup.","libbpf destructors error-handling","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"a6599abdeac30063baf89df166068b20758e0e86","a6599abdeac30063baf89df166068b20758e0e86","Jakub Sitnicki","jakub@cloudflare.com","1596113605","Daniel Borkmann","daniel@iogearbox.net","1596149533","54606362317ca9f5c0afcd2d5600e18796e9336c","80546ac4586c0bd326aa7ce80f076646db02bcd0","selftests/bpf: Omit nodad flag when adding addresses to loopback Setting IFA_F_NODAD flag for IPv6 addresses to add to loopback is unnecessary. Duplicate Address Detection does not happen on loopback device. Also, passing 'nodad' flag to 'ip address' breaks libbpf CI, which runs in an environment with BusyBox implementation of 'ip' command, that doesn't understand this flag. Fixes: 0ab5539f8584 (""selftests/bpf: Tests for BPF_SK_LOOKUP attach point"") Reported-by: Andrii Nakryiko Signed-off-by: Jakub Sitnicki Signed-off-by: Daniel Borkmann Tested-by: Andrii Nakryiko Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200730125325.1869363-1-jakub@cloudflare.com","tools/testing/selftests/bpf/prog_tests/sk_lookup.c | 4 ++--; 1 file changed, 2 insertions(+), 2 deletions(-)","The commit removes unnecessary 'nodad' flag for IPv6 loopback addresses in selftests to ensure compatibility with BusyBox in libbpf CI.","IPv6,loopback,nodad","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"80546ac4586c0bd326aa7ce80f076646db02bcd0","80546ac4586c0bd326aa7ce80f076646db02bcd0","Andrii Nakryiko","andriin@fb.com","1595998256","Daniel Borkmann","daniel@iogearbox.net","1596149029","58ae65a7cccbfb9c5742241f4523f76d6045cf79","dfdb0d93e5bc351af5b286ae9c630d3cf869b810","selftests/bpf: Don't destroy failed link Check that link is NULL or proper pointer before invoking bpf_link__destroy(). Not doing this causes crash in test_progs, when cg_storage_multi selftest fails. Fixes: 3573f384014f (""selftests/bpf: Test CGROUP_STORAGE behavior on shared egress + ingress"") Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Acked-by: Song Liu Link: https://lore.kernel.org/bpf/20200729045056.3363921-1-andriin@fb.com",".../selftests/bpf/prog_tests/cg_storage_multi.c | 42 ++++++++++++++--------; 1 file changed, 28 insertions(+), 14 deletions(-)","Fixes a crash in cg_storage_multi selftest by ensuring valid bpf_links in bpf_link__destroy().","selftests,bpf,link","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"dfdb0d93e5bc351af5b286ae9c630d3cf869b810","dfdb0d93e5bc351af5b286ae9c630d3cf869b810","Hangbin Liu","liuhangbin@gmail.com","1596013018","Daniel Borkmann","daniel@iogearbox.net","1596149029","687745dddcf6caa1021d4939f5ec3f5fd8f46515","4fb5f94911405b6d2645d4384c2ae1215bfc6a76","selftests/bpf: Add xdpdrv mode for test_xdp_redirect This patch add xdpdrv mode for test_xdp_redirect.sh since veth has support native mode. After update here is the test result: # ./test_xdp_redirect.sh selftests: test_xdp_redirect xdpgeneric [PASS] selftests: test_xdp_redirect xdpdrv [PASS] Signed-off-by: Hangbin Liu Signed-off-by: Daniel Borkmann Acked-by: Song Liu Acked-by: William Tu Link: https://lore.kernel.org/bpf/20200729085658.403794-1-liuhangbin@gmail.com","tools/testing/selftests/bpf/test_xdp_redirect.sh | 84 +++++++++++++++---------; 1 file changed, 52 insertions(+), 32 deletions(-)","The commit adds xdpdrv mode support in the selftests for the test_xdp_redirect script in XDP programs.","xdpdrv,test_xdp_redirect,selftests","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"4fb5f94911405b6d2645d4384c2ae1215bfc6a76","4fb5f94911405b6d2645d4384c2ae1215bfc6a76","Stanislav Fomichev","sdf@google.com","1595982664","Daniel Borkmann","daniel@iogearbox.net","1596149029","559cbecd39ec5ab9b2b8cf333dd6ebb3dafce578","f7c6cb1d9728dea9d9f131ef57303d6821afb0f8","selftests/bpf: Verify socket storage in cgroup/sock_{create, release} Augment udp_limit test to set and verify socket storage value. That should be enough to exercise the changes from the previous patch. Signed-off-by: Stanislav Fomichev Signed-off-by: Daniel Borkmann Acked-by: Song Liu Link: https://lore.kernel.org/bpf/20200729003104.1280813-2-sdf@google.com","tools/testing/selftests/bpf/progs/udp_limit.c | 19 +++++++++++++++++++; 1 file changed, 19 insertions(+)","The commit enhances self-tests to verify socket storage in cgroup socket create and release operations.","selftests socket cgroup","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', 'cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"f7c6cb1d9728dea9d9f131ef57303d6821afb0f8","f7c6cb1d9728dea9d9f131ef57303d6821afb0f8","Stanislav Fomichev","sdf@google.com","1595982663","Daniel Borkmann","daniel@iogearbox.net","1596149029","efcd85c497731da021576fe64c411bfbb3045eee","12e6196fb15953605be54ac9320ac54371aecab7","bpf: Expose socket storage to BPF_PROG_TYPE_CGROUP_SOCK This lets us use socket storage from the following hooks: * BPF_CGROUP_INET_SOCK_CREATE * BPF_CGROUP_INET_SOCK_RELEASE * BPF_CGROUP_INET4_POST_BIND * BPF_CGROUP_INET6_POST_BIND Using existing 'bpf_sk_storage_get_proto' doesn't work because second argument is ARG_PTR_TO_SOCKET. Even though BPF_PROG_TYPE_CGROUP_SOCK hooks operate on 'struct bpf_sock', the verifier still considers it as a PTR_TO_CTX. That's why I'm adding another 'bpf_sk_storage_get_cg_sock_proto' definition strictly for BPF_PROG_TYPE_CGROUP_SOCK which accepts ARG_PTR_TO_CTX which is really 'struct sock' for this program type. Signed-off-by: Stanislav Fomichev Signed-off-by: Daniel Borkmann Acked-by: Song Liu Link: https://lore.kernel.org/bpf/20200729003104.1280813-1-sdf@google.com","net/core/bpf_sk_storage.c | 10 ++++++++++; net/core/filter.c | 3 +++; 2 files changed, 13 insertions(+)","The commit exposes socket storage to BPF_PROG_TYPE_CGROUP_SOCK and introduces a new function to handle cgroup socket hooks.","BPF,cgroup,socket","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"12e6196fb15953605be54ac9320ac54371aecab7","12e6196fb15953605be54ac9320ac54371aecab7","Yonghong Song","yhs@fb.com","1595974681","Daniel Borkmann","daniel@iogearbox.net","1596149029","1b414ad4de4e736a2b5c80b9e5dc00ce60c2e076","4fc00b79b85d4c34bef06ad49f109ad7cd9e5d83","selftests/bpf: Test bpf_iter buffer access with negative offset Commit afbf21dce668 (""bpf: Support readonly/readwrite buffers in verifier"") added readonly/readwrite buffer support which is currently used by bpf_iter tracing programs. It has a bug with incorrect parameter ordering which later fixed by Commit f6dfbe31e8fa (""bpf: Fix swapped arguments in calls to check_buffer_access""). This patch added a test case with a negative offset access which will trigger the error path. Without Commit f6dfbe31e8fa, running the test case in the patch, the error message looks like: R1_w=rdwr_buf(id=0,off=0,imm=0) R10=fp0 ; value_sum += *(__u32 *)(value - 4); 2: (61) r1 = *(u32 *)(r1 -4) R1 invalid (null) buffer access: off=-4, size=4 With the above commit, the error message looks like: R1_w=rdwr_buf(id=0,off=0,imm=0) R10=fp0 ; value_sum += *(__u32 *)(value - 4); 2: (61) r1 = *(u32 *)(r1 -4) R1 invalid rdwr buffer access: off=-4, size=4 Signed-off-by: Yonghong Song Signed-off-by: Daniel Borkmann Acked-by: Song Liu Link: https://lore.kernel.org/bpf/20200728221801.1090406-1-yhs@fb.com","tools/testing/selftests/bpf/prog_tests/bpf_iter.c | 13 +++++++++++++; .../selftests/bpf/progs/bpf_iter_test_kern6.c | 21 +++++++++++++++++++++; 2 files changed, 34 insertions(+)","The commit introduces a test case for checking bpf_iter buffer access errors with negative offsets.","bpf_iter,buffer,test","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"4fc00b79b85d4c34bef06ad49f109ad7cd9e5d83","4fc00b79b85d4c34bef06ad49f109ad7cd9e5d83","Yonghong Song","yhs@fb.com","1595974681","Daniel Borkmann","daniel@iogearbox.net","1596149029","1ef83521777fb5c72e5bee14dbc1f843a2ee0ad3","800834285361dcf8e98b018e891df876472a4fac","bpf: Add missing newline characters in verifier error messages Newline characters are added in two verifier error messages, refactored in Commit afbf21dce668 (""bpf: Support readonly/readwrite buffers in verifier""). This way, they do not mix with messages afterwards. Signed-off-by: Yonghong Song Signed-off-by: Daniel Borkmann Acked-by: Song Liu Link: https://lore.kernel.org/bpf/20200728221801.1090349-1-yhs@fb.com","kernel/bpf/verifier.c | 4 ++--; 1 file changed, 2 insertions(+), 2 deletions(-)","This commit adds missing newline characters to error messages in the BPF verifier.","newline,verifier,error","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"800834285361dcf8e98b018e891df876472a4fac","800834285361dcf8e98b018e891df876472a4fac","Jean-Philippe Brucker","jean-philippe@linaro.org","1595949686","Daniel Borkmann","daniel@iogearbox.net","1596149020","3d71922e36f8eea73368d4cd821143bab2b9b6ad","310ad7970a0dec847563dc6dba9e7e587d545622","bpf, arm64: Add BPF exception tables When a tracing BPF program attempts to read memory without using the bpf_probe_read() helper, the verifier marks the load instruction with the BPF_PROBE_MEM flag. Since the arm64 JIT does not currently recognize this flag it falls back to the interpreter. Add support for BPF_PROBE_MEM, by appending an exception table to the BPF program. If the load instruction causes a data abort, the fixup infrastructure finds the exception table and fixes up the fault, by clearing the destination register and jumping over the faulting instruction. To keep the compact exception table entry format, inspect the pc in fixup_exception(). A more generic solution would add a ""handler"" field to the table entry, like on x86 and s390. Signed-off-by: Jean-Philippe Brucker Signed-off-by: Daniel Borkmann Acked-by: Song Liu Link: https://lore.kernel.org/bpf/20200728152122.1292756-2-jean-philippe@linaro.org","arch/arm64/include/asm/extable.h | 12 ++++++; arch/arm64/mm/extable.c | 12 ++++--; arch/arm64/net/bpf_jit_comp.c | 93 +++++++++++++++++++++++++++++++++++++---; 3 files changed, 108 insertions(+), 9 deletions(-)","This commit enhances the ARM64 JIT compiler to handle BPF_PROBE_MEM by using exception tables for fault recovery.","ARM64,BPF_PROBE_MEM,exception","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","['kprobe/ftrace like type kernel dynamic probe programs. It affects kernel-level probes used for tracing kernel functions. It can be other kernel probes in perf-events.']" +"1b98c6e3ba8be09a2f988dc4b80de9b4b029b93f","1b98c6e3ba8be09a2f988dc4b80de9b4b029b93f","Ian Rogers","irogers@google.com","1595926652","Arnaldo Carvalho de Melo","acme@redhat.com","1596103309","a91ee7c5d9902021cd5c05c016ff574b3979b32b","4929e95a1400e45b4b5a87fd3ce10273444187d4","perf test: Ensure sample_period is set libpfm4 events Test that a command line option doesn't override the period set on a libpfm4 event. Without libpfm4 test passes as unsupported. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Alexei Starovoitov Cc: Andi Kleen Cc: Andrii Nakryiko Cc: Athira Jajeev Cc: Daniel Borkmann Cc: Jiri Olsa Cc: John Fastabend Cc: KP Singh Cc: Mark Rutland Cc: Martin KaFai Lau Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Song Liu Cc: Stephane Eranian Cc: Yonghong Song Cc: bpf@vger.kernel.org Cc: netdev@vger.kernel.org Link: http://lore.kernel.org/lkml/20200728085734.609930-4-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/tests/attr/README | 1 +; tools/perf/tests/attr/test-record-pfm-period | 9 +++++++++; 2 files changed, 10 insertions(+)","The commit adds tests to ensure the sample_period is set correctly for libpfm4 events without being overridden by command line options.","perf, libpfm4, sample_period","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Profile related type programs. It affects programs used for profiling system or application performance.']" +"0ba58348414eb10249480635545758b40b3c33b6","0ba58348414eb10249480635545758b40b3c33b6","Andrii Nakryiko","andriin@fb.com","1595995753","Daniel Borkmann","daniel@iogearbox.net","1596065426","cb6f2183d57cb567b728fb8583efa0009089196b","1d4e1eab456e1ee92a94987499b211db05f900ea","selftests/bpf: Extend map-in-map selftest to detect memory leaks Add test validating that all inner maps are released properly after skeleton is destroyed. To ensure determinism, trigger kernel-side synchronize_rcu() before checking map existence by their IDs. Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Acked-by: Song Liu Link: https://lore.kernel.org/bpf/20200729040913.2815687-2-andriin@fb.com",".../selftests/bpf/prog_tests/btf_map_in_map.c | 124 ++++++++++++++++++---; 1 file changed, 110 insertions(+), 14 deletions(-)","The commit enhances map-in-map selftests to detect memory leaks by ensuring proper handling of inner map releases.","selftests,map,leaks","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"1d4e1eab456e1ee92a94987499b211db05f900ea","1d4e1eab456e1ee92a94987499b211db05f900ea","Andrii Nakryiko","andriin@fb.com","1595995752","Daniel Borkmann","daniel@iogearbox.net","1596065422","5b82ae2c43008bf5b78126fad7b2762c1d1514b8","5b801dfb7feb2738975d80223efc2fc193e55573","bpf: Fix map leak in HASH_OF_MAPS map Fix HASH_OF_MAPS bug of not putting inner map pointer on bpf_map_elem_update() operation. This is due to per-cpu extra_elems optimization, which bypassed free_htab_elem() logic doing proper clean ups. Make sure that inner map is put properly in optimized case as well. Fixes: 8c290e60fa2a (""bpf: fix hashmap extra_elems logic"") Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Acked-by: Song Liu Link: https://lore.kernel.org/bpf/20200729040913.2815687-1-andriin@fb.com","kernel/bpf/hashtab.c | 12 +++++++++---; 1 file changed, 9 insertions(+), 3 deletions(-)","Fixes a memory leak in HASH_OF_MAPS by ensuring proper cleanup of inner map pointers in bpf_map_elem_update.","map leak, HASH_OF_MAPS, cleanup","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"310ad7970a0dec847563dc6dba9e7e587d545622","310ad7970a0dec847563dc6dba9e7e587d545622","Andrii Nakryiko","andriin@fb.com","1595963127","Daniel Borkmann","daniel@iogearbox.net","1595975340","4b3a9e52d65fe65b8996cb956de0ac51ba58a002","ca5cd355b7f0372da0d50fce5b12a3367e417290","bpf: Fix build without CONFIG_NET when using BPF XDP link Entire net/core subsystem is not built without CONFIG_NET. linux/netdevice.h just assumes that it's always there, so the easiest way to fix this is to conditionally compile out bpf_xdp_link_attach() use in bpf/syscall.c. Fixes: aa8d3a716b59 (""bpf, xdp: Add bpf_link-based XDP attachment API"") Reported-by: Randy Dunlap Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Acked-by: Randy Dunlap # build-tested Acked-by: Song Liu Link: https://lore.kernel.org/bpf/20200728190527.110830-1-andriin@fb.com","kernel/bpf/syscall.c | 2 ++; 1 file changed, 2 insertions(+)","Fix compile issue for BPF XDP link attachment when CONFIG_NET is disabled.","build,XDP,CONFIG_NET","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"ca5cd355b7f0372da0d50fce5b12a3367e417290","ca5cd355b7f0372da0d50fce5b12a3367e417290","John Fastabend","john.fastabend@gmail.com","1595947142","Daniel Borkmann","daniel@iogearbox.net","1595974235","45e98ebfacbd3c4fb092ef525c03806b548b39d6","3c4f850e8441ac8b3b6dbaa6107604c4199ef01f","bpf, selftests: use :: 1 for localhost in tcp_server.py Using localhost requires the host to have a /etc/hosts file with that specific line in it. By default my dev box did not, they used ip6-localhost, so the test was failing. To fix remove the need for any /etc/hosts and use ::1. I could just add the line, but this seems easier. Signed-off-by: John Fastabend Signed-off-by: Daniel Borkmann Acked-by: Song Liu Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/159594714197.21431.10113693935099326445.stgit@john-Precision-5820-Tower","tools/testing/selftests/bpf/tcp_client.py | 2 +-; tools/testing/selftests/bpf/tcp_server.py | 2 +-; tools/testing/selftests/bpf/test_netcnt.c | 4 ++--; 3 files changed, 4 insertions(+), 4 deletions(-)","The commit updates eBPF selftests to use ::1 instead of localhost to remove reliance on /etc/hosts configurations.","localhost,selftests,tcp","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"0003041e7a0bf24594e5d66fe217bbbefdac44ab","0003041e7a0bf24594e5d66fe217bbbefdac44ab","David S. Miller","davem@davemloft.net","1595969020","David S. Miller","davem@davemloft.net","1595969020","050f16554295c22db098bb4e81021e21d2718c5f","21db923eae812cf594d53f6519e113ee1b051f2c a31edb2059ed4e498f9aa8230c734b59d0ad797a","Merge branch 'sockptr_t-fixes-v2' Christoph Hellwig says: ==================== sockptr_t fixes v2 a bunch of fixes for the sockptr_t conversion Changes since v1: - fix a user pointer dereference braino in bpfilter ==================== Signed-off-by: David S. Miller ","","This commit merges changes to address sockptr_t conversion issues in the branch.","merge,sockptr_t,fixes","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","I'm not sure about the implementation component of the commit. The component affected by It is unclear.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"3c4f850e8441ac8b3b6dbaa6107604c4199ef01f","3c4f850e8441ac8b3b6dbaa6107604c4199ef01f","Peilin Ye","yepeilin.cs@gmail.com","1595914564","Daniel Borkmann","daniel@iogearbox.net","1595933415","e71a1c747f21c9b1da813dbca97c10c61fbe071f","f6dfbe31e8fa5cbd5bc89df9d7f0fa0af7e69981","xdp: Prevent kernel-infoleak in xsk_getsockopt() xsk_getsockopt() is copying uninitialized stack memory to userspace when 'extra_stats' is 'false'. Fix it. Doing '= {};' is sufficient since currently 'struct xdp_statistics' is defined as follows: struct xdp_statistics { __u64 rx_dropped; __u64 rx_invalid_descs; __u64 tx_invalid_descs; __u64 rx_ring_full; __u64 rx_fill_ring_empty_descs; __u64 tx_ring_empty_descs; }; When being copied to the userspace, 'stats' will not contain any uninitialized 'holes' between struct fields. Fixes: 8aa5a33578e9 (""xsk: Add new statistics"") Suggested-by: Dan Carpenter Signed-off-by: Peilin Ye Signed-off-by: Daniel Borkmann Acked-by: Björn Töpel Acked-by: Song Liu Acked-by: Arnd Bergmann Link: https://lore.kernel.org/bpf/20200728053604.404631-1-yepeilin.cs@gmail.com","net/xdp/xsk.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","The commit fixes a kernel information leak in xsk_getsockopt by initializing memory properly.","kernel infoleak fix","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"f6dfbe31e8fa5cbd5bc89df9d7f0fa0af7e69981","f6dfbe31e8fa5cbd5bc89df9d7f0fa0af7e69981","Colin Ian King","colin.king@canonical.com","1595872451","Daniel Borkmann","daniel@iogearbox.net","1595932810","1172b5424e4e6ff8e0b8a447a0718762641b3ba3","363885d7c62e293fb093c7c355bf5f05fa0a25a9","bpf: Fix swapped arguments in calls to check_buffer_access There are a couple of arguments of the boolean flag zero_size_allowed and the char pointer buf_info when calling to function check_buffer_access that are swapped by mistake. Fix these by swapping them to correct the argument ordering. Fixes: afbf21dce668 (""bpf: Support readonly/readwrite buffers in verifier"") Addresses-Coverity: (""Array compared to 0"") Signed-off-by: Colin Ian King Signed-off-by: Daniel Borkmann Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200727175411.155179-1-colin.king@canonical.com","kernel/bpf/verifier.c | 8 ++++----; 1 file changed, 4 insertions(+), 4 deletions(-)","This commit corrects the arguments in check_buffer_access calls to fix a bug in the BPF verifier.","fix, arguments, BPF","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"363885d7c62e293fb093c7c355bf5f05fa0a25a9","363885d7c62e293fb093c7c355bf5f05fa0a25a9","Andrii Nakryiko","andriin@fb.com","1595892825","Daniel Borkmann","daniel@iogearbox.net","1595931757","ad05a95ce2ea01a2fd23b5836831917438d347e1","e1613b5714ee6c186c9628e9958edf65e9d9cddd","selftests/bpf: Add new bpf_iter context structs to fix build on old kernels Add bpf_iter__bpf_map_elem and bpf_iter__bpf_sk_storage_map to bpf_iter.h. Fixes: 3b1c420bd882 (""selftests/bpf: Add a test for bpf sk_storage_map iterator"") Fixes: 2a7c2fff7dd6 (""selftests/bpf: Add test for bpf hash map iterators"") Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200727233345.1686358-1-andriin@fb.com","tools/testing/selftests/bpf/progs/bpf_iter.h | 18 ++++++++++++++++++; 1 file changed, 18 insertions(+)","The commit adds bpf_iter context structs in selftests to fix build issues on older kernels.","bpf_iter, context, selftests","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"e1613b5714ee6c186c9628e9958edf65e9d9cddd","e1613b5714ee6c186c9628e9958edf65e9d9cddd","Andrii Nakryiko","andriin@fb.com","1595890035","Daniel Borkmann","daniel@iogearbox.net","1595931644","07ff33ff9f44fa48a3a4cce1044a7b6a1273068f","9a97c9d2af5ca798377342debf7f0f44281d050e","bpf: Fix bpf_ringbuf_output() signature to return long Due to bpf tree fix merge, bpf_ringbuf_output() signature ended up with int as a return type, while all other helpers got converted to returning long. So fix it in bpf-next now. Fixes: b0659d8a950d (""bpf: Fix definition of bpf_ringbuf_output() helper in UAPI comments"") Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Acked-by: Song Liu Link: https://lore.kernel.org/bpf/20200727224715.652037-1-andriin@fb.com","include/uapi/linux/bpf.h | 2 +-; tools/include/uapi/linux/bpf.h | 2 +-; 2 files changed, 2 insertions(+), 2 deletions(-)","Fixes the return type signature of bpf_ringbuf_output() from int to long for consistency with other helpers.","bpf_ringbuf_output, signature, fix","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"9a97c9d2af5ca798377342debf7f0f44281d050e","9a97c9d2af5ca798377342debf7f0f44281d050e","Quentin Monnet","quentin@isovalent.com","1595581578","Daniel Borkmann","daniel@iogearbox.net","1595882454","676c7e2784a7ac3ea2d03491420b6171ae717199","70cfab1d871c771bd1963dd898f4f9b2731590c2","tools, bpftool: Add LSM type to array of prog names Assign ""lsm"" as a printed name for BPF_PROG_TYPE_LSM in bpftool, so that it can use it when listing programs loaded on the system or when probing features. Signed-off-by: Quentin Monnet Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200724090618.16378-3-quentin@isovalent.com","tools/bpf/bpftool/prog.c | 1 +; 1 file changed, 1 insertion(+)","Adds LSM type label for BPF_PROG_TYPE_LSM in bpftool for easier program listing and feature probing.","LSM,bpftool,programs","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['LSM type related programs. It relates to eBPF programs used with Linux Security Modules (LSMs) for security enhancements.']" +"70cfab1d871c771bd1963dd898f4f9b2731590c2","70cfab1d871c771bd1963dd898f4f9b2731590c2","Quentin Monnet","quentin@isovalent.com","1595581577","Daniel Borkmann","daniel@iogearbox.net","1595882425","dc3a2d7515e3ba07d9e4610a1501a26d7662682d","47960ad614d0c162e03f8ec10bca7086fde284ed","tools, bpftool: Skip type probe if name is not found For probing program and map types, bpftool loops on type values and uses the relevant type name in prog_type_name[] or map_type_name[]. To ensure the name exists, we exit from the loop if we go over the size of the array. However, this is not enough in the case where the arrays have ""holes"" in them, program or map types for which they have no name, but not at the end of the list. This is currently the case for BPF_PROG_TYPE_LSM, not known to bpftool and which name is a null string. When probing for features, bpftool attempts to strlen() that name and segfaults. Let's fix it by skipping probes for ""unknown"" program and map types, with an informational message giving the numeral value in that case. Fixes: 93a3545d812a (""tools/bpftool: Add name mappings for SK_LOOKUP prog and attach type"") Reported-by: Paul Chaignon Signed-off-by: Quentin Monnet Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200724090618.16378-2-quentin@isovalent.com","tools/bpf/bpftool/feature.c | 8 ++++++++; 1 file changed, 8 insertions(+)","The commit fixes bpftool to prevent segfaults by skipping probes for program or map types with missing names.","bpftool,probe,segfault","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"47960ad614d0c162e03f8ec10bca7086fde284ed","47960ad614d0c162e03f8ec10bca7086fde284ed","Alexei Starovoitov","ast@kernel.org","1595734622","Alexei Starovoitov","ast@kernel.org","1595734981","970b9373fc9ef7dcfdb3edb2a9948a842c5eb50f","2b9b305fcdda1810bdffeb599361174eb2cd0b7c e8407fdeb9a6866784e249881f6c786a0835faba","Merge branch 'bpf_link-XDP' Andrii Nakryiko says: ==================== Following cgroup and netns examples, implement bpf_link support for XDP. The semantics is described in patch #2. Program and link attachments are mutually exclusive, in the sense that neither link can replace attached program nor program can replace attached link. Link can't replace attached link as well, as is the case for any other bpf_link implementation. Patch #1 refactors existing BPF program-based attachment API and centralizes high-level query/attach decisions in generic kernel code, while drivers are kept simple and are instructed with low-level decisions about attaching and detaching specific bpf_prog. This also makes QUERY command unnecessary, and patch #8 removes support for it from all kernel drivers. If that's a bad idea, we can drop that patch altogether. With refactoring in patch #1, adding bpf_xdp_link is completely transparent to drivers, they are still functioning at the level of ""effective"" bpf_prog, that should be called in XDP data path. Corresponding libbpf support for BPF XDP link is added in patch #5. v3->v4: - fix a compilation warning in one of drivers (Jakub); v2->v3: - fix build when CONFIG_BPF_SYSCALL=n (kernel test robot); v1->v2: - fix prog refcounting bug (David); - split dev_change_xdp_fd() changes into 2 patches (David); - add extack messages to all user-induced errors (David). ==================== Signed-off-by: Alexei Starovoitov ","","This commit merges the 'bpf_link-XDP' branch, implementing bpf_link support for XDP and refactoring attachment APIs.","bpf_link,XDP,refactoring","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's likely a merge commit. It involves changes across multiple use cases or events."", ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"e8407fdeb9a6866784e249881f6c786a0835faba","e8407fdeb9a6866784e249881f6c786a0835faba","Andrii Nakryiko","andriin@fb.com","1595400362","Alexei Starovoitov","ast@kernel.org","1595734622","970b9373fc9ef7dcfdb3edb2a9948a842c5eb50f","fe48230cf2ae27c9e3b96d29908e22e2926fd1ab","bpf, xdp: Remove XDP_QUERY_PROG and XDP_QUERY_PROG_HW XDP commands Now that BPF program/link management is centralized in generic net_device code, kernel code never queries program id from drivers, so XDP_QUERY_PROG/XDP_QUERY_PROG_HW commands are unnecessary. This patch removes all the implementations of those commands in kernel, along the xdp_attachment_query(). This patch was compile-tested on allyesconfig. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200722064603.3350758-10-andriin@fb.com","drivers/net/ethernet/amazon/ena/ena_netdev.c | 6 ------; drivers/net/ethernet/broadcom/bnxt/bnxt_xdp.c | 4 ----; drivers/net/ethernet/cavium/thunder/nicvf_main.c | 3 ---; drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.c | 5 -----; drivers/net/ethernet/intel/i40e/i40e_main.c | 3 ---; drivers/net/ethernet/intel/ice/ice_main.c | 3 ---; drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 4 ----; drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c | 6 ------; drivers/net/ethernet/marvell/mvneta.c | 5 -----; drivers/net/ethernet/marvell/mvpp2/mvpp2_main.c | 3 ---; drivers/net/ethernet/mellanox/mlx4/en_netdev.c | 24 ----------------------; drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 18 ----------------; .../net/ethernet/netronome/nfp/nfp_net_common.c | 4 ----; drivers/net/ethernet/qlogic/qede/qede_filter.c | 3 ---; drivers/net/ethernet/sfc/efx.c | 5 -----; drivers/net/ethernet/socionext/netsec.c | 3 ---; drivers/net/ethernet/ti/cpsw_priv.c | 3 ---; drivers/net/hyperv/netvsc_bpf.c | 21 +------------------; drivers/net/netdevsim/bpf.c | 4 ----; drivers/net/netdevsim/netdevsim.h | 2 +-; drivers/net/tun.c | 15 --------------; drivers/net/veth.c | 15 --------------; drivers/net/virtio_net.c | 17 ---------------; drivers/net/xen-netfront.c | 21 -------------------; include/linux/netdevice.h | 8 --------; include/net/xdp.h | 2 --; net/core/dev.c | 4 ----; net/core/xdp.c | 9 --------; 28 files changed, 2 insertions(+), 218 deletions(-)","The commit removes unnecessary XDP_QUERY_PROG and XDP_QUERY_PROG_HW commands from the kernel code related to BPF program management.","XDP,remove,commands","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"fe48230cf2ae27c9e3b96d29908e22e2926fd1ab","fe48230cf2ae27c9e3b96d29908e22e2926fd1ab","Andrii Nakryiko","andriin@fb.com","1595400361","Alexei Starovoitov","ast@kernel.org","1595734622","7143b9ec5d7b54e7450aec2798327cb7c61d8143","dc8698cac7aada9b61a612cb819341d84591163e","selftests/bpf: Add BPF XDP link selftests Add selftest validating all the attachment logic around BPF XDP link. Test also link updates and get_obj_info() APIs. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200722064603.3350758-9-andriin@fb.com","tools/testing/selftests/bpf/prog_tests/xdp_link.c | 137 ++++++++++++++++++++++; tools/testing/selftests/bpf/progs/test_xdp_link.c | 12 ++; 2 files changed, 149 insertions(+)","The commit adds selftests for BPF XDP link attachment, updates, and APIs like get_obj_info().","selftests,XDP,link","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"dc8698cac7aada9b61a612cb819341d84591163e","dc8698cac7aada9b61a612cb819341d84591163e","Andrii Nakryiko","andriin@fb.com","1595400360","Alexei Starovoitov","ast@kernel.org","1595734622","d3be5774e01e3c0ec41e4d2653b0c06a99437744","c1931c9784ebb5787c0784c112fb8baa5e8455b3","libbpf: Add support for BPF XDP link Sync UAPI header and add support for using bpf_link-based XDP attachment. Make xdp/ prog type set expected attach type. Kernel didn't enforce attach_type for XDP programs before, so there is no backwards compatiblity issues there. Also fix section_names selftest to recognize that xdp prog types now have expected attach type. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200722064603.3350758-8-andriin@fb.com","tools/include/uapi/linux/bpf.h | 10 +++++++++-; tools/lib/bpf/libbpf.c | 9 ++++++++-; tools/lib/bpf/libbpf.h | 2 ++; tools/lib/bpf/libbpf.map | 1 +; tools/testing/selftests/bpf/prog_tests/section_names.c | 2 +-; 5 files changed, 21 insertions(+), 3 deletions(-)","The commit enhances libbpf to support BPF XDP link attachments and syncs relevant UAPI headers.","libbpf,XDP,UAPI","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"c1931c9784ebb5787c0784c112fb8baa5e8455b3","c1931c9784ebb5787c0784c112fb8baa5e8455b3","Andrii Nakryiko","andriin@fb.com","1595400359","Alexei Starovoitov","ast@kernel.org","1595734622","756ccc0946ea3286cd4649937ec912fd20642434","026a4c28e1db3b0cb99cd9a3e495d4a8b632fa74","bpf: Implement BPF XDP link-specific introspection APIs Implement XDP link-specific show_fdinfo and link_info to emit ifindex. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200722064603.3350758-7-andriin@fb.com","include/uapi/linux/bpf.h | 3 +++; net/core/dev.c | 31 +++++++++++++++++++++++++++++++; 2 files changed, 34 insertions(+)","The commit introduces XDP link-specific APIs for introspection to display ifindex.","XDP,introspection,ifindex","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"026a4c28e1db3b0cb99cd9a3e495d4a8b632fa74","026a4c28e1db3b0cb99cd9a3e495d4a8b632fa74","Andrii Nakryiko","andriin@fb.com","1595400358","Alexei Starovoitov","ast@kernel.org","1595734622","aaf5102f8f78022807ee0b083782e41e6b2ad527","aa8d3a716b59db6c1ad6c68fb8aa05e31980da60","bpf, xdp: Implement LINK_UPDATE for BPF XDP link Add support for LINK_UPDATE command for BPF XDP link to enable reliable replacement of underlying BPF program. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200722064603.3350758-6-andriin@fb.com","net/core/dev.c | 43 +++++++++++++++++++++++++++++++++++++++++++; 1 file changed, 43 insertions(+)","This commit implements the LINK_UPDATE command for BPF XDP links to enable reliable BPF program replacement.","LINK_UPDATE,BPF,XDP","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"aa8d3a716b59db6c1ad6c68fb8aa05e31980da60","aa8d3a716b59db6c1ad6c68fb8aa05e31980da60","Andrii Nakryiko","andriin@fb.com","1595400357","Alexei Starovoitov","ast@kernel.org","1595734622","0e49a992f6b344f5f773870c9483882e3ce4e0db","d4baa9368a5e4d694e787e0442ddd6ab95d6fd96","bpf, xdp: Add bpf_link-based XDP attachment API Add bpf_link-based API (bpf_xdp_link) to attach BPF XDP program through BPF_LINK_CREATE command. bpf_xdp_link is mutually exclusive with direct BPF program attachment, previous BPF program should be detached prior to attempting to create a new bpf_xdp_link attachment (for a given XDP mode). Once BPF link is attached, it can't be replaced by other BPF program attachment or link attachment. It will be detached only when the last BPF link FD is closed. bpf_xdp_link will be auto-detached when net_device is shutdown, similarly to how other BPF links behave (cgroup, flow_dissector). At that point bpf_link will become defunct, but won't be destroyed until last FD is closed. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200722064603.3350758-5-andriin@fb.com","include/linux/netdevice.h | 4 ++; include/uapi/linux/bpf.h | 7 +-; kernel/bpf/syscall.c | 5 ++; net/core/dev.c | 169 ++++++++++++++++++++++++++++++++++++++++++++--; 4 files changed, 178 insertions(+), 7 deletions(-)","This commit introduces a bpf_link-based API for safely attaching BPF XDP programs with mutual exclusivity feature.","bpf_link,XDP,API","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"d4baa9368a5e4d694e787e0442ddd6ab95d6fd96","d4baa9368a5e4d694e787e0442ddd6ab95d6fd96","Andrii Nakryiko","andriin@fb.com","1595400356","Alexei Starovoitov","ast@kernel.org","1595734622","1bb6e81dd5b28c224b1f28ee9817f0779971f3a1","7f0a838254bdd9114b978ef2541a6ce330307e9e","bpf, xdp: Extract common XDP program attachment logic Further refactor XDP attachment code. dev_change_xdp_fd() is split into two parts: getting bpf_progs from FDs and attachment logic, working with bpf_progs. This makes attachment logic a bit more straightforward and prepares code for bpf_xdp_link inclusion, which will share the common logic. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200722064603.3350758-4-andriin@fb.com","net/core/dev.c | 165 +++++++++++++++++++++++++++++++--------------------------; 1 file changed, 91 insertions(+), 74 deletions(-)","Refactor XDP attachment logic by separating BPF program retrieval and attachment processes for improved code clarity.","XDP,attachment,refactor","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"7f0a838254bdd9114b978ef2541a6ce330307e9e","7f0a838254bdd9114b978ef2541a6ce330307e9e","Andrii Nakryiko","andriin@fb.com","1595400355","Alexei Starovoitov","ast@kernel.org","1595734622","91a5c1e3ae5eb01a82dca026224a4a5e2190ca71","6cc7d1e8e9e06d45f9d1a39a5f465288d7cd8f9a","bpf, xdp: Maintain info on attached XDP BPF programs in net_device Instead of delegating to drivers, maintain information about which BPF programs are attached in which XDP modes (generic/skb, driver, or hardware) locally in net_device. This effectively obsoletes XDP_QUERY_PROG command. Such re-organization simplifies existing code already. But it also allows to further add bpf_link-based XDP attachments without drivers having to know about any of this at all, which seems like a good setup. XDP_SETUP_PROG/XDP_SETUP_PROG_HW are just low-level commands to driver to install/uninstall active BPF program. All the higher-level concerns about prog/link interaction will be contained within generic driver-agnostic logic. All the XDP_QUERY_PROG calls to driver in dev_xdp_uninstall() were removed. It's not clear for me why dev_xdp_uninstall() were passing previous prog_flags when resetting installed programs. That seems unnecessary, plus most drivers don't populate prog_flags anyways. Having XDP_SETUP_PROG vs XDP_SETUP_PROG_HW should be enough of an indicator of what is required of driver to correctly reset active BPF program. dev_xdp_uninstall() is also generalized as an iteration over all three supported mode. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200722064603.3350758-3-andriin@fb.com","include/linux/netdevice.h | 17 ++++-; net/core/dev.c | 158 ++++++++++++++++++++++++++--------------------; net/core/rtnetlink.c | 5 +-; 3 files changed, 105 insertions(+), 75 deletions(-)","This commit refactors the management of XDP BPF program attachments in net_device for improved maintainability and future enhancements.","XDP BPF net_device","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"6cc7d1e8e9e06d45f9d1a39a5f465288d7cd8f9a","6cc7d1e8e9e06d45f9d1a39a5f465288d7cd8f9a","Andrii Nakryiko","andriin@fb.com","1595400354","Alexei Starovoitov","ast@kernel.org","1595734621","4f6f10a7091fca310f10c48834b4bce110183cf7","2b9b305fcdda1810bdffeb599361174eb2cd0b7c","bpf: Make bpf_link API available indepently of CONFIG_BPF_SYSCALL Similarly to bpf_prog, make bpf_link and related generic API available unconditionally to make it easier to have bpf_link support in various parts of the kernel. Stub out init/prime/settle/cleanup and inc/put APIs. Reported-by: kernel test robot Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200722064603.3350758-2-andriin@fb.com","include/linux/bpf.h | 81 ++++++++++++++++++++++++++++++++++++-----------------; 1 file changed, 55 insertions(+), 26 deletions(-)","Makes bpf_link API available independently of CONFIG_BPF_SYSCALL to simplify kernel integration.","bpf_link API CONFIG_BPF_SYSCALL","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"2b9b305fcdda1810bdffeb599361174eb2cd0b7c","2b9b305fcdda1810bdffeb599361174eb2cd0b7c","Song Liu","songliubraving@fb.com","1595621102","Alexei Starovoitov","ast@kernel.org","1595733396","6ac97431bb7987d56ee380f5dc0fb7eb52fb5587","dfcdf0e9ad2e006196986f363c99b2097aec5ef0","bpf: Fix build on architectures with special bpf_user_pt_regs_t Architectures like s390, powerpc, arm64, riscv have speical definition of bpf_user_pt_regs_t. So we need to cast the pointer before passing it to bpf_get_stack(). This is similar to bpf_get_stack_tp(). Fixes: 03d42fd2d83f (""bpf: Separate bpf_get_[stack|stackid] for perf events BPF"") Reported-by: kernel test robot Signed-off-by: Song Liu Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200724200503.3629591-1-songliubraving@fb.com","kernel/bpf/stackmap.c | 9 ++++-----; 1 file changed, 4 insertions(+), 5 deletions(-)","This commit fixes a build issue for certain architectures by casting pointers in bpf_get_stack function.","build,architectures,casting","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"dfcdf0e9ad2e006196986f363c99b2097aec5ef0","dfcdf0e9ad2e006196986f363c99b2097aec5ef0","YiFei Zhu","zhuyifei@google.com","1595625473","Alexei Starovoitov","ast@kernel.org","1595733396","2ecce143cc0583c7bf16b1fcafe5f9c8c86d7865","36f72484820abcaede242a53fde965217e718b2e","bpf/local_storage: Fix build without CONFIG_CGROUP local_storage.o has its compile guard as CONFIG_BPF_SYSCALL, which does not imply that CONFIG_CGROUP is on. Including cgroup-internal.h when CONFIG_CGROUP is off cause a compilation failure. Fixes: f67cfc233706 (""bpf: Make cgroup storages shared between programs on the same cgroup"") Reported-by: kernel test robot Signed-off-by: YiFei Zhu Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200724211753.902969-1-zhuyifei1999@gmail.com","kernel/bpf/local_storage.c | 4 ++--; 1 file changed, 2 insertions(+), 2 deletions(-)","Fix compilation issue in eBPF local storage when CONFIG_CGROUP is not enabled.","fix, compilation, CONFIG_CGROUP","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"36f72484820abcaede242a53fde965217e718b2e","36f72484820abcaede242a53fde965217e718b2e","Alexei Starovoitov","ast@kernel.org","1595570476","Alexei Starovoitov","ast@kernel.org","1595733396","a50fb0c559087a16d99b8f81b4db0c94c69eb3b9","90065c0647efd6e2ec8983a702c4ba813af51b93 4e15f460be6d14c3fe80ef3221bde759f6b94d9d","Merge branch 'shared-cgroup-storage' YiFei Zhu says: ==================== To access the storage in a CGROUP_STORAGE map, one uses bpf_get_local_storage helper, which is extremely fast due to its use of per-CPU variables. However, its whole code is built on the assumption that one map can only be used by one program at any time, and this prohibits any sharing of data between multiple programs using these maps, eliminating a lot of use cases, such as some per-cgroup configuration storage, written to by a setsockopt program and read by a cg_sock_addr program. Why not use other map types? The great part of CGROUP_STORAGE map is that it is isolated by different cgroups its attached to. When one program uses bpf_get_local_storage, even on the same map, it gets different storages if it were run as a result of attaching to different cgroups. The kernel manages the storages, simplifying BPF program or userspace. In theory, one could probably use other maps like array or hash to do the same thing, but it would be a major overhead / complexity. Userspace needs to know when a cgroup is being freed in order to free up a space in the replacement map. This patch set introduces a significant change to the semantics of CGROUP_STORAGE map type. Instead of each storage being tied to one single attachment, it is shared across different attachments to the same cgroup, and persists until either the map or the cgroup attached to is being freed. User may use u64 as the key to the map, and the result would be that the attach type become ignored during key comparison, and programs of different attach types will share the same storage if the cgroups they are attached to are the same. How could this break existing users? * Users that uses detach & reattach / program replacement as a shortcut to zeroing the storage. Since we need sharing between programs, we cannot zero the storage. Users that expect this behavior should either attach a program with a new map, or explicitly zero the map with a syscall. This case is dependent on undocumented implementation details, so the impact should be very minimal. Patch 1 introduces a test on the old expected behavior of the map type. Patch 2 introduces a test showing how two programs cannot share one such map. Patch 3 implements the change of semantics to the map. Patch 4 amends the new test such that it yields the behavior we expect from the change. Patch 5 documents the map type. Changes since RFC: * Clarify commit message in patch 3 such that it says the lifetime of the storage is ended at the freeing of the cgroup_bpf, rather than the cgroup itself. * Restored an -ENOMEM check in __cgroup_bpf_attach. * Update selftests for recent change in network_helpers API. Changes since v1: * s/CHECK_FAIL/CHECK/ * s/bpf_prog_attach/bpf_program__attach_cgroup/ * Moved test__start_subtest to test_cg_storage_multi. * Removed some redundant CHECK_FAIL where they are already CHECK-ed. Changes since v2: * Lock cgroup_mutex during map_free. * Publish new storages only if attach is successful, by tracking exactly which storages are reused in an array of bools. * Mention bpftool map dump showing a value of zero for attach_type in patch 3 commit message. Changes since v3: * Use a much simpler lookup and allocate-if-not-exist from the fact that cgroup_mutex is locked during attach. * Removed an unnecessary spinlock hold. Changes since v4: * Changed semantics so that if the key type is struct bpf_cgroup_storage_key the map retains isolation between different attach types. Sharing between different attach types only occur when key type is u64. * Adapted tests and docs for the above change. Changes since v5: * Removed redundant NULL check before bpf_link__destroy. * Free BPF object explicitly, after asserting that object failed to load, in the event that the object did not fail to load. * Rename variable in bpf_cgroup_storage_key_cmp for clarity. * Added a lot of information to Documentation, more or less copied from what Martin KaFai Lau wrote. ==================== Acked-by: Martin KaFai Lau Signed-off-by: Alexei Starovoitov ","","The commit introduces shared storage in CGROUP_STORAGE maps for enhanced data sharing across eBPF programs attached to the same cgroup.","shared,cgroup,storage","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"4e15f460be6d14c3fe80ef3221bde759f6b94d9d","4e15f460be6d14c3fe80ef3221bde759f6b94d9d","YiFei Zhu","zhuyifei@google.com","1595566065","Alexei Starovoitov","ast@kernel.org","1595733396","a50fb0c559087a16d99b8f81b4db0c94c69eb3b9","3573f384014f51fd5289df0e8369b63ae7fdc244","Documentation/bpf: Document CGROUP_STORAGE map type The machanics and usage are not very straightforward. Given the changes it's better to document how it works and how to use it, rather than having to rely on the examples and implementation to infer what is going on. Signed-off-by: YiFei Zhu Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/b412edfbb05cb1077c9e2a36a981a54ee23fa8b3.1595565795.git.zhuyifei@google.com","Documentation/bpf/index.rst | 9 ++; Documentation/bpf/map_cgroup_storage.rst | 169 +++++++++++++++++++++++++++++++; 2 files changed, 178 insertions(+)","This commit documents the mechanics and usage of the CGROUP_STORAGE map type in BPF.","documentation,cgroup,storage","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"3573f384014f51fd5289df0e8369b63ae7fdc244","3573f384014f51fd5289df0e8369b63ae7fdc244","YiFei Zhu","zhuyifei@google.com","1595566064","Alexei Starovoitov","ast@kernel.org","1595733396","7ab3c4ef8c26f4f535b390a3f33d9434879d274e","7d9c3427894fe70d1347b4820476bf37736d2ff0","selftests/bpf: Test CGROUP_STORAGE behavior on shared egress + ingress This mirrors the original egress-only test. The cgroup_storage is now extended to have two packet counters, one for egress and one for ingress. We also extend to have two egress programs to test that egress will always share with other egress origrams in the same cgroup. The behavior of the counters are exactly the same as the original egress-only test. The test is split into two, one ""isolated"" test that when the key type is struct bpf_cgroup_storage_key, which contains the attach type, programs of different attach types will see different storages. The other, ""shared"" test that when the key type is u64, programs of different attach types will see the same storage if they are attached to the same cgroup. Signed-off-by: YiFei Zhu Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/c756f5f1521227b8e6e90a453299dda722d7324d.1595565795.git.zhuyifei@google.com",".../selftests/bpf/prog_tests/cg_storage_multi.c | 265 +++++++++++++++++++--; .../bpf/progs/cg_storage_multi_egress_ingress.c | 45 ----; .../bpf/progs/cg_storage_multi_isolated.c | 57 +++++; .../selftests/bpf/progs/cg_storage_multi_shared.c | 57 +++++; 4 files changed, 354 insertions(+), 70 deletions(-)","This commit adds tests for cgroup_storage behavior on shared egress and ingress, introducing packet counters for both directions and testing isolated and shared storage contexts.","cgroup_storage,egress,ingress","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"90065c0647efd6e2ec8983a702c4ba813af51b93","90065c0647efd6e2ec8983a702c4ba813af51b93","Alexei Starovoitov","ast@kernel.org","1595568032","Alexei Starovoitov","ast@kernel.org","1595733395","c87d99dabe2c42a178399bffc9c9e94c2be496a2","909e446b3204642bdb54ab2f225652be89d91268 346938e9380cc0b2ad8e2566389cdc570386fe22","Merge branch 'fix-bpf_get_stack-with-PEBS' Song Liu says: ==================== Calling get_perf_callchain() on perf_events from PEBS entries may cause unwinder errors. To fix this issue, perf subsystem fetches callchain early, and marks perf_events are marked with __PERF_SAMPLE_CALLCHAIN_EARLY. Similar issue exists when BPF program calls get_perf_callchain() via helper functions. For more information about this issue, please refer to discussions in [1]. This set fixes this issue with helper proto bpf_get_stackid_pe and bpf_get_stack_pe. [1] https://lore.kernel.org/lkml/ED7B9430-6489-4260-B3C5-9CFA2E3AA87A@fb.com/ Changes v4 => v5: 1. Return -EPROTO instead of -EINVAL on PERF_EVENT_IOC_SET_BPF errors. (Alexei) 2. Let libbpf print a hint message when PERF_EVENT_IOC_SET_BPF returns -EPROTO. (Alexei) Changes v3 => v4: 1. Fix error check logic in bpf_get_stackid_pe and bpf_get_stack_pe. (Alexei) 2. Do not allow attaching BPF programs with bpf_get_stack|stackid to perf_event with precise_ip > 0, but not proper callchain. (Alexei) 3. Add selftest get_stackid_cannot_attach. Changes v2 => v3: 1. Fix handling of stackmap skip field. (Andrii) 2. Simplify the code in a few places. (Andrii) Changes v1 => v2: 1. Simplify the design and avoid introducing new helper function. (Andrii) ==================== Signed-off-by: Alexei Starovoitov ","","This commit merges fixes for unwinder errors in BPF programs using perf_events by marking events with __PERF_SAMPLE_CALLCHAIN_EARLY.","unwinder, perf_events, merge","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","['kprobe/ftrace like type kernel dynamic probe programs. It affects kernel-level probes used for tracing kernel functions. It can be other kernel probes in perf-events.']" +"7d9c3427894fe70d1347b4820476bf37736d2ff0","7d9c3427894fe70d1347b4820476bf37736d2ff0","YiFei Zhu","zhuyifei@google.com","1595566063","Alexei Starovoitov","ast@kernel.org","1595733395","b3bde4987056582ca21d13b75589cca8026e03b3","9e5bd1f7633bc1c3c8b25496eedfeced6d2675ff","bpf: Make cgroup storages shared between programs on the same cgroup This change comes in several parts: One, the restriction that the CGROUP_STORAGE map can only be used by one program is removed. This results in the removal of the field 'aux' in struct bpf_cgroup_storage_map, and removal of relevant code associated with the field, and removal of now-noop functions bpf_free_cgroup_storage and bpf_cgroup_storage_release. Second, we permit a key of type u64 as the key to the map. Providing such a key type indicates that the map should ignore attach type when comparing map keys. However, for simplicity newly linked storage will still have the attach type at link time in its key struct. cgroup_storage_check_btf is adapted to accept u64 as the type of the key. Third, because the storages are now shared, the storages cannot be unconditionally freed on program detach. There could be two ways to solve this issue: * A. Reference count the usage of the storages, and free when the last program is detached. * B. Free only when the storage is impossible to be referred to again, i.e. when either the cgroup_bpf it is attached to, or the map itself, is freed. Option A has the side effect that, when the user detach and reattach a program, whether the program gets a fresh storage depends on whether there is another program attached using that storage. This could trigger races if the user is multi-threaded, and since nondeterminism in data races is evil, go with option B. The both the map and the cgroup_bpf now tracks their associated storages, and the storage unlink and free are removed from cgroup_bpf_detach and added to cgroup_bpf_release and cgroup_storage_map_free. The latter also new holds the cgroup_mutex to prevent any races with the former. Fourth, on attach, we reuse the old storage if the key already exists in the map, via cgroup_storage_lookup. If the storage does not exist yet, we create a new one, and publish it at the last step in the attach process. This does not create a race condition because for the whole attach the cgroup_mutex is held. We keep track of an array of new storages that was allocated and if the process fails only the new storages would get freed. Signed-off-by: YiFei Zhu Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/d5401c6106728a00890401190db40020a1f84ff1.1595565795.git.zhuyifei@google.com","include/linux/bpf-cgroup.h | 12 ++-; kernel/bpf/cgroup.c | 67 ++++++++------; kernel/bpf/core.c | 12 ---; kernel/bpf/local_storage.c | 216 ++++++++++++++++++++++++---------------------; 4 files changed, 164 insertions(+), 143 deletions(-)","This commit enables sharing of cgroup storage between programs on the same cgroup with improved key management and storage handling.","cgroup,storage,shared","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"346938e9380cc0b2ad8e2566389cdc570386fe22","346938e9380cc0b2ad8e2566389cdc570386fe22","Song Liu","songliubraving@fb.com","1595527608","Alexei Starovoitov","ast@kernel.org","1595733395","c87d99dabe2c42a178399bffc9c9e94c2be496a2","1da4864c2b20f81afbb18b2a0b914d0c776331fc","selftests/bpf: Add get_stackid_cannot_attach This test confirms that BPF program that calls bpf_get_stackid() cannot attach to perf_event with precise_ip > 0 but not PERF_SAMPLE_CALLCHAIN; and cannot attach if the perf_event has exclude_callchain_kernel. Signed-off-by: Song Liu Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200723180648.1429892-6-songliubraving@fb.com",".../bpf/prog_tests/get_stackid_cannot_attach.c | 91 ++++++++++++++++++++++; 1 file changed, 91 insertions(+)","This commit adds a test to verify restrictions on attaching BPF programs using bpf_get_stackid with specific perf_event settings.","selftests,bpf,perf_event","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Profile related type programs. It affects programs used for profiling system or application performance.', 'kprobe/ftrace like type kernel dynamic probe programs. It affects kernel-level probes used for tracing kernel functions. It can be other kernel probes in perf-events.', 'Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.']" +"9e5bd1f7633bc1c3c8b25496eedfeced6d2675ff","9e5bd1f7633bc1c3c8b25496eedfeced6d2675ff","YiFei Zhu","zhuyifei@google.com","1595566062","Alexei Starovoitov","ast@kernel.org","1595733395","d2cbd43bfa673721b3b0f798a6bcc65146f7c718","d4a89c1eb81431479664029bcdec593dbf23385f","selftests/bpf: Test CGROUP_STORAGE map can't be used by multiple progs The current assumption is that the lifetime of a cgroup storage is tied to the program's attachment. The storage is created in cgroup_bpf_attach, and released upon cgroup_bpf_detach and cgroup_bpf_release. Because the current semantics is that each attachment gets a completely independent cgroup storage, and you can have multiple programs attached to the same (cgroup, attach type) pair, the key of the CGROUP_STORAGE map, looking up the map with this pair could yield multiple storages, and that is not permitted. Therefore, the kernel verifier checks that two programs cannot share the same CGROUP_STORAGE map, even if they have different expected attach types, considering that the actual attach type does not always have to be equal to the expected attach type. The test creates a CGROUP_STORAGE map and make it shared across two different programs, one cgroup_skb/egress and one /ingress. It asserts that the two programs cannot be both loaded, due to verifier failure from the above reason. Signed-off-by: YiFei Zhu Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/30a6b0da67ae6b0296c4d511bfb19c5f3d035916.1595565795.git.zhuyifei@google.com",".../selftests/bpf/prog_tests/cg_storage_multi.c | 43 +++++++++++++++++----; .../testing/selftests/bpf/progs/cg_storage_multi.h | 13 +++++++; .../bpf/progs/cg_storage_multi_egress_ingress.c | 45 ++++++++++++++++++++++; .../bpf/progs/cg_storage_multi_egress_only.c | 9 +++--; 4 files changed, 99 insertions(+), 11 deletions(-)","The commit introduces a test confirming that CGROUP_STORAGE maps cannot be shared across multiple eBPF programs with different attach types.","CGROUP_STORAGE,test,verifier","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"1da4864c2b20f81afbb18b2a0b914d0c776331fc","1da4864c2b20f81afbb18b2a0b914d0c776331fc","Song Liu","songliubraving@fb.com","1595527607","Alexei Starovoitov","ast@kernel.org","1595733395","da39dc8da10a5ce4dfd2548f297512d8ac7bbc11","d4b4dd6ce7709c2d2fe56dcfc15074ee18505bcb","selftests/bpf: Add callchain_stackid This tests new helper function bpf_get_stackid_pe and bpf_get_stack_pe. These two helpers have different implementation for perf_event with PEB entries. Signed-off-by: Song Liu Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200723180648.1429892-5-songliubraving@fb.com",".../selftests/bpf/prog_tests/perf_event_stackmap.c | 116 +++++++++++++++++++++; .../selftests/bpf/progs/perf_event_stackmap.c | 59 +++++++++++; 2 files changed, 175 insertions(+)","The commit adds self-tests for new eBPF helper functions related to stack identification in perf_events.","selftests,stackid,helper","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['kprobe/ftrace like type kernel dynamic probe programs. It affects kernel-level probes used for tracing kernel functions. It can be other kernel probes in perf-events.']" +"d4a89c1eb81431479664029bcdec593dbf23385f","d4a89c1eb81431479664029bcdec593dbf23385f","YiFei Zhu","zhuyifei@google.com","1595566061","Alexei Starovoitov","ast@kernel.org","1595733395","1e46a4faa110564e441aca6bc98a6ecb75125644","90065c0647efd6e2ec8983a702c4ba813af51b93","selftests/bpf: Add test for CGROUP_STORAGE map on multiple attaches This test creates a parent cgroup, and a child of that cgroup. It attaches a cgroup_skb/egress program that simply counts packets, to a global variable (ARRAY map), and to a CGROUP_STORAGE map. The program is first attached to the parent cgroup only, then to parent and child. The test cases sends a message within the child cgroup, and because the program is inherited across parent / child cgroups, it will trigger the egress program for both the parent and child, if they exist. The program, when looking up a CGROUP_STORAGE map, uses the cgroup and attach type of the attachment parameters; therefore, both attaches uses different cgroup storages. We assert that all packet counts returns what we expects. Signed-off-by: YiFei Zhu Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/5a20206afa4606144691c7caa0d1b997cd60dec0.1595565795.git.zhuyifei@google.com",".../selftests/bpf/prog_tests/cg_storage_multi.c | 161 +++++++++++++++++++++; .../bpf/progs/cg_storage_multi_egress_only.c | 30 ++++; 2 files changed, 191 insertions(+)","This commit introduces a selftest for CGROUP_STORAGE map behavior with cgroup_skb programs on multiple cgroup attachments.","selftest, CGROUP_STORAGE, cgroup","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"d4b4dd6ce7709c2d2fe56dcfc15074ee18505bcb","d4b4dd6ce7709c2d2fe56dcfc15074ee18505bcb","Song Liu","songliubraving@fb.com","1595527606","Alexei Starovoitov","ast@kernel.org","1595733395","4f13bbdfc94518efcf3f275b3fb6650f5bf52cdc","5d99cb2c86775b4780c02a339a9578bf9471ead9","libbpf: Print hint when PERF_EVENT_IOC_SET_BPF returns -EPROTO The kernel prevents potential unwinder warnings and crashes by blocking BPF program with bpf_get_[stack|stackid] on perf_event without PERF_SAMPLE_CALLCHAIN, or with exclude_callchain_[kernel|user]. Print a hint message in libbpf to help the user debug such issues. Signed-off-by: Song Liu Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200723180648.1429892-4-songliubraving@fb.com","tools/lib/bpf/libbpf.c | 3 +++; 1 file changed, 3 insertions(+)","Prints hint in libbpf for debugging when PERF_EVENT_IOC_SET_BPF returns -EPROTO due to stack issues in perf_event.","libbpf,hint,debugging","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.']" +"909e446b3204642bdb54ab2f225652be89d91268","909e446b3204642bdb54ab2f225652be89d91268","Alexei Starovoitov","ast@kernel.org","1595567146","Alexei Starovoitov","ast@kernel.org","1595733394","ad893338be4daaf48000287dc6eb57a00e76ff8c","a228a64fc1e4428e2b96dc68e9ad3c447095c9e7 9efcc4ad7a15ea50550c53fbf62457c309216051","Merge branch 'bpf_iter-for-map-elems' Yonghong Song says: ==================== Bpf iterator has been implemented for task, task_file, bpf_map, ipv6_route, netlink, tcp and udp so far. For map elements, there are two ways to traverse all elements from user space: 1. using BPF_MAP_GET_NEXT_KEY bpf subcommand to get elements one by one. 2. using BPF_MAP_LOOKUP_BATCH bpf subcommand to get a batch of elements. Both these approaches need to copy data from kernel to user space in order to do inspection. This patch implements bpf iterator for map elements. User can have a bpf program in kernel to run with each map element, do checking, filtering, aggregation, modifying values etc. without copying data to user space. Patch #1 and #2 are refactoring. Patch #3 implements readonly/readwrite buffer support in verifier. Patches #4 - #7 implements map element support for hash, percpu hash, lru hash lru percpu hash, array, percpu array and sock local storage maps. Patches #8 - #9 are libbpf and bpftool support. Patches #10 - #13 are selftests for implemented map element iterators. Changelogs: v3 -> v4: . fix a kasan failure triggered by a failed bpf_iter link_create, not just free_link but need cleanup_link. (Alexei) v2 -> v3: . rebase on top of latest bpf-next v1 -> v2: . support to modify map element values. (Alexei) . map key/values can be used with helper arguments for those arguments with ARG_PTR_TO_MEM or ARG_PTR_TO_INIT_MEM register type. (Alexei) . remove usused variable. (kernel test robot) ==================== Signed-off-by: Alexei Starovoitov ","","The commit merges a branch to implement the bpf iterator for map elements, allowing kernel-side data handling without user space copying.","bpf,map,iterator","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"5d99cb2c86775b4780c02a339a9578bf9471ead9","5d99cb2c86775b4780c02a339a9578bf9471ead9","Song Liu","songliubraving@fb.com","1595527605","Alexei Starovoitov","ast@kernel.org","1595733394","25c9829e8b83c8066b286c414821fac40a4e3c04","7b04d6d60fcfb5b2200ffebb9cfb90927bdfeec7","bpf: Fail PERF_EVENT_IOC_SET_BPF when bpf_get_[stack|stackid] cannot work bpf_get_[stack|stackid] on perf_events with precise_ip uses callchain attached to perf_sample_data. If this callchain is not presented, do not allow attaching BPF program that calls bpf_get_[stack|stackid] to this event. In the error case, -EPROTO is returned so that libbpf can identify this error and print proper hint message. Signed-off-by: Song Liu Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200723180648.1429892-3-songliubraving@fb.com","include/linux/filter.h | 3 ++-; kernel/bpf/verifier.c | 3 +++; kernel/events/core.c | 18 ++++++++++++++++++; 3 files changed, 23 insertions(+), 1 deletion(-)","The commit prevents attaching eBPF programs that use bpf_get_stack functions to perf_events lacking callchain data.","PERF_EVENT_IOC_SET_BPF,bpf_get_stackid,perf_events","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['kprobe/ftrace like type kernel dynamic probe programs. It affects kernel-level probes used for tracing kernel functions. It can be other kernel probes in perf-events.']" +"9efcc4ad7a15ea50550c53fbf62457c309216051","9efcc4ad7a15ea50550c53fbf62457c309216051","Yonghong Song","yhs@fb.com","1595529684","Alexei Starovoitov","ast@kernel.org","1595733394","ad893338be4daaf48000287dc6eb57a00e76ff8c","3b1c420bd882115eb7a3d2335cc00d7b9974eb0b","selftests/bpf: Add a test for out of bound rdonly buf access If the bpf program contains out of bound access w.r.t. a particular map key/value size, the verification will be still okay, e.g., it will be accepted by verifier. But it will be rejected during link_create time. A test is added here to ensure link_create failure did happen if out of bound access happened. $ ./test_progs -n 4 ... #4/23 rdonly-buf-out-of-bound:OK ... Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200723184124.591700-1-yhs@fb.com","tools/testing/selftests/bpf/prog_tests/bpf_iter.c | 22 ++++++++++++++; .../selftests/bpf/progs/bpf_iter_test_kern5.c | 35 ++++++++++++++++++++++; 2 files changed, 57 insertions(+)","The commit adds a test to ensure bpf programs with out-of-bounds access are caught at link creation.","selftests,bpf,out-of-bound","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"7b04d6d60fcfb5b2200ffebb9cfb90927bdfeec7","7b04d6d60fcfb5b2200ffebb9cfb90927bdfeec7","Song Liu","songliubraving@fb.com","1595527604","Alexei Starovoitov","ast@kernel.org","1595733394","21487ebc03582d49dbf8a5f0a8231b93f32c7770","909e446b3204642bdb54ab2f225652be89d91268","bpf: Separate bpf_get_[stack|stackid] for perf events BPF Calling get_perf_callchain() on perf_events from PEBS entries may cause unwinder errors. To fix this issue, the callchain is fetched early. Such perf_events are marked with __PERF_SAMPLE_CALLCHAIN_EARLY. Similarly, calling bpf_get_[stack|stackid] on perf_events from PEBS may also cause unwinder errors. To fix this, add separate version of these two helpers, bpf_get_[stack|stackid]_pe. These two hepers use callchain in bpf_perf_event_data_kern->data->callchain. Signed-off-by: Song Liu Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200723180648.1429892-2-songliubraving@fb.com","include/linux/bpf.h | 2 +; kernel/bpf/stackmap.c | 184 ++++++++++++++++++++++++++++++++++++++++++-----; kernel/trace/bpf_trace.c | 4 +-; 3 files changed, 170 insertions(+), 20 deletions(-)","The commit introduces separate helpers for bpf_get_stack and bpf_get_stackid to handle PEBS perf events and prevent unwinder errors.","bpf_get_stack, perf_events, helpers","A bug fix. It primarily resolves a bug or issue in the code.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', 'kprobe/ftrace like type kernel dynamic probe programs. It affects kernel-level probes used for tracing kernel functions. It can be other kernel probes in perf-events.', 'Profile related type programs. It affects programs used for profiling system or application performance.']" +"3b1c420bd882115eb7a3d2335cc00d7b9974eb0b","3b1c420bd882115eb7a3d2335cc00d7b9974eb0b","Yonghong Song","yhs@fb.com","1595529682","Alexei Starovoitov","ast@kernel.org","1595733394","d89acbb828c77a88a9a4d914494e0c6020bda983","60dd49ea65390986a665c462da704927e861e67e","selftests/bpf: Add a test for bpf sk_storage_map iterator Added one test for bpf sk_storage_map_iterator. $ ./test_progs -n 4 ... #4/22 bpf_sk_storage_map:OK ... Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200723184122.591591-1-yhs@fb.com","tools/testing/selftests/bpf/prog_tests/bpf_iter.c | 72 ++++++++++++++++++++++; .../bpf/progs/bpf_iter_bpf_sk_storage_map.c | 34 ++++++++++; 2 files changed, 106 insertions(+)","This commit adds a test case for the bpf sk_storage_map iterator in the BPF selftests.","bpf,sk_storage_map,iterator","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"60dd49ea65390986a665c462da704927e861e67e","60dd49ea65390986a665c462da704927e861e67e","Yonghong Song","yhs@fb.com","1595529681","Alexei Starovoitov","ast@kernel.org","1595733394","5c4d32ab95660adde58cfe0aea34e857f1336cf3","2a7c2fff7dd6e87634e47ddb2d2c7f272708dbbf","selftests/bpf: Add test for bpf array map iterators Two subtests are added. $ ./test_progs -n 4 ... #4/20 bpf_array_map:OK #4/21 bpf_percpu_array_map:OK ... The bpf_array_map subtest also tested bpf program changing array element values and send key/value to user space through bpf_seq_write() interface. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200723184121.591367-1-yhs@fb.com","tools/testing/selftests/bpf/prog_tests/bpf_iter.c | 161 +++++++++++++++++++++; .../selftests/bpf/progs/bpf_iter_bpf_array_map.c | 40 +++++; .../bpf/progs/bpf_iter_bpf_percpu_array_map.c | 46 ++++++; 3 files changed, 247 insertions(+)","Add selftests for bpf array map iterators including percpu array programs.","selftests,bpf,map","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"2a7c2fff7dd6e87634e47ddb2d2c7f272708dbbf","2a7c2fff7dd6e87634e47ddb2d2c7f272708dbbf","Yonghong Song","yhs@fb.com","1595529680","Alexei Starovoitov","ast@kernel.org","1595733393","36faf9beadac197f6f4d955ef0ceb5148b22c8a8","d8793aca708602c676372b03d6493972457524af","selftests/bpf: Add test for bpf hash map iterators Two subtests are added. $ ./test_progs -n 4 ... #4/18 bpf_hash_map:OK #4/19 bpf_percpu_hash_map:OK ... Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200723184120.590916-1-yhs@fb.com","tools/testing/selftests/bpf/prog_tests/bpf_iter.c | 187 +++++++++++++++++++++; .../selftests/bpf/progs/bpf_iter_bpf_hash_map.c | 100 +++++++++++; .../bpf/progs/bpf_iter_bpf_percpu_hash_map.c | 50 ++++++; 3 files changed, 337 insertions(+)","Add self-tests for bpf hash map iterators to verify their functionality in the bpf subsystem.","selftests bpf iterators","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"d8793aca708602c676372b03d6493972457524af","d8793aca708602c676372b03d6493972457524af","Yonghong Song","yhs@fb.com","1595529679","Alexei Starovoitov","ast@kernel.org","1595733393","e245a88b1cbd10418cd8eaf8aa1ab2aa732a6dd0","cd31039a7347610863aa8b77a9162048999723d0","tools/bpftool: Add bpftool support for bpf map element iterator The optional parameter ""map MAP"" can be added to ""bpftool iter"" command to create a bpf iterator for map elements. For example, bpftool iter pin ./prog.o /sys/fs/bpf/p1 map id 333 For map element bpf iterator ""map MAP"" parameter is required. Otherwise, bpf link creation will return an error. Quentin Monnet kindly provided bash-completion implementation for new ""map MAP"" option. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200723184119.590799-1-yhs@fb.com","tools/bpf/bpftool/Documentation/bpftool-iter.rst | 18 +++++++++++--; tools/bpf/bpftool/bash-completion/bpftool | 18 ++++++++++++-; tools/bpf/bpftool/iter.c | 33 +++++++++++++++++++++---; 3 files changed, 62 insertions(+), 7 deletions(-)","The commit adds support for bpftool to iterate over bpf map elements with the 'map MAP' parameter.","bpftool,map,iterator","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"cd31039a7347610863aa8b77a9162048999723d0","cd31039a7347610863aa8b77a9162048999723d0","Yonghong Song","yhs@fb.com","1595529677","Alexei Starovoitov","ast@kernel.org","1595733393","1484dab071877cccf5a8fe973c7392f123aa7ac8","5ce6e77c7edf7310a0ff9532fd6b9693c082ab32","tools/libbpf: Add support for bpf map element iterator Add map_fd to bpf_iter_attach_opts and flags to bpf_link_create_opts. Later on, bpftool or selftest will be able to create a bpf map element iterator by passing map_fd to the kernel during link creation time. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200723184117.590673-1-yhs@fb.com","tools/lib/bpf/bpf.c | 1 +; tools/lib/bpf/bpf.h | 3 ++-; tools/lib/bpf/libbpf.c | 10 +++++++++-; tools/lib/bpf/libbpf.h | 3 ++-; 4 files changed, 14 insertions(+), 3 deletions(-)","Enhances libbpf to support BPF map element iterators by adding map_fd and flags in link creation options.","libbpf map_fd iterator","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"5ce6e77c7edf7310a0ff9532fd6b9693c082ab32","5ce6e77c7edf7310a0ff9532fd6b9693c082ab32","Yonghong Song","yhs@fb.com","1595529676","Alexei Starovoitov","ast@kernel.org","1595733393","e0d5c4833533f12fbcb9fc0cffe5072df75991f7","d3cc2ab546adc6e52b65f36f7c34820d2830d0c9","bpf: Implement bpf iterator for sock local storage map The bpf iterator for bpf sock local storage map is implemented. User space interacts with sock local storage map with fd as a key and storage value. In kernel, passing fd to the bpf program does not really make sense. In this case, the sock itself is passed to bpf program. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200723184116.590602-1-yhs@fb.com","net/core/bpf_sk_storage.c | 206 ++++++++++++++++++++++++++++++++++++++++++++++; 1 file changed, 206 insertions(+)","This commit implements a new bpf iterator for sock local storage maps, enabling kernel interaction using the socket object rather than file descriptors.","bpf,iterator,sock","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"d3cc2ab546adc6e52b65f36f7c34820d2830d0c9","d3cc2ab546adc6e52b65f36f7c34820d2830d0c9","Yonghong Song","yhs@fb.com","1595529675","Alexei Starovoitov","ast@kernel.org","1595733393","600669df82d2095897e71afd63df3ffad0df754b","d6c4503cc29638f328e1a6e6fefbdbda401c28fc","bpf: Implement bpf iterator for array maps The bpf iterators for array and percpu array are implemented. Similar to hash maps, for percpu array map, bpf program will receive values from all cpus. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200723184115.590532-1-yhs@fb.com","kernel/bpf/arraymap.c | 138 ++++++++++++++++++++++++++++++++++++++++++++++++++; kernel/bpf/map_iter.c | 6 ++-; 2 files changed, 142 insertions(+), 2 deletions(-)","Implemented BPF iterators for array and percpu array maps in the eBPF subsystem.","bpf, iterator, array","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"d6c4503cc29638f328e1a6e6fefbdbda401c28fc","d6c4503cc29638f328e1a6e6fefbdbda401c28fc","Yonghong Song","yhs@fb.com","1595529674","Alexei Starovoitov","ast@kernel.org","1595733393","eff79cbe41008eab2c86846965b56e583b3464ba","a5cbe05a6673b85bed2a63ffcfea6a96c6410cff","bpf: Implement bpf iterator for hash maps The bpf iterators for hash, percpu hash, lru hash and lru percpu hash are implemented. During link time, bpf_iter_reg->check_target() will check map type and ensure the program access key/value region is within the map defined key/value size limit. For percpu hash and lru hash maps, the bpf program will receive values for all cpus. The map element bpf iterator infrastructure will prepare value properly before passing the value pointer to the bpf program. This patch set supports readonly map keys and read/write map values. It does not support deleting map elements, e.g., from hash tables. If there is a user case for this, the following mechanism can be used to support map deletion for hashtab, etc. - permit a new bpf program return value, e.g., 2, to let bpf iterator know the map element should be removed. - since bucket lock is taken, the map element will be queued. - once bucket lock is released after all elements under this bucket are traversed, all to-be-deleted map elements can be deleted. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200723184114.590470-1-yhs@fb.com","kernel/bpf/hashtab.c | 194 ++++++++++++++++++++++++++++++++++++++++++++++++++; kernel/bpf/map_iter.c | 24 ++++++-; 2 files changed, 217 insertions(+), 1 deletion(-)","The commit implements bpf iterators for hash maps, enabling iteration over keys and values with selective modification capabilities.","bpf,iterator,hashmap","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"a228a64fc1e4428e2b96dc68e9ad3c447095c9e7","a228a64fc1e4428e2b96dc68e9ad3c447095c9e7","Alexei Starovoitov","ast@kernel.org","1593652218","Alexei Starovoitov","ast@kernel.org","1595733392","60f1dbabaaabc43cd02535c1ff0bbe6aeba481a5","3f9969f2c040ba2ba635b6b5a7051f404bcc634d","bpf: Add bpf_prog iterator It's mostly a copy paste of commit 6086d29def80 (""bpf: Add bpf_map iterator"") that is use to implement bpf_seq_file opreations to traverse all bpf programs. v1->v2: Tweak to use build time btf_id Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Acked-by: Daniel Borkmann ","include/linux/bpf.h | 1 +; kernel/bpf/Makefile | 2 +-; kernel/bpf/prog_iter.c | 103 +++++++++++++++++++++++++++++++++++++++++++++++++; kernel/bpf/syscall.c | 19 +++++++++; 4 files changed, 124 insertions(+), 1 deletion(-)","The commit adds a bpf_prog iterator for traversing all eBPF programs via bpf_seq_file operations.","bpf_prog,iterator,btf_id","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"a5cbe05a6673b85bed2a63ffcfea6a96c6410cff","a5cbe05a6673b85bed2a63ffcfea6a96c6410cff","Yonghong Song","yhs@fb.com","1595529672","Alexei Starovoitov","ast@kernel.org","1595733392","cc55db2dfffd4dc262f0a97c315044b406ec84a0","afbf21dce668ef59482037596eaffbe5041e094c","bpf: Implement bpf iterator for map elements The bpf iterator for map elements are implemented. The bpf program will receive four parameters: bpf_iter_meta *meta: the meta data bpf_map *map: the bpf_map whose elements are traversed void *key: the key of one element void *value: the value of the same element Here, meta and map pointers are always valid, and key has register type PTR_TO_RDONLY_BUF_OR_NULL and value has register type PTR_TO_RDWR_BUF_OR_NULL. The kernel will track the access range of key and value during verification time. Later, these values will be compared against the values in the actual map to ensure all accesses are within range. A new field iter_seq_info is added to bpf_map_ops which is used to add map type specific information, i.e., seq_ops, init/fini seq_file func and seq_file private data size. Subsequent patches will have actual implementation for bpf_map_ops->iter_seq_info. In user space, BPF_ITER_LINK_MAP_FD needs to be specified in prog attr->link_create.flags, which indicates that attr->link_create.target_fd is a map_fd. The reason for such an explicit flag is for possible future cases where one bpf iterator may allow more than one possible customization, e.g., pid and cgroup id for task_file. Current kernel internal implementation only allows the target to register at most one required bpf_iter_link_info. To support the above case, optional bpf_iter_link_info's are needed, the target can be extended to register such link infos, and user provided link_info needs to match one of target supported ones. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200723184112.590360-1-yhs@fb.com","include/linux/bpf.h | 16 ++++++++; include/uapi/linux/bpf.h | 7 ++++; kernel/bpf/bpf_iter.c | 85 ++++++++++++++++++++++++++++++++++--------; kernel/bpf/map_iter.c | 30 ++++++++++++++-; tools/include/uapi/linux/bpf.h | 7 ++++; 5 files changed, 128 insertions(+), 17 deletions(-)","This commit implements a bpf iterator for map elements to iterate and validate map contents in eBPF programs.","bpf,iterator,map","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"3f9969f2c040ba2ba635b6b5a7051f404bcc634d","3f9969f2c040ba2ba635b6b5a7051f404bcc634d","Yonghong Song","yhs@fb.com","1595447516","Alexei Starovoitov","ast@kernel.org","1595733392","faca49f0c3c4e31c5690fc99551c63c292847442","86176a1821a1237ad163d312ba0f2d7598757894","bpf: Fix pos computation for bpf_iter seq_ops->start() Currently, the pos pointer in bpf iterator map/task/task_file seq_ops->start() is always incremented. This is incorrect. It should be increased only if *pos is 0 (for SEQ_START_TOKEN) since these start() function actually returns the first real object. If *pos is not 0, it merely found the object based on the state in seq->private, and not really advancing the *pos. This patch fixed this issue by only incrementing *pos if it is 0. Note that the old *pos calculation, although not correct, does not affect correctness of bpf_iter as bpf_iter seq_file->read() does not support llseek. This patch also renamed ""mid"" in bpf_map iterator seq_file private data to ""map_id"" for better clarity. Fixes: 6086d29def80 (""bpf: Add bpf_map iterator"") Fixes: eaaacd23910f (""bpf: Add task and task/file iterator targets"") Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200722195156.4029817-1-yhs@fb.com","kernel/bpf/map_iter.c | 16 ++++++----------; kernel/bpf/task_iter.c | 6 ++++--; 2 files changed, 10 insertions(+), 12 deletions(-)","This commit fixes position computation in bpf iterator seq_ops->start() and renames a variable for clarity.","pos computation, bpf_iter, seq_ops","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"afbf21dce668ef59482037596eaffbe5041e094c","afbf21dce668ef59482037596eaffbe5041e094c","Yonghong Song","yhs@fb.com","1595529671","Alexei Starovoitov","ast@kernel.org","1595733392","62562fe521d58c485304c0d49094559ce2245b44","f9c792729581bd8b8473af163e8ab426c2c61d89","bpf: Support readonly/readwrite buffers in verifier Readonly and readwrite buffer register states are introduced. Totally four states, PTR_TO_RDONLY_BUF[_OR_NULL] and PTR_TO_RDWR_BUF[_OR_NULL] are supported. As suggested by their respective names, PTR_TO_RDONLY_BUF[_OR_NULL] are for readonly buffers and PTR_TO_RDWR_BUF[_OR_NULL] for read/write buffers. These new register states will be used by later bpf map element iterator. New register states share some similarity to PTR_TO_TP_BUFFER as it will calculate accessed buffer size during verification time. The accessed buffer size will be later compared to other metrics during later attach/link_create time. Similar to reg_state PTR_TO_BTF_ID_OR_NULL in bpf iterator programs, PTR_TO_RDONLY_BUF_OR_NULL or PTR_TO_RDWR_BUF_OR_NULL reg_types can be set at prog->aux->bpf_ctx_arg_aux, and bpf verifier will retrieve the values during btf_ctx_access(). Later bpf map element iterator implementation will show how such information will be assigned during target registeration time. The verifier is also enhanced such that PTR_TO_RDONLY_BUF can be passed to ARG_PTR_TO_MEM[_OR_NULL] helper argument, and PTR_TO_RDWR_BUF can be passed to ARG_PTR_TO_MEM[_OR_NULL] or ARG_PTR_TO_UNINIT_MEM. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200723184111.590274-1-yhs@fb.com","include/linux/bpf.h | 6 ++++; kernel/bpf/btf.c | 13 ++++++++; kernel/bpf/verifier.c | 91 +++++++++++++++++++++++++++++++++++++++++++++++----; 3 files changed, 104 insertions(+), 6 deletions(-)","The commit introduces support for new buffer register states, enhancing eBPF verifier functionality.","readonly, readwrite, verifier","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"86176a1821a1237ad163d312ba0f2d7598757894","86176a1821a1237ad163d312ba0f2d7598757894","Jakub Sitnicki","jakub@cloudflare.com","1595434640","Alexei Starovoitov","ast@kernel.org","1595733392","6e1950b5b123d12ae995d0d86ec520bdac2cf997","c8a2983c4df06c4cd11bea6abfa7e2947bd3113b","selftests/bpf: Test BPF socket lookup and reuseport with connections Cover the case when BPF socket lookup returns a socket that belongs to a reuseport group, and the reuseport group contains connected UDP sockets. Ensure that the presence of connected UDP sockets in reuseport group does not affect the socket lookup result. Socket selected by reuseport should always be used as result in such case. Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Acked-by: Kuniyuki Iwashima Link: https://lore.kernel.org/bpf/20200722161720.940831-3-jakub@cloudflare.com","tools/testing/selftests/bpf/prog_tests/sk_lookup.c | 54 +++++++++++++++++++++-; 1 file changed, 53 insertions(+), 1 deletion(-)","The commit adds a test for BPF socket lookup with reuseport and connected UDP sockets.","BPF,socket,reuseport","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"f9c792729581bd8b8473af163e8ab426c2c61d89","f9c792729581bd8b8473af163e8ab426c2c61d89","Yonghong Song","yhs@fb.com","1595529670","Alexei Starovoitov","ast@kernel.org","1595733392","2b5ff0209c3cb3cd0ab98a145c3541ce40c11017","14fc6bd6b79c430f615500d0fe6cea4722110db8","bpf: Refactor to provide aux info to bpf_iter_init_seq_priv_t This patch refactored target bpf_iter_init_seq_priv_t callback function to accept additional information. This will be needed in later patches for map element targets since a particular map should be passed to traverse elements for that particular map. In the future, other information may be passed to target as well, e.g., pid, cgroup id, etc. to customize the iterator. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200723184110.590156-1-yhs@fb.com","fs/proc/proc_net.c | 2 +-; include/linux/bpf.h | 7 ++++++-; include/linux/proc_fs.h | 3 ++-; kernel/bpf/bpf_iter.c | 2 +-; kernel/bpf/task_iter.c | 2 +-; net/ipv4/tcp_ipv4.c | 4 ++--; net/ipv4/udp.c | 4 ++--; 7 files changed, 15 insertions(+), 9 deletions(-)","The commit refactors bpf_iter_init_seq_priv_t to accept additional information for future customization of eBPF iterator operations.","refactor, bpf_iter, customization","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"14fc6bd6b79c430f615500d0fe6cea4722110db8","14fc6bd6b79c430f615500d0fe6cea4722110db8","Yonghong Song","yhs@fb.com","1595529669","Alexei Starovoitov","ast@kernel.org","1595733392","5fef4ccfed6460489ece68286530134f630ad4eb","a228a64fc1e4428e2b96dc68e9ad3c447095c9e7","bpf: Refactor bpf_iter_reg to have separate seq_info member There is no functionality change for this patch. Struct bpf_iter_reg is used to register a bpf_iter target, which includes information for both prog_load, link_create and seq_file creation. This patch puts fields related seq_file creation into a different structure. This will be useful for map elements iterator where one iterator covers different map types and different map types may have different seq_ops, init/fini private_data function and private_data size. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200723184109.590030-1-yhs@fb.com","include/linux/bpf.h | 17 ++++++++++-------; kernel/bpf/bpf_iter.c | 12 ++++++------; kernel/bpf/map_iter.c | 8 ++++++--; kernel/bpf/prog_iter.c | 8 ++++++--; kernel/bpf/task_iter.c | 16 ++++++++++++----; net/ipv4/tcp_ipv4.c | 8 ++++++--; net/ipv4/udp.c | 8 ++++++--; net/ipv6/route.c | 8 ++++++--; net/netlink/af_netlink.c | 8 ++++++--; 9 files changed, 64 insertions(+), 29 deletions(-)","Refactor bpf_iter_reg to segregate seq_info into a distinct structure for enhanced map element iterator management.","refactor, bpf_iter_reg, seq_info","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"c8a2983c4df06c4cd11bea6abfa7e2947bd3113b","c8a2983c4df06c4cd11bea6abfa7e2947bd3113b","Jakub Sitnicki","jakub@cloudflare.com","1595434639","Alexei Starovoitov","ast@kernel.org","1595733361","abeea2f58802f33b291ecca87738ab23d3e21f56","f3c93a93b564d25cab715cd71a6c3417e77b19f3","udp: Don't discard reuseport selection when group has connections When BPF socket lookup prog selects a socket that belongs to a reuseport group, and the reuseport group has connected sockets in it, the socket selected by reuseport will be discarded, and socket returned by BPF socket lookup will be used instead. Modify this behavior so that the socket selected by reuseport running after BPF socket lookup always gets used. Ignore the fact that the reuseport group might have connections because it is only relevant when scoring sockets during regular hashtable-based lookup. Fixes: 72f7e9440e9b (""udp: Run SK_LOOKUP BPF program on socket lookup"") Fixes: 6d4201b1386b (""udp6: Run SK_LOOKUP BPF program on socket lookup"") Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Acked-by: Kuniyuki Iwashima Link: https://lore.kernel.org/bpf/20200722161720.940831-2-jakub@cloudflare.com","net/ipv6/udp.c | 3 ---; 1 file changed, 3 deletions(-)","This commit fixes how BPF socket lookup interacts with reuseport groups by ensuring reuseport selection is always respected.","reuseport,BPF,socket","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"f3c93a93b564d25cab715cd71a6c3417e77b19f3","f3c93a93b564d25cab715cd71a6c3417e77b19f3","Andrii Nakryiko","andriin@fb.com","1595392684","Alexei Starovoitov","ast@kernel.org","1595733332","d342bd7d72555daab45f55de1167102e3989114d","a57066b1a01977a646145f4ce8dfb4538b08368a","tools/bpftool: Strip BPF .o files before skeleton generation Strip away DWARF info from .bpf.o files, before generating BPF skeletons. This reduces bpftool binary size from 3.43MB to 2.58MB. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Acked-by: Quentin Monnet Link: https://lore.kernel.org/bpf/20200722043804.2373298-1-andriin@fb.com","tools/bpf/bpftool/Makefile | 3 ++-; 1 file changed, 2 insertions(+), 1 deletion(-)","The commit reduces bpftool binary size by removing DWARF info from .bpf.o files before skeleton generation.","Strip,DWARF,bpftool","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"a57066b1a01977a646145f4ce8dfb4538b08368a","a57066b1a01977a646145f4ce8dfb4538b08368a","David S. Miller","davem@davemloft.net","1595724544","David S. Miller","davem@davemloft.net","1595724544","57c2b4fa2fc48e687a1820b9bf4ef4f4363be0f9","dfecd3e00cd32b2a6d1cfdb30b513dd42575ada3 04300d66f0a06d572d9f2ad6768c38cabde22179","Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net The UDP reuseport conflict was a little bit tricky. The net-next code, via bpf-next, extracted the reuseport handling into a helper so that the BPF sk lookup code could invoke it. At the same time, the logic for reuseport handling of unconnected sockets changed via commit efc6b6f6c3113e8b203b9debfb72d81e0f3dcace which changed the logic to carry on the reuseport result into the rest of the lookup loop if we do not return immediately. This requires moving the reuseport_has_conns() logic into the callers. While we are here, get rid of inline directives as they do not belong in foo.c files. The other changes were cases of more straightforward overlapping modifications. Signed-off-by: David S. Miller ","","Merges changes from netdev/net affecting UDP reuseport handling to align with BPF updates.","merge, reuseport, UDP","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"7c4c24168014f250241b6df66ca5bae37eda7ffc","7c4c24168014f250241b6df66ca5bae37eda7ffc","David S. Miller","davem@davemloft.net","1595630514","David S. Miller","davem@davemloft.net","1595630514","90ff9c419f8244651aa420349756cc371d539646","197569f72a1a3512ef294bae68d100d613f38f6a 6d04fe15f78acdf8e32329e208552e226f7a8ae6","Merge branch 'get-rid-of-the-address_space-override-in-setsockopt-v2' Christoph Hellwig says: ==================== get rid of the address_space override in setsockopt v2 setsockopt is the last place in architecture-independ code that still uses set_fs to force the uaccess routines to operate on kernel pointers. This series adds a new sockptr_t type that can contained either a kernel or user pointer, and which has accessors that do the right thing, and then uses it for setsockopt, starting by refactoring some low-level helpers and moving them over to it before finally doing the main setsockopt method. Note that apparently the eBPF selftests do not even cover this path, so the series has been tested with a testing patch that always copies the data first and passes a kernel pointer. This is something that works for most common sockopts (and is something that the ePBF support relies on), but unfortunately in various corner cases we either don't use the passed in length, or in one case actually copy data back from setsockopt, or in case of bpfilter straight out do not work with kernel pointers at all. Against net-next/master. Changes since v1: - check that users don't pass in kernel addresses - more bpfilter cleanups - cosmetic mptcp tweak ==================== Signed-off-by: David S. Miller ","","This merge commit eliminates set_fs use in setsockopt by introducing sockptr_t for handling kernel and user pointers.","setsockopt, sockptr_t, set_fs","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"d38d2b00ba64b3f2f30d70a7929000606d2c4509","d38d2b00ba64b3f2f30d70a7929000606d2c4509","Christoph Hellwig","hch@lst.de","1595484546","David S. Miller","davem@davemloft.net","1595630514","98159f1aab613ae688102622ee883ea75bd2c102","d4c19c49142ddb2efcc34cff6379d03edb3553bd","net/tcp: switch do_tcp_setsockopt to sockptr_t Pass a sockptr_t to prepare for set_fs-less handling of the kernel pointer from bpf-cgroup. Signed-off-by: Christoph Hellwig Signed-off-by: David S. Miller ","net/ipv4/tcp.c | 34 ++++++++++++++++------------------; 1 file changed, 16 insertions(+), 18 deletions(-)","This commit updates do_tcp_setsockopt to use sockptr_t for future set_fs-less handling of kernel pointers in bpf-cgroup.","sockptr_t,tcp,bpf-cgroup","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"d4c19c49142ddb2efcc34cff6379d03edb3553bd","d4c19c49142ddb2efcc34cff6379d03edb3553bd","Christoph Hellwig","hch@lst.de","1595484545","David S. Miller","davem@davemloft.net","1595630514","b2d7faa45b3f155fc08a2861ae80abfe7251efcd","91ac1ccaff597d06b1e16801e1a4c99b8a78dcbe","net/tcp: switch ->md5_parse to sockptr_t Pass a sockptr_t to prepare for set_fs-less handling of the kernel pointer from bpf-cgroup. Signed-off-by: Christoph Hellwig Signed-off-by: David S. Miller ","include/net/tcp.h | 2 +-; net/ipv4/tcp.c | 3 ++-; net/ipv4/tcp_ipv4.c | 4 ++--; net/ipv6/tcp_ipv6.c | 4 ++--; 4 files changed, 7 insertions(+), 6 deletions(-)","The commit modifies the TCP network subsystem to use sockptr_t for kernel pointer handling from bpf-cgroup.","sockptr_t, bpf-cgroup, tcp","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"91ac1ccaff597d06b1e16801e1a4c99b8a78dcbe","91ac1ccaff597d06b1e16801e1a4c99b8a78dcbe","Christoph Hellwig","hch@lst.de","1595484544","David S. Miller","davem@davemloft.net","1595630514","213cfc026155048e81a84b073630768594c35781","894cfbc0cf3ea447e486fca99852893a155b6a81","net/udp: switch udp_lib_setsockopt to sockptr_t Pass a sockptr_t to prepare for set_fs-less handling of the kernel pointer from bpf-cgroup. Signed-off-by: Christoph Hellwig Signed-off-by: David S. Miller ","include/net/udp.h | 2 +-; net/ipv4/udp.c | 7 ++++---; net/ipv6/udp.c | 3 ++-; 3 files changed, 7 insertions(+), 5 deletions(-)","The commit modifies 'udp_lib_setsockopt' to utilize 'sockptr_t' for compatibility with bpf-cgroup in a set_fs-less context.","sockptr_t, bpf-cgroup, udp_lib_setsockopt","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"894cfbc0cf3ea447e486fca99852893a155b6a81","894cfbc0cf3ea447e486fca99852893a155b6a81","Christoph Hellwig","hch@lst.de","1595484543","David S. Miller","davem@davemloft.net","1595630514","afcaf8e234456586077dc615aacb417467363669","b84d2b73af401dc00d9f03c5d78ccf71369a5707","net/ipv6: switch do_ipv6_setsockopt to sockptr_t Pass a sockptr_t to prepare for set_fs-less handling of the kernel pointer from bpf-cgroup. Signed-off-by: Christoph Hellwig Signed-off-by: David S. Miller ","net/ipv6/ipv6_sockglue.c | 66 ++++++++++++++++++++++++------------------------; 1 file changed, 33 insertions(+), 33 deletions(-)","The commit refactors IPv6 setsockopt to use sockptr_t for better handling of kernel pointers in bpf-cgroup contexts.","sockptr_t,ipv6,cgroup","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"86298285c9ae3a41ce21c2d00ebdde51dd2abc73","86298285c9ae3a41ce21c2d00ebdde51dd2abc73","Christoph Hellwig","hch@lst.de","1595484541","David S. Miller","davem@davemloft.net","1595630514","62296fafa0f2d3dc20b0be97f569134dc1c79478","ff6a4cf214effa0f600fff0eff70c60bcab94ecb","net/ipv6: switch ipv6_flowlabel_opt to sockptr_t Pass a sockptr_t to prepare for set_fs-less handling of the kernel pointer from bpf-cgroup. Note that the get case is pretty weird in that it actually copies data back to userspace from setsockopt. Signed-off-by: Christoph Hellwig Signed-off-by: David S. Miller ","include/net/ipv6.h | 2 +-; net/ipv6/ip6_flowlabel.c | 16 +++++++++-------; net/ipv6/ipv6_sockglue.c | 2 +-; 3 files changed, 11 insertions(+), 9 deletions(-)","The commit updates ipv6_flowlabel_opt to use sockptr_t for kernel pointer handling from bpf-cgroup without set_fs.","ipv6_flowlabel_opt,sockptr_t,bpf-cgroup","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"b43c6153132c92745317f92174af84f57b160b76","b43c6153132c92745317f92174af84f57b160b76","Christoph Hellwig","hch@lst.de","1595484539","David S. Miller","davem@davemloft.net","1595630514","db2fdec6c3272519fc3fc7291e7733fa56dece40","89654c5fcd511d9fe26ec376f5e855581aa44802","net/ipv6: switch ip6_mroute_setsockopt to sockptr_t Pass a sockptr_t to prepare for set_fs-less handling of the kernel pointer from bpf-cgroup. Signed-off-by: Christoph Hellwig Signed-off-by: David S. Miller ","include/linux/mroute6.h | 8 ++++----; net/ipv6/ip6mr.c | 17 +++++++++--------; net/ipv6/ipv6_sockglue.c | 3 ++-; 3 files changed, 15 insertions(+), 13 deletions(-)","The commit updates ip6_mroute_setsockopt to use sockptr_t, aiming for set_fs-less kernel pointer handling in bpf-cgroup.","ip6_mroute,sockptr_t,bpf-cgroup","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"89654c5fcd511d9fe26ec376f5e855581aa44802","89654c5fcd511d9fe26ec376f5e855581aa44802","Christoph Hellwig","hch@lst.de","1595484538","David S. Miller","davem@davemloft.net","1595630514","352a4e9b052aed0b164a95fd733c42edb246f325","de40a3e88311b6f0fc79b876a4768bf2d99f9aae","net/ipv4: switch do_ip_setsockopt to sockptr_t Pass a sockptr_t to prepare for set_fs-less handling of the kernel pointer from bpf-cgroup. Signed-off-by: Christoph Hellwig Signed-off-by: David S. Miller ","net/ipv4/ip_sockglue.c | 68 ++++++++++++++++++++++++--------------------------; 1 file changed, 33 insertions(+), 35 deletions(-)","The commit refactors do_ip_setsockopt to use sockptr_t for kernel pointers in preparation for set_fs-less handling related to bpf-cgroup.","sockptr_t,bpf-cgroup,set_fs-less","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"01ccb5b48f08f59ca3746d59221f4990aec1b194","01ccb5b48f08f59ca3746d59221f4990aec1b194","Christoph Hellwig","hch@lst.de","1595484536","David S. Miller","davem@davemloft.net","1595630514","4f1958c7573b7bb9293b79160a99bfa3a0a1639d","b03afaa82ece13b2a008f0e3a7127bead578e3e6","net/ipv4: switch ip_mroute_setsockopt to sockptr_t Pass a sockptr_t to prepare for set_fs-less handling of the kernel pointer from bpf-cgroup. Signed-off-by: Christoph Hellwig Signed-off-by: David S. Miller ","include/linux/mroute.h | 5 +++--; net/ipv4/ip_sockglue.c | 3 ++-; net/ipv4/ipmr.c | 14 +++++++-------; 3 files changed, 12 insertions(+), 10 deletions(-)","The commit modifies ip_mroute_setsockopt to use sockptr_t for transitioning to a set_fs-less context.","sockptr_t,ip_mroute_setsockopt,bpf-cgroup","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"b03afaa82ece13b2a008f0e3a7127bead578e3e6","b03afaa82ece13b2a008f0e3a7127bead578e3e6","Christoph Hellwig","hch@lst.de","1595484535","David S. Miller","davem@davemloft.net","1595630514","d34d7c6c990946d126e74053cdd8d37291dbe48e","c2f12630c60ff33a9cafd221646053fc10ec59b6","bpfilter: switch bpfilter_ip_set_sockopt to sockptr_t This is mostly to prepare for cleaning up the callers, as bpfilter by design can't handle kernel pointers. Signed-off-by: Christoph Hellwig Signed-off-by: David S. Miller ","include/linux/bpfilter.h | 6 +++---; net/bpfilter/bpfilter_kern.c | 6 +++---; net/ipv4/bpfilter/sockopt.c | 8 ++++----; net/ipv4/ip_sockglue.c | 3 ++-; 4 files changed, 12 insertions(+), 11 deletions(-)","Refactor bpfilter_ip_set_sockopt to use sockptr_t for improved caller cleanup and compatibility with user-space pointers.","bpfilter,sockptr_t,refactor","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"c2f12630c60ff33a9cafd221646053fc10ec59b6","c2f12630c60ff33a9cafd221646053fc10ec59b6","Christoph Hellwig","hch@lst.de","1595484534","David S. Miller","davem@davemloft.net","1595630514","13a34d0e37c35537253ea052d60de462b17c0f0a","ab214d1bf8c7ef1ed7af803a72491cb29edfa8f5","netfilter: switch nf_setsockopt to sockptr_t Pass a sockptr_t to prepare for set_fs-less handling of the kernel pointer from bpf-cgroup. Signed-off-by: Christoph Hellwig Signed-off-by: David S. Miller ","include/linux/netfilter.h | 6 ++++--; net/bridge/netfilter/ebtables.c | 37 +++++++++++++++++--------------------; net/decnet/af_decnet.c | 3 ++-; net/ipv4/ip_sockglue.c | 3 ++-; net/ipv4/netfilter/arp_tables.c | 28 ++++++++++++++--------------; net/ipv4/netfilter/ip_tables.c | 24 ++++++++++++------------; net/ipv6/ipv6_sockglue.c | 3 ++-; net/ipv6/netfilter/ip6_tables.c | 24 ++++++++++++------------; net/netfilter/ipvs/ip_vs_ctl.c | 4 ++--; net/netfilter/nf_sockopt.c | 2 +-; 10 files changed, 68 insertions(+), 66 deletions(-)","This commit refactors nf_setsockopt to use sockptr_t for improved handling of kernel pointers for bpf-cgroup.","nf_setsockopt,sockptr_t,bpf-cgroup","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","['Netfilter related type programs. It impacts programs interacting with the Netfilter framework used in packet filtering and NAT.', ""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"ab214d1bf8c7ef1ed7af803a72491cb29edfa8f5","ab214d1bf8c7ef1ed7af803a72491cb29edfa8f5","Christoph Hellwig","hch@lst.de","1595484533","David S. Miller","davem@davemloft.net","1595630513","117d3206c77bb63d0de5347c28a116ae8369ff24","7e4b9dbabb2ad0d108d12939e34d4d330104ac6d","netfilter: switch xt_copy_counters to sockptr_t Pass a sockptr_t to prepare for set_fs-less handling of the kernel pointer from bpf-cgroup. Signed-off-by: Christoph Hellwig Signed-off-by: David S. Miller ","include/linux/netfilter/x_tables.h | 4 ++--; net/ipv4/netfilter/arp_tables.c | 7 +++----; net/ipv4/netfilter/ip_tables.c | 7 +++----; net/ipv6/netfilter/ip6_tables.c | 6 +++---; net/netfilter/x_tables.c | 20 ++++++++++----------; 5 files changed, 21 insertions(+), 23 deletions(-)","The commit updates xt_copy_counters in netfilter to use sockptr_t for set_fs-less kernel pointer handling related to bpf-cgroup.","netfilter,sockptr_t,bpf-cgroup","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Netfilter related type programs. It impacts programs interacting with the Netfilter framework used in packet filtering and NAT.', 'cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"c6d1b26a8fd4940fe5d4199311838f6c2aef0174","c6d1b26a8fd4940fe5d4199311838f6c2aef0174","Christoph Hellwig","hch@lst.de","1595484531","David S. Miller","davem@davemloft.net","1595630513","2ea64e5549780cfb86999e08b180021026ade431","c8c1bbb6eb498109286739f8b6090e99313dd104","net/xfrm: switch xfrm_user_policy to sockptr_t Pass a sockptr_t to prepare for set_fs-less handling of the kernel pointer from bpf-cgroup. Signed-off-by: Christoph Hellwig Signed-off-by: David S. Miller ","include/net/xfrm.h | 8 +++++---; net/ipv4/ip_sockglue.c | 3 ++-; net/ipv6/ipv6_sockglue.c | 3 ++-; net/xfrm/xfrm_state.c | 6 +++---; 4 files changed, 12 insertions(+), 8 deletions(-)","The commit updates xfrm_user_policy to use sockptr_t for set_fs-less kernel pointer handling related to bpf-cgroup.","xfrm_user_policy,sockptr_t,bpf-cgroup","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"c8c1bbb6eb498109286739f8b6090e99313dd104","c8c1bbb6eb498109286739f8b6090e99313dd104","Christoph Hellwig","hch@lst.de","1595484530","David S. Miller","davem@davemloft.net","1595630513","1782966e2597d7cb05e058ed2eeaf4689cfa2a0b","c34645ac25484968ddace9a6b140b70e72dc49b3","net: switch sock_set_timeout to sockptr_t Pass a sockptr_t to prepare for set_fs-less handling of the kernel pointer from bpf-cgroup. Signed-off-by: Christoph Hellwig Acked-by: Matthieu Baerts Signed-off-by: David S. Miller ","include/net/sock.h | 3 ++-; net/core/sock.c | 26 ++++++++++++--------------; net/mptcp/protocol.c | 6 ++++--; net/socket.c | 3 ++-; 4 files changed, 20 insertions(+), 18 deletions(-)","This commit modifies socket handling functions to improve compatibility with kernel pointers from bpf-cgroup.","sockptr_t,bpf-cgroup,socket","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"c34645ac25484968ddace9a6b140b70e72dc49b3","c34645ac25484968ddace9a6b140b70e72dc49b3","Christoph Hellwig","hch@lst.de","1595484529","David S. Miller","davem@davemloft.net","1595630513","8021674c93fdb62fdfc773ab4f16aef65d525d24","5790642b4748acbb5560f7a6fcb19f572297cf63","net: switch sock_set_timeout to sockptr_t Pass a sockptr_t to prepare for set_fs-less handling of the kernel pointer from bpf-cgroup. Signed-off-by: Christoph Hellwig Signed-off-by: David S. Miller ","net/core/sock.c | 15 +++++++++------; 1 file changed, 9 insertions(+), 6 deletions(-)","This commit modifies sock_set_timeout to use sockptr_t, preparing for set_fs-less kernel pointer handling in bpf-cgroup.","sock_set_timeout,sockptr_t set_fs-less","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"5790642b4748acbb5560f7a6fcb19f572297cf63","5790642b4748acbb5560f7a6fcb19f572297cf63","Christoph Hellwig","hch@lst.de","1595484528","David S. Miller","davem@davemloft.net","1595630513","32ece112233de5cf9171bbcbe0fbedc3573475e7","b1ea9ff6aff2deae84eccaf0a07cd14912669680","net: switch sock_setbindtodevice to sockptr_t Pass a sockptr_t to prepare for set_fs-less handling of the kernel pointer from bpf-cgroup. Signed-off-by: Christoph Hellwig Signed-off-by: David S. Miller ","net/core/sock.c | 7 +++----; 1 file changed, 3 insertions(+), 4 deletions(-)","The commit refactors sock_setbindtodevice function to utilize sockptr_t for improved kernel pointer handling associated with bpf-cgroup.","sockptr_t,bpf-cgroup,refactor","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"b1ea9ff6aff2deae84eccaf0a07cd14912669680","b1ea9ff6aff2deae84eccaf0a07cd14912669680","Christoph Hellwig","hch@lst.de","1595484527","David S. Miller","davem@davemloft.net","1595630513","1b4e6db9c617a49ab90bb26dcd3e3cbeb946f5ec","ba423fdaa589d972473083defedf9e862626d268","net: switch copy_bpf_fprog_from_user to sockptr_t Pass a sockptr_t to prepare for set_fs-less handling of the kernel pointer from bpf-cgroup. Signed-off-by: Christoph Hellwig Signed-off-by: David S. Miller ","include/linux/filter.h | 3 ++-; net/core/filter.c | 6 +++---; net/core/sock.c | 6 ++++--; net/packet/af_packet.c | 4 ++--; 4 files changed, 11 insertions(+), 8 deletions(-)","The commit modifies multiple network files to use sockptr_t to support set_fs-less operations in bpf-cgroup transactions.","sockptr_t, bpf-cgroup, set_fs-less","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"d200cf624c9247ab52b67d34d9e198262a23df31","d200cf624c9247ab52b67d34d9e198262a23df31","Christoph Hellwig","hch@lst.de","1595484525","David S. Miller","davem@davemloft.net","1595630513","7eb16c965917dd917b545cccfc5a4d1fff1854d6","c9ffebdde8deccf9ea3a7a97bcd84de0a35ddad7","bpfilter: reject kernel addresses The bpfilter user mode helper processes the optval address using process_vm_readv. Don't send it kernel addresses fed under set_fs(KERNEL_DS) as that won't work. Signed-off-by: Christoph Hellwig Signed-off-by: David S. Miller ","net/bpfilter/bpfilter_kern.c | 4 ++++; 1 file changed, 4 insertions(+)","The commit prevents sending kernel addresses to the bpfilter user mode helper to avoid issues with set_fs(KERNEL_DS).","bpfilter,user-mode,set_fs","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"c9ffebdde8deccf9ea3a7a97bcd84de0a35ddad7","c9ffebdde8deccf9ea3a7a97bcd84de0a35ddad7","Christoph Hellwig","hch@lst.de","1595484524","David S. Miller","davem@davemloft.net","1595630513","7f92a884306f8e1ce1697dcb6c245f8cfe20f433","e024e008186bf9f4109c86b66dd60d0f926bc1fb","net/bpfilter: split __bpfilter_process_sockopt Split __bpfilter_process_sockopt into a low-level send request routine and the actual setsockopt hook to split the init time ping from the actual setsockopt processing. Signed-off-by: Christoph Hellwig Signed-off-by: David S. Miller ","net/bpfilter/bpfilter_kern.c | 51 +++++++++++++++++++++++---------------------; 1 file changed, 27 insertions(+), 24 deletions(-)","The commit splits __bpfilter_process_sockopt into distinct routines for sending requests and processing setsockopt.","bpfilter,setsockopt,refactor","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"e024e008186bf9f4109c86b66dd60d0f926bc1fb","e024e008186bf9f4109c86b66dd60d0f926bc1fb","Christoph Hellwig","hch@lst.de","1595484523","David S. Miller","davem@davemloft.net","1595630513","601b446be8e685655c04d3436914b10f8a26def5","197569f72a1a3512ef294bae68d100d613f38f6a","bpfilter: fix up a sparse annotation The __user doesn't make sense when casting to an integer type, just switch to a uintptr_t cast which also removes the need for the __force. Signed-off-by: Christoph Hellwig Reviewed-by: Luc Van Oostenryck Signed-off-by: David S. Miller ","net/bpfilter/bpfilter_kern.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","The commit fixes a sparse annotation issue by adjusting a type cast in bpfilter_kern.c.","sparse, annotation, bpfilter","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"197569f72a1a3512ef294bae68d100d613f38f6a","197569f72a1a3512ef294bae68d100d613f38f6a","David S. Miller","davem@davemloft.net","1595629411","David S. Miller","davem@davemloft.net","1595629411","6031e384f304d24f1eed7f4b5b7be6764ce910d9","4a062d66b5a532a9da9bdae643e498b035173794 5923b8f7fa218a9bccd730c0a9692635eb2fc740","Merge branch 'TC-datapath-hash-api' Ariel Levkovich says: ==================== TC datapath hash api Hash based packet classification allows user to set up rules that provide load balancing of traffic across multiple vports and for ECMP path selection while keeping the number of rule at minimum. Instead of matching on exact flow spec, which requires a rule per flow, user can define rules based on a their hash value and distribute the flows to different buckets. The number of rules in this case will be constant and equal to the number of buckets. The series introduces an extention to the cls flower classifier and allows user to add rules that match on the hash value that is stored in skb->hash while assuming the value was set prior to the classification. Setting the skb->hash can be done in various ways and is not defined in this series - for example: 1. By the device driver upon processing an rx packet. 2. Using tc action bpf with a program which computes and sets the skb->hash value. $ tc filter add dev ens1f0_0 ingress \ prio 1 chain 2 proto ip \ flower hash 0x0/0xf \ action mirred egress redirect dev ens1f0_1 $ tc filter add dev ens1f0_0 ingress \ prio 1 chain 2 proto ip \ flower hash 0x1/0xf \ action mirred egress redirect dev ens1f0_2 v3 -> v4: *Drop hash setting code leaving only the classidication parts. Setting the hash will be possible via existing tc action bpf. v2 -> v3: *Split hash algorithm option into 2 different actions. Asym_l4 available via act_skbedit and bpf via new act_hash. ==================== Signed-off-by: David S. Miller ","","This commit merges a branch introducing a hash-based packet classification API for traffic control in the Linux kernel.","hash,packet,classification","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","['tc related type programs. It affects programs managing traffic control (tc) for queuing or prioritizing network traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"009abf5bb88bf96247dbb7404fd0dc83c99aafab","009abf5bb88bf96247dbb7404fd0dc83c99aafab","Daniel W. S. Almeida","dwlsalmeida@gmail.com","1595091060","Jonathan Corbet","corbet@lwn.net","1595536049","6e90eb5d8ac5ee8d9800536853ce78cc5fc88ae7","b6667585c28d46017030198403c18d803e0c9e90","docs: bpf/bpf_devel_QA.rst: fix reference to nonexistent document Fix the following sphinx warning: bpf_devel_QA.rst:444: WARNING: Unknown target name: ""documentation/bpf/btf.rst"" No target was defined for 'btf.rst' in the document. Fix it. Signed-off-by: Daniel W. S. Almeida Link: https://lore.kernel.org/r/20200718165107.625847-6-dwlsalmeida@gmail.com Signed-off-by: Jonathan Corbet ","Documentation/bpf/bpf_devel_QA.rst | 1 +; 1 file changed, 1 insertion(+)","Fixes a Sphinx warning by correcting a reference in bpf_devel_QA.rst.","Sphinx, reference, documentation","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","It's not related to any above. E.g. It affects a logic component in eBPF that is not listed here and not related to other events.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"5fe52b3865eacce7206ff7e28455c686e6bf8920","5fe52b3865eacce7206ff7e28455c686e6bf8920","Daniel W. S. Almeida","dwlsalmeida@gmail.com","1595091064","Jonathan Corbet","corbet@lwn.net","1595535420","65f7814e76116f3678822418f6fe611178345431","f2ea95289a79b81aa6c9b0daf8bec60a76b7e78d","docs: bpf/index.rst: Add ringbuf.rst Fix the following warning Documentation/bpf/ringbuf.rst: WARNING: document isn't included in any toctree By adding it to the index. Signed-off-by: Daniel W. S. Almeida Link: https://lore.kernel.org/r/20200718165107.625847-10-dwlsalmeida@gmail.com Signed-off-by: Jonathan Corbet ","Documentation/bpf/index.rst | 8 ++++++++; 1 file changed, 8 insertions(+)","This commit adds ringbuf.rst to the BPF documentation index to resolve a warning about it not being in any toctree.","ringbuf,rst,documentation","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"dee72f8a0c2d4ddb566151b2982d553461339315","dee72f8a0c2d4ddb566151b2982d553461339315","David S. Miller","davem@davemloft.net","1595446495","David S. Miller","davem@davemloft.net","1595446533","b52b7479eb55397044a4e93d8cc92e8fdccd8d83","fa56a987449bcf4c1cb68369a187af3515b85c78 9165e1d70fb34ce438e78aad90408cfa86e4c2d0","Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next Alexei Starovoitov says: ==================== pull-request: bpf-next 2020-07-21 The following pull-request contains BPF updates for your *net-next* tree. We've added 46 non-merge commits during the last 6 day(s) which contain a total of 68 files changed, 4929 insertions(+), 526 deletions(-). The main changes are: 1) Run BPF program on socket lookup, from Jakub. 2) Introduce cpumap, from Lorenzo. 3) s390 JIT fixes, from Ilya. 4) teach riscv JIT to emit compressed insns, from Luke. 5) use build time computed BTF ids in bpf iter, from Yonghong. ==================== Purely independent overlapping changes in both filter.h and xdp.h Signed-off-by: David S. Miller ","","This merge commit incorporates multiple BPF updates, including socket lookup, cpumap introduction, and JIT improvements for s390 and riscv.","BPF, JIT, cpumap","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"2c9d8e01f0c6017317eee7638496173d4a64e6bc","2c9d8e01f0c6017317eee7638496173d4a64e6bc","Taehee Yoo","ap420073@gmail.com","1595343110","David S. Miller","davem@davemloft.net","1595372443","27d0fc555fabf7010c6a04f3d79588b28c002524","3506b2f42dff66ea6814c3dfa1988bafb79e6f88","netdevsim: fix unbalaced locking in nsim_create() In the nsim_create(), rtnl_lock() is called before nsim_bpf_init(). If nsim_bpf_init() is failed, rtnl_unlock() should be called, but it isn't called. So, unbalanced locking would occur. Fixes: e05b2d141fef (""netdevsim: move netdev creation/destruction to dev probe"") Signed-off-by: Taehee Yoo Reviewed-by: Jakub Kicinski Signed-off-by: David S. Miller ","drivers/net/netdevsim/netdev.c | 4 ++--; 1 file changed, 2 insertions(+), 2 deletions(-)","This commit fixes an unbalanced locking issue in the function nsim_create() within the netdevsim driver.","unbalanced, locking, fix","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","It's not related to any above. E.g. It affects a logic component in eBPF that is not listed here and not related to other events.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"9165e1d70fb34ce438e78aad90408cfa86e4c2d0","9165e1d70fb34ce438e78aad90408cfa86e4c2d0","Tony Ambardar","tony.ambardar@gmail.com","1595299696","Daniel Borkmann","daniel@iogearbox.net","1595367776","4ee3fd51ccb60e80ab2b36248670abdcf5ef128e","8fca4f98af0bf112b485fff02779b84d3a069eac","bpftool: Use only nftw for file tree parsing The bpftool sources include code to walk file trees, but use multiple frameworks to do so: nftw and fts. While nftw conforms to POSIX/SUSv3 and is widely available, fts is not conformant and less common, especially on non-glibc systems. The inconsistent framework usage hampers maintenance and portability of bpftool, in particular for embedded systems. Standardize code usage by rewriting one fts-based function to use nftw and clean up some related function warnings by extending use of ""const char *"" arguments. This change helps in building bpftool against musl for OpenWrt. Also fix an unsafe call to dirname() by duplicating the string to pass, since some implementations may directly alter it. The same approach is used in libbpf.c. Signed-off-by: Tony Ambardar Signed-off-by: Daniel Borkmann Reviewed-by: Quentin Monnet Link: https://lore.kernel.org/bpf/20200721024817.13701-1-Tony.Ambardar@gmail.com","tools/bpf/bpftool/common.c | 137 ++++++++++++++++++++++++++-------------------; tools/bpf/bpftool/main.h | 4 +-; 2 files changed, 82 insertions(+), 59 deletions(-)","Standardize bpftool's file tree parsing to improve portability by replacing fts with nftw and resolving related warnings.","bpftool,nftw,portability","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"8fca4f98af0bf112b485fff02779b84d3a069eac","8fca4f98af0bf112b485fff02779b84d3a069eac","Alexei Starovoitov","ast@kernel.org","1595362501","Alexei Starovoitov","ast@kernel.org","1595363187","521419b293f6fd3b2e1d201bbb4ca49f9e9e5ce5","e4d9c2320716ea0e9ef59f503ddd8f253a642ddd 951cf368bcb11d6f817709660cf5cd914072c36f","Merge branch 'bpf_iter-BTF_ID-at-build-time' Yonghong Song says: ==================== Commit 5a2798ab32ba (""bpf: Add BTF_ID_LIST/BTF_ID/BTF_ID_UNUSED macros"") implemented a mechanism to compute btf_ids at kernel build time which can simplify kernel implementation and reduce runtime overhead by removing in-kernel btf_id calculation. This patch set tried to use this mechanism to compute btf_ids for bpf_skc_to_*() helpers and for btf_id_or_null ctx arguments specified during bpf iterator registration. Please see individual patch for details. Changelogs: v1 -> v2: - v1 ([1]) is only for bpf_skc_to_*() helpers. This version expanded it to cover ctx btf_id_or_null arguments - abandoned the change of ""extern u32 name[]"" to ""static u32 name[]"" for BPF_ID_LIST local ""name"" definition. gcc 9 incurred a compilation error. [1]: https://lore.kernel.org/bpf/20200717184706.3476992-1-yhs@fb.com/T ==================== Signed-off-by: Alexei Starovoitov ","","This commit merges BPF changes for computing BTF IDs at build time for efficiency improvements.","merge,BPF,BTF","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"e4d9c2320716ea0e9ef59f503ddd8f253a642ddd","e4d9c2320716ea0e9ef59f503ddd8f253a642ddd","Ilya Leoshkevich","iii@linux.ibm.com","1595245686","Alexei Starovoitov","ast@kernel.org","1595363186","6f0b5d742197e5600edb95fb3a7fc16f1b4c4335","6bd557275ad5a1adaff5082f4e24218ba344e0c0","samples/bpf, selftests/bpf: Use bpf_probe_read_kernel A handful of samples and selftests fail to build on s390, because after commit 0ebeea8ca8a4 (""bpf: Restrict bpf_probe_read{, str}() only to archs where they work"") bpf_probe_read is not available anymore. Fix by using bpf_probe_read_kernel. Signed-off-by: Ilya Leoshkevich Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200720114806.88823-1-iii@linux.ibm.com","samples/bpf/offwaketime_kern.c | 7 ++++++-; samples/bpf/test_overhead_kprobe_kern.c | 12 +++++++++---; samples/bpf/tracex1_kern.c | 9 +++++++--; samples/bpf/tracex5_kern.c | 4 ++--; tools/bpf/bpftool/skeleton/pid_iter.bpf.c | 3 ++-; tools/testing/selftests/bpf/progs/bpf_iter_netlink.c | 6 +++---; tools/testing/selftests/bpf/progs/bpf_iter_tcp4.c | 2 +-; tools/testing/selftests/bpf/progs/bpf_iter_tcp6.c | 2 +-; tools/testing/selftests/bpf/progs/bpf_iter_udp4.c | 2 +-; tools/testing/selftests/bpf/progs/bpf_iter_udp6.c | 2 +-; 10 files changed, 33 insertions(+), 16 deletions(-)","The commit resolves build failures on s390 by using bpf_probe_read_kernel instead of the unavailable bpf_probe_read.","bpf_probe_read_kernel,build,s390","A bug fix. It primarily resolves a bug or issue in the code.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', 'kprobe/ftrace like type kernel dynamic probe programs. It affects kernel-level probes used for tracing kernel functions. It can be other kernel probes in perf-events.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"951cf368bcb11d6f817709660cf5cd914072c36f","951cf368bcb11d6f817709660cf5cd914072c36f","Yonghong Song","yhs@fb.com","1595262843","Alexei Starovoitov","ast@kernel.org","1595363186","521419b293f6fd3b2e1d201bbb4ca49f9e9e5ce5","fce557bcef119a1bc5ab3cb02678cf454bcaf424","bpf: net: Use precomputed btf_id for bpf iterators One additional field btf_id is added to struct bpf_ctx_arg_aux to store the precomputed btf_ids. The btf_id is computed at build time with BTF_ID_LIST or BTF_ID_LIST_GLOBAL macro definitions. All existing bpf iterators are changed to used pre-compute btf_ids. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200720163403.1393551-1-yhs@fb.com","include/linux/bpf.h | 1 +; kernel/bpf/btf.c | 5 +++--; kernel/bpf/map_iter.c | 7 ++++++-; kernel/bpf/task_iter.c | 12 ++++++++++--; net/ipv4/tcp_ipv4.c | 4 +++-; net/ipv4/udp.c | 4 +++-; net/ipv6/route.c | 7 ++++++-; net/netlink/af_netlink.c | 7 ++++++-; 8 files changed, 38 insertions(+), 9 deletions(-)","The commit adds precomputed BTF IDs to bpf iterators to enhance performance.","bpf, iterators, precomputed","A performance optimization. It improves the performance of existing code such as reducing latency or improving throughput.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"6bd557275ad5a1adaff5082f4e24218ba344e0c0","6bd557275ad5a1adaff5082f4e24218ba344e0c0","Ilya Leoshkevich","iii@linux.ibm.com","1595240290","Alexei Starovoitov","ast@kernel.org","1595363186","47562fc27ccf165232df787b32821d0d6c8ab651","495436c1f9220131f0ddc4eac83a55f2f002769a","selftests/bpf: Fix test_lwt_seg6local.sh hangs OpenBSD netcat (Debian patchlevel 1.195-2) does not seem to react to SIGINT for whatever reason, causing prefix.pl to hang after test_lwt_seg6local.sh exits due to netcat inheriting test_lwt_seg6local.sh's file descriptors. Fix by using SIGTERM instead. Signed-off-by: Ilya Leoshkevich Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200720101810.84299-1-iii@linux.ibm.com","tools/testing/selftests/bpf/test_lwt_seg6local.sh | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","The commit fixes a hang in a self-test script by replacing SIGINT with SIGTERM for netcat compatibility.","selftests fix hangs","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"fce557bcef119a1bc5ab3cb02678cf454bcaf424","fce557bcef119a1bc5ab3cb02678cf454bcaf424","Yonghong Song","yhs@fb.com","1595262842","Alexei Starovoitov","ast@kernel.org","1595363186","d4ddf93d2e8d61a58086d8985d2f84dcd4387b34","0f12e584b241285cf60a6227f3771fa444cfcf76","bpf: Make btf_sock_ids global tcp and udp bpf_iter can reuse some socket ids in btf_sock_ids, so make it global. I put the extern definition in btf_ids.h as a central place so it can be easily discovered by developers. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200720163402.1393427-1-yhs@fb.com","include/linux/btf_ids.h | 30 ++++++++++++++++++++++++++++++; net/core/filter.c | 30 ++----------------------------; tools/include/linux/btf_ids.h | 30 ++++++++++++++++++++++++++++++; 3 files changed, 62 insertions(+), 28 deletions(-)","The commit makes btf_sock_ids global to facilitate TCP and UDP bpf_iter reuse of socket IDs.","btf_sock_ids, global, bpf_iter","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', 'Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"495436c1f9220131f0ddc4eac83a55f2f002769a","495436c1f9220131f0ddc4eac83a55f2f002769a","Alexei Starovoitov","ast@kernel.org","1595360425","Alexei Starovoitov","ast@kernel.org","1595363186","08f67a054d33cdc161f9bf151de27a8b9ee7f763","956fcfcd359512f15b19bcd157fa8206ed26605b 18a4d8c97b841632920c16a6fa9216d1214f3db7","Merge branch 'compressed-JITed-insn' Luke Nelson says: ==================== his patch series enables using compressed riscv (RVC) instructions in the rv64 BPF JIT. RVC is a standard riscv extension that adds a set of compressed, 2-byte instructions that can replace some regular 4-byte instructions for improved code density. This series first modifies the JIT to support using 2-byte instructions (e.g., in jump offset computations), then adds RVC encoding and helper functions, and finally uses the helper functions to optimize the rv64 JIT. I used our formal verification framework, Serval, to verify the correctness of the RVC encodings and their uses in the rv64 JIT. The JIT continues to pass all tests in lib/test_bpf.c, and introduces no new failures to test_verifier; both with and without RVC being enabled. The following are examples of the JITed code for the verifier selftest ""direct packet read test#3 for CGROUP_SKB OK"", without and with RVC enabled, respectively. The former uses 178 bytes, and the latter uses 112, for a ~37% reduction in code size for this example. Without RVC: 0: 02000813 addi a6,zero,32 4: fd010113 addi sp,sp,-48 8: 02813423 sd s0,40(sp) c: 02913023 sd s1,32(sp) 10: 01213c23 sd s2,24(sp) 14: 01313823 sd s3,16(sp) 18: 01413423 sd s4,8(sp) 1c: 03010413 addi s0,sp,48 20: 03056683 lwu a3,48(a0) 24: 02069693 slli a3,a3,0x20 28: 0206d693 srli a3,a3,0x20 2c: 03456703 lwu a4,52(a0) 30: 02071713 slli a4,a4,0x20 34: 02075713 srli a4,a4,0x20 38: 03856483 lwu s1,56(a0) 3c: 02049493 slli s1,s1,0x20 40: 0204d493 srli s1,s1,0x20 44: 03c56903 lwu s2,60(a0) 48: 02091913 slli s2,s2,0x20 4c: 02095913 srli s2,s2,0x20 50: 04056983 lwu s3,64(a0) 54: 02099993 slli s3,s3,0x20 58: 0209d993 srli s3,s3,0x20 5c: 09056a03 lwu s4,144(a0) 60: 020a1a13 slli s4,s4,0x20 64: 020a5a13 srli s4,s4,0x20 68: 00900313 addi t1,zero,9 6c: 006a7463 bgeu s4,t1,0x74 70: 00000a13 addi s4,zero,0 74: 02d52823 sw a3,48(a0) 78: 02e52a23 sw a4,52(a0) 7c: 02952c23 sw s1,56(a0) 80: 03252e23 sw s2,60(a0) 84: 05352023 sw s3,64(a0) 88: 00000793 addi a5,zero,0 8c: 02813403 ld s0,40(sp) 90: 02013483 ld s1,32(sp) 94: 01813903 ld s2,24(sp) 98: 01013983 ld s3,16(sp) 9c: 00813a03 ld s4,8(sp) a0: 03010113 addi sp,sp,48 a4: 00078513 addi a0,a5,0 a8: 00008067 jalr zero,0(ra) With RVC: 0: 02000813 addi a6,zero,32 4: 7179 c.addi16sp sp,-48 6: f422 c.sdsp s0,40(sp) 8: f026 c.sdsp s1,32(sp) a: ec4a c.sdsp s2,24(sp) c: e84e c.sdsp s3,16(sp) e: e452 c.sdsp s4,8(sp) 10: 1800 c.addi4spn s0,sp,48 12: 03056683 lwu a3,48(a0) 16: 1682 c.slli a3,0x20 18: 9281 c.srli a3,0x20 1a: 03456703 lwu a4,52(a0) 1e: 1702 c.slli a4,0x20 20: 9301 c.srli a4,0x20 22: 03856483 lwu s1,56(a0) 26: 1482 c.slli s1,0x20 28: 9081 c.srli s1,0x20 2a: 03c56903 lwu s2,60(a0) 2e: 1902 c.slli s2,0x20 30: 02095913 srli s2,s2,0x20 34: 04056983 lwu s3,64(a0) 38: 1982 c.slli s3,0x20 3a: 0209d993 srli s3,s3,0x20 3e: 09056a03 lwu s4,144(a0) 42: 1a02 c.slli s4,0x20 44: 020a5a13 srli s4,s4,0x20 48: 4325 c.li t1,9 4a: 006a7363 bgeu s4,t1,0x50 4e: 4a01 c.li s4,0 50: d914 c.sw a3,48(a0) 52: d958 c.sw a4,52(a0) 54: dd04 c.sw s1,56(a0) 56: 03252e23 sw s2,60(a0) 5a: 05352023 sw s3,64(a0) 5e: 4781 c.li a5,0 60: 7422 c.ldsp s0,40(sp) 62: 7482 c.ldsp s1,32(sp) 64: 6962 c.ldsp s2,24(sp) 66: 69c2 c.ldsp s3,16(sp) 68: 6a22 c.ldsp s4,8(sp) 6a: 6145 c.addi16sp sp,48 6c: 853e c.mv a0,a5 6e: 8082 c.jr ra RFC -> v1: - From Björn Töpel: * Changed RVOFF macro to static inline ""ninsns_rvoff"". * Changed return type of rvc_ functions from u32 to u16. * Changed sizeof(u16) to sizeof(*ctx->insns). * Factored unsigned immediate checks into helper functions (is_8b_uint, etc.) * Changed to use IS_ENABLED instead of #ifdef to check if RVC is enabled. * Changed type of immediate arguments to rvc_* encoding to u32 to avoid issues from promotion of u16 to signed int. * Cleaned up RVC checks in emit_{addi,slli,srli,srai}. + Wrapped lines at 100 instead of 80 columns for increased clarity. + Move !imm checks into each branch instead of checking separately. + Strengthed checks for c.{slli,srli,srai} to check that imm < XLEN. Otherwise, imm could be non-zero but the lower XLEN bits could all be zero, leading to invalid RVC encoding. * Changed emit_imm to sign-extend the 12-bit value in ""lower"" + The immediate checks for emit_{addiw,li,addi} use signed comparisons, so this enables the RVC variants to be used more often (e.g., if val == -1, then lower should be -1 as opposed to 4095). ==================== Reviewed-by: Björn Töpel Acked-by: Björn Töpel Signed-off-by: Alexei Starovoitov ","","This commit merges changes enabling the use of compressed RISC-V instructions in the RV64 BPF JIT for improved code density.","compressed,instructions,JIT","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"0f12e584b241285cf60a6227f3771fa444cfcf76","0f12e584b241285cf60a6227f3771fa444cfcf76","Yonghong Song","yhs@fb.com","1595262841","Alexei Starovoitov","ast@kernel.org","1595363186","2168b0dbe894b1966d86451de379cffcad31f37a","d8dfe5bfe856c0c72b1750322dbfcad402e73373","bpf: Add BTF_ID_LIST_GLOBAL in btf_ids.h Existing BTF_ID_LIST used a local static variable to store btf_ids. This patch provided a new macro BTF_ID_LIST_GLOBAL to store btf_ids in a global variable which can be shared among multiple files. The existing BTF_ID_LIST is still retained. Two reasons. First, BTF_ID_LIST is also used to build btf_ids for helper arguments which typically is an array of 5. Since typically different helpers have different signature, it makes little sense to share them. Second, some current computed btf_ids are indeed local. If later those btf_ids are shared between different files, they can use BTF_ID_LIST_GLOBAL then. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Jiri Olsa Link: https://lore.kernel.org/bpf/20200720163401.1393159-1-yhs@fb.com","include/linux/btf_ids.h | 10 +++++--; tools/include/linux/btf_ids.h | 10 +++++--; .../selftests/bpf/prog_tests/resolve_btfids.c | 33 ++++++++++++++++------; 3 files changed, 39 insertions(+), 14 deletions(-)","The commit introduces a macro BTF_ID_LIST_GLOBAL for storing global btf_ids that can be shared across multiple files.","BTF_ID_LIST_GLOBAL,BTF_ID_LIST,btf_ids","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"d8dfe5bfe856c0c72b1750322dbfcad402e73373","d8dfe5bfe856c0c72b1750322dbfcad402e73373","Yonghong Song","yhs@fb.com","1595262839","Alexei Starovoitov","ast@kernel.org","1595363186","85cda7933e3f4bbacf3a7d8d7f5fbe7fff83a672","bc4f0548f683a3d53359cef15f088d2d5bb4bc39","tools/bpf: Sync btf_ids.h to tools Sync kernel header btf_ids.h to tools directory. Also define macro CONFIG_DEBUG_INFO_BTF before including btf_ids.h in prog_tests/resolve_btfids.c since non-stub definitions for BTF_ID_LIST etc. macros are defined under CONFIG_DEBUG_INFO_BTF. This prevented test_progs from failing. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200720163359.1393079-1-yhs@fb.com","tools/include/linux/btf_ids.h | 11 ++++++++++-; tools/testing/selftests/bpf/prog_tests/resolve_btfids.c | 1 +; 2 files changed, 11 insertions(+), 1 deletion(-)","The commit synchronizes btf_ids.h from the kernel to tools and defines a macro to prevent test_progs failures.","btf_ids.h, macro, sync","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"bc4f0548f683a3d53359cef15f088d2d5bb4bc39","bc4f0548f683a3d53359cef15f088d2d5bb4bc39","Yonghong Song","yhs@fb.com","1595262838","Alexei Starovoitov","ast@kernel.org","1595363186","f2537b237c573ed4d8316b26adeee72e0b0a4b65","e4d9c2320716ea0e9ef59f503ddd8f253a642ddd","bpf: Compute bpf_skc_to_*() helper socket btf ids at build time Currently, socket types (struct tcp_sock, udp_sock, etc.) used by bpf_skc_to_*() helpers are computed when vmlinux_btf is first built in the kernel. Commit 5a2798ab32ba (""bpf: Add BTF_ID_LIST/BTF_ID/BTF_ID_UNUSED macros"") implemented a mechanism to compute btf_ids at kernel build time which can simplify kernel implementation and reduce runtime overhead by removing in-kernel btf_id calculation. This patch did exactly this, removing in-kernel btf_id computation and utilizing build-time btf_id computation. If CONFIG_DEBUG_INFO_BTF is not defined, BTF_ID_LIST will define an array with size of 5, which is not enough for btf_sock_ids. So define its own static array if CONFIG_DEBUG_INFO_BTF is not defined. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200720163358.1393023-1-yhs@fb.com","include/linux/bpf.h | 4 ----; kernel/bpf/btf.c | 1 -; net/core/filter.c | 49 ++++++++++++++++++-------------------------------; 3 files changed, 18 insertions(+), 36 deletions(-)","The commit optimizes BPF by computing BPF socket helper IDs at build time, reducing runtime overhead and simplifying the kernel implementation.","BPF, build-time, btf_ids","A performance optimization. It improves the performance of existing code such as reducing latency or improving throughput.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"956fcfcd359512f15b19bcd157fa8206ed26605b","956fcfcd359512f15b19bcd157fa8206ed26605b","YueHaibing","yuehaibing@huawei.com","1594989059","Alexei Starovoitov","ast@kernel.org","1595363185","29c6799ad2feba50fb931a9e19b8526570f0eb1d","da7a35062bcccd3f67779a357065ba707b02ff2b","tools/bpftool: Fix error handing in do_skeleton() Fix pass 0 to PTR_ERR, also dump more err info using libbpf_strerror. Fixes: 5dc7a8b21144 (""bpftool, selftests/bpf: Embed object file inside skeleton"") Signed-off-by: YueHaibing Signed-off-by: Alexei Starovoitov Reviewed-by: Quentin Monnet Link: https://lore.kernel.org/bpf/20200717123059.29624-1-yuehaibing@huawei.com","tools/bpf/bpftool/gen.c | 5 ++++-; 1 file changed, 4 insertions(+), 1 deletion(-)","This commit fixes error handling in the do_skeleton function of the bpftool utility.","bpftool,error,fix","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"18a4d8c97b841632920c16a6fa9216d1214f3db7","18a4d8c97b841632920c16a6fa9216d1214f3db7","Luke Nelson","lukenels@cs.washington.edu","1595299960","Alexei Starovoitov","ast@kernel.org","1595363185","08f67a054d33cdc161f9bf151de27a8b9ee7f763","804ec72c68c8477b8713a1e8f8eda120d3471031","bpf, riscv: Use compressed instructions in the rv64 JIT This patch uses the RVC support and encodings from bpf_jit.h to optimize the rv64 jit. The optimizations work by replacing emit(rv_X(...)) with a call to a helper function emit_X, which will emit a compressed version of the instruction when possible, and when RVC is enabled. The JIT continues to pass all tests in lib/test_bpf.c, and introduces no new failures to test_verifier; both with and without RVC being enabled. Most changes are straightforward replacements of emit(rv_X(...), ctx) with emit_X(..., ctx), with the following exceptions bearing mention; * Change emit_imm to sign-extend the value in ""lower"", since the checks for RVC (and the instructions themselves) treat the value as signed. Otherwise, small negative immediates will not be recognized as encodable using an RVC instruction. For example, without this change, emit_imm(rd, -1, ctx) would cause lower to become 4095, which is not a 6b int even though a ""c.li rd, -1"" instruction suffices. * For {BPF_MOV,BPF_ADD} BPF_X, drop using addiw,addw in the 32-bit cases since the values are zero-extended into the upper 32 bits in the following instructions anyways, and the addition commutes with zero-extension. (BPF_SUB BPF_X must still use subw since subtraction does not commute with zero-extension.) This patch avoids optimizing branches and jumps to use RVC instructions since surrounding code often makes assumptions about the sizes of emitted instructions. Optimizing these will require changing these functions (e.g., emit_branch) to dynamically compute jump offsets. The following are examples of the JITed code for the verifier selftest ""direct packet read test#3 for CGROUP_SKB OK"", without and with RVC enabled, respectively. The former uses 178 bytes, and the latter uses 112, for a ~37% reduction in code size for this example. Without RVC: 0: 02000813 addi a6,zero,32 4: fd010113 addi sp,sp,-48 8: 02813423 sd s0,40(sp) c: 02913023 sd s1,32(sp) 10: 01213c23 sd s2,24(sp) 14: 01313823 sd s3,16(sp) 18: 01413423 sd s4,8(sp) 1c: 03010413 addi s0,sp,48 20: 03056683 lwu a3,48(a0) 24: 02069693 slli a3,a3,0x20 28: 0206d693 srli a3,a3,0x20 2c: 03456703 lwu a4,52(a0) 30: 02071713 slli a4,a4,0x20 34: 02075713 srli a4,a4,0x20 38: 03856483 lwu s1,56(a0) 3c: 02049493 slli s1,s1,0x20 40: 0204d493 srli s1,s1,0x20 44: 03c56903 lwu s2,60(a0) 48: 02091913 slli s2,s2,0x20 4c: 02095913 srli s2,s2,0x20 50: 04056983 lwu s3,64(a0) 54: 02099993 slli s3,s3,0x20 58: 0209d993 srli s3,s3,0x20 5c: 09056a03 lwu s4,144(a0) 60: 020a1a13 slli s4,s4,0x20 64: 020a5a13 srli s4,s4,0x20 68: 00900313 addi t1,zero,9 6c: 006a7463 bgeu s4,t1,0x74 70: 00000a13 addi s4,zero,0 74: 02d52823 sw a3,48(a0) 78: 02e52a23 sw a4,52(a0) 7c: 02952c23 sw s1,56(a0) 80: 03252e23 sw s2,60(a0) 84: 05352023 sw s3,64(a0) 88: 00000793 addi a5,zero,0 8c: 02813403 ld s0,40(sp) 90: 02013483 ld s1,32(sp) 94: 01813903 ld s2,24(sp) 98: 01013983 ld s3,16(sp) 9c: 00813a03 ld s4,8(sp) a0: 03010113 addi sp,sp,48 a4: 00078513 addi a0,a5,0 a8: 00008067 jalr zero,0(ra) With RVC: 0: 02000813 addi a6,zero,32 4: 7179 c.addi16sp sp,-48 6: f422 c.sdsp s0,40(sp) 8: f026 c.sdsp s1,32(sp) a: ec4a c.sdsp s2,24(sp) c: e84e c.sdsp s3,16(sp) e: e452 c.sdsp s4,8(sp) 10: 1800 c.addi4spn s0,sp,48 12: 03056683 lwu a3,48(a0) 16: 1682 c.slli a3,0x20 18: 9281 c.srli a3,0x20 1a: 03456703 lwu a4,52(a0) 1e: 1702 c.slli a4,0x20 20: 9301 c.srli a4,0x20 22: 03856483 lwu s1,56(a0) 26: 1482 c.slli s1,0x20 28: 9081 c.srli s1,0x20 2a: 03c56903 lwu s2,60(a0) 2e: 1902 c.slli s2,0x20 30: 02095913 srli s2,s2,0x20 34: 04056983 lwu s3,64(a0) 38: 1982 c.slli s3,0x20 3a: 0209d993 srli s3,s3,0x20 3e: 09056a03 lwu s4,144(a0) 42: 1a02 c.slli s4,0x20 44: 020a5a13 srli s4,s4,0x20 48: 4325 c.li t1,9 4a: 006a7363 bgeu s4,t1,0x50 4e: 4a01 c.li s4,0 50: d914 c.sw a3,48(a0) 52: d958 c.sw a4,52(a0) 54: dd04 c.sw s1,56(a0) 56: 03252e23 sw s2,60(a0) 5a: 05352023 sw s3,64(a0) 5e: 4781 c.li a5,0 60: 7422 c.ldsp s0,40(sp) 62: 7482 c.ldsp s1,32(sp) 64: 6962 c.ldsp s2,24(sp) 66: 69c2 c.ldsp s3,16(sp) 68: 6a22 c.ldsp s4,8(sp) 6a: 6145 c.addi16sp sp,48 6c: 853e c.mv a0,a5 6e: 8082 c.jr ra Signed-off-by: Luke Nelson Signed-off-by: Alexei Starovoitov Cc: Björn Töpel Link: https://lore.kernel.org/bpf/20200721025241.8077-4-luke.r.nels@gmail.com","arch/riscv/net/bpf_jit_comp64.c | 281 +++++++++++++++++++++-------------------; 1 file changed, 147 insertions(+), 134 deletions(-)","This commit optimizes the rv64 JIT by utilizing compressed instructions to reduce code size when RVC is enabled.","rv64,JIT,optimization","A performance optimization. It improves the performance of existing code such as reducing latency or improving throughput.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"da7a35062bcccd3f67779a357065ba707b02ff2b","da7a35062bcccd3f67779a357065ba707b02ff2b","Ian Rogers","irogers@google.com","1595225861","Alexei Starovoitov","ast@kernel.org","1595363185","abe364c7964ce93163f3dcd4dbdb74d8c19e2b28","94ad428df53688a1f80ab55f2b1186101510a778","libbpf bpf_helpers: Use __builtin_offsetof for offsetof The non-builtin route for offsetof has a dependency on size_t from stdlib.h/stdint.h that is undeclared and may break targets. The offsetof macro in bpf_helpers may disable the same macro in other headers that have a #ifdef offsetof guard. Rather than add additional dependencies improve the offsetof macro declared here to use the builtin that is available since llvm 3.7 (the first with a BPF backend). Signed-off-by: Ian Rogers Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200720061741.1514673-1-irogers@google.com","tools/lib/bpf/bpf_helpers.h | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","This commit updates the offsetof macro in libbpf bpf_helpers to use the __builtin_offsetof to avoid dependency issues.","libbpf,offsetof,__builtin_offsetof","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"804ec72c68c8477b8713a1e8f8eda120d3471031","804ec72c68c8477b8713a1e8f8eda120d3471031","Luke Nelson","lukenels@cs.washington.edu","1595299959","Alexei Starovoitov","ast@kernel.org","1595363185","840d9967eae77dca98a37655859a18c040d30069","bfabff3cb0fef366086c64f24be8ab316a355b99","bpf, riscv: Add encodings for compressed instructions This patch adds functions for encoding and emitting compressed riscv (RVC) instructions to the BPF JIT. Some regular riscv instructions can be compressed into an RVC instruction if the instruction fields meet some requirements. For example, ""add rd, rs1, rs2"" can be compressed into ""c.add rd, rs2"" when rd == rs1. To make using RVC encodings simpler, this patch also adds helper functions that selectively emit either a regular instruction or a compressed instruction if possible. For example, emit_add will produce a ""c.add"" if possible and regular ""add"" otherwise. Signed-off-by: Luke Nelson Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200721025241.8077-3-luke.r.nels@gmail.com","arch/riscv/net/bpf_jit.h | 452 +++++++++++++++++++++++++++++++++++++++++++++++; 1 file changed, 452 insertions(+)","The commit adds functions for encoding and using compressed RISC-V instructions in the BPF JIT compiler.","RISC-V, JIT, compressed","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"94ad428df53688a1f80ab55f2b1186101510a778","94ad428df53688a1f80ab55f2b1186101510a778","Ilya Leoshkevich","iii@linux.ibm.com","1595004806","Alexei Starovoitov","ast@kernel.org","1595363185","98b3673de83bb6f68512db53ddc837ac09cbe233","1491b73311a15bb5beeab5d30e03bff761ef6c18","s390/bpf: Use bpf_skip() in bpf_jit_prologue() Now that we have bpf_skip() for emitting nops, use it in bpf_jit_prologue() in order to reduce code duplication. Signed-off-by: Ilya Leoshkevich Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200717165326.6786-6-iii@linux.ibm.com","arch/s390/net/bpf_jit_comp.c | 9 +++++----; 1 file changed, 5 insertions(+), 4 deletions(-)","This commit refactors the s390 BPF JIT prologue to use bpf_skip for emitting nops, reducing code duplication.","s390,BPF,JIT","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"bfabff3cb0fef366086c64f24be8ab316a355b99","bfabff3cb0fef366086c64f24be8ab316a355b99","Luke Nelson","lukenels@cs.washington.edu","1595299958","Alexei Starovoitov","ast@kernel.org","1595363185","7e6e73a32c62c4ca261abbf0a570f758f3103a84","956fcfcd359512f15b19bcd157fa8206ed26605b","bpf, riscv: Modify JIT ctx to support compressed instructions This patch makes the necessary changes to struct rv_jit_context and to bpf_int_jit_compile to support compressed riscv (RVC) instructions in the BPF JIT. It changes the JIT image to be u16 instead of u32, since RVC instructions are 2 bytes as opposed to 4. It also changes ctx->offset and ctx->ninsns to refer to 2-byte instructions rather than 4-byte ones. The riscv PC is required to be 16-bit aligned with or without RVC, so this is sufficient to refer to any valid riscv offset. The code for computing jump offsets in bytes is updated accordingly, and factored into a new ""ninsns_rvoff"" function to simplify the code. Signed-off-by: Luke Nelson Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200721025241.8077-2-luke.r.nels@gmail.com","arch/riscv/net/bpf_jit.h | 31 ++++++++++++++++++++++++++++---; arch/riscv/net/bpf_jit_comp32.c | 14 +++++++-------; arch/riscv/net/bpf_jit_comp64.c | 12 ++++++------; arch/riscv/net/bpf_jit_core.c | 6 +++---; 4 files changed, 44 insertions(+), 19 deletions(-)","Support for compressed RISC-V instructions is added to the eBPF JIT compiler by modifying the JIT context structure.","RISC-V,JIT,compressed","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"1491b73311a15bb5beeab5d30e03bff761ef6c18","1491b73311a15bb5beeab5d30e03bff761ef6c18","Ilya Leoshkevich","iii@linux.ibm.com","1595004805","Alexei Starovoitov","ast@kernel.org","1595363185","fcef3f57edcb12923456221bdbdb6532a589368d","5fa6974471c5518a50bdd814067508dbcb477251","s390/bpf: Tolerate not converging code shrinking ""BPF_MAXINSNS: Maximum possible literals"" unnecessarily falls back to the interpreter because of failing sanity check in bpf_set_addr. The problem is that there are a lot of branches that can be shrunk, and doing so opens up the possibility to shrink even more. This process does not converge after 3 passes, causing code offsets to change during the codegen pass, which must never happen. Fix by inserting nops during codegen pass in order to preserve code offets. Fixes: 4e9b4a6883dd (""s390/bpf: Use relative long branches"") Signed-off-by: Ilya Leoshkevich Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200717165326.6786-5-iii@linux.ibm.com","arch/s390/net/bpf_jit_comp.c | 27 ++++++++++++++++++++++++++-; 1 file changed, 26 insertions(+), 1 deletion(-)","Fixes non-converging code shrinking in s390 BPF JIT by inserting NOPs during codegen to preserve code offsets.","s390,BPF,JIT","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"5fa6974471c5518a50bdd814067508dbcb477251","5fa6974471c5518a50bdd814067508dbcb477251","Ilya Leoshkevich","iii@linux.ibm.com","1595004804","Alexei Starovoitov","ast@kernel.org","1595363185","fffc3137156ad321370641684a593de6532dcf9c","7477d43be5b1448bc0d4c85cb185a0144cc080e1","s390/bpf: Use brcl for jumping to exit_ip if necessary ""BPF_MAXINSNS: Maximum possible literals"" test causes panic with bpf_jit_harden = 2. The reason is that BPF_JMP | BPF_EXIT is always emitted as brc, however, after removal of JITed image size limitations, brcl might be required. Fix by using brcl when necessary. Fixes: 4e9b4a6883dd (""s390/bpf: Use relative long branches"") Signed-off-by: Ilya Leoshkevich Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200717165326.6786-4-iii@linux.ibm.com","arch/s390/net/bpf_jit_comp.c | 8 ++++++--; 1 file changed, 6 insertions(+), 2 deletions(-)","This commit fixes a panic on s390 architecture by using brcl instead of brc when BPF_JMP requires it.","s390, brcl, panic","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"7477d43be5b1448bc0d4c85cb185a0144cc080e1","7477d43be5b1448bc0d4c85cb185a0144cc080e1","Ilya Leoshkevich","iii@linux.ibm.com","1595004803","Alexei Starovoitov","ast@kernel.org","1595363184","b793d3f549d3590bd3df11bd09d276c22c94c62c","2ea485980734500d41e4530f038d94a21e2b3b34","s390/bpf: Fix sign extension in branch_ku Both signed and unsigned variants of BPF_JMP | BPF_K require sign-extending the immediate. JIT emits cgfi for the signed case, which is correct, and clgfi for the unsigned case, which is not correct: clgfi zero-extends the immediate. s390 does not provide an instruction that does sign-extension and unsigned comparison at the same time. Therefore, fix by first loading the sign-extended immediate into work register REG_1 and proceeding as if it's BPF_X. Fixes: 4e9b4a6883dd (""s390/bpf: Use relative long branches"") Reported-by: Seth Forshee Signed-off-by: Ilya Leoshkevich Signed-off-by: Alexei Starovoitov Tested-by: Seth Forshee Link: https://lore.kernel.org/bpf/20200717165326.6786-3-iii@linux.ibm.com","arch/s390/net/bpf_jit_comp.c | 19 ++++---------------; 1 file changed, 4 insertions(+), 15 deletions(-)","This commit resolves incorrect sign extension for unsigned BPF_JMP operations on s390 architecture.","sign extension s390","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear."", ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"2ea485980734500d41e4530f038d94a21e2b3b34","2ea485980734500d41e4530f038d94a21e2b3b34","Ilya Leoshkevich","iii@linux.ibm.com","1595004802","Alexei Starovoitov","ast@kernel.org","1595363184","3051386c5188058fb0ee510225864c8b62daee54","c576b9c77bea9a8ad11ddc277af3edbf15733ddd","selftests: bpf: test_kmod.sh: Fix running out of srctree When running out of srctree, relative path to lib/test_bpf.ko is different than when running in srctree. Check $building_out_of_srctree environment variable and use a different relative path if needed. Signed-off-by: Ilya Leoshkevich Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200717165326.6786-2-iii@linux.ibm.com","tools/testing/selftests/bpf/test_kmod.sh | 12 +++++++++---; 1 file changed, 9 insertions(+), 3 deletions(-)","Fix test_kmod.sh script for running out of srctree by checking $building_out_of_srctree variable.","test_kmod, srctree, path","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"c576b9c77bea9a8ad11ddc277af3edbf15733ddd","c576b9c77bea9a8ad11ddc277af3edbf15733ddd","Lorenzo Bianconi","lorenzo@kernel.org","1595173961","Alexei Starovoitov","ast@kernel.org","1595348128","9fafd2a3f6f6d21f2afbbd91d9f4b57b06173d39","343ead287dde0064c430ee1db477726f52e0269c","bpf: cpumap: Fix possible rcpu kthread hung Fix the following cpumap kthread hung. The issue is currently occurring when __cpu_map_load_bpf_program fails (e.g if the bpf prog has not BPF_XDP_CPUMAP as expected_attach_type) $./test_progs -n 101 101/1 cpumap_with_progs:OK 101 xdp_cpumap_attach:OK Summary: 1/1 PASSED, 0 SKIPPED, 0 FAILED [ 369.996478] INFO: task cpumap/0/map:7:205 blocked for more than 122 seconds. [ 369.998463] Not tainted 5.8.0-rc4-01472-ge57892f50a07 #212 [ 370.000102] ""echo 0 > /proc/sys/kernel/hung_task_timeout_secs"" disables this message. [ 370.001918] cpumap/0/map:7 D 0 205 2 0x00004000 [ 370.003228] Call Trace: [ 370.003930] __schedule+0x5c7/0xf50 [ 370.004901] ? io_schedule_timeout+0xb0/0xb0 [ 370.005934] ? static_obj+0x31/0x80 [ 370.006788] ? mark_held_locks+0x24/0x90 [ 370.007752] ? cpu_map_bpf_prog_run_xdp+0x6c0/0x6c0 [ 370.008930] schedule+0x6f/0x160 [ 370.009728] schedule_preempt_disabled+0x14/0x20 [ 370.010829] kthread+0x17b/0x240 [ 370.011433] ? kthread_create_worker_on_cpu+0xd0/0xd0 [ 370.011944] ret_from_fork+0x1f/0x30 [ 370.012348] Showing all locks held in the system: [ 370.013025] 1 lock held by khungtaskd/33: [ 370.013432] #0: ffffffff82b24720 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x28/0x1c3 [ 370.014461] ============================================= Fixes: 9216477449f3 (""bpf: cpumap: Add the possibility to attach an eBPF program to cpumap"") Reported-by: Jakub Sitnicki Signed-off-by: Lorenzo Bianconi Signed-off-by: Alexei Starovoitov Tested-by: Jakub Sitnicki Reviewed-by: Jakub Sitnicki Link: https://lore.kernel.org/bpf/e54f2aabf959f298939e5507b09c48f8c2e380be.1595170625.git.lorenzo@kernel.org","kernel/bpf/cpumap.c | 11 +++++++----; 1 file changed, 7 insertions(+), 4 deletions(-)","Fixes a potential hang in cpumap kthread when loading a BPF program fails due to incorrect attach type.","cpumap,kthread,BPF","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"343ead287dde0064c430ee1db477726f52e0269c","343ead287dde0064c430ee1db477726f52e0269c","Jakub Sitnicki","jakub@cloudflare.com","1595326036","Alexei Starovoitov","ast@kernel.org","1595347954","aaa24b1f2575e47e47a27218df25d0049dc8307d","e57892f50a07953053dcb1e0c9431197e569c258","bpf, netns: Fix build without CONFIG_INET When CONFIG_NET is set but CONFIG_INET isn't, build fails with: ld: kernel/bpf/net_namespace.o: in function `netns_bpf_attach_type_unneed': kernel/bpf/net_namespace.c:32: undefined reference to `bpf_sk_lookup_enabled' ld: kernel/bpf/net_namespace.o: in function `netns_bpf_attach_type_need': kernel/bpf/net_namespace.c:43: undefined reference to `bpf_sk_lookup_enabled' This is because without CONFIG_INET bpf_sk_lookup_enabled symbol is not available. Wrap references to bpf_sk_lookup_enabled with preprocessor conditionals. Fixes: 1559b4aa1db4 (""inet: Run SK_LOOKUP BPF program on socket lookup"") Reported-by: Randy Dunlap Reported-by: Stephen Rothwell Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Acked-by: Randy Dunlap # build-tested Link: https://lore.kernel.org/bpf/20200721100716.720477-1-jakub@cloudflare.com","kernel/bpf/net_namespace.c | 4 ++++; 1 file changed, 4 insertions(+)","This commit corrects a build issue in the BPF net namespace when CONFIG_INET is not set by wrapping code with preprocessor conditionals.","build,netnamespace,CONFIG_INET","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', 'Netfilter related type programs. It impacts programs interacting with the Netfilter framework used in packet filtering and NAT.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"f143c11bb7b924403ea2d5b5c990717772293620","f143c11bb7b924403ea2d5b5c990717772293620","Will Deacon","will@kernel.org","1574340100","Will Deacon","will@kernel.org","1595325035","e3a0c0327343bbb7123fb09a252ca79ed51b99a7","9ebcfadb0610322ac537dd7aa5d9cbc2b2894c68","tools: bpf: Use local copy of headers including uapi/linux/filter.h Pulling header files directly out of the kernel sources for inclusion in userspace programs is highly error prone, not least because it bypasses the kbuild infrastructure entirely and so may end up referencing other header files that have not been generated. Subsequent patches will cause compiler.h to pull in the ungenerated asm/rwonce.h file via filter.h, breaking the build for tools/bpf: | $ make -C tools/bpf | make: Entering directory '/linux/tools/bpf' | CC bpf_jit_disasm.o | LINK bpf_jit_disasm | CC bpf_dbg.o | In file included from /linux/include/uapi/linux/filter.h:9, | from /linux/tools/bpf/bpf_dbg.c:41: | /linux/include/linux/compiler.h:247:10: fatal error: asm/rwonce.h: No such file or directory | #include | ^~~~~~~~~~~~~~ | compilation terminated. | make: *** [Makefile:61: bpf_dbg.o] Error 1 | make: Leaving directory '/linux/tools/bpf' Take a copy of the installed version of linux/filter.h (i.e. the one created by the 'headers_install' target) into tools/include/uapi/linux/ and adjust the BPF tool Makefile to reference the local include directories instead of those in the main source tree. Cc: Masahiro Yamada Acked-by: Peter Zijlstra (Intel) Acked-by: Alexei Starovoitov Suggested-by: Daniel Borkmann Reported-by: Xiao Yang Signed-off-by: Will Deacon ","tools/bpf/Makefile | 3 +-; tools/include/uapi/linux/filter.h | 90 +++++++++++++++++++++++++++++++++++++++; 2 files changed, 92 insertions(+), 1 deletion(-)","The commit resolves build issues for the BPF tool by using a local copy of headers instead of the kernel source.","local copy, headers, build","A build system or CI/CD change. It affects the build process continuous integration or deployment pipelines.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"2b9843fbe15276a98cae74d5818dd55600e19052","2b9843fbe15276a98cae74d5818dd55600e19052","Briana Oursler","briana.oursler@gmail.com","1595022879","David S. Miller","davem@davemloft.net","1595294977","f4aefcff039729ed1d4bdaf1d345dc1cb1f8f4bc","c3466a768eaa8d08551dafd552bac2f2698f73cc","tc-testing: Add tdc to kselftests Add tdc to existing kselftest infrastructure so that it can be run with existing kselftests. TDC now generates objects in objdir/kselftest without cluttering main objdir, leaves source directory clean, and installs correctly in kselftest_install, properly adding itself to run_kselftest.sh script. Add tc-testing as a target of selftests/Makefile. Create tdc.sh to run tdc.py targets with correct arguments. To support single target from selftest/Makefile, combine tc-testing/bpf/Makefile and tc-testing/Makefile. Move action.c up a directory to tc-testing/. Tested with: make O=/tmp/{objdir} TARGETS=""tc-testing"" kselftest cd /tmp/{objdir} cd kselftest cd tc-testing ./tdc.sh make -C tools/testing/selftests/ TARGETS=tc-testing run_tests make TARGETS=""tc-testing"" kselftest cd tools/testing/selftests ./kselftest_install.sh /tmp/exampledir My VM doesn't run all the kselftests so I commented out all except my target and net/pmtu.sh then: cd /tmp/exampledir && ./run_kselftest.sh Co-developed-by: Davide Caratti Signed-off-by: Davide Caratti Signed-off-by: Briana Oursler Signed-off-by: David S. Miller ","tools/testing/selftests/Makefile | 1 +; tools/testing/selftests/tc-testing/Makefile | 33 ++++++++++++++++++++++++; tools/testing/selftests/tc-testing/action.c | 23 +++++++++++++++++; tools/testing/selftests/tc-testing/bpf/Makefile | 30 ---------------------; tools/testing/selftests/tc-testing/bpf/action.c | 23 -----------------; tools/testing/selftests/tc-testing/tdc.sh | 5 ++++; tools/testing/selftests/tc-testing/tdc_config.py | 2 +-; 7 files changed, 63 insertions(+), 54 deletions(-)","The commit integrates 'tdc' into kselftests for streamlined testing of 'tc-testing' targets.","tdc,kselftests,tc-testing","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['tc related type programs. It affects programs managing traffic control (tc) for queuing or prioritizing network traffic.']" +"3f161e0ae863a0456d00e5a6c9c81098c62ab7fe","3f161e0ae863a0456d00e5a6c9c81098c62ab7fe","Ilya Leoshkevich","iii@linux.ibm.com","1593003322","Heiko Carstens","hca@linux.ibm.com","1595235359","d4c1e0aa6f634e733c75274da6c5c48cab8d46b6","05a68e892e89c97df6650cd8cc55058002657cbc","s390/bpf: implement BPF_PROBE_MEM This is a s390 port of x86 commit 3dec541b2e63 (""bpf: Add support for BTF pointers to x86 JIT""). Signed-off-by: Ilya Leoshkevich Reviewed-by: Heiko Carstens Signed-off-by: Heiko Carstens ","arch/s390/net/bpf_jit_comp.c | 139 ++++++++++++++++++++++++++++++++++++++++++-; 1 file changed, 138 insertions(+), 1 deletion(-)","This commit implements BPF_PROBE_MEM support in the eBPF JIT compiler for the s390 architecture.","s390,BPF_PROBE_MEM,JIT","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"4d295e54611509854a12c26f95a6f4430731d614","4d295e54611509854a12c26f95a6f4430731d614","Christoph Hellwig","hch@lst.de","1594966993","David S. Miller","davem@davemloft.net","1595207800","11f6ced04b1be8c3c59e8d62031c1e4c9f157a36","d8a9b38f83ea91341f80beb0a07a5777c6acf7a4","net: simplify cBPF setsockopt compat handling Add a helper that copies either a native or compat bpf_fprog from userspace after verifying the length, and remove the compat setsockopt handlers that now aren't required. Signed-off-by: Christoph Hellwig Signed-off-by: David S. Miller ","include/linux/filter.h | 4 ++--; include/net/compat.h | 1 -; net/compat.c | 45 +--------------------------------------------; net/core/filter.c | 23 +++++++++++++++++++++++; net/core/sock.c | 30 ++++++++++--------------------; net/packet/af_packet.c | 33 ++++-----------------------------; 6 files changed, 40 insertions(+), 96 deletions(-)","The commit refactors the handling of cBPF setsockopt compatibility by simplifying code with a new helper function.","cBPF, setsockopt, refactoring","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"92188b41f1394d5e4399fcb28c13a2933f255255","92188b41f1394d5e4399fcb28c13a2933f255255","Linus Torvalds","torvalds@linux-foundation.org","1595187307","Linus Torvalds","torvalds@linux-foundation.org","1595187307","6674a73d24a1f52073381524d74dea47d87f66d4","efb9666e900b6f8f079adb2ab18a7be266434cd3 25d4e7f513d4f8afcf81cb6f00edf1248b0ff8fc","Merge tag 'perf-tools-fixes-2020-07-19' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux into master Pull perf tooling fixes from Arnaldo Carvalho de Melo: - Update hashmap.h from libbpf and kvm.h from x86's kernel UAPI. - Set opt->set in libsubcmd's OPT_CALLBACK_SET(). This fixes 'perf record --switch-output-event event-name' usage"" * tag 'perf-tools-fixes-2020-07-19' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux: tools arch kvm: Sync kvm headers with the kernel sources perf tools: Sync hashmap.h with libbpf's libsubcmd: Fix OPT_CALLBACK_SET()","","This commit merges perf tooling fixes, updating hashmap.h from libbpf and kvm.h for synchronization with kernel sources.","merge,perf,tooling","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"e57892f50a07953053dcb1e0c9431197e569c258","e57892f50a07953053dcb1e0c9431197e569c258","Alexei Starovoitov","ast@kernel.org","1595042298","Alexei Starovoitov","ast@kernel.org","1595042372","c300e4e02983d21d2d2c58dfe08261c36786c519","bfdfa51702dec67e9fcd52568b4cf3c7f799db8b 0ab5539f85840d3c4e5a8a4783901c0038f8321e","Merge branch 'bpf-socket-lookup' Jakub Sitnicki says: ==================== Changelog ========= v4 -> v5: - Enforce BPF prog return value to be SK_DROP or SK_PASS. (Andrii) - Simplify prog runners now that only SK_DROP/PASS can be returned. - Enable bpf_perf_event_output from the start. (Andrii) - Drop patch ""selftests/bpf: Rename test_sk_lookup_kern.c to test_ref_track_kern.c"" - Remove tests for narrow loads from context at an offset wider in size than target field, while we are discussing how to fix it: https://lore.kernel.org/bpf/20200710173123.427983-1-jakub@cloudflare.com/ - Rebase onto recent bpf-next (bfdfa51702de) - Other minor changes called out in per-patch changelogs, see patches: 2, 4, 6, 13-15 - Carried over Andrii's Acks where nothing changed. v3 -> v4: - Reduce BPF prog return codes to SK_DROP/SK_PASS (Lorenz) - Default to drop on illegal return value from BPF prog (Lorenz) - Extend bpf_sk_assign to accept NULL socket pointer. - Switch to saner return values and add docs for new prog_array API (Andrii) - Add support for narrow loads from BPF context fields (Yonghong) - Fix broken build when IPv6 is compiled as a module (kernel test robot) - Fix null/wild-ptr-deref on BPF context access - Rebase to recent bpf-next (eef8a42d6ce0) - Other minor changes called out in per-patch changelogs, see patches 1-2, 4, 6, 8, 10-12, 14, 16 v2 -> v3: - Switch to link-based program attachment - Support for multi-prog attachment - Ability to skip reuseport socket selection - Code on RX path is guarded by a static key - struct in6_addr's are no longer copied into BPF prog context - BPF prog context is initialized as late as possible - Changes called out in patches 1-2, 4, 6, 8, 10-14, 16 - Patches dropped: 01/17 flow_dissector: Extract attach/detach/query helpers 03/17 inet: Store layer 4 protocol in inet_hashinfo 08/17 udp: Store layer 4 protocol in udp_table v1 -> v2: - Changes called out in patches 2, 13-15, 17 - Rebase to recent bpf-next (b4563facdcae) RFCv2 -> v1: - Switch to fetching a socket from a map and selecting a socket with bpf_sk_assign, instead of having a dedicated helper that does both. - Run reuseport logic on sockets selected by BPF sk_lookup. - Allow BPF sk_lookup to fail the lookup with no match. - Go back to having just 2 hash table lookups in UDP. RFCv1 -> RFCv2: - Make socket lookup redirection map-based. BPF program now uses a dedicated helper and a SOCKARRAY map to select the socket to redirect to. A consequence of this change is that bpf_inet_lookup context is now read-only. - Look for connected UDP sockets before allowing redirection from BPF. This makes connected UDP socket work as expected in the presence of inet_lookup prog. - Share the code for BPF_PROG_{ATTACH,DETACH,QUERY} with flow_dissector, the only other per-netns BPF prog type. Overview ======== This series proposes a new BPF program type named BPF_PROG_TYPE_SK_LOOKUP, or BPF sk_lookup for short. BPF sk_lookup program runs when transport layer is looking up a listening socket for a new connection request (TCP), or when looking up an unconnected socket for a packet (UDP). This serves as a mechanism to overcome the limits of what bind() API allows to express. Two use-cases driving this work are: (1) steer packets destined to an IP range, fixed port to a single socket 192.0.2.0/24, port 80 -> NGINX socket (2) steer packets destined to an IP address, any port to a single socket 198.51.100.1, any port -> L7 proxy socket In its context, program receives information about the packet that triggered the socket lookup. Namely IP version, L4 protocol identifier, and address 4-tuple. To select a socket BPF program fetches it from a map holding socket references, like SOCKMAP or SOCKHASH, calls bpf_sk_assign(ctx, sk, ...) helper to record the selection, and returns SK_PASS code. Transport layer then uses the selected socket as a result of socket lookup. Alternatively, program can also fail the lookup (SK_DROP), or let the lookup continue as usual (SK_PASS without selecting a socket). This lets the user match packets with listening (TCP) or receiving (UDP) sockets freely at the last possible point on the receive path, where we know that packets are destined for local delivery after undergoing policing, filtering, and routing. Program is attached to a network namespace, similar to BPF flow_dissector. We add a new attach type, BPF_SK_LOOKUP, for this. Multiple programs can be attached at the same time, in which case their return values are aggregated according the rules outlined in patch #4 description. Series structure ================ Patches are organized as so: 1: enables multiple link-based prog attachments for bpf-netns 2: introduces sk_lookup program type 3-4: hook up the program to run on ipv4/tcp socket lookup 5-6: hook up the program to run on ipv6/tcp socket lookup 7-8: hook up the program to run on ipv4/udp socket lookup 9-10: hook up the program to run on ipv6/udp socket lookup 11-13: libbpf & bpftool support for sk_lookup 14-15: verifier and selftests for sk_lookup Patches are also available on GH: https://github.com/jsitnicki/linux/commits/bpf-inet-lookup-v5 Follow-up work ============== I'll follow up with below items, which IMHO don't block the review: - benchmark results for udp6 small packet flood scenario, - user docs for new BPF prog type, Documentation/bpf/prog_sk_lookup.rst, - timeout for accept() in tests after extending network_helper.[ch]. Thanks to the reviewers for their feedback to this patch series: Cc: Alexei Starovoitov Cc: Andrii Nakryiko Cc: Lorenz Bauer Cc: Marek Majkowski Cc: Martin KaFai Lau Cc: Yonghong Song -jkbs [RFCv1] https://lore.kernel.org/bpf/20190618130050.8344-1-jakub@cloudflare.com/ [RFCv2] https://lore.kernel.org/bpf/20190828072250.29828-1-jakub@cloudflare.com/ [v1] https://lore.kernel.org/bpf/20200511185218.1422406-18-jakub@cloudflare.com/ [v2] https://lore.kernel.org/bpf/20200506125514.1020829-1-jakub@cloudflare.com/ [v3] https://lore.kernel.org/bpf/20200702092416.11961-1-jakub@cloudflare.com/ [v4] https://lore.kernel.org/bpf/20200713174654.642628-1-jakub@cloudflare.com/ ==================== Reviewed-by: Lorenz Bauer Signed-off-by: Alexei Starovoitov ","","This commit merges the 'bpf-socket-lookup' branch, introducing the BPF sk_lookup program type with various enhancements.","BPF, socket, merge","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', 'Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', ""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"0ab5539f85840d3c4e5a8a4783901c0038f8321e","0ab5539f85840d3c4e5a8a4783901c0038f8321e","Jakub Sitnicki","jakub@cloudflare.com","1594982136","Alexei Starovoitov","ast@kernel.org","1595042297","c300e4e02983d21d2d2c58dfe08261c36786c519","f7726cbea402fc92a3c27226b761a6dbc0390cac","selftests/bpf: Tests for BPF_SK_LOOKUP attach point Add tests to test_progs that exercise: - attaching/detaching/querying programs to BPF_SK_LOOKUP hook, - redirecting socket lookup to a socket selected by BPF program, - failing a socket lookup on BPF program's request, - error scenarios for selecting a socket from BPF program, - accessing BPF program context, - attaching and running multiple BPF programs. Run log: bash-5.0# ./test_progs -n 70 #70/1 query lookup prog:OK #70/2 TCP IPv4 redir port:OK #70/3 TCP IPv4 redir addr:OK #70/4 TCP IPv4 redir with reuseport:OK #70/5 TCP IPv4 redir skip reuseport:OK #70/6 TCP IPv6 redir port:OK #70/7 TCP IPv6 redir addr:OK #70/8 TCP IPv4->IPv6 redir port:OK #70/9 TCP IPv6 redir with reuseport:OK #70/10 TCP IPv6 redir skip reuseport:OK #70/11 UDP IPv4 redir port:OK #70/12 UDP IPv4 redir addr:OK #70/13 UDP IPv4 redir with reuseport:OK #70/14 UDP IPv4 redir skip reuseport:OK #70/15 UDP IPv6 redir port:OK #70/16 UDP IPv6 redir addr:OK #70/17 UDP IPv4->IPv6 redir port:OK #70/18 UDP IPv6 redir and reuseport:OK #70/19 UDP IPv6 redir skip reuseport:OK #70/20 TCP IPv4 drop on lookup:OK #70/21 TCP IPv6 drop on lookup:OK #70/22 UDP IPv4 drop on lookup:OK #70/23 UDP IPv6 drop on lookup:OK #70/24 TCP IPv4 drop on reuseport:OK #70/25 TCP IPv6 drop on reuseport:OK #70/26 UDP IPv4 drop on reuseport:OK #70/27 TCP IPv6 drop on reuseport:OK #70/28 sk_assign returns EEXIST:OK #70/29 sk_assign honors F_REPLACE:OK #70/30 sk_assign accepts NULL socket:OK #70/31 access ctx->sk:OK #70/32 narrow access to ctx v4:OK #70/33 narrow access to ctx v6:OK #70/34 sk_assign rejects TCP established:OK #70/35 sk_assign rejects UDP connected:OK #70/36 multi prog - pass, pass:OK #70/37 multi prog - drop, drop:OK #70/38 multi prog - pass, drop:OK #70/39 multi prog - drop, pass:OK #70/40 multi prog - pass, redir:OK #70/41 multi prog - redir, pass:OK #70/42 multi prog - drop, redir:OK #70/43 multi prog - redir, drop:OK #70/44 multi prog - redir, redir:OK #70 sk_lookup:OK Summary: 1/44 PASSED, 0 SKIPPED, 0 FAILED Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200717103536.397595-16-jakub@cloudflare.com","tools/testing/selftests/bpf/network_helpers.c | 58 +-; tools/testing/selftests/bpf/network_helpers.h | 2 +; tools/testing/selftests/bpf/prog_tests/sk_lookup.c | 1282 ++++++++++++++++++++; tools/testing/selftests/bpf/progs/test_sk_lookup.c | 641 ++++++++++; 4 files changed, 1960 insertions(+), 23 deletions(-)","This commit adds selftests for BPF_SK_LOOKUP related to program attachment and socket event handling.","selftests,BPF_SK_LOOKUP,sockets","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"f7726cbea402fc92a3c27226b761a6dbc0390cac","f7726cbea402fc92a3c27226b761a6dbc0390cac","Jakub Sitnicki","jakub@cloudflare.com","1594982135","Alexei Starovoitov","ast@kernel.org","1595042297","fec43be8b47c6fdfe80b396fb46fcb0f73387e99","93a3545d812ae7cfe4426374e00a7d8f64ac02e0","selftests/bpf: Add verifier tests for bpf_sk_lookup context access Exercise verifier access checks for bpf_sk_lookup context fields. Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200717103536.397595-15-jakub@cloudflare.com",".../testing/selftests/bpf/verifier/ctx_sk_lookup.c | 492 +++++++++++++++++++++; 1 file changed, 492 insertions(+)","The commit adds verifier tests to ensure bpf_sk_lookup context field access in eBPF selftests is checked.","verifier,tests,bpf_sk_lookup","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"93a3545d812ae7cfe4426374e00a7d8f64ac02e0","93a3545d812ae7cfe4426374e00a7d8f64ac02e0","Jakub Sitnicki","jakub@cloudflare.com","1594982134","Alexei Starovoitov","ast@kernel.org","1595042297","9e72efeb489d50b2fa8bddd1f0316e5ef7495063","499dd29d90bb78d4ac4f0d6648e26f4a339829b1","tools/bpftool: Add name mappings for SK_LOOKUP prog and attach type Make bpftool show human-friendly identifiers for newly introduced program and attach type, BPF_PROG_TYPE_SK_LOOKUP and BPF_SK_LOOKUP, respectively. Also, add the new prog type bash-completion, man page and help message. Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200717103536.397595-14-jakub@cloudflare.com","tools/bpf/bpftool/Documentation/bpftool-prog.rst | 2 +-; tools/bpf/bpftool/bash-completion/bpftool | 2 +-; tools/bpf/bpftool/common.c | 1 +; tools/bpf/bpftool/prog.c | 3 ++-; 4 files changed, 5 insertions(+), 3 deletions(-)","The commit enhances bpftool with human-friendly identifiers, documentation, and completion for SK_LOOKUP program and attach type.","bpftool, SK_LOOKUP, identifiers","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"499dd29d90bb78d4ac4f0d6648e26f4a339829b1","499dd29d90bb78d4ac4f0d6648e26f4a339829b1","Jakub Sitnicki","jakub@cloudflare.com","1594982133","Alexei Starovoitov","ast@kernel.org","1595042297","6c7544ec85114004dc6b4d81b41697b019a91cb7","a352b32ae969788b706f666f764702cd0ab4a40a","libbpf: Add support for SK_LOOKUP program type Make libbpf aware of the newly added program type, and assign it a section name. Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200717103536.397595-13-jakub@cloudflare.com","tools/lib/bpf/libbpf.c | 3 +++; tools/lib/bpf/libbpf.h | 2 ++; tools/lib/bpf/libbpf.map | 2 ++; tools/lib/bpf/libbpf_probes.c | 3 +++; 4 files changed, 10 insertions(+)","The commit adds support for the SK_LOOKUP program type in libbpf by defining a section name for it.","SK_LOOKUP,libbpf,program","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"a352b32ae969788b706f666f764702cd0ab4a40a","a352b32ae969788b706f666f764702cd0ab4a40a","Jakub Sitnicki","jakub@cloudflare.com","1594982132","Alexei Starovoitov","ast@kernel.org","1595042297","22e8ec64ad0e7ae73a73611189b9d6f442fe884c","6d4201b1386b335bb53628a04ad63e547872dc5a","bpf: Sync linux/bpf.h to tools/ Newly added program, context type and helper is used by tests in a subsequent patch. Synchronize the header file. Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200717103536.397595-12-jakub@cloudflare.com","tools/include/uapi/linux/bpf.h | 77 ++++++++++++++++++++++++++++++++++++++++++; 1 file changed, 77 insertions(+)","This commit updates the linux/bpf.h file in tools with new program and context type synchronization.","synchronize, header, tools","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"6d4201b1386b335bb53628a04ad63e547872dc5a","6d4201b1386b335bb53628a04ad63e547872dc5a","Jakub Sitnicki","jakub@cloudflare.com","1594982131","Alexei Starovoitov","ast@kernel.org","1595042297","0e70f7b235112512b6e9a2774e82899252550f4e","2a08748cd384cdfb8e1222bd3645a8d1d36e6a5d","udp6: Run SK_LOOKUP BPF program on socket lookup Same as for udp4, let BPF program override the socket lookup result, by selecting a receiving socket of its choice or failing the lookup, if no connected UDP socket matched packet 4-tuple. Suggested-by: Marek Majkowski Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200717103536.397595-11-jakub@cloudflare.com","net/ipv6/udp.c | 60 +++++++++++++++++++++++++++++++++++++++++++++++++---------; 1 file changed, 51 insertions(+), 9 deletions(-)","Runs SK_LOOKUP BPF program on udp6 socket lookup allowing BPF to choose or fail lookup results.","udp6, SK_LOOKUP, BPF","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here."", ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"2a08748cd384cdfb8e1222bd3645a8d1d36e6a5d","2a08748cd384cdfb8e1222bd3645a8d1d36e6a5d","Jakub Sitnicki","jakub@cloudflare.com","1594982130","Alexei Starovoitov","ast@kernel.org","1595042297","c7b7d99213a9d3f2a0081581ee137513d1e8c514","72f7e9440e9bd06f855b21eba09c1017395f430a","udp6: Extract helper for selecting socket from reuseport group Prepare for calling into reuseport from __udp6_lib_lookup as well. Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200717103536.397595-10-jakub@cloudflare.com","net/ipv6/udp.c | 37 ++++++++++++++++++++++++++-----------; 1 file changed, 26 insertions(+), 11 deletions(-)","Refactor UDP socket selection for reuseport group in IPv6 to enhance future functionality.","udp6, reuseport, helper","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","It's not related to any above. E.g. It affects a logic component in eBPF that is not listed here and not related to other events.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"72f7e9440e9bd06f855b21eba09c1017395f430a","72f7e9440e9bd06f855b21eba09c1017395f430a","Jakub Sitnicki","jakub@cloudflare.com","1594982129","Alexei Starovoitov","ast@kernel.org","1595042297","a2ab9be2f9bd1d0ca8e1f495e6a558f7fd5b21ec","7629c73a1466ec2348e9f64c874c19bf13f35f4c","udp: Run SK_LOOKUP BPF program on socket lookup Following INET/TCP socket lookup changes, modify UDP socket lookup to let BPF program select a receiving socket before searching for a socket by destination address and port as usual. Lookup of connected sockets that match packet 4-tuple is unaffected by this change. BPF program runs, and potentially overrides the lookup result, only if a 4-tuple match was not found. Suggested-by: Marek Majkowski Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200717103536.397595-9-jakub@cloudflare.com","net/ipv4/udp.c | 59 +++++++++++++++++++++++++++++++++++++++++++++++++---------; 1 file changed, 50 insertions(+), 9 deletions(-)","This commit modifies UDP socket lookup to allow BPF program involvement before searching by destination address and port.","UDP,socket,BPF","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"7629c73a1466ec2348e9f64c874c19bf13f35f4c","7629c73a1466ec2348e9f64c874c19bf13f35f4c","Jakub Sitnicki","jakub@cloudflare.com","1594982128","Alexei Starovoitov","ast@kernel.org","1595042297","3b6fd51afd2845ad55d27c32d3ac644661dbe669","1122702f02678597c4f1c7d316365ef502aafe08","udp: Extract helper for selecting socket from reuseport group Prepare for calling into reuseport from __udp4_lib_lookup as well. Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200717103536.397595-8-jakub@cloudflare.com","net/ipv4/udp.c | 34 ++++++++++++++++++++++++----------; 1 file changed, 24 insertions(+), 10 deletions(-)","This commit refactors the UDP code by extracting a helper function for socket selection from a reuseport group.","UDP, socket, reuseport","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"1122702f02678597c4f1c7d316365ef502aafe08","1122702f02678597c4f1c7d316365ef502aafe08","Jakub Sitnicki","jakub@cloudflare.com","1594982127","Alexei Starovoitov","ast@kernel.org","1595042297","84e18afaca401070713c6e78a313b2ad4113bd5a","5df6531292b5021ac9e4ed261eb7d1fa9ff3bf08","inet6: Run SK_LOOKUP BPF program on socket lookup Following ipv4 stack changes, run a BPF program attached to netns before looking up a listening socket. Program can return a listening socket to use as result of socket lookup, fail the lookup, or take no action. Suggested-by: Marek Majkowski Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200717103536.397595-7-jakub@cloudflare.com","include/linux/filter.h | 39 +++++++++++++++++++++++++++++++++++++++; net/ipv6/inet6_hashtables.c | 35 +++++++++++++++++++++++++++++++++++; 2 files changed, 74 insertions(+)","Introduces SK_LOOKUP BPF program execution during IPv6 socket lookup in the network namespace.","SK_LOOKUP IPv6 socket","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"5df6531292b5021ac9e4ed261eb7d1fa9ff3bf08","5df6531292b5021ac9e4ed261eb7d1fa9ff3bf08","Jakub Sitnicki","jakub@cloudflare.com","1594982126","Alexei Starovoitov","ast@kernel.org","1595042297","b99e0cd6e3ff65122e8fda2bdb9bb769cd3b3467","1559b4aa1db443096af493c7d621dc156054babe","inet6: Extract helper for selecting socket from reuseport group Prepare for calling into reuseport from inet6_lookup_listener as well. Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200717103536.397595-6-jakub@cloudflare.com","net/ipv6/inet6_hashtables.c | 31 ++++++++++++++++++++++---------; 1 file changed, 22 insertions(+), 9 deletions(-)","Refactor inet6_hashtables.c to extract a helper function for socket selection in reuseport groups.","inet6, reuseport, helper","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"1559b4aa1db443096af493c7d621dc156054babe","1559b4aa1db443096af493c7d621dc156054babe","Jakub Sitnicki","jakub@cloudflare.com","1594982125","Alexei Starovoitov","ast@kernel.org","1595042296","ecbdcacb6be084e01d4e8fe05b39a2789d540e63","80b373f74f9e28b0093930a6b95c929732f02512","inet: Run SK_LOOKUP BPF program on socket lookup Run a BPF program before looking up a listening socket on the receive path. Program selects a listening socket to yield as result of socket lookup by calling bpf_sk_assign() helper and returning SK_PASS code. Program can revert its decision by assigning a NULL socket with bpf_sk_assign(). Alternatively, BPF program can also fail the lookup by returning with SK_DROP, or let the lookup continue as usual with SK_PASS on return, when no socket has been selected with bpf_sk_assign(). This lets the user match packets with listening sockets freely at the last possible point on the receive path, where we know that packets are destined for local delivery after undergoing policing, filtering, and routing. With BPF code selecting the socket, directing packets destined to an IP range or to a port range to a single socket becomes possible. In case multiple programs are attached, they are run in series in the order in which they were attached. The end result is determined from return codes of all the programs according to following rules: 1. If any program returned SK_PASS and selected a valid socket, the socket is used as result of socket lookup. 2. If more than one program returned SK_PASS and selected a socket, last selection takes effect. 3. If any program returned SK_DROP, and no program returned SK_PASS and selected a socket, socket lookup fails with -ECONNREFUSED. 4. If all programs returned SK_PASS and none of them selected a socket, socket lookup continues to htable-based lookup. Suggested-by: Marek Majkowski Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200717103536.397595-5-jakub@cloudflare.com","include/linux/filter.h | 91 ++++++++++++++++++++++++++++++++++++++++++++++; kernel/bpf/net_namespace.c | 32 +++++++++++++++-; net/core/filter.c | 3 ++; net/ipv4/inet_hashtables.c | 31 ++++++++++++++++; 4 files changed, 156 insertions(+), 1 deletion(-)","This commit adds the capability to run BPF programs during socket lookups in the network receive path.","SK_LOOKUP,BPF,socket","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', 'Netfilter related type programs. It impacts programs interacting with the Netfilter framework used in packet filtering and NAT.', ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"80b373f74f9e28b0093930a6b95c929732f02512","80b373f74f9e28b0093930a6b95c929732f02512","Jakub Sitnicki","jakub@cloudflare.com","1594982124","Alexei Starovoitov","ast@kernel.org","1595042296","7174381683aa6f3bb0c48a77033ea00c7bb4efdf","e9ddbb7707ff5891616240026062b8c1e29864ca","inet: Extract helper for selecting socket from reuseport group Prepare for calling into reuseport from __inet_lookup_listener as well. Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200717103536.397595-4-jakub@cloudflare.com","net/ipv4/inet_hashtables.c | 29 ++++++++++++++++++++---------; 1 file changed, 20 insertions(+), 9 deletions(-)","The commit extracts a helper function for selecting a socket from a reuseport group to enhance code structure.","helper,reuseport,socket","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"e9ddbb7707ff5891616240026062b8c1e29864ca","e9ddbb7707ff5891616240026062b8c1e29864ca","Jakub Sitnicki","jakub@cloudflare.com","1594982123","Alexei Starovoitov","ast@kernel.org","1595042296","e8d481f2542beb53c3da92433757a8dbea363827","ce3aa9cc5109363099b7c4ac82e2c9768afcaf31","bpf: Introduce SK_LOOKUP program type with a dedicated attach point Add a new program type BPF_PROG_TYPE_SK_LOOKUP with a dedicated attach type BPF_SK_LOOKUP. The new program kind is to be invoked by the transport layer when looking up a listening socket for a new connection request for connection oriented protocols, or when looking up an unconnected socket for a packet for connection-less protocols. When called, SK_LOOKUP BPF program can select a socket that will receive the packet. This serves as a mechanism to overcome the limits of what bind() API allows to express. Two use-cases driving this work are: (1) steer packets destined to an IP range, on fixed port to a socket 192.0.2.0/24, port 80 -> NGINX socket (2) steer packets destined to an IP address, on any port to a socket 198.51.100.1, any port -> L7 proxy socket In its run-time context program receives information about the packet that triggered the socket lookup. Namely IP version, L4 protocol identifier, and address 4-tuple. Context can be further extended to include ingress interface identifier. To select a socket BPF program fetches it from a map holding socket references, like SOCKMAP or SOCKHASH, and calls bpf_sk_assign(ctx, sk, ...) helper to record the selection. Transport layer then uses the selected socket as a result of socket lookup. In its basic form, SK_LOOKUP acts as a filter and hence must return either SK_PASS or SK_DROP. If the program returns with SK_PASS, transport should look for a socket to receive the packet, or use the one selected by the program if available, while SK_DROP informs the transport layer that the lookup should fail. This patch only enables the user to attach an SK_LOOKUP program to a network namespace. Subsequent patches hook it up to run on local delivery path in ipv4 and ipv6 stacks. Suggested-by: Marek Majkowski Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200717103536.397595-3-jakub@cloudflare.com","include/linux/bpf-netns.h | 3 +; include/linux/bpf.h | 1 +; include/linux/bpf_types.h | 2 +; include/linux/filter.h | 17 +++++; include/uapi/linux/bpf.h | 77 +++++++++++++++++++; kernel/bpf/net_namespace.c | 5 ++; kernel/bpf/syscall.c | 9 +++; kernel/bpf/verifier.c | 13 +++-; net/core/filter.c | 180 +++++++++++++++++++++++++++++++++++++++++++++; scripts/bpf_helpers_doc.py | 9 ++-; 10 files changed, 312 insertions(+), 4 deletions(-)","Introduces SK_LOOKUP program type in BPF to enhance socket selection within the transport layer for new connections.","SK_LOOKUP,BPF,socket","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"ce3aa9cc5109363099b7c4ac82e2c9768afcaf31","ce3aa9cc5109363099b7c4ac82e2c9768afcaf31","Jakub Sitnicki","jakub@cloudflare.com","1594982122","Alexei Starovoitov","ast@kernel.org","1595042296","eeb94dffcd871572d88389730be81a9448663fd6","bfdfa51702dec67e9fcd52568b4cf3c7f799db8b","bpf, netns: Handle multiple link attachments Extend the BPF netns link callbacks to rebuild (grow/shrink) or update the prog_array at given position when link gets attached/updated/released. This let's us lift the limit of having just one link attached for the new attach type introduced by subsequent patch. No functional changes intended. Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200717103536.397595-2-jakub@cloudflare.com","include/linux/bpf.h | 3 ++; kernel/bpf/core.c | 55 ++++++++++++++++++++++++++++; kernel/bpf/net_namespace.c | 90 +++++++++++++++++++++++++++++++++++++++++-----; 3 files changed, 139 insertions(+), 9 deletions(-)","The commit modifies BPF netns to handle multiple link attachments and update prog_array as links change.","BPF, netns, link","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"94fddb7ad019ad9f14d33cd0a6cd159a52a082b8","94fddb7ad019ad9f14d33cd0a6cd159a52a082b8","Arnaldo Carvalho de Melo","acme@redhat.com","1594989318","Arnaldo Carvalho de Melo","acme@redhat.com","1594989318","79db3a3f234b73405b5580036b710b3dc0dc91ca","a2db71b9123492e67210985867b332db09eec0cf","perf tools: Sync hashmap.h with libbpf's To pick up the changes in: b2f9f1535bb9 (""libbpf: Fix libbpf hashmap on (I)LP32 architectures"") Silencing this warning: Warning: Kernel ABI header at 'tools/perf/util/hashmap.h' differs from latest version at 'tools/lib/bpf/hashmap.h' diff -u tools/perf/util/hashmap.h tools/lib/bpf/hashmap.h I'll eventually update the warning to remove the ""Kernel ABI"" part and instead state libbpf when noticing that the original is at ""tools/lib/something"". Cc: Adrian Hunter Cc: Alexei Starovoitov Cc: Andrii Nakryiko Cc: Jakub Bogusz Cc: Jiri Olsa Cc: Namhyung Kim Ian Rogers Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/util/hashmap.h | 12 ++++++++----; 1 file changed, 8 insertions(+), 4 deletions(-)","The commit syncs hashmap.h in perf tools with libbpf changes to address warnings.","hashmap,libbpf,perf","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"bfdfa51702dec67e9fcd52568b4cf3c7f799db8b","bfdfa51702dec67e9fcd52568b4cf3c7f799db8b","Randy Dunlap","rdunlap@infradead.org","1594862951","Daniel Borkmann","daniel@iogearbox.net","1594926009","5a10e45cd11ac8c0d047a0f3d9b6955260a9a508","e81e7a533742c30615f8b15390df6525cef96778","bpf: Drop duplicated words in uapi helper comments Drop doubled words ""will"" and ""attach"". Signed-off-by: Randy Dunlap Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/6b9f71ae-4f8e-0259-2c5d-187ddaefe6eb@infradead.org","include/uapi/linux/bpf.h | 6 +++---; tools/include/uapi/linux/bpf.h | 6 +++---; 2 files changed, 6 insertions(+), 6 deletions(-)","This commit removes duplicated words in uAPI helper comments in BPF header files.","duplicated,words,uAPI","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","It's not related to any above. E.g. It affects a logic component in eBPF that is not listed here and not related to other events.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"e81e7a533742c30615f8b15390df6525cef96778","e81e7a533742c30615f8b15390df6525cef96778","Stanislav Fomichev","sdf@google.com","1594852867","Daniel Borkmann","daniel@iogearbox.net","1594925829","ecf1d3c7989e38766aab4b931daefdd8062d833c","de40a8abf07bfa125b7496b20ce6f92c6370eecd","selftests/bpf: Fix possible hang in sockopt_inherit Andrii reported that sockopt_inherit occasionally hangs up on 5.5 kernel [0]. This can happen if server_thread runs faster than the main thread. In that case, pthread_cond_wait will wait forever because pthread_cond_signal was executed before the main thread was blocking. Let's move pthread_mutex_lock up a bit to make sure server_thread runs strictly after the main thread goes to sleep. (Not sure why this is 5.5 specific, maybe scheduling is less deterministic? But I was able to confirm that it does indeed happen in a VM.) [0] https://lore.kernel.org/bpf/CAEf4BzY0-bVNHmCkMFPgObs=isUAyg-dFzGDY7QWYkmm7rmTSg@mail.gmail.com/ Reported-by: Andrii Nakryiko Signed-off-by: Stanislav Fomichev Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200715224107.3591967-1-sdf@google.com","tools/testing/selftests/bpf/prog_tests/sockopt_inherit.c | 3 +--; 1 file changed, 1 insertion(+), 2 deletions(-)","The commit fixes a possible hang in the sockopt_inherit test by adjusting threading synchronization.","hang, sockopt_inherit, threading","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"de40a8abf07bfa125b7496b20ce6f92c6370eecd","de40a8abf07bfa125b7496b20ce6f92c6370eecd","Seth Forshee","seth.forshee@canonical.com","1594910371","Daniel Borkmann","daniel@iogearbox.net","1594925563","36f965cd455cbdcbb5bf96072639ed683d49068d","05500125021191f703d3759a7e94a37b7257d959","bpf: revert ""test_bpf: Flag tests that cannot be jited on s390"" This reverts commit 3203c9010060 (""test_bpf: flag tests that cannot be jited on s390""). The s390 bpf JIT previously had a restriction on the maximum program size, which required some tests in test_bpf to be flagged as expected failures. The program size limitation has been removed, and the tests now pass, so these tests should no longer be flagged. Fixes: d1242b10ff03 (""s390/bpf: Remove JITed image size limitations"") Signed-off-by: Seth Forshee Signed-off-by: Daniel Borkmann Reviewed-by: Ilya Leoshkevich Link: https://lore.kernel.org/bpf/20200716143931.330122-1-seth.forshee@canonical.com","lib/test_bpf.c | 20 --------------------; 1 file changed, 20 deletions(-)","Reverts a previous commit that flagged s390 tests as non-jitable due to removed JIT program size restrictions.","reverts, jits, s390","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"05500125021191f703d3759a7e94a37b7257d959","05500125021191f703d3759a7e94a37b7257d959","Lorenzo Bianconi","lorenzo@kernel.org","1594735002","Daniel Borkmann","daniel@iogearbox.net","1594911632","bbad9a6d54a3590b69b9e9d003023f0b2e64ef42","ce4dade7f12a8f3e7918184ac851d992f551805d","selftest: Add tests for XDP programs in CPUMAP entries Similar to what have been done for DEVMAP, introduce tests to verify ability to add a XDP program to an entry in a CPUMAP. Verify CPUMAP programs can not be attached to devices as a normal XDP program, and only programs with BPF_XDP_CPUMAP attach type can be loaded in a CPUMAP. Signed-off-by: Lorenzo Bianconi Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/9c632fcea5382ea7b4578bd06b6eddf382c3550b.1594734381.git.lorenzo@kernel.org",".../selftests/bpf/prog_tests/xdp_cpumap_attach.c | 70 ++++++++++++++++++++++; .../bpf/progs/test_xdp_with_cpumap_helpers.c | 36 +++++++++++; 2 files changed, 106 insertions(+)","The commit adds selftests for verifying XDP program attachment to CPUMAP entries.","selftest,XDP,CPUMAP","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"ce4dade7f12a8f3e7918184ac851d992f551805d","ce4dade7f12a8f3e7918184ac851d992f551805d","Lorenzo Bianconi","lorenzo@kernel.org","1594735001","Daniel Borkmann","daniel@iogearbox.net","1594911632","e835407b974caae990b0cfbfab6adca49efb2184","4be556cf5aef416904743f2cee689351f91445b6","samples/bpf: xdp_redirect_cpu: Load a eBPF program on cpumap Extend xdp_redirect_cpu_{usr,kern}.c adding the possibility to load a XDP program on cpumap entries. The following options have been added: - mprog-name: cpumap entry program name - mprog-filename: cpumap entry program filename - redirect-device: output interface if the cpumap program performs a XDP_REDIRECT to an egress interface - redirect-map: bpf map used to perform XDP_REDIRECT to an egress interface - mprog-disable: disable loading XDP program on cpumap entries Add xdp_pass, xdp_drop, xdp_redirect stats accounting Co-developed-by: Jesper Dangaard Brouer Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Lorenzo Bianconi Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/aa5a9a281b9dac425620fdabe82670ffb6bbdb92.1594734381.git.lorenzo@kernel.org","samples/bpf/xdp_redirect_cpu_kern.c | 25 ++++--; samples/bpf/xdp_redirect_cpu_user.c | 175 +++++++++++++++++++++++++++++++++---; 2 files changed, 178 insertions(+), 22 deletions(-)","The commit enhances xdp_redirect_cpu by enabling XDP program loading on cpumap entries and adding related options and stats.","xdp,cpumap,redirect","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"4be556cf5aef416904743f2cee689351f91445b6","4be556cf5aef416904743f2cee689351f91445b6","Lorenzo Bianconi","lorenzo@kernel.org","1594735000","Daniel Borkmann","daniel@iogearbox.net","1594911632","2bca25ef837d3f324c5bb3a113ccf8748bdf656a","28b1520ebf81ced970141640d90279ac7b9f1f9a","libbpf: Add SEC name for xdp programs attached to CPUMAP As for DEVMAP, support SEC(""xdp_cpumap/"") as a short cut for loading the program with type BPF_PROG_TYPE_XDP and expected attach type BPF_XDP_CPUMAP. Signed-off-by: Lorenzo Bianconi Signed-off-by: Daniel Borkmann Acked-by: Jesper Dangaard Brouer Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/33174c41993a6d860d9c7c1f280a2477ee39ed11.1594734381.git.lorenzo@kernel.org","tools/lib/bpf/libbpf.c | 2 ++; 1 file changed, 2 insertions(+)","Add support for ""xdp_cpumap/"" SEC name in libbpf for easier XDP program attachment to CPUMAP.","libbpf,XDP,CPUMAP","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"28b1520ebf81ced970141640d90279ac7b9f1f9a","28b1520ebf81ced970141640d90279ac7b9f1f9a","Lorenzo Bianconi","lorenzo@kernel.org","1594734999","Daniel Borkmann","daniel@iogearbox.net","1594911632","de19ec6e4d9ead265f11cceb9de9bf96d94475ec","9216477449f33cdbc9c9a99d49f500b7fbb81702","bpf: cpumap: Implement XDP_REDIRECT for eBPF programs attached to map entries Introduce XDP_REDIRECT support for eBPF programs attached to cpumap entries. This patch has been tested on Marvell ESPRESSObin using a modified version of xdp_redirect_cpu sample in order to attach a XDP program to CPUMAP entries to perform a redirect on the mvneta interface. In particular the following scenario has been tested: rq (cpu0) --> mvneta - XDP_REDIRECT (cpu0) --> CPUMAP - XDP_REDIRECT (cpu1) --> mvneta $./xdp_redirect_cpu -p xdp_cpu_map0 -d eth0 -c 1 -e xdp_redirect \ -f xdp_redirect_kern.o -m tx_port -r eth0 tx: 285.2 Kpps rx: 285.2 Kpps Attaching a simple XDP program on eth0 to perform XDP_TX gives comparable results: tx: 288.4 Kpps rx: 288.4 Kpps Co-developed-by: Jesper Dangaard Brouer Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Lorenzo Bianconi Signed-off-by: Daniel Borkmann Acked-by: Jesper Dangaard Brouer Link: https://lore.kernel.org/bpf/2cf8373a731867af302b00c4ff16c122630c4980.1594734381.git.lorenzo@kernel.org","include/net/xdp.h | 1 +; include/trace/events/xdp.h | 6 ++++--; kernel/bpf/cpumap.c | 17 +++++++++++++++--; 3 files changed, 20 insertions(+), 4 deletions(-)","Introduces XDP_REDIRECT support for cpumap in eBPF to enable packet redirection across CPUs.","XDP_REDIRECT, cpumap, eBPF","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"9216477449f33cdbc9c9a99d49f500b7fbb81702","9216477449f33cdbc9c9a99d49f500b7fbb81702","Lorenzo Bianconi","lorenzo@kernel.org","1594734998","Daniel Borkmann","daniel@iogearbox.net","1594911632","e4ee557ea02621c4b98694a53f3b94c4e03cdc73","644bfe51fa49c22244d24e896cd3fe3ee2f2cfd1","bpf: cpumap: Add the possibility to attach an eBPF program to cpumap Introduce the capability to attach an eBPF program to cpumap entries. The idea behind this feature is to add the possibility to define on which CPU run the eBPF program if the underlying hw does not support RSS. Current supported verdicts are XDP_DROP and XDP_PASS. This patch has been tested on Marvell ESPRESSObin using xdp_redirect_cpu sample available in the kernel tree to identify possible performance regressions. Results show there are no observable differences in packet-per-second: $./xdp_redirect_cpu --progname xdp_cpu_map0 --dev eth0 --cpu 1 rx: 354.8 Kpps rx: 356.0 Kpps rx: 356.8 Kpps rx: 356.3 Kpps rx: 356.6 Kpps rx: 356.6 Kpps rx: 356.7 Kpps rx: 355.8 Kpps rx: 356.8 Kpps rx: 356.8 Kpps Co-developed-by: Jesper Dangaard Brouer Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Lorenzo Bianconi Signed-off-by: Daniel Borkmann Acked-by: Jesper Dangaard Brouer Link: https://lore.kernel.org/bpf/5c9febdf903d810b3415732e5cd98491d7d9067a.1594734381.git.lorenzo@kernel.org","include/linux/bpf.h | 6 ++; include/net/xdp.h | 5 ++; include/trace/events/xdp.h | 14 +++--; include/uapi/linux/bpf.h | 5 ++; kernel/bpf/cpumap.c | 121 ++++++++++++++++++++++++++++++++++++-----; net/core/dev.c | 9 +++; tools/include/uapi/linux/bpf.h | 5 ++; 7 files changed, 148 insertions(+), 17 deletions(-)","This commit adds the ability to attach eBPF programs to cpumap entries for CPU-specific execution when hardware lacks RSS support.","eBPF,cpumap,XDP","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"644bfe51fa49c22244d24e896cd3fe3ee2f2cfd1","644bfe51fa49c22244d24e896cd3fe3ee2f2cfd1","Lorenzo Bianconi","lorenzo@kernel.org","1594734997","Daniel Borkmann","daniel@iogearbox.net","1594911632","70ade60a61ea7f007193c1b908817cae13c43638","a4e76f1bda8e7b358dc21f0f925b8a2c4c98e733","cpumap: Formalize map value as a named struct As it has been already done for devmap, introduce 'struct bpf_cpumap_val' to formalize the expected values that can be passed in for a CPUMAP. Update cpumap code to use the struct. Signed-off-by: Lorenzo Bianconi Signed-off-by: Daniel Borkmann Acked-by: Jesper Dangaard Brouer Link: https://lore.kernel.org/bpf/754f950674665dae6139c061d28c1d982aaf4170.1594734381.git.lorenzo@kernel.org","include/uapi/linux/bpf.h | 9 +++++++++; kernel/bpf/cpumap.c | 28 +++++++++++++++-------------; tools/include/uapi/linux/bpf.h | 9 +++++++++; 3 files changed, 33 insertions(+), 13 deletions(-)","Formalize cpumap values using a named struct in the eBPF subsystem.","cpumap, struct, bpf","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"a4e76f1bda8e7b358dc21f0f925b8a2c4c98e733","a4e76f1bda8e7b358dc21f0f925b8a2c4c98e733","Lorenzo Bianconi","lorenzo@kernel.org","1594734996","Daniel Borkmann","daniel@iogearbox.net","1594911631","5170106572cd3c8c610026a73d108321b76b0f0b","daa5cdc3fd08407048538585b2433601d4089a82","samples/bpf: xdp_redirect_cpu_user: Do not update bpf maps in option loop Do not update xdp_redirect_cpu maps running while option loop but defer it after all available options have been parsed. This is a preliminary patch to pass the program name we want to attach to the map entries as a user option Signed-off-by: Lorenzo Bianconi Signed-off-by: Daniel Borkmann Acked-by: Jesper Dangaard Brouer Link: https://lore.kernel.org/bpf/95dc46286fd2c609042948e04bb7ae1f5b425538.1594734381.git.lorenzo@kernel.org","samples/bpf/xdp_redirect_cpu_user.c | 36 +++++++++++++++++++++++++++---------; 1 file changed, 27 insertions(+), 9 deletions(-)","Defers updates to xdp_redirect_cpu maps until after all user options are parsed to accommodate program attachment.","xdp redirect maps","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"daa5cdc3fd08407048538585b2433601d4089a82","daa5cdc3fd08407048538585b2433601d4089a82","David Ahern","dsahern@kernel.org","1594734995","Daniel Borkmann","daniel@iogearbox.net","1594911631","76650a59735c33bfda6826fc86732ee86e7da8cc","9b74ebb2b0f259474da65fa0178c657e5fa5c640","net: Refactor xdp_convert_buff_to_frame Move the guts of xdp_convert_buff_to_frame to a new helper, xdp_update_frame_from_buff so it can be reused removing code duplication Suggested-by: Jesper Dangaard Brouer Co-developed-by: Lorenzo Bianconi Signed-off-by: Lorenzo Bianconi Signed-off-by: David Ahern Signed-off-by: Daniel Borkmann Acked-by: Jesper Dangaard Brouer Link: https://lore.kernel.org/bpf/90a68c283d7ebeb48924934c9b7ac79492300472.1594734381.git.lorenzo@kernel.org","include/net/xdp.h | 35 ++++++++++++++++++++++-------------; 1 file changed, 22 insertions(+), 13 deletions(-)","Refactor xdp_convert_buff_to_frame by creating reusable function xdp_update_frame_from_buff to reduce code duplication.","refactor, helper, duplication","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"9b74ebb2b0f259474da65fa0178c657e5fa5c640","9b74ebb2b0f259474da65fa0178c657e5fa5c640","Jesper Dangaard Brouer","brouer@redhat.com","1594734994","Daniel Borkmann","daniel@iogearbox.net","1594911631","7b9bb6908c13b0ab5e7eee616cff9c2762db5c78","59632b220f2d61df274ed3a14a204e941051fdad","cpumap: Use non-locked version __ptr_ring_consume_batched Commit 77361825bb01 (""bpf: cpumap use ptr_ring_consume_batched"") changed away from using single frame ptr_ring dequeue (__ptr_ring_consume) to consume a batched, but it uses a locked version, which as the comment explain isn't needed. Change to use the non-locked version __ptr_ring_consume_batched. Fixes: 77361825bb01 (""bpf: cpumap use ptr_ring_consume_batched"") Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Lorenzo Bianconi Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/a9c7d06f9a009e282209f0c8c7b2c5d9b9ad60b9.1594734381.git.lorenzo@kernel.org","kernel/bpf/cpumap.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","The commit updates cpumap to use a non-locked version of __ptr_ring_consume_batched improving efficiency.","cpumap, ptr_ring, non-locked","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"3a181237916310b2bbbad158d97933bb2b4e7552","3a181237916310b2bbbad158d97933bb2b4e7552","Balamuruhan S","bala24@linux.ibm.com","1592998236","Michael Ellerman","mpe@ellerman.id.au","1594869162","2850f1e662b7bc61371741820423b674acd20091","0654186510a40e7e1fa788cb941d1a156ba2dcb2","powerpc/ppc-opcode: Consolidate powerpc instructions from bpf_jit.h Move macro definitions of powerpc instructions from bpf_jit.h to ppc-opcode.h and adopt the users of the macros accordingly. `PPC_MR()` is defined twice in bpf_jit.h, remove the duplicate one. Signed-off-by: Balamuruhan S Tested-by: Naveen N. Rao Acked-by: Naveen N. Rao Acked-by: Sandipan Das Signed-off-by: Michael Ellerman Link: https://lore.kernel.org/r/20200624113038.908074-5-bala24@linux.ibm.com","arch/powerpc/include/asm/ppc-opcode.h | 85 +++++++++++; arch/powerpc/net/bpf_jit.h | 166 ++------------------; arch/powerpc/net/bpf_jit32.h | 24 +--; arch/powerpc/net/bpf_jit64.h | 12 +-; arch/powerpc/net/bpf_jit_comp.c | 132 ++++++++--------; arch/powerpc/net/bpf_jit_comp64.c | 278 +++++++++++++++++-----------------; 6 files changed, 324 insertions(+), 373 deletions(-)","Consolidate PowerPC instruction macros to ppc-opcode.h and remove duplicate definitions in bpf_jit.h.","PowerPC, macros, consolidation","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"0654186510a40e7e1fa788cb941d1a156ba2dcb2","0654186510a40e7e1fa788cb941d1a156ba2dcb2","Balamuruhan S","bala24@linux.ibm.com","1592998235","Michael Ellerman","mpe@ellerman.id.au","1594869162","be406ef1987380babae9ebfdb5b8c7c350729a26","1d33dd84080f4a430bde2fc363d9b70f0a010c19","powerpc/bpf_jit: Reuse instruction macros from ppc-opcode.h Remove duplicate macro definitions from bpf_jit.h and reuse the macros from ppc-opcode.h Signed-off-by: Balamuruhan S Tested-by: Naveen N. Rao Acked-by: Naveen N. Rao Acked-by: Sandipan Das Signed-off-by: Michael Ellerman Link: https://lore.kernel.org/r/20200624113038.908074-4-bala24@linux.ibm.com","arch/powerpc/net/bpf_jit.h | 18 +-----------------; arch/powerpc/net/bpf_jit32.h | 10 +++++-----; arch/powerpc/net/bpf_jit64.h | 4 ++--; arch/powerpc/net/bpf_jit_comp.c | 2 +-; arch/powerpc/net/bpf_jit_comp64.c | 20 ++++++++++----------; 5 files changed, 19 insertions(+), 35 deletions(-)","This commit removes duplicate instruction macros from bpf_jit.h and reuses macros from ppc-opcode.h for PowerPC BPF JIT.","instruction,macros,PowerPC","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"5b801dfb7feb2738975d80223efc2fc193e55573","5b801dfb7feb2738975d80223efc2fc193e55573","Peilin Ye","yepeilin.cs@gmail.com","1594750144","Daniel Borkmann","daniel@iogearbox.net","1594846419","b48c46430339fca6903d01995a8c6b5a57a9cf59","55b244221c3f17eb2ed51c8e39e4a01c523e4eee","bpf: Fix NULL pointer dereference in __btf_resolve_helper_id() Prevent __btf_resolve_helper_id() from dereferencing `btf_vmlinux` as NULL. This patch fixes the following syzbot bug: https://syzkaller.appspot.com/bug?id=f823224ada908fa5c207902a5a62065e53ca0fcc Reported-by: syzbot+ee09bda7017345f1fbe6@syzkaller.appspotmail.com Signed-off-by: Peilin Ye Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200714180904.277512-1-yepeilin.cs@gmail.com","kernel/bpf/btf.c | 5 +++++; 1 file changed, 5 insertions(+)","Fixes NULL pointer dereference in __btf_resolve_helper_id function in the eBPF btf.c file.","NULL,fixed,btf","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"8702624bd9472d85372d679fbdd705b91d9c4bbc","8702624bd9472d85372d679fbdd705b91d9c4bbc","Lee Jones","lee.jones@linaro.org","1594725342","Vinod Koul","vkoul@kernel.org","1594815647","28e3ff11989ebe2eb07d0f5d480a4924af4062e0","1c5933c5a98cc82e5baca48a45c06ffc79e4fb7e","dmaengine: nbpfaxi: Provide some missing attribute docs and split out slave info Fixes the following W=1 kernel build warning(s): drivers/dma/nbpfaxi.c:157: warning: Function parameter or member 'chan' not described in 'nbpf_desc' drivers/dma/nbpfaxi.c:220: warning: Function parameter or member 'tasklet' not described in 'nbpf_channel' drivers/dma/nbpfaxi.c:220: warning: Function parameter or member 'slave_src_addr' not described in 'nbpf_channel' drivers/dma/nbpfaxi.c:220: warning: Function parameter or member 'slave_src_width' not described in 'nbpf_channel' drivers/dma/nbpfaxi.c:220: warning: Function parameter or member 'slave_src_burst' not described in 'nbpf_channel' drivers/dma/nbpfaxi.c:220: warning: Function parameter or member 'slave_dst_addr' not described in 'nbpf_channel' drivers/dma/nbpfaxi.c:220: warning: Function parameter or member 'slave_dst_width' not described in 'nbpf_channel' drivers/dma/nbpfaxi.c:220: warning: Function parameter or member 'slave_dst_burst' not described in 'nbpf_channel' drivers/dma/nbpfaxi.c:220: warning: Function parameter or member 'running' not described in 'nbpf_channel' drivers/dma/nbpfaxi.c:220: warning: Function parameter or member 'paused' not described in 'nbpf_channel' Signed-off-by: Lee Jones Cc: Alexei Starovoitov Cc: Daniel Borkmann Cc: Martin KaFai Lau Cc: Song Liu Cc: Yonghong Song Cc: Andrii Nakryiko Cc: John Fastabend Cc: KP Singh Cc: Guennadi Liakhovetski Cc: netdev@vger.kernel.org Cc: bpf@vger.kernel.org Link: https://lore.kernel.org/r/20200714111546.1755231-14-lee.jones@linaro.org Signed-off-by: Vinod Koul ","drivers/dma/nbpfaxi.c | 13 ++++++++++---; 1 file changed, 10 insertions(+), 3 deletions(-)","The commit addresses missing documentation in dmaengine's nbpfaxi driver to fix kernel build warnings about function parameters.","documentation, dmaengine, nbpfaxi","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"df8201cc8be28097c49c134809c78f998b9a98b2","df8201cc8be28097c49c134809c78f998b9a98b2","David S. Miller","davem@davemloft.net","1594771252","David S. Miller","davem@davemloft.net","1594771252","4f82fd423f96e5f988cf7776a3e584cdc27a9959","81adcd65b685fb9ac6d16d89f1ed889f22b5777b 9326e0f85bfaf0578d40f5357f8143ec857469f5","Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next Alexei Starovoitov says: ==================== pull-request: bpf-next 2020-07-14 The following pull-request contains BPF updates for your *net-next* tree. We've added 21 non-merge commits during the last 1 day(s) which contain a total of 20 files changed, 308 insertions(+), 279 deletions(-). The main changes are: 1) Fix selftests/bpf build, from Alexei. 2) Fix resolve_btfids build issues, from Jiri. 3) Pull usermode-driver-cleanup set, from Eric. 4) Two minor fixes to bpfilter, from Alexei and Masahiro. ==================== Signed-off-by: David S. Miller ","","This commit merges various updates to the BPF subsystem with build fixes and cleanups.","merge,bpf,build","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"9326e0f85bfaf0578d40f5357f8143ec857469f5","9326e0f85bfaf0578d40f5357f8143ec857469f5","Masahiro Yamada","masahiroy@kernel.org","1593595604","Alexei Starovoitov","ast@kernel.org","1594755426","b608e7df549dc65400597477fc019153d3a8946b","a4fa458950b40d3849946daa32466392811a3716","bpfilter: Allow to build bpfilter_umh as a module without static library Originally, bpfilter_umh was linked with -static only when CONFIG_BPFILTER_UMH=y. Commit 8a2cc0505cc4 (""bpfilter: use 'userprogs' syntax to build bpfilter_umh"") silently, accidentally dropped the CONFIG_BPFILTER_UMH=y test in the Makefile. Revive it in order to link it dynamically when CONFIG_BPFILTER_UMH=m. Since commit b1183b6dca3e (""bpfilter: check if $(CC) can link static libc in Kconfig""), the compiler must be capable of static linking to enable CONFIG_BPFILTER_UMH, but it requires more than needed. To loosen the compiler requirement, I changed the dependency as follows: depends on CC_CAN_LINK depends on m || CC_CAN_LINK_STATIC If CONFIG_CC_CAN_LINK_STATIC in unset, CONFIG_BPFILTER_UMH is restricted to 'm' or 'n'. In theory, CONFIG_CC_CAN_LINK is not required for CONFIG_BPFILTER_UMH=y, but I did not come up with a good way to describe it. Fixes: 8a2cc0505cc4 (""bpfilter: use 'userprogs' syntax to build bpfilter_umh"") Reported-by: Michal Kubecek Signed-off-by: Masahiro Yamada Signed-off-by: Alexei Starovoitov Tested-by: Michal Kubecek Link: https://lore.kernel.org/bpf/20200701092644.762234-1-masahiroy@kernel.org","net/bpfilter/Kconfig | 10 ++++++----; net/bpfilter/Makefile | 2 ++; 2 files changed, 8 insertions(+), 4 deletions(-)","This commit allows bpfilter_umh to be built conditionally as a module with dynamic linking improving build flexibility.","bpfilter,module,linking","A build system or CI/CD change. It affects the build process continuous integration or deployment pipelines.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"a4fa458950b40d3849946daa32466392811a3716","a4fa458950b40d3849946daa32466392811a3716","Alexei Starovoitov","ast@kernel.org","1594755105","Alexei Starovoitov","ast@kernel.org","1594755105","46eeaafa4faa0f1ea594afb91227fdc829f9c800","ec2ffdf65f8b2b64f3f40062f0a24861b72cf39f","bpfilter: Initialize pos variable Make sure 'pos' is initialized to zero before calling kernel_write(). Fixes: d2ba09c17a06 (""net: add skeleton of bpfilter kernel module"") Signed-off-by: Alexei Starovoitov ","net/bpfilter/bpfilter_kern.c | 1 +; 1 file changed, 1 insertion(+)","This commit initializes the 'pos' variable to zero before calling kernel_write in the bpfilter kernel module.","bpfilter, initialize, pos","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","It's not related to any above. E.g. It affects a logic component in eBPF that is not listed here and not related to other events.","[""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"ec2ffdf65f8b2b64f3f40062f0a24861b72cf39f","ec2ffdf65f8b2b64f3f40062f0a24861b72cf39f","Alexei Starovoitov","ast@kernel.org","1594754281","Alexei Starovoitov","ast@kernel.org","1594754281","abf9938a2452964a9f2d39b2501f78fe90f7dbe2","11bb2f7a45909f4f64afe471875672ae1b84a380 f06b71fe4d4cd0a4ad7e183b777564f696f6bb36","Merge branch 'usermode-driver-cleanup' of git://git.kernel.org/pub/scm/linux/kernel/git/ebiederm/user-namespace into bpf-next","","The commit merges the 'usermode-driver-cleanup' branch into the bpf-next branch.","merge, usermode, bpf","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"11bb2f7a45909f4f64afe471875672ae1b84a380","11bb2f7a45909f4f64afe471875672ae1b84a380","Jiri Olsa","jolsa@kernel.org","1594722334","Alexei Starovoitov","ast@kernel.org","1594747231","cef1bd07a1a9a88e3cf568ef9d676a458e30a765","079ef53673f2e3b3ee1728800311f20f28eed4f7","bpf: Fix cross build for CONFIG_DEBUG_INFO_BTF option Stephen and 0-DAY CI Kernel Test Service reported broken cross build for arm (arm-linux-gnueabi-gcc (GCC) 9.3.0), with following output: /tmp/ccMS5uth.s: Assembler messages: /tmp/ccMS5uth.s:69: Error: unrecognized symbol type """" /tmp/ccMS5uth.s:82: Error: unrecognized symbol type """" Having '@object' for .type diretive is wrong because '@' is comment character for some architectures. Using STT_OBJECT instead that should work everywhere. Also using HOST* variables to build resolve_btfids so it's properly build in crossbuilds (stolen from objtool's Makefile). Reported-by: kernel test robot Reported-by: Stephen Rothwell Signed-off-by: Jiri Olsa Signed-off-by: Alexei Starovoitov Tested-by: Geert Uytterhoeven Link: https://lore.kernel.org/bpf/20200714102534.299280-2-jolsa@kernel.org","include/linux/btf_ids.h | 2 +-; tools/bpf/resolve_btfids/Makefile | 14 ++++++++++++++; 2 files changed, 15 insertions(+), 1 deletion(-)","The commit fixes cross-building issues for CONFIG_DEBUG_INFO_BTF on ARM by using STT_OBJECT and adjusting Makefile variables.","cross-build, ARM, STT_OBJECT","A build system or CI/CD change. It affects the build process continuous integration or deployment pipelines.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","It's not related to any above. E.g. It affects a logic component in eBPF that is not listed here and not related to other events.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"079ef53673f2e3b3ee1728800311f20f28eed4f7","079ef53673f2e3b3ee1728800311f20f28eed4f7","Jiri Olsa","jolsa@kernel.org","1594722333","Alexei Starovoitov","ast@kernel.org","1594747231","95055f93a2154cbb0ffa02a322bb66b1cf8e19d6","f7d40ee7eff8fde2b0701b80c2aa3ba354f8f520","bpf: Fix build for disabled CONFIG_DEBUG_INFO_BTF option Stephen reported following linker warnings on powerpc build: ld: warning: orphan section `.BTF_ids' from `kernel/trace/bpf_trace.o' being placed in section `.BTF_ids' ld: warning: orphan section `.BTF_ids' from `kernel/bpf/btf.o' being placed in section `.BTF_ids' ld: warning: orphan section `.BTF_ids' from `kernel/bpf/stackmap.o' being placed in section `.BTF_ids' ld: warning: orphan section `.BTF_ids' from `net/core/filter.o' being placed in section `.BTF_ids' ld: warning: orphan section `.BTF_ids' from `kernel/trace/bpf_trace.o' being placed in section `.BTF_ids' It's because we generated .BTF_ids section even when CONFIG_DEBUG_INFO_BTF is not enabled. Fixing this by generating empty btf_id arrays for this case. Reported-by: Stephen Rothwell Signed-off-by: Jiri Olsa Signed-off-by: Alexei Starovoitov Tested-by: Geert Uytterhoeven Link: https://lore.kernel.org/bpf/20200714102534.299280-1-jolsa@kernel.org","include/linux/btf_ids.h | 9 +++++++++; 1 file changed, 9 insertions(+)","This commit resolves linker warnings on powerpc by generating empty BTF ID arrays when CONFIG_DEBUG_INFO_BTF is disabled.","linker,CONFIG_DEBUG_INFO_BTF,BTF_ids","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"f7d40ee7eff8fde2b0701b80c2aa3ba354f8f520","f7d40ee7eff8fde2b0701b80c2aa3ba354f8f520","Alexei Starovoitov","ast@kernel.org","1594698948","Alexei Starovoitov","ast@kernel.org","1594699165","a6a6f2e3e6710b5c863b463b070969b71ae7f34d","07dd1b7e68e4b83a1004b14dffd7e142c0bc79bd","selftests/bpf: Fix merge conflict resolution Remove double definition of structs. Fixes: 71930d61025e (""Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net"") Signed-off-by: Alexei Starovoitov ","tools/testing/selftests/bpf/progs/bpf_iter_netlink.c | 14 --------------; 1 file changed, 14 deletions(-)","The commit resolves a merge conflict by removing duplicate struct definitions in eBPF selftests.","merge, conflict, resolution","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"07dd1b7e68e4b83a1004b14dffd7e142c0bc79bd","07dd1b7e68e4b83a1004b14dffd7e142c0bc79bd","David S. Miller","davem@davemloft.net","1594688645","David S. Miller","davem@davemloft.net","1594688645","06a5898494308d55fcecbb3dff647d93c01afe47","bfe4c40333065639cf0f364b8ea9e93270781699 8afb259a9840fa953efb9a7835356a083ac8ec74","Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next Alexei Starovoitov says: ==================== pull-request: bpf-next 2020-07-13 The following pull-request contains BPF updates for your *net-next* tree. We've added 36 non-merge commits during the last 7 day(s) which contain a total of 62 files changed, 2242 insertions(+), 468 deletions(-). The main changes are: 1) Avoid trace_printk warning banner by switching bpf_trace_printk to use its own tracing event, from Alan. 2) Better libbpf support on older kernels, from Andrii. 3) Additional AF_XDP stats, from Ciara. 4) build time resolution of BTF IDs, from Jiri. 5) BPF_CGROUP_INET_SOCK_RELEASE hook, from Stanislav. ==================== Signed-off-by: David S. Miller ","","This commit merges BPF updates into the net-next tree including features like better libbpf support and additional AF_XDP stats.","merge,BPF,updates","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"8afb259a9840fa953efb9a7835356a083ac8ec74","8afb259a9840fa953efb9a7835356a083ac8ec74","Alexei Starovoitov","ast@kernel.org","1594685263","Alexei Starovoitov","ast@kernel.org","1594685324","79a7e9cabc285400476b921dbdaa4bba220fa46e","207a573c04755d5ef83e89ee1b3e4941f000acbd 0b20933d8cfe2bf6473e9b581b5d1ed9a2117ecc","Merge branch 'strip-mods-from-global-vars' Andrii Nakryiko says: ==================== Fix bpftool logic of stripping away const/volatile modifiers for all global variables during BPF skeleton generation. See patch #1 for details on when existing logic breaks and why it's important. Support special .strip_mods=true mode in btf_dump__emit_type_decl. Recent example of when this has caused problems can be found in [0]. [0] https://github.com/iovisor/bcc/pull/2994#issuecomment-650588533 ==================== Signed-off-by: Alexei Starovoitov ","","Merged changes to fix bpftool logic for handling const/volatile modifiers in BPF skeleton generation.","bpftool,const,volatile","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"0b20933d8cfe2bf6473e9b581b5d1ed9a2117ecc","0b20933d8cfe2bf6473e9b581b5d1ed9a2117ecc","Andrii Nakryiko","andriin@fb.com","1594682649","Alexei Starovoitov","ast@kernel.org","1594685263","79a7e9cabc285400476b921dbdaa4bba220fa46e","7c819e701382d4969ca4837b8cbe157895f5d0bf","tools/bpftool: Strip away modifiers from global variables Reliably remove all the type modifiers from read-only (.rodata) global variable definitions, including cases of inner field const modifiers and arrays of const values. Also modify one of selftests to ensure that const volatile struct doesn't prevent user-space from modifying .rodata variable. Fixes: 985ead416df3 (""bpftool: Add skeleton codegen command"") Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200713232409.3062144-3-andriin@fb.com","tools/bpf/bpftool/gen.c | 23 ++++++++++-------------; tools/lib/bpf/btf.h | 2 +-; tools/testing/selftests/bpf/prog_tests/skeleton.c | 6 +++---; tools/testing/selftests/bpf/progs/test_skeleton.c | 6 ++++--; 4 files changed, 18 insertions(+), 19 deletions(-)","Improve bpftool by removing type modifiers from global variable definitions in .rodata for reliability.","bpftool,modifiers,rodata","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"7c819e701382d4969ca4837b8cbe157895f5d0bf","7c819e701382d4969ca4837b8cbe157895f5d0bf","Andrii Nakryiko","andriin@fb.com","1594682648","Alexei Starovoitov","ast@kernel.org","1594685263","46a48d1f8ea402e2848f8ccbb5b44a6c1d66bf62","207a573c04755d5ef83e89ee1b3e4941f000acbd","libbpf: Support stripping modifiers for btf_dump One important use case when emitting const/volatile/restrict is undesirable is BPF skeleton generation of DATASEC layout. These are further memory-mapped and can be written/read from user-space directly. For important case of .rodata variables, bpftool strips away first-level modifiers, to make their use on user-space side simple and not requiring extra type casts to override compiler complaining about writing to const variables. This logic works mostly fine, but breaks in some more complicated cases. E.g.: const volatile int params[10]; Because in BTF it's a chain of ARRAY -> CONST -> VOLATILE -> INT, bpftool stops at ARRAY and doesn't strip CONST and VOLATILE. In skeleton this variable will be emitted as is. So when used from user-space, compiler will complain about writing to const array. This is problematic, as also mentioned in [0]. To solve this for arrays and other non-trivial cases (e.g., inner const/volatile fields inside the struct), teach btf_dump to strip away any modifier, when requested. This is done as an extra option on btf_dump__emit_type_decl() API. Reported-by: Anton Protopopov Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200713232409.3062144-2-andriin@fb.com","tools/lib/bpf/btf.h | 2 ++; tools/lib/bpf/btf_dump.c | 10 ++++++++--; 2 files changed, 10 insertions(+), 2 deletions(-)","The commit improves libbpf's btf_dump to handle modifier stripping for correct BPF skeleton generation and usage.","libbpf,btf_dump,modifiers","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"207a573c04755d5ef83e89ee1b3e4941f000acbd","207a573c04755d5ef83e89ee1b3e4941f000acbd","Alexei Starovoitov","ast@kernel.org","1594684549","Alexei Starovoitov","ast@kernel.org","1594684730","9add8fdea634ba08ed2a57cae8da34e497eed9e5","93776cb9ee91aeed43ba53dcec97ffed4ae6f1f7 59e8b60bf068180fcadb0ae06ce8f6f835132ce6","Merge branch 'trace_printk-banner-remove' Alan Maguire says: ==================== Steven suggested a way to resolve the appearance of the warning banner that appears as a result of using trace_printk() in BPF [1]. Applying the patch and testing reveals all works as expected; we can call bpf_trace_printk() and see the trace messages in /sys/kernel/debug/tracing/trace_pipe and no banner message appears. Also add a test prog to verify basic bpf_trace_printk() helper behaviour. Changes since v2: - fixed stray newline in bpf_trace_printk(), use sizeof(buf) rather than #defined value in vsnprintf() (Daniel, patch 1) - Daniel also pointed out that vsnprintf() returns 0 on error rather than a negative value; also turns out that a null byte is not appended if the length of the string written is zero, so to fix for cases where the string to be traced is zero length we set the null byte explicitly (Daniel, patch 1) - switch to using getline() for retrieving lines from trace buffer to ensure we don't read a portion of the search message in one read() operation and then fail to find it (Andrii, patch 2) Changes since v1: - reorder header inclusion in bpf_trace.c (Steven, patch 1) - trace zero-length messages also (Andrii, patch 1) - use a raw spinlock to ensure there are no issues for PREMMPT_RT kernels when using bpf_trace_printk() within other raw spinlocks (Steven, patch 1) - always enable bpf_trace_printk() tracepoint when loading programs using bpf_trace_printk() as this will ensure that a user disabling that tracepoint will not prevent tracing output from being logged (Steven, patch 1) - use ""tp/raw_syscalls/sys_enter"" and a usleep(1) to trigger events in the selftest ensuring test runs faster (Andrii, patch 2) [1] https://lore.kernel.org/r/20200628194334.6238b933@oasis.local.home ==================== Signed-off-by: Alexei Starovoitov ","","The commit merges changes to remove the trace_printk() warning banner in BPF and enhances tracing functionality with bpf_trace_printk().","trace_printk, merge, tracing","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', ""It's likely a merge commit. It involves changes across multiple use cases or events."", ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"59e8b60bf068180fcadb0ae06ce8f6f835132ce6","59e8b60bf068180fcadb0ae06ce8f6f835132ce6","Alan Maguire","alan.maguire@oracle.com","1594641154","Alexei Starovoitov","ast@kernel.org","1594684549","9add8fdea634ba08ed2a57cae8da34e497eed9e5","ac5a72ea5c8989871e61f6bb0852e0f91de51ebe","selftests/bpf: Add selftests verifying bpf_trace_printk() behaviour Simple selftests that verifies bpf_trace_printk() returns a sensible value and tracing messages appear. Signed-off-by: Alan Maguire Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/1594641154-18897-3-git-send-email-alan.maguire@oracle.com",".../selftests/bpf/prog_tests/trace_printk.c | 75 ++++++++++++++++++++++; tools/testing/selftests/bpf/progs/trace_printk.c | 21 ++++++; 2 files changed, 96 insertions(+)","The commit adds selftests to verify the behavior of bpf_trace_printk() in eBPF.","selftests,bpf_trace_printk,verifying","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"ac5a72ea5c8989871e61f6bb0852e0f91de51ebe","ac5a72ea5c8989871e61f6bb0852e0f91de51ebe","Alan Maguire","alan.maguire@oracle.com","1594641153","Alexei Starovoitov","ast@kernel.org","1594684549","dca6c9b98c6653937db455e2c6948e86e3274064","93776cb9ee91aeed43ba53dcec97ffed4ae6f1f7","bpf: Use dedicated bpf_trace_printk event instead of trace_printk() The bpf helper bpf_trace_printk() uses trace_printk() under the hood. This leads to an alarming warning message originating from trace buffer allocation which occurs the first time a program using bpf_trace_printk() is loaded. We can instead create a trace event for bpf_trace_printk() and enable it in-kernel when/if we encounter a program using the bpf_trace_printk() helper. With this approach, trace_printk() is not used directly and no warning message appears. This work was started by Steven (see Link) and finished by Alan; added Steven's Signed-off-by with his permission. Signed-off-by: Steven Rostedt (VMware) Signed-off-by: Alan Maguire Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/r/20200628194334.6238b933@oasis.local.home Link: https://lore.kernel.org/bpf/1594641154-18897-2-git-send-email-alan.maguire@oracle.com","kernel/trace/Makefile | 2 ++; kernel/trace/bpf_trace.c | 42 +++++++++++++++++++++++++++++++++++++-----; kernel/trace/bpf_trace.h | 34 ++++++++++++++++++++++++++++++++++; 3 files changed, 73 insertions(+), 5 deletions(-)","This commit adds a dedicated bpf_trace_printk event to remove trace buffer allocation warnings.","bpf_trace_printk, trace_event, buffer_allocation","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"93776cb9ee91aeed43ba53dcec97ffed4ae6f1f7","93776cb9ee91aeed43ba53dcec97ffed4ae6f1f7","Andrii Nakryiko","andriin@fb.com","1594423564","Alexei Starovoitov","ast@kernel.org","1594680065","5634f14c3bbe16a5edc4fcff14b81b49abfaf090","7c4bf5fe55ccd106e9c87553e95ea46dcc04c854","tools/bpftool: Remove warning about PID iterator support Don't emit warning that bpftool was built without PID iterator support. This error garbles JSON output of otherwise perfectly valid show commands. Reported-by: Andrey Ignatov Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200710232605.20918-1-andriin@fb.com","tools/bpf/bpftool/pids.c | 1 -; 1 file changed, 1 deletion(-)","The commit removes a warning in bpftool related to PID iterator support to avoid JSON output issues.","bpftool, warning, JSON","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"0d80cb4612aa32dc0faa17fa3ab6f96f33e2b4a7","0d80cb4612aa32dc0faa17fa3ab6f96f33e2b4a7","Ciara Loftus","ciara.loftus@intel.com","1594193315","Alexei Starovoitov","ast@kernel.org","1594679576","e623617e4cb293fd0a0c98047493c580de65f9a6","b36c3206f9ef3ea2844e9092c12d29c0d1f56c54","xsk: Add xdp statistics to xsk_diag Add xdp statistics to the information dumped through the xsk_diag interface Signed-off-by: Ciara Loftus Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200708072835.4427-4-ciara.loftus@intel.com","include/uapi/linux/xdp_diag.h | 11 +++++++++++; net/xdp/xsk_diag.c | 17 +++++++++++++++++; 2 files changed, 28 insertions(+)","The commit adds XDP statistics to the xsk_diag interface to enhance monitoring of XDP socket operations.","xdp, statistics, xsk_diag","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', 'Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"b36c3206f9ef3ea2844e9092c12d29c0d1f56c54","b36c3206f9ef3ea2844e9092c12d29c0d1f56c54","Ciara Loftus","ciara.loftus@intel.com","1594193314","Alexei Starovoitov","ast@kernel.org","1594679576","5e623949d3348abf4d22bc114e9cdb982bc9c3b2","8aa5a33578e9685d06020bd10d1637557423e945","samples: bpf: Add an option for printing extra statistics in xdpsock Introduce the --extra-stats (or simply -x) flag to the xdpsock application which prints additional statistics alongside the regular rx and tx counters. The new statistics printed report error conditions eg. rx ring full, invalid descriptors, etc. Signed-off-by: Ciara Loftus Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200708072835.4427-3-ciara.loftus@intel.com","samples/bpf/xdpsock_user.c | 87 ++++++++++++++++++++++++++++++++++++++++++++--; 1 file changed, 85 insertions(+), 2 deletions(-)","The commit introduces an option to print additional error-related statistics in the xdpsock application.","extra,statistics,xdpsock","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"8aa5a33578e9685d06020bd10d1637557423e945","8aa5a33578e9685d06020bd10d1637557423e945","Ciara Loftus","ciara.loftus@intel.com","1594193313","Alexei Starovoitov","ast@kernel.org","1594679576","848b7defe21085b2fbd44cc2acc42a2a769c01d4","24a38b7c0c2c17f7b86c29f82beb7f2779704ca3","xsk: Add new statistics It can be useful for the user to know the reason behind a dropped packet. Introduce new counters which track drops on the receive path caused by: 1. rx ring being full 2. fill ring being empty Also, on the tx path introduce a counter which tracks the number of times we attempt pull from the tx ring when it is empty. Signed-off-by: Ciara Loftus Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200708072835.4427-2-ciara.loftus@intel.com","include/net/xdp_sock.h | 4 ++++; include/uapi/linux/if_xdp.h | 5 ++++-; net/xdp/xsk.c | 36 +++++++++++++++++++++++++++++++-----; net/xdp/xsk_buff_pool.c | 1 +; net/xdp/xsk_queue.h | 6 ++++++; tools/include/uapi/linux/if_xdp.h | 5 ++++-; 6 files changed, 50 insertions(+), 7 deletions(-)","The commit adds new statistics to track packet drop reasons in XDP socket paths.","statistics,dropped_packet,counters","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', 'Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"24a38b7c0c2c17f7b86c29f82beb7f2779704ca3","24a38b7c0c2c17f7b86c29f82beb7f2779704ca3","Alexei Starovoitov","ast@kernel.org","1594662123","Alexei Starovoitov","ast@kernel.org","1594675857","72725e347309aa4c0ad196b34978f359c54d2ab6","eef8a42d6ce087d1c81c960ae0d14f955b742feb cc15a20d5f3abc3cbd7911b70156b7b9e2bc7d41","Merge branch 'resolve_btfids' Jiri Olsa says: ==================== This patchset adds: - support to generate BTF ID lists that are resolved during kernel linking and usable within kernel code with following macros: BTF_ID_LIST(bpf_skb_output_btf_ids) BTF_ID(struct, sk_buff) and access it in kernel code via: extern u32 bpf_skb_output_btf_ids[]; - resolve_btfids tool that scans elf object for .BTF_ids section and resolves its symbols with BTF ID values - resolving of bpf_ctx_convert struct and several other objects with BTF_ID_LIST v7 changes: - added more acks [Andrii] - added some name-conflicting entries and fixed resolve_btfids to process them properly [Andrii] - changed bpf_get_task_stack_proto to use BTF_IDS_LIST/BTF_ID macros [Andrii] - fixed selftest build for resolve_btfids test ==================== Signed-off-by: Alexei Starovoitov ","","This commit merges changes that add support for generating and resolving BTF ID lists in eBPF.","BTF ID,resolve,merge","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"cc15a20d5f3abc3cbd7911b70156b7b9e2bc7d41","cc15a20d5f3abc3cbd7911b70156b7b9e2bc7d41","Jiri Olsa","jolsa@kernel.org","1594504409","Alexei Starovoitov","ast@kernel.org","1594662123","72725e347309aa4c0ad196b34978f359c54d2ab6","e5a0516ec9681daf5c1f0d05144d21430b6ca6d7","selftests/bpf: Add test for resolve_btfids Adding resolve_btfids test under test_progs suite. It's possible to use btf_ids.h header and its logic in user space application, so we can add easy test for it. The test defines BTF_ID_LIST and checks it gets properly resolved. For this reason the test_progs binary (and other binaries that use TRUNNER* macros) is processed with resolve_btfids tool, which resolves BTF IDs in .BTF_ids section. The BTF data are taken from btf_data.o object rceated from progs/btf_data.c. Signed-off-by: Jiri Olsa Signed-off-by: Alexei Starovoitov Tested-by: Andrii Nakryiko Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200711215329.41165-10-jolsa@kernel.org","tools/testing/selftests/bpf/Makefile | 15 ++-; .../selftests/bpf/prog_tests/resolve_btfids.c | 111 +++++++++++++++++++++; tools/testing/selftests/bpf/progs/btf_data.c | 50 ++++++++++; 3 files changed, 175 insertions(+), 1 deletion(-)","This commit adds a new test for resolve_btfids in the selftests/bpf suite using the test_progs framework.","resolve_btfids,test_progs,BTF_ID_LIST","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"e5a0516ec9681daf5c1f0d05144d21430b6ca6d7","e5a0516ec9681daf5c1f0d05144d21430b6ca6d7","Jiri Olsa","jolsa@kernel.org","1594504408","Alexei Starovoitov","ast@kernel.org","1594662123","ec98e40e43922f3c43a35232dce59a068597aa2f","232ce4be295743deb2cf9a7cf9c60a4fde367964","tools headers: Adopt verbatim copy of btf_ids.h from kernel sources It will be needed by bpf selftest for resolve_btfids tool. Also adding __PASTE macro as btf_ids.h dependency, which is defined in: include/linux/compiler_types.h but because tools/include do not have this header, I'm putting the macro into linux/compiler.h header. Signed-off-by: Jiri Olsa Signed-off-by: Alexei Starovoitov Tested-by: Andrii Nakryiko Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200711215329.41165-9-jolsa@kernel.org","tools/include/linux/btf_ids.h | 87 ++++++++++++++++++++++++++++++++++++++++++; tools/include/linux/compiler.h | 4 ++; 2 files changed, 91 insertions(+)","The commit copies btf_ids.h from kernel sources to tools headers for bpf selftest purposes.","btf_ids, selftest, macro","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"232ce4be295743deb2cf9a7cf9c60a4fde367964","232ce4be295743deb2cf9a7cf9c60a4fde367964","Jiri Olsa","jolsa@kernel.org","1594504407","Alexei Starovoitov","ast@kernel.org","1594662123","2aa14d6bc698905419ca9670f381c83bb56fc340","49f4e6720748c778795df62d222d0200b61345be","bpf: Add info about .BTF_ids section to btf.rst Updating btf.rst doc with info about .BTF_ids section Signed-off-by: Jiri Olsa Signed-off-by: Alexei Starovoitov Tested-by: Andrii Nakryiko Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200711215329.41165-8-jolsa@kernel.org","Documentation/bpf/btf.rst | 36 ++++++++++++++++++++++++++++++++++++; 1 file changed, 36 insertions(+)","Updated documentation with details about the .BTF_ids section in btf.rst.","BTF_ids,documentation,update","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"49f4e6720748c778795df62d222d0200b61345be","49f4e6720748c778795df62d222d0200b61345be","Jiri Olsa","jolsa@kernel.org","1594504406","Alexei Starovoitov","ast@kernel.org","1594662123","d1b5032be766b4d837480db5940ee275d1596a0d","138b9a0511c789f2451ff1d80e7fd3f9eef3a9e3","bpf: Use BTF_ID to resolve bpf_ctx_convert struct This way the ID is resolved during compile time, and we can remove the runtime name search. Signed-off-by: Jiri Olsa Signed-off-by: Alexei Starovoitov Tested-by: Andrii Nakryiko Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200711215329.41165-7-jolsa@kernel.org","kernel/bpf/btf.c | 14 ++++++--------; 1 file changed, 6 insertions(+), 8 deletions(-)","The commit optimizes bpf_ctx_convert by using BTF_ID for compile-time resolution to eliminate runtime overhead.","BTF_ID,compile-time,bpf_ctx_convert","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"138b9a0511c789f2451ff1d80e7fd3f9eef3a9e3","138b9a0511c789f2451ff1d80e7fd3f9eef3a9e3","Jiri Olsa","jolsa@kernel.org","1594504405","Alexei Starovoitov","ast@kernel.org","1594662122","bbe0800a9162eba4fcb9bb38dbfe8d0f4bfb096a","c9a0f3b85e09dd16665b639cb884490410619434","bpf: Remove btf_id helpers resolving Now when we moved the helpers btf_id arrays into .BTF_ids section, we can remove the code that resolve those IDs in runtime. Signed-off-by: Jiri Olsa Signed-off-by: Alexei Starovoitov Tested-by: Andrii Nakryiko Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200711215329.41165-6-jolsa@kernel.org","kernel/bpf/btf.c | 89 ++++----------------------------------------------------; 1 file changed, 5 insertions(+), 84 deletions(-)","The commit removes runtime BTF ID resolution code after transitioning the helpers to a dedicated section.","remove,bpf,btf","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"c9a0f3b85e09dd16665b639cb884490410619434","c9a0f3b85e09dd16665b639cb884490410619434","Jiri Olsa","jolsa@kernel.org","1594504404","Alexei Starovoitov","ast@kernel.org","1594662122","d0f83e40d55fa26ed0b96aee69fcb66fc521be3f","5a2798ab32ba2952cfe25701ee460bccbd434c75","bpf: Resolve BTF IDs in vmlinux image Using BTF_ID_LIST macro to define lists for several helpers using BTF arguments. And running resolve_btfids on vmlinux elf object during linking, so the .BTF_ids section gets the IDs resolved. Signed-off-by: Jiri Olsa Signed-off-by: Alexei Starovoitov Tested-by: Andrii Nakryiko Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200711215329.41165-5-jolsa@kernel.org","Makefile | 3 ++-; kernel/bpf/stackmap.c | 5 ++++-; kernel/trace/bpf_trace.c | 9 +++++++--; net/core/filter.c | 9 +++++++--; scripts/link-vmlinux.sh | 6 ++++++; 5 files changed, 26 insertions(+), 6 deletions(-)","This commit introduces BTF ID resolution in vmlinux to enhance helper function use with BTF arguments.","BTF,resolve,helpers","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"5a2798ab32ba2952cfe25701ee460bccbd434c75","5a2798ab32ba2952cfe25701ee460bccbd434c75","Jiri Olsa","jolsa@kernel.org","1594504403","Alexei Starovoitov","ast@kernel.org","1594662122","129a8daa75fe60daa836cdf4de8a5418311de5a9","33a57ce0a54d498275f432db04850001175dfdfa","bpf: Add BTF_ID_LIST/BTF_ID/BTF_ID_UNUSED macros Adding support to generate .BTF_ids section that will hold BTF ID lists for verifier. Adding macros that will help to define lists of BTF ID values placed in .BTF_ids section. They are initially filled with zeros (during compilation) and resolved later during the linking phase by resolve_btfids tool. Following defines list of one BTF ID value: BTF_ID_LIST(bpf_skb_output_btf_ids) BTF_ID(struct, sk_buff) It also defines following variable to access the list: extern u32 bpf_skb_output_btf_ids[]; The BTF_ID_UNUSED macro defines 4 zero bytes. It's used when we want to define 'unused' entry in BTF_ID_LIST, like: BTF_ID_LIST(bpf_skb_output_btf_ids) BTF_ID(struct, sk_buff) BTF_ID_UNUSED BTF_ID(struct, task_struct) Suggested-by: Andrii Nakryiko Signed-off-by: Jiri Olsa Signed-off-by: Alexei Starovoitov Tested-by: Andrii Nakryiko Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200711215329.41165-4-jolsa@kernel.org","include/asm-generic/vmlinux.lds.h | 4 ++; include/linux/btf_ids.h | 87 +++++++++++++++++++++++++++++++++++++++; 2 files changed, 91 insertions(+)","Introduce macros for managing BTF ID lists in .BTF_ids section for eBPF verifier.","BTF_ID_LIST macros verifier","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"33a57ce0a54d498275f432db04850001175dfdfa","33a57ce0a54d498275f432db04850001175dfdfa","Jiri Olsa","jolsa@kernel.org","1594504402","Alexei Starovoitov","ast@kernel.org","1594662122","07cbabf9b2eb8fc391f7e0c904f8cfe0f1ec8ef4","fbbb68de80a45ad66b66600bee275485c5073aa7","bpf: Compile resolve_btfids tool at kernel compilation start The resolve_btfids tool will be used during the vmlinux linking, so it's necessary it's ready for it. Signed-off-by: Jiri Olsa Signed-off-by: Alexei Starovoitov Tested-by: Andrii Nakryiko Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200711215329.41165-3-jolsa@kernel.org","Makefile | 22 ++++++++++++++++++----; tools/Makefile | 3 +++; tools/bpf/Makefile | 9 ++++++++-; 3 files changed, 29 insertions(+), 5 deletions(-)","Resolve_btfids tool compilation is incorporated at kernel build start to support vmlinux linking.","resolve_btfids, compilation, vmlinux","A build system or CI/CD change. It affects the build process continuous integration or deployment pipelines.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"fbbb68de80a45ad66b66600bee275485c5073aa7","fbbb68de80a45ad66b66600bee275485c5073aa7","Jiri Olsa","jolsa@kernel.org","1594504401","Alexei Starovoitov","ast@kernel.org","1594662122","e18521a9caf782322baba389d26d67617043d41f","eef8a42d6ce087d1c81c960ae0d14f955b742feb","bpf: Add resolve_btfids tool to resolve BTF IDs in ELF object The resolve_btfids tool scans elf object for .BTF_ids section and resolves its symbols with BTF ID values. It will be used to during linking time to resolve arrays of BTF ID values used in verifier, so these IDs do not need to be resolved in runtime. The expected layout of .BTF_ids section is described in main.c header. Related kernel changes are coming in following changes. Build issue reported by 0-DAY CI Kernel Test Service. Signed-off-by: Jiri Olsa Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200711215329.41165-2-jolsa@kernel.org","tools/bpf/resolve_btfids/Build | 10 +; tools/bpf/resolve_btfids/Makefile | 77 ++++; tools/bpf/resolve_btfids/main.c | 721 ++++++++++++++++++++++++++++++++++++++; 3 files changed, 808 insertions(+)","The resolve_btfids tool is introduced to resolve BTF IDs in ELF objects during build time to avoid runtime resolution.","resolve_btfids,BTF,ELF","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"5a764898afec0bc097003e8c3e727792289f76d6","5a764898afec0bc097003e8c3e727792289f76d6","Linus Torvalds","torvalds@linux-foundation.org","1594430182","Linus Torvalds","torvalds@linux-foundation.org","1594430182","5e5ffde9c63913705b2869046458af8bd485c16e","9321f1aaf63e74ec3884347490e4ebb039f01b6e 1195c7cebb95081d809f81a27b21829573cbd4a8","Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net Pull networking fixes from David Miller: 1) Restore previous behavior of CAP_SYS_ADMIN wrt loading networking BPF programs, from Maciej Żenczykowski. 2) Fix dropped broadcasts in mac80211 code, from Seevalamuthu Mariappan. 3) Slay memory leak in nl80211 bss color attribute parsing code, from Luca Coelho. 4) Get route from skb properly in ip_route_use_hint(), from Miaohe Lin. 5) Don't allow anything other than ARPHRD_ETHER in llc code, from Eric Dumazet. 6) xsk code dips too deeply into DMA mapping implementation internals. Add dma_need_sync and use it. From Christoph Hellwig 7) Enforce power-of-2 for BPF ringbuf sizes. From Andrii Nakryiko. 8) Check for disallowed attributes when loading flow dissector BPF programs. From Lorenz Bauer. 9) Correct packet injection to L3 tunnel devices via AF_PACKET, from Jason A. Donenfeld. 10) Don't advertise checksum offload on ipa devices that don't support it. From Alex Elder. 11) Resolve several issues in TCP MD5 signature support. Missing memory barriers, bogus options emitted when using syncookies, and failure to allow md5 key changes in established states. All from Eric Dumazet. 12) Fix interface leak in hsr code, from Taehee Yoo. 13) VF reset fixes in hns3 driver, from Huazhong Tan. 14) Make loopback work again with ipv6 anycast, from David Ahern. 15) Fix TX starvation under high load in fec driver, from Tobias Waldekranz. 16) MLD2 payload lengths not checked properly in bridge multicast code, from Linus Lüssing. 17) Packet scheduler code that wants to find the inner protocol currently only works for one level of VLAN encapsulation. Allow Q-in-Q situations to work properly here, from Toke Høiland-Jørgensen. 18) Fix route leak in l2tp, from Xin Long. 19) Resolve conflict between the sk->sk_user_data usage of bpf reuseport support and various protocols. From Martin KaFai Lau. 20) Fix socket cgroup v2 reference counting in some situations, from Cong Wang. 21) Cure memory leak in mlx5 connection tracking offload support, from Eli Britstein. * git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (146 commits) mlxsw: pci: Fix use-after-free in case of failed devlink reload mlxsw: spectrum_router: Remove inappropriate usage of WARN_ON() net: macb: fix call to pm_runtime in the suspend/resume functions net: macb: fix macb_suspend() by removing call to netif_carrier_off() net: macb: fix macb_get/set_wol() when moving to phylink net: macb: mark device wake capable when ""magic-packet"" property present net: macb: fix wakeup test in runtime suspend/resume routines bnxt_en: fix NULL dereference in case SR-IOV configuration fails libbpf: Fix libbpf hashmap on (I)LP32 architectures net/mlx5e: CT: Fix memory leak in cleanup net/mlx5e: Fix port buffers cell size value net/mlx5e: Fix 50G per lane indication net/mlx5e: Fix CPU mapping after function reload to avoid aRFS RX crash net/mlx5e: Fix VXLAN configuration restore after function reload net/mlx5e: Fix usage of rcu-protected pointer net/mxl5e: Verify that rpriv is not NULL net/mlx5: E-Switch, Fix vlan or qos setting in legacy mode net/mlx5: Fix eeprom support for SFP module cgroup: Fix sock_cgroup_data on big-endian. selftests: bpf: Fix detach from sockmap tests ...","","The commit merges networking fixes from various developers into the main kernel tree.","merge, networking, fixes","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"55b244221c3f17eb2ed51c8e39e4a01c523e4eee","55b244221c3f17eb2ed51c8e39e4a01c523e4eee","Jean-Philippe Brucker","jean-philippe@linaro.org","1594393480","Daniel Borkmann","daniel@iogearbox.net","1594423935","4c990166cbf8213a7aab7b6ee0e9cd1715be62d4","c8b1d7436045d3599bae56aef1682813ecccaad7","selftests/bpf: Fix cgroup sockopt verifier test Since the BPF_PROG_TYPE_CGROUP_SOCKOPT verifier test does not set an attach type, bpf_prog_load_check_attach() disallows loading the program and the test is always skipped: #434/p perfevent for cgroup sockopt SKIP (unsupported program type 25) Fix the issue by setting a valid attach type. Fixes: 0456ea170cd6 (""bpf: Enable more helpers for BPF_PROG_TYPE_CGROUP_{DEVICE,SYSCTL,SOCKOPT}"") Signed-off-by: Jean-Philippe Brucker Signed-off-by: Daniel Borkmann Reviewed-by: Jakub Sitnicki Link: https://lore.kernel.org/bpf/20200710150439.126627-1-jean-philippe@linaro.org","tools/testing/selftests/bpf/verifier/event_output.c | 1 +; 1 file changed, 1 insertion(+)","The commit fixes a BPF_PROG_TYPE_CGROUP_SOCKOPT test by setting a valid attach type.","cgroup sockopt verifier","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"279ed8900079831ba436007dbc5e24530f026ce2","279ed8900079831ba436007dbc5e24530f026ce2","Kees Cook","keescook@chromium.org","1591898928","Kees Cook","keescook@chromium.org","1594422112","a6167d1f9d55716660bf851c8111e144e50cbf79","cf8918dba2de7315a5878a56818a89cb899132da","selftests/seccomp: Rename user_trap_syscall() to user_notif_syscall() The user_trap_syscall() helper creates a filter with SECCOMP_RET_USER_NOTIF. To avoid confusion with SECCOMP_RET_TRAP, rename the helper to user_notif_syscall(). Cc: Andy Lutomirski Cc: Will Drewry Cc: Shuah Khan Cc: Alexei Starovoitov Cc: Daniel Borkmann Cc: Martin KaFai Lau Cc: Song Liu Cc: Yonghong Song Cc: Andrii Nakryiko Cc: John Fastabend Cc: KP Singh Cc: linux-kselftest@vger.kernel.org Cc: netdev@vger.kernel.org Cc: bpf@vger.kernel.org Signed-off-by: Kees Cook ","tools/testing/selftests/seccomp/seccomp_bpf.c | 46 +++++++++++++--------------; 1 file changed, 23 insertions(+), 23 deletions(-)","This commit renames a helper function in selftests seccomp to eliminate confusion with SECCOMP_RET_TRAP.","seccomp,helper,rename","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"cf8918dba2de7315a5878a56818a89cb899132da","cf8918dba2de7315a5878a56818a89cb899132da","Kees Cook","keescook@chromium.org","1591898541","Kees Cook","keescook@chromium.org","1594422112","fb62d2cf9d4b4ee3506bbcf27c04bf47a5e5eef2","e68f9d49dda1744d548426c8b4335a8d693a36d0","selftests/seccomp: Make kcmp() less required The seccomp tests are a bit noisy without CONFIG_CHECKPOINT_RESTORE (due to missing the kcmp() syscall). The seccomp tests are more accurate with kcmp(), but it's not strictly required. Refactor the tests to use alternatives (comparing fd numbers), and provide a central test for kcmp() so there is a single SKIP instead of many. Continue to produce warnings for the other tests, though. Additionally adds some more bad flag EINVAL tests to the addfd selftest. Cc: Andy Lutomirski Cc: Will Drewry Cc: Shuah Khan Cc: Alexei Starovoitov Cc: Daniel Borkmann Cc: Martin KaFai Lau Cc: Song Liu Cc: Yonghong Song Cc: Andrii Nakryiko Cc: John Fastabend Cc: KP Singh Cc: linux-kselftest@vger.kernel.org Cc: netdev@vger.kernel.org Cc: bpf@vger.kernel.org Signed-off-by: Kees Cook ","tools/testing/selftests/seccomp/seccomp_bpf.c | 58 ++++++++++++++++++---------; 1 file changed, 38 insertions(+), 20 deletions(-)","The commit refactors seccomp tests for missing kcmp syscall and adds more error tests.","seccomp,kcmp,refactor","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"eef8a42d6ce087d1c81c960ae0d14f955b742feb","eef8a42d6ce087d1c81c960ae0d14f955b742feb","Wenbo Zhang","ethercflow@gmail.com","1594372835","Daniel Borkmann","daniel@iogearbox.net","1594416325","cb2deede30a7bd2f068726f62d7678c319a62366","5c3320d7fece4612d4a413aa3c8e82cdb5b49fcb","bpf: Fix fds_example SIGSEGV error The `BPF_LOG_BUF_SIZE`'s value is `UINT32_MAX >> 8`, so define an array with it on stack caused an overflow. Signed-off-by: Wenbo Zhang Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200710092035.28919-1-ethercflow@gmail.com","samples/bpf/fds_example.c | 3 ++-; 1 file changed, 2 insertions(+), 1 deletion(-)","Fixes a SIGSEGV error in fds_example by correcting BPF_LOG_BUF_SIZE usage to prevent stack overflow.","SIGSEGV,BPF_LOG_BUF_SIZE,overflow","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"45ae836f8a257599ae11873e2642101a96b40a4c","45ae836f8a257599ae11873e2642101a96b40a4c","David S. Miller","davem@davemloft.net","1594415263","David S. Miller","davem@davemloft.net","1594415263","78f6840a6e8991be13c14f95313012a42e27d800","ca68d5637aaff64d4838f609708ecf592d67bfe0 b2f9f1535bb93ee5fa2ea30ac1c26fa0d676154c","Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf Alexei Starovoitov says: ==================== pull-request: bpf 2020-07-09 The following pull-request contains BPF updates for your *net* tree. We've added 4 non-merge commits during the last 1 day(s) which contain a total of 4 files changed, 26 insertions(+), 15 deletions(-). The main changes are: 1) fix crash in libbpf on 32-bit archs, from Jakub and Andrii. 2) fix crash when l2tp and bpf_sk_reuseport conflict, from Martin. ==================== Signed-off-by: David S. Miller ","","The commit merges BPF subsystem updates into the net tree, addressing crashes in libbpf and l2tp conflicting with bpf_sk_reuseport.","merge,BPF,fix","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"b1b11d0063aab28aaf65f63cff56470bc01dc290","b1b11d0063aab28aaf65f63cff56470bc01dc290","Linus Torvalds","torvalds@linux-foundation.org","1594399515","Linus Torvalds","torvalds@linux-foundation.org","1594399515","11c80d3317990b4bc7d1128c63fc63f444deca3b","1bfde037425d91d1d615d30ec362f5f5c1ca0dd2 775802c0571fb438cd4f6548a323f9e4cb89f5aa","Merge tag 'cleanup-kernel_read_write' of git://git.infradead.org/users/hch/misc Pull in-kernel read and write op cleanups from Christoph Hellwig: ""Cleanup in-kernel read and write operations Reshuffle the (__)kernel_read and (__)kernel_write helpers, and ensure all users of in-kernel file I/O use them if they don't use iov_iter based methods already. The new WARN_ONs in combination with syzcaller already found a missing input validation in 9p. The fix should be on your way through the maintainer ASAP"". [ This is prep-work for the real changes coming 5.9 ] * tag 'cleanup-kernel_read_write' of git://git.infradead.org/users/hch/misc: fs: remove __vfs_read fs: implement kernel_read using __kernel_read integrity/ima: switch to using __kernel_read fs: add a __kernel_read helper fs: remove __vfs_write fs: implement kernel_write using __kernel_write fs: check FMODE_WRITE in __kernel_write fs: unexport __kernel_write bpfilter: switch to kernel_write autofs: switch to kernel_write cachefiles: switch to kernel_write","","The commit merges in-kernel read and write operation cleanups from Christoph Hellwig for future updates.","merge, kernel, read_write","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","I'm not sure about the implementation component of the commit. The component affected by It is unclear.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"5c3320d7fece4612d4a413aa3c8e82cdb5b49fcb","5c3320d7fece4612d4a413aa3c8e82cdb5b49fcb","Andrii Nakryiko","andriin@fb.com","1594343423","Daniel Borkmann","daniel@iogearbox.net","1594391075","f3a1592c19c8d4b1502b06a352d598a24b498b82","2977282b63c3b6f112145ecf0bcefff0c65bd3ac","libbpf: Fix memory leak and optimize BTF sanitization Coverity's static analysis helpfully reported a memory leak introduced by 0f0e55d8247c (""libbpf: Improve BTF sanitization handling""). While fixing it, I realized that btf__new() already creates a memory copy, so there is no need to do this. So this patch also fixes misleading btf__new() signature to make data into a `const void *` input parameter. And it avoids unnecessary memory allocation and copy in BTF sanitization code altogether. Fixes: 0f0e55d8247c (""libbpf: Improve BTF sanitization handling"") Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200710011023.1655008-1-andriin@fb.com","tools/lib/bpf/btf.c | 2 +-; tools/lib/bpf/btf.h | 2 +-; tools/lib/bpf/libbpf.c | 11 +++--------; 3 files changed, 5 insertions(+), 10 deletions(-)","This commit resolves a memory leak and optimizes BTF sanitization in libbpf.","memory leak, BTF, optimization","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"5f634c8e401df25c479c8d07ed575804059c3826","5f634c8e401df25c479c8d07ed575804059c3826","Ian Rogers","irogers@google.com","1594156489","Arnaldo Carvalho de Melo","acme@redhat.com","1594384422","5ddbf80371b7690e383d32ce81d68b00a4ed91f3","7eeb9855c1a4e6037bb1237a2a68ff1ee7aa4e67","perf parse-events: Report BPF errors Setting the parse_events_error directly doesn't increment num_errors causing the error message not to be displayed. Use the parse_events__handle_error function that sets num_errors and handle multiple errors. Committer notes: Ian provided a before/after upon request: Before: $ /tmp/perf/perf record -e /tmp/perf/util/parse-events.o Run 'perf list' for a list of valid events Usage: perf record [] [] or: perf record [] -- [] -e, --event event selector. use 'perf list' to list available event After: $ /tmp/perf/perf record -e /tmp/perf/util/parse-events.o event syntax error: '/tmp/perf/util/parse-events.o' \___ Failed to load /tmp/perf/util/parse-events.o: BPF object format invalid (add -v to see detail) Run 'perf list' for a list of valid events Usage: perf record [] [] or: perf record [] -- [] -e, --event event selector. use 'perf list' to list available events Signed-off-by: Ian Rogers Acked-by: Jiri Olsa Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Alexei Starovoitov Cc: Andrii Nakryiko Cc: bpf@vger.kernel.org Cc: Daniel Borkmann Cc: John Fastabend Cc: KP Singh Cc: Leo Yan Cc: Mark Rutland Cc: Martin KaFai Lau Cc: Namhyung Kim Cc: netdev@vger.kernel.org Cc: Peter Zijlstra Cc: Song Liu Cc: Stephane Eranian Cc: Yonghong Song Link: http://lore.kernel.org/lkml/20200707211449.3868944-1-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/util/parse-events.c | 38 ++++++++++++++++++++------------------; 1 file changed, 20 insertions(+), 18 deletions(-)","This commit fixes BPF error reporting in perf parse-events by using a function that increments num_errors.","BPF,error,perf","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.']" +"b2f9f1535bb93ee5fa2ea30ac1c26fa0d676154c","b2f9f1535bb93ee5fa2ea30ac1c26fa0d676154c","Jakub Bogusz","qboosh@pld-linux.org","1594335443","Alexei Starovoitov","ast@kernel.org","1594348735","2e875e49560069cea681049e70f0dc7ec38ca24c","f43cb0d672aa8eb09bfdb779de5900c040487d1d","libbpf: Fix libbpf hashmap on (I)LP32 architectures On ILP32, 64-bit result was shifted by value calculated for 32-bit long type and returned value was much outside hashmap capacity. As advised by Andrii Nakryiko, this patch uses different hashing variant for architectures with size_t shorter than long long. Fixes: e3b924224028 (""libbpf: add resizable non-thread safe internal hashmap"") Signed-off-by: Jakub Bogusz Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200709225723.1069937-1-andriin@fb.com","tools/lib/bpf/hashmap.h | 12 ++++++++----; 1 file changed, 8 insertions(+), 4 deletions(-)","Fix libbpf hashmap issue on ILP32 architectures by using a different hashing variant.","libbpf,ILP32,hashmap","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"f43cb0d672aa8eb09bfdb779de5900c040487d1d","f43cb0d672aa8eb09bfdb779de5900c040487d1d","Lorenz Bauer","lmb@cloudflare.com","1594295511","Daniel Borkmann","daniel@iogearbox.net","1594330897","7091bfdbb53f352d9e692aeb7d245cfab7807d70","c9a368f1c0fbe2e3a21ebf231caeae58b18b2681","selftests: bpf: Fix detach from sockmap tests Fix sockmap tests which rely on old bpf_prog_dispatch behaviour. In the first case, the tests check that detaching without giving a program succeeds. Since these are not the desired semantics, invert the condition. In the second case, the clean up code doesn't supply the necessary program fds. Fixes: bb0de3131f4c (""bpf: sockmap: Require attach_bpf_fd when detaching a program"") Reported-by: Martin KaFai Lau Signed-off-by: Lorenz Bauer Signed-off-by: Daniel Borkmann Reviewed-by: Jakub Sitnicki Link: https://lore.kernel.org/bpf/20200709115151.75829-1-lmb@cloudflare.com","tools/testing/selftests/bpf/test_maps.c | 12 ++++++------; 1 file changed, 6 insertions(+), 6 deletions(-)","The commit addresses issues in sockmap tests by correcting detachment semantics and ensuring proper program file descriptor usage.","sockmap,detach,selftests","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"ce69fb3b392fbfd6c255aeb0ee371652478c716f","ce69fb3b392fbfd6c255aeb0ee371652478c716f","Linus Torvalds","torvalds@linux-foundation.org","1594325370","Linus Torvalds","torvalds@linux-foundation.org","1594325370","d043b0839d524c54f6b74b134ee6fb6f5dbaf3b2","0bddd227f3dc55975e2b8dfa7fc6f959b062a2c7 2c79583927bb8154ecaa45a67dde97661d895ecd","Merge tag 'kallsyms_show_value-v5.8-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux Pull kallsyms fix from Kees Cook: ""Refactor kallsyms_show_value() users for correct cred. I'm not delighted by the timing of getting these changes to you, but it does fix a handful of kernel address exposures, and no one has screamed yet at the patches. Several users of kallsyms_show_value() were performing checks not during ""open"". Refactor everything needed to gain proper checks against file->f_cred for modules, kprobes, and bpf"" * tag 'kallsyms_show_value-v5.8-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/kees/linux: selftests: kmod: Add module address visibility test bpf: Check correct cred for CAP_SYSLOG in bpf_dump_raw_ok() kprobes: Do not expose probe addresses to non-CAP_SYSLOG module: Do not expose section addresses to non-CAP_SYSLOG module: Refactor section attr into bin attribute kallsyms: Refactor kallsyms_show_value() to take cred","","This commit merges fixes for kernel address exposures related to kallsyms, modules, kprobes, and bpf.","kallsyms,modules,bpf","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","['kprobe/ftrace like type kernel dynamic probe programs. It affects kernel-level probes used for tracing kernel functions. It can be other kernel probes in perf-events.', ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here."", ""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"c9a368f1c0fbe2e3a21ebf231caeae58b18b2681","c9a368f1c0fbe2e3a21ebf231caeae58b18b2681","Martin KaFai Lau","kafai@fb.com","1594275070","Daniel Borkmann","daniel@iogearbox.net","1594325011","a447f0db6ed016bd9fe2c64692fcb01f88657102","f3dda7a679df183e798b86e7b6ec05ab35476de3","bpf: net: Avoid incorrect bpf_sk_reuseport_detach call bpf_sk_reuseport_detach is currently called when sk->sk_user_data is not NULL. It is incorrect because sk->sk_user_data may not be managed by the bpf's reuseport_array. It has been reported in [1] that, the bpf_sk_reuseport_detach() which is called from udp_lib_unhash() has corrupted the sk_user_data managed by l2tp. This patch solves it by using another bit (defined as SK_USER_DATA_BPF) of the sk_user_data pointer value. It marks that a sk_user_data is managed/owned by BPF. The patch depends on a PTRMASK introduced in commit f1ff5ce2cd5e (""net, sk_msg: Clear sk_user_data pointer on clone if tagged""). [ Note: sk->sk_user_data is used by bpf's reuseport_array only when a sk is added to the bpf's reuseport_array. i.e. doing setsockopt(SO_REUSEPORT) and having ""sk->sk_reuseport == 1"" alone will not stop sk->sk_user_data being used by other means. ] [1]: https://lore.kernel.org/netdev/20200706121259.GA20199@katalix.com/ Fixes: 5dc4c4b7d4e8 (""bpf: Introduce BPF_MAP_TYPE_REUSEPORT_SOCKARRAY"") Reported-by: James Chapman Reported-by: syzbot+9f092552ba9a5efca5df@syzkaller.appspotmail.com Signed-off-by: Martin KaFai Lau Signed-off-by: Daniel Borkmann Tested-by: James Chapman Acked-by: James Chapman Link: https://lore.kernel.org/bpf/20200709061110.4019316-1-kafai@fb.com","include/net/sock.h | 3 ++-; kernel/bpf/reuseport_array.c | 5 +++--; 2 files changed, 5 insertions(+), 3 deletions(-)","This commit fixes incorrect management of sk_user_data by using a bit to check if it's managed by BPF.","bpf,sk_user_data,fix","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"f3dda7a679df183e798b86e7b6ec05ab35476de3","f3dda7a679df183e798b86e7b6ec05ab35476de3","Martin KaFai Lau","kafai@fb.com","1594275064","Daniel Borkmann","daniel@iogearbox.net","1594325011","5546f846bf465d85da12656e19b9fa40d20c180b","365f9ae4ee36037e2a9268fe7296065356840b4c","bpf: net: Avoid copying sk_user_data of reuseport_array during sk_clone It makes little sense for copying sk_user_data of reuseport_array during sk_clone_lock(). This patch reuses the SK_USER_DATA_NOCOPY bit introduced in commit f1ff5ce2cd5e (""net, sk_msg: Clear sk_user_data pointer on clone if tagged""). It is used to mark the sk_user_data is not supposed to be copied to its clone. Although the cloned sk's sk_user_data will not be used/freed in bpf_sk_reuseport_detach(), this change can still allow the cloned sk's sk_user_data to be used by some other means. Freeing the reuseport_array's sk_user_data does not require a rcu grace period. Thus, the existing rcu_assign_sk_user_data_nocopy() is not used. Fixes: 5dc4c4b7d4e8 (""bpf: Introduce BPF_MAP_TYPE_REUSEPORT_SOCKARRAY"") Signed-off-by: Martin KaFai Lau Signed-off-by: Daniel Borkmann Reviewed-by: Jakub Sitnicki Link: https://lore.kernel.org/bpf/20200709061104.4018798-1-kafai@fb.com","kernel/bpf/reuseport_array.c | 13 +++++++++----; 1 file changed, 9 insertions(+), 4 deletions(-)","This commit fixes the unnecessary copying of sk_user_data during socket cloning in reuseport_array.","sk_user_data, reuseport_array, sk_clone","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"63960260457a02af2a6cb35d75e6bdb17299c882","63960260457a02af2a6cb35d75e6bdb17299c882","Kees Cook","keescook@chromium.org","1593729923","Kees Cook","keescook@chromium.org","1594249281","f228a9c11508b12047dba30ae47457d4043955ea","60f7bb66b88b649433bf700acfc60c3f24953871","bpf: Check correct cred for CAP_SYSLOG in bpf_dump_raw_ok() When evaluating access control over kallsyms visibility, credentials at open() time need to be used, not the ""current"" creds (though in BPF's case, this has likely always been the same). Plumb access to associated file->f_cred down through bpf_dump_raw_ok() and its callers now that kallsysm_show_value() has been refactored to take struct cred. Cc: Alexei Starovoitov Cc: Daniel Borkmann Cc: bpf@vger.kernel.org Cc: stable@vger.kernel.org Fixes: 7105e828c087 (""bpf: allow for correlation of maps and helpers in dump"") Signed-off-by: Kees Cook ","include/linux/filter.h | 4 ++--; kernel/bpf/syscall.c | 37 +++++++++++++++++++++----------------; net/core/sysctl_net_core.c | 2 +-; 3 files changed, 24 insertions(+), 19 deletions(-)","The commit fixes credential handling for CAP_SYSLOG checks in bpf_dump_raw_ok() by using credentials from open time.","credentials,CAP_SYSLOG,bpf_dump_raw_ok","A bug fix. It primarily resolves a bug or issue in the code.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"2977282b63c3b6f112145ecf0bcefff0c65bd3ac","2977282b63c3b6f112145ecf0bcefff0c65bd3ac","Daniel Borkmann","daniel@iogearbox.net","1594248286","Daniel Borkmann","daniel@iogearbox.net","1594248297","d9de3685e5905e5ecd571e3bd12c1ba1089af49e","b8c50df0cb3eb9008f8372e4ff0317eee993b8d1 6984cbc6dfa280687367b9660d8c830518239851","Merge branch 'bpf-libbpf-old-kernel' Andrii Nakryiko says: ==================== This patch set improves libbpf's support of old kernels, missing features like BTF support, global variables support, etc. Most critical one is a silent drop of CO-RE relocations if libbpf fails to load BTF (despite sanitization efforts). This is frequently the case for kernels that have no BTF support whatsoever. There are still useful BPF applications that could work on such kernels and do rely on CO-RE. To that end, this series revamps the way BTF is handled in libbpf. Failure to load BTF into kernel doesn't prevent libbpf from using BTF in its full capability (e.g., for CO-RE relocations) internally. Another issue that was identified was reliance of perf_buffer__new() on BPF_OBJ_GET_INFO_BY_FD command, which is more recent that perf_buffer support itself. Furthermore, BPF_OBJ_GET_INFO_BY_FD is needed just for some sanity checks to provide better user errors, so could be safely omitted if kernel doesn't provide it. Perf_buffer selftest was adjusted to use skeleton, instead of bpf_prog_load(). The latter uses BPF_F_TEST_RND_HI32 flag, which is a relatively recent addition and unnecessary fails selftest in libbpf's Travis CI tests. By using skeleton we both get a shorter selftest and it work on pretty ancient kernels, giving better libbpf test coverage. One new selftest was added that relies on basic CO-RE features, but otherwise doesn't expect any recent features (like global variables) from kernel. Again, it's good to have better coverage of old kernels in libbpf testing. ==================== Signed-off-by: Daniel Borkmann ","","This commit enhances libbpf support for older kernels by addressing BTF and CO-RE compatibility issues.","libbpf,BTF,CO-RE","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"6984cbc6dfa280687367b9660d8c830518239851","6984cbc6dfa280687367b9660d8c830518239851","Andrii Nakryiko","andriin@fb.com","1594173198","Daniel Borkmann","daniel@iogearbox.net","1594248285","d9de3685e5905e5ecd571e3bd12c1ba1089af49e","0e289487308236903b19273f2ddb4f0adf732b9e","selftests/bpf: Switch perf_buffer test to tracepoint and skeleton Switch perf_buffer test to use skeleton to avoid use of bpf_prog_load() and make test a bit more succinct. Also switch BPF program to use tracepoint instead of kprobe, as that allows to support older kernels, which had tracepoint support before kprobe support in the form that libbpf expects (i.e., libbpf expects /sys/bus/event_source/devices/kprobe/type, which doesn't always exist on old kernels). Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200708015318.3827358-7-andriin@fb.com",".../testing/selftests/bpf/prog_tests/perf_buffer.c | 42 +++++++---------------; .../testing/selftests/bpf/progs/test_perf_buffer.c | 4 +--; 2 files changed, 14 insertions(+), 32 deletions(-)","The commit updates the perf_buffer selftest to use tracepoints and skeleton for compatibility with older kernels.","perf_buffer,tracepoint,skeleton","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"0e289487308236903b19273f2ddb4f0adf732b9e","0e289487308236903b19273f2ddb4f0adf732b9e","Andrii Nakryiko","andriin@fb.com","1594173197","Daniel Borkmann","daniel@iogearbox.net","1594248285","c90853607b25de230a8a343f38b222d66f72ec0e","fcda189a5133b6fe50eb63d1062a15be4df9e3de","libbpf: Handle missing BPF_OBJ_GET_INFO_BY_FD gracefully in perf_buffer perf_buffer__new() is relying on BPF_OBJ_GET_INFO_BY_FD availability for few sanity checks. OBJ_GET_INFO for maps is actually much more recent feature than perf_buffer support itself, so this causes unnecessary problems on old kernels before BPF_OBJ_GET_INFO_BY_FD was added. This patch makes those sanity checks optional and just assumes best if command is not supported. If user specified something incorrectly (e.g., wrong map type), kernel will reject it later anyway, except user won't get a nice explanation as to why it failed. This seems like a good trade off for supporting perf_buffer on old kernels. Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200708015318.3827358-6-andriin@fb.com","tools/lib/bpf/libbpf.c | 31 ++++++++++++++++++++-----------; 1 file changed, 20 insertions(+), 11 deletions(-)","The commit modifies libbpf to handle missing BPF_OBJ_GET_INFO_BY_FD for perf_buffer gracefully on older kernels.","libbpf, perf_buffer, kernels","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"fcda189a5133b6fe50eb63d1062a15be4df9e3de","fcda189a5133b6fe50eb63d1062a15be4df9e3de","Andrii Nakryiko","andriin@fb.com","1594173196","Daniel Borkmann","daniel@iogearbox.net","1594248285","bc66bc67426d8b6b4b35b8975a97520badf712c7","0f0e55d8247c0742a9b026fc097fcc605383b9db","selftests/bpf: Add test relying only on CO-RE and no recent kernel features Add a test that relies on CO-RE, but doesn't expect any of the recent features, not available on old kernels. This is useful for Travis CI tests running against very old kernels (e.g., libbpf has 4.9 kernel testing now), to verify that CO-RE still works, even if kernel itself doesn't support BTF yet, as long as there is .BTF embedded into vmlinux image by pahole. Given most of CO-RE doesn't require any kernel awareness of BTF, it is a useful test to validate that libbpf's BTF sanitization is working well even with ancient kernels. Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200708015318.3827358-5-andriin@fb.com",".../testing/selftests/bpf/prog_tests/core_retro.c | 33 ++++++++++++++++++++++; .../testing/selftests/bpf/progs/test_core_retro.c | 30 ++++++++++++++++++++; 2 files changed, 63 insertions(+)","The commit adds a selftest for CO-RE to ensure functionality on older kernels without recent features.","CO-RE,selftest,BTF","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"0f0e55d8247c0742a9b026fc097fcc605383b9db","0f0e55d8247c0742a9b026fc097fcc605383b9db","Andrii Nakryiko","andriin@fb.com","1594173195","Daniel Borkmann","daniel@iogearbox.net","1594248284","a794d4216116e3b2bdcc42cd21021546799a1682","81372e121802fd57892a0b44d93cc747d9568627","libbpf: Improve BTF sanitization handling Change sanitization process to preserve original BTF, which might be used by libbpf itself for Kconfig externs, CO-RE relocs, etc, even if kernel is old and doesn't support BTF. To achieve that, if libbpf detects the need for BTF sanitization, it would clone original BTF, sanitize it in-place, attempt to load it into kernel, and if successful, will preserve loaded BTF FD in original `struct btf`, while freeing sanitized local copy. If kernel doesn't support any BTF, original btf and btf_ext will still be preserved to be used later for CO-RE relocation and other BTF-dependent libbpf features, which don't dependon kernel BTF support. Patch takes care to not specify BTF and BTF.ext features when loading BPF programs and/or maps, if it was detected that kernel doesn't support BTF features. Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200708015318.3827358-4-andriin@fb.com","tools/lib/bpf/libbpf.c | 103 ++++++++++++++++++++++++++++---------------------; 1 file changed, 58 insertions(+), 45 deletions(-)","The commit enhances BTF sanitization in libbpf by preserving original BTF for CO-RE and Kconfig externs in older kernels.","BTF,libbpf,sanitization","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"81372e121802fd57892a0b44d93cc747d9568627","81372e121802fd57892a0b44d93cc747d9568627","Andrii Nakryiko","andriin@fb.com","1594173194","Daniel Borkmann","daniel@iogearbox.net","1594248284","08df7675a75b4633d886ad3c740fd1845bc27294","bfc96656a766bd0566565d8a7b6232b2b036fdfb","libbpf: Add btf__set_fd() for more control over loaded BTF FD Add setter for BTF FD to allow application more fine-grained control in more advanced scenarios. Storing BTF FD inside `struct btf` provides little benefit and probably would be better done differently (e.g., btf__load() could just return FD on success), but we are stuck with this due to backwards compatibility. The main problem is that it's impossible to load BTF and than free user-space memory, but keep FD intact, because `struct btf` assumes ownership of that FD upon successful load and will attempt to close it during btf__free(). To allow callers (e.g., libbpf itself for BTF sanitization) to have more control over this, add btf__set_fd() to allow to reset FD arbitrarily, if necessary. Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200708015318.3827358-3-andriin@fb.com","tools/lib/bpf/btf.c | 7 ++++++-; tools/lib/bpf/btf.h | 1 +; tools/lib/bpf/libbpf.map | 1 +; 3 files changed, 8 insertions(+), 1 deletion(-)","This commit enhances libbpf by adding a function for setting BTF file descriptors, improving control over BTF memory and FD management.","btf,libbpf,set_fd","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"bfc96656a766bd0566565d8a7b6232b2b036fdfb","bfc96656a766bd0566565d8a7b6232b2b036fdfb","Andrii Nakryiko","andriin@fb.com","1594173193","Daniel Borkmann","daniel@iogearbox.net","1594248284","368722cb251a4c8c744be6006b2a650e6938af72","b8c50df0cb3eb9008f8372e4ff0317eee993b8d1","libbpf: Make BTF finalization strict With valid ELF and valid BTF, there is no reason (apart from bugs) why BTF finalization should fail. So make it strict and return error if it fails. This makes CO-RE relocation more reliable, as they are not going to be just silently skipped, if BTF finalization failed. Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200708015318.3827358-2-andriin@fb.com","tools/lib/bpf/libbpf.c | 16 ++++------------; 1 file changed, 4 insertions(+), 12 deletions(-)","The commit makes BTF finalization strict in libbpf to ensure reliable CO-RE relocation and error handling.","BTF, CO-RE, libbpf","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"b8c50df0cb3eb9008f8372e4ff0317eee993b8d1","b8c50df0cb3eb9008f8372e4ff0317eee993b8d1","Jesper Dangaard Brouer","brouer@redhat.com","1594105945","Daniel Borkmann","daniel@iogearbox.net","1594247733","fc555b91bf4d84ab7bbac23fe87ef543fe1111b0","3220fb667842a9725cbb71656f406eadb03c094b","selftests/bpf: test_progs avoid minus shell exit codes There are a number of places in test_progs that use minus-1 as the argument to exit(). This is confusing as a process exit status is masked to be a number between 0 and 255 as defined in man exit(3). Thus, users will see status 255 instead of minus-1. This patch use positive exit code 3 instead of minus-1. These cases are put in the same group of infrastructure setup errors. Fixes: fd27b1835e70 (""selftests/bpf: Reset process and thread affinity after each test/sub-test"") Fixes: 811d7e375d08 (""bpf: selftests: Restore netns after each test"") Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/159410594499.1093222.11080787853132708654.stgit@firesoul","tools/testing/selftests/bpf/test_progs.c | 9 +++++----; 1 file changed, 5 insertions(+), 4 deletions(-)","The commit modifies test_progs to use positive exit codes instead of -1 to avoid confusion in exit status reporting.","test_progs,exit_code,selftests","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"3220fb667842a9725cbb71656f406eadb03c094b","3220fb667842a9725cbb71656f406eadb03c094b","Jesper Dangaard Brouer","brouer@redhat.com","1594105939","Daniel Borkmann","daniel@iogearbox.net","1594247728","ac1467c3fce6f81258d4583bbaaf81302544a2d2","625eb8e85e913273cd9441329a82b4e3496b30cd","selftests/bpf: test_progs use another shell exit on non-actions This is a follow up adjustment to commit 6c92bd5cd465 (""selftests/bpf: Test_progs indicate to shell on non-actions""), that returns shell exit indication EXIT_FAILURE (value 1) when user selects a non-existing test. The problem with using EXIT_FAILURE is that a shell script cannot tell the difference between a non-existing test and the test failing. This patch uses value 2 as shell exit indication. (Aside note unrecognized option parameters use value 64). Fixes: 6c92bd5cd465 (""selftests/bpf: Test_progs indicate to shell on non-actions"") Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/159410593992.1093222.90072558386094370.stgit@firesoul","tools/testing/selftests/bpf/test_progs.c | 4 +++-; 1 file changed, 3 insertions(+), 1 deletion(-)","This commit modifies the shell exit status to differentiate between non-existing and failing tests in BPF selftests.","selftests,BPF,shell","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"625eb8e85e913273cd9441329a82b4e3496b30cd","625eb8e85e913273cd9441329a82b4e3496b30cd","Louis Peens","louis.peens@netronome.com","1594206507","Daniel Borkmann","daniel@iogearbox.net","1594247520","7a18403cd56909f3ae0f516acae4e000f57e0ce9","5cfd607b49db2b7c05fccc2915a528d97bc8f17d","bpf: Fix another bpftool segfault without skeleton code enabled emit_obj_refs_json needs to added the same as with emit_obj_refs_plain to prevent segfaults, similar to Commit ""8ae4121bd89e bpf: Fix bpftool without skeleton code enabled""). See the error below: # ./bpftool -p prog { ""error"": ""bpftool built without PID iterator support"" },[{ ""id"": 2, ""type"": ""cgroup_skb"", ""tag"": ""7be49e3934a125ba"", ""gpl_compatible"": true, ""loaded_at"": 1594052789, ""uid"": 0, ""bytes_xlated"": 296, ""jited"": true, ""bytes_jited"": 203, ""bytes_memlock"": 4096, ""map_ids"": [2,3 Segmentation fault (core dumped) The same happens for ./bpftool -p map, as well as ./bpftool -j prog/map. Fixes: d53dee3fe013 (""tools/bpftool: Show info for processes holding BPF map/prog/link/btf FDs"") Signed-off-by: Louis Peens Signed-off-by: Daniel Borkmann Reviewed-by: Simon Horman Reviewed-by: Quentin Monnet Link: https://lore.kernel.org/bpf/20200708110827.7673-1-louis.peens@netronome.com","tools/bpf/bpftool/pids.c | 1 +; 1 file changed, 1 insertion(+)","Fixes a bpftool segfault by ensuring JSON references are emitted without skeleton code enabled.","bpftool,segfault,JSON","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"6955a76fbcd56d27c84c01353101048e366d070f","6955a76fbcd56d27c84c01353101048e366d070f","Christoph Hellwig","hch@lst.de","1589352418","Christoph Hellwig","hch@lst.de","1594189676","e966baa989bd62a2fd37ae71dd239b7a1a98203a","13c164b1a186dfe17d104d9638b86a06be1e40bf","bpfilter: switch to kernel_write While pipes don't really need sb_writers projection, __kernel_write is an interface better kept private, and the additional rw_verify_area does not hurt here. Signed-off-by: Christoph Hellwig ","net/bpfilter/bpfilter_kern.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","The commit updates bpfilter to use kernel_write instead of __kernel_write for improved interface encapsulation and safety.","bpfilter,kernel_write,encapsulation","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","It's not related to any above. E.g. It affects a logic component in eBPF that is not listed here and not related to other events.","[""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"f06b71fe4d4cd0a4ad7e183b777564f696f6bb36","f06b71fe4d4cd0a4ad7e183b777564f696f6bb36","Eric W. Biederman","ebiederm@xmission.com","1594183728","Eric W. Biederman","ebiederm@xmission.com","1594183949","ab7c8a13fa7b10a9586ca1104534a009b2e41333","b3a9e3b9622ae10064826dccb4f7a52bd88c7407 33c326014fe69304244868cc793c2c77be533125","Make the user mode driver code a better citizen This is the third round of my changeset to split the user mode driver code from the user mode helper code, and to make the code use common facilities to get things done instead of recreating them just for the user mode driver code. I have split the changes into small enough pieces so they should be easily readable and testable. The changes lean into the preexisting interfaces in the kernel and remove special cases for user mode driver code in favor of solutions that don't need special cases. This results in smaller code with fewer bugs. At a practical level this removes the maintenance burden of the user mode drivers from the user mode helper code and from exec as the special cases are removed. Similarly the LSM interaction bugs are fixed by not having unnecessary special cases for user mode drivers. I have tested thes changes by booting with the code compiled in and by killing ""bpfilter_umh"" and ""running iptables -vnL"" to restart the userspace driver, also by running ""while true; do iptables -L;rmmod bpfilter; done"" to verify the module load and unload work properly. I have compiled tested each change with and without CONFIG_BPFILTER enabled. From v2 to v3 I have made two siginficant changes. - I factored thread_group_exit out of pidfd_poll to allow the test to be used by the bpfilter code. - I renamed umd.c and umd.h to usermode_driver.c and usermode_driver.h respectively. I made a few very small changes from v1 to v2: - Updated the function name in a comment when the function is renamed - Moved some more code so that the the !CONFIG_BPFILTER case continues to compile when I moved the code into umd.c - A fix for the module loading case to really flush the file descriptor. - Removed split_argv entirely from fork_usermode_driver. There was nothing to split so it was just confusing. Please let me know if you see any bugs. Once the code review is finished I plan to place the code in a non-rebasing branch so I can pull it into my tree and so it can also be pulled into the bpf-next tree. v1: https://lkml.kernel.org/r/87pn9mgfc2.fsf_-_@x220.int.ebiederm.org v2: https://lkml.kernel.org/r/87bll17ili.fsf_-_@x220.int.ebiederm.org Eric W. Biederman (16): umh: Capture the pid in umh_pipe_setup umh: Move setting PF_UMH into umh_pipe_setup umh: Rename the user mode driver helpers for clarity umh: Remove call_usermodehelper_setup_file. umh: Separate the user mode driver and the user mode helper support umd: For clarity rename umh_info umd_info umd: Rename umd_info.cmdline umd_info.driver_name umd: Transform fork_usermode_blob into fork_usermode_driver umh: Stop calling do_execve_file exec: Remove do_execve_file bpfilter: Move bpfilter_umh back into init data umd: Track user space drivers with struct pid exit: Factor thread_group_exited out of pidfd_poll bpfilter: Take advantage of the facilities of struct pid umd: Remove exit_umh umd: Stop using split_argv Link: https://lkml.kernel.org/r/87y2o1swee.fsf_-_@x220.int.ebiederm.org Signed-off-by: ""Eric W. Biederman"" ","","The commit refactors user mode driver code to use common kernel facilities and removes special cases, enhancing maintainability and eliminating bugs.","refactor, usermode, maintainability","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"5cfd607b49db2b7c05fccc2915a528d97bc8f17d","5cfd607b49db2b7c05fccc2915a528d97bc8f17d","Daniel T. Lee","danieltimlee@gmail.com","1594147735","Daniel Borkmann","daniel@iogearbox.net","1594164794","400680800568d14155e649fea0b5c3dc4435fd7d","cc7f641d637bef0b31194d28667553f77c4ef947","selftests: bpf: Remove unused bpf_map_def_legacy struct samples/bpf no longer use bpf_map_def_legacy and instead use the libbpf's bpf_map_def or new BTF-defined MAP format. This commit removes unused bpf_map_def_legacy struct from selftests/bpf/bpf_legacy.h. Signed-off-by: Daniel T. Lee Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200707184855.30968-5-danieltimlee@gmail.com","tools/testing/selftests/bpf/bpf_legacy.h | 14 --------------; 1 file changed, 14 deletions(-)","Remove unused bpf_map_def_legacy struct from selftests as it's outdated and replaced by libbpf formats.","bpf,remove,selftests","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"cc7f641d637bef0b31194d28667553f77c4ef947","cc7f641d637bef0b31194d28667553f77c4ef947","Daniel T. Lee","danieltimlee@gmail.com","1594147734","Daniel Borkmann","daniel@iogearbox.net","1594164794","a86630f75e705e00f793d6c8b5c5bd3a58886ea6","88795b4adb01a30fbfd75ef1c1ef73b4442e38b2","samples: bpf: Refactor BPF map performance test with libbpf Previously, in order to set the numa_node attribute at the time of map creation using ""libbpf"", it was necessary to call bpf_create_map_node() directly (bpf_load approach), instead of calling bpf_object_load() that handles everything on its own, including map creation. And because of this problem, this sample had problems with refactoring from bpf_load to libbbpf. However, by commit 1bdb6c9a1c43 (""libbpf: Add a bunch of attribute getters/setters for map definitions"") added the numa_node attribute and allowed it to be set in the map. By using libbpf instead of bpf_load, the inner map definition has been explicitly declared with BTF-defined format. Also, the element of ARRAY_OF_MAPS was also statically specified using the BTF format. And for this reason some logic in fixup_map() was not needed and changed or removed. Signed-off-by: Daniel T. Lee Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200707184855.30968-4-danieltimlee@gmail.com","samples/bpf/map_perf_test_kern.c | 179 ++++++++++++++++++++-------------------; samples/bpf/map_perf_test_user.c | 164 ++++++++++++++++++++++-------------; 2 files changed, 196 insertions(+), 147 deletions(-)","Refactor BPF map performance test to use libbpf for better map creation with BTF-defined attributes.","refactor,libbpf,BTF","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"88795b4adb01a30fbfd75ef1c1ef73b4442e38b2","88795b4adb01a30fbfd75ef1c1ef73b4442e38b2","Daniel T. Lee","danieltimlee@gmail.com","1594147733","Daniel Borkmann","daniel@iogearbox.net","1594164790","674e5c8c7fcac6d50e75fb5a185c5b0493eed7f7","af9bd3e3331b8af42b6606c75797d041ab39380c","samples: bpf: Refactor BPF map in map test with libbpf From commit 646f02ffdd49 (""libbpf: Add BTF-defined map-in-map support""), a way to define internal map in BTF-defined map has been added. Instead of using previous 'inner_map_idx' definition, the structure to be used for the inner map can be directly defined using array directive. __array(values, struct inner_map) This commit refactors map in map test program with libbpf by explicitly defining inner map with BTF-defined format. Signed-off-by: Daniel T. Lee Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200707184855.30968-3-danieltimlee@gmail.com","samples/bpf/Makefile | 2 +-; samples/bpf/test_map_in_map_kern.c | 85 +++++++++++++++++++-------------------; samples/bpf/test_map_in_map_user.c | 53 +++++++++++++++++++++---; 3 files changed, 91 insertions(+), 49 deletions(-)","Refactor BPF map-in-map test to use BTF-defined format with libbpf.","refactor, BTF, libbpf","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"af9bd3e3331b8af42b6606c75797d041ab39380c","af9bd3e3331b8af42b6606c75797d041ab39380c","Daniel T. Lee","danieltimlee@gmail.com","1594147732","Daniel Borkmann","daniel@iogearbox.net","1594164734","e4912c10f7f5680424b6d48fbfa0c0c5c98f20ba","65ffd797861a44ff97081de1db01e4aef716ed46","samples: bpf: Fix bpf programs with kprobe/sys_connect event Currently, BPF programs with kprobe/sys_connect does not work properly. Commit 34745aed515c (""samples/bpf: fix kprobe attachment issue on x64"") This commit modifies the bpf_load behavior of kprobe events in the x64 architecture. If the current kprobe event target starts with ""sys_*"", add the prefix ""__x64_"" to the front of the event. Appending ""__x64_"" prefix with kprobe/sys_* event was appropriate as a solution to most of the problems caused by the commit below. commit d5a00528b58c (""syscalls/core, syscalls/x86: Rename struct pt_regs-based sys_*() to __x64_sys_*()"") However, there is a problem with the sys_connect kprobe event that does not work properly. For __sys_connect event, parameters can be fetched normally, but for __x64_sys_connect, parameters cannot be fetched. ffffffff818d3520 <__x64_sys_connect>: ffffffff818d3520: e8 fb df 32 00 callq 0xffffffff81c01520 <__fentry__> ffffffff818d3525: 48 8b 57 60 movq 96(%rdi), %rdx ffffffff818d3529: 48 8b 77 68 movq 104(%rdi), %rsi ffffffff818d352d: 48 8b 7f 70 movq 112(%rdi), %rdi ffffffff818d3531: e8 1a ff ff ff callq 0xffffffff818d3450 <__sys_connect> ffffffff818d3536: 48 98 cltq ffffffff818d3538: c3 retq ffffffff818d3539: 0f 1f 80 00 00 00 00 nopl (%rax) As the assembly code for __x64_sys_connect shows, parameters should be fetched and set into rdi, rsi, rdx registers prior to calling __sys_connect. Because of this problem, this commit fixes the sys_connect event by first getting the value of the rdi register and then the value of the rdi, rsi, and rdx register through an offset based on that value. Fixes: 34745aed515c (""samples/bpf: fix kprobe attachment issue on x64"") Signed-off-by: Daniel T. Lee Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200707184855.30968-2-danieltimlee@gmail.com","samples/bpf/map_perf_test_kern.c | 9 ++++++---; samples/bpf/test_map_in_map_kern.c | 9 ++++++---; samples/bpf/test_probe_write_user_kern.c | 9 ++++++---; 3 files changed, 18 insertions(+), 9 deletions(-)","Fixes sys_connect kprobe event handling in BPF by adjusting register parameter fetching on x64.","fix kprobe x64","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['kprobe/ftrace like type kernel dynamic probe programs. It affects kernel-level probes used for tracing kernel functions. It can be other kernel probes in perf-events.']" +"65ffd797861a44ff97081de1db01e4aef716ed46","65ffd797861a44ff97081de1db01e4aef716ed46","Stanislav Fomichev","sdf@google.com","1594076488","Daniel Borkmann","daniel@iogearbox.net","1594163256","923e16227c5ac5449ec7a58f6789a7f7af26bd42","db94cc0b4805968a0357ed2507730cdf77adf174","selftests/bpf: Test BPF_CGROUP_INET_SOCK_RELEASE Simple test that enforces a single SOCK_DGRAM socket per cgroup. Signed-off-by: Stanislav Fomichev Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200706230128.4073544-5-sdf@google.com","tools/testing/selftests/bpf/prog_tests/udp_limit.c | 75 ++++++++++++++++++++++; tools/testing/selftests/bpf/progs/udp_limit.c | 42 ++++++++++++; 2 files changed, 117 insertions(+)","The commit introduces a self-test for enforcing a single SOCK_DGRAM socket per cgroup using BPF_CGROUP_INET_SOCK_RELEASE.","selftests,bpf,socket","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', 'cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"db94cc0b4805968a0357ed2507730cdf77adf174","db94cc0b4805968a0357ed2507730cdf77adf174","Stanislav Fomichev","sdf@google.com","1594076487","Daniel Borkmann","daniel@iogearbox.net","1594163256","86959be14832aa95396805f32a037ad3104a50b2","e8b012e9fabe7eafc1b2c72414e174547683860d","bpftool: Add support for BPF_CGROUP_INET_SOCK_RELEASE Support attaching to BPF_CGROUP_INET_SOCK_RELEASE and properly display attach type upon prog dump. Signed-off-by: Stanislav Fomichev Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200706230128.4073544-4-sdf@google.com","tools/bpf/bpftool/common.c | 1 +; 1 file changed, 1 insertion(+)","Added support for BPF_CGROUP_INET_SOCK_RELEASE in the bpftool utility.","bpftool,BPF_CGROUP_INET_SOCK_RELEASE,prog dump","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"e8b012e9fabe7eafc1b2c72414e174547683860d","e8b012e9fabe7eafc1b2c72414e174547683860d","Stanislav Fomichev","sdf@google.com","1594076486","Daniel Borkmann","daniel@iogearbox.net","1594163255","a46414a2368bf118aa68270242a7b5fe5519ce09","f5836749c9c04a10decd2742845ad4870965fdef","libbpf: Add support for BPF_CGROUP_INET_SOCK_RELEASE Add auto-detection for the cgroup/sock_release programs. Signed-off-by: Stanislav Fomichev Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200706230128.4073544-3-sdf@google.com","tools/include/uapi/linux/bpf.h | 1 +; tools/lib/bpf/libbpf.c | 4 ++++; 2 files changed, 5 insertions(+)","Adds support for BPF_CGROUP_INET_SOCK_RELEASE in libbpf with auto-detection features.","libbpf, BPF_CGROUP_INET_SOCK_RELEASE, autodetection","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"f5836749c9c04a10decd2742845ad4870965fdef","f5836749c9c04a10decd2742845ad4870965fdef","Stanislav Fomichev","sdf@google.com","1594076485","Daniel Borkmann","daniel@iogearbox.net","1594163011","44335764c2ebba2099ba8bf26267bdfac7c36ed1","4e48978cd28ce51945c08650e5c5502ca41e1fcc","bpf: Add BPF_CGROUP_INET_SOCK_RELEASE hook Sometimes it's handy to know when the socket gets freed. In particular, we'd like to try to use a smarter allocation of ports for bpf_bind and explore the possibility of limiting the number of SOCK_DGRAM sockets the process can have. Implement BPF_CGROUP_INET_SOCK_RELEASE hook that triggers on inet socket release. It triggers only for userspace sockets (not in-kernel ones) and therefore has the same semantics as the existing BPF_CGROUP_INET_SOCK_CREATE. Signed-off-by: Stanislav Fomichev Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200706230128.4073544-2-sdf@google.com","include/linux/bpf-cgroup.h | 4 ++++; include/uapi/linux/bpf.h | 1 +; kernel/bpf/syscall.c | 3 +++; net/core/filter.c | 1 +; net/ipv4/af_inet.c | 3 +++; 5 files changed, 12 insertions(+)","Implement BPF_CGROUP_INET_SOCK_RELEASE hook to monitor user-space socket releases for smarter port allocations and limiting SOCK_DGRAM socket creation.","BPF_CGROUP_INET_SOCK_RELEASE,socket,hook","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"99aacebecb75c61e6a6a1bc29f5d87c9453f3b73","99aacebecb75c61e6a6a1bc29f5d87c9453f3b73","Yauheni Kaliuta","yauheni.kaliuta@redhat.com","1590563817","Shuah Khan","skhan@linuxfoundation.org","1594152681","dc1b3618f4918fd27f19c634e40f7cb0693af5cd","05790fd7f8d3a77c26f1acd16b6d0f8f7d61d98a","selftests: do not use .ONESHELL Using one shell for the whole recipe with long lists can cause make[1]: execvp: /bin/sh: Argument list too long with some shells. Triggered by commit 309b81f0fdc4 (""selftests/bpf: Install generated test progs"") It requires to change the rule which rely on the one shell behaviour (run_tests). Simplify also INSTALL_SINGLE_RULE, remove extra echo, required to workaround .ONESHELL. Signed-off-by: Yauheni Kaliuta Cc: Jiri Benc Cc: Shuah Khan Signed-off-by: Shuah Khan ","tools/testing/selftests/lib.mk | 20 +++++++++-----------; 1 file changed, 9 insertions(+), 11 deletions(-)","Refactor selftests to avoid using .ONESHELL, preventing errors with long argument lists.","selftests, ONESHELL, refactor","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"8c2f52663973e643c617663d826e2b0daa008b38","8c2f52663973e643c617663d826e2b0daa008b38","Eric W. Biederman","ebiederm@xmission.com","1593124840","Eric W. Biederman","ebiederm@xmission.com","1594141139","21b301428622983383cb6d1b866223e0c4fbedfe","e80eb1dc868bc1ed93602389d54b27f170ca770c","umd: Remove exit_umh The bpfilter code no longer uses the umd_info.cleanup callback. This callback is what exit_umh exists to call. So remove exit_umh and all of it's associated booking. v1: https://lkml.kernel.org/r/87bll6dlte.fsf_-_@x220.int.ebiederm.org v2: https://lkml.kernel.org/r/87y2o53abg.fsf_-_@x220.int.ebiederm.org Link: https://lkml.kernel.org/r/20200702164140.4468-15-ebiederm@xmission.com Reviewed-by: Greg Kroah-Hartman Acked-by: Alexei Starovoitov Tested-by: Alexei Starovoitov Signed-off-by: ""Eric W. Biederman"" ","include/linux/sched.h | 1 -; include/linux/usermode_driver.h | 16 ----------------; kernel/exit.c | 3 ---; kernel/usermode_driver.c | 28 ----------------------------; 4 files changed, 48 deletions(-)","The commit removes the unused exit_umh function and its related code from the kernel.","exit_umh, umd_info, cleanup","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"e80eb1dc868bc1ed93602389d54b27f170ca770c","e80eb1dc868bc1ed93602389d54b27f170ca770c","Eric W. Biederman","ebiederm@xmission.com","1593123802","Eric W. Biederman","ebiederm@xmission.com","1594141137","79fa3fd78b5dcdde8b08eb4d7f0d4c7b14a46ad9","38fd525a4c61e7ecdc9ad4dcbf7b767d0a007962","bpfilter: Take advantage of the facilities of struct pid Instead of relying on the exit_umh cleanup callback use the fact a struct pid can be tested to see if a process still exists, and that struct pid has a wait queue that notifies when the process dies. v1: https://lkml.kernel.org/r/87h7uydlu9.fsf_-_@x220.int.ebiederm.org v2: https://lkml.kernel.org/r/874kqt4owu.fsf_-_@x220.int.ebiederm.org Link: https://lkml.kernel.org/r/20200702164140.4468-14-ebiederm@xmission.com Reviewed-by: Greg Kroah-Hartman Acked-by: Alexei Starovoitov Tested-by: Alexei Starovoitov Signed-off-by: ""Eric W. Biederman"" ","include/linux/bpfilter.h | 3 ++-; net/bpfilter/bpfilter_kern.c | 15 +++++----------; net/ipv4/bpfilter/sockopt.c | 15 ++++++++-------; 3 files changed, 15 insertions(+), 18 deletions(-)","The commit refactors bpfilter to use struct pid for improved process existence checks and notifications.","bpfilter,struct pid,refactor","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"f91c031e6528f1656e7a1f76c98e3c1d7620820c","f91c031e6528f1656e7a1f76c98e3c1d7620820c","David S. Miller","davem@davemloft.net","1593910114","David S. Miller","davem@davemloft.net","1593910114","3e4c990b6b0d8bf6eaa59364754a83d5f741ae10","418e787e54a638eb2bf09212a323d920229ee5ef 9ff79af3331277c69ac61cc75b2392eb3284e305","Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next Daniel Borkmann says: ==================== pull-request: bpf-next 2020-07-04 The following pull-request contains BPF updates for your *net-next* tree. We've added 73 non-merge commits during the last 17 day(s) which contain a total of 106 files changed, 5233 insertions(+), 1283 deletions(-). The main changes are: 1) bpftool ability to show PIDs of processes having open file descriptors for BPF map/program/link/BTF objects, relying on BPF iterator progs to extract this info efficiently, from Andrii Nakryiko. 2) Addition of BPF iterator progs for dumping TCP and UDP sockets to seq_files, from Yonghong Song. 3) Support access to BPF map fields in struct bpf_map from programs through BTF struct access, from Andrey Ignatov. 4) Add a bpf_get_task_stack() helper to be able to dump /proc/*/stack via seq_file from BPF iterator progs, from Song Liu. 5) Make SO_KEEPALIVE and related options available to bpf_setsockopt() helper, from Dmitry Yakunin. 6) Optimize BPF sk_storage selection of its caching index, from Martin KaFai Lau. 7) Removal of redundant synchronize_rcu()s from BPF map destruction which has been a historic leftover, from Alexei Starovoitov. 8) Several improvements to test_progs to make it easier to create a shell loop that invokes each test individually which is useful for some CIs, from Jesper Dangaard Brouer. 9) Fix bpftool prog dump segfault when compiled without skeleton code on older clang versions, from John Fastabend. 10) Bunch of cleanups and minor improvements, from various others. ==================== Signed-off-by: David S. Miller ","","Merge of the bpf-next branch into net-next with various eBPF improvements and features including iterator programs and bpftool enhancements.","merge,bpf-next,improvements","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"0fe3c63148ef5df1b3cb067e4b4d45d45d0c0fdc","0fe3c63148ef5df1b3cb067e4b4d45d45d0c0fdc","Eric W. Biederman","ebiederm@xmission.com","1593119326","Eric W. Biederman","ebiederm@xmission.com","1593873350","6db7c23ffc99af76bf991cf20195945e2cd3c39c","25cf336de51b51a3e440e1893751f9532095eff0","bpfilter: Move bpfilter_umh back into init data To allow for restarts 61fbf5933d42 (""net: bpfilter: restart bpfilter_umh when error occurred"") moved the blob holding the userspace binary out of the init sections. Now that loading the blob into a filesystem is separate from executing the blob the blob no longer needs to live .rodata to allow for restarting. So move the blob back to .init.rodata. v1: https://lkml.kernel.org/r/87sgeidlvq.fsf_-_@x220.int.ebiederm.org v2: https://lkml.kernel.org/r/87ftad4ozc.fsf_-_@x220.int.ebiederm.org Link: https://lkml.kernel.org/r/20200702164140.4468-11-ebiederm@xmission.com Reviewed-by: Greg Kroah-Hartman Acked-by: Alexei Starovoitov Tested-by: Alexei Starovoitov Signed-off-by: ""Eric W. Biederman"" ","net/bpfilter/bpfilter_umh_blob.S | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Moves bpfilter_umh blob back to init data section for improved initialization handling.","bpfilter,init,blob","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"d7bf2ebebc2bd61ab95e2a8e33541ef282f303d4","d7bf2ebebc2bd61ab95e2a8e33541ef282f303d4","Toke Høiland-Jørgensen","toke@redhat.com","1593808003","David S. Miller","davem@davemloft.net","1593812093","b82054e64bc7451c59463989b10b99953318a0be","ad4e2b64839710e3b6e17a11b2684ceaaeae795e","sched: consistently handle layer3 header accesses in the presence of VLANs There are a couple of places in net/sched/ that check skb->protocol and act on the value there. However, in the presence of VLAN tags, the value stored in skb->protocol can be inconsistent based on whether VLAN acceleration is enabled. The commit quoted in the Fixes tag below fixed the users of skb->protocol to use a helper that will always see the VLAN ethertype. However, most of the callers don't actually handle the VLAN ethertype, but expect to find the IP header type in the protocol field. This means that things like changing the ECN field, or parsing diffserv values, stops working if there's a VLAN tag, or if there are multiple nested VLAN tags (QinQ). To fix this, change the helper to take an argument that indicates whether the caller wants to skip the VLAN tags or not. When skipping VLAN tags, we make sure to skip all of them, so behaviour is consistent even in QinQ mode. To make the helper usable from the ECN code, move it to if_vlan.h instead of pkt_sched.h. v3: - Remove empty lines - Move vlan variable definitions inside loop in skb_protocol() - Also use skb_protocol() helper in IP{,6}_ECN_decapsulate() and bpf_skb_ecn_set_ce() v2: - Use eth_type_vlan() helper in skb_protocol() - Also fix code that reads skb->protocol directly - Change a couple of 'if/else if' statements to switch constructs to avoid calling the helper twice Reported-by: Ilya Ponetayev Fixes: d8b9605d2697 (""net: sched: fix skb->protocol use in case of accelerated vlan path"") Signed-off-by: Toke Høiland-Jørgensen Signed-off-by: David S. Miller ","include/linux/if_vlan.h | 28 ++++++++++++++++++++++++++++; include/net/inet_ecn.h | 25 +++++++++++++++++--------; include/net/pkt_sched.h | 11 -----------; net/core/filter.c | 10 +++++++---; net/sched/act_connmark.c | 9 ++++++---; net/sched/act_csum.c | 2 +-; net/sched/act_ct.c | 9 ++++-----; net/sched/act_ctinfo.c | 9 ++++++---; net/sched/act_mpls.c | 2 +-; net/sched/act_skbedit.c | 2 +-; net/sched/cls_api.c | 2 +-; net/sched/cls_flow.c | 8 ++++----; net/sched/cls_flower.c | 2 +-; net/sched/em_ipset.c | 2 +-; net/sched/em_ipt.c | 2 +-; net/sched/em_meta.c | 2 +-; net/sched/sch_cake.c | 4 ++--; net/sched/sch_dsmark.c | 6 +++---; net/sched/sch_teql.c | 2 +-; 19 files changed, 86 insertions(+), 51 deletions(-)","This commit fixes handling of layer3 header access in presence of VLANs for network scheduling in Linux.","VLAN,skb,header","A bug fix. It primarily resolves a bug or issue in the code.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"9ff79af3331277c69ac61cc75b2392eb3284e305","9ff79af3331277c69ac61cc75b2392eb3284e305","Song Liu","songliubraving@fb.com","1593800239","Daniel Borkmann","daniel@iogearbox.net","1593811540","6a5a329465fe171783af5ce474422013851c1802","8ae4121bd89e3dce27b519ed469efbc15423af18","selftests/bpf: Fix compilation error of bpf_iter_task_stack.c BPF selftests show a compilation error as follows: libbpf: invalid relo for 'entries' in special section 0xfff2; forgot to initialize global var?.. Fix it by initializing 'entries' to zeros. Fixes: c7568114bc56 (""selftests/bpf: Add bpf_iter test with bpf_get_task_stack()"") Reported-by: Jesper Dangaard Brouer Signed-off-by: Song Liu Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200703181719.3747072-1-songliubraving@fb.com","tools/testing/selftests/bpf/progs/bpf_iter_task_stack.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Fixes a compilation error in BPF selftests by initializing 'entries' in bpf_iter_task_stack.c to zero.","compilation,error,initializing","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"8ae4121bd89e3dce27b519ed469efbc15423af18","8ae4121bd89e3dce27b519ed469efbc15423af18","John Fastabend","john.fastabend@gmail.com","1593750719","Daniel Borkmann","daniel@iogearbox.net","1593811240","58e74e54cc6d21f7702c2f8a0179d2cb9facba79","046cc3dd9a2507b8e111714807ab8bf15ea5bb70","bpf: Fix bpftool without skeleton code enabled Fix segfault from bpftool by adding emit_obj_refs_plain when skeleton code is disabled. Tested by deleting BUILD_BPF_SKELS in Makefile. We found this doing backports for Cilium when a testing image pulled in latest bpf-next bpftool, but kept using an older clang-7. # ./bpftool prog show Error: bpftool built without PID iterator support 3: cgroup_skb tag 7be49e3934a125ba gpl loaded_at 2020-07-01T08:01:29-0700 uid 0 Segmentation fault Fixes: d53dee3fe013 (""tools/bpftool: Show info for processes holding BPF map/prog/link/btf FDs"") Reported-by: Joe Stringer Signed-off-by: John Fastabend Signed-off-by: Daniel Borkmann Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/159375071997.14984.17404504293832961401.stgit@john-XPS-13-9370","tools/bpf/bpftool/pids.c | 1 +; 1 file changed, 1 insertion(+)","This commit fixes a segmentation fault in bpftool when built without skeleton code by adding emit_obj_refs_plain.","bpftool,segfault,fix","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"046cc3dd9a2507b8e111714807ab8bf15ea5bb70","046cc3dd9a2507b8e111714807ab8bf15ea5bb70","Song Liu","songliubraving@fb.com","1593744337","Alexei Starovoitov","ast@kernel.org","1593746516","fdb000010085a84b92a72deb6919b9b2e1021773","811d7e375d08312dba23f3b6bf7e58ec14aa5dcb","bpf: Fix build without CONFIG_STACKTRACE Without CONFIG_STACKTRACE stack_trace_save_tsk() is not defined. Let get_callchain_entry_for_task() to always return NULL in such cases. Fixes: fa28dcb82a38 (""bpf: Introduce helper bpf_get_task_stack()"") Reported-by: kernel test robot Signed-off-by: Song Liu Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200703024537.79971-1-songliubraving@fb.com","kernel/bpf/stackmap.c | 4 ++++; 1 file changed, 4 insertions(+)","This commit addresses a build issue in the eBPF stackmap component when CONFIG_STACKTRACE is disabled by modifying get_callchain_entry_for_task().","build,CONFIG_STACKTRACE,eBPF","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"811d7e375d08312dba23f3b6bf7e58ec14aa5dcb","811d7e375d08312dba23f3b6bf7e58ec14aa5dcb","Martin KaFai Lau","kafai@fb.com","1593650938","Daniel Borkmann","daniel@iogearbox.net","1593698941","c0c875a064a3930b4efda35fa924090f23c553e2","99126abec5e5778583b959cb164f1888374917d3","bpf: selftests: Restore netns after each test It is common for networking tests creating its netns and making its own setting under this new netns (e.g. changing tcp sysctl). If the test forgot to restore to the original netns, it would affect the result of other tests. This patch saves the original netns at the beginning and then restores it after every test. Since the restore ""setns()"" is not expensive, it does it on all tests without tracking if a test has created a new netns or not. The new restore_netns() could also be done in test__end_subtest() such that each subtest will get an automatic netns reset. However, the individual test would lose flexibility to have total control on netns for its own subtests. In some cases, forcing a test to do unnecessary netns re-configure for each subtest is time consuming. e.g. In my vm, forcing netns re-configure on each subtest in sk_assign.c increased the runtime from 1s to 8s. On top of that, test_progs.c is also doing per-test (instead of per-subtest) cleanup for cgroup. Thus, this patch also does per-test restore_netns(). The only existing per-subtest cleanup is reset_affinity() and no test is depending on this. Thus, it is removed from test__end_subtest() to give a consistent expectation to the individual tests. test_progs.c only ensures any affinity/netns/cgroup change made by an earlier test does not affect the following tests. Signed-off-by: Martin KaFai Lau Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200702004858.2103728-1-kafai@fb.com","tools/testing/selftests/bpf/test_progs.c | 23 +++++++++++++++++++++--; tools/testing/selftests/bpf/test_progs.h | 2 ++; 2 files changed, 23 insertions(+), 2 deletions(-)","The commit ensures network namespace restoration after each eBPF selftest to prevent interference among tests.","restore, netns, selftests","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"99126abec5e5778583b959cb164f1888374917d3","99126abec5e5778583b959cb164f1888374917d3","Martin KaFai Lau","kafai@fb.com","1593650932","Daniel Borkmann","daniel@iogearbox.net","1593698941","1719851eba4cd2f0fdb27f35ce00df862a0d3769","91f77560e4738a9ff090c87f594d771cee254a4e","bpf: selftests: A few improvements to network_helpers.c This patch makes a few changes to the network_helpers.c 1) Enforce SO_RCVTIMEO and SO_SNDTIMEO This patch enforces timeout to the network fds through setsockopt SO_RCVTIMEO and SO_SNDTIMEO. It will remove the need for SOCK_NONBLOCK that requires a more demanding timeout logic with epoll/select, e.g. epoll_create, epoll_ctrl, and then epoll_wait for timeout. That removes the need for connect_wait() from the cgroup_skb_sk_lookup.c. The needed change is made in cgroup_skb_sk_lookup.c. 2) start_server(): Add optional addr_str and port to start_server(). That removes the need of the start_server_with_port(). The caller can pass addr_str==NULL and/or port==0. I have a future tcp-hdr-opt test that will pass a non-NULL addr_str and it is in general useful for other future tests. ""int timeout_ms"" is also added to control the timeout on the ""accept(listen_fd)"". 3) connect_to_fd(): Fully use the server_fd. The server sock address has already been obtained from getsockname(server_fd). The sockaddr includes the family, so the ""int family"" arg is redundant. Since the server address is obtained from server_fd, there is little reason not to get the server's socket type from the server_fd also. getsockopt(server_fd) can be used to do that, so ""int type"" arg is also removed. ""int timeout_ms"" is added. 4) connect_fd_to_fd(): ""int timeout_ms"" is added. Some code is also refactored to connect_fd_to_addr() which is shared with connect_to_fd(). 5) Preserve errno: Some callers need to check errno, e.g. cgroup_skb_sk_lookup.c. Make changes to do it more consistently in save_errno_close() and log_err(). Signed-off-by: Martin KaFai Lau Signed-off-by: Daniel Borkmann Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200702004852.2103003-1-kafai@fb.com","tools/testing/selftests/bpf/network_helpers.c | 157 ++++++++++++---------; tools/testing/selftests/bpf/network_helpers.h | 9 +-; .../bpf/prog_tests/cgroup_skb_sk_lookup.c | 12 +-; .../selftests/bpf/prog_tests/connect_force_port.c | 10 +-; .../selftests/bpf/prog_tests/load_bytes_relative.c | 4 +-; tools/testing/selftests/bpf/prog_tests/tcp_rtt.c | 4 +-; 6 files changed, 110 insertions(+), 86 deletions(-)","The commit improves network_helpers.c in selftests by enhancing socket timeout handling and refactoring connection functions.","network_helpers, socket, timeout","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"6c5aa6fc4defc2a0977a2c59e4710d50fa1e834c","6c5aa6fc4defc2a0977a2c59e4710d50fa1e834c","Denis Kirjanov","kda@linux-powerpc.org","1593436408","David S. Miller","davem@davemloft.net","1593642314","5e9becc3190fdcbb5cc8a52bf6463045c290acaa","2cef30d7bd8b8fbddeb74e3753c29d4248c094e0","xen networking: add basic XDP support for xen-netfront The patch adds a basic XDP processing to xen-netfront driver. We ran an XDP program for an RX response received from netback driver. Also we request xen-netback to adjust data offset for bpf_xdp_adjust_head() header space for custom headers. synchronization between frontend and backend parts is done by using xenbus state switching: Reconfiguring -> Reconfigured- > Connected UDP packets drop rate using xdp program is around 310 kpps using ./pktgen_sample04_many_flows.sh and 160 kpps without the patch. Signed-off-by: Denis Kirjanov Signed-off-by: David S. Miller ","drivers/net/Kconfig | 1 +; drivers/net/xen-netfront.c | 336 +++++++++++++++++++++++++++++++++++++++++++--; 2 files changed, 327 insertions(+), 10 deletions(-)","The commit adds basic XDP functionality to the xen-netfront driver to enhance networking via improved packet processing.","XDP,xen-netfront,networking","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"91f77560e4738a9ff090c87f594d771cee254a4e","91f77560e4738a9ff090c87f594d771cee254a4e","Alexei Starovoitov","ast@kernel.org","1593641909","Alexei Starovoitov","ast@kernel.org","1593642133","c43058272fbaef280c62ddaff72e1a2973c0e16b","17bbf925c6f86be8c08bc473cb5327c173154596 c1f1f3656eee3a59a40e1805699041ec1c14ab83","Merge branch 'test_progs-improvements' Jesper Dangaard Brouer says: ==================== V3: Reorder patches to cause less code churn. The BPF selftest 'test_progs' contains many tests, that cover all the different areas of the kernel where BPF is used. The CI system sees this as one test, which is impractical for identifying what team/engineer is responsible for debugging the problem. This patchset add some options that makes it easier to create a shell for-loop that invoke each (top-level) test avail in test_progs. Then each test FAIL/PASS result can be presented the CI system to have a separate bullet. (For Red Hat use-case in Beaker https://beaker-project.org/) Created a public script[1] that uses these features in an advanced way. Demonstrating howto reduce the number of (top-level) tests by grouping tests together via using the existing test pattern selection feature, and then using the new --list feature combined with exclude (-b) to get a list of remaining test names that was not part of the groups. [1] https://github.com/netoptimizer/prototype-kernel/blob/master/scripts/bpf_selftests_grouping.sh ==================== Signed-off-by: Alexei Starovoitov ","","The commit merges test_progs improvements, enhancing CI capabilities for BPF selftests by allowing individual test results reporting.","merge,test_progs,selftests","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"c1f1f3656eee3a59a40e1805699041ec1c14ab83","c1f1f3656eee3a59a40e1805699041ec1c14ab83","Jesper Dangaard Brouer","brouer@redhat.com","1593639857","Alexei Starovoitov","ast@kernel.org","1593642133","c43058272fbaef280c62ddaff72e1a2973c0e16b","643e7233aa948901dce81d4573c91ed99fdd272e","selftests/bpf: Test_progs option for listing test names The program test_progs have some very useful ability to specify a list of test name substrings for selecting which tests to run. This patch add the ability to list the selected test names without running them. This is practical for seeing which tests gets selected with given select arguments (which can also contain a exclude list via --name-blacklist). This output can also be used by shell-scripts in a for-loop: for N in $(./test_progs --list -t xdp); do \ ./test_progs -t $N 2>&1 > result_test_${N}.log & \ done ; wait This features can also be used for looking up a test number and returning a testname. If the selection was empty then a shell EXIT_FAILURE is returned. This is useful for scripting. e.g. like this: n=1; while [ $(./test_progs --list -n $n) ] ; do \ ./test_progs -n $n ; n=$(( n+1 )); \ done Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/159363985751.930467.9610992940793316982.stgit@firesoul","tools/testing/selftests/bpf/test_progs.c | 15 +++++++++++++++; tools/testing/selftests/bpf/test_progs.h | 1 +; 2 files changed, 16 insertions(+)","The commit adds an option to list test names in test_progs for improved selection and scripting purposes.","list,test_progs,scripting","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"643e7233aa948901dce81d4573c91ed99fdd272e","643e7233aa948901dce81d4573c91ed99fdd272e","Jesper Dangaard Brouer","brouer@redhat.com","1593639852","Alexei Starovoitov","ast@kernel.org","1593642133","588690946a045ae94d3d9f12f4f516015cc4dca1","6c92bd5cd4650c39dd929565ee172984c680fead","selftests/bpf: Test_progs option for getting number of tests It can be practial to get the number of tests that test_progs contain. This could for example be used to create a shell for-loop construct that runs the individual tests. Like: for N in $(seq 1 $(./test_progs -c)); do ./test_progs -n $N 2>&1 > result_test_${N}.log & done ; wait V2: Add the ability to return the count for the selected tests. This is useful for getting a count e.g. after excluding some tests with option -b. The current beakers test script like to report the max test count upfront. Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/159363985244.930467.12617117873058936829.stgit@firesoul","tools/testing/selftests/bpf/test_progs.c | 18 ++++++++++++++++++; tools/testing/selftests/bpf/test_progs.h | 1 +; 2 files changed, 19 insertions(+)","The commit enhances test_progs in selftests/bpf with an option to get the test count, facilitating automated test scripting.","selftests,bpf,test_progs","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"6c92bd5cd4650c39dd929565ee172984c680fead","6c92bd5cd4650c39dd929565ee172984c680fead","Jesper Dangaard Brouer","brouer@redhat.com","1593639847","Alexei Starovoitov","ast@kernel.org","1593642133","3c5b7fb035f4fcdf4389d46bf4c1bd6f0c625e8b","17bbf925c6f86be8c08bc473cb5327c173154596","selftests/bpf: Test_progs indicate to shell on non-actions When a user selects a non-existing test the summary is printed with indication 0 for all info types, and shell ""success"" (EXIT_SUCCESS) is indicated. This can be understood by a human end-user, but for shell scripting is it useful to indicate a shell failure (EXIT_FAILURE). Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/159363984736.930467.17956007131403952343.stgit@firesoul","tools/testing/selftests/bpf/test_progs.c | 3 +++; 1 file changed, 3 insertions(+)","Improves test_progs to return shell failure for non-existing test selections.","selftests,shell,failure","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"17bbf925c6f86be8c08bc473cb5327c173154596","17bbf925c6f86be8c08bc473cb5327c173154596","Andrii Nakryiko","andriin@fb.com","1593638896","Daniel Borkmann","daniel@iogearbox.net","1593641908","8005a6f5f4cd632de72557636a06bfbbdf430d9e","8d821b5db70723d27ee749b4870de90760606918","tools/bpftool: Turn off -Wnested-externs warning Turn off -Wnested-externs to avoid annoying warnings in BUILD_BUG_ON macro when compiling bpftool: In file included from /data/users/andriin/linux/tools/include/linux/build_bug.h:5, from /data/users/andriin/linux/tools/include/linux/kernel.h:8, from /data/users/andriin/linux/kernel/bpf/disasm.h:10, from /data/users/andriin/linux/kernel/bpf/disasm.c:8: /data/users/andriin/linux/kernel/bpf/disasm.c: In function ‘__func_get_name’: /data/users/andriin/linux/tools/include/linux/compiler.h:37:38: warning: nested extern declaration of ‘__compiletime_assert_0’ [-Wnested-externs] _compiletime_assert(condition, msg, __compiletime_assert_, __COUNTER__) ^~~~~~~~~~~~~~~~~~~~~ /data/users/andriin/linux/tools/include/linux/compiler.h:16:15: note: in definition of macro ‘__compiletime_assert’ extern void prefix ## suffix(void) __compiletime_error(msg); \ ^~~~~~ /data/users/andriin/linux/tools/include/linux/compiler.h:37:2: note: in expansion of macro ‘_compiletime_assert’ _compiletime_assert(condition, msg, __compiletime_assert_, __COUNTER__) ^~~~~~~~~~~~~~~~~~~ /data/users/andriin/linux/tools/include/linux/build_bug.h:39:37: note: in expansion of macro ‘compiletime_assert’ #define BUILD_BUG_ON_MSG(cond, msg) compiletime_assert(!(cond), msg) ^~~~~~~~~~~~~~~~~~ /data/users/andriin/linux/tools/include/linux/build_bug.h:50:2: note: in expansion of macro ‘BUILD_BUG_ON_MSG’ BUILD_BUG_ON_MSG(condition, ""BUILD_BUG_ON failed: "" #condition) ^~~~~~~~~~~~~~~~ /data/users/andriin/linux/kernel/bpf/disasm.c:20:2: note: in expansion of macro ‘BUILD_BUG_ON’ BUILD_BUG_ON(ARRAY_SIZE(func_id_str) != __BPF_FUNC_MAX_ID); ^~~~~~~~~~~~ Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200701212816.2072340-1-andriin@fb.com","tools/bpf/bpftool/Makefile | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","The commit disables the -Wnested-externs warning to prevent warnings during the compilation of bpftool.","bpftool, warnings, compilation","A build system or CI/CD change. It affects the build process continuous integration or deployment pipelines.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"8d821b5db70723d27ee749b4870de90760606918","8d821b5db70723d27ee749b4870de90760606918","Hao Luo","haoluo@google.com","1593625995","Alexei Starovoitov","ast@kernel.org","1593641427","15f9cfde42b674dd463748af658ed93edae0bf1a","6b207d66aa9fad0deed13d5f824e1ea193b0a777","selftests/bpf: Switch test_vmlinux to use hrtimer_range_start_ns. The test_vmlinux test uses hrtimer_nanosleep as hook to test tracing programs. But in a kernel built by clang, which performs more aggresive inlining, that function gets inlined into its caller SyS_nanosleep. Therefore, even though fentry and kprobe do hook on the function, they aren't triggered by the call to nanosleep in the test. A possible fix is switching to use a function that is less likely to be inlined, such as hrtimer_range_start_ns. The EXPORT_SYMBOL functions shouldn't be inlined based on the description of [1], therefore safe to use for this test. Also the arguments of this function include the duration of sleep, therefore suitable for test verification. [1] af3b56289be1 time: don't inline EXPORT_SYMBOL functions Tested: In a clang build kernel, before this change, the test fails: test_vmlinux:PASS:skel_open 0 nsec test_vmlinux:PASS:skel_attach 0 nsec test_vmlinux:PASS:tp 0 nsec test_vmlinux:PASS:raw_tp 0 nsec test_vmlinux:PASS:tp_btf 0 nsec test_vmlinux:FAIL:kprobe not called test_vmlinux:FAIL:fentry not called After switching to hrtimer_range_start_ns, the test passes: test_vmlinux:PASS:skel_open 0 nsec test_vmlinux:PASS:skel_attach 0 nsec test_vmlinux:PASS:tp 0 nsec test_vmlinux:PASS:raw_tp 0 nsec test_vmlinux:PASS:tp_btf 0 nsec test_vmlinux:PASS:kprobe 0 nsec test_vmlinux:PASS:fentry 0 nsec Signed-off-by: Hao Luo Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200701175315.1161242-1-haoluo@google.com","tools/testing/selftests/bpf/progs/test_vmlinux.c | 16 ++++++++--------; 1 file changed, 8 insertions(+), 8 deletions(-)","Switches test_vmlinux to use hrtimer_range_start_ns to prevent inlining issues in a clang built kernel.","test_vmlinux, hrtimer, inlining","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', 'kprobe/ftrace like type kernel dynamic probe programs. It affects kernel-level probes used for tracing kernel functions. It can be other kernel probes in perf-events.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"6b207d66aa9fad0deed13d5f824e1ea193b0a777","6b207d66aa9fad0deed13d5f824e1ea193b0a777","Randy Dunlap","rdunlap@infradead.org","1593538150","Alexei Starovoitov","ast@kernel.org","1593617818","733e128f1905773bf97a4ba004c7401752842495","64f0013c073a0162a6bd31b33def10cb2b2fe6e0","bpf: Fix net/core/filter build errors when INET is not enabled Fix build errors when CONFIG_INET is not set/enabled. (.text+0x2b1b): undefined reference to `tcp_prot' (.text+0x2b3b): undefined reference to `tcp_prot' Signed-off-by: Randy Dunlap Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/b1a858ec-7e04-56bc-248a-62cb9bbee726@infradead.org","net/core/filter.c | 4 ++++; 1 file changed, 4 insertions(+)","Fixes build errors in net/core/filter when CONFIG_INET is not enabled.","build, errors, INET","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"64f0013c073a0162a6bd31b33def10cb2b2fe6e0","64f0013c073a0162a6bd31b33def10cb2b2fe6e0","Alexei Starovoitov","ast@kernel.org","1593616929","Alexei Starovoitov","ast@kernel.org","1593617182","a29d6395f179a6937340702516a4a2d5bd066e0e","bba1dc0b55ac462d24ed1228ad49800c238cd6d7 c7568114bc56cf3ec0bd9eb117bbe7cad3d30e11","Merge branch 'bpf_get_task_stack' Song Liu says: ==================== This set introduces a new helper bpf_get_task_stack(). The primary use case is to dump all /proc/*/stack to seq_file via bpf_iter__task. A few different approaches have been explored and compared: 1. A simple wrapper around stack_trace_save_tsk(), as v1 [1]. This approach introduces new syntax, which is different to existing helper bpf_get_stack(). Therefore, this is not ideal. 2. Extend get_perf_callchain() to support ""task"" as argument. This approach reuses most of bpf_get_stack(). However, extending get_perf_callchain() requires non-trivial changes to architecture specific code. Which is error prone. 3. Current (v2) approach, leverages most of existing bpf_get_stack(), and uses stack_trace_save_tsk() to handle architecture specific logic. [1] https://lore.kernel.org/netdev/20200623070802.2310018-1-songliubraving@fb.com/ Changes v4 => v5: 1. Rebase and work around git-am issue. (Alexei) 2. Update commit log for 4/4. (Yonghong) Changes v3 => v4: 1. Simplify the selftests with bpf_iter.h. (Yonghong) 2. Add example output to commit log of 4/4. (Yonghong) Changes v2 => v3: 1. Rebase on top of bpf-next. (Yonghong) 2. Sanitize get_callchain_entry(). (Peter) 3. Use has_callchain_buf for bpf_get_task_stack. (Andrii) 4. Other small clean up. (Yonghong, Andrii). Changes v1 => v2: 1. Reuse most of bpf_get_stack() logic. (Andrii) 2. Fix unsigned long vs. u64 mismatch for 32-bit systems. (Yonghong) 3. Add %pB support in bpf_trace_printk(). (Daniel) 4. Fix buffer size to bytes. ==================== Signed-off-by: Alexei Starovoitov ","","This commit merges the 'bpf_get_task_stack' feature enhancing the stack tracing capabilities in eBPF with a new helper function.","bpf_get_task_stack, stack, helper","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', 'kprobe/ftrace like type kernel dynamic probe programs. It affects kernel-level probes used for tracing kernel functions. It can be other kernel probes in perf-events.', ""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"c7568114bc56cf3ec0bd9eb117bbe7cad3d30e11","c7568114bc56cf3ec0bd9eb117bbe7cad3d30e11","Song Liu","songliubraving@fb.com","1593498526","Alexei Starovoitov","ast@kernel.org","1593617039","a29d6395f179a6937340702516a4a2d5bd066e0e","2df6bb5493f83c7e818f66c384ea337c1b3da228","selftests/bpf: Add bpf_iter test with bpf_get_task_stack() The new test is similar to other bpf_iter tests. It dumps all /proc//stack to a seq_file. Here is some example output: pid: 2873 num_entries: 3 [<0>] worker_thread+0xc6/0x380 [<0>] kthread+0x135/0x150 [<0>] ret_from_fork+0x22/0x30 pid: 2874 num_entries: 9 [<0>] __bpf_get_stack+0x15e/0x250 [<0>] bpf_prog_22a400774977bb30_dump_task_stack+0x4a/0xb3c [<0>] bpf_iter_run_prog+0x81/0x170 [<0>] __task_seq_show+0x58/0x80 [<0>] bpf_seq_read+0x1c3/0x3b0 [<0>] vfs_read+0x9e/0x170 [<0>] ksys_read+0xa7/0xe0 [<0>] do_syscall_64+0x4c/0xa0 [<0>] entry_SYSCALL_64_after_hwframe+0x44/0xa9 Note: bpf_iter test as-is doesn't print the contents of the seq_file. To see the example above, it is necessary to add printf() to do_dummy_read. Signed-off-by: Song Liu Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200630062846.664389-5-songliubraving@fb.com","tools/testing/selftests/bpf/prog_tests/bpf_iter.c | 17 ++++++++++; .../selftests/bpf/progs/bpf_iter_task_stack.c | 37 ++++++++++++++++++++++; 2 files changed, 54 insertions(+)","This commit introduces a new bpf_iter test for examining task stack dumps in the Linux kernel.","bpf_iter,task_stack,selftests","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.']" +"2df6bb5493f83c7e818f66c384ea337c1b3da228","2df6bb5493f83c7e818f66c384ea337c1b3da228","Song Liu","songliubraving@fb.com","1593498525","Alexei Starovoitov","ast@kernel.org","1593617039","75e7a55fc744fe604e282de3be9e7be74468a5e5","fa28dcb82a38f8e3993b0fae9106b1a80b59e4f0","bpf: Allow %pB in bpf_seq_printf() and bpf_trace_printk() This makes it easy to dump stack trace in text. Signed-off-by: Song Liu Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200630062846.664389-4-songliubraving@fb.com","kernel/trace/bpf_trace.c | 10 ++++++++--; 1 file changed, 8 insertions(+), 2 deletions(-)","The commit introduces %pB support in bpf_seq_printf() and bpf_trace_printk() to facilitate text-based stack trace dumping.","bpf_seq_printf bpf_trace_printk stacktrace","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', 'kprobe/ftrace like type kernel dynamic probe programs. It affects kernel-level probes used for tracing kernel functions. It can be other kernel probes in perf-events.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"fa28dcb82a38f8e3993b0fae9106b1a80b59e4f0","fa28dcb82a38f8e3993b0fae9106b1a80b59e4f0","Song Liu","songliubraving@fb.com","1593498524","Alexei Starovoitov","ast@kernel.org","1593616999","df5f451d9328757debc8dd7b81a5e34149577f90","d141b8bc5773cbbaf5b8530f08f94fc10fff9e8c","bpf: Introduce helper bpf_get_task_stack() Introduce helper bpf_get_task_stack(), which dumps stack trace of given task. This is different to bpf_get_stack(), which gets stack track of current task. One potential use case of bpf_get_task_stack() is to call it from bpf_iter__task and dump all /proc//stack to a seq_file. bpf_get_task_stack() uses stack_trace_save_tsk() instead of get_perf_callchain() for kernel stack. The benefit of this choice is that stack_trace_save_tsk() doesn't require changes in arch/. The downside of using stack_trace_save_tsk() is that stack_trace_save_tsk() dumps the stack trace to unsigned long array. For 32-bit systems, we need to translate it to u64 array. Signed-off-by: Song Liu Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200630062846.664389-3-songliubraving@fb.com","include/linux/bpf.h | 1 +; include/uapi/linux/bpf.h | 37 +++++++++++++++++++-; kernel/bpf/stackmap.c | 77 +++++++++++++++++++++++++++++++++++++++---; kernel/bpf/verifier.c | 4 ++-; kernel/trace/bpf_trace.c | 2 ++; scripts/bpf_helpers_doc.py | 2 ++; tools/include/uapi/linux/bpf.h | 37 +++++++++++++++++++-; 7 files changed, 153 insertions(+), 7 deletions(-)","Introduced bpf_get_task_stack() helper to retrieve stack trace of a specific task in eBPF.","bpf,task,stack","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', 'Profile related type programs. It affects programs used for profiling system or application performance.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"d141b8bc5773cbbaf5b8530f08f94fc10fff9e8c","d141b8bc5773cbbaf5b8530f08f94fc10fff9e8c","Song Liu","songliubraving@fb.com","1593498523","Alexei Starovoitov","ast@kernel.org","1593616928","b38dafc5c0d9bd82ed208d027c505ea034f764d8","bba1dc0b55ac462d24ed1228ad49800c238cd6d7","perf: Expose get/put_callchain_entry() Sanitize and expose get/put_callchain_entry(). This would be used by bpf stack map. Suggested-by: Peter Zijlstra Signed-off-by: Song Liu Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200630062846.664389-2-songliubraving@fb.com","include/linux/perf_event.h | 2 ++; kernel/events/callchain.c | 13 ++++++-------; 2 files changed, 8 insertions(+), 7 deletions(-)","Sanitize and expose get/put_callchain_entry() functions for integration with the BPF stack map.","sanitize, expose, callchain","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', 'Profile related type programs. It affects programs used for profiling system or application performance.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"bba1dc0b55ac462d24ed1228ad49800c238cd6d7","bba1dc0b55ac462d24ed1228ad49800c238cd6d7","Alexei Starovoitov","ast@kernel.org","1593491619","Alexei Starovoitov","ast@kernel.org","1593616033","d83554930260fe70393ea2d74734357577035dce","8c18311067d0f0d5f332b9e1f3859eb15e23332d","bpf: Remove redundant synchronize_rcu. bpf_free_used_maps() or close(map_fd) will trigger map_free callback. bpf_free_used_maps() is called after bpf prog is no longer executing: bpf_prog_put->call_rcu->bpf_prog_free->bpf_free_used_maps. Hence there is no need to call synchronize_rcu() to protect map elements. Note that hash_of_maps and array_of_maps update/delete inner maps via sys_bpf() that calls maybe_wait_bpf_programs() and synchronize_rcu(). Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Acked-by: Paul E. McKenney Link: https://lore.kernel.org/bpf/20200630043343.53195-2-alexei.starovoitov@gmail.com","kernel/bpf/arraymap.c | 9 ---------; kernel/bpf/hashtab.c | 8 +++-----; kernel/bpf/lpm_trie.c | 5 -----; kernel/bpf/queue_stack_maps.c | 7 -------; kernel/bpf/reuseport_array.c | 2 --; kernel/bpf/ringbuf.c | 7 -------; kernel/bpf/stackmap.c | 3 ---; 7 files changed, 3 insertions(+), 38 deletions(-)","Removed unnecessary synchronize_rcu calls from eBPF map management to enhance performance and maintain correctness.","synchronize_rcu, remove, eBPF","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"8c18311067d0f0d5f332b9e1f3859eb15e23332d","8c18311067d0f0d5f332b9e1f3859eb15e23332d","Andrii Nakryiko","andriin@fb.com","1593530485","Daniel Borkmann","daniel@iogearbox.net","1593587172","ff8eefe046404af6e56263649e7bbf06e0198748","30ad688094bcfe8721bfd4003f6a20c9b6ddf964","selftests/bpf: Add byte swapping selftest Add simple selftest validating byte swap built-ins and compile-time macros. Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200630152125.3631920-3-andriin@fb.com","tools/testing/selftests/bpf/prog_tests/endian.c | 53 +++++++++++++++++++++++++; tools/testing/selftests/bpf/progs/test_endian.c | 37 +++++++++++++++++; 2 files changed, 90 insertions(+)","Add a selftest to validate eBPF byte swapping functionality using built-ins and macros.","selftest,byte swapping,endian","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"30ad688094bcfe8721bfd4003f6a20c9b6ddf964","30ad688094bcfe8721bfd4003f6a20c9b6ddf964","Andrii Nakryiko","andriin@fb.com","1593530484","Daniel Borkmann","daniel@iogearbox.net","1593587172","6695f0791ec2dd7d0ecbd5aa3ea60a25d847dd67","ca4db6389d611eee2eb7c1dfe710b62d8ea06772","libbpf: Make bpf_endian co-exist with vmlinux.h Make bpf_endian.h compatible with vmlinux.h. It is a frequent request from users wanting to use bpf_endian.h in their BPF applications using CO-RE and vmlinux.h. To achieve that, re-implement byte swap macros and drop all the header includes. This way it can be used both with linux header includes, as well as with a vmlinux.h. Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200630152125.3631920-2-andriin@fb.com","tools/lib/bpf/bpf_endian.h | 43 +++++++++++++++++++++++++++++++++++--------; 1 file changed, 35 insertions(+), 8 deletions(-)","This commit updates bpf_endian.h for compatibility with vmlinux.h in BPF applications using CO-RE.","libbpf,bpf_endian,vmlinux","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"ca4db6389d611eee2eb7c1dfe710b62d8ea06772","ca4db6389d611eee2eb7c1dfe710b62d8ea06772","Andrii Nakryiko","andriin@fb.com","1593478079","Alexei Starovoitov","ast@kernel.org","1593557411","1521fac193ec9ce8e7feeb7218c501baa2fba784","ec23eb705620234421fd48fc2382490fcfbafc37","selftests/bpf: Allow substituting custom vmlinux.h for selftests build Similarly to bpftool Makefile, allow to specify custom location of vmlinux.h to be used during the build. This allows simpler testing setups with checked-in pre-generated vmlinux.h. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200630004759.521530-2-andriin@fb.com","tools/testing/selftests/bpf/Makefile | 9 +++++++--; 1 file changed, 7 insertions(+), 2 deletions(-)","The commit allows substituting a custom vmlinux.h for the BPF selftests build process.","selftests,vmlinux,Makefile","A build system or CI/CD change. It affects the build process continuous integration or deployment pipelines.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"ec23eb705620234421fd48fc2382490fcfbafc37","ec23eb705620234421fd48fc2382490fcfbafc37","Andrii Nakryiko","andriin@fb.com","1593478078","Alexei Starovoitov","ast@kernel.org","1593557411","1dd4b8decbb4f15cf7c723b77149b4b5cc4f0c78","afa12644c877d3f627281bb6493d7ca8f9976e3d","tools/bpftool: Allow substituting custom vmlinux.h for the build In some build contexts (e.g., Travis CI build for outdated kernel), vmlinux.h, generated from available kernel, doesn't contain all the types necessary for BPF program compilation. For such set up, the most maintainable way to deal with this problem is to keep pre-generated (almost up-to-date) vmlinux.h checked in and use it for compilation purposes. bpftool after that can deal with kernel missing some of the features in runtime with no problems. To that effect, allow to specify path to custom vmlinux.h to bpftool's Makefile with VMLINUX_H variable. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200630004759.521530-1-andriin@fb.com","tools/bpf/bpftool/Makefile | 10 +++++++---; 1 file changed, 7 insertions(+), 3 deletions(-)","This commit allows setting a custom vmlinux.h path in bpftool's Makefile for more flexible BPF program compilation.","bpftool,vmlinux.h,Makefile","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"e708e2bd55c921f5bb554fa5837d132a878951cf","e708e2bd55c921f5bb554fa5837d132a878951cf","David S. Miller","davem@davemloft.net","1593552045","David S. Miller","davem@davemloft.net","1593552045","e6aa408a1bcd08db86e6269ebd225d2cdd6d35d1","0433c93dff147fac488d39956ef1ddf34fd76044 d923021c2ce12acb50dc7086a1bf66eed82adf6a","Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf Daniel Borkmann says: ==================== pull-request: bpf 2020-06-30 The following pull-request contains BPF updates for your *net* tree. We've added 28 non-merge commits during the last 9 day(s) which contain a total of 35 files changed, 486 insertions(+), 232 deletions(-). The main changes are: 1) Fix an incorrect verifier branch elimination for PTR_TO_BTF_ID pointer types, from Yonghong Song. 2) Fix UAPI for sockmap and flow_dissector progs that were ignoring various arguments passed to BPF_PROG_{ATTACH,DETACH}, from Lorenz Bauer & Jakub Sitnicki. 3) Fix broken AF_XDP DMA hacks that are poking into dma-direct and swiotlb internals and integrate it properly into DMA core, from Christoph Hellwig. 4) Fix RCU splat from recent changes to avoid skipping ingress policy when kTLS is enabled, from John Fastabend. 5) Fix BPF ringbuf map to enforce size to be the power of 2 in order for its position masking to work, from Andrii Nakryiko. 6) Fix regression from CAP_BPF work to re-allow CAP_SYS_ADMIN for loading of network programs, from Maciej Żenczykowski. 7) Fix libbpf section name prefix for devmap progs, from Jesper Dangaard Brouer. 8) Fix formatting in UAPI documentation for BPF helpers, from Quentin Monnet. ==================== Signed-off-by: David S. Miller ","","This commit merges BPF branch updates with various fixes including verifier branch elimination and UAPI corrections.","merge,BPF,fixes","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"d923021c2ce12acb50dc7086a1bf66eed82adf6a","d923021c2ce12acb50dc7086a1bf66eed82adf6a","Yonghong Song","yhs@fb.com","1593537161","Daniel Borkmann","daniel@iogearbox.net","1593548489","ab388fa92b8b8bf4d3be8683567ee1b3788ebbf9","01c66c48d4f0825a202d4163800b706a1d2ec7ad","bpf: Add tests for PTR_TO_BTF_ID vs. null comparison Add two tests for PTR_TO_BTF_ID vs. null ptr comparison, one for PTR_TO_BTF_ID in the ctx structure and the other for PTR_TO_BTF_ID after one level pointer chasing. In both cases, the test ensures condition is not removed. For example, for this test struct bpf_fentry_test_t { struct bpf_fentry_test_t *a; }; int BPF_PROG(test7, struct bpf_fentry_test_t *arg) { if (arg == 0) test7_result = 1; return 0; } Before the previous verifier change, we have xlated codes: int test7(long long unsigned int * ctx): ; int BPF_PROG(test7, struct bpf_fentry_test_t *arg) 0: (79) r1 = *(u64 *)(r1 +0) ; int BPF_PROG(test7, struct bpf_fentry_test_t *arg) 1: (b4) w0 = 0 2: (95) exit After the previous verifier change, we have: int test7(long long unsigned int * ctx): ; int BPF_PROG(test7, struct bpf_fentry_test_t *arg) 0: (79) r1 = *(u64 *)(r1 +0) ; if (arg == 0) 1: (55) if r1 != 0x0 goto pc+4 ; test7_result = 1; 2: (18) r1 = map[id:6][0]+48 4: (b7) r2 = 1 5: (7b) *(u64 *)(r1 +0) = r2 ; int BPF_PROG(test7, struct bpf_fentry_test_t *arg) 6: (b4) w0 = 0 7: (95) exit Signed-off-by: Yonghong Song Signed-off-by: Daniel Borkmann Acked-by: John Fastabend Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200630171241.2523875-1-yhs@fb.com","net/bpf/test_run.c | 19 ++++++++++++++++++-; .../selftests/bpf/prog_tests/fentry_fexit.c | 2 +-; tools/testing/selftests/bpf/progs/fentry_test.c | 22 ++++++++++++++++++++++; tools/testing/selftests/bpf/progs/fexit_test.c | 22 ++++++++++++++++++++++; 4 files changed, 63 insertions(+), 2 deletions(-)","Added tests to verify proper behavior of PTR_TO_BTF_ID comparisons against null pointers in eBPF verifier changes.","tests,PTR_TO_BTF_ID,null","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"01c66c48d4f0825a202d4163800b706a1d2ec7ad","01c66c48d4f0825a202d4163800b706a1d2ec7ad","Yonghong Song","yhs@fb.com","1593537160","Daniel Borkmann","daniel@iogearbox.net","1593548465","8224b994182461fe7223258e51170bbdf4dbbd74","2576f87066dc08a11cb1c05f11d1eaa02148ef9e","bpf: Fix an incorrect branch elimination by verifier Wenbo reported an issue in [1] where a checking of null pointer is evaluated as always false. In this particular case, the program type is tp_btf and the pointer to compare is a PTR_TO_BTF_ID. The current verifier considers PTR_TO_BTF_ID always reprents a non-null pointer, hence all PTR_TO_BTF_ID compares to 0 will be evaluated as always not-equal, which resulted in the branch elimination. For example, struct bpf_fentry_test_t { struct bpf_fentry_test_t *a; }; int BPF_PROG(test7, struct bpf_fentry_test_t *arg) { if (arg == 0) test7_result = 1; return 0; } int BPF_PROG(test8, struct bpf_fentry_test_t *arg) { if (arg->a == 0) test8_result = 1; return 0; } In above bpf programs, both branch arg == 0 and arg->a == 0 are removed. This may not be what developer expected. The bug is introduced by Commit cac616db39c2 (""bpf: Verifier track null pointer branch_taken with JNE and JEQ""), where PTR_TO_BTF_ID is considered to be non-null when evaluting pointer vs. scalar comparison. This may be added considering we have PTR_TO_BTF_ID_OR_NULL in the verifier as well. PTR_TO_BTF_ID_OR_NULL is added to explicitly requires a non-NULL testing in selective cases. The current generic pointer tracing framework in verifier always assigns PTR_TO_BTF_ID so users does not need to check NULL pointer at every pointer level like a->b->c->d. We may not want to assign every PTR_TO_BTF_ID as PTR_TO_BTF_ID_OR_NULL as this will require a null test before pointer dereference which may cause inconvenience for developers. But we could avoid branch elimination to preserve original code intention. This patch simply removed PTR_TO_BTD_ID from reg_type_not_null() in verifier, which prevented the above branches from being eliminated. [1]: https://lore.kernel.org/bpf/79dbb7c0-449d-83eb-5f4f-7af0cc269168@fb.com/T/ Fixes: cac616db39c2 (""bpf: Verifier track null pointer branch_taken with JNE and JEQ"") Reported-by: Wenbo Zhang Signed-off-by: Yonghong Song Signed-off-by: Daniel Borkmann Acked-by: John Fastabend Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200630171240.2523722-1-yhs@fb.com","kernel/bpf/verifier.c | 3 +--; 1 file changed, 1 insertion(+), 2 deletions(-)","Fixes a bug in the eBPF verifier handling of PTR_TO_BTF_ID pointers, preventing incorrect branch elimination.","bug,eBPF,verifier","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"2576f87066dc08a11cb1c05f11d1eaa02148ef9e","2576f87066dc08a11cb1c05f11d1eaa02148ef9e","Jakub Sitnicki","jakub@cloudflare.com","1593535541","Alexei Starovoitov","ast@kernel.org","1593539622","61bc10c9d1902cffa13a61fa6eeb3a2ceb4ca190","084af57c51cfff7bb455311ac7b9fe6da8955d58","bpf, netns: Fix use-after-free in pernet pre_exit callback Iterating over BPF links attached to network namespace in pre_exit hook is not safe, even if there is just one. Once link gets auto-detached, that is its back-pointer to net object is set to NULL, the link can be released and freed without waiting on netns_bpf_mutex, effectively causing the list element we are operating on to be freed. This leads to use-after-free when trying to access the next element on the list, as reported by KASAN. Bug can be triggered by destroying a network namespace, while also releasing a link attached to this network namespace. | ================================================================== | BUG: KASAN: use-after-free in netns_bpf_pernet_pre_exit+0xd9/0x130 | Read of size 8 at addr ffff888119e0d778 by task kworker/u8:2/177 | | CPU: 3 PID: 177 Comm: kworker/u8:2 Not tainted 5.8.0-rc1-00197-ga0c04c9d1008-dirty #776 | Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ?-20190727_073836-buildvm-ppc64le-16.ppc.fedoraproject.org-3.fc31 04/01/2014 | Workqueue: netns cleanup_net | Call Trace: | dump_stack+0x9e/0xe0 | print_address_description.constprop.0+0x3a/0x60 | ? netns_bpf_pernet_pre_exit+0xd9/0x130 | kasan_report.cold+0x1f/0x40 | ? netns_bpf_pernet_pre_exit+0xd9/0x130 | netns_bpf_pernet_pre_exit+0xd9/0x130 | cleanup_net+0x30b/0x5b0 | ? unregister_pernet_device+0x50/0x50 | ? rcu_read_lock_bh_held+0xb0/0xb0 | ? _raw_spin_unlock_irq+0x24/0x50 | process_one_work+0x4d1/0xa10 | ? lock_release+0x3e0/0x3e0 | ? pwq_dec_nr_in_flight+0x110/0x110 | ? rwlock_bug.part.0+0x60/0x60 | worker_thread+0x7a/0x5c0 | ? process_one_work+0xa10/0xa10 | kthread+0x1e3/0x240 | ? kthread_create_on_node+0xd0/0xd0 | ret_from_fork+0x1f/0x30 | | Allocated by task 280: | save_stack+0x1b/0x40 | __kasan_kmalloc.constprop.0+0xc2/0xd0 | netns_bpf_link_create+0xfe/0x650 | __do_sys_bpf+0x153a/0x2a50 | do_syscall_64+0x59/0x300 | entry_SYSCALL_64_after_hwframe+0x44/0xa9 | | Freed by task 198: | save_stack+0x1b/0x40 | __kasan_slab_free+0x12f/0x180 | kfree+0xed/0x350 | process_one_work+0x4d1/0xa10 | worker_thread+0x7a/0x5c0 | kthread+0x1e3/0x240 | ret_from_fork+0x1f/0x30 | | The buggy address belongs to the object at ffff888119e0d700 | which belongs to the cache kmalloc-192 of size 192 | The buggy address is located 120 bytes inside of | 192-byte region [ffff888119e0d700, ffff888119e0d7c0) | The buggy address belongs to the page: | page:ffffea0004678340 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 | flags: 0x2fffe0000000200(slab) | raw: 02fffe0000000200 ffffea00045ba8c0 0000000600000006 ffff88811a80ea80 | raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000 | page dumped because: kasan: bad access detected | | Memory state around the buggy address: | ffff888119e0d600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb | ffff888119e0d680: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc | >ffff888119e0d700: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb | ^ | ffff888119e0d780: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc | ffff888119e0d800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb | ================================================================== Remove the ""fast-path"" for releasing a link that got auto-detached by a dying network namespace to fix it. This way as long as link is on the list and netns_bpf mutex is held, we have a guarantee that link memory can be accessed. An alternative way to fix this issue would be to safely iterate over the list of links and ensure there is no access to link object after detaching it. But, at the moment, optimizing synchronization overhead on link release without a workload in mind seems like an overkill. Fixes: ab53cad90eb1 (""bpf, netns: Keep a list of attached bpf_link's"") Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200630164541.1329993-1-jakub@cloudflare.com","kernel/bpf/net_namespace.c | 10 +++-------; 1 file changed, 3 insertions(+), 7 deletions(-)","This commit addresses a use-after-free bug in bpf netns by fixing link handling during network namespace destruction.","use-after-free, netns, bpf","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","[""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"084af57c51cfff7bb455311ac7b9fe6da8955d58","084af57c51cfff7bb455311ac7b9fe6da8955d58","Alexei Starovoitov","ast@kernel.org","1593539199","Alexei Starovoitov","ast@kernel.org","1593539203","51347f94f585ce81fddfbee355802ce1edd2923f","951f38cf08350884e72e0936adf147a8d764cc5d 1a1ad3c20a6fe0e8a4b570fbf835d7cc6e87a9d8","Merge branch 'fix-sockmap-flow_dissector-uapi' Lorenz Bauer says: ==================== Both sockmap and flow_dissector ingnore various arguments passed to BPF_PROG_ATTACH and BPF_PROG_DETACH. We can fix the attach case by checking that the unused arguments are zero. I considered requiring target_fd to be -1 instead of 0, but this leads to a lot of churn in selftests. There is also precedent in that bpf_iter already expects 0 for a similar field. I think that we can come up with a work around for fd 0 should we need to in the future. The detach case is more problematic: both cgroups and lirc2 verify that attach_bpf_fd matches the currently attached program. This way you need access to the program fd to be able to remove it. Neither sockmap nor flow_dissector do this. flow_dissector even has a check for CAP_NET_ADMIN because of this. The patch set addresses this by implementing the desired behaviour. There is a possibility for user space breakage: any callers that don't provide the correct fd will fail with ENOENT. For sockmap the risk is low: even the selftests assume that sockmap works the way I described. For flow_dissector the story is less straightforward, and the selftests use a variety of arguments. I've includes fixes tags for the oldest commits that allow an easy backport, however the behaviour dates back to when sockmap and flow_dissector were introduced. What is the best way to handle these? This set is based on top of Jakub's work ""bpf, netns: Prepare for multi-prog attachment"" available at https://lore.kernel.org/bpf/87k0zwmhtb.fsf@cloudflare.com/T/ Since v1: - Adjust selftests - Implement detach behaviour ==================== Signed-off-by: Alexei Starovoitov ","","The commit merges fixes for argument handling issues in BPF program attachment and detachment in sockmap and flow_dissector.","sockmap, flow_dissector, attachment","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","I'm not sure about the implementation component of the commit. The component affected by It is unclear.","I'm not sure about the logic component of the commit. The affected logic component is unclear.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's likely a merge commit. It involves changes across multiple use cases or events."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"1a1ad3c20a6fe0e8a4b570fbf835d7cc6e87a9d8","1a1ad3c20a6fe0e8a4b570fbf835d7cc6e87a9d8","Lorenz Bauer","lmb@cloudflare.com","1593424590","Alexei Starovoitov","ast@kernel.org","1593539199","51347f94f585ce81fddfbee355802ce1edd2923f","0434296c72486881c2a71cd33876e4e6342001b5","selftests: bpf: Pass program to bpf_prog_detach in flow_dissector Calling bpf_prog_detach is incorrect, since it takes target_fd as its argument. The intention here is to pass it as attach_bpf_fd, so use bpf_prog_detach2 and pass zero for target_fd. Fixes: 06716e04a043 (""selftests/bpf: Extend test_flow_dissector to cover link creation"") Signed-off-by: Lorenz Bauer Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200629095630.7933-7-lmb@cloudflare.com","tools/testing/selftests/bpf/prog_tests/flow_dissector.c | 4 ++--; 1 file changed, 2 insertions(+), 2 deletions(-)","The commit corrects the flow_dissector bpf_prog_detach call in selftests by implementing bpf_prog_detach2.","bpf_prog_detach, flow_dissector, selftests","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"0434296c72486881c2a71cd33876e4e6342001b5","0434296c72486881c2a71cd33876e4e6342001b5","Lorenz Bauer","lmb@cloudflare.com","1593424589","Alexei Starovoitov","ast@kernel.org","1593539199","d5cfaa7b7580ed7681739757633801b79f7bd216","bb0de3131f4c60a9bf976681e0fe4d1e55c7a821","selftests: bpf: Pass program and target_fd in flow_dissector_reattach Pass 0 as target_fd when attaching and detaching flow dissector. Additionally, pass the expected program when detaching. Fixes: 1f043f87bb59 (""selftests/bpf: Add tests for attaching bpf_link to netns"") Signed-off-by: Lorenz Bauer Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200629095630.7933-6-lmb@cloudflare.com",".../selftests/bpf/prog_tests/flow_dissector_reattach.c | 12 ++++++------; 1 file changed, 6 insertions(+), 6 deletions(-)","The commit modifies self-tests for eBPF related to flow dissector attachment and detachment handling.","selftests, bpf, flow_dissector","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"bb0de3131f4c60a9bf976681e0fe4d1e55c7a821","bb0de3131f4c60a9bf976681e0fe4d1e55c7a821","Lorenz Bauer","lmb@cloudflare.com","1593424588","Alexei Starovoitov","ast@kernel.org","1593539199","47c55a8dc2cb7703d467da1e43f35778c192097d","9b2b09717e1812e450782a43ca0c2790651cf380","bpf: sockmap: Require attach_bpf_fd when detaching a program The sockmap code currently ignores the value of attach_bpf_fd when detaching a program. This is contrary to the usual behaviour of checking that attach_bpf_fd represents the currently attached program. Ensure that attach_bpf_fd is indeed the currently attached program. It turns out that all sockmap selftests already do this, which indicates that this is unlikely to cause breakage. Fixes: 604326b41a6f (""bpf, sockmap: convert to generic sk_msg interface"") Signed-off-by: Lorenz Bauer Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200629095630.7933-5-lmb@cloudflare.com","include/linux/bpf.h | 13 +++++++++++--; include/linux/skmsg.h | 13 +++++++++++++; kernel/bpf/syscall.c | 2 +-; net/core/sock_map.c | 50 +++++++++++++++++++++++++++++++++++++++++++++-----; 4 files changed, 70 insertions(+), 8 deletions(-)","The commit ensures attach_bpf_fd is validated when detaching programs in sockmap to maintain expected behavior.","sockmap,attach,detach","A bug fix. It primarily resolves a bug or issue in the code.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"9b2b09717e1812e450782a43ca0c2790651cf380","9b2b09717e1812e450782a43ca0c2790651cf380","Lorenz Bauer","lmb@cloudflare.com","1593424587","Alexei Starovoitov","ast@kernel.org","1593539199","335fdf3b51260b4b2445c736b9ca24899b181bcd","4ac2add65974e4efafb8d4ccd8fc5660417ea312","bpf: sockmap: Check value of unused args to BPF_PROG_ATTACH Using BPF_PROG_ATTACH on a sockmap program currently understands no flags or replace_bpf_fd, but accepts any value. Return EINVAL instead. Fixes: 604326b41a6f (""bpf, sockmap: convert to generic sk_msg interface"") Signed-off-by: Lorenz Bauer Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200629095630.7933-4-lmb@cloudflare.com","net/core/sock_map.c | 3 +++; 1 file changed, 3 insertions(+)","Checks the value of unused arguments for BPF_PROG_ATTACH in sockmap programs, returning EINVAL for invalid values.","sockmap, BPF_PROG_ATTACH, EINVAL","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"4ac2add65974e4efafb8d4ccd8fc5660417ea312","4ac2add65974e4efafb8d4ccd8fc5660417ea312","Lorenz Bauer","lmb@cloudflare.com","1593424586","Alexei Starovoitov","ast@kernel.org","1593539198","5d10bfc9e7d53253556506bdbc0d02ca30386354","1b514239e85965cc4df085180a73dd91733135f7","bpf: flow_dissector: Check value of unused flags to BPF_PROG_DETACH Using BPF_PROG_DETACH on a flow dissector program supports neither attach_flags nor attach_bpf_fd. Yet no value is enforced for them. Enforce that attach_flags are zero, and require the current program to be passed via attach_bpf_fd. This allows us to remove the check for CAP_SYS_ADMIN, since userspace can now no longer remove arbitrary flow dissector programs. Fixes: b27f7bb590ba (""flow_dissector: Move out netns_bpf prog callbacks"") Signed-off-by: Lorenz Bauer Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200629095630.7933-3-lmb@cloudflare.com","include/linux/bpf-netns.h | 5 +++--; kernel/bpf/net_namespace.c | 19 +++++++++++++++----; kernel/bpf/syscall.c | 4 +---; 3 files changed, 19 insertions(+), 9 deletions(-)","The commit ensures security by enforcing usage restrictions on attach_flags and attach_bpf_fd for BPF_PROG_DETACH in flow dissector programs.","BPF_PROG_DETACH,flow_dissector,security","A security fix. It resolves a security vulnerability or strengthens security measures.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['Netfilter related type programs. It impacts programs interacting with the Netfilter framework used in packet filtering and NAT.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"1b514239e85965cc4df085180a73dd91733135f7","1b514239e85965cc4df085180a73dd91733135f7","Lorenz Bauer","lmb@cloudflare.com","1593424585","Alexei Starovoitov","ast@kernel.org","1593539198","8a677a5b7ae15b977369200727eb37980ef300b4","951f38cf08350884e72e0936adf147a8d764cc5d","bpf: flow_dissector: Check value of unused flags to BPF_PROG_ATTACH Using BPF_PROG_ATTACH on a flow dissector program supports neither target_fd, attach_flags or replace_bpf_fd but accepts any value. Enforce that all of them are zero. This is fine for replace_bpf_fd since its presence is indicated by BPF_F_REPLACE. It's more problematic for target_fd, since zero is a valid fd. Should we want to use the flag later on we'd have to add an exception for fd 0. The alternative is to force a value like -1. This requires more changes to tests. There is also precedent for using 0, since bpf_iter uses this for target_fd as well. Fixes: b27f7bb590ba (""flow_dissector: Move out netns_bpf prog callbacks"") Signed-off-by: Lorenz Bauer Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200629095630.7933-2-lmb@cloudflare.com","kernel/bpf/net_namespace.c | 3 +++; 1 file changed, 3 insertions(+)","The commit enforces zero values for unused flags in BPF_PROG_ATTACH for flow dissector programs.","BPF_PROG_ATTACH, flow_dissector, flags","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"951f38cf08350884e72e0936adf147a8d764cc5d","951f38cf08350884e72e0936adf147a8d764cc5d","Alexei Starovoitov","ast@kernel.org","1593539108","Alexei Starovoitov","ast@kernel.org","1593539111","738b98ec90d00d22a30a333a033aef20583d8c8b","517bbe1994a3cee29a35c730662277bb5daff582 6ebb85c83aaf6ae75b920ef45d2a9eee42079265","Merge branch 'bpf-multi-prog-prep' Jakub Sitnicki says: ==================== This patch set prepares ground for link-based multi-prog attachment for future netns attach types, with BPF_SK_LOOKUP attach type in mind [0]. Two changes are needed in order to attach and run a series of BPF programs: 1) an bpf_prog_array of programs to run (patch #2), and 2) a list of attached links to keep track of attachments (patch #3). Nothing changes for BPF flow_dissector. Just as before only one program can be attached to netns. In v3 I've simplified patch #2 that introduces bpf_prog_array to take advantage of the fact that it will hold at most one program for now. In particular, I'm no longer using bpf_prog_array_copy. It turned out to be less suitable for link operations than I thought as it fails to append the same BPF program. bpf_prog_array_replace_item is also gone, because we know we always want to replace the first element in prog_array. Naturally the code that handles bpf_prog_array will need change once more when there is a program type that allows multi-prog attachment. But I feel it will be better to do it gradually and present it together with tests that actually exercise multi-prog code paths. [0] https://lore.kernel.org/bpf/20200511185218.1422406-1-jakub@cloudflare.com/ v2 -> v3: - Don't check if run_array is null in link update callback. (Martin) - Allow updating the link with the same BPF program. (Andrii) - Add patch #4 with a test for the above case. - Kill bpf_prog_array_replace_item. Access the run_array directly. - Switch from bpf_prog_array_copy() to bpf_prog_array_alloc(1, ...). - Replace rcu_deref_protected & RCU_INIT_POINTER with rcu_replace_pointer. - Drop Andrii's Ack from patch #2. Code changed. v1 -> v2: - Show with a (void) cast that bpf_prog_array_replace_item() return value is ignored on purpose. (Andrii) - Explain why bpf-cgroup cannot replace programs in bpf_prog_array based on bpf_prog pointer comparison in patch #2 description. (Andrii) ==================== Signed-off-by: Alexei Starovoitov ","","The commit merges changes that prepare for link-based multi-program attachment for future netns with BPF_SK_LOOKUP attach type support.","multi-prog,link-based,netns","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"6ebb85c83aaf6ae75b920ef45d2a9eee42079265","6ebb85c83aaf6ae75b920ef45d2a9eee42079265","Jakub Sitnicki","jakub@cloudflare.com","1593094437","Alexei Starovoitov","ast@kernel.org","1593539108","738b98ec90d00d22a30a333a033aef20583d8c8b","ab53cad90eb10c9991f501ba08904680a074ef3d","selftests/bpf: Test updating flow_dissector link with same program This case, while not particularly useful, is worth covering because we expect the operation to succeed as opposed when re-attaching the same program directly with PROG_ATTACH. While at it, update the tests summary that fell out of sync when tests extended to cover links. Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200625141357.910330-5-jakub@cloudflare.com",".../bpf/prog_tests/flow_dissector_reattach.c | 32 +++++++++++++++++++---; 1 file changed, 28 insertions(+), 4 deletions(-)","The commit enhances testing for updating flow_dissector links by adding test cases without directly using PROG_ATTACH.","test,flow_dissector,PROG_ATTACH","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"ab53cad90eb10c9991f501ba08904680a074ef3d","ab53cad90eb10c9991f501ba08904680a074ef3d","Jakub Sitnicki","jakub@cloudflare.com","1593094436","Alexei Starovoitov","ast@kernel.org","1593539108","a40a6f6aacc3e55888d939cf640ca754de98126f","695c12147a40181fe9221d321c3f2de33c9574ed","bpf, netns: Keep a list of attached bpf_link's To support multi-prog link-based attachments for new netns attach types, we need to keep track of more than one bpf_link per attach type. Hence, convert net->bpf.links into a list, that currently can be either empty or have just one item. Instead of reusing bpf_prog_list from bpf-cgroup, we link together bpf_netns_link's themselves. This makes list management simpler as we don't have to allocate, initialize, and later release list elements. We can do this because multi-prog attachment will be available only for bpf_link, and we don't need to build a list of programs attached directly and indirectly via links. No functional changes intended. Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200625141357.910330-4-jakub@cloudflare.com","include/net/netns/bpf.h | 2 +-; kernel/bpf/net_namespace.c | 42 +++++++++++++++++++++++-------------------; 2 files changed, 24 insertions(+), 20 deletions(-)","This commit modifies the netns BPF system to allow multiple bpf_link attachments by converting to a list structure.","bpf_link,netns,multi-prog","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', 'Netfilter related type programs. It impacts programs interacting with the Netfilter framework used in packet filtering and NAT.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"695c12147a40181fe9221d321c3f2de33c9574ed","695c12147a40181fe9221d321c3f2de33c9574ed","Jakub Sitnicki","jakub@cloudflare.com","1593094435","Alexei Starovoitov","ast@kernel.org","1593539108","fddc7f1a11f4d32deb9a45cb3e5a604ece6f2cb2","3b7016996c4c44db5d499d98759b82fb714bb912","bpf, netns: Keep attached programs in bpf_prog_array Prepare for having multi-prog attachments for new netns attach types by storing programs to run in a bpf_prog_array, which is well suited for iterating over programs and running them in sequence. After this change bpf(PROG_QUERY) may block to allocate memory in bpf_prog_array_copy_to_user() for collected program IDs. This forces a change in how we protect access to the attached program in the query callback. Because bpf_prog_array_copy_to_user() can sleep, we switch from an RCU read lock to holding a mutex that serializes updaters. Because we allow only one BPF flow_dissector program to be attached to netns at all times, the bpf_prog_array pointed by net->bpf.run_array is always either detached (null) or one element long. No functional changes intended. Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Acked-by: Martin KaFai Lau Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200625141357.910330-3-jakub@cloudflare.com","include/net/netns/bpf.h | 5 +-; kernel/bpf/net_namespace.c | 120 +++++++++++++++++++++++++++++++--------------; net/core/flow_dissector.c | 19 +++----; 3 files changed, 96 insertions(+), 48 deletions(-)","This commit refactors eBPF network namespace attachments using bpf_prog_array for multi-program support and synchronization changes.","bpf_prog_array,netns,synchronization","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"3b7016996c4c44db5d499d98759b82fb714bb912","3b7016996c4c44db5d499d98759b82fb714bb912","Jakub Sitnicki","jakub@cloudflare.com","1593094434","Alexei Starovoitov","ast@kernel.org","1593539107","c2b829b6dbc79ae9646900dbf55e8ea68d847ca8","517bbe1994a3cee29a35c730662277bb5daff582","flow_dissector: Pull BPF program assignment up to bpf-netns Prepare for using bpf_prog_array to store attached programs by moving out code that updates the attached program out of flow dissector. Managing bpf_prog_array is more involved than updating a single bpf_prog pointer. This will let us do it all from one place, bpf/net_namespace.c, in the subsequent patch. No functional change intended. Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200625141357.910330-2-jakub@cloudflare.com","include/net/flow_dissector.h | 3 ++-; kernel/bpf/net_namespace.c | 20 ++++++++++++++++++--; net/core/flow_dissector.c | 13 ++-----------; 3 files changed, 22 insertions(+), 14 deletions(-)","Refactor BPF program assignment in flow dissector to centralize program management in bpf-netns.","flow_dissector,BPF,bpf_prog_array","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['tc related type programs. It affects programs managing traffic control (tc) for queuing or prioritizing network traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"517bbe1994a3cee29a35c730662277bb5daff582","517bbe1994a3cee29a35c730662277bb5daff582","Andrii Nakryiko","andriin@fb.com","1593497700","Daniel Borkmann","daniel@iogearbox.net","1593527515","e1c863b9b31b8101e280f2c8b8a5b1443f274c74","7e0245753f1794f17de472dcf4694fa5ed527384","bpf: Enforce BPF ringbuf size to be the power of 2 BPF ringbuf assumes the size to be a multiple of page size and the power of 2 value. The latter is important to avoid division while calculating position inside the ring buffer and using (N-1) mask instead. This patch fixes omission to enforce power-of-2 size rule. Fixes: 457f44363a88 (""bpf: Implement BPF ring buffer and verifier support for it"") Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200630061500.1804799-1-andriin@fb.com","kernel/bpf/ringbuf.c | 18 ++++++++----------; 1 file changed, 8 insertions(+), 10 deletions(-)","Enforces BPF ringbuf size to be a power of 2, fixing a size calculation issue.","BPF, ringbuf, power-of-2","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"7e0245753f1794f17de472dcf4694fa5ed527384","7e0245753f1794f17de472dcf4694fa5ed527384","Christoph Hellwig","hch@lst.de","1593435839","Daniel Borkmann","daniel@iogearbox.net","1593524643","15119a636a1ac9a92e9b8a2ea2a486ad52c0144b","53937ff7bc776aac647d0b3004d7cd21861b0f78","xsk: Use dma_need_sync instead of reimplenting it Use the dma_need_sync helper instead of (not always entirely correctly) poking into the dma-mapping internals. Signed-off-by: Christoph Hellwig Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200629130359.2690853-5-hch@lst.de","net/xdp/xsk_buff_pool.c | 50 +++----------------------------------------------; 1 file changed, 3 insertions(+), 47 deletions(-)","The commit refactors xsk_buff_pool.c to use dma_need_sync for better DMA synchronization management.","dma_need_sync,xsk,refactoring","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', 'Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"53937ff7bc776aac647d0b3004d7cd21861b0f78","53937ff7bc776aac647d0b3004d7cd21861b0f78","Christoph Hellwig","hch@lst.de","1593435838","Daniel Borkmann","daniel@iogearbox.net","1593524643","78d930bf19fff69889416a46a3f6bad515893b10","91d5b70273267bbae6f5d1fb4cf3510bd31ef9ff","xsk: Remove a double pool->dev assignment in xp_dma_map ->dev is already assigned at the top of the function, remove the duplicate one at the end. Signed-off-by: Christoph Hellwig Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200629130359.2690853-4-hch@lst.de","net/xdp/xsk_buff_pool.c | 1 -; 1 file changed, 1 deletion(-)","The commit removes a duplicate assignment to pool->dev in the function xp_dma_map within xsk_buff_pool.c file.","xsk, pool, assignment","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","It's not related to any above. E.g. It affects a logic component in eBPF that is not listed here and not related to other events.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"91d5b70273267bbae6f5d1fb4cf3510bd31ef9ff","91d5b70273267bbae6f5d1fb4cf3510bd31ef9ff","Christoph Hellwig","hch@lst.de","1593435837","Daniel Borkmann","daniel@iogearbox.net","1593524643","9996f407555352be8720dc5773552e813f509a19","3aa91625007807bfca4155df1867a5c924a08662","xsk: Replace the cheap_dma flag with a dma_need_sync flag Invert the polarity and better name the flag so that the use case is properly documented. Signed-off-by: Christoph Hellwig Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200629130359.2690853-3-hch@lst.de","include/net/xsk_buff_pool.h | 6 +++---; net/xdp/xsk_buff_pool.c | 5 ++---; 2 files changed, 5 insertions(+), 6 deletions(-)","The commit replaces the cheap_dma flag with dma_need_sync flag to better document the use case.","replace, dma_flag, xsk","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Netfilter related type programs. It impacts programs interacting with the Netfilter framework used in packet filtering and NAT.']" +"3aa91625007807bfca4155df1867a5c924a08662","3aa91625007807bfca4155df1867a5c924a08662","Christoph Hellwig","hch@lst.de","1593435836","Daniel Borkmann","daniel@iogearbox.net","1593524643","200b5d80ea2b377dcdc560056f1fc247dc18024f","2bdeb3ed547d8822b2566797afa6c2584abdb119","dma-mapping: Add a new dma_need_sync API Add a new API to check if calls to dma_sync_single_for_{device,cpu} are required for a given DMA streaming mapping. Signed-off-by: Christoph Hellwig Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200629130359.2690853-2-hch@lst.de","Documentation/core-api/dma-api.rst | 8 ++++++++; include/linux/dma-direct.h | 1 +; include/linux/dma-mapping.h | 5 +++++; kernel/dma/direct.c | 6 ++++++; kernel/dma/mapping.c | 10 ++++++++++; 5 files changed, 30 insertions(+)","Add a new API to determine the necessity of DMA synchronization calls for DMA streaming mappings.","dma,mapping,API","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"b6509f6a8c4313c068c69785c001451415969e44","b6509f6a8c4313c068c69785c001451415969e44","Mel Gorman","mgorman@techsingularity.net","1593441705","Linus Torvalds","torvalds@linux-foundation.org","1593448855","33c9de54d80e0ac86fb8707abaac0a87dece3d19","9ebcfadb0610322ac537dd7aa5d9cbc2b2894c68","Revert ""fs: Do not check if there is a fsnotify watcher on pseudo inodes"" This reverts commit e9c15badbb7b (""fs: Do not check if there is a fsnotify watcher on pseudo inodes""). The commit intended to eliminate fsnotify-related overhead for pseudo inodes but it is broken in concept. inotify can receive events of pipe files under /proc/X/fd and chromium relies on close and open events for sandboxing. Maxim Levitsky reported the following Chromium starts as a white rectangle, shows few white rectangles that resemble its notifications and then crashes. The stdout output from chromium: [mlevitsk@starship ~]$chromium-freeworld mesa: for the --simplifycfg-sink-common option: may only occur zero or one times! mesa: for the --global-isel-abort option: may only occur zero or one times! [3379:3379:0628/135151.440930:ERROR:browser_switcher_service.cc(238)] XXX Init() ../../sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc:**CRASHING**:seccomp-bpf failure in syscall 0072 Received signal 11 SEGV_MAPERR 0000004a9048 Crashes are not universal but even if chromium does not crash, it certainly does not work properly. While filtering just modify and access might be safe, the benefit is not worth the risk hence the revert. Reported-by: Maxim Levitsky Fixes: e9c15badbb7b (""fs: Do not check if there is a fsnotify watcher on pseudo inodes"") Signed-off-by: Mel Gorman Signed-off-by: Linus Torvalds ","fs/file_table.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","This commit reverts a change affecting fsnotify on pseudo inodes due to its adverse impact on Chromium's functionality.","revert, fsnotify, chromium","It's other type of commit. It does not fit into any of the categories listed above.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"afa12644c877d3f627281bb6493d7ca8f9976e3d","afa12644c877d3f627281bb6493d7ca8f9976e3d","Alexei Starovoitov","ast@kernel.org","1593364013","Alexei Starovoitov","ast@kernel.org","1593364415","48ead881f127e3c36588a0b6e34297d38102bddf","16d37ee3d2b1c30052ba5ebb69556040fc174061 5712174c5c9e3d684ad05d4aaed1e14acda4bb74","Merge branch 'libbpf_autoload_knob' Andrii Nakryiko says: ==================== Add ability to turn off default auto-loading of each BPF program by libbpf on BPF object load. This is the feature that allows BPF applications to have optional functionality, which is only excercised on kernel that support necessary features, while falling back to reduced/less performant functionality, if kernel is outdated. ==================== Acked-by: Martin KaFai Lau Signed-off-by: Alexei Starovoitov ","","The commit merges a branch that adds a feature to control auto-loading of BPF programs in libbpf.","libbpf,autoload,control","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"5712174c5c9e3d684ad05d4aaed1e14acda4bb74","5712174c5c9e3d684ad05d4aaed1e14acda4bb74","Andrii Nakryiko","andriin@fb.com","1593127589","Alexei Starovoitov","ast@kernel.org","1593364013","48ead881f127e3c36588a0b6e34297d38102bddf","d929758101fc0674008169dc1de963e3181c587b","selftests/bpf: Test auto-load disabling logic for BPF programs Validate that BPF object with broken (in multiple ways) BPF program can still be successfully loaded, if that broken BPF program is disabled. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200625232629.3444003-3-andriin@fb.com","tools/testing/selftests/bpf/prog_tests/autoload.c | 41 +++++++++++++++++++++++; tools/testing/selftests/bpf/progs/test_autoload.c | 40 ++++++++++++++++++++++; 2 files changed, 81 insertions(+)","This commit introduces tests for disabling auto-load logic in eBPF programs with broken components.","auto-load,disabling,tests","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"d929758101fc0674008169dc1de963e3181c587b","d929758101fc0674008169dc1de963e3181c587b","Andrii Nakryiko","andriin@fb.com","1593127588","Alexei Starovoitov","ast@kernel.org","1593364013","0e07404c7d8e4d9af8af348421cee545d8e48c28","16d37ee3d2b1c30052ba5ebb69556040fc174061","libbpf: Support disabling auto-loading BPF programs Currently, bpf_object__load() (and by induction skeleton's load), will always attempt to prepare, relocate, and load into kernel every single BPF program found inside the BPF object file. This is often convenient and the right thing to do and what users expect. But there are plenty of cases (especially with BPF development constantly picking up the pace), where BPF application is intended to work with old kernels, with potentially reduced set of features. But on kernels supporting extra features, it would like to take a full advantage of them, by employing extra BPF program. This could be a choice of using fentry/fexit over kprobe/kretprobe, if kernel is recent enough and is built with BTF. Or BPF program might be providing optimized bpf_iter-based solution that user-space might want to use, whenever available. And so on. With libbpf and BPF CO-RE in particular, it's advantageous to not have to maintain two separate BPF object files to achieve this. So to enable such use cases, this patch adds ability to request not auto-loading chosen BPF programs. In such case, libbpf won't attempt to perform relocations (which might fail due to old kernel), won't try to resolve BTF types for BTF-aware (tp_btf/fentry/fexit/etc) program types, because BTF might not be present, and so on. Skeleton will also automatically skip auto-attachment step for such not loaded BPF programs. Overall, this feature allows to simplify development and deployment of real-world BPF applications with complicated compatibility requirements. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200625232629.3444003-2-andriin@fb.com","tools/lib/bpf/libbpf.c | 48 ++++++++++++++++++++++++++++++++++++++++--------; tools/lib/bpf/libbpf.h | 2 ++; tools/lib/bpf/libbpf.map | 2 ++; 3 files changed, 44 insertions(+), 8 deletions(-)","Add support in libbpf to disable auto-loading of BPF programs for compatibility with varying kernel features.","libbpf, auto-loading, compatibility","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"53792fa45b1b17f78f18bcd0bd167674341297e8","53792fa45b1b17f78f18bcd0bd167674341297e8","John Fastabend","john.fastabend@gmail.com","1593126818","Alexei Starovoitov","ast@kernel.org","1593358408","b979388fd7d79fecd27e67e48833754be2a95fba","8025751d4d55a2f32be6bdf825b6a80c299875f5","bpf, sockmap: Add ingres skb tests that utilize merge skbs Add a test to check strparser merging skbs is working. Signed-off-by: John Fastabend Signed-off-by: Alexei Starovoitov Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/159312681884.18340.4922800172600252370.stgit@john-XPS-13-9370","tools/testing/selftests/bpf/progs/test_sockmap_kern.h | 8 +++++++-; tools/testing/selftests/bpf/test_sockmap.c | 18 ++++++++++++++++++; 2 files changed, 25 insertions(+), 1 deletion(-)","This commit adds ingress skb tests to verify strparser merging skbs in the sockmap.","sockmap, tests, skbs","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"8025751d4d55a2f32be6bdf825b6a80c299875f5","8025751d4d55a2f32be6bdf825b6a80c299875f5","John Fastabend","john.fastabend@gmail.com","1593126798","Alexei Starovoitov","ast@kernel.org","1593358408","f5cdf59d1c301761b573ae8622e25f302a9172ae","93dd5f185916b05e931cffae636596f21f98546e","bpf, sockmap: RCU dereferenced psock may be used outside RCU block If an ingress verdict program specifies message sizes greater than skb->len and there is an ENOMEM error due to memory pressure we may call the rcv_msg handler outside the strp_data_ready() caller context. This is because on an ENOMEM error the strparser will retry from a workqueue. The caller currently protects the use of psock by calling the strp_data_ready() inside a rcu_read_lock/unlock block. But, in above workqueue error case the psock is accessed outside the read_lock/unlock block of the caller. So instead of using psock directly we must do a look up against the sk again to ensure the psock is available. There is an an ugly piece here where we must handle the case where we paused the strp and removed the psock. On psock removal we first pause the strparser and then remove the psock. If the strparser is paused while an skb is scheduled on the workqueue the skb will be dropped on the flow and kfree_skb() is called. If the workqueue manages to get called before we pause the strparser but runs the rcvmsg callback after the psock is removed we will hit the unlikely case where we run the sockmap rcvmsg handler but do not have a psock. For now we will follow strparser logic and drop the skb on the floor with skb_kfree(). This is ugly because the data is dropped. To date this has not caused problems in practice because either the application controlling the sockmap is coordinating with the datapath so that skbs are ""flushed"" before removal or we simply wait for the sock to be closed before removing it. This patch fixes the describe RCU bug and dropping the skb doesn't make things worse. Future patches will improve this by allowing the normal case where skbs are not merged to skip the strparser altogether. In practice many (most?) use cases have no need to merge skbs so its both a code complexity hit as seen above and a performance issue. For example, in the Cilium case we always set the strparser up to return sbks 1:1 without any merging and have avoided above issues. Fixes: e91de6afa81c1 (""bpf: Fix running sk_skb program types with ktls"") Signed-off-by: John Fastabend Signed-off-by: Alexei Starovoitov Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/159312679888.18340.15248924071966273998.stgit@john-XPS-13-9370","net/core/skmsg.c | 10 +++++++++-; 1 file changed, 9 insertions(+), 1 deletion(-)","This commit fixes an RCU bug in sockmap by re-checking psock during memory pressure retries.","RCU sockmap psock","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"93dd5f185916b05e931cffae636596f21f98546e","93dd5f185916b05e931cffae636596f21f98546e","John Fastabend","john.fastabend@gmail.com","1593126779","Alexei Starovoitov","ast@kernel.org","1593358408","c7585013124db13f5ed3aad272dec406caf11db4","7a64135f3229a808067e4bd29be15fe6856a9ae6","bpf, sockmap: RCU splat with redirect and strparser error or TLS There are two paths to generate the below RCU splat the first and most obvious is the result of the BPF verdict program issuing a redirect on a TLS socket (This is the splat shown below). Unlike the non-TLS case the caller of the *strp_read() hooks does not wrap the call in a rcu_read_lock/unlock. Then if the BPF program issues a redirect action we hit the RCU splat. However, in the non-TLS socket case the splat appears to be relatively rare, because the skmsg caller into the strp_data_ready() is wrapped in a rcu_read_lock/unlock. Shown here, static void sk_psock_strp_data_ready(struct sock *sk) { struct sk_psock *psock; rcu_read_lock(); psock = sk_psock(sk); if (likely(psock)) { if (tls_sw_has_ctx_rx(sk)) { psock->parser.saved_data_ready(sk); } else { write_lock_bh(&sk->sk_callback_lock); strp_data_ready(&psock->parser.strp); write_unlock_bh(&sk->sk_callback_lock); } } rcu_read_unlock(); } If the above was the only way to run the verdict program we would be safe. But, there is a case where the strparser may throw an ENOMEM error while parsing the skb. This is a result of a failed skb_clone, or alloc_skb_for_msg while building a new merged skb when the msg length needed spans multiple skbs. This will in turn put the skb on the strp_wrk workqueue in the strparser code. The skb will later be dequeued and verdict programs run, but now from a different context without the rcu_read_lock()/unlock() critical section in sk_psock_strp_data_ready() shown above. In practice I have not seen this yet, because as far as I know most users of the verdict programs are also only working on single skbs. In this case no merge happens which could trigger the above ENOMEM errors. In addition the system would need to be under memory pressure. For example, we can't hit the above case in selftests because we missed having tests to merge skbs. (Added in later patch) To fix the below splat extend the rcu_read_lock/unnlock block to include the call to sk_psock_tls_verdict_apply(). This will fix both TLS redirect case and non-TLS redirect+error case. Also remove psock from the sk_psock_tls_verdict_apply() function signature its not used there. [ 1095.937597] WARNING: suspicious RCU usage [ 1095.940964] 5.7.0-rc7-02911-g463bac5f1ca79 #1 Tainted: G W [ 1095.944363] ----------------------------- [ 1095.947384] include/linux/skmsg.h:284 suspicious rcu_dereference_check() usage! [ 1095.950866] [ 1095.950866] other info that might help us debug this: [ 1095.950866] [ 1095.957146] [ 1095.957146] rcu_scheduler_active = 2, debug_locks = 1 [ 1095.961482] 1 lock held by test_sockmap/15970: [ 1095.964501] #0: ffff9ea6b25de660 (sk_lock-AF_INET){+.+.}-{0:0}, at: tls_sw_recvmsg+0x13a/0x840 [tls] [ 1095.968568] [ 1095.968568] stack backtrace: [ 1095.975001] CPU: 1 PID: 15970 Comm: test_sockmap Tainted: G W 5.7.0-rc7-02911-g463bac5f1ca79 #1 [ 1095.977883] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.12.0-1 04/01/2014 [ 1095.980519] Call Trace: [ 1095.982191] dump_stack+0x8f/0xd0 [ 1095.984040] sk_psock_skb_redirect+0xa6/0xf0 [ 1095.986073] sk_psock_tls_strp_read+0x1d8/0x250 [ 1095.988095] tls_sw_recvmsg+0x714/0x840 [tls] v2: Improve commit message to identify non-TLS redirect plus error case condition as well as more common TLS case. In the process I decided doing the rcu_read_unlock followed by the lock/unlock inside branches was unnecessarily complex. We can just extend the current rcu block and get the same effeective without the shuffling and branching. Thanks Martin! Fixes: e91de6afa81c1 (""bpf: Fix running sk_skb program types with ktls"") Reported-by: Jakub Sitnicki Reported-by: kernel test robot Signed-off-by: John Fastabend Signed-off-by: Alexei Starovoitov Acked-by: Martin KaFai Lau Acked-by: Jakub Sitnicki Link: https://lore.kernel.org/bpf/159312677907.18340.11064813152758406626.stgit@john-XPS-13-9370","net/core/skmsg.c | 13 ++++++-------; 1 file changed, 6 insertions(+), 7 deletions(-)","Fixes RCU splat issue with sockmap during BPF redirects by extending rcu_read_lock coverage for TLS and error cases.","RCU, redirect, TLS","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"4a21185cda0fbb860580eeeb4f1a70a9cda332a4","4a21185cda0fbb860580eeeb4f1a70a9cda332a4","Linus Torvalds","torvalds@linux-foundation.org","1593134860","Linus Torvalds","torvalds@linux-foundation.org","1593134860","4ede1497f9919c1f1dfa152764f42a01b060e804","42e9c85f5c7296c4ec02644a2b3debc7120e2bf4 4c342f778fe234e0c2a2601d87fec8ba42f0d2c6","Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net Pull networking fixes from David Miller: 1) Don't insert ESP trailer twice in IPSEC code, from Huy Nguyen. 2) The default crypto algorithm selection in Kconfig for IPSEC is out of touch with modern reality, fix this up. From Eric Biggers. 3) bpftool is missing an entry for BPF_MAP_TYPE_RINGBUF, from Andrii Nakryiko. 4) Missing init of ->frame_sz in xdp_convert_zc_to_xdp_frame(), from Hangbin Liu. 5) Adjust packet alignment handling in ax88179_178a driver to match what the hardware actually does. From Jeremy Kerr. 6) register_netdevice can leak in the case one of the notifiers fail, from Yang Yingliang. 7) Use after free in ip_tunnel_lookup(), from Taehee Yoo. 8) VLAN checks in sja1105 DSA driver need adjustments, from Vladimir Oltean. 9) tg3 driver can sleep forever when we get enough EEH errors, fix from David Christensen. 10) Missing {READ,WRITE}_ONCE() annotations in various Intel ethernet drivers, from Ciara Loftus. 11) Fix scanning loop break condition in of_mdiobus_register(), from Florian Fainelli. 12) MTU limit is incorrect in ibmveth driver, from Thomas Falcon. 13) Endianness fix in mlxsw, from Ido Schimmel. 14) Use after free in smsc95xx usbnet driver, from Tuomas Tynkkynen. 15) Missing bridge mrp configuration validation, from Horatiu Vultur. 16) Fix circular netns references in wireguard, from Jason A. Donenfeld. 17) PTP initialization on recovery is not done properly in qed driver, from Alexander Lobakin. 18) Endian conversion of L4 ports in filters of cxgb4 driver is wrong, from Rahul Lakkireddy. 19) Don't clear bound device TX queue of socket prematurely otherwise we get problems with ktls hw offloading, from Tariq Toukan. 20) ipset can do atomics on unaligned memory, fix from Russell King. 21) Align ethernet addresses properly in bridging code, from Thomas Martitz. 22) Don't advertise ipv4 addresses on SCTP sockets having ipv6only set, from Marcelo Ricardo Leitner. * git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (149 commits) rds: transport module should be auto loaded when transport is set sch_cake: fix a few style nits sch_cake: don't call diffserv parsing code when it is not needed sch_cake: don't try to reallocate or unshare skb unconditionally ethtool: fix error handling in linkstate_prepare_data() wil6210: account for napi_gro_receive never returning GRO_DROP hns: do not cast return value of napi_gro_receive to null socionext: account for napi_gro_receive never returning GRO_DROP wireguard: receive: account for napi_gro_receive never returning GRO_DROP vxlan: fix last fdb index during dump of fdb with nhid sctp: Don't advertise IPv4 addresses if ipv6only is set on the socket tc-testing: avoid action cookies with odd length. bpf: tcp: bpf_cubic: fix spurious HYSTART_DELAY exit upon drop in min RTT tcp_cubic: fix spurious HYSTART_DELAY exit upon drop in min RTT net: dsa: sja1105: fix tc-gate schedule with single element net: dsa: sja1105: recalculate gating subschedule after deleting tc-gate rules net: dsa: sja1105: unconditionally free old gating config net: dsa: sja1105: move sja1105_compose_gating_subschedule at the top net: macb: free resources on failure path of at91ether_open() net: macb: call pm_runtime_put_sync on failure path ...","","This commit is a merge of networking fixes from the netdev repository into the mainline kernel.","networking, fixes, merge","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"b6186d413b1d50f45fe2415d760947576ef3691a","b6186d413b1d50f45fe2415d760947576ef3691a","Briana Oursler","briana.oursler@gmail.com","1593026954","David S. Miller","davem@davemloft.net","1593126645","f8aa23227c083cc15327d96dbe30d898ea58adb7","3b0e7dc0be62c6de0dbda68ac2961f27796919fb","tc-testing: avoid action cookies with odd length. Update odd length cookie hexstrings in csum.json, tunnel_key.json and bpf.json to be even length to comply with check enforced in commit 0149dabf2a1b (""tc: m_actions: check cookie hexstring len"") in iproute2. Signed-off-by: Briana Oursler Reviewed-by: Stefano Brivio Reviewed-by: Davide Caratti Signed-off-by: David S. Miller ","tools/testing/selftests/tc-testing/tc-tests/actions/bpf.json | 4 ++--; tools/testing/selftests/tc-testing/tc-tests/actions/csum.json | 4 ++--; tools/testing/selftests/tc-testing/tc-tests/actions/tunnel_key.json | 6 +++---; 3 files changed, 7 insertions(+), 7 deletions(-)","This commit updates test cases to ensure action cookie hexstrings have even length to comply with recent checks in iproute2.","action cookies, even length, tc-testing","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['tc related type programs. It affects programs managing traffic control (tc) for queuing or prioritizing network traffic.']" +"7d21d54d624777358ab6c7be7ff778808fef70ba","7d21d54d624777358ab6c7be7ff778808fef70ba","Neal Cardwell","ncardwell@google.com","1593016923","David S. Miller","davem@davemloft.net","1593126527","49c330b281928a72db56ed5c0841426e1e78bda8","b344579ca8478598937215f7005d6c7b84d28aee","bpf: tcp: bpf_cubic: fix spurious HYSTART_DELAY exit upon drop in min RTT Apply the fix from: ""tcp_cubic: fix spurious HYSTART_DELAY exit upon drop in min RTT"" to the BPF implementation of TCP CUBIC congestion control. Repeating the commit description here for completeness: Mirja Kuehlewind reported a bug in Linux TCP CUBIC Hystart, where Hystart HYSTART_DELAY mechanism can exit Slow Start spuriously on an ACK when the minimum rtt of a connection goes down. From inspection it is clear from the existing code that this could happen in an example like the following: o The first 8 RTT samples in a round trip are 150ms, resulting in a curr_rtt of 150ms and a delay_min of 150ms. o The 9th RTT sample is 100ms. The curr_rtt does not change after the first 8 samples, so curr_rtt remains 150ms. But delay_min can be lowered at any time, so delay_min falls to 100ms. The code executes the HYSTART_DELAY comparison between curr_rtt of 150ms and delay_min of 100ms, and the curr_rtt is declared far enough above delay_min to force a (spurious) exit of Slow start. The fix here is simple: allow every RTT sample in a round trip to lower the curr_rtt. Fixes: 6de4a9c430b5 (""bpf: tcp: Add bpf_cubic example"") Reported-by: Mirja Kuehlewind Signed-off-by: Neal Cardwell Signed-off-by: Eric Dumazet Acked-by: Soheil Hassas Yeganeh Signed-off-by: David S. Miller ","tools/testing/selftests/bpf/progs/bpf_cubic.c | 5 ++---; 1 file changed, 2 insertions(+), 3 deletions(-)","This commit fixes a bug in the BPF implementation of TCP CUBIC where a spurious HYSTART_DELAY exit could occur due to RTT calculation issues.","bpf_cubic, HYSTART_DELAY, bug","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"7a64135f3229a808067e4bd29be15fe6856a9ae6","7a64135f3229a808067e4bd29be15fe6856a9ae6","Jesper Dangaard Brouer","brouer@redhat.com","1593095218","Daniel Borkmann","daniel@iogearbox.net","1593117360","7c326d7d7b64b437c98820fd3dc8858a7278039e","a9b59159d338d414acaa8e2f569d129d51c76452","libbpf: Adjust SEC short cut for expected attach type BPF_XDP_DEVMAP Adjust the SEC(""xdp_devmap/"") prog type prefix to contain a slash ""/"" for expected attach type BPF_XDP_DEVMAP. This is consistent with other prog types like tracing. Fixes: 2778797037a6 (""libbpf: Add SEC name for xdp programs attached to device map"") Suggested-by: Andrii Nakryiko Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/159309521882.821855.6873145686353617509.stgit@firesoul","tools/lib/bpf/libbpf.c | 2 +-; tools/testing/selftests/bpf/progs/test_xdp_with_devmap_helpers.c | 2 +-; 2 files changed, 2 insertions(+), 2 deletions(-)","Adjusts libbpf SEC shortcut for xdp_devmap attach type to ensure consistency.","libbpf, SEC, xdp_devmap","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"a9b59159d338d414acaa8e2f569d129d51c76452","a9b59159d338d414acaa8e2f569d129d51c76452","John Fastabend","john.fastabend@gmail.com","1593037239","Daniel Borkmann","daniel@iogearbox.net","1593094625","b02a3af3bee5967515fb0ca85d736b83b975f897","bcc7f554cfa7e0ac77c7adc4027c16f4a2f99c6f","bpf: Do not allow btf_ctx_access with __int128 types To ensure btf_ctx_access() is safe the verifier checks that the BTF arg type is an int, enum, or pointer. When the function does the BTF arg lookup it uses the calculation 'arg = off / 8' using the fact that registers are 8B. This requires that the first arg is in the first reg, the second in the second, and so on. However, for __int128 the arg will consume two registers by default LLVM implementation. So this will cause the arg layout assumed by the 'arg = off / 8' calculation to be incorrect. Because __int128 is uncommon this patch applies the easiest fix and will force int types to be sizeof(u64) or smaller so that they will fit in a single register. v2: remove unneeded parens per Andrii's feedback Fixes: 9e15db66136a1 (""bpf: Implement accurate raw_tp context access via BTF"") Signed-off-by: John Fastabend Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/159303723962.11287.13309537171132420717.stgit@john-Precision-5820-Tower","include/linux/btf.h | 5 +++++; kernel/bpf/btf.c | 4 ++--; 2 files changed, 7 insertions(+), 2 deletions(-)","The commit restricts BTF context access to integer types that are 64-bit or smaller to avoid incorrect register usage.","btf,int128,verifier","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"16d37ee3d2b1c30052ba5ebb69556040fc174061","16d37ee3d2b1c30052ba5ebb69556040fc174061","Tobias Klauser","tklauser@distanz.ch","1593009114","Daniel Borkmann","daniel@iogearbox.net","1593093961","21078193ce697a9cf994e7bd8f548c6cdcf49ff6","9023497d8746d355bac8ddbc65797a4f553726fd","tools, bpftool: Define attach_type_name array only once Define attach_type_name in common.c instead of main.h so it is only defined once. This leads to a slight decrease in the binary size of bpftool. Before: text data bss dec hex filename 399024 11168 1573160 1983352 1e4378 bpftool After: text data bss dec hex filename 398256 10880 1573160 1982296 1e3f58 bpftool Signed-off-by: Tobias Klauser Signed-off-by: Daniel Borkmann Reviewed-by: Quentin Monnet Link: https://lore.kernel.org/bpf/20200624143154.13145-1-tklauser@distanz.ch","tools/bpf/bpftool/common.c | 36 ++++++++++++++++++++++++++++++++++++; tools/bpf/bpftool/main.h | 36 +-----------------------------------; 2 files changed, 37 insertions(+), 35 deletions(-)","This commit refactors bpftool to define the attach_type_name array only once, slightly reducing binary size.","bpftool, refactor, binary-size","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"9023497d8746d355bac8ddbc65797a4f553726fd","9023497d8746d355bac8ddbc65797a4f553726fd","Tobias Klauser","tklauser@distanz.ch","1593009084","Daniel Borkmann","daniel@iogearbox.net","1593093961","b7ef80a995f76a54ca664f5869adb78a002ce14f","74765da176a0627e34bacf72826ec60c075cb62c","tools, bpftool: Define prog_type_name array only once Define prog_type_name in prog.c instead of main.h so it is only defined once. This leads to a slight decrease in the binary size of bpftool. Before: text data bss dec hex filename 401032 11936 1573160 1986128 1e4e50 bpftool After: text data bss dec hex filename 399024 11168 1573160 1983352 1e4378 bpftool Signed-off-by: Tobias Klauser Signed-off-by: Daniel Borkmann Reviewed-by: Quentin Monnet Link: https://lore.kernel.org/bpf/20200624143124.12914-1-tklauser@distanz.ch","tools/bpf/bpftool/feature.c | 4 ++--; tools/bpf/bpftool/link.c | 4 ++--; tools/bpf/bpftool/main.h | 33 ++-------------------------------; tools/bpf/bpftool/map.c | 4 ++--; tools/bpf/bpftool/prog.c | 34 ++++++++++++++++++++++++++++++++++; 5 files changed, 42 insertions(+), 37 deletions(-)","The commit consolidates the definition of prog_type_name in bpftool to reduce binary size.","bpftool,reduction,size","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"74765da176a0627e34bacf72826ec60c075cb62c","74765da176a0627e34bacf72826ec60c075cb62c","Alexei Starovoitov","ast@kernel.org","1593049080","Alexei Starovoitov","ast@kernel.org","1593049148","a6deaa85cbbadde0d12d69826e1dd57d70130b6a","f9bcf96837f158db6ea982d15cd2c8161ca6bc23 cfcd75f9bf12301dfdcfe9ff6dfb240997e7745f","Merge branch 'bpf_iter_tcp_udp' Yonghong Song says: ==================== bpf iterator implments traversal of kernel data structures and these data structures are passed to a bpf program for processing. This gives great flexibility for users to examine kernel data structure without using e.g. /proc/net which has limited and fixed format. Commit 138d0be35b14 (""net: bpf: Add netlink and ipv6_route bpf_iter targets"") implemented bpf iterators for netlink and ipv6_route. This patch set intends to implement bpf iterators for tcp and udp. Currently, /proc/net/tcp is used to print tcp4 stats and /proc/net/tcp6 is used to print tcp6 stats. /proc/net/udp[6] have similar usage model. In contrast, only one tcp iterator is implemented and it is bpf program resposibility to filter based on socket family. The same is for udp. This will avoid another unnecessary traversal pass if users want to check both tcp4 and tcp6. Several helpers are also implemented in this patch bpf_skc_to_{tcp, tcp6, tcp_timewait, tcp_request, udp6}_sock The argument for these helpers is not a fixed btf_id. For example, bpf_skc_to_tcp(struct sock_common *), or bpf_skc_to_tcp(struct sock *), or bpf_skc_to_tcp(struct inet_sock *), ... are all valid. At runtime, the helper will check whether pointer cast is legal or not. Please see Patch #5 for details. Since btf_id's for both arguments and return value are known at build time, the btf_id's are pre-computed once vmlinux btf becomes valid. Jiri's ""adding d_path helper"" patch set https://lore.kernel.org/bpf/20200616100512.2168860-1-jolsa@kernel.org/T/ provides a way to pre-compute btf id during vmlinux build time. This can be applied here as well. A followup patch can convert to build time btf id computation after Jiri's patch landed. Changelogs: v4 -> v5: - fix bpf_skc_to_udp6_sock helper as besides sk_protocol, sk_family, sk_type == SOCK_DGRAM is also needed to differentiate from SOCK_RAW (Eric) v3 -> v4: - fix bpf_skc_to_{tcp_timewait, tcp_request}_sock helper implementation as just checking sk->sk_state is not enough (Martin) - fix a few kernel test robot reported failures - move bpf_tracing_net.h from libbpf to selftests (Andrii) - remove __weak attribute from selftests CONFIG_HZ variables (Andrii) v2 -> v3: - change sock_cast*/SOCK_CAST* names to btf_sock* names for generality (Martin) - change gpl_license to false (Martin) - fix helper to cast to tcp timewait/request socket. (Martin) v1 -> v2: - guard init_sock_cast_types() defination properly with CONFIG_NET (Martin) - reuse the btf_ids, computed for new helper argument, for return values (Martin) - using BTF_TYPE_EMIT to express intent of btf type generation (Andrii) - abstract out common net macros into bpf_tracing_net.h (Andrii) ==================== Signed-off-by: Alexei Starovoitov ","","The commit merges enhancements for bpf iterators to process TCP and UDP kernel data structures more flexibly with eBPF programs.","bpf,iterator,tcp","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', 'Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"cfcd75f9bf12301dfdcfe9ff6dfb240997e7745f","cfcd75f9bf12301dfdcfe9ff6dfb240997e7745f","Yonghong Song","yhs@fb.com","1592953703","Alexei Starovoitov","ast@kernel.org","1593049080","a6deaa85cbbadde0d12d69826e1dd57d70130b6a","ace6d6ec9e9e167047b6c8ca462a0830220640c2","selftests/bpf: Add tcp/udp iterator programs to selftests Added tcp{4,6} and udp{4,6} bpf programs into test_progs selftest so that they at least can load successfully. $ ./test_progs -n 3 ... #3/7 tcp4:OK #3/8 tcp6:OK #3/9 udp4:OK #3/10 udp6:OK ... #3 bpf_iter:OK Summary: 1/16 PASSED, 0 SKIPPED, 0 FAILED Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200623230823.3989372-1-yhs@fb.com","tools/testing/selftests/bpf/prog_tests/bpf_iter.c | 68 +++++++++++++++++++++++; 1 file changed, 68 insertions(+)","This commit adds tcp and udp iterator bpf programs into the selftests for verification of successful loading.","selftests,bpf,iterator","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', 'Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"ace6d6ec9e9e167047b6c8ca462a0830220640c2","ace6d6ec9e9e167047b6c8ca462a0830220640c2","Yonghong Song","yhs@fb.com","1592953702","Alexei Starovoitov","ast@kernel.org","1593049079","465b7200f6288861e50b12dd01cc1dc067054c1c","2767c97765cb3d9b54c8e62b468e55cc56854a66","selftests/bpf: Implement sample udp/udp6 bpf_iter programs On my VM, I got identical results between /proc/net/udp[6] and the udp{4,6} bpf iterator. For udp6: $ cat /sys/fs/bpf/p1 sl local_address remote_address st tx_queue rx_queue tr tm->when retrnsmt uid timeout inode ref pointer drops 1405: 000080FE00000000FF7CC4D0D9EFE4FE:0222 00000000000000000000000000000000:0000 07 00000000:00000000 00:00000000 00000000 193 0 19183 2 0000000029eab111 0 $ cat /proc/net/udp6 sl local_address remote_address st tx_queue rx_queue tr tm->when retrnsmt uid timeout inode ref pointer drops 1405: 000080FE00000000FF7CC4D0D9EFE4FE:0222 00000000000000000000000000000000:0000 07 00000000:00000000 00:00000000 00000000 193 0 19183 2 0000000029eab111 0 For udp4: $ cat /sys/fs/bpf/p4 sl local_address rem_address st tx_queue rx_queue tr tm->when retrnsmt uid timeout inode ref pointer drops 2007: 00000000:1F90 00000000:0000 07 00000000:00000000 00:00000000 00000000 0 0 72540 2 000000004ede477a 0 $ cat /proc/net/udp sl local_address rem_address st tx_queue rx_queue tr tm->when retrnsmt uid timeout inode ref pointer drops 2007: 00000000:1F90 00000000:0000 07 00000000:00000000 00:00000000 00000000 0 0 72540 2 000000004ede477a 0 Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200623230822.3989299-1-yhs@fb.com","tools/testing/selftests/bpf/progs/bpf_iter.h | 16 +++++; tools/testing/selftests/bpf/progs/bpf_iter_udp4.c | 71 ++++++++++++++++++++; tools/testing/selftests/bpf/progs/bpf_iter_udp6.c | 79 +++++++++++++++++++++++; 3 files changed, 166 insertions(+)","This commit adds BPF iterator programs for UDP/UDP6 to eBPF selftests for verifying functionality.","UDP,BPF,iterator","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"2767c97765cb3d9b54c8e62b468e55cc56854a66","2767c97765cb3d9b54c8e62b468e55cc56854a66","Yonghong Song","yhs@fb.com","1592953700","Alexei Starovoitov","ast@kernel.org","1593049079","c220e2e68975768c8212e91f862017314bab07aa","3982bfaaef7c80ecf6a065cbf9422165a8e36f75","selftests/bpf: Implement sample tcp/tcp6 bpf_iter programs In my VM, I got identical result compared to /proc/net/{tcp,tcp6}. For tcp6: $ cat /proc/net/tcp6 sl local_address remote_address st tx_queue rx_queue tr tm->when retrnsmt uid timeout inode 0: 00000000000000000000000000000000:0016 00000000000000000000000000000000:0000 0A 00000000:00000000 00:00000001 00000000 0 0 17955 1 000000003eb3102e 100 0 0 10 0 $ cat /sys/fs/bpf/p1 sl local_address remote_address st tx_queue rx_queue tr tm->when retrnsmt uid timeout inode 0: 00000000000000000000000000000000:0016 00000000000000000000000000000000:0000 0A 00000000:00000000 00:00000000 00000000 0 0 17955 1 000000003eb3102e 100 0 0 10 0 For tcp: $ cat /proc/net/tcp sl local_address rem_address st tx_queue rx_queue tr tm->when retrnsmt uid timeout inode 0: 00000000:0016 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0 0 2666 1 000000007152e43f 100 0 0 10 0 $ cat /sys/fs/bpf/p2 sl local_address remote_address st tx_queue rx_queue tr tm->when retrnsmt uid timeout inode 1: 00000000:0016 00000000:0000 0A 00000000:00000000 00:00000000 00000000 0 0 2666 1 000000007152e43f 100 0 0 10 0 Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200623230820.3989165-1-yhs@fb.com","tools/testing/selftests/bpf/progs/bpf_iter.h | 15 ++; tools/testing/selftests/bpf/progs/bpf_iter_tcp4.c | 234 ++++++++++++++++++++; tools/testing/selftests/bpf/progs/bpf_iter_tcp6.c | 250 ++++++++++++++++++++++; 3 files changed, 499 insertions(+)","Implemented sample eBPF iteration programs for TCP and TCP6 in selftests to compare with /proc/net outputs.","bpfiter,TCP,sampleprograms","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"3982bfaaef7c80ecf6a065cbf9422165a8e36f75","3982bfaaef7c80ecf6a065cbf9422165a8e36f75","Yonghong Song","yhs@fb.com","1592953699","Alexei Starovoitov","ast@kernel.org","1593049079","15032719903d43432add2c12414f20667dbc35ed","647b502e3d5456f5c240b1587112b163c69732e9","selftests/bpf: Add more common macros to bpf_tracing_net.h These newly added macros will be used in subsequent bpf iterator tcp{4,6} and udp{4,6} programs. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200623230819.3989050-1-yhs@fb.com",".../testing/selftests/bpf/progs/bpf_tracing_net.h | 35 ++++++++++++++++++++++; 1 file changed, 35 insertions(+)","Add new macros to bpf_tracing_net.h for use in future bpf iterator programs.","macros,bpf,iterator","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.']" +"647b502e3d5456f5c240b1587112b163c69732e9","647b502e3d5456f5c240b1587112b163c69732e9","Yonghong Song","yhs@fb.com","1592953697","Alexei Starovoitov","ast@kernel.org","1593049079","01e243c31cd86dfa8b39fdb0c62df1cc27da2918","84544f5637ff3501876ba96bd48ca900317e08fb","selftests/bpf: Refactor some net macros to bpf_tracing_net.h Refactor bpf_iter_ipv6_route.c and bpf_iter_netlink.c so net macros, originally from various include/linux header files, are moved to a new header file bpf_tracing_net.h. The goal is to improve reuse so networking tracing programs do not need to copy these macros every time they use them. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200623230817.3988962-1-yhs@fb.com","tools/testing/selftests/bpf/progs/bpf_iter_ipv6_route.c | 7 +------; tools/testing/selftests/bpf/progs/bpf_iter_netlink.c | 4 +---; tools/testing/selftests/bpf/progs/bpf_tracing_net.h | 16 ++++++++++++++++; 3 files changed, 18 insertions(+), 9 deletions(-)","Refactor net macros to a new header for better reuse in eBPF tracing programs.","refactor,net,macros","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"84544f5637ff3501876ba96bd48ca900317e08fb","84544f5637ff3501876ba96bd48ca900317e08fb","Yonghong Song","yhs@fb.com","1592953696","Alexei Starovoitov","ast@kernel.org","1593049079","c7eac342801bdc50036e0920756d70dc5eda19cd","0d4fad3e57df2bf61e8ffc8d12a34b1caf9b8835","selftests/bpf: Move newer bpf_iter_* type redefining to a new header file Commit b9f4c01f3e0b (""selftest/bpf: Make bpf_iter selftest compilable against old vmlinux.h"") and Commit dda18a5c0b75 (""selftests/bpf: Convert bpf_iter_test_kern{3, 4}.c to define own bpf_iter_meta"") redefined newly introduced types in bpf programs so the bpf program can still compile properly with old kernels although loading may fail. Since this patch set introduced new types and the same workaround is needed, so let us move the workaround to a separate header file so they do not clutter bpf programs. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200623230816.3988656-1-yhs@fb.com","tools/testing/selftests/bpf/progs/bpf_iter.h | 49 ++++++++++++++++++++++; .../testing/selftests/bpf/progs/bpf_iter_bpf_map.c | 18 +-------; .../selftests/bpf/progs/bpf_iter_ipv6_route.c | 18 +-------; .../testing/selftests/bpf/progs/bpf_iter_netlink.c | 18 +-------; tools/testing/selftests/bpf/progs/bpf_iter_task.c | 18 +-------; .../selftests/bpf/progs/bpf_iter_task_file.c | 20 +--------; .../selftests/bpf/progs/bpf_iter_test_kern3.c | 17 +-------; .../selftests/bpf/progs/bpf_iter_test_kern4.c | 17 +-------; .../bpf/progs/bpf_iter_test_kern_common.h | 18 +-------; 9 files changed, 57 insertions(+), 136 deletions(-)","The commit organizes redefined bpf_iter types into a separate header to enhance maintainability across different kernel versions.","redefined, header, bpf_iter","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"0d4fad3e57df2bf61e8ffc8d12a34b1caf9b8835","0d4fad3e57df2bf61e8ffc8d12a34b1caf9b8835","Yonghong Song","yhs@fb.com","1592953695","Alexei Starovoitov","ast@kernel.org","1593049079","a0e1c4d3842e4fcf68b2258de801de5e4a092d1c","5788b3a07fc5863606c3b92fa7b1ffe125e6eb4c","bpf: Add bpf_skc_to_udp6_sock() helper The helper is used in tracing programs to cast a socket pointer to a udp6_sock pointer. The return value could be NULL if the casting is illegal. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Martin KaFai Lau Cc: Eric Dumazet Link: https://lore.kernel.org/bpf/20200623230815.3988481-1-yhs@fb.com","include/linux/bpf.h | 1 +; include/uapi/linux/bpf.h | 9 ++++++++-; kernel/trace/bpf_trace.c | 2 ++; net/core/filter.c | 22 ++++++++++++++++++++++; scripts/bpf_helpers_doc.py | 2 ++; tools/include/uapi/linux/bpf.h | 9 ++++++++-; 6 files changed, 43 insertions(+), 2 deletions(-)","Add a helper function bpf_skc_to_udp6_sock for casting socket pointers in tracing programs.","helper, tracing, udp6_sock","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', 'Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"5788b3a07fc5863606c3b92fa7b1ffe125e6eb4c","5788b3a07fc5863606c3b92fa7b1ffe125e6eb4c","Yonghong Song","yhs@fb.com","1592953693","Alexei Starovoitov","ast@kernel.org","1593049079","f8f5cf8ee8c208d31acb125e50f69813518ffc40","9e8ca27afab6c92477b459f6a5d2af0cd3197c20","net: bpf: Implement bpf iterator for udp The bpf iterator for udp is implemented. Both udp4 and udp6 sockets will be traversed. It is up to bpf program to filter for udp4 or udp6 only, or both families of sockets. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200623230813.3988404-1-yhs@fb.com","net/ipv4/udp.c | 116 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++; 1 file changed, 116 insertions(+)","The commit implements a BPF iterator for traversing both udp4 and udp6 sockets.","bpf, iterator, udp","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"9e8ca27afab6c92477b459f6a5d2af0cd3197c20","9e8ca27afab6c92477b459f6a5d2af0cd3197c20","Yonghong Song","yhs@fb.com","1592953692","Alexei Starovoitov","ast@kernel.org","1593049079","921d5f3e7983888dff71e9fcd9209d2d572fdcfa","478cfbdf5f13dfe09cfd0b1cbac821f5e27f6108","net: bpf: Add bpf_seq_afinfo in udp_iter_state Similar to tcp_iter_state, a new field bpf_seq_afinfo is added to udp_iter_state to provide bpf udp iterator afinfo. This does not change /proc/net/{udp, udp6} behavior. But it enables bpf iterator to avoid get afinfo from PDE_DATA and iterate through all udp and udp6 sockets in one pass. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200623230812.3988347-1-yhs@fb.com","include/net/udp.h | 1 +; net/ipv4/udp.c | 28 +++++++++++++++++++++++-----; 2 files changed, 24 insertions(+), 5 deletions(-)","The commit adds bpf_seq_afinfo to udp_iter_state to enhance BPF iterator functionality for UDP without changing /proc behavior.","bpf_seq_afinfo,udp_iter_state,iterator","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"478cfbdf5f13dfe09cfd0b1cbac821f5e27f6108","478cfbdf5f13dfe09cfd0b1cbac821f5e27f6108","Yonghong Song","yhs@fb.com","1592953691","Alexei Starovoitov","ast@kernel.org","1593049079","febcb078fe63001ae8c004f218e9ff1acc2a68e2","af7ec13833619e17f03aa73a785a2f871da6d66b","bpf: Add bpf_skc_to_{tcp, tcp_timewait, tcp_request}_sock() helpers Three more helpers are added to cast a sock_common pointer to an tcp_sock, tcp_timewait_sock or a tcp_request_sock for tracing programs. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200623230811.3988277-1-yhs@fb.com","include/linux/bpf.h | 3 ++; include/uapi/linux/bpf.h | 23 +++++++++++++++-; kernel/trace/bpf_trace.c | 6 ++++; net/core/filter.c | 62 ++++++++++++++++++++++++++++++++++++++++++; scripts/bpf_helpers_doc.py | 6 ++++; tools/include/uapi/linux/bpf.h | 23 +++++++++++++++-; 6 files changed, 121 insertions(+), 2 deletions(-)","This commit adds new helpers to facilitate casting sock_common pointers in tracing eBPF programs.","helpers,sock,tracing","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.']" +"af7ec13833619e17f03aa73a785a2f871da6d66b","af7ec13833619e17f03aa73a785a2f871da6d66b","Yonghong Song","yhs@fb.com","1592953689","Alexei Starovoitov","ast@kernel.org","1593049079","80a186e36a8007eeebb720adca3d59654d31fe86","72e2b2b66f9c1225e51fc4a1c1e8512959195b76","bpf: Add bpf_skc_to_tcp6_sock() helper The helper is used in tracing programs to cast a socket pointer to a tcp6_sock pointer. The return value could be NULL if the casting is illegal. A new helper return type RET_PTR_TO_BTF_ID_OR_NULL is added so the verifier is able to deduce proper return types for the helper. Different from the previous BTF_ID based helpers, the bpf_skc_to_tcp6_sock() argument can be several possible btf_ids. More specifically, all possible socket data structures with sock_common appearing in the first in the memory layout. This patch only added socket types related to tcp and udp. All possible argument btf_id and return value btf_id for helper bpf_skc_to_tcp6_sock() are pre-calculcated and cached. In the future, it is even possible to precompute these btf_id's at kernel build time. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200623230809.3988195-1-yhs@fb.com","include/linux/bpf.h | 12 +++++++; include/uapi/linux/bpf.h | 9 ++++-; kernel/bpf/btf.c | 1 +; kernel/bpf/verifier.c | 43 ++++++++++++++++------; kernel/trace/bpf_trace.c | 2 ++; net/core/filter.c | 82 ++++++++++++++++++++++++++++++++++++++++++; scripts/bpf_helpers_doc.py | 2 ++; tools/include/uapi/linux/bpf.h | 9 ++++-; 8 files changed, 148 insertions(+), 12 deletions(-)","This commit introduces a new helper function to cast socket pointers to tcp6_sock pointers in eBPF tracing programs.","helper,socket,btf","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"72e2b2b66f9c1225e51fc4a1c1e8512959195b76","72e2b2b66f9c1225e51fc4a1c1e8512959195b76","Yonghong Song","yhs@fb.com","1592953688","Alexei Starovoitov","ast@kernel.org","1593049078","b7eda4bf4f89a5f471d680487312001990e3cb71","c06b0229579806f5b5e14af64cf9c5dc771445b3","bpf: Allow tracing programs to use bpf_jiffies64() helper /proc/net/tcp{4,6} uses jiffies for various computations. Let us add bpf_jiffies64() helper to tracing program so bpf_iter and other programs can use it. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200623230808.3988073-1-yhs@fb.com","kernel/trace/bpf_trace.c | 2 ++; 1 file changed, 2 insertions(+)","The commit adds the bpf_jiffies64() helper to enhance tracing programs with jiffies usage.","bpf_jiffies64 tracing helper","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.']" +"c06b0229579806f5b5e14af64cf9c5dc771445b3","c06b0229579806f5b5e14af64cf9c5dc771445b3","Yonghong Song","yhs@fb.com","1592953687","Alexei Starovoitov","ast@kernel.org","1593049078","eadac4c9a80ace4d56b40d116fdf6ef2fc4d7ad4","52d87d5f6418ba1b8b449ed5eea1532664896851","bpf: Support 'X' in bpf_seq_printf() helper 'X' tells kernel to print hex with upper case letters. /proc/net/tcp{4,6} seq_file show() used this, and supports it in bpf_seq_printf() helper too. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200623230807.3988014-1-yhs@fb.com","kernel/trace/bpf_trace.c | 3 ++-; 1 file changed, 2 insertions(+), 1 deletion(-)","Add support for uppercase hexadecimal printing in bpf_seq_printf() helper function.","bpf,hex,uppercase","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"52d87d5f6418ba1b8b449ed5eea1532664896851","52d87d5f6418ba1b8b449ed5eea1532664896851","Yonghong Song","yhs@fb.com","1592953685","Alexei Starovoitov","ast@kernel.org","1593049078","91abbbf647ebca6ed60aa16de6bd8839dab99984","b08d4d3b6c0460306e8a0608413b201705200d33","net: bpf: Implement bpf iterator for tcp The bpf iterator for tcp is implemented. Both tcp4 and tcp6 sockets will be traversed. It is up to bpf program to filter for tcp4 or tcp6 only, or both families of sockets. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200623230805.3987959-1-yhs@fb.com","net/ipv4/tcp_ipv4.c | 123 ++++++++++++++++++++++++++++++++++++++++++++++++++++; 1 file changed, 123 insertions(+)","Implemented a BPF iterator to traverse and filter both tcp4 and tcp6 sockets.","bpf,iterator,tcp","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"b08d4d3b6c0460306e8a0608413b201705200d33","b08d4d3b6c0460306e8a0608413b201705200d33","Yonghong Song","yhs@fb.com","1592953684","Alexei Starovoitov","ast@kernel.org","1593049078","a39e5c744a188a6fe33a240facc9cd4159919d63","f9bcf96837f158db6ea982d15cd2c8161ca6bc23","net: bpf: Add bpf_seq_afinfo in tcp_iter_state A new field bpf_seq_afinfo is added to tcp_iter_state to provide bpf tcp iterator afinfo. There are two reasons on why we did this. First, the current way to get afinfo from PDE_DATA does not work for bpf iterator as its seq_file inode does not conform to /proc/net/{tcp,tcp6} inode structures. More specifically, anonymous bpf iterator will use an anonymous inode which is shared in the system and we cannot change inode private data structure at all. Second, bpf iterator for tcp/tcp6 wants to traverse all tcp and tcp6 sockets in one pass and bpf program can control whether they want to skip one sk_family or not. Having a different afinfo with family AF_UNSPEC make it easier to understand in the code. This patch does not change /proc/net/{tcp,tcp6} behavior as the bpf_seq_afinfo will be NULL for these two proc files. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200623230804.3987829-1-yhs@fb.com","include/net/tcp.h | 1 +; net/ipv4/tcp_ipv4.c | 30 ++++++++++++++++++++++++------; 2 files changed, 25 insertions(+), 6 deletions(-)","The commit introduces bpf_seq_afinfo to improve TCP iterator handling for eBPF applications.","bpf_seq_afinfo,tcp_iter_state,afinfo","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', 'Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"f9bcf96837f158db6ea982d15cd2c8161ca6bc23","f9bcf96837f158db6ea982d15cd2c8161ca6bc23","Dmitry Yakunin","zeil@yandex-team.ru","1592667052","Alexei Starovoitov","ast@kernel.org","1593022863","e12aa8a1816f41c7d1ccbc4c4a8455a99de4f1f4","aad4a0a9513af962137c4842463d11ed491eec37","bpf: Add SO_KEEPALIVE and related options to bpf_setsockopt This patch adds support of SO_KEEPALIVE flag and TCP related options to bpf_setsockopt() routine. This is helpful if we want to enable or tune TCP keepalive for applications which don't do it in the userspace code. v3: - update kernel-doc in uapi (Nikita Vetoshkin ) v4: - update kernel-doc in tools too (Alexei Starovoitov) - add test to selftests (Alexei Starovoitov) Signed-off-by: Dmitry Yakunin Signed-off-by: Alexei Starovoitov Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200620153052.9439-3-zeil@yandex-team.ru","include/uapi/linux/bpf.h | 7 +++--; net/core/filter.c | 36 ++++++++++++++++++++++-; tools/include/uapi/linux/bpf.h | 7 +++--; tools/testing/selftests/bpf/progs/connect4_prog.c | 27 +++++++++++++++++; 4 files changed, 72 insertions(+), 5 deletions(-)","This commit adds support for SO_KEEPALIVE and TCP options to bpf_setsockopt for enabling TCP keepalive in applications.","bpf_setsockopt, SO_KEEPALIVE, TCP","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"aad4a0a9513af962137c4842463d11ed491eec37","aad4a0a9513af962137c4842463d11ed491eec37","Dmitry Yakunin","zeil@yandex-team.ru","1592667051","Alexei Starovoitov","ast@kernel.org","1593022863","aeced4846c8207e005ca98ff0ca36e9ddfe78e66","dfde1d7dee9bfd095a4f16c9e0579a10f4092e81","tcp: Expose tcp_sock_set_keepidle_locked This is preparation for usage in bpf_setsockopt. v2: - remove redundant EXPORT_SYMBOL (Alexei Starovoitov) Signed-off-by: Dmitry Yakunin Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200620153052.9439-2-zeil@yandex-team.ru","include/linux/tcp.h | 1 +; net/ipv4/tcp.c | 6 +++---; 2 files changed, 4 insertions(+), 3 deletions(-)","Expose tcp_sock_set_keepidle_locked for potential use in BPF setsockopt function.","tcp_sock_set_keepidle_locked,bpf_setsockopt,expose","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"dfde1d7dee9bfd095a4f16c9e0579a10f4092e81","dfde1d7dee9bfd095a4f16c9e0579a10f4092e81","Dmitry Yakunin","zeil@yandex-team.ru","1592667050","Alexei Starovoitov","ast@kernel.org","1593022863","b327543898b5b070e8631a810eb6b65aff1cc967","fea549b030152d5336dbd960b357a4d4b841a851","sock: Move sock_valbool_flag to header This is preparation for usage in bpf_setsockopt. Signed-off-by: Dmitry Yakunin Signed-off-by: Alexei Starovoitov Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200620153052.9439-1-zeil@yandex-team.ru","include/net/sock.h | 9 +++++++++; net/core/sock.c | 9 ---------; 2 files changed, 9 insertions(+), 9 deletions(-)","The commit relocates sock_valbool_flag to a header file in preparation for its integration with bpf_setsockopt.","sock, header, bpf_setsockopt","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"fea549b030152d5336dbd960b357a4d4b841a851","fea549b030152d5336dbd960b357a4d4b841a851","Alexei Starovoitov","ast@kernel.org","1593022259","Alexei Starovoitov","ast@kernel.org","1593022259","cea4915c4b8c169805a985e110d8188d73f23db7","192b6638eea5d40c99964291671fc0371b858f6e","selftests/bpf: Workaround for get_stack_rawtp test. ./test_progs-no_alu32 -t get_stack_raw_tp fails due to: 52: (85) call bpf_get_stack#67 53: (bf) r8 = r0 54: (bf) r1 = r8 55: (67) r1 <<= 32 56: (c7) r1 s>>= 32 ; if (usize < 0) 57: (c5) if r1 s< 0x0 goto pc+26 R0=inv(id=0,smax_value=800) R1_w=inv(id=0,umax_value=800,var_off=(0x0; 0x3ff)) R6=ctx(id=0,off=0,imm=0) R7=map_value(id=0,off=0,ks=4,vs=1600,imm=0) R8_w=inv(id=0,smax_value=800) R9=inv800 ; ksize = bpf_get_stack(ctx, raw_data + usize, max_len - usize, 0); 58: (1f) r9 -= r8 ; ksize = bpf_get_stack(ctx, raw_data + usize, max_len - usize, 0); 59: (bf) r2 = r7 60: (0f) r2 += r1 regs=1 stack=0 before 52: (85) call bpf_get_stack#67 ; ksize = bpf_get_stack(ctx, raw_data + usize, max_len - usize, 0); 61: (bf) r1 = r6 62: (bf) r3 = r9 63: (b7) r4 = 0 64: (85) call bpf_get_stack#67 R0=inv(id=0,smax_value=800) R1_w=ctx(id=0,off=0,imm=0) R2_w=map_value(id=0,off=0,ks=4,vs=1600,umax_value=800,var_off=(0x0; 0x3ff),s32_max_value=1023,u32_max_value=1023) R3_w=inv(id=0,umax_value=9223372036854776608) R3 unbounded memory access, use 'var &= const' or 'if (var < const)' In the C code: usize = bpf_get_stack(ctx, raw_data, max_len, BPF_F_USER_STACK); if (usize < 0) return 0; ksize = bpf_get_stack(ctx, raw_data + usize, max_len - usize, 0); if (ksize < 0) return 0; We used to have problem with pointer arith in R2. Now it's a problem with two integers in R3. 'if (usize < 0)' is comparing R1 and makes it [0,800], but R8 stays [-inf,800]. Both registers represent the same 'usize' variable. Then R9 -= R8 is doing 800 - [-inf, 800] so the result of ""max_len - usize"" looks unbounded to the verifier while it's obvious in C code that ""max_len - usize"" should be [0, 800]. To workaround the problem convert ksize and usize variables from int to long. Signed-off-by: Alexei Starovoitov ","tools/testing/selftests/bpf/progs/test_get_stack_rawtp.c | 3 ++-; 1 file changed, 2 insertions(+), 1 deletion(-)","This commit resolves a verifier issue in test_get_stack_rawtp by converting integer variables to long in selftests.","selftests,verifier,integer","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"192b6638eea5d40c99964291671fc0371b858f6e","192b6638eea5d40c99964291671fc0371b858f6e","Andrii Nakryiko","andriin@fb.com","1592973485","Daniel Borkmann","daniel@iogearbox.net","1593007697","aed8438045c9eff287d4c183bd90f0ab59a76af2","135c783f4794fbdeace4a969dea6eabd27f8a501","libbpf: Prevent loading vmlinux BTF twice Prevent loading/parsing vmlinux BTF twice in some cases: for CO-RE relocations and for BTF-aware hooks (tp_btf, fentry/fexit, etc). Fixes: a6ed02cac690 (""libbpf: Load btf_vmlinux only once per object."") Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200624043805.1794620-1-andriin@fb.com","tools/lib/bpf/libbpf.c | 33 ++++++++++++++++++++++-----------; 1 file changed, 22 insertions(+), 11 deletions(-)","The commit prevents loading the vmlinux BTF twice for CO-RE relocations and BTF-aware hooks in libbpf.","vmlinux BTF CO-RE","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"135c783f4794fbdeace4a969dea6eabd27f8a501","135c783f4794fbdeace4a969dea6eabd27f8a501","Colin Ian King","colin.king@canonical.com","1592901727","Daniel Borkmann","daniel@iogearbox.net","1593006833","d4fbd75063192d2d2f05676ac6b31856f54983c9","54b66c2255fadc8d78e88b5ffd99b19f7f754f5a","libbpf: Fix spelling mistake ""kallasyms"" -> ""kallsyms"" There is a spelling mistake in a pr_warn message. Fix it. Signed-off-by: Colin Ian King Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200623084207.149253-1-colin.king@canonical.com","tools/lib/bpf/libbpf.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","This commit fixes a spelling mistake in a pr_warn message in libbpf.","spelling,libbpf,fix","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"54b66c2255fadc8d78e88b5ffd99b19f7f754f5a","54b66c2255fadc8d78e88b5ffd99b19f7f754f5a","Quentin Monnet","quentin@isovalent.com","1592948160","Daniel Borkmann","daniel@iogearbox.net","1593006388","cee4ef5c4efadc013a4fae8e1c981f4034c92960","4e608675e790b3f61b98bc38b3e8a38613b480ab","tools, bpftool: Fix variable shadowing in emit_obj_refs_json() Building bpftool yields the following complaint: pids.c: In function 'emit_obj_refs_json': pids.c:175:80: warning: declaration of 'json_wtr' shadows a global declaration [-Wshadow] 175 | void emit_obj_refs_json(struct obj_refs_table *table, __u32 id, json_writer_t *json_wtr) | ~~~~~~~~~~~~~~~^~~~~~~~ In file included from pids.c:11: main.h:141:23: note: shadowed declaration is here 141 | extern json_writer_t *json_wtr; | ^~~~~~~~ Let's rename the variable. v2: - Rename the variable instead of calling the global json_wtr directly. Signed-off-by: Quentin Monnet Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200623213600.16643-1-quentin@isovalent.com","tools/bpf/bpftool/pids.c | 17 +++++++++--------; 1 file changed, 9 insertions(+), 8 deletions(-)","This commit fixes variable shadowing in bpftool's emit_obj_refs_json function by renaming a local variable.","bpftool,variable shadowing,rename","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"bcc7f554cfa7e0ac77c7adc4027c16f4a2f99c6f","bcc7f554cfa7e0ac77c7adc4027c16f4a2f99c6f","Quentin Monnet","quentin@isovalent.com","1592926775","Alexei Starovoitov","ast@kernel.org","1592960222","e1dcc4c084305dd7c1dab2cefe9c2ac41cc267e0","b338cb921e6739ff59ce32f43342779fe5ffa732","bpf: Fix formatting in documentation for BPF helpers When producing the bpf-helpers.7 man page from the documentation from the BPF user space header file, rst2man complains: :2636: (ERROR/3) Unexpected indentation. :2640: (WARNING/2) Block quote ends without a blank line; unexpected unindent. Let's fix formatting for the relevant chunk (item list in bpf_ringbuf_query()'s description), and for a couple other functions. Signed-off-by: Quentin Monnet Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200623153935.6215-1-quentin@isovalent.com","include/uapi/linux/bpf.h | 41 +++++++++++++++++++++--------------------; tools/include/uapi/linux/bpf.h | 41 +++++++++++++++++++++--------------------; 2 files changed, 42 insertions(+), 40 deletions(-)","Fixes formatting issues in the BPF helpers documentation for the man page generation.","formatting,documentation,bpf","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"b338cb921e6739ff59ce32f43342779fe5ffa732","b338cb921e6739ff59ce32f43342779fe5ffa732","Maciej Żenczykowski","maze@google.com","1592688376","Alexei Starovoitov","ast@kernel.org","1592959542","a9589fa146b69544c83a1bce1160e89324f5a6ec","c4c0bdc0d2d084ed847c7066bdf59fe2cd25aa17","bpf: Restore behaviour of CAP_SYS_ADMIN allowing the loading of networking bpf programs This is a fix for a regression in commit 2c78ee898d8f (""bpf: Implement CAP_BPF""). Before the above commit it was possible to load network bpf programs with just the CAP_SYS_ADMIN privilege. The Android bpfloader happens to run in such a configuration (it has SYS_ADMIN but not NET_ADMIN) and creates maps and loads bpf programs for later use by Android's netd (which has NET_ADMIN but not SYS_ADMIN). Fixes: 2c78ee898d8f (""bpf: Implement CAP_BPF"") Reported-by: John Stultz Signed-off-by: Maciej Żenczykowski Signed-off-by: Alexei Starovoitov Tested-by: John Stultz Link: https://lore.kernel.org/bpf/20200620212616.93894-1-zenczykowski@gmail.com","kernel/bpf/syscall.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","This commit fixes a regression allowing loading of network BPF programs with CAP_SYS_ADMIN privilege.","CAP_SYS_ADMIN, networking, regression","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"c4c0bdc0d2d084ed847c7066bdf59fe2cd25aa17","c4c0bdc0d2d084ed847c7066bdf59fe2cd25aa17","Yonghong Song","yhs@fb.com","1592957454","Alexei Starovoitov","ast@kernel.org","1592958457","111b9157be6a6cf063521db22c32d2c7ea14f67a","9c82a63cf3701b78cd092c69c3e75ff806837194","bpf: Set the number of exception entries properly for subprograms Currently, if a bpf program has more than one subprograms, each program will be jitted separately. For programs with bpf-to-bpf calls the prog->aux->num_exentries is not setup properly. For example, with bpf_iter_netlink.c modified to force one function to be not inlined and with CONFIG_BPF_JIT_ALWAYS_ON the following error is seen: $ ./test_progs -n 3/3 ... libbpf: failed to load program 'iter/netlink' libbpf: failed to load object 'bpf_iter_netlink' libbpf: failed to load BPF skeleton 'bpf_iter_netlink': -4007 test_netlink:FAIL:bpf_iter_netlink__open_and_load skeleton open_and_load failed #3/3 netlink:FAIL The dmesg shows the following errors: ex gen bug which is triggered by the following code in arch/x86/net/bpf_jit_comp.c: if (excnt >= bpf_prog->aux->num_exentries) { pr_err(""ex gen bug\n""); return -EFAULT; } This patch fixes the issue by computing proper num_exentries for each subprogram before calling JIT. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov ","kernel/bpf/verifier.c | 10 +++++++++-; 1 file changed, 9 insertions(+), 1 deletion(-)","Fixes the setting of exception entry counts for eBPF subprograms during JIT compilation.","bpf exentries JIT","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"9c82a63cf3701b78cd092c69c3e75ff806837194","9c82a63cf3701b78cd092c69c3e75ff806837194","Andrii Nakryiko","andriin@fb.com","1592607862","Alexei Starovoitov","ast@kernel.org","1592956903","bfb824ed84b2adfc6f06deca4e02b720a0df58f7","4e15507fea70c0c312d79610efa46b6853ccf8e0","libbpf: Fix CO-RE relocs against .text section bpf_object__find_program_by_title(), used by CO-RE relocation code, doesn't return .text ""BPF program"", if it is a function storage for sub-programs. Because of that, any CO-RE relocation in helper non-inlined functions will fail. Fix this by searching for .text-corresponding BPF program manually. Adjust one of bpf_iter selftest to exhibit this pattern. Fixes: ddc7c3042614 (""libbpf: implement BPF CO-RE offset relocation algorithm"") Reported-by: Yonghong Song Signed-off-by: Andrii Nakryiko Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200619230423.691274-1-andriin@fb.com","tools/lib/bpf/libbpf.c | 8 +++++++-; tools/testing/selftests/bpf/progs/bpf_iter_netlink.c | 2 +-; 2 files changed, 8 insertions(+), 2 deletions(-)","Fixes CO-RE relocations against .text section by manually searching for corresponding BPF program, and adjusts selftest for this pattern.","CO-RE,text,fix","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"4e608675e790b3f61b98bc38b3e8a38613b480ab","4e608675e790b3f61b98bc38b3e8a38613b480ab","Alexei Starovoitov","ast@kernel.org","1592951562","Alexei Starovoitov","ast@kernel.org","1592951621","75252ccde9e3922143fe16ec7e346cbe5a4b680d","9d9d8cc21e3827b89e414f990016836290de3038 02553b91da5deb63c8562b47529b09b734659af0","Merge up to bpf_probe_read_kernel_str() fix into bpf-next","","This commit merges changes related to the fix of bpf_probe_read_kernel_str() into the bpf-next branch.","merge,bpf_probe_read_kernel_str,bpf-next","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"9d9d8cc21e3827b89e414f990016836290de3038","9d9d8cc21e3827b89e414f990016836290de3038","Tobias Klauser","tklauser@distanz.ch","1592908630","Daniel Borkmann","daniel@iogearbox.net","1592950006","f97fe16335c999b6fe9d0db8d9995c9a65be3b1c","2fde1747c986cac28fa66d0cffd7577db042640b","tools, bpftool: Correctly evaluate $(BUILD_BPF_SKELS) in Makefile Currently, if the clang-bpf-co-re feature is not available, the build fails with e.g. CC prog.o prog.c:1462:10: fatal error: profiler.skel.h: No such file or directory 1462 | #include ""profiler.skel.h"" | ^~~~~~~~~~~~~~~~~ This is due to the fact that the BPFTOOL_WITHOUT_SKELETONS macro is not defined, despite BUILD_BPF_SKELS not being set. Fix this by correctly evaluating $(BUILD_BPF_SKELS) when deciding on whether to add -DBPFTOOL_WITHOUT_SKELETONS to CFLAGS. Fixes: 05aca6da3b5a (""tools/bpftool: Generalize BPF skeleton support and generate vmlinux.h"") Signed-off-by: Tobias Klauser Signed-off-by: Daniel Borkmann Reviewed-by: Quentin Monnet Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200623103710.10370-1-tklauser@distanz.ch","tools/bpf/bpftool/Makefile | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Fix evaluation of build option for BPF skeletons in bpftool's Makefile to prevent build errors.","bpftool,Makefile,build","A build system or CI/CD change. It affects the build process continuous integration or deployment pipelines.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"2fde1747c986cac28fa66d0cffd7577db042640b","2fde1747c986cac28fa66d0cffd7577db042640b","John Fastabend","john.fastabend@gmail.com","1592882543","Daniel Borkmann","daniel@iogearbox.net","1592949876","b63ed51d2ae66d7a8aea24308b6de2041440c8e9","5e85c6bb8e74bd9daa4f5815da373d4ac2cb1a35","selftests/bpf: Add variable-length data concat pattern less than test Extend original variable-length tests with a case to catch a common existing pattern of testing for < 0 for errors. Note because verifier also tracks upper bounds and we know it can not be greater than MAX_LEN here we can skip upper bound check. In ALU64 enabled compilation converting from long->int return types in probe helpers results in extra instruction pattern, <<= 32, s >>= 32. The trade-off is the non-ALU64 case works. If you really care about every extra insn (XDP case?) then you probably should be using original int type. In addition adding a sext insn to bpf might help the verifier in the general case to avoid these types of tricks. Signed-off-by: John Fastabend Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200623032224.4020118-3-andriin@fb.com","tools/testing/selftests/bpf/prog_tests/varlen.c | 12 +++++; tools/testing/selftests/bpf/progs/test_varlen.c | 70 +++++++++++++++++++++++--; 2 files changed, 78 insertions(+), 4 deletions(-)","The commit extends variable-length tests in eBPF selftests with a pattern to catch errors when less than zero.","variable-length,tests,error","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"5e85c6bb8e74bd9daa4f5815da373d4ac2cb1a35","5e85c6bb8e74bd9daa4f5815da373d4ac2cb1a35","Andrii Nakryiko","andriin@fb.com","1592882542","Daniel Borkmann","daniel@iogearbox.net","1592949876","c2dc5eb0f9c839e5bab5ff241e834749d4807dc5","bdb7b79b4ce864a724250e1d35948c46f135de36","selftests/bpf: Add variable-length data concatenation pattern test Add selftest that validates variable-length data reading and concatentation with one big shared data array. This is a common pattern in production use for monitoring and tracing applications, that potentially can read a lot of data, but overall read much less. Such pattern allows to determine precisely what amount of data needs to be sent over perfbuf/ringbuf and maximize efficiency. Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200623032224.4020118-2-andriin@fb.com","tools/testing/selftests/bpf/prog_tests/varlen.c | 56 +++++++++++++++; tools/testing/selftests/bpf/progs/test_varlen.c | 96 +++++++++++++++++++++++++; 2 files changed, 152 insertions(+)","Added a selftest for variable-length data concatenation pattern to optimize data reading efficiency in monitoring and tracing applications.","selftest,variable-length,concatenation","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"bdb7b79b4ce864a724250e1d35948c46f135de36","bdb7b79b4ce864a724250e1d35948c46f135de36","Andrii Nakryiko","andriin@fb.com","1592882541","Daniel Borkmann","daniel@iogearbox.net","1592949876","058c2e6196321eeb916b848778d789c0e362f79a","b3eece09e2e69f528a1ab6104861550dec149083","bpf: Switch most helper return values from 32-bit int to 64-bit long Switch most of BPF helper definitions from returning int to long. These definitions are coming from comments in BPF UAPI header and are used to generate bpf_helper_defs.h (under libbpf) to be later included and used from BPF programs. In actual in-kernel implementation, all the helpers are defined as returning u64, but due to some historical reasons, most of them are actually defined as returning int in UAPI (usually, to return 0 on success, and negative value on error). This actually causes Clang to quite often generate sub-optimal code, because compiler believes that return value is 32-bit, and in a lot of cases has to be up-converted (usually with a pair of 32-bit bit shifts) to 64-bit values, before they can be used further in BPF code. Besides just ""polluting"" the code, these 32-bit shifts quite often cause problems for cases in which return value matters. This is especially the case for the family of bpf_probe_read_str() functions. There are few other similar helpers (e.g., bpf_read_branch_records()), in which return value is used by BPF program logic to record variable-length data and process it. For such cases, BPF program logic carefully manages offsets within some array or map to read variable-length data. For such uses, it's crucial for BPF verifier to track possible range of register values to prove that all the accesses happen within given memory bounds. Those extraneous zero-extending bit shifts, inserted by Clang (and quite often interleaved with other code, which makes the issues even more challenging and sometimes requires employing extra per-variable compiler barriers), throws off verifier logic and makes it mark registers as having unknown variable offset. We'll study this pattern a bit later below. Another common pattern is to check return of BPF helper for non-zero state to detect error conditions and attempt alternative actions in such case. Even in this simple and straightforward case, this 32-bit vs BPF's native 64-bit mode quite often leads to sub-optimal and unnecessary extra code. We'll look at this pattern as well. Clang's BPF target supports two modes of code generation: ALU32, in which it is capable of using lower 32-bit parts of registers, and no-ALU32, in which only full 64-bit registers are being used. ALU32 mode somewhat mitigates the above described problems, but not in all cases. This patch switches all the cases in which BPF helpers return 0 or negative error from returning int to returning long. It is shown below that such change in definition leads to equivalent or better code. No-ALU32 mode benefits more, but ALU32 mode doesn't degrade or still gets improved code generation. Another class of cases switched from int to long are bpf_probe_read_str()-like helpers, which encode successful case as non-negative values, while still returning negative value for errors. In all of such cases, correctness is preserved due to two's complement encoding of negative values and the fact that all helpers return values with 32-bit absolute value. Two's complement ensures that for negative values higher 32 bits are all ones and when truncated, leave valid negative 32-bit value with the same value. Non-negative values have upper 32 bits set to zero and similarly preserve value when high 32 bits are truncated. This means that just casting to int/u32 is correct and efficient (and in ALU32 mode doesn't require any extra shifts). To minimize the chances of regressions, two code patterns were investigated, as mentioned above. For both patterns, BPF assembly was analyzed in ALU32/NO-ALU32 compiler modes, both with current 32-bit int return type and new 64-bit long return type. Case 1. Variable-length data reading and concatenation. This is quite ubiquitous pattern in tracing/monitoring applications, reading data like process's environment variables, file path, etc. In such case, many pieces of string-like variable-length data are read into a single big buffer, and at the end of the process, only a part of array containing actual data is sent to user-space for further processing. This case is tested in test_varlen.c selftest (in the next patch). Code flow is roughly as follows: void *payload = &sample->payload; u64 len; len = bpf_probe_read_kernel_str(payload, MAX_SZ1, &source_data1); if (len <= MAX_SZ1) { payload += len; sample->len1 = len; } len = bpf_probe_read_kernel_str(payload, MAX_SZ2, &source_data2); if (len <= MAX_SZ2) { payload += len; sample->len2 = len; } /* and so on */ sample->total_len = payload - &sample->payload; /* send over, e.g., perf buffer */ There could be two variations with slightly different code generated: when len is 64-bit integer and when it is 32-bit integer. Both variations were analysed. BPF assembly instructions between two successive invocations of bpf_probe_read_kernel_str() were used to check code regressions. Results are below, followed by short analysis. Left side is using helpers with int return type, the right one is after the switch to long. ALU32 + INT ALU32 + LONG =========== ============ 64-BIT (13 insns): 64-BIT (10 insns): ------------------------------------ ------------------------------------ 17: call 115 17: call 115 18: if w0 > 256 goto +9 18: if r0 > 256 goto +6 19: w1 = w0 19: r1 = 0 ll 20: r1 <<= 32 21: *(u64 *)(r1 + 0) = r0 21: r1 s>>= 32 22: r6 = 0 ll 22: r2 = 0 ll 24: r6 += r0 24: *(u64 *)(r2 + 0) = r1 00000000000000c8 : 25: r6 = 0 ll 25: r1 = r6 27: r6 += r1 26: w2 = 256 00000000000000e0 : 27: r3 = 0 ll 28: r1 = r6 29: call 115 29: w2 = 256 30: r3 = 0 ll 32: call 115 32-BIT (11 insns): 32-BIT (12 insns): ------------------------------------ ------------------------------------ 17: call 115 17: call 115 18: if w0 > 256 goto +7 18: if w0 > 256 goto +8 19: r1 = 0 ll 19: r1 = 0 ll 21: *(u32 *)(r1 + 0) = r0 21: *(u32 *)(r1 + 0) = r0 22: w1 = w0 22: r0 <<= 32 23: r6 = 0 ll 23: r0 >>= 32 25: r6 += r1 24: r6 = 0 ll 00000000000000d0 : 26: r6 += r0 26: r1 = r6 00000000000000d8 : 27: w2 = 256 27: r1 = r6 28: r3 = 0 ll 28: w2 = 256 30: call 115 29: r3 = 0 ll 31: call 115 In ALU32 mode, the variant using 64-bit length variable clearly wins and avoids unnecessary zero-extension bit shifts. In practice, this is even more important and good, because BPF code won't need to do extra checks to ""prove"" that payload/len are within good bounds. 32-bit len is one instruction longer. Clang decided to do 64-to-32 casting with two bit shifts, instead of equivalent `w1 = w0` assignment. The former uses extra register. The latter might potentially lose some range information, but not for 32-bit value. So in this case, verifier infers that r0 is [0, 256] after check at 18:, and shifting 32 bits left/right keeps that range intact. We should probably look into Clang's logic and see why it chooses bitshifts over sub-register assignments for this. NO-ALU32 + INT NO-ALU32 + LONG ============== =============== 64-BIT (14 insns): 64-BIT (10 insns): ------------------------------------ ------------------------------------ 17: call 115 17: call 115 18: r0 <<= 32 18: if r0 > 256 goto +6 19: r1 = r0 19: r1 = 0 ll 20: r1 >>= 32 21: *(u64 *)(r1 + 0) = r0 21: if r1 > 256 goto +7 22: r6 = 0 ll 22: r0 s>>= 32 24: r6 += r0 23: r1 = 0 ll 00000000000000c8 : 25: *(u64 *)(r1 + 0) = r0 25: r1 = r6 26: r6 = 0 ll 26: r2 = 256 28: r6 += r0 27: r3 = 0 ll 00000000000000e8 : 29: call 115 29: r1 = r6 30: r2 = 256 31: r3 = 0 ll 33: call 115 32-BIT (13 insns): 32-BIT (13 insns): ------------------------------------ ------------------------------------ 17: call 115 17: call 115 18: r1 = r0 18: r1 = r0 19: r1 <<= 32 19: r1 <<= 32 20: r1 >>= 32 20: r1 >>= 32 21: if r1 > 256 goto +6 21: if r1 > 256 goto +6 22: r2 = 0 ll 22: r2 = 0 ll 24: *(u32 *)(r2 + 0) = r0 24: *(u32 *)(r2 + 0) = r0 25: r6 = 0 ll 25: r6 = 0 ll 27: r6 += r1 27: r6 += r1 00000000000000e0 : 00000000000000e0 : 28: r1 = r6 28: r1 = r6 29: r2 = 256 29: r2 = 256 30: r3 = 0 ll 30: r3 = 0 ll 32: call 115 32: call 115 In NO-ALU32 mode, for the case of 64-bit len variable, Clang generates much superior code, as expected, eliminating unnecessary bit shifts. For 32-bit len, code is identical. So overall, only ALU-32 32-bit len case is more-or-less equivalent and the difference stems from internal Clang decision, rather than compiler lacking enough information about types. Case 2. Let's look at the simpler case of checking return result of BPF helper for errors. The code is very simple: long bla; if (bpf_probe_read_kenerl(&bla, sizeof(bla), 0)) return 1; else return 0; ALU32 + CHECK (9 insns) ALU32 + CHECK (9 insns) ==================================== ==================================== 0: r1 = r10 0: r1 = r10 1: r1 += -8 1: r1 += -8 2: w2 = 8 2: w2 = 8 3: r3 = 0 3: r3 = 0 4: call 113 4: call 113 5: w1 = w0 5: r1 = r0 6: w0 = 1 6: w0 = 1 7: if w1 != 0 goto +1 7: if r1 != 0 goto +1 8: w0 = 0 8: w0 = 0 0000000000000048 : 0000000000000048 : 9: exit 9: exit Almost identical code, the only difference is the use of full register assignment (r1 = r0) vs half-registers (w1 = w0) in instruction #5. On 32-bit architectures, new BPF assembly might be slightly less optimal, in theory. But one can argue that's not a big issue, given that use of full registers is still prevalent (e.g., for parameter passing). NO-ALU32 + CHECK (11 insns) NO-ALU32 + CHECK (9 insns) ==================================== ==================================== 0: r1 = r10 0: r1 = r10 1: r1 += -8 1: r1 += -8 2: r2 = 8 2: r2 = 8 3: r3 = 0 3: r3 = 0 4: call 113 4: call 113 5: r1 = r0 5: r1 = r0 6: r1 <<= 32 6: r0 = 1 7: r1 >>= 32 7: if r1 != 0 goto +1 8: r0 = 1 8: r0 = 0 9: if r1 != 0 goto +1 0000000000000048 : 10: r0 = 0 9: exit 0000000000000058 : 11: exit NO-ALU32 is a clear improvement, getting rid of unnecessary zero-extension bit shifts. Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200623032224.4020118-1-andriin@fb.com","include/uapi/linux/bpf.h | 192 ++++++++++++++++++++---------------------; tools/include/uapi/linux/bpf.h | 192 ++++++++++++++++++++---------------------; 2 files changed, 192 insertions(+), 192 deletions(-)","Switches BPF helper return types from int to long for efficient performance and correct Clang code generation.","BPF helpers, return types, code generation","A performance optimization. It improves the performance of existing code such as reducing latency or improving throughput.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"b3eece09e2e69f528a1ab6104861550dec149083","b3eece09e2e69f528a1ab6104861550dec149083","Alexei Starovoitov","ast@kernel.org","1592870509","Alexei Starovoitov","ast@kernel.org","1592870552","4f2cf6abf36ea9c8a85be8b1164976ca5320ae0e","1bdb6c9a1c43fdf9b83b2331dfc6229bd2e71d9b 075c776658190681d2bf9997306f871d6c8a9b36","Merge branch 'bpftool-show-pid' Andrii Nakryiko says: ==================== This patch set implements libbpf support for a second kind of special externs, kernel symbols, in addition to existing Kconfig externs. Right now, only untyped (const void) externs are supported, which, in C language, allow only to take their address. In the future, with kernel BTF getting type info about its own global and per-cpu variables, libbpf will extend this support with BTF type info, which will allow to also directly access variable's contents and follow its internal pointers, similarly to how it's possible today in fentry/fexit programs. As a first practical use of this functionality, bpftool gained ability to show PIDs of processes that have open file descriptors for BPF map/program/link/BTF object. It relies on iter/task_file BPF iterator program to extract this information efficiently. There was a bunch of bpftool refactoring (especially Makefile) necessary to generalize bpftool's internal BPF program use. This includes generalization of BPF skeletons support, addition of a vmlinux.h generation, extracting and building minimal subset of bpftool for bootstrapping. v2->v3: - fix sec_btf_id check (Hao); v1->v2: - docs fixes (Quentin); - dual GPL/BSD license for pid_inter.bpf.c (Quentin); - NULL-init kcfg_data (Hao Luo); rfc->v1: - show pids, if supported by kernel, always (Alexei); - switched iter output to binary to support showing process names; - update man pages; - fix few minor bugs in libbpf w.r.t. extern iteration. ==================== Signed-off-by: Alexei Starovoitov ","","This commit merges enhancements to bpftool for showing PIDs of processes interacting with BPF objects using libbpf and BPF iterators.","bpftool,PIDs,libbpf","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"075c776658190681d2bf9997306f871d6c8a9b36","075c776658190681d2bf9997306f871d6c8a9b36","Andrii Nakryiko","andriin@fb.com","1592608623","Alexei Starovoitov","ast@kernel.org","1592870509","4f2cf6abf36ea9c8a85be8b1164976ca5320ae0e","d53dee3fe0138610fcce5721bae9414377c41ec3","tools/bpftool: Add documentation and sample output for process info Add statements about bpftool being able to discover process info, holding reference to BPF map, prog, link, or BTF. Show example output as well. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Reviewed-by: Quentin Monnet Link: https://lore.kernel.org/bpf/20200619231703.738941-10-andriin@fb.com","tools/bpf/bpftool/Documentation/bpftool-btf.rst | 5 +++++; tools/bpf/bpftool/Documentation/bpftool-link.rst | 13 ++++++++++++-; tools/bpf/bpftool/Documentation/bpftool-map.rst | 8 +++++++-; tools/bpf/bpftool/Documentation/bpftool-prog.rst | 11 +++++++++++; 4 files changed, 35 insertions(+), 2 deletions(-)","The commit enhances bpftool documentation with examples for process info related to BPF components.","bpftool,documentation,sample","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"d53dee3fe0138610fcce5721bae9414377c41ec3","d53dee3fe0138610fcce5721bae9414377c41ec3","Andrii Nakryiko","andriin@fb.com","1592608622","Alexei Starovoitov","ast@kernel.org","1592870509","1d53a23a9b64ba2a0cfe7421ff95314c2846e0ab","bd9bedf84b87289b9a87eebfe7917e54373e99f9","tools/bpftool: Show info for processes holding BPF map/prog/link/btf FDs Add bpf_iter-based way to find all the processes that hold open FDs against BPF object (map, prog, link, btf). bpftool always attempts to discover this, but will silently give up if kernel doesn't yet support bpf_iter BPF programs. Process name and PID are emitted for each process (task group). Sample output for each of 4 BPF objects: $ sudo ./bpftool prog show 2694: cgroup_device tag 8c42dee26e8cd4c2 gpl loaded_at 2020-06-16T15:34:32-0700 uid 0 xlated 648B jited 409B memlock 4096B pids systemd(1) 2907: cgroup_skb name egress tag 9ad187367cf2b9e8 gpl loaded_at 2020-06-16T18:06:54-0700 uid 0 xlated 48B jited 59B memlock 4096B map_ids 2436 btf_id 1202 pids test_progs(2238417), test_progs(2238445) $ sudo ./bpftool map show 2436: array name test_cgr.bss flags 0x400 key 4B value 8B max_entries 1 memlock 8192B btf_id 1202 pids test_progs(2238417), test_progs(2238445) 2445: array name pid_iter.rodata flags 0x480 key 4B value 4B max_entries 1 memlock 8192B btf_id 1214 frozen pids bpftool(2239612) $ sudo ./bpftool link show 61: cgroup prog 2908 cgroup_id 375301 attach_type egress pids test_progs(2238417), test_progs(2238445) 62: cgroup prog 2908 cgroup_id 375344 attach_type egress pids test_progs(2238417), test_progs(2238445) $ sudo ./bpftool btf show 1202: size 1527B prog_ids 2908,2907 map_ids 2436 pids test_progs(2238417), test_progs(2238445) 1242: size 34684B pids bpftool(2258892) Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Reviewed-by: Quentin Monnet Link: https://lore.kernel.org/bpf/20200619231703.738941-9-andriin@fb.com","tools/bpf/bpftool/Makefile | 2 +; tools/bpf/bpftool/btf.c | 6 +; tools/bpf/bpftool/link.c | 7 +; tools/bpf/bpftool/main.c | 1 +; tools/bpf/bpftool/main.h | 27 ++++; tools/bpf/bpftool/map.c | 7 +; tools/bpf/bpftool/pids.c | 229 ++++++++++++++++++++++++++++++; tools/bpf/bpftool/prog.c | 7 +; tools/bpf/bpftool/skeleton/pid_iter.bpf.c | 80 +++++++++++; tools/bpf/bpftool/skeleton/pid_iter.h | 12 ++; 10 files changed, 378 insertions(+)","This commit enhances bpftool to display information on processes holding file descriptors against BPF objects using bpf_iter.","bpftool,bpf_iter,Fds","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"bd9bedf84b87289b9a87eebfe7917e54373e99f9","bd9bedf84b87289b9a87eebfe7917e54373e99f9","Andrii Nakryiko","andriin@fb.com","1592608621","Alexei Starovoitov","ast@kernel.org","1592870508","d2aa523039a2832c1495390a8137671c02562730","05aca6da3b5ab3c5c6003dbbefc9580d9a6a308b","libbpf: Wrap source argument of BPF_CORE_READ macro in parentheses Wrap source argument of BPF_CORE_READ family of macros into parentheses to allow uses like this: BPF_CORE_READ((struct cast_struct *)src, a, b, c); Fixes: 7db3822ab991 (""libbpf: Add BPF_CORE_READ/BPF_CORE_READ_INTO helpers"") Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200619231703.738941-8-andriin@fb.com","tools/lib/bpf/bpf_core_read.h | 8 ++++----; 1 file changed, 4 insertions(+), 4 deletions(-)","The commit wraps the source argument of the BPF_CORE_READ macro in parentheses for proper usage.","BPF_CORE_READ, macro, parentheses","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"05aca6da3b5ab3c5c6003dbbefc9580d9a6a308b","05aca6da3b5ab3c5c6003dbbefc9580d9a6a308b","Andrii Nakryiko","andriin@fb.com","1592608620","Alexei Starovoitov","ast@kernel.org","1592870508","d4c33d240200463799c48fc111c9e76386710461","16e9b187aba60f9014f11a7e95b878850b6c95e5","tools/bpftool: Generalize BPF skeleton support and generate vmlinux.h Adapt Makefile to support BPF skeleton generation beyond single profiler.bpf.c case. Also add vmlinux.h generation and switch profiler.bpf.c to use it. clang-bpf-global-var feature is extended and renamed to clang-bpf-co-re to check for support of preserve_access_index attribute, which, together with BTF for global variables, is the minimum requirement for modern BPF programs. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Reviewed-by: Quentin Monnet Link: https://lore.kernel.org/bpf/20200619231703.738941-7-andriin@fb.com","tools/bpf/bpftool/.gitignore | 3 +-; tools/bpf/bpftool/Makefile | 42 ++++++++++++++++------; tools/bpf/bpftool/skeleton/profiler.bpf.c | 3 +-; tools/bpf/bpftool/skeleton/profiler.h | 46 -------------------------; tools/build/feature/Makefile | 4 +--; tools/build/feature/test-clang-bpf-co-re.c | 9 +++++; tools/build/feature/test-clang-bpf-global-var.c | 4 ---; 7 files changed, 45 insertions(+), 66 deletions(-)","The commit refactors bpftool to support BPF skeleton generation and incorporates vmlinux.h for modern BPF programs.","bpftool,skeleton,vmlinux.h","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"16e9b187aba60f9014f11a7e95b878850b6c95e5","16e9b187aba60f9014f11a7e95b878850b6c95e5","Andrii Nakryiko","andriin@fb.com","1592608619","Alexei Starovoitov","ast@kernel.org","1592870508","a1773c0e35574e10b5aa78869b6436f0e704ad65","a479b8ce4ed1457f814be6f67a8447a9af38f235","tools/bpftool: Minimize bootstrap bpftool Build minimal ""bootstrap mode"" bpftool to enable skeleton (and, later, vmlinux.h generation), instead of building almost complete, but slightly different (w/o skeletons, etc) bpftool to bootstrap complete bpftool build. Current approach doesn't scale well (engineering-wise) when adding more BPF programs to bpftool and other complicated functionality, as it requires constant adjusting of the code to work in both bootstrapped mode and normal mode. So it's better to build only minimal bpftool version that supports only BPF skeleton code generation and BTF-to-C conversion. Thankfully, this is quite easy to accomplish due to internal modularity of bpftool commands. This will also allow to keep adding new functionality to bpftool in general, without the need to care about bootstrap mode for those new parts of bpftool. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Reviewed-by: Quentin Monnet Link: https://lore.kernel.org/bpf/20200619231703.738941-6-andriin@fb.com","tools/bpf/bpftool/.gitignore | 2 +-; tools/bpf/bpftool/Makefile | 30 +++++++++++++-----------------; tools/bpf/bpftool/main.c | 11 +++++++++--; tools/bpf/bpftool/main.h | 27 +++++++++++++++------------; 4 files changed, 38 insertions(+), 32 deletions(-)","The commit revises bpftool to a minimal version for bootstrap focusing on BPF skeleton generation and BTF-to-C conversion, enhancing future functionality expansion.","bpftool,minimal,bootstrap","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"a479b8ce4ed1457f814be6f67a8447a9af38f235","a479b8ce4ed1457f814be6f67a8447a9af38f235","Andrii Nakryiko","andriin@fb.com","1592608618","Alexei Starovoitov","ast@kernel.org","1592870508","97b32b3d93bb6b56b76a5ec1846bafcf887efaf6","b7ddfab20a6af3a0e366000eada63adf6a7683e7","tools/bpftool: Move map/prog parsing logic into common Move functions that parse map and prog by id/tag/name/etc outside of map.c/prog.c, respectively. These functions are used outside of those files and are generic enough to be in common. This also makes heavy-weight map.c and prog.c more decoupled from the rest of bpftool files and facilitates more lightweight bootstrap bpftool variant. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Reviewed-by: Quentin Monnet Link: https://lore.kernel.org/bpf/20200619231703.738941-5-andriin@fb.com","tools/bpf/bpftool/common.c | 308 +++++++++++++++++++++++++++++++++++++++++++++; tools/bpf/bpftool/main.h | 2 +; tools/bpf/bpftool/map.c | 156 -----------------------; tools/bpf/bpftool/prog.c | 152 ----------------------; 4 files changed, 310 insertions(+), 308 deletions(-)","Refactor bpftool by consolidating map and prog parsing logic into a common module to enhance modularity.","bpftool, refactor, modularity","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"b7ddfab20a6af3a0e366000eada63adf6a7683e7","b7ddfab20a6af3a0e366000eada63adf6a7683e7","Andrii Nakryiko","andriin@fb.com","1592608617","Alexei Starovoitov","ast@kernel.org","1592870508","e98227b5a731328aa427e45e518f73fd403510b8","1c0c7074fefd769f62dda155e881ca90c9e3e75a","selftests/bpf: Add __ksym extern selftest Validate libbpf is able to handle weak and strong kernel symbol externs in BPF code correctly. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Reviewed-by: Hao Luo Link: https://lore.kernel.org/bpf/20200619231703.738941-4-andriin@fb.com","tools/testing/selftests/bpf/prog_tests/ksyms.c | 71 ++++++++++++++++++++++++++; tools/testing/selftests/bpf/progs/test_ksyms.c | 32 ++++++++++++; 2 files changed, 103 insertions(+)","This commit adds a selftest to validate libbpf's handling of kernel symbol externs in BPF code.","selftest,libbpf,ksym","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"1c0c7074fefd769f62dda155e881ca90c9e3e75a","1c0c7074fefd769f62dda155e881ca90c9e3e75a","Andrii Nakryiko","andriin@fb.com","1592608616","Alexei Starovoitov","ast@kernel.org","1592870508","7d74539e6f3b1894f2cff9ea88d38c58d887b91e","2e33efe32e019328916ce653dc1265d637261993","libbpf: Add support for extracting kernel symbol addresses Add support for another (in addition to existing Kconfig) special kind of externs in BPF code, kernel symbol externs. Such externs allow BPF code to ""know"" kernel symbol address and either use it for comparisons with kernel data structures (e.g., struct file's f_op pointer, to distinguish different kinds of file), or, with the help of bpf_probe_user_kernel(), to follow pointers and read data from global variables. Kernel symbol addresses are found through /proc/kallsyms, which should be present in the system. Currently, such kernel symbol variables are typeless: they have to be defined as `extern const void ` and the only operation you can do (in C code) with them is to take its address. Such extern should reside in a special section '.ksyms'. bpf_helpers.h header provides __ksym macro for this. Strong vs weak semantics stays the same as with Kconfig externs. If symbol is not found in /proc/kallsyms, this will be a failure for strong (non-weak) extern, but will be defaulted to 0 for weak externs. If the same symbol is defined multiple times in /proc/kallsyms, then it will be error if any of the associated addresses differs. In that case, address is ambiguous, so libbpf falls on the side of caution, rather than confusing user with randomly chosen address. In the future, once kernel is extended with variables BTF information, such ksym externs will be supported in a typed version, which will allow BPF program to read variable's contents directly, similarly to how it's done for fentry/fexit input arguments. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Reviewed-by: Hao Luo Link: https://lore.kernel.org/bpf/20200619231703.738941-3-andriin@fb.com","tools/lib/bpf/bpf_helpers.h | 1 +; tools/lib/bpf/btf.h | 5 ++; tools/lib/bpf/libbpf.c | 144 ++++++++++++++++++++++++++++++++++++++++++--; 3 files changed, 144 insertions(+), 6 deletions(-)","The commit adds support for extracting kernel symbol addresses in libbpf for BPF code to access kernel data structures and variables.","libbpf,kernel,symbols","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"2e33efe32e019328916ce653dc1265d637261993","2e33efe32e019328916ce653dc1265d637261993","Andrii Nakryiko","andriin@fb.com","1592608615","Alexei Starovoitov","ast@kernel.org","1592870508","703423b1afa8402526fd6dceb3b09bf5a8455fe1","1bdb6c9a1c43fdf9b83b2331dfc6229bd2e71d9b","libbpf: Generalize libbpf externs support Switch existing Kconfig externs to be just one of few possible kinds of more generic externs. This refactoring is in preparation for ksymbol extern support, added in the follow up patch. There are no functional changes intended. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Reviewed-by: Hao Luo Link: https://lore.kernel.org/bpf/20200619231703.738941-2-andriin@fb.com","tools/lib/bpf/libbpf.c | 346 +++++++++++++++++++++++++++++--------------------; 1 file changed, 206 insertions(+), 140 deletions(-)","This commit refactors libbpf to generalize externs support in preparation for future ksymbol extern support.","libbpf,externs,refactoring","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"1bdb6c9a1c43fdf9b83b2331dfc6229bd2e71d9b","1bdb6c9a1c43fdf9b83b2331dfc6229bd2e71d9b","Andrii Nakryiko","andriin@fb.com","1592720472","Daniel Borkmann","daniel@iogearbox.net","1592863292","3c74fae61b8358483e7d93fe1156132b8ff4bf07","b1b53d413f16c6b5078edb127e660e67332e4d2f","libbpf: Add a bunch of attribute getters/setters for map definitions Add a bunch of getter for various aspects of BPF map. Some of these attribute (e.g., key_size, value_size, type, etc) are available right now in struct bpf_map_def, but this patch adds getter allowing to fetch them individually. bpf_map_def approach isn't very scalable, when ABI stability requirements are taken into account. It's much easier to extend libbpf and add support for new features, when each aspect of BPF map has separate getter/setter. Getters follow the common naming convention of not explicitly having ""get"" in its name: bpf_map__type() returns map type, bpf_map__key_size() returns key_size. Setters, though, explicitly have set in their name: bpf_map__set_type(), bpf_map__set_key_size(). This patch ensures we now have a getter and a setter for the following map attributes: - type; - max_entries; - map_flags; - numa_node; - key_size; - value_size; - ifindex. bpf_map__resize() enforces unnecessary restriction of max_entries > 0. It is unnecessary, because libbpf actually supports zero max_entries for some cases (e.g., for PERF_EVENT_ARRAY map) and treats it specially during map creation time. To allow setting max_entries=0, new bpf_map__set_max_entries() setter is added. bpf_map__resize()'s behavior is preserved for backwards compatibility reasons. Map ifindex getter is added as well. There is a setter already, but no corresponding getter. Fix this assymetry as well. bpf_map__set_ifindex() itself is converted from void function into error-returning one, similar to other setters. The only error returned right now is -EBUSY, if BPF map is already loaded and has corresponding FD. One lacking attribute with no ability to get/set or even specify it declaratively is numa_node. This patch fixes this gap and both adds programmatic getter/setter, as well as adds support for numa_node field in BTF-defined map. Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Acked-by: Toke Høiland-Jørgensen Link: https://lore.kernel.org/bpf/20200621062112.3006313-1-andriin@fb.com","tools/lib/bpf/libbpf.c | 100 +++++++++++++++++++++++++++++++++++++++++++----; tools/lib/bpf/libbpf.h | 30 ++++++++++++--; tools/lib/bpf/libbpf.map | 14 +++++++; 3 files changed, 134 insertions(+), 10 deletions(-)","The commit adds individual getters and setters for BPF map attributes in libbpf to improve attribute management and future extensibility.","libbpf,getters,setters","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"4e15507fea70c0c312d79610efa46b6853ccf8e0","4e15507fea70c0c312d79610efa46b6853ccf8e0","Andrii Nakryiko","andriin@fb.com","1592709119","Daniel Borkmann","daniel@iogearbox.net","1592861029","6073dd31bd2a931030b81880f7ddfc437e4e56b5","b0c34bde72a59c05e826bf0a5aeca0d73f38f791","libbpf: Forward-declare bpf_stats_type for systems with outdated UAPI headers Systems that doesn't yet have the very latest linux/bpf.h header, enum bpf_stats_type will be undefined, causing compilation warnings. Prevents this by forward-declaring enum. Fixes: 0bee106716cf (""libbpf: Add support for command BPF_ENABLE_STATS"") Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Acked-by: Song Liu Link: https://lore.kernel.org/bpf/20200621031159.2279101-1-andriin@fb.com","tools/lib/bpf/bpf.h | 2 ++; 1 file changed, 2 insertions(+)","The commit forward-declares enum bpf_stats_type to avoid compilation warnings on systems with outdated UAPI headers.","libbpf, forward-declare, UAPI","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"b1b53d413f16c6b5078edb127e660e67332e4d2f","b1b53d413f16c6b5078edb127e660e67332e4d2f","Andrey Ignatov","rdna@fb.com","1592601105","Daniel Borkmann","daniel@iogearbox.net","1592857379","063a66799b0a01640a1b0b36ce3107011b4be423","2872e9ac33a4440173418147351ed4f93177e763","selftests/bpf: Test access to bpf map pointer Add selftests to test access to map pointers from bpf program for all map types except struct_ops (that one would need additional work). verifier test focuses mostly on scenarios that must be rejected. prog_tests test focuses on accessing multiple fields both scalar and a nested struct from bpf program and verifies that those fields have expected values. Signed-off-by: Andrey Ignatov Signed-off-by: Daniel Borkmann Acked-by: John Fastabend Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/139a6a17f8016491e39347849b951525335c6eb4.1592600985.git.rdna@fb.com","tools/testing/selftests/bpf/prog_tests/map_ptr.c | 32 ++; tools/testing/selftests/bpf/progs/map_ptr_kern.c | 686 +++++++++++++++++++++++; tools/testing/selftests/bpf/verifier/map_ptr.c | 62 ++; 3 files changed, 780 insertions(+)","The commit adds selftests for verifying access to BPF map pointers from BPF programs, focusing on expected rejections and value checks.","selftests,map,verifier","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"2872e9ac33a4440173418147351ed4f93177e763","2872e9ac33a4440173418147351ed4f93177e763","Andrey Ignatov","rdna@fb.com","1592601104","Daniel Borkmann","daniel@iogearbox.net","1592857378","d6e1d303efc0b0ce2e4cdefeca4403ddecc08a1d","41c48f3a98231738c5ce79f6f2aa6e40ba924d18","bpf: Set map_btf_{name, id} for all map types Set map_btf_name and map_btf_id for all map types so that map fields can be accessed by bpf programs. Signed-off-by: Andrey Ignatov Signed-off-by: Daniel Borkmann Acked-by: John Fastabend Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/a825f808f22af52b018dbe82f1c7d29dab5fc978.1592600985.git.rdna@fb.com","kernel/bpf/arraymap.c | 15 +++++++++++++++; kernel/bpf/bpf_struct_ops.c | 3 +++; kernel/bpf/cpumap.c | 3 +++; kernel/bpf/devmap.c | 6 ++++++; kernel/bpf/hashtab.c | 12 ++++++++++++; kernel/bpf/local_storage.c | 3 +++; kernel/bpf/lpm_trie.c | 3 +++; kernel/bpf/queue_stack_maps.c | 6 ++++++; kernel/bpf/reuseport_array.c | 3 +++; kernel/bpf/ringbuf.c | 3 +++; kernel/bpf/stackmap.c | 3 +++; net/core/bpf_sk_storage.c | 3 +++; net/core/sock_map.c | 6 ++++++; net/xdp/xskmap.c | 3 +++; 14 files changed, 72 insertions(+)","The commit sets map_btf_name and map_btf_id for all eBPF map types to enable field access by BPF programs.","map_btf_name,map_btf_id,eBPF","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"41c48f3a98231738c5ce79f6f2aa6e40ba924d18","41c48f3a98231738c5ce79f6f2aa6e40ba924d18","Andrey Ignatov","rdna@fb.com","1592601103","Daniel Borkmann","daniel@iogearbox.net","1592857378","3ac758ee328f6dffccc63a480cd72cbf8e723480","032a6b3565489a26d6841eefa1fc29d95fc80c66","bpf: Support access to bpf map fields There are multiple use-cases when it's convenient to have access to bpf map fields, both `struct bpf_map` and map type specific struct-s such as `struct bpf_array`, `struct bpf_htab`, etc. For example while working with sock arrays it can be necessary to calculate the key based on map->max_entries (some_hash % max_entries). Currently this is solved by communicating max_entries via ""out-of-band"" channel, e.g. via additional map with known key to get info about target map. That works, but is not very convenient and error-prone while working with many maps. In other cases necessary data is dynamic (i.e. unknown at loading time) and it's impossible to get it at all. For example while working with a hash table it can be convenient to know how much capacity is already used (bpf_htab.count.counter for BPF_F_NO_PREALLOC case). At the same time kernel knows this info and can provide it to bpf program. Fill this gap by adding support to access bpf map fields from bpf program for both `struct bpf_map` and map type specific fields. Support is implemented via btf_struct_access() so that a user can define their own `struct bpf_map` or map type specific struct in their program with only necessary fields and preserve_access_index attribute, cast a map to this struct and use a field. For example: struct bpf_map { __u32 max_entries; } __attribute__((preserve_access_index)); struct bpf_array { struct bpf_map map; __u32 elem_size; } __attribute__((preserve_access_index)); struct { __uint(type, BPF_MAP_TYPE_ARRAY); __uint(max_entries, 4); __type(key, __u32); __type(value, __u32); } m_array SEC("".maps""); SEC(""cgroup_skb/egress"") int cg_skb(void *ctx) { struct bpf_array *array = (struct bpf_array *)&m_array; struct bpf_map *map = (struct bpf_map *)&m_array; /* .. use map->max_entries or array->map.max_entries .. */ } Similarly to other btf_struct_access() use-cases (e.g. struct tcp_sock in net/ipv4/bpf_tcp_ca.c) the patch allows access to any fields of corresponding struct. Only reading from map fields is supported. For btf_struct_access() to work there should be a way to know btf id of a struct that corresponds to a map type. To get btf id there should be a way to get a stringified name of map-specific struct, such as ""bpf_array"", ""bpf_htab"", etc for a map type. Two new fields are added to `struct bpf_map_ops` to handle it: * .map_btf_name keeps a btf name of a struct returned by map_alloc(); * .map_btf_id is used to cache btf id of that struct. To make btf ids calculation cheaper they're calculated once while preparing btf_vmlinux and cached same way as it's done for btf_id field of `struct bpf_func_proto` While calculating btf ids, struct names are NOT checked for collision. Collisions will be checked as a part of the work to prepare btf ids used in verifier in compile time that should land soon. The only known collision for `struct bpf_htab` (kernel/bpf/hashtab.c vs net/core/sock_map.c) was fixed earlier. Both new fields .map_btf_name and .map_btf_id must be set for a map type for the feature to work. If neither is set for a map type, verifier will return ENOTSUPP on a try to access map_ptr of corresponding type. If just one of them set, it's verifier misconfiguration. Only `struct bpf_array` for BPF_MAP_TYPE_ARRAY and `struct bpf_htab` for BPF_MAP_TYPE_HASH are supported by this patch. Other map types will be supported separately. The feature is available only for CONFIG_DEBUG_INFO_BTF=y and gated by perfmon_capable() so that unpriv programs won't have access to bpf map fields. Signed-off-by: Andrey Ignatov Signed-off-by: Daniel Borkmann Acked-by: John Fastabend Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/6479686a0cd1e9067993df57b4c3eef0e276fec9.1592600985.git.rdna@fb.com","include/linux/bpf.h | 9 +++; include/linux/bpf_verifier.h | 1 +; kernel/bpf/arraymap.c | 3 +; kernel/bpf/btf.c | 40 +++++++++++; kernel/bpf/hashtab.c | 3 +; kernel/bpf/verifier.c | 82 +++++++++++++++++++---; .../selftests/bpf/verifier/map_ptr_mixing.c | 2 +-; 7 files changed, 131 insertions(+), 9 deletions(-)","This commit introduces the ability for eBPF programs to access BPF map fields using BTF for improved convenience and functionality.","BPF, map fields, BTF","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"032a6b3565489a26d6841eefa1fc29d95fc80c66","032a6b3565489a26d6841eefa1fc29d95fc80c66","Andrey Ignatov","rdna@fb.com","1592601102","Daniel Borkmann","daniel@iogearbox.net","1592857378","e62d93d833ff8b6a68275b37cf84cdeccbaa91bb","a2d0d62f4d9e3546134ba08e102ca7decd4ed836","bpf: Rename bpf_htab to bpf_shtab in sock_map There are two different `struct bpf_htab` in bpf code in the following files: - kernel/bpf/hashtab.c - net/core/sock_map.c It makes it impossible to find proper btf_id by name = ""bpf_htab"" and kind = BTF_KIND_STRUCT what is needed to support access to map ptr so that bpf program can access `struct bpf_htab` fields. To make it possible one of the struct-s should be renamed, sock_map.c looks like a better candidate for rename since it's specialized version of hashtab. Rename it to bpf_shtab (""sh"" stands for Sock Hash). Signed-off-by: Andrey Ignatov Signed-off-by: Daniel Borkmann Acked-by: John Fastabend Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/c006a639e03c64ca50fc87c4bb627e0bfba90f4e.1592600985.git.rdna@fb.com","net/core/sock_map.c | 82 ++++++++++++++++++++++++++---------------------------; 1 file changed, 41 insertions(+), 41 deletions(-)","Rename struct 'bpf_htab' to 'bpf_shtab' in sock_map to resolve BTF ID conflict.","rename, sock_map, bpf_shtab","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"a2d0d62f4d9e3546134ba08e102ca7decd4ed836","a2d0d62f4d9e3546134ba08e102ca7decd4ed836","Andrey Ignatov","rdna@fb.com","1592601101","Daniel Borkmann","daniel@iogearbox.net","1592857378","34cdbe92593917aefc88968ca043c88bfd29d53e","bb8dc2695a7db4f35c1de94d212f86229bb4a5d2","bpf: Switch btf_parse_vmlinux to btf_find_by_name_kind btf_parse_vmlinux() implements manual search for struct bpf_ctx_convert since at the time of implementing btf_find_by_name_kind() was not available. Later btf_find_by_name_kind() was introduced in 27ae7997a661 (""bpf: Introduce BPF_PROG_TYPE_STRUCT_OPS""). It provides similar search functionality and can be leveraged in btf_parse_vmlinux(). Do it. Signed-off-by: Andrey Ignatov Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Acked-by: John Fastabend Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/6e12d5c3e8a3d552925913ef73a695dd1bb27800.1592600985.git.rdna@fb.com","kernel/bpf/btf.c | 23 ++++++-----------------; 1 file changed, 6 insertions(+), 17 deletions(-)","The commit updates btf_parse_vmlinux to use btf_find_by_name_kind improving BTF maintenance in the BPF subsystem.","btf vmlinux refactoring","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"1566feea450cb0ffcdb47daf723f62640c9f616a","1566feea450cb0ffcdb47daf723f62640c9f616a","Linus Torvalds","torvalds@linux-foundation.org","1592681468","Linus Torvalds","torvalds@linux-foundation.org","1592681468","dcff1752a891ecc8e4b110300c80cca20e924570","7fdfbe08a2b3e2bf776e2f2b341768ba93c2e158 b3583fca5fb654af2cfc1c08259abb9728272538","Merge tag 's390-5.8-2' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux Pull s390 fixes from Vasily Gorbik: - a few ptrace fixes mostly for strace and seccomp_bpf kernel tests findings - cleanup unused pm callbacks in virtio ccw - replace kmalloc + memset with kzalloc in crypto - use $(LD) for vDSO linkage to make clang happy - fix vDSO clock_getres() to preserve the same behaviour as posix_get_hrtimer_res() - fix workqueue cpumask warning when NUMA=n and nr_node_ids=2 - reduce SLSB writes during input processing, improve warnings and cleanup qdio_data usage in qdio - a few fixes to use scnprintf() instead of snprintf() * tag 's390-5.8-2' of git://git.kernel.org/pub/scm/linux/kernel/git/s390/linux: s390: fix syscall_get_error for compat processes s390/qdio: warn about unexpected SLSB states s390/qdio: clean up usage of qdio_data s390/numa: let NODES_SHIFT depend on NEED_MULTIPLE_NODES s390/vdso: fix vDSO clock_getres() s390/vdso: Use $(LD) instead of $(CC) to link vDSO s390/protvirt: use scnprintf() instead of snprintf() s390: use scnprintf() in sys_##_prefix##_##_name##_show s390/crypto: use scnprintf() instead of snprintf() s390/zcrypt: use kzalloc s390/virtio: remove unused pm callbacks s390/qdio: reduce SLSB writes during Input Queue processing selftests/seccomp: s390 shares the syscall and return value register s390/ptrace: fix setting syscall number s390/ptrace: pass invalid syscall numbers to tracing s390/ptrace: return -ENOSYS when invalid syscall is supplied s390/seccomp: pass syscall arguments via seccomp_data s390/qdio: fine-tune SLSB update","","The commit incorporates a series of fixes and enhancements for the s390 architecture from another branch.","merge,s390,fixes","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"bb8dc2695a7db4f35c1de94d212f86229bb4a5d2","bb8dc2695a7db4f35c1de94d212f86229bb4a5d2","Andrii Nakryiko","andriin@fb.com","1592605224","Daniel Borkmann","daniel@iogearbox.net","1592605639","4d06e720c35c164566231e1c74966bd796b8834e","d56b74b9e1b8d747171dc6ff60315c00c41562ce","tools/bpftool: Relicense bpftool's BPF profiler prog as dual-license GPL/BSD Relicense it to be compatible with the rest of bpftool files. Suggested-by: Quentin Monnet Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200619222024.519774-1-andriin@fb.com","tools/bpf/bpftool/skeleton/profiler.bpf.c | 4 ++--; 1 file changed, 2 insertions(+), 2 deletions(-)","Relicense bpftool's BPF profiler program to dual-license GPL/BSD for compatibility.","Relicense, bpftool, GPL/BSD","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"d56b74b9e1b8d747171dc6ff60315c00c41562ce","d56b74b9e1b8d747171dc6ff60315c00c41562ce","Yonghong Song","yhs@fb.com","1592523992","Daniel Borkmann","daniel@iogearbox.net","1592602483","4ca41124ca7aafec28741476e87ecfd7b6387309","6c6935419e2fd8ef1fcde71c4e50b9095e520900","tools/bpf: Add verifier tests for 32bit pointer/scalar arithmetic Added two test_verifier subtests for 32bit pointer/scalar arithmetic with BPF_SUB operator. They are passing verifier now. Signed-off-by: Yonghong Song Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200618234632.3321367-1-yhs@fb.com",".../selftests/bpf/verifier/value_ptr_arith.c | 38 ++++++++++++++++++++++; 1 file changed, 38 insertions(+)","This commit adds new verifier tests to the eBPF test suite for 32-bit pointer/scalar arithmetic using BPF_SUB operator.","verifier,tests,arithmetic","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"6c6935419e2fd8ef1fcde71c4e50b9095e520900","6c6935419e2fd8ef1fcde71c4e50b9095e520900","Yonghong Song","yhs@fb.com","1592523991","Daniel Borkmann","daniel@iogearbox.net","1592602482","0e827993fe8351e8492d71f2a4d13fa680cd35f9","7c7982cbadbb63eb76401ddc4ef090cf7ae274b4","bpf: Avoid verifier failure for 32bit pointer arithmetic When do experiments with llvm (disabling instcombine and simplifyCFG), I hit the following error with test_seg6_loop.o. ; R1=pkt(id=0,off=0,r=48,imm=0), R7=pkt(id=0,off=40,r=48,imm=0) w2 = w7 ; R2_w=inv(id=0,umax_value=4294967295,var_off=(0x0; 0xffffffff)) w2 -= w1 R2 32-bit pointer arithmetic prohibited The corresponding source code is: uint32_t srh_off // srh and skb->data are all packet pointers srh_off = (char *)srh - (char *)(long)skb->data; The verifier does not support 32-bit pointer/scalar arithmetic. Without my llvm change, the code looks like ; R3=pkt(id=0,off=40,r=48,imm=0), R8=pkt(id=0,off=0,r=48,imm=0) w3 -= w8 ; R3_w=inv(id=0) This is explicitly allowed in verifier if both registers are pointers and the opcode is BPF_SUB. To fix this problem, I changed the verifier to allow 32-bit pointer/scaler BPF_SUB operations. At the source level, the issue could be workarounded with inline asm or changing ""uint32_t srh_off"" to ""uint64_t srh_off"". But I feel that verifier change might be the right thing to do. Signed-off-by: Yonghong Song Signed-off-by: Daniel Borkmann Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200618234631.3321118-1-yhs@fb.com","kernel/bpf/verifier.c | 5 +++++; 1 file changed, 5 insertions(+)","This commit modifies the eBPF verifier to allow 32-bit pointer arithmetic using BPF_SUB operations to avoid failures.","eBPF,verifier,arithmetic","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"98d7e741a0a37fff24f99e4b6c5a1bd1e50cd47a","98d7e741a0a37fff24f99e4b6c5a1bd1e50cd47a","Linus Torvalds","torvalds@linux-foundation.org","1592591997","Linus Torvalds","torvalds@linux-foundation.org","1592591997","8826b0255f852c85503bd9c51318e74f1939cf0d","5e857ce6eae7ca21b2055cca4885545e29228fe2 6a1515c962b17e2596ae7b9f074fc5685d6b435b","Merge tag 'perf-tools-fixes-2020-06-02' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux Pull perf tooling fixes from Arnaldo Carvalho de Melo: - Update various UAPI headers, some automatically adding support for a new MSR and the faccess2 syscall. - Fix corner case NULL deref in the histograms code. - Fix corner case NULL deref in 'perf stat' aggregation code. - Fix array pointer deref and old style declaration in the parsing of events. - Fix segfault when processing ZSTD compressed perf.data files in 'perf script' due to lack of initialization of the ZSTD library. - Handle __attribute__((user)) in libtraceevent fixing the parsing of syscall tracepoints with user buffers. - Make libtraevent aware of __builtin_expect() appearing in tracepoint fields. - Make the BPF prologue generation use bpf_probe_read_{user,kernel}(). - Fix the '@user' attribute parsing in kprobes variables in 'perf probe'. - Fix error message when asking for -fsanitize=address without required libraries. * tag 'perf-tools-fixes-2020-06-02' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux: (22 commits) perf build: Fix error message when asking for -fsanitize=address without required libraries tools lib traceevent: Add handler for __builtin_expect() tools lib traceevent: Handle __attribute__((user)) in field names tools lib traceevent: Add append() function helper for appending strings tools headers UAPI: Sync linux/fs.h with the kernel sources tools include UAPI: Sync linux/vhost.h with the kernel sources tools arch x86: Sync the msr-index.h copy with the kernel sources perf script: Initialize zstd_data perf pmu: Remove unused declaration perf parse-events: Fix an old style declaration perf parse-events: Fix an incompatible pointer perf bpf: Fix bpf prologue generation perf probe: Fix user attribute access in kprobes perf stat: Fix NULL pointer dereference perf report: Fix NULL pointer dereference in hists__fprintf_nr_sample_events() tools headers UAPI: Sync kvm.h headers with the kernel sources tools headers UAPI: Sync drm/i915_drm.h with the kernel sources tools headers UAPI: Sync linux/fscrypt.h with the kernel sources perf beauty: Add support to STATX_MNT_ID in the 'statx' syscall 'mask' argument tools headers uapi: Sync linux/stat.h with the kernel sources ...","","This commit merges several perf tooling fixes including UAPI header updates and eBPF prologue generation improvements.","perf,fixes,merge","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"7c7982cbadbb63eb76401ddc4ef090cf7ae274b4","7c7982cbadbb63eb76401ddc4ef090cf7ae274b4","Martin KaFai Lau","kafai@fb.com","1592415746","Alexei Starovoitov","ast@kernel.org","1592516469","ec72373aaeaa183802cb6cc4bd46feb2098541aa","7bd3a33ae6d2b820bc44a206f9b81b96840219fd","bpf: sk_storage: Prefer to get a free cache_idx The cache_idx is currently picked by RR. There is chance that the same cache_idx will be picked by multiple sk_storage_maps while other cache_idx is still unused. e.g. It could happen when the sk_storage_map is recreated during the restart of the user space process. This patch tracks the usage count for each cache_idx. There is 16 of them now (defined in BPF_SK_STORAGE_CACHE_SIZE). It will try to pick the free cache_idx. If none was found, it would pick one with the minimal usage count. Signed-off-by: Martin KaFai Lau Signed-off-by: Alexei Starovoitov Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200617174226.2301909-1-kafai@fb.com","net/core/bpf_sk_storage.c | 41 +++++++++++++++++++++++++++++++++++++----; 1 file changed, 37 insertions(+), 4 deletions(-)","This commit optimizes cache index selection in sk_storage by selecting unused or minimally used indices.","cache, sk_storage, index","A performance optimization. It improves the performance of existing code such as reducing latency or improving throughput.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"6a1515c962b17e2596ae7b9f074fc5685d6b435b","6a1515c962b17e2596ae7b9f074fc5685d6b435b","Tiezhu Yang","yangtiezhu@loongson.cn","1592445961","Arnaldo Carvalho de Melo","acme@redhat.com","1592487271","fe58b722ea7f6a3f6ff84d30e7d0d48406e78652","1b20d9491cf9cf180f1f2a46c80d69af0f775d55","perf build: Fix error message when asking for -fsanitize=address without required libraries When build perf with ASan or UBSan, if libasan or libubsan can not find, the feature-glibc is 0 and there exists the following error log which is wrong, because we can find gnu/libc-version.h in /usr/include, glibc-devel is also installed. [yangtiezhu@linux perf]$ make DEBUG=1 EXTRA_CFLAGS='-fno-omit-frame-pointer -fsanitize=address' BUILD: Doing 'make -j4' parallel build HOSTCC fixdep.o HOSTLD fixdep-in.o LINK fixdep :1:0: warning: -fsanitize=address and -fsanitize=kernel-address are not supported for this target :1:0: warning: -fsanitize=address not supported for this target Auto-detecting system features: ... dwarf: [ OFF ] ... dwarf_getlocations: [ OFF ] ... glibc: [ OFF ] ... gtk2: [ OFF ] ... libaudit: [ OFF ] ... libbfd: [ OFF ] ... libcap: [ OFF ] ... libelf: [ OFF ] ... libnuma: [ OFF ] ... numa_num_possible_cpus: [ OFF ] ... libperl: [ OFF ] ... libpython: [ OFF ] ... libcrypto: [ OFF ] ... libunwind: [ OFF ] ... libdw-dwarf-unwind: [ OFF ] ... zlib: [ OFF ] ... lzma: [ OFF ] ... get_cpuid: [ OFF ] ... bpf: [ OFF ] ... libaio: [ OFF ] ... libzstd: [ OFF ] ... disassembler-four-args: [ OFF ] Makefile.config:393: *** No gnu/libc-version.h found, please install glibc-dev[el]. Stop. Makefile.perf:224: recipe for target 'sub-make' failed make[1]: *** [sub-make] Error 2 Makefile:69: recipe for target 'all' failed make: *** [all] Error 2 [yangtiezhu@linux perf]$ ls /usr/include/gnu/libc-version.h /usr/include/gnu/libc-version.h After install libasan and libubsan, the feature-glibc is 1 and the build process is success, so the cause is related with libasan or libubsan, we should check them and print an error log to reflect the reality. Committer testing: $ rm -rf /tmp/build/perf ; mkdir -p /tmp/build/perf $ make DEBUG=1 EXTRA_CFLAGS='-fno-omit-frame-pointer -fsanitize=address' O=/tmp/build/perf -C tools/perf/ install-bin make: Entering directory '/home/acme/git/perf/tools/perf' BUILD: Doing 'make -j12' parallel build HOSTCC /tmp/build/perf/fixdep.o HOSTLD /tmp/build/perf/fixdep-in.o LINK /tmp/build/perf/fixdep Auto-detecting system features: ... dwarf: [ OFF ] ... dwarf_getlocations: [ OFF ] ... glibc: [ OFF ] ... gtk2: [ OFF ] ... libbfd: [ OFF ] ... libcap: [ OFF ] ... libelf: [ OFF ] ... libnuma: [ OFF ] ... numa_num_possible_cpus: [ OFF ] ... libperl: [ OFF ] ... libpython: [ OFF ] ... libcrypto: [ OFF ] ... libunwind: [ OFF ] ... libdw-dwarf-unwind: [ OFF ] ... zlib: [ OFF ] ... lzma: [ OFF ] ... get_cpuid: [ OFF ] ... bpf: [ OFF ] ... libaio: [ OFF ] ... libzstd: [ OFF ] ... disassembler-four-args: [ OFF ] Makefile.config:401: *** No libasan found, please install libasan. Stop. make[1]: *** [Makefile.perf:231: sub-make] Error 2 make: *** [Makefile:70: all] Error 2 make: Leaving directory '/home/acme/git/perf/tools/perf' $ $ $ sudo dnf install libasan Installed: libasan-9.3.1-2.fc31.x86_64 $ $ $ make DEBUG=1 EXTRA_CFLAGS='-fno-omit-frame-pointer -fsanitize=address' O=/tmp/build/perf -C tools/perf/ install-bin make: Entering directory '/home/acme/git/perf/tools/perf' BUILD: Doing 'make -j12' parallel build Auto-detecting system features: ... dwarf: [ on ] ... dwarf_getlocations: [ on ] ... glibc: [ on ] ... gtk2: [ on ] ... libbfd: [ on ] ... libcap: [ on ] ... libelf: [ on ] ... libnuma: [ on ] ... numa_num_possible_cpus: [ on ] ... libperl: [ on ] ... libpython: [ on ] ... libcrypto: [ on ] ... libunwind: [ on ] ... libdw-dwarf-unwind: [ on ] ... zlib: [ on ] ... lzma: [ on ] ... get_cpuid: [ on ] ... bpf: [ on ] ... libaio: [ on ] ... libzstd: [ on ] ... disassembler-four-args: [ on ] CC /tmp/build/perf/util/pmu-flex.o FLEX /tmp/build/perf/util/expr-flex.c CC /tmp/build/perf/util/expr-bison.o CC /tmp/build/perf/util/expr.o CC /tmp/build/perf/util/expr-flex.o CC /tmp/build/perf/util/parse-events-flex.o CC /tmp/build/perf/util/parse-events.o LD /tmp/build/perf/util/intel-pt-decoder/perf-in.o LD /tmp/build/perf/util/perf-in.o LD /tmp/build/perf/perf-in.o LINK /tmp/build/perf/perf INSTALL python-scripts INSTALL perf_completion-script INSTALL perf-tip make: Leaving directory '/home/acme/git/perf/tools/perf' $ ldd ~/bin/perf | grep asan libasan.so.5 => /lib64/libasan.so.5 (0x00007f0904164000) $ And if we rebuild without -fsanitize-address: $ rm -rf /tmp/build/perf ; mkdir -p /tmp/build/perf $ make O=/tmp/build/perf -C tools/perf/ install-bin make: Entering directory '/home/acme/git/perf/tools/perf' BUILD: Doing 'make -j12' parallel build HOSTCC /tmp/build/perf/fixdep.o HOSTLD /tmp/build/perf/fixdep-in.o LINK /tmp/build/perf/fixdep Auto-detecting system features: ... dwarf: [ on ] ... dwarf_getlocations: [ on ] ... glibc: [ on ] ... gtk2: [ on ] ... libbfd: [ on ] ... libcap: [ on ] ... libelf: [ on ] ... libnuma: [ on ] ... numa_num_possible_cpus: [ on ] ... libperl: [ on ] ... libpython: [ on ] ... libcrypto: [ on ] ... libunwind: [ on ] ... libdw-dwarf-unwind: [ on ] ... zlib: [ on ] ... lzma: [ on ] ... get_cpuid: [ on ] ... bpf: [ on ] ... libaio: [ on ] ... libzstd: [ on ] ... disassembler-four-args: [ on ] GEN /tmp/build/perf/common-cmds.h CC /tmp/build/perf/exec-cmd.o INSTALL perf_completion-script INSTALL perf-tip make: Leaving directory '/home/acme/git/perf/tools/perf' $ ldd ~/bin/perf | grep asan $ Signed-off-by: Tiezhu Yang Acked-by: Jiri Olsa Tested-by: Arnaldo Carvalho de Melo Cc: Alexander Shishkin Cc: Mark Rutland Cc: Namhyung Kim Cc: Peter Zijlstra Cc: tiezhu yang Cc: xuefeng li Link: http://lore.kernel.org/lkml/1592445961-28044-1-git-send-email-yangtiezhu@loongson.cn Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/Makefile.config | 12 ++++++++++++; 1 file changed, 12 insertions(+)","Address incorrect error messages during perf build by checking for missing libasan and libubsan libraries.","perf,libasan,build","A build system or CI/CD change. It affects the build process continuous integration or deployment pipelines.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"b9d37bbb55b8993d296a86fa21f98fa550b61967","b9d37bbb55b8993d296a86fa21f98fa550b61967","David S. Miller","davem@davemloft.net","1592425615","David S. Miller","davem@davemloft.net","1592425615","73a93a246e9261c7738595af15e6f5a0cf44115a","69119673bd50b176ded34032fadd41530fb5af21 8030e250d882db174cbcd88273570ffb36a13080","Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf Alexei Starovoitov says: ==================== pull-request: bpf 2020-06-17 The following pull-request contains BPF updates for your *net* tree. We've added 10 non-merge commits during the last 2 day(s) which contain a total of 14 files changed, 158 insertions(+), 59 deletions(-). The main changes are: 1) Important fix for bpf_probe_read_kernel_str() return value, from Andrii. 2) [gs]etsockopt fix for large optlen, from Stanislav. 3) devmap allocation fix, from Toke. ==================== Signed-off-by: David S. Miller ","","This is a merge commit incorporating BPF updates, including fixes for bpf_probe_read_kernel_str, setsockopt, and devmap allocation.","BPF, merge, fixes","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"7bd3a33ae6d2b820bc44a206f9b81b96840219fd","7bd3a33ae6d2b820bc44a206f9b81b96840219fd","Andrii Nakryiko","andriin@fb.com","1592418692","Alexei Starovoitov","ast@kernel.org","1592425202","287261f46627f341c18665cbd5b988670be02d41","69119673bd50b176ded34032fadd41530fb5af21","libbpf: Bump version to 0.1.0 Bump libbpf version to 0.1.0, as new development cycle starts. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200617183132.1970836-1-andriin@fb.com","tools/lib/bpf/libbpf.map | 3 +++; 1 file changed, 3 insertions(+)","The commit updates the libbpf version to 0.1.0 to mark the start of a new development cycle.","libbpf,version,bump","A build system or CI/CD change. It affects the build process continuous integration or deployment pipelines.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"8030e250d882db174cbcd88273570ffb36a13080","8030e250d882db174cbcd88273570ffb36a13080","Stanislav Fomichev","sdf@google.com","1592355856","Alexei Starovoitov","ast@kernel.org","1592416445","dc7cd3c1ae17b73b2a7e56cef6eaac706ae3c080","a0cb12b03132befbdb29d835ca330c18792e8134","bpf: Document optval > PAGE_SIZE behavior for sockopt hooks Extend existing doc with more details about requiring ctx->optlen = 0 for handling optval > PAGE_SIZE. Signed-off-by: Stanislav Fomichev Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200617010416.93086-3-sdf@google.com","Documentation/bpf/prog_cgroup_sockopt.rst | 14 ++++++++++++++; 1 file changed, 14 insertions(+)","This commit updates the documentation to explain the handling of sockopt hooks when optval exceeds PAGE_SIZE.","documentation, sockopt, PAGE_SIZE","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"a0cb12b03132befbdb29d835ca330c18792e8134","a0cb12b03132befbdb29d835ca330c18792e8134","Stanislav Fomichev","sdf@google.com","1592355855","Alexei Starovoitov","ast@kernel.org","1592416445","c7fc8a91361a361fb6a56bb024203c834bb9d5b3","d8fe449a9c51a37d844ab607e14e2f5c657d3cf2","selftests/bpf: Make sure optvals > PAGE_SIZE are bypassed We are relying on the fact, that we can pass > sizeof(int) optvals to the SOL_IP+IP_FREEBIND option (the kernel will take first 4 bytes). In the BPF program we check that we can only touch PAGE_SIZE bytes, but the real optlen is PAGE_SIZE * 2. In both cases, we override it to some predefined value and trim the optlen. Also, let's modify exiting IP_TOS usecase to test optlen=0 case where BPF program just bypasses the data as is. Signed-off-by: Stanislav Fomichev Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200617010416.93086-2-sdf@google.com",".../testing/selftests/bpf/prog_tests/sockopt_sk.c | 46 +++++++++++++++---; tools/testing/selftests/bpf/progs/sockopt_sk.c | 54 +++++++++++++++++++++-; 2 files changed, 91 insertions(+), 9 deletions(-)","The commit enhances BPF self-tests for socket options with large optvals and tests cases with optlen=0.","selftests,optvals,socket","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"d8fe449a9c51a37d844ab607e14e2f5c657d3cf2","d8fe449a9c51a37d844ab607e14e2f5c657d3cf2","Stanislav Fomichev","sdf@google.com","1592355854","Alexei Starovoitov","ast@kernel.org","1592416445","3eb04395d33c0251158c01b7b36e7e088658cfd2","99c51064fb06146b3d494b745c947e438a10aaa7","bpf: Don't return EINVAL from {get,set}sockopt when optlen > PAGE_SIZE Attaching to these hooks can break iptables because its optval is usually quite big, or at least bigger than the current PAGE_SIZE limit. David also mentioned some SCTP options can be big (around 256k). For such optvals we expose only the first PAGE_SIZE bytes to the BPF program. BPF program has two options: 1. Set ctx->optlen to 0 to indicate that the BPF's optval should be ignored and the kernel should use original userspace value. 2. Set ctx->optlen to something that's smaller than the PAGE_SIZE. v5: * use ctx->optlen == 0 with trimmed buffer (Alexei Starovoitov) * update the docs accordingly v4: * use temporary buffer to avoid optval == optval_end == NULL; this removes the corner case in the verifier that might assume non-zero PTR_TO_PACKET/PTR_TO_PACKET_END. v3: * don't increase the limit, bypass the argument v2: * proper comments formatting (Jakub Kicinski) Fixes: 0d01da6afc54 (""bpf: implement getsockopt and setsockopt hooks"") Signed-off-by: Stanislav Fomichev Signed-off-by: Alexei Starovoitov Cc: David Laight Link: https://lore.kernel.org/bpf/20200617010416.93086-1-sdf@google.com","kernel/bpf/cgroup.c | 53 +++++++++++++++++++++++++++++++++--------------------; 1 file changed, 33 insertions(+), 20 deletions(-)","The commit fixes a bug with optlen limit in getsockopt and setsockopt eBPF hooks, allowing handling of larger optvals without breaking iptables.","getsockopt, setsockopt, optlen","A bug fix. It primarily resolves a bug or issue in the code.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"99c51064fb06146b3d494b745c947e438a10aaa7","99c51064fb06146b3d494b745c947e438a10aaa7","Toke Høiland-Jørgensen","toke@redhat.com","1592317709","Alexei Starovoitov","ast@kernel.org","1592413279","ca1db0445778ac64e06f13568d245bd060950915","3ff2351651a2ecb73ec9d29119793bde190b2850","devmap: Use bpf_map_area_alloc() for allocating hash buckets Syzkaller discovered that creating a hash of type devmap_hash with a large number of entries can hit the memory allocator limit for allocating contiguous memory regions. There's really no reason to use kmalloc_array() directly in the devmap code, so just switch it to the existing bpf_map_area_alloc() function that is used elsewhere. Fixes: 6f9d451ab1a3 (""xdp: Add devmap_hash map type for looking up devices by hashed index"") Reported-by: Xiumei Mu Signed-off-by: Toke Høiland-Jørgensen Signed-off-by: Alexei Starovoitov Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200616142829.114173-1-toke@redhat.com","kernel/bpf/devmap.c | 10 ++++++----; 1 file changed, 6 insertions(+), 4 deletions(-)","This commit adjusts memory allocation for devmap_hash type in eBPF to prevent hitting memory limits with large entries.","devmap,allocation,hash","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"3ff2351651a2ecb73ec9d29119793bde190b2850","3ff2351651a2ecb73ec9d29119793bde190b2850","Hangbin Liu","liuhangbin@gmail.com","1592303718","Alexei Starovoitov","ast@kernel.org","1592413095","af918c9e450aa0684d5ba8bb719d32fdf591b513","1c7fb20d6b0acd452cb93d447051eac7724edfa7","xdp: Handle frame_sz in xdp_convert_zc_to_xdp_frame() In commit 34cc0b338a61 we only handled the frame_sz in convert_to_xdp_frame(). This patch will also handle frame_sz in xdp_convert_zc_to_xdp_frame(). Fixes: 34cc0b338a61 (""xdp: Xdp_frame add member frame_sz and handle in convert_to_xdp_frame"") Signed-off-by: Hangbin Liu Signed-off-by: Alexei Starovoitov Acked-by: Jesper Dangaard Brouer Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200616103518.2963410-1-liuhangbin@gmail.com","net/core/xdp.c | 1 +; 1 file changed, 1 insertion(+)","The commit handles frame_sz in the xdp_convert_zc_to_xdp_frame() function to fix a previous omission.","frame_sz,xdp,fixes","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"1c7fb20d6b0acd452cb93d447051eac7724edfa7","1c7fb20d6b0acd452cb93d447051eac7724edfa7","Tobias Klauser","tklauser@distanz.ch","1592307183","Daniel Borkmann","daniel@iogearbox.net","1592409150","f951875f1990ba07a3e1a993451433d8b3371783","02553b91da5deb63c8562b47529b09b734659af0","tools, bpftool: Add ringbuf map type to map command docs Commit c34a06c56df7 (""tools/bpftool: Add ringbuf map to a list of known map types"") added the symbolic ""ringbuf"" name. Document it in the bpftool map command docs and usage as well. Signed-off-by: Tobias Klauser Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200616113303.8123-1-tklauser@distanz.ch","tools/bpf/bpftool/Documentation/bpftool-map.rst | 2 +-; tools/bpf/bpftool/map.c | 2 +-; 2 files changed, 2 insertions(+), 2 deletions(-)","This commit updates the bpftool documentation to include the ringbuf map type.","bpftool,ringbuf,map","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"02553b91da5deb63c8562b47529b09b734659af0","02553b91da5deb63c8562b47529b09b734659af0","Andrii Nakryiko","andriin@fb.com","1592283870","Daniel Borkmann","daniel@iogearbox.net","1592409002","82b0bdb70f7daa8660d243a98a1e893b4b08767c","6903cdae9f9f08d61e49c16cbef11c293e33a615","bpf: bpf_probe_read_kernel_str() has to return amount of data read on success During recent refactorings, bpf_probe_read_kernel_str() started returning 0 on success, instead of amount of data successfully read. This majorly breaks applications relying on bpf_probe_read_kernel_str() and bpf_probe_read_str() and their results. Fix this by returning actual number of bytes read. Fixes: 8d92db5c04d1 (""bpf: rework the compat kernel probe handling"") Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Reviewed-by: Christoph Hellwig Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200616050432.1902042-1-andriin@fb.com","kernel/trace/bpf_trace.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Fix bpf_probe_read_kernel_str to return the correct amount of data read instead of zero.","bpf_probe_read_kernel_str, data, fix","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.']" +"6903cdae9f9f08d61e49c16cbef11c293e33a615","6903cdae9f9f08d61e49c16cbef11c293e33a615","Gaurav Singh","gaurav1086@gmail.com","1591988007","Daniel Borkmann","daniel@iogearbox.net","1592312135","45ae1c002cf32dd421cb5dce9223d9d3b495086c","c34a06c56df7c513cd19f591b26fe7d814c778cc","bpf, xdp, samples: Fix null pointer dereference in *_user code Memset on the pointer right after malloc can cause a NULL pointer deference if it failed to allocate memory. A simple fix is to replace malloc()/memset() pair with a simple call to calloc(). Fixes: 0fca931a6f21 (""samples/bpf: program demonstrating access to xdp_rxq_info"") Signed-off-by: Gaurav Singh Signed-off-by: Daniel Borkmann Acked-by: Jesper Dangaard Brouer Acked-by: John Fastabend ","samples/bpf/xdp_monitor_user.c | 8 ++------; samples/bpf/xdp_redirect_cpu_user.c | 7 ++-----; samples/bpf/xdp_rxq_info_user.c | 13 +++----------; 3 files changed, 7 insertions(+), 21 deletions(-)","The commit fixes a null pointer dereference by replacing malloc/memset with calloc in eBPF XDP sample user code.","null,pointer,calloc","A bug fix. It primarily resolves a bug or issue in the code.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"c34a06c56df7c513cd19f591b26fe7d814c778cc","c34a06c56df7c513cd19f591b26fe7d814c778cc","Andrii Nakryiko","andriin@fb.com","1592261635","Daniel Borkmann","daniel@iogearbox.net","1592266710","0919bfb20f7dcd361e1ed79171adabd845da8733","b0659d8a950d424e57cc0a67afc4740ee561224e","tools/bpftool: Add ringbuf map to a list of known map types Add symbolic name ""ringbuf"" to map to BPF_MAP_TYPE_RINGBUF. Without this, users will see ""type 27"" instead of ""ringbuf"" in `map show` output. Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200615225355.366256-1-andriin@fb.com","tools/bpf/bpftool/map.c | 1 +; 1 file changed, 1 insertion(+)","The commit adds a symbolic name ""ringbuf"" to bpftool for better map type description.","bpftool,ringbuf,map","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"b0659d8a950d424e57cc0a67afc4740ee561224e","b0659d8a950d424e57cc0a67afc4740ee561224e","Andrii Nakryiko","andriin@fb.com","1592257766","Daniel Borkmann","daniel@iogearbox.net","1592266621","4dafe37ddf58376bf811b9bfc16348af993c59bb","c92cbaea3cc0a80807e386922f801eb6d3652c81","bpf: Fix definition of bpf_ringbuf_output() helper in UAPI comments Fix definition of bpf_ringbuf_output() in UAPI header comments, which is used to generate libbpf's bpf_helper_defs.h header. Return value is a number (error code), not a pointer. Fixes: 457f44363a88 (""bpf: Implement BPF ring buffer and verifier support for it"") Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200615214926.3638836-1-andriin@fb.com","include/uapi/linux/bpf.h | 2 +-; tools/include/uapi/linux/bpf.h | 2 +-; 2 files changed, 2 insertions(+), 2 deletions(-)","Fixes the bpf_ringbuf_output() return type in UAPI comments for accurate header generation.","bpf_ringbuf_output,UAPI,return","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"96144c58abe7ff767e754b5b80995f7b8846d49b","96144c58abe7ff767e754b5b80995f7b8846d49b","Linus Torvalds","torvalds@linux-foundation.org","1592090833","Linus Torvalds","torvalds@linux-foundation.org","1592090833","7fcc47090ced9be71fa35cbf5e00d0160b04a2d1","f82e7b57b5fc48199e2f26ffafe2f96f7338ad3d bc139119a1708ae3db1ebb379630f286e28d06e8","Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net Pull networking fixes from David Miller: 1) Fix cfg80211 deadlock, from Johannes Berg. 2) RXRPC fails to send norigications, from David Howells. 3) MPTCP RM_ADDR parsing has an off by one pointer error, fix from Geliang Tang. 4) Fix crash when using MSG_PEEK with sockmap, from Anny Hu. 5) The ucc_geth driver needs __netdev_watchdog_up exported, from Valentin Longchamp. 6) Fix hashtable memory leak in dccp, from Wang Hai. 7) Fix how nexthops are marked as FDB nexthops, from David Ahern. 8) Fix mptcp races between shutdown and recvmsg, from Paolo Abeni. 9) Fix crashes in tipc_disc_rcv(), from Tuong Lien. 10) Fix link speed reporting in iavf driver, from Brett Creeley. 11) When a channel is used for XSK and then reused again later for XSK, we forget to clear out the relevant data structures in mlx5 which causes all kinds of problems. Fix from Maxim Mikityanskiy. 12) Fix memory leak in genetlink, from Cong Wang. 13) Disallow sockmap attachments to UDP sockets, it simply won't work. From Lorenz Bauer. * git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (83 commits) net: ethernet: ti: ale: fix allmulti for nu type ale net: ethernet: ti: am65-cpsw-nuss: fix ale parameters init net: atm: Remove the error message according to the atomic context bpf: Undo internal BPF_PROBE_MEM in BPF insns dump libbpf: Support pre-initializing .bss global variables tools/bpftool: Fix skeleton codegen bpf: Fix memlock accounting for sock_hash bpf: sockmap: Don't attach programs to UDP sockets bpf: tcp: Recv() should return 0 when the peer socket is closed ibmvnic: Flush existing work items before device removal genetlink: clean up family attributes allocations net: ipa: header pad field only valid for AP->modem endpoint net: ipa: program upper nibbles of sequencer type net: ipa: fix modem LAN RX endpoint id net: ipa: program metadata mask differently ionic: add pcie_print_link_status rxrpc: Fix race between incoming ACK parser and retransmitter net/mlx5: E-Switch, Fix some error pointer dereferences net/mlx5: Don't fail driver on failure to create debugfs net/mlx5e: CT: Fix ipv6 nat header rewrite actions ...","","The commit merges networking fixes from the netdev repository into the kernel.","networking,merge,fixes","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"fa7566a0d68f8467846cba8ec29f1551b0a42de9","fa7566a0d68f8467846cba8ec29f1551b0a42de9","David S. Miller","davem@davemloft.net","1592087288","David S. Miller","davem@davemloft.net","1592087288","c520797b309d68cacd4bb9089473af7bf8644f07","bf97bac9dc6481e9f68992e52bed5cc4b210e636 29fcb05bbf1a7008900bb9bee347bdbfc7171036","Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf Alexei Starovoitov says: ==================== pull-request: bpf 2020-06-12 The following pull-request contains BPF updates for your *net* tree. We've added 26 non-merge commits during the last 10 day(s) which contain a total of 27 files changed, 348 insertions(+), 93 deletions(-). The main changes are: 1) sock_hash accounting fix, from Andrey. 2) libbpf fix and probe_mem sanitizing, from Andrii. 3) sock_hash fixes, from Jakub. 4) devmap_val fix, from Jesper. 5) load_bytes_relative fix, from YiFei. ==================== Signed-off-by: David S. Miller ","","This commit merges various BPF updates into the net tree, containing several fixes and improvements.","BPF, merge, fixes","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"29fcb05bbf1a7008900bb9bee347bdbfc7171036","29fcb05bbf1a7008900bb9bee347bdbfc7171036","Andrii Nakryiko","andriin@fb.com","1592007675","Alexei Starovoitov","ast@kernel.org","1592008538","048722952f48b23c5f2e2bf5889776962dae09cf","caf62492f479585296e9d636c798d5ac256b7b04","bpf: Undo internal BPF_PROBE_MEM in BPF insns dump BPF_PROBE_MEM is kernel-internal implmementation details. When dumping BPF instructions to user-space, it needs to be replaced back with BPF_MEM mode. Fixes: 2a02759ef5f8 (""bpf: Add support for BTF pointers to interpreter"") Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200613002115.1632142-1-andriin@fb.com","kernel/bpf/syscall.c | 17 ++++++++++++-----; 1 file changed, 12 insertions(+), 5 deletions(-)","Fixes the dumping of BPF instructions by replacing internal BPF_PROBE_MEM with BPF_MEM mode for user-space visibility.","BPF_PROBE_MEM, BPF_MEM, instructions","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"caf62492f479585296e9d636c798d5ac256b7b04","caf62492f479585296e9d636c798d5ac256b7b04","Andrii Nakryiko","andriin@fb.com","1591991104","Alexei Starovoitov","ast@kernel.org","1592000867","03150a668bc94cea09c896dbaa58d18266b7557d","22eb78792e07a4dfb63c85f34950d4e58eb90326","libbpf: Support pre-initializing .bss global variables Remove invalid assumption in libbpf that .bss map doesn't have to be updated in kernel. With addition of skeleton and memory-mapped initialization image, .bss doesn't have to be all zeroes when BPF map is created, because user-code might have initialized those variables from user-space. Fixes: eba9c5f498a1 (""libbpf: Refactor global data map initialization"") Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200612194504.557844-1-andriin@fb.com","tools/lib/bpf/libbpf.c | 4 --; tools/testing/selftests/bpf/prog_tests/skeleton.c | 45 ++++++++++++++++++++---; tools/testing/selftests/bpf/progs/test_skeleton.c | 19 ++++++++--; 3 files changed, 55 insertions(+), 13 deletions(-)","The commit allows pre-initialization of .bss global variables in libbpf with user-space values.","libbpf, initialization, variables","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"22eb78792e07a4dfb63c85f34950d4e58eb90326","22eb78792e07a4dfb63c85f34950d4e58eb90326","Andrii Nakryiko","andriin@fb.com","1591992963","Alexei Starovoitov","ast@kernel.org","1592000704","07d8d66b127127df8ced2287e57b05bb2d6b8f93","60e5ca8a64bad8f3e2e20a1e57846e497361c700","tools/bpftool: Fix skeleton codegen Remove unnecessary check at the end of codegen() routine which makes codegen() to always fail and exit bpftool with error code. Positive value of variable n is not an indicator of a failure. Fixes: 2c4779eff837 (""tools, bpftool: Exit on error in function codegen"") Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Reviewed-by: Tobias Klauser Link: https://lore.kernel.org/bpf/20200612201603.680852-1-andriin@fb.com","tools/bpf/bpftool/gen.c | 2 --; 1 file changed, 2 deletions(-)","Fixes a bug in bpftool skeleton code generation that caused codegen to always fail due to an unnecessary check.","bpftool,codegen,fix","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"60e5ca8a64bad8f3e2e20a1e57846e497361c700","60e5ca8a64bad8f3e2e20a1e57846e497361c700","Andrey Ignatov","rdna@fb.com","1591920537","Alexei Starovoitov","ast@kernel.org","1592000489","2ea585b365400086452e0f5352bf893fb693777f","f6fede8569689dd31e7b0ed15024b25e5ce2e2e5","bpf: Fix memlock accounting for sock_hash Add missed bpf_map_charge_init() in sock_hash_alloc() and correspondingly bpf_map_charge_finish() on ENOMEM. It was found accidentally while working on unrelated selftest that checks ""map->memory.pages > 0"" is true for all map types. Before: # bpftool m l ... 3692: sockhash name m_sockhash flags 0x0 key 4B value 4B max_entries 8 memlock 0B After: # bpftool m l ... 84: sockmap name m_sockmap flags 0x0 key 4B value 4B max_entries 8 memlock 4096B Fixes: 604326b41a6f (""bpf, sockmap: convert to generic sk_msg interface"") Signed-off-by: Andrey Ignatov Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200612000857.2881453-1-rdna@fb.com","net/core/sock_map.c | 4 ++++; 1 file changed, 4 insertions(+)","The commit fixes memlock accounting for sock_hash in bpf by adding the missed bpf_map_charge_init() and corresponding bpf_map_charge_finish().","memlock,sock_hash,bpf_map_charge","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"f6fede8569689dd31e7b0ed15024b25e5ce2e2e5","f6fede8569689dd31e7b0ed15024b25e5ce2e2e5","Lorenz Bauer","lmb@cloudflare.com","1591896320","Alexei Starovoitov","ast@kernel.org","1592000023","05dd70a403a2cb4187a111008b6050126fda0acb","2c7269b231194aae23fb90ab65842573a91acbc9","bpf: sockmap: Don't attach programs to UDP sockets The stream parser infrastructure isn't set up to deal with UDP sockets, so we mustn't try to attach programs to them. I remember making this change at some point, but I must have lost it while rebasing or something similar. Fixes: 7b98cd42b049 (""bpf: sockmap: Add UDP support"") Signed-off-by: Lorenz Bauer Signed-off-by: Alexei Starovoitov Acked-by: Jakub Sitnicki Link: https://lore.kernel.org/bpf/20200611172520.327602-1-lmb@cloudflare.com","net/core/sock_map.c | 10 ++++++----; 1 file changed, 6 insertions(+), 4 deletions(-)","This commit prevents attaching eBPF programs to UDP sockets as the stream parser is not designed for them.","sockmap,UDP,sockets","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"2c7269b231194aae23fb90ab65842573a91acbc9","2c7269b231194aae23fb90ab65842573a91acbc9","Sabrina Dubroca","sd@queasysnail.net","1591784383","Alexei Starovoitov","ast@kernel.org","1591999812","8b85edb1c7f094125445f5cea4e5d574c0d783e7","2c4779eff837f1035f6f9650d246905daadd9528","bpf: tcp: Recv() should return 0 when the peer socket is closed If the peer is closed, we will never get more data, so tcp_bpf_wait_data will get stuck forever. In case we passed MSG_DONTWAIT to recv(), we get EAGAIN but we should actually get 0. >From man 2 recv: RETURN VALUE When a stream socket peer has performed an orderly shutdown, the return value will be 0 (the traditional ""end-of-file"" return). This patch makes tcp_bpf_wait_data always return 1 when the peer socket has been shutdown. Either we have data available, and it would have returned 1 anyway, or there isn't, in which case we'll call tcp_recvmsg which does the right thing in this situation. Fixes: 604326b41a6f (""bpf, sockmap: convert to generic sk_msg interface"") Signed-off-by: Sabrina Dubroca Signed-off-by: Alexei Starovoitov Acked-by: Jakub Sitnicki Link: https://lore.kernel.org/bpf/26038a28c21fea5d04d4bd4744c5686d3f2e5504.1591784177.git.sd@queasysnail.net","net/ipv4/tcp_bpf.c | 3 +++; 1 file changed, 3 insertions(+)","This commit fixes a bug where recv() returns EAGAIN instead of 0 when the peer socket is closed in tcp_bpf_wait_data.","recv socket_closed tcp_bpf","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"2c4779eff837f1035f6f9650d246905daadd9528","2c4779eff837f1035f6f9650d246905daadd9528","Tobias Klauser","tklauser@distanz.ch","1591871621","Daniel Borkmann","daniel@iogearbox.net","1591912339","590ed0b5cc99e94266f3b68b14681223f85362dd","aa2cad0600ed2ca6a0ab39948d4db1666b6c962b","tools, bpftool: Exit on error in function codegen Currently, the codegen function might fail and return an error. But its callers continue without checking its return value. Since codegen can fail only in the unlikely case of the system running out of memory or the static template being malformed, just exit(-1) directly from codegen and make it void-returning. Suggested-by: Andrii Nakryiko Signed-off-by: Tobias Klauser Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200611103341.21532-1-tklauser@distanz.ch","tools/bpf/bpftool/gen.c | 11 ++++++-----; 1 file changed, 6 insertions(+), 5 deletions(-)","The commit modifies bpftool to exit immediately if the codegen function fails.","bpftool,codegen,exit","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"aa2cad0600ed2ca6a0ab39948d4db1666b6c962b","aa2cad0600ed2ca6a0ab39948d4db1666b6c962b","Li RongQing","lirongqing@baidu.com","1591852266","Daniel Borkmann","daniel@iogearbox.net","1591911873","2916f14c96f58814b34ae50940de56d6fdbd8692","d4060ac969563113101c79433f2ae005feca1c29","xdp: Fix xsk_generic_xmit errno Propagate sock_alloc_send_skb error code, not set it to EAGAIN unconditionally, when fail to allocate skb, which might cause that user space unnecessary loops. Fixes: 35fcde7f8deb (""xsk: support for Tx"") Signed-off-by: Li RongQing Signed-off-by: Daniel Borkmann Acked-by: Björn Töpel Link: https://lore.kernel.org/bpf/1591852266-24017-1-git-send-email-lirongqing@baidu.com","net/xdp/xsk.c | 4 +---; 1 file changed, 1 insertion(+), 3 deletions(-)","This commit corrects the error propagation in xsk_generic_xmit to avoid unnecessary user-space loops.","xdp,error,fix","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"d4060ac969563113101c79433f2ae005feca1c29","d4060ac969563113101c79433f2ae005feca1c29","Tobias Klauser","tklauser@distanz.ch","1591794484","Daniel Borkmann","daniel@iogearbox.net","1591884528","c8daf92bdcf0d938dc3d3582c5116552315af6af","bd6fecb9a99cceb949271c1821cfbad2b2db97c6","tools, bpftool: Fix memory leak in codegen error cases Free the memory allocated for the template on error paths in function codegen. Signed-off-by: Tobias Klauser Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200610130804.21423-1-tklauser@distanz.ch","tools/bpf/bpftool/gen.c | 2 ++; 1 file changed, 2 insertions(+)","Fixes memory leak in bpftool by freeing allocated memory in error cases.","memory, leak, bpftool","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"bd6fecb9a99cceb949271c1821cfbad2b2db97c6","bd6fecb9a99cceb949271c1821cfbad2b2db97c6","YiFei Zhu","zhuyifei1999@gmail.com","1591814500","Daniel Borkmann","daniel@iogearbox.net","1591884356","f2cec2a7c3a8a2ef84b143e61225c440d12e1259","0f5d82f187e1beda3fe7295dfc500af266a5bd80","selftests/bpf: Add cgroup_skb/egress test for load_bytes_relative When cgroup_skb/egress triggers the MAC header is not set. Added a test that asserts reading MAC header is a -EFAULT but NET header succeeds. The test result from within the eBPF program is stored in an 1-element array map that the userspace then reads and asserts on. Another assertion is added that reading from a large offset, past the end of packet, returns -EFAULT. Signed-off-by: YiFei Zhu Signed-off-by: Daniel Borkmann Reviewed-by: Stanislav Fomichev Link: https://lore.kernel.org/bpf/9028ccbea4385a620e69c0a104f469ffd655c01e.1591812755.git.zhuyifei@google.com",".../selftests/bpf/prog_tests/load_bytes_relative.c | 71 ++++++++++++++++++++++; .../selftests/bpf/progs/load_bytes_relative.c | 48 +++++++++++++++; 2 files changed, 119 insertions(+)","Add self-tests in cgroup_skb/egress for load_bytes_relative to ensure correct behavior when reading packet headers.","test,cgroup_skb,load_bytes_relative","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"0f5d82f187e1beda3fe7295dfc500af266a5bd80","0f5d82f187e1beda3fe7295dfc500af266a5bd80","YiFei Zhu","zhuyifei1999@gmail.com","1591814499","Daniel Borkmann","daniel@iogearbox.net","1591884356","d39d92b7b721bcca5813381113df0c054260b4dc","47f6bc4ce1ff70d7ba0924c2f1c218c96cd585fb","net/filter: Permit reading NET in load_bytes_relative when MAC not set Added a check in the switch case on start_header that checks for the existence of the header, and in the case that MAC is not set and the caller requests for MAC, -EFAULT. If the caller requests for NET then MAC's existence is completely ignored. There is no function to check NET header's existence and as far as cgroup_skb/egress is concerned it should always be set. Removed for ptr >= the start of header, considering offset is bounded unsigned and should always be true. len <= end - mac is redundant to ptr + len <= end. Fixes: 3eee1f75f2b9 (""bpf: fix bpf_skb_load_bytes_relative pkt length check"") Signed-off-by: YiFei Zhu Signed-off-by: Daniel Borkmann Reviewed-by: Stanislav Fomichev Link: https://lore.kernel.org/bpf/76bb820ddb6a95f59a772ecbd8c8a336f646b362.1591812755.git.zhuyifei@google.com","net/core/filter.c | 16 +++++++++-------; 1 file changed, 9 insertions(+), 7 deletions(-)","The commit fixes NET header logic in eBPF by allowing NET access even when MAC is unset.","NET, MAC, header","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', 'Netfilter related type programs. It impacts programs interacting with the Netfilter framework used in packet filtering and NAT.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"4382a79b2746faf9db98a34ae1a1cbd364473f75","4382a79b2746faf9db98a34ae1a1cbd364473f75","Linus Torvalds","torvalds@linux-foundation.org","1591830174","Linus Torvalds","torvalds@linux-foundation.org","1591830174","1bd6e40c0120cef455b6e6294df0cea10fe13be0","79ca035d2d941839f55f3b8b69f8e81c66946ed8 b7e4b65f3fe92abbf4a1f57987a54c820969aebd","Merge branch 'uaccess.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs Pull misc uaccess updates from Al Viro: ""Assorted uaccess patches for this cycle - the stuff that didn't fit into thematic series"" * 'uaccess.misc' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: bpf: make bpf_check_uarg_tail_zero() use check_zeroed_user() x86: kvm_hv_set_msr(): use __put_user() instead of 32bit __clear_user() user_regset_copyout_zero(): use clear_user() TEST_ACCESS_OK _never_ had been checked anywhere x86: switch cp_stat64() to unsafe_put_user() binfmt_flat: don't use __put_user() binfmt_elf_fdpic: don't use __... uaccess primitives binfmt_elf: don't bother with __{put,copy_to}_user() pselect6() and friends: take handling the combined 6th/7th args into helper","","This commit merges miscellaneous uaccess patches from Al Viro's branch.","merge uaccess patches","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"47f6bc4ce1ff70d7ba0924c2f1c218c96cd585fb","47f6bc4ce1ff70d7ba0924c2f1c218c96cd585fb","Brett Mastbergen","brett.mastbergen@gmail.com","1591738506","Daniel Borkmann","daniel@iogearbox.net","1591789204","287dcfb1d52a71ce1be41234f90e2af8f712d6f1","32022fd97ed34f6812802bf1288db27c313576f4","tools, bpf: Do not force gcc as CC This allows transparent cross-compilation with CROSS_COMPILE by relying on 7ed1c1901fe5 (""tools: fix cross-compile var clobbering""). Same change was applied to tools/bpf/bpftool/Makefile in 9e88b9312acb (""tools: bpftool: do not force gcc as CC""). Signed-off-by: Brett Mastbergen Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200609213506.3299-1-brett.mastbergen@gmail.com","tools/bpf/Makefile | 1 -; 1 file changed, 1 deletion(-)","The commit modifies the Makefile in tools/bpf to avoid enforcing gcc as the compiler for better cross-compilation support.","cross-compilation,Makefile,gcc","A build system or CI/CD change. It affects the build process continuous integration or deployment pipelines.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"32022fd97ed34f6812802bf1288db27c313576f4","32022fd97ed34f6812802bf1288db27c313576f4","Andrii Nakryiko","andriin@fb.com","1591766615","Daniel Borkmann","daniel@iogearbox.net","1591789022","1afdc5598b61e41a8114a4fe5c733e3ae8cb6ae6","8ca8d4a841730c02e77bf3c87bf658cc44f364b9","libbpf: Handle GCC noreturn-turned-volatile quirk Handle a GCC quirk of emitting extra volatile modifier in DWARF (and subsequently preserved in BTF by pahole) for function pointers marked as __attribute__((noreturn)). This was the way to mark such functions before GCC 2.5 added noreturn attribute. Drop such func_proto modifiers, similarly to how it's done for array (also to handle GCC quirk/bug). Such volatile attribute is emitted by GCC only, so existing selftests can't express such test. Simple repro is like this (compiled with GCC + BTF generated by pahole): struct my_struct { void __attribute__((noreturn)) (*fn)(int); }; struct my_struct a; Without this fix, output will be: struct my_struct { voidvolatile (*fn)(int); }; With the fix: struct my_struct { void (*fn)(int); }; Fixes: 351131b51c7a (""libbpf: add btf_dump API for BTF-to-C conversion"") Reported-by: Jean-Philippe Brucker Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Tested-by: Jean-Philippe Brucker Link: https://lore.kernel.org/bpf/20200610052335.2862559-1-andriin@fb.com","tools/lib/bpf/btf_dump.c | 33 ++++++++++++++++++++++++---------; 1 file changed, 24 insertions(+), 9 deletions(-)","The commit fixes a GCC-related issue in libbpf by handling unnecessary volatile modifiers in BTF for noreturn function pointers.","libbpf, GCC, volatile","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"8ca8d4a841730c02e77bf3c87bf658cc44f364b9","8ca8d4a841730c02e77bf3c87bf658cc44f364b9","Arnaldo Carvalho de Melo","acme@kernel.org","1591737413","Daniel Borkmann","daniel@iogearbox.net","1591744765","b699f3f002299f989c1cd419c759eaab9fcc23e3","042b1545fe47788e734b0f074a8ae65856015cdf","libbpf: Define __WORDSIZE if not available Some systems, such as Android, don't have a define for __WORDSIZE, do it in terms of __SIZEOF_LONG__, as done in perf since 2012: http://git.kernel.org/torvalds/c/3f34f6c0233ae055b5 For reference: https://gcc.gnu.org/onlinedocs/cpp/Common-Predefined-Macros.html I build tested it here and Andrii did some Travis CI build tests too. Signed-off-by: Arnaldo Carvalho de Melo Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200608161150.GA3073@kernel.org","tools/lib/bpf/hashmap.h | 7 +++----; 1 file changed, 3 insertions(+), 4 deletions(-)","A workaround is added to libbpf for systems like Android lacking __WORDSIZE definition using __SIZEOF_LONG__.","libbpf,__WORDSIZE,Android","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"042b1545fe47788e734b0f074a8ae65856015cdf","042b1545fe47788e734b0f074a8ae65856015cdf","Jesper Dangaard Brouer","brouer@redhat.com","1591709512","Alexei Starovoitov","ast@kernel.org","1591727779","ce52d0d30b9d923882633c776b073d80bc812cf3","281920b7e0b31e0a7706433ff58e7d52ac97c327","bpf: Selftests and tools use struct bpf_devmap_val from uapi Sync tools uapi bpf.h header file and update selftests that use struct bpf_devmap_val. Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/159170951195.2102545.1833108712124273987.stgit@firesoul","tools/include/uapi/linux/bpf.h | 13 +++++++++++++; tools/testing/selftests/bpf/prog_tests/xdp_devmap_attach.c | 8 --------; tools/testing/selftests/bpf/progs/test_xdp_devmap_helpers.c | 2 +-; .../selftests/bpf/progs/test_xdp_with_devmap_helpers.c | 3 +--; 4 files changed, 15 insertions(+), 11 deletions(-)","Sync uapi bpf.h and update selftests for struct bpf_devmap_val usage.","uapi,selftests,devmap","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"281920b7e0b31e0a7706433ff58e7d52ac97c327","281920b7e0b31e0a7706433ff58e7d52ac97c327","Jesper Dangaard Brouer","brouer@redhat.com","1591709506","Alexei Starovoitov","ast@kernel.org","1591727778","64eae501b2e4edc6a07a2c530f29bb3c009e0a11","248e00ac47d64e153b9c50f45aad73cd61894a73","bpf: Devmap adjust uapi for attach bpf program V2: - Defer changing BPF-syscall to start at file-descriptor 1 - Use {} to zero initialise struct. The recent commit fbee97feed9b (""bpf: Add support to attach bpf program to a devmap entry""), introduced ability to attach (and run) a separate XDP bpf_prog for each devmap entry. A bpf_prog is added via a file-descriptor. As zero were a valid FD, not using the feature requires using value minus-1. The UAPI is extended via tail-extending struct bpf_devmap_val and using map->value_size to determine the feature set. This will break older userspace applications not using the bpf_prog feature. Consider an old userspace app that is compiled against newer kernel uapi/bpf.h, it will not know that it need to initialise the member bpf_prog.fd to minus-1. Thus, users will be forced to update source code to get program running on newer kernels. This patch remove the minus-1 checks, and have zero mean feature isn't used. Followup patches either for kernel or libbpf should handle and avoid returning file-descriptor zero in the first place. Fixes: fbee97feed9b (""bpf: Add support to attach bpf program to a devmap entry"") Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/159170950687.2102545.7235914718298050113.stgit@firesoul","include/uapi/linux/bpf.h | 13 +++++++++++++; kernel/bpf/devmap.c | 17 ++++-------------; 2 files changed, 17 insertions(+), 13 deletions(-)","This commit adjusts the UAPI for attaching BPF programs to devmap entries by using file descriptor zero for feature non-usage, aiding backward compatibility.","UAPI,devmap,compatibility","A bug fix. It primarily resolves a bug or issue in the code.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"248e00ac47d64e153b9c50f45aad73cd61894a73","248e00ac47d64e153b9c50f45aad73cd61894a73","Lorenz Bauer","lmb@cloudflare.com","1591633321","Alexei Starovoitov","ast@kernel.org","1591726903","c319d492bd9e0bf5c9c3c7a321af5036fa50fcaf","26afa0a4eb3fd87757f9de56ec5db5a03b14e120","bpf: cgroup: Allow multi-attach program to replace itself When using BPF_PROG_ATTACH to attach a program to a cgroup in BPF_F_ALLOW_MULTI mode, it is not possible to replace a program with itself. This is because the check for duplicate programs doesn't take the replacement program into account. Replacing a program with itself might seem weird, but it has some uses: first, it allows resetting the associated cgroup storage. Second, it makes the API consistent with the non-ALLOW_MULTI usage, where it is possible to replace a program with itself. Third, it aligns BPF_PROG_ATTACH with bpf_link, where replacing itself is also supported. Sice this code has been refactored a few times this change will only apply to v5.7 and later. Adjustments could be made to commit 1020c1f24a94 (""bpf: Simplify __cgroup_bpf_attach"") and commit d7bf2c10af05 (""bpf: allocate cgroup storage entries on attaching bpf programs"") as well as commit 324bda9e6c5a (""bpf: multi program support for cgroup+bpf"") Fixes: af6eea57437a (""bpf: Implement bpf_link-based cgroup BPF program attachment"") Signed-off-by: Lorenz Bauer Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200608162202.94002-1-lmb@cloudflare.com","kernel/bpf/cgroup.c | 2 +-; tools/testing/selftests/bpf/prog_tests/cgroup_attach_multi.c | 7 +++++++; 2 files changed, 8 insertions(+), 1 deletion(-)","This commit allows multi-attach eBPF programs to replace themselves in a cgroup for consistency and storage reset.","multi-attach,cgroup,replace","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"26afa0a4eb3fd87757f9de56ec5db5a03b14e120","26afa0a4eb3fd87757f9de56ec5db5a03b14e120","David Ahern","dsahern@kernel.org","1591629443","Alexei Starovoitov","ast@kernel.org","1591726775","4fb2335426fa09726592ff143124f2f4ade9cac6","22d5bd6867364b41576a712755271a7d6161abd6","bpf: Reset data_meta before running programs attached to devmap entry This is a new context that does not handle metadata at the moment, so mark data_meta invalid. Fixes: fbee97feed9b (""bpf: Add support to attach bpf program to a devmap entry"") Signed-off-by: David Ahern Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200608151723.9539-1-dsahern@kernel.org","kernel/bpf/devmap.c | 1 +; 1 file changed, 1 insertion(+)","The commit resets data_meta before running BPF programs on a devmap to handle metadata properly.","data_meta,devmap,programs","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"22d5bd6867364b41576a712755271a7d6161abd6","22d5bd6867364b41576a712755271a7d6161abd6","Jean-Philippe Brucker","jean-philippe@linaro.org","1591620332","Alexei Starovoitov","ast@kernel.org","1591726212","5636279f5c7537d231e96104ae96301bc5d5dcd7","21a85bd601ee50f2796d52c542c46d04e21cedac","tracing/probe: Fix bpf_task_fd_query() for kprobes and uprobes Commit 60d53e2c3b75 (""tracing/probe: Split trace_event related data from trace_probe"") removed the trace_[ku]probe structure from the trace_event_call->data pointer. As bpf_get_[ku]probe_info() were forgotten in that change, fix them now. These functions are currently only used by the bpf_task_fd_query() syscall handler to collect information about a perf event. Fixes: 60d53e2c3b75 (""tracing/probe: Split trace_event related data from trace_probe"") Signed-off-by: Jean-Philippe Brucker Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Acked-by: Masami Hiramatsu Link: https://lore.kernel.org/bpf/20200608124531.819838-1-jean-philippe@linaro.org","kernel/trace/trace_kprobe.c | 2 +-; kernel/trace/trace_uprobe.c | 2 +-; 2 files changed, 2 insertions(+), 2 deletions(-)","This commit fixes an issue in bpf_task_fd_query() for kprobes and uprobes introduced by a previous change.","fix, kprobes, uprobes","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['kprobe/ftrace like type kernel dynamic probe programs. It affects kernel-level probes used for tracing kernel functions. It can be other kernel probes in perf-events.', 'uprobe/usdt like type user-space dynamic probe programs. It impacts user-space probes for tracing user-space applications. It can be other user-space probes in perf-events.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"21a85bd601ee50f2796d52c542c46d04e21cedac","21a85bd601ee50f2796d52c542c46d04e21cedac","Lorenz Bauer","lmb@cloudflare.com","1591609377","Alexei Starovoitov","ast@kernel.org","1591725949","9e036569cfb1ee0a84906d2357d91e1e3a9357d0","75e68e5bf2c7fa9d3e874099139df03d5952a3e1","scripts: Require pahole v1.16 when generating BTF bpf_iter requires the kernel BTF to be generated with pahole >= 1.16, since otherwise the function definitions that the iterator attaches to are not included. This failure mode is indistiguishable from trying to attach to an iterator that really doesn't exist. Since it's really easy to miss this requirement, bump the pahole version check used at build time to at least 1.16. Fixes: 15d83c4d7cef (""bpf: Allow loading of a bpf_iter program"") Suggested-by: Ivan Babrou Signed-off-by: Lorenz Bauer Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200608094257.47366-1-lmb@cloudflare.com","scripts/link-vmlinux.sh | 4 ++--; 1 file changed, 2 insertions(+), 2 deletions(-)","The commit updates the build script to require pahole version 1.16 or higher for generating kernel BTF to support bpf_iter.","pahole, BTF, bpf_iter","A build system or CI/CD change. It affects the build process continuous integration or deployment pipelines.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"75e68e5bf2c7fa9d3e874099139df03d5952a3e1","75e68e5bf2c7fa9d3e874099139df03d5952a3e1","Jakub Sitnicki","jakub@cloudflare.com","1591563149","Alexei Starovoitov","ast@kernel.org","1591725544","2883b1bde04553b82b68ecc1a72f338971d19782","33a7c831565c43a7ee2f38c7df4c4a40e1dfdfed","bpf, sockhash: Synchronize delete from bucket list on map free We can end up modifying the sockhash bucket list from two CPUs when a sockhash is being destroyed (sock_hash_free) on one CPU, while a socket that is in the sockhash is unlinking itself from it on another CPU it (sock_hash_delete_from_link). This results in accessing a list element that is in an undefined state as reported by KASAN: | ================================================================== | BUG: KASAN: wild-memory-access in sock_hash_free+0x13c/0x280 | Write of size 8 at addr dead000000000122 by task kworker/2:1/95 | | CPU: 2 PID: 95 Comm: kworker/2:1 Not tainted 5.7.0-rc7-02961-ge22c35ab0038-dirty #691 | Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS ?-20190727_073836-buildvm-ppc64le-16.ppc.fedoraproject.org-3.fc31 04/01/2014 | Workqueue: events bpf_map_free_deferred | Call Trace: | dump_stack+0x97/0xe0 | ? sock_hash_free+0x13c/0x280 | __kasan_report.cold+0x5/0x40 | ? mark_lock+0xbc1/0xc00 | ? sock_hash_free+0x13c/0x280 | kasan_report+0x38/0x50 | ? sock_hash_free+0x152/0x280 | sock_hash_free+0x13c/0x280 | bpf_map_free_deferred+0xb2/0xd0 | ? bpf_map_charge_finish+0x50/0x50 | ? rcu_read_lock_sched_held+0x81/0xb0 | ? rcu_read_lock_bh_held+0x90/0x90 | process_one_work+0x59a/0xac0 | ? lock_release+0x3b0/0x3b0 | ? pwq_dec_nr_in_flight+0x110/0x110 | ? rwlock_bug.part.0+0x60/0x60 | worker_thread+0x7a/0x680 | ? _raw_spin_unlock_irqrestore+0x4c/0x60 | kthread+0x1cc/0x220 | ? process_one_work+0xac0/0xac0 | ? kthread_create_on_node+0xa0/0xa0 | ret_from_fork+0x24/0x30 | ================================================================== Fix it by reintroducing spin-lock protected critical section around the code that removes the elements from the bucket on sockhash free. To do that we also need to defer processing of removed elements, until out of atomic context so that we can unlink the socket from the map when holding the sock lock. Fixes: 90db6d772f74 (""bpf, sockmap: Remove bucket->lock from sock_{hash|map}_free"") Reported-by: Eric Dumazet Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200607205229.2389672-3-jakub@cloudflare.com","net/core/sock_map.c | 23 +++++++++++++++++++++--; 1 file changed, 21 insertions(+), 2 deletions(-)","The commit fixes concurrency issues in sockhash bucket unlinking by reintroducing spin-locks to prevent wild memory access during map free.","sockhash,spin-lock,concurrency","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"33a7c831565c43a7ee2f38c7df4c4a40e1dfdfed","33a7c831565c43a7ee2f38c7df4c4a40e1dfdfed","Jakub Sitnicki","jakub@cloudflare.com","1591563148","Alexei Starovoitov","ast@kernel.org","1591725544","4fc699753e28804774c573e851794ef7c8acc1b5","487082fb7bd2a32b66927d2b22e3a81b072b44f0","bpf, sockhash: Fix memory leak when unlinking sockets in sock_hash_free When sockhash gets destroyed while sockets are still linked to it, we will walk the bucket lists and delete the links. However, we are not freeing the list elements after processing them, leaking the memory. The leak can be triggered by close()'ing a sockhash map when it still contains sockets, and observed with kmemleak: unreferenced object 0xffff888116e86f00 (size 64): comm ""race_sock_unlin"", pid 223, jiffies 4294731063 (age 217.404s) hex dump (first 32 bytes): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................ 81 de e8 41 00 00 00 00 c0 69 2f 15 81 88 ff ff ...A.....i/..... backtrace: [<00000000dd089ebb>] sock_hash_update_common+0x4ca/0x760 [<00000000b8219bd5>] sock_hash_update_elem+0x1d2/0x200 [<000000005e2c23de>] __do_sys_bpf+0x2046/0x2990 [<00000000d0084618>] do_syscall_64+0xad/0x9a0 [<000000000d96f263>] entry_SYSCALL_64_after_hwframe+0x49/0xb3 Fix it by freeing the list element when we're done with it. Fixes: 604326b41a6f (""bpf, sockmap: convert to generic sk_msg interface"") Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200607205229.2389672-2-jakub@cloudflare.com","net/core/sock_map.c | 1 +; 1 file changed, 1 insertion(+)","Fixes memory leak in sockhash by freeing list elements when unlinking sockets.","memory, leak, sockhash","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"487082fb7bd2a32b66927d2b22e3a81b072b44f0","487082fb7bd2a32b66927d2b22e3a81b072b44f0","dihu","anny.hu@linux.alibaba.com","1591346785","Alexei Starovoitov","ast@kernel.org","1591725396","b470e938b241a0bbd445d118be325f44ee9f4d85","1f2436229bf64ac040f2f5018df059c21fc5526a","bpf/sockmap: Fix kernel panic at __tcp_bpf_recvmsg When user application calls read() with MSG_PEEK flag to read data of bpf sockmap socket, kernel panic happens at __tcp_bpf_recvmsg+0x12c/0x350. sk_msg is not removed from ingress_msg queue after read out under MSG_PEEK flag is set. Because it's not judged whether sk_msg is the last msg of ingress_msg queue, the next sk_msg may be the head of ingress_msg queue, whose memory address of sg page is invalid. So it's necessary to add check codes to prevent this problem. [20759.125457] BUG: kernel NULL pointer dereference, address: 0000000000000008 [20759.132118] CPU: 53 PID: 51378 Comm: envoy Tainted: G E 5.4.32 #1 [20759.140890] Hardware name: Inspur SA5212M4/YZMB-00370-109, BIOS 4.1.12 06/18/2017 [20759.149734] RIP: 0010:copy_page_to_iter+0xad/0x300 [20759.270877] __tcp_bpf_recvmsg+0x12c/0x350 [20759.276099] tcp_bpf_recvmsg+0x113/0x370 [20759.281137] inet_recvmsg+0x55/0xc0 [20759.285734] __sys_recvfrom+0xc8/0x130 [20759.290566] ? __audit_syscall_entry+0x103/0x130 [20759.296227] ? syscall_trace_enter+0x1d2/0x2d0 [20759.301700] ? __audit_syscall_exit+0x1e4/0x290 [20759.307235] __x64_sys_recvfrom+0x24/0x30 [20759.312226] do_syscall_64+0x55/0x1b0 [20759.316852] entry_SYSCALL_64_after_hwframe+0x44/0xa9 Signed-off-by: dihu Signed-off-by: Alexei Starovoitov Acked-by: John Fastabend Acked-by: Jakub Sitnicki Link: https://lore.kernel.org/bpf/20200605084625.9783-1-anny.hu@linux.alibaba.com","net/ipv4/tcp_bpf.c | 3 +++; 1 file changed, 3 insertions(+)","This commit fixes a kernel panic when reading from a bpf sockmap with MSG_PEEK flag set.","kernel, MSG_PEEK, panic","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"a5ad5742f671de906adbf29fbedf0a04705cebad","a5ad5742f671de906adbf29fbedf0a04705cebad","Linus Torvalds","torvalds@linux-foundation.org","1591721686","Linus Torvalds","torvalds@linux-foundation.org","1591721686","88d1a4c18e2025a5a8335dbbc9dea8bebeba5789","013b2deba9a6b80ca02f4fafd7dedf875e9b4450 4fa7252338a56fbc90220e6330f136a379175a7a","Merge branch 'akpm' (patches from Andrew) Merge even more updates from Andrew Morton: - a kernel-wide sweep of show_stack() - pagetable cleanups - abstract out accesses to mmap_sem - prep for mmap_sem scalability work - hch's user acess work Subsystems affected by this patch series: debug, mm/pagemap, mm/maccess, mm/documentation. * emailed patches from Andrew Morton : (93 commits) include/linux/cache.h: expand documentation over __read_mostly maccess: return -ERANGE when probe_kernel_read() fails x86: use non-set_fs based maccess routines maccess: allow architectures to provide kernel probing directly maccess: move user access routines together maccess: always use strict semantics for probe_kernel_read maccess: remove strncpy_from_unsafe tracing/kprobes: handle mixed kernel/userspace probes better bpf: rework the compat kernel probe handling bpf:bpf_seq_printf(): handle potentially unsafe format string better bpf: handle the compat string in bpf_trace_copy_string better bpf: factor out a bpf_trace_copy_string helper maccess: unify the probe kernel arch hooks maccess: remove probe_read_common and probe_write_common maccess: rename strnlen_unsafe_user to strnlen_user_nofault maccess: rename strncpy_from_unsafe_strict to strncpy_from_kernel_nofault maccess: rename strncpy_from_unsafe_user to strncpy_from_user_nofault maccess: update the top of file comment maccess: clarify kerneldoc comments maccess: remove duplicate kerneldoc comments ...","","This commit merges patches from Andrew Morton affecting debug, memory management, and eBPF components in the kernel.","merge,debug,eBPF","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"98a23609b10364a51a1bb3688f8dd1cd1aa94a9a","98a23609b10364a51a1bb3688f8dd1cd1aa94a9a","Christoph Hellwig","hch@lst.de","1591677290","Linus Torvalds","torvalds@linux-foundation.org","1591720755","8cf32f92fccd8cd5264434d42fa68dcba4c2ab3c","7676fbf21b5fa04341c8046c2cbcd1949293e7ec","maccess: always use strict semantics for probe_kernel_read Except for historical confusion in the kprobes/uprobes and bpf tracers, which has been fixed now, there is no good reason to ever allow user memory accesses from probe_kernel_read. Switch probe_kernel_read to only read from kernel memory. [akpm@linux-foundation.org: update it for ""mm, dump_page(): do not crash with invalid mapping pointer""] Signed-off-by: Christoph Hellwig Signed-off-by: Andrew Morton Cc: Alexei Starovoitov Cc: Daniel Borkmann Cc: ""H. Peter Anvin"" Cc: Ingo Molnar Cc: Masami Hiramatsu Cc: Thomas Gleixner Link: http://lkml.kernel.org/r/20200521152301.2587579-17-hch@lst.de Signed-off-by: Linus Torvalds ","arch/parisc/lib/memcpy.c | 2 +-; arch/um/kernel/maccess.c | 2 +-; arch/x86/mm/maccess.c | 9 ++-------; include/linux/uaccess.h | 4 +---; kernel/trace/bpf_trace.c | 2 +-; kernel/trace/trace_kprobe.c | 4 ++--; mm/debug.c | 10 +++++-----; mm/maccess.c | 40 ++++++----------------------------------; 8 files changed, 19 insertions(+), 54 deletions(-)","The commit enforces strict semantics for probe_kernel_read to read only from kernel memory addressing issues with kprobes uprobes and bpf tracers.","probe_kernel_read, kernel_memory, strict_semantics","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', 'kprobe/ftrace like type kernel dynamic probe programs. It affects kernel-level probes used for tracing kernel functions. It can be other kernel probes in perf-events.', ""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"8d92db5c04d10381f4db70ed99b1b576f5db18a7","8d92db5c04d10381f4db70ed99b1b576f5db18a7","Christoph Hellwig","hch@lst.de","1591677280","Linus Torvalds","torvalds@linux-foundation.org","1591720755","51334cc23b1f21ace2bb70f43eb604d86ad19ce7","19c8d8ac63d39578483db0b82107c172d8edfb07","bpf: rework the compat kernel probe handling Instead of using the dangerous probe_kernel_read and strncpy_from_unsafe helpers, rework the compat probes to check if an address is a kernel or userspace one, and then use the low-level kernel or user probe helper shared by the proper kernel and user probe helpers. This slightly changes behavior as the compat probe on a user address doesn't check the lockdown flags, just as the pure user probes do. Signed-off-by: Christoph Hellwig Signed-off-by: Andrew Morton Cc: Alexei Starovoitov Cc: Daniel Borkmann Cc: ""H. Peter Anvin"" Cc: Ingo Molnar Cc: Masami Hiramatsu Cc: Thomas Gleixner Link: http://lkml.kernel.org/r/20200521152301.2587579-14-hch@lst.de Signed-off-by: Linus Torvalds ","kernel/trace/bpf_trace.c | 109 +++++++++++++++++++++++++++++------------------; 1 file changed, 67 insertions(+), 42 deletions(-)","Rework of compat kernel probe handling for safer differentiation between kernel and user space addresses using low-level probe helpers.","kernel, probe, compat","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['kprobe/ftrace like type kernel dynamic probe programs. It affects kernel-level probes used for tracing kernel functions. It can be other kernel probes in perf-events.', ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here."", ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"19c8d8ac63d39578483db0b82107c172d8edfb07","19c8d8ac63d39578483db0b82107c172d8edfb07","Andrew Morton","akpm@linux-foundation.org","1591677277","Linus Torvalds","torvalds@linux-foundation.org","1591720755","e26e0819136938ad4733986ad9908c062def2a61","aec6ce59133edc4ac04f7d4e2556fdf047becb62","bpf:bpf_seq_printf(): handle potentially unsafe format string better User the proper helper for kernel or userspace addresses based on TASK_SIZE instead of the dangerous strncpy_from_unsafe function. Signed-off-by: Andrew Morton Cc: Christoph Hellwig Cc: Alexei Starovoitov Cc: Daniel Borkmann Cc: ""H. Peter Anvin"" Cc: Ingo Molnar Cc: Masami Hiramatsu Cc: Thomas Gleixner Signed-off-by: Linus Torvalds ","kernel/trace/bpf_trace.c | 8 +++++---; 1 file changed, 5 insertions(+), 3 deletions(-)","Improves safety of bpf_seq_printf() by handling addresses with proper helpers based on TASK_SIZE.","bpf_seq_printf,safety,TASK_SIZE","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.']" +"aec6ce59133edc4ac04f7d4e2556fdf047becb62","aec6ce59133edc4ac04f7d4e2556fdf047becb62","Christoph Hellwig","hch@lst.de","1591677273","Linus Torvalds","torvalds@linux-foundation.org","1591720755","0df9a7a3646ed283d5c353a6a25099bc027c0409","d7b2977b816223a884814eea46fbe38e192cec4c","bpf: handle the compat string in bpf_trace_copy_string better User the proper helper for kernel or userspace addresses based on TASK_SIZE instead of the dangerous strncpy_from_unsafe function. Signed-off-by: Christoph Hellwig Signed-off-by: Andrew Morton Cc: Alexei Starovoitov Cc: Daniel Borkmann Cc: ""H. Peter Anvin"" Cc: Ingo Molnar Cc: Masami Hiramatsu Cc: Thomas Gleixner Link: http://lkml.kernel.org/r/20200521152301.2587579-13-hch@lst.de Signed-off-by: Linus Torvalds ","kernel/trace/bpf_trace.c | 7 +++++--; 1 file changed, 5 insertions(+), 2 deletions(-)","The commit improves bpf_trace_copy_string handling by using a safer helper for address checks based on TASK_SIZE.","compat,string,helper","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', 'kprobe/ftrace like type kernel dynamic probe programs. It affects kernel-level probes used for tracing kernel functions. It can be other kernel probes in perf-events.', ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"d7b2977b816223a884814eea46fbe38e192cec4c","d7b2977b816223a884814eea46fbe38e192cec4c","Christoph Hellwig","hch@lst.de","1591677270","Linus Torvalds","torvalds@linux-foundation.org","1591720755","98f94ef406f5567e78a3e2df7216dd7b20eb531d","eab0c6089b68974ebc6a9a7eab68456eeb6a99c7","bpf: factor out a bpf_trace_copy_string helper Split out a helper to do the fault free access to the string pointer to get it out of a crazy indentation level. Signed-off-by: Christoph Hellwig Signed-off-by: Andrew Morton Cc: Alexei Starovoitov Cc: Daniel Borkmann Cc: ""H. Peter Anvin"" Cc: Ingo Molnar Cc: Masami Hiramatsu Cc: Thomas Gleixner Link: http://lkml.kernel.org/r/20200521152301.2587579-12-hch@lst.de Signed-off-by: Linus Torvalds ","kernel/trace/bpf_trace.c | 42 ++++++++++++++++++++++++------------------; 1 file changed, 24 insertions(+), 18 deletions(-)","Refactor bpf_trace_copy_string helper for improved code readability in eBPF trace subsystem.","bpf, trace, refactor","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"0cc55a0213a02b760ade1d4755fdccfbf7d3157e","0cc55a0213a02b760ade1d4755fdccfbf7d3157e","Michel Lespinasse","walken@google.com","1591677217","Linus Torvalds","torvalds@linux-foundation.org","1591720754","4424662fc8a6ba6e4c2293fa60cbab1132269d8f","aaa2cc56c1cd757efec88a4978ffce4cbf884352","mmap locking API: add mmap_read_trylock_non_owner() Add a couple APIs used by kernel/bpf/stackmap.c only: - mmap_read_trylock_non_owner() - mmap_read_unlock_non_owner() (may be called from a work queue). It's still not ideal that bpf/stackmap subverts the lock ownership in this way. Thanks to Peter Zijlstra for suggesting this API as the least-ugly way of addressing this in the short term. Signed-off-by: Michel Lespinasse Signed-off-by: Andrew Morton Reviewed-by: Daniel Jordan Reviewed-by: Vlastimil Babka Reviewed-by: Davidlohr Bueso Cc: David Rientjes Cc: Hugh Dickins Cc: Jason Gunthorpe Cc: Jerome Glisse Cc: John Hubbard Cc: Laurent Dufour Cc: Liam Howlett Cc: Matthew Wilcox Cc: Peter Zijlstra Cc: Ying Han Link: http://lkml.kernel.org/r/20200520052908.204642-8-walken@google.com Signed-off-by: Linus Torvalds ","include/linux/mmap_lock.h | 14 ++++++++++++++; kernel/bpf/stackmap.c | 17 +++++------------; 2 files changed, 19 insertions(+), 12 deletions(-)","The commit adds mmap locking APIs to support bpf/stackmap locking requirements in kernel code.","mmap,stackmap,locking","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"d38c692f160ea437585cb1ad1dc8f81c8898b46e","d38c692f160ea437585cb1ad1dc8f81c8898b46e","Sumanth Korikkar","sumanthk@linux.ibm.com","1591690219","Arnaldo Carvalho de Melo","acme@redhat.com","1591717204","33e590bf05db048b47cbfa204f2a7e16c1113a94","9256c3031eb9beafa3957c61093104c3c75a6148","perf bpf: Fix bpf prologue generation Issue: bpf_probe_read() is no longer available for architecture which has overlapping address space. Hence bpf prologue generation fails Fix: Use bpf_probe_read_kernel for kernel member access. For user attribute access in kprobes, use bpf_probe_read_user. Other: @user attribute was introduced in commit 1e032f7cfa14 (""perf-probe: Add user memory access attribute support"") Test: 1. ulimit -l 128 ; ./perf record -e tests/bpf_sched_setscheduler.c 2. cat tests/bpf_sched_setscheduler.c static void (*bpf_trace_printk)(const char *fmt, int fmt_size, ...) = (void *) 6; static int (*bpf_probe_read_user)(void *dst, __u32 size, const void *unsafe_ptr) = (void *) 112; static int (*bpf_probe_read_kernel)(void *dst, __u32 size, const void *unsafe_ptr) = (void *) 113; SEC(""func=do_sched_setscheduler pid policy param->sched_priority@user"") int bpf_func__setscheduler(void *ctx, int err, pid_t pid, int policy, int param) { char fmt[] = ""prio: %ld""; bpf_trace_printk(fmt, sizeof(fmt), param); return 1; } char _license[] SEC(""license"") = ""GPL""; int _version SEC(""version"") = LINUX_VERSION_CODE; 3. ./perf script sched 305669 [000] 1614458.838675: perf_bpf_probe:func: (2904e508) pid=261614 policy=2 sched_priority=1 4. cat /sys/kernel/debug/tracing/trace <...>-309956 [006] .... 1616098.093957: 0: prio: 1 Committer testing: I had to add some missing headers in the bpf_sched_setscheduler.c test proggie, then instead of using record+script I used 'perf trace' to drive everything in one go: # cat bpf_sched_setscheduler.c #include #include static void (*bpf_trace_printk)(const char *fmt, int fmt_size, ...) = (void *) 6; static int (*bpf_probe_read_user)(void *dst, __u32 size, const void *unsafe_ptr) = (void *) 112; static int (*bpf_probe_read_kernel)(void *dst, __u32 size, const void *unsafe_ptr) = (void *) 113; SEC(""func=do_sched_setscheduler pid policy param->sched_priority@user"") int bpf_func__setscheduler(void *ctx, int err, pid_t pid, int policy, int param) { char fmt[] = ""prio: %ld""; bpf_trace_printk(fmt, sizeof(fmt), param); return 1; } char _license[] SEC(""license"") = ""GPL""; int _version SEC(""version"") = LINUX_VERSION_CODE; # # # perf trace -e bpf_sched_setscheduler.c chrt -f 42 sleep 1 0.000 chrt/80125 perf_bpf_probe:func(__probe_ip: -1676607808, policy: 1, sched_priority: 42) # And even with backtraces :-) # perf trace -e bpf_sched_setscheduler.c/max-stack=8/ chrt -f 42 sleep 1 0.000 chrt/79805 perf_bpf_probe:func(__probe_ip: -1676607808, policy: 1, sched_priority: 42) do_sched_setscheduler ([kernel.kallsyms]) __x64_sys_sched_setscheduler ([kernel.kallsyms]) do_syscall_64 ([kernel.kallsyms]) entry_SYSCALL_64 ([kernel.kallsyms]) __GI___sched_setscheduler (/usr/lib64/libc-2.30.so) # Signed-off-by: Sumanth Korikkar Reviewed-by: Thomas Richter Tested-by: Arnaldo Carvalho de Melo Cc: Heiko Carstens Cc: Ilya Leoshkevich Cc: Jiri Olsa Cc: Masami Hiramatsu Cc: bpf@vger.kernel.org LPU-Reference: 20200609081019.60234-3-sumanthk@linux.ibm.com Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/util/bpf-prologue.c | 14 ++++++++++----; 1 file changed, 10 insertions(+), 4 deletions(-)","Fix bpf prologue generation by using bpf_probe_read_kernel and bpf_probe_read_user for correct memory access.","bpf,prologue,generation","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.']" +"9256c3031eb9beafa3957c61093104c3c75a6148","9256c3031eb9beafa3957c61093104c3c75a6148","Sumanth Korikkar","sumanthk@linux.ibm.com","1591690218","Arnaldo Carvalho de Melo","acme@redhat.com","1591717204","5e2b783d608e243319a86dbe09aebdb24ccf6428","c0c652fc705de75f4ba52e93053acc1ed3933e74","perf probe: Fix user attribute access in kprobes Issue: # perf probe -a 'do_sched_setscheduler pid policy param->sched_priority@user' did not work before. Fix: Make: # perf probe -a 'do_sched_setscheduler pid policy param->sched_priority@user' output equivalent to ftrace: # echo 'p:probe/do_sched_setscheduler _text+517384 pid=%r2:s32 policy=%r3:s32 sched_priority=+u0(%r4):s32' > /sys/kernel/debug/tracing/kprobe_events Other: 1. Right now, __match_glob() does not handle [u]. For now, use *u]. 2. @user attribute was introduced in commit 1e032f7cfa14 (""perf-probe: Add user memory access attribute support"") Test: 1. perf probe -a 'do_sched_setscheduler pid policy param->sched_priority@user' 2 ./perf script sched 305669 [000] 1614458.838675: perf_bpf_probe:func: (2904e508) pid=261614 policy=2 sched_priority=1 3. cat /sys/kernel/debug/tracing/trace <...>-309956 [006] .... 1616098.093957: 0: prio: 1 Committer testing: Before: # perf probe -a 'do_sched_setscheduler pid policy param->sched_priority@user' param(type:sched_param) has no member sched_priority@user. Error: Failed to add events. # pahole sched_param struct sched_param { int sched_priority; /* 0 4 */ /* size: 4, cachelines: 1, members: 1 */ /* last cacheline: 4 bytes */ }; # After: # perf probe -a 'do_sched_setscheduler pid policy param->sched_priority@user' Added new event: probe:do_sched_setscheduler (on do_sched_setscheduler with pid policy sched_priority=param->sched_priority) You can now use it in all perf tools, such as: perf record -e probe:do_sched_setscheduler -aR sleep 1 # cat /sys/kernel/debug/tracing/kprobe_events p:probe/do_sched_setscheduler _text+1113792 pid=%di:s32 policy=%si:s32 sched_priority=+u0(%dx):s32 # Fixes: 1e032f7cfa14 (""perf-probe: Add user memory access attribute support"") Signed-off-by: Sumanth Korikkar Reviewed-by: Thomas Richter Acked-by: Masami Hiramatsu Tested-by: Arnaldo Carvalho de Melo Cc: Heiko Carstens Cc: Ilya Leoshkevich Cc: Jiri Olsa Cc: Steven Rostedt (VMware) Cc: bpf@vger.kernel.org LPU-Reference: 20200609081019.60234-2-sumanthk@linux.ibm.com Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/util/probe-event.c | 7 +++++--; tools/perf/util/probe-file.c | 2 +-; 2 files changed, 6 insertions(+), 3 deletions(-)","This commit fixes user attribute access in kprobes within the perf probe tool.","perf,kprobes,fix","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"1f2436229bf64ac040f2f5018df059c21fc5526a","1f2436229bf64ac040f2f5018df059c21fc5526a","Andrii Nakryiko","andriin@fb.com","1591576575","Daniel Borkmann","daniel@iogearbox.net","1591624842","9b3c95033f3b723e5ff83c3c47023b1406e33e61","e7ed83d6fa1a00d0f2ad0327e73d3ea9e7ea8de1","selftests/bpf: Fix ringbuf selftest sample counting undeterminism Fix test race, in which background poll can get either 5 or 6 samples, depending on timing of notification. Prevent this by open-coding sample triggering and forcing notification for the very last sample only. Also switch to using atomic increments and exchanges for more obviously reliable counting and checking. Additionally, check expected processed sample counters for single-threaded use cases as well. Fixes: 9a5f25ad30e5 (""selftests/bpf: Fix sample_cnt shared between two threads"") Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200608003615.3549991-1-andriin@fb.com","tools/testing/selftests/bpf/prog_tests/ringbuf.c | 42 ++++++++++++++++++++----; 1 file changed, 35 insertions(+), 7 deletions(-)","The commit fixes a race condition in the ringbuf selftest by ensuring deterministic sample counting and improving reliability with atomic operations.","ringbuf,atomic,selftest","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"e7ed83d6fa1a00d0f2ad0327e73d3ea9e7ea8de1","e7ed83d6fa1a00d0f2ad0327e73d3ea9e7ea8de1","Dan Carpenter","dan.carpenter@oracle.com","1591260876","Daniel Borkmann","daniel@iogearbox.net","1591306734","3a6e82cb49723a4c17396dd690ae7bf713ea1e5e","49b23575943c04b6711107cfd08ad2b3ae4e81f5","bpf: Fix an error code in check_btf_func() This code returns success if the ""info_aux"" allocation fails but it should return -ENOMEM. Fixes: 8c1b6e69dcc1 (""bpf: Compare BTF types of functions arguments with actual types"") Signed-off-by: Dan Carpenter Signed-off-by: Daniel Borkmann Acked-by: Song Liu Link: https://lore.kernel.org/bpf/20200604085436.GA943001@mwanda","kernel/bpf/verifier.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","This commit corrects the error code to return -ENOMEM on allocation failure in check_btf_func().","error, code, allocation","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"49b23575943c04b6711107cfd08ad2b3ae4e81f5","49b23575943c04b6711107cfd08ad2b3ae4e81f5","Matthieu Baerts","matthieu.baerts@tessares.net","1591211027","Daniel Borkmann","daniel@iogearbox.net","1591303930","e768761ed5727d7b628cab70fde6c22aba249328","cb8e59cc87201af93dfbb6c3dccc8fcad72a09c2","bpf: Fix unused-var without NETDEVICES A recent commit added new variables only used if CONFIG_NETDEVICES is set. A simple fix would be to only declare these variables if the same condition is valid but Alexei suggested an even simpler solution: since CONFIG_NETDEVICES doesn't change anything in .h I think the best is to remove #ifdef CONFIG_NETDEVICES from net/core/filter.c and rely on sock_bindtoindex() returning ENOPROTOOPT in the extreme case of oddly configured kernels. Fixes: 70c58997c1e8 (""bpf: Allow SO_BINDTODEVICE opt in bpf_setsockopt"") Suggested-by: Alexei Starovoitov Signed-off-by: Matthieu Baerts Signed-off-by: Daniel Borkmann Acked-by: Song Liu Link: https://lore.kernel.org/bpf/20200603190347.2310320-1-matthieu.baerts@tessares.net","net/core/filter.c | 3 ---; 1 file changed, 3 deletions(-)","Fixes unused variable warnings by removing conditional compilation directives related to NETDEVICES in filter.c.","unused-var, NETDEVICES, filter","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"38b3a5aaf2fd35e997550b855cfb7460b077236a","38b3a5aaf2fd35e997550b855cfb7460b077236a","Linus Torvalds","torvalds@linux-foundation.org","1591291079","Linus Torvalds","torvalds@linux-foundation.org","1591291079","88a13c8dfc117a43da8ebabc155b514631f680c2","6929f71e46bdddbf1c4d67c2728648176c67c555 3e9b26dc2268cfbeef85bee095f883264c18425c","Merge tag 'perf-tools-2020-06-02' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux Pull perf tooling updates from Arnaldo Carvalho de Melo: ""These are additional changes to the perf tools, on top of what Ingo already submitted. - Further Intel PT call-trace fixes - Improve SELinux docs and tool warnings - Fix race at exit in 'perf record' using eventfd. - Add missing build tests to the default set of 'make -C tools/perf build-test' - Sync msr-index.h getting new AMD MSRs to decode and filter in 'perf trace'. - Fix fallback to libaudit in 'perf trace' for arches not using per-arch *.tbl files. - Fixes for 'perf ftrace'. - Fixes and improvements for the 'perf stat' metrics. - Use dummy event to get PERF_RECORD_{FORK,MMAP,etc} while synthesizing those metadata events for pre-existing threads. - Fix leaks detected using clang tooling. - Improvements to PMU event metric testing. - Report summary for 'perf stat' interval mode at the end, summing up all the intervals. - Improve pipe mode, i.e. this now works as expected, continuously dumping samples: # perf record -g -e raw_syscalls:sys_enter | perf --no-pager script - Fixes for event grouping, detecting incompatible groups such as: # perf stat -e '{cycles,power/energy-cores/}' -v WARNING: group events cpu maps do not match, disabling group: anon group { power/energy-cores/, cycles } power/energy-cores/: 0 cycles: 0-7 - Fixes for 'perf probe': blacklist address checking, number of kretprobe instances, etc. - JIT processing improvements and fixes plus the addition of a 'perf test' entry for the java demangler. - Add support for synthesizing first/last level cache, TLB and remove access events from HW tracing in the auxtrace code, first to use is ARM SPE. - Vendor events updates and fixes, including for POWER9 and Intel. - Allow using ~/.perfconfig for removing the ',' separators in 'perf stat' output. - Opt-in support for libpfm4"" * tag 'perf-tools-2020-06-02' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux: (120 commits) perf tools: Remove some duplicated includes perf symbols: Fix kernel maps for kcore and eBPF tools arch x86: Sync the msr-index.h copy with the kernel sources perf stat: Ensure group is defined on top of the same cpu mask perf libdw: Fix off-by 1 relative directory includes perf arm-spe: Support synthetic events perf auxtrace: Add four itrace options perf tools: Move arm-spe-pkt-decoder.h/c to the new dir perf test: Initialize memory in dwarf-unwind perf tests: Don't tail call optimize in unwind test tools compiler.h: Add attribute to disable tail calls perf build: Add a LIBPFM4=1 build test entry perf tools: Add optional support for libpfm4 perf tools: Correct license on jsmn JSON parser perf jit: Fix inaccurate DWARF line table perf jvmti: Remove redundant jitdump line table entries perf build: Add NO_SDT=1 to the default set of build tests perf build: Add NO_LIBCRYPTO=1 to the default set of build tests perf build: Add NO_SYSCALL_TABLE=1 to the build tests perf build: Remove libaudit from the default feature checks ...","","This commit merges updates and improvements for perf tools from multiple changes, including Intel PT fixes and improvements to testing and event processing.","perf,merge,tools","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"cb8e59cc87201af93dfbb6c3dccc8fcad72a09c2","cb8e59cc87201af93dfbb6c3dccc8fcad72a09c2","Linus Torvalds","torvalds@linux-foundation.org","1591226838","Linus Torvalds","torvalds@linux-foundation.org","1591226838","a334db9022f89654b777bbce8c4c6632e65b9031","2e63f6ce7ed2c4ff83ba30ad9ccad422289a6c63 065fcfd49763ec71ae345bb5c5a74f961031e70e","Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next Pull networking updates from David Miller: 1) Allow setting bluetooth L2CAP modes via socket option, from Luiz Augusto von Dentz. 2) Add GSO partial support to igc, from Sasha Neftin. 3) Several cleanups and improvements to r8169 from Heiner Kallweit. 4) Add IF_OPER_TESTING link state and use it when ethtool triggers a device self-test. From Andrew Lunn. 5) Start moving away from custom driver versions, use the globally defined kernel version instead, from Leon Romanovsky. 6) Support GRO vis gro_cells in DSA layer, from Alexander Lobakin. 7) Allow hard IRQ deferral during NAPI, from Eric Dumazet. 8) Add sriov and vf support to hinic, from Luo bin. 9) Support Media Redundancy Protocol (MRP) in the bridging code, from Horatiu Vultur. 10) Support netmap in the nft_nat code, from Pablo Neira Ayuso. 11) Allow UDPv6 encapsulation of ESP in the ipsec code, from Sabrina Dubroca. Also add ipv6 support for espintcp. 12) Lots of ReST conversions of the networking documentation, from Mauro Carvalho Chehab. 13) Support configuration of ethtool rxnfc flows in bcmgenet driver, from Doug Berger. 14) Allow to dump cgroup id and filter by it in inet_diag code, from Dmitry Yakunin. 15) Add infrastructure to export netlink attribute policies to userspace, from Johannes Berg. 16) Several optimizations to sch_fq scheduler, from Eric Dumazet. 17) Fallback to the default qdisc if qdisc init fails because otherwise a packet scheduler init failure will make a device inoperative. From Jesper Dangaard Brouer. 18) Several RISCV bpf jit optimizations, from Luke Nelson. 19) Correct the return type of the ->ndo_start_xmit() method in several drivers, it's netdev_tx_t but many drivers were using 'int'. From Yunjian Wang. 20) Add an ethtool interface for PHY master/slave config, from Oleksij Rempel. 21) Add BPF iterators, from Yonghang Song. 22) Add cable test infrastructure, including ethool interfaces, from Andrew Lunn. Marvell PHY driver is the first to support this facility. 23) Remove zero-length arrays all over, from Gustavo A. R. Silva. 24) Calculate and maintain an explicit frame size in XDP, from Jesper Dangaard Brouer. 25) Add CAP_BPF, from Alexei Starovoitov. 26) Support terse dumps in the packet scheduler, from Vlad Buslov. 27) Support XDP_TX bulking in dpaa2 driver, from Ioana Ciornei. 28) Add devm_register_netdev(), from Bartosz Golaszewski. 29) Minimize qdisc resets, from Cong Wang. 30) Get rid of kernel_getsockopt and kernel_setsockopt in order to eliminate set_fs/get_fs calls. From Christoph Hellwig. * git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next: (2517 commits) selftests: net: ip_defrag: ignore EPERM net_failover: fixed rollback in net_failover_open() Revert ""tipc: Fix potential tipc_aead refcnt leak in tipc_crypto_rcv"" Revert ""tipc: Fix potential tipc_node refcnt leak in tipc_rcv"" vmxnet3: allow rx flow hash ops only when rss is enabled hinic: add set_channels ethtool_ops support selftests/bpf: Add a default $(CXX) value tools/bpf: Don't use $(COMPILE.c) bpf, selftests: Use bpf_probe_read_kernel s390/bpf: Use bcr 0,%0 as tail call nop filler s390/bpf: Maintain 8-byte stack alignment selftests/bpf: Fix verifier test selftests/bpf: Fix sample_cnt shared between two threads bpf, selftests: Adapt cls_redirect to call csum_level helper bpf: Add csum_level helper for fixing up csum levels bpf: Fix up bpf_skb_adjust_room helper's skb csum setting sfc: add missing annotation for efx_ef10_try_update_nic_stats_vf() crypto/chtls: IPv6 support for inline TLS Crypto/chcr: Fixes a coccinile check error Crypto/chcr: Fixes compilations warnings ...","","The commit merges a series of networking updates into the Linux kernel, incorporating improvements and features.","merge, networking, updates","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"b7e4b65f3fe92abbf4a1f57987a54c820969aebd","b7e4b65f3fe92abbf4a1f57987a54c820969aebd","Al Viro","viro@zeniv.linux.org.uk","1588911391","Al Viro","viro@zeniv.linux.org.uk","1591217985","9d107c7f803e1692da849422ff0afbaea060516d","9eb41c521465f62332dfddcd399412fdff9c062b","bpf: make bpf_check_uarg_tail_zero() use check_zeroed_user() ... rather than open-coding it, and badly, at that. Acked-by: Alexei Starovoitov Signed-off-by: Al Viro ","kernel/bpf/syscall.c | 25 ++++++-------------------; 1 file changed, 6 insertions(+), 19 deletions(-)","This commit refactors bpf_check_uarg_tail_zero to utilize check_zeroed_user for improved code efficiency.","bpf,refactor,check_zeroed_user","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"9a5a908c38c7a8978f240d8de57ec65441cf554f","9a5a908c38c7a8978f240d8de57ec65441cf554f","David S. Miller","davem@davemloft.net","1591135779","David S. Miller","davem@davemloft.net","1591135779","12abd358cbd08d6925511650f7300ce2024c83ca","9a25c1df24a6fea9dc79eec950453c4e00f707fd e7ad28e6fdbffa2b9b1bd376431fb81a5403bcfd","Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next Daniel Borkmann says: ==================== pull-request: bpf-next 2020-06-02 The following pull-request contains BPF _fixes-only_ for your *net-next* tree. We've added 10 non-merge commits during the last 1 day(s) which contain a total of 15 files changed, 229 insertions(+), 74 deletions(-). The main changes are: 1) Several fixes to s390 BPF JIT e.g. fixing kernel panic when BPF stack is not 8-byte aligned, from Ilya Leoshkevich. 2) Fix bpf_skb_adjust_room() helper's CHECKSUM_UNNECESSARY handling which was wrongly bypassing TCP checksum verification, from Daniel Borkmann. 3) Fix tools/bpf/ build under MAKEFLAGS=rR which causes built-in CXX and others vars to be undefined, also from Ilya Leoshkevich. 4) Fix BPF ringbuf's selftest shared sample_cnt variable to avoid compiler optimizations on it, from Andrii Nakryiko. 5) Fix up test_verifier selftest due to addition of rx_queue_mapping to the bpf_sock structure, from Alexei Starovoitov. ==================== Signed-off-by: David S. Miller ","","The commit merges BPF fixes into the net-next tree, addressing various issues in the s390 JIT, checksum handling, build setup, and selftests.","BPF, fixes, merge","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"e7ad28e6fdbffa2b9b1bd376431fb81a5403bcfd","e7ad28e6fdbffa2b9b1bd376431fb81a5403bcfd","Ilya Leoshkevich","iii@linux.ibm.com","1591120609","Daniel Borkmann","daniel@iogearbox.net","1591128205","12abd358cbd08d6925511650f7300ce2024c83ca","d70a6be1e2ab98f13688e4a529b326e8e11230d0","selftests/bpf: Add a default $(CXX) value When using make kselftest TARGETS=bpf, tools/bpf is built with MAKEFLAGS=rR, which causes $(CXX) to be undefined, which in turn causes the build to fail with CXX test_cpp /bin/sh: 2: g: not found Fix by adding a default $(CXX) value, like tools/build/feature/Makefile already does. Signed-off-by: Ilya Leoshkevich Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200602175649.2501580-3-iii@linux.ibm.com","tools/testing/selftests/bpf/Makefile | 2 ++; 1 file changed, 2 insertions(+)","Fixes build failure in bpf selftests by adding a default CXX value in the Makefile.","CXX, Makefile, selftests","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"d70a6be1e2ab98f13688e4a529b326e8e11230d0","d70a6be1e2ab98f13688e4a529b326e8e11230d0","Ilya Leoshkevich","iii@linux.ibm.com","1591120608","Daniel Borkmann","daniel@iogearbox.net","1591128158","639cc6eba6d0d30925f816a0de2084a7c3636920","9bc499befeef07a4d79f4924bfca05634ad8fc97","tools/bpf: Don't use $(COMPILE.c) When using make kselftest TARGETS=bpf, tools/bpf is built with MAKEFLAGS=rR, which causes $(COMPILE.c) to be undefined, which in turn causes the build to fail with CC kselftest/bpf/tools/build/bpftool/map_perf_ring.o /bin/sh: 1: -MMD: not found Fix by using $(CC) $(CFLAGS) -c instead of $(COMPILE.c). Signed-off-by: Ilya Leoshkevich Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200602175649.2501580-2-iii@linux.ibm.com","tools/bpf/Makefile | 6 +++---; tools/bpf/bpftool/Makefile | 8 ++++----; 2 files changed, 7 insertions(+), 7 deletions(-)","This commit fixes a build issue in tools/bpf by replacing $(COMPILE.c) with $(CC) and $(CFLAGS) in Makefiles.","Makefile, build, fix","A build system or CI/CD change. It affects the build process continuous integration or deployment pipelines.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"9bc499befeef07a4d79f4924bfca05634ad8fc97","9bc499befeef07a4d79f4924bfca05634ad8fc97","Ilya Leoshkevich","iii@linux.ibm.com","1591119888","Daniel Borkmann","daniel@iogearbox.net","1591124644","9b6733f6283409fe25794a4835dc2e13b9c4d25a","33d21f18204cb33b43ca6c78c8180949f6dc7227","bpf, selftests: Use bpf_probe_read_kernel Since commit 0ebeea8ca8a4 (""bpf: Restrict bpf_probe_read{, str}() only to archs where they work"") 44 verifier tests fail on s390 due to not having bpf_probe_read anymore. Fix by using bpf_probe_read_kernel. Signed-off-by: Ilya Leoshkevich Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200602174448.2501214-1-iii@linux.ibm.com","tools/testing/selftests/bpf/verifier/const_or.c | 8 ++--; .../selftests/bpf/verifier/helper_access_var_len.c | 44 +++++++++++-----------; .../selftests/bpf/verifier/helper_value_access.c | 36 +++++++++---------; tools/testing/selftests/bpf/verifier/precise.c | 8 ++--; 4 files changed, 48 insertions(+), 48 deletions(-)","The commit updates eBPF selftests to use bpf_probe_read_kernel to fix test failures on s390 architecture.","bpf,selftests,s390","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.']" +"33d21f18204cb33b43ca6c78c8180949f6dc7227","33d21f18204cb33b43ca6c78c8180949f6dc7227","Ilya Leoshkevich","iii@linux.ibm.com","1591119955","Daniel Borkmann","daniel@iogearbox.net","1591124644","8f04f223a9c990e9cd2c829f9b3d06b62da152ce","effe5be17706167ee968fa28afe40dec9c6f71db","s390/bpf: Use bcr 0,%0 as tail call nop filler Currently used 0x0000 filler confuses bfd disassembler, making bpftool prog dump xlated output nearly useless. Fix by using a real instruction. Signed-off-by: Ilya Leoshkevich Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200602174555.2501389-1-iii@linux.ibm.com","arch/s390/net/bpf_jit_comp.c | 3 ++-; 1 file changed, 2 insertions(+), 1 deletion(-)","The commit updates the s390 BPF JIT to use a real instruction for tail call nop filler for better disassembler output.","s390,JIT,nop","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"effe5be17706167ee968fa28afe40dec9c6f71db","effe5be17706167ee968fa28afe40dec9c6f71db","Ilya Leoshkevich","iii@linux.ibm.com","1591119819","Daniel Borkmann","daniel@iogearbox.net","1591124456","042cec5b556b86838e1dacb94a58268d3396dadc","7cec0b927142f510a1fac88033017616cce44c26","s390/bpf: Maintain 8-byte stack alignment Certain kernel functions (e.g. get_vtimer/set_vtimer) cause kernel panic when the stack is not 8-byte aligned. Currently JITed BPF programs may trigger this by allocating stack frames with non-rounded sizes and then being interrupted. Fix by using rounded fp->aux->stack_depth. Signed-off-by: Ilya Leoshkevich Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200602174339.2501066-1-iii@linux.ibm.com","arch/s390/net/bpf_jit_comp.c | 19 ++++++++++---------; 1 file changed, 10 insertions(+), 9 deletions(-)","The commit fixes stack alignment issues in s390 BPF JIT to prevent kernel panic.","s390, stack, panic","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"7cec0b927142f510a1fac88033017616cce44c26","7cec0b927142f510a1fac88033017616cce44c26","Alexei Starovoitov","ast@kernel.org","1591124263","Alexei Starovoitov","ast@kernel.org","1591124263","2aff8cfb891cf599d45bda099e4b99609c610176","9a5f25ad30e5bb40a2e0c61c991594d3e6529c0a","selftests/bpf: Fix verifier test Adjust verifier test due to addition of new field. Fixes: c3c16f2ea6d2 (""bpf: Add rx_queue_mapping to bpf_sock"") Signed-off-by: Alexei Starovoitov ","tools/testing/selftests/bpf/verifier/sock.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","This commit adjusts a self-test for the eBPF verifier due to a new field in bpf_sock.","selftests,verifier,bpf_sock","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"9a5f25ad30e5bb40a2e0c61c991594d3e6529c0a","9a5f25ad30e5bb40a2e0c61c991594d3e6529c0a","Andrii Nakryiko","andriin@fb.com","1591074229","Alexei Starovoitov","ast@kernel.org","1591124096","7ddc17999040baaba1cc4a12e3e0df427f85ec41","f371c923505010b28c8a76f7d7973c014a1d0f5c","selftests/bpf: Fix sample_cnt shared between two threads Make sample_cnt volatile to fix possible selftests failure due to compiler optimization preventing latest sample_cnt value to be visible to main thread. sample_cnt is incremented in background thread, which is then joined into main thread. So in terms of visibility sample_cnt update is ok. But because it's not volatile, compiler might make optimizations that would prevent main thread to see latest updated value. Fix this by marking global variable volatile. Fixes: cb1c9ddd5525 (""selftests/bpf: Add BPF ringbuf selftests"") Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Acked-by: Song Liu Link: https://lore.kernel.org/bpf/20200602050349.215037-1-andriin@fb.com","tools/testing/selftests/bpf/prog_tests/ringbuf.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Fix selftest failure by marking sample_cnt as volatile to ensure visibility between threads.","selftests,volatile,threads","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"f371c923505010b28c8a76f7d7973c014a1d0f5c","f371c923505010b28c8a76f7d7973c014a1d0f5c","Alexei Starovoitov","ast@kernel.org","1591123823","Alexei Starovoitov","ast@kernel.org","1591123875","47088e7997d1baf81e988db64874164ff5bbe234","9a25c1df24a6fea9dc79eec950453c4e00f707fd c4ba153b6501fa7ccfdc7e57946fb1d6011e36e8","Merge branch 'csum-fixes' Daniel Borkmann says: ==================== This series fixes an issue originally reported by Lorenz Bauer where using the bpf_skb_adjust_room() helper hid a checksum bug since it wasn't adjusting CHECKSUM_UNNECESSARY's skb->csum_level after decap. The fix is two-fold: i) We do a safe reset in bpf_skb_adjust_room() to CHECKSUM_NONE with an opt- out flag BPF_F_ADJ_ROOM_NO_CSUM_RESET. ii) We add a new bpf_csum_level() for the latter in order to allow users to manually inc/dec the skb->csum_level when needed. The series is rebased against latest bpf-next tree. It can be applied there, or to bpf after the merge win sync from net-next. Thanks! ==================== Signed-off-by: Alexei Starovoitov ","","The commit merges checksum-related fixes in eBPF for better networking functionality.","checksum,bpf,merge","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"c4ba153b6501fa7ccfdc7e57946fb1d6011e36e8","c4ba153b6501fa7ccfdc7e57946fb1d6011e36e8","Daniel Borkmann","daniel@iogearbox.net","1591109914","Alexei Starovoitov","ast@kernel.org","1591123823","47088e7997d1baf81e988db64874164ff5bbe234","7cdec54f9713256bb170873a1fc5c75c9127c9d2","bpf, selftests: Adapt cls_redirect to call csum_level helper Adapt bpf_skb_adjust_room() to pass in BPF_F_ADJ_ROOM_NO_CSUM_RESET flag and use the new bpf_csum_level() helper to inc/dec the checksum level by one after the encap/decap. Signed-off-by: Daniel Borkmann Signed-off-by: Alexei Starovoitov Reviewed-by: Lorenz Bauer Link: https://lore.kernel.org/bpf/e7458f10e3f3d795307cbc5ad870112671d9c6f7.1591108731.git.daniel@iogearbox.net","tools/testing/selftests/bpf/progs/test_cls_redirect.c | 9 ++++++---; 1 file changed, 6 insertions(+), 3 deletions(-)","Adapt cls_redirect selftests to use bpf_csum_level helper for checksum adjustments.","selftests, cls_redirect, csum_level","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['tc related type programs. It affects programs managing traffic control (tc) for queuing or prioritizing network traffic.']" +"7cdec54f9713256bb170873a1fc5c75c9127c9d2","7cdec54f9713256bb170873a1fc5c75c9127c9d2","Daniel Borkmann","daniel@iogearbox.net","1591109913","Alexei Starovoitov","ast@kernel.org","1591123823","2de575e883f9cb33b9722b135a4a54c352cdb984","836e66c218f355ec01ba57671c85abf32961dcea","bpf: Add csum_level helper for fixing up csum levels Add a bpf_csum_level() helper which BPF programs can use in combination with bpf_skb_adjust_room() when they pass in BPF_F_ADJ_ROOM_NO_CSUM_RESET flag to the latter to avoid falling back to CHECKSUM_NONE. The bpf_csum_level() allows to adjust CHECKSUM_UNNECESSARY skb->csum_levels via BPF_CSUM_LEVEL_{INC,DEC} which calls __skb_{incr,decr}_checksum_unnecessary() on the skb. The helper also allows a BPF_CSUM_LEVEL_RESET which sets the skb's csum to CHECKSUM_NONE as well as a BPF_CSUM_LEVEL_QUERY to just return the current level. Without this helper, there is no way to otherwise adjust the skb->csum_level. I did not add an extra dummy flags as there is plenty of free bitspace in level argument itself iff ever needed in future. Signed-off-by: Daniel Borkmann Signed-off-by: Alexei Starovoitov Reviewed-by: Alan Maguire Acked-by: Lorenz Bauer Link: https://lore.kernel.org/bpf/279ae3717cb3d03c0ffeb511493c93c450a01e1a.1591108731.git.daniel@iogearbox.net","include/uapi/linux/bpf.h | 43 +++++++++++++++++++++++++++++++++++++++++-; net/core/filter.c | 38 +++++++++++++++++++++++++++++++++++++; tools/include/uapi/linux/bpf.h | 43 +++++++++++++++++++++++++++++++++++++++++-; 3 files changed, 122 insertions(+), 2 deletions(-)","This commit introduces the 'bpf_csum_level' helper to adjust SKB checksum levels in BPF programs.","bpf_csum_level, helper, checksum","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"836e66c218f355ec01ba57671c85abf32961dcea","836e66c218f355ec01ba57671c85abf32961dcea","Daniel Borkmann","daniel@iogearbox.net","1591109912","Alexei Starovoitov","ast@kernel.org","1591123823","15d1e1e7e21cc2c6e13dcbccfc17ca10c191915e","9a25c1df24a6fea9dc79eec950453c4e00f707fd","bpf: Fix up bpf_skb_adjust_room helper's skb csum setting Lorenz recently reported: In our TC classifier cls_redirect [0], we use the following sequence of helper calls to decapsulate a GUE (basically IP + UDP + custom header) encapsulated packet: bpf_skb_adjust_room(skb, -encap_len, BPF_ADJ_ROOM_MAC, BPF_F_ADJ_ROOM_FIXED_GSO) bpf_redirect(skb->ifindex, BPF_F_INGRESS) It seems like some checksums of the inner headers are not validated in this case. For example, a TCP SYN packet with invalid TCP checksum is still accepted by the network stack and elicits a SYN ACK. [...] That is, we receive the following packet from the driver: | ETH | IP | UDP | GUE | IP | TCP | skb->ip_summed == CHECKSUM_UNNECESSARY ip_summed is CHECKSUM_UNNECESSARY because our NICs do rx checksum offloading. On this packet we run skb_adjust_room_mac(-encap_len), and get the following: | ETH | IP | TCP | skb->ip_summed == CHECKSUM_UNNECESSARY Note that ip_summed is still CHECKSUM_UNNECESSARY. After bpf_redirect()'ing into the ingress, we end up in tcp_v4_rcv(). There, skb_checksum_init() is turned into a no-op due to CHECKSUM_UNNECESSARY. The bpf_skb_adjust_room() helper is not aware of protocol specifics. Internally, it handles the CHECKSUM_COMPLETE case via skb_postpull_rcsum(), but that does not cover CHECKSUM_UNNECESSARY. In this case skb->csum_level of the original skb prior to bpf_skb_adjust_room() call was 0, that is, covering UDP. Right now there is no way to adjust the skb->csum_level. NICs that have checksum offload disabled (CHECKSUM_NONE) or that support CHECKSUM_COMPLETE are not affected. Use a safe default for CHECKSUM_UNNECESSARY by resetting to CHECKSUM_NONE and add a flag to the helper called BPF_F_ADJ_ROOM_NO_CSUM_RESET that allows users from opting out. Opting out is useful for the case where we don't remove/add full protocol headers, or for the case where a user wants to adjust the csum level manually e.g. through bpf_csum_level() helper that is added in subsequent patch. The bpf_skb_proto_{4_to_6,6_to_4}() for NAT64/46 translation from the BPF bpf_skb_change_proto() helper uses bpf_skb_net_hdr_{push,pop}() pair internally as well but doesn't change layers, only transitions between v4 to v6 and vice versa, therefore no adoption is required there. [0] https://lore.kernel.org/bpf/20200424185556.7358-1-lmb@cloudflare.com/ Fixes: 2be7e212d541 (""bpf: add bpf_skb_adjust_room helper"") Reported-by: Lorenz Bauer Reported-by: Alan Maguire Signed-off-by: Daniel Borkmann Signed-off-by: Lorenz Bauer Signed-off-by: Alexei Starovoitov Reviewed-by: Alan Maguire Link: https://lore.kernel.org/bpf/CACAyw9-uU_52esMd1JjuA80fRPHJv5vsSg8GnfW3t_qDU4aVKQ@mail.gmail.com/ Link: https://lore.kernel.org/bpf/11a90472e7cce83e76ddbfce81fdfce7bfc68808.1591108731.git.daniel@iogearbox.net","include/linux/skbuff.h | 8 ++++++++; include/uapi/linux/bpf.h | 8 ++++++++; net/core/filter.c | 8 ++++++--; tools/include/uapi/linux/bpf.h | 8 ++++++++; 4 files changed, 30 insertions(+), 2 deletions(-)","The commit fixes checksum handling in the bpf_skb_adjust_room helper to deal with CHECKSUM_UNNECESSARY cases correctly.","checksum,bpf_skb_adjust_room,helper","A bug fix. It primarily resolves a bug or issue in the code.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['tc related type programs. It affects programs managing traffic control (tc) for queuing or prioritizing network traffic.', 'Netfilter related type programs. It impacts programs interacting with the Netfilter framework used in packet filtering and NAT.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"041de93ff86fc500aa73e5360039c95f4d31b95f","041de93ff86fc500aa73e5360039c95f4d31b95f","Christoph Hellwig","hch@lst.de","1591073522","Linus Torvalds","torvalds@linux-foundation.org","1591120751","6c5aef031ba2ad5ed70f360a329443727cbc03b8","c3f896dcf1e47959aca4f8e6ac9537b478949126","mm: remove vmalloc_user_node_flags Open code it in __bpf_map_area_alloc, which is the only caller. Also clean up __bpf_map_area_alloc to have a single vmalloc call with slightly different flags instead of the current two different calls. For this to compile for the nommu case add a __vmalloc_node_range stub to nommu.c. [akpm@linux-foundation.org: fix nommu.c build] Signed-off-by: Christoph Hellwig Signed-off-by: Andrew Morton Acked-by: Peter Zijlstra (Intel) Acked-by: Johannes Weiner Cc: Christian Borntraeger Cc: Christophe Leroy Cc: Daniel Vetter Cc: David Airlie Cc: Gao Xiang Cc: Greg Kroah-Hartman Cc: Haiyang Zhang Cc: ""K. Y. Srinivasan"" Cc: Laura Abbott Cc: Mark Rutland Cc: Michael Kelley Cc: Minchan Kim Cc: Nitin Gupta Cc: Robin Murphy Cc: Sakari Ailus Cc: Stephen Hemminger Cc: Sumit Semwal Cc: Wei Liu Cc: Benjamin Herrenschmidt Cc: Catalin Marinas Cc: Heiko Carstens Cc: Paul Mackerras Cc: Vasily Gorbik Cc: Will Deacon Cc: Stephen Rothwell Link: http://lkml.kernel.org/r/20200414131348.444715-27-hch@lst.de Signed-off-by: Linus Torvalds ","include/linux/vmalloc.h | 1 -; kernel/bpf/syscall.c | 24 ++++++++++++++----------; mm/nommu.c | 14 ++++++++------; mm/vmalloc.c | 20 --------------------; 4 files changed, 22 insertions(+), 37 deletions(-)","Refactor and optimize __bpf_map_area_alloc by removing vmalloc_user_node_flags and consolidating vmalloc calls, including adjustments for nommu support.","refactor,vmap,nommu","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"9a25c1df24a6fea9dc79eec950453c4e00f707fd","9a25c1df24a6fea9dc79eec950453c4e00f707fd","David S. Miller","davem@davemloft.net","1591051988","David S. Miller","davem@davemloft.net","1591051988","1188078f9838a3b6a60a3923ed31df142ffc8ed6","efd7ed0f5f2d07ccbb1853c5d46656cdfa1371fb cf51abcded837ef209faa03a62b2ea44e45995e8","Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next Alexei Starovoitov says: ==================== pull-request: bpf-next 2020-06-01 The following pull-request contains BPF updates for your *net-next* tree. We've added 55 non-merge commits during the last 1 day(s) which contain a total of 91 files changed, 4986 insertions(+), 463 deletions(-). The main changes are: 1) Add rx_queue_mapping to bpf_sock from Amritha. 2) Add BPF ring buffer, from Andrii. 3) Attach and run programs through devmap, from David. 4) Allow SO_BINDTODEVICE opt in bpf_setsockopt, from Ferenc. 5) link based flow_dissector, from Jakub. 6) Use tracing helpers for lsm programs, from Jiri. 7) Several sk_msg fixes and extensions, from John. ==================== Signed-off-by: David S. Miller ","","The commit merges BPF updates including new features and extensions into the net-next tree.","merge,new features,extensions","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"cf51abcded837ef209faa03a62b2ea44e45995e8","cf51abcded837ef209faa03a62b2ea44e45995e8","Alexei Starovoitov","ast@kernel.org","1591050063","Alexei Starovoitov","ast@kernel.org","1591050072","1edf7a1b44dac5062702fea067e9d9e94cf02c3e","febeb6dff7beafcaf89521f6c8ff7b0adac08d54 06716e04a043aa5e010f952a823ad038054b0e5c","Merge branch 'Link-based-attach-to-netns' Jakub Sitnicki says: ==================== One of the pieces of feedback from recent review of BPF hooks for socket lookup [0] was that new program types should use bpf_link-based attachment. This series introduces new bpf_link type for attaching to network namespace. All link operations are supported. Errors returned from ops follow cgroup example. Patch 4 description goes into error semantics. The major change in v2 is a switch away from RCU to mutex-only synchronization. Andrii pointed out that it is not needed, and it makes sense to keep locking straightforward. Also, there were a couple of bugs in update_prog and fill_info initial implementation, one picked up by kbuild. Those are now fixed. Tests have been extended to cover them. Full changelog below. Series is organized as so: Patches 1-3 prepare a space in struct net to keep state for attached BPF programs, and massage the code in flow_dissector to make it attach type agnostic, to finally move it under kernel/bpf/. Patch 4, the most important one, introduces new bpf_link link type for attaching to network namespace. Patch 5 unifies the update error (ENOLINK) between BPF cgroup and netns. Patches 6-8 make libbpf and bpftool aware of the new link type. Patches 9-12 Add and extend tests to check that link low- and high-level API for operating on links to netns works as intended. Thanks to Alexei, Andrii, Lorenz, Marek, and Stanislav for feedback. -jkbs [0] https://lore.kernel.org/bpf/20200511185218.1422406-1-jakub@cloudflare.com/ Cc: Alexei Starovoitov Cc: Andrii Nakryiko Cc: Lorenz Bauer Cc: Marek Majkowski Cc: Stanislav Fomichev v1 -> v2: - Switch to mutex-only synchronization. Don't rely on RCU grace period guarantee when accessing struct net from link release / update / fill_info, and when accessing bpf_link from pernet pre_exit callback. (Andrii) - Drop patch 1, no longer needed with mutex-only synchronization. - Don't leak uninitialized variable contents from fill_info callback when link is in defunct state. (kbuild) - Make fill_info treat the link as defunct (i.e. no attached netns) when struct net refcount is 0, but link has not been yet auto-detached. - Add missing BPF_LINK_TYPE define in bpf_types.h for new link type. - Fix link update_prog callback to update the prog that will run, and not just the link itself. - Return EEXIST on prog attach when link already exists, and on link create when prog is already attached directly. (Andrii) - Return EINVAL on prog detach when link is attached. (Andrii) - Fold __netns_bpf_link_attach into its only caller. (Stanislav) - Get rid of a wrapper around container_of() (Andrii) - Use rcu_dereference_protected instead of rcu_access_pointer on update-side. (Stanislav) - Make return-on-success from netns_bpf_link_create less confusing. (Andrii) - Adapt bpf_link for cgroup to return ENOLINK when updating a defunct link. (Andrii, Alexei) - Order new exported symbols in libbpf.map alphabetically (Andrii) - Keep libbpf's ""failed to attach link"" warning message clear as to what we failed to attach to (cgroup vs netns). (Andrii) - Extract helpers for printing link attach type. (bpftool, Andrii) - Switch flow_dissector tests to BPF skeleton and extend them to exercise link-based flow dissector attachment. (Andrii) - Harden flow dissector attachment tests with prog query checks after prog attach/detach, or link create/update/close. - Extend flow dissector tests to cover fill_info for defunct links. - Rebase onto recent bpf-next ==================== Signed-off-by: Alexei Starovoitov ","","This commit merges a new bpf_link type enabling network namespace attachments, synchronizing with mutex and unifying operations across cgroups and netns.","bpf_link, mutex, netns","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"06716e04a043aa5e010f952a823ad038054b0e5c","06716e04a043aa5e010f952a823ad038054b0e5c","Jakub Sitnicki","jakub@cloudflare.com","1590913726","Alexei Starovoitov","ast@kernel.org","1591050063","1edf7a1b44dac5062702fea067e9d9e94cf02c3e","b4b8a3bf9ef0fbbf343b624d68ea328dd4edd5c4","selftests/bpf: Extend test_flow_dissector to cover link creation Extend the existing flow_dissector test case to run tests once using direct prog attachments, and then for the second time using indirect attachment via link. The intention is to exercises the newly added high-level API for attaching programs to network namespace with links (bpf_program__attach_netns). Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200531082846.2117903-13-jakub@cloudflare.com",".../selftests/bpf/prog_tests/flow_dissector.c | 115 +++++++++++++++------; 1 file changed, 82 insertions(+), 33 deletions(-)","Extended the BPF self-test to include link creation using a new API for attaching programs to network namespaces.","flow_dissector,selftests,link","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"b4b8a3bf9ef0fbbf343b624d68ea328dd4edd5c4","b4b8a3bf9ef0fbbf343b624d68ea328dd4edd5c4","Jakub Sitnicki","jakub@cloudflare.com","1590913725","Alexei Starovoitov","ast@kernel.org","1591050063","eaf9771a8c2940eaaae4cb817fd602c306813f53","b8215dce7dfd817ca38807f55165bf502146cd68","selftests/bpf: Convert test_flow_dissector to use BPF skeleton Switch flow dissector test setup from custom BPF object loader to BPF skeleton to save boilerplate and prepare for testing higher-level API for attaching flow dissector with bpf_link. To avoid depending on program order in the BPF object when populating the flow dissector PROG_ARRAY map, change the program section names to contain the program index into the map. This follows the example set by tailcall tests. Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200531082846.2117903-12-jakub@cloudflare.com",".../selftests/bpf/prog_tests/flow_dissector.c | 50 +++++++++++++++++++---; tools/testing/selftests/bpf/progs/bpf_flow.c | 20 ++++-----; 2 files changed, 55 insertions(+), 15 deletions(-)","The commit converts the flow dissector test to use BPF skeleton, reducing boilerplate and preparing for higher-level API testing with bpf_link.","BPF skeleton,flow dissector,boilerplate","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"b8215dce7dfd817ca38807f55165bf502146cd68","b8215dce7dfd817ca38807f55165bf502146cd68","Jakub Sitnicki","jakub@cloudflare.com","1590913724","Alexei Starovoitov","ast@kernel.org","1591050063","cb8e6982e4ecc845169d2c6ab7a51055ebf6f104","1f043f87bb595bbe6c7e6b291d115284840a6c33","selftests/bpf, flow_dissector: Close TAP device FD after the test test_flow_dissector leaves a TAP device after it's finished, potentially interfering with other tests that will run after it. Fix it by closing the TAP descriptor on cleanup. Fixes: 0905beec9f52 (""selftests/bpf: run flow dissector tests in skb-less mode"") Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200531082846.2117903-11-jakub@cloudflare.com","tools/testing/selftests/bpf/prog_tests/flow_dissector.c | 1 +; 1 file changed, 1 insertion(+)","The commit closes a TAP device file descriptor in the flow dissector test to prevent interference with subsequent tests.","TAP, flow_dissector, cleanup","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"1f043f87bb595bbe6c7e6b291d115284840a6c33","1f043f87bb595bbe6c7e6b291d115284840a6c33","Jakub Sitnicki","jakub@cloudflare.com","1590913723","Alexei Starovoitov","ast@kernel.org","1591050063","091e3779fd034a281e3d9bd275f229bfc8b9eb0a","e948947a6e111b3d4bbe538105ee2f3611e032ad","selftests/bpf: Add tests for attaching bpf_link to netns Extend the existing test case for flow dissector attaching to cover: - link creation, - link updates, - link info querying, - mixing links with direct prog attachment. Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200531082846.2117903-10-jakub@cloudflare.com",".../bpf/prog_tests/flow_dissector_reattach.c | 588 +++++++++++++++++++--; 1 file changed, 551 insertions(+), 37 deletions(-)","This commit extends self-tests for eBPF by adding tests for attaching bpf_link to network namespaces, covering link management and mixing with direct attachment.","selftests,bpf_link,netns","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"e948947a6e111b3d4bbe538105ee2f3611e032ad","e948947a6e111b3d4bbe538105ee2f3611e032ad","Jakub Sitnicki","jakub@cloudflare.com","1590913722","Alexei Starovoitov","ast@kernel.org","1591050063","819624d6f0c4dd42ee070ce3f2340274b0b0139d","be6e19818ba626eb1b354490aee40a2cfc1a219f","bpftool: Support link show for netns-attached links Make `bpf link show` aware of new link type, that is links attached to netns. When listing netns-attached links, display netns inode number as its identifier and link attach type. Sample session: # readlink /proc/self/ns/net net:[4026532251] # bpftool prog show 357: flow_dissector tag a04f5eef06a7f555 gpl loaded_at 2020-05-30T16:53:51+0200 uid 0 xlated 16B jited 37B memlock 4096B 358: flow_dissector tag a04f5eef06a7f555 gpl loaded_at 2020-05-30T16:53:51+0200 uid 0 xlated 16B jited 37B memlock 4096B # bpftool link show 108: netns prog 357 netns_ino 4026532251 attach_type flow_dissector # bpftool link -jp show [{ ""id"": 108, ""type"": ""netns"", ""prog_id"": 357, ""netns_ino"": 4026532251, ""attach_type"": ""flow_dissector"" } ] (... after netns is gone ...) # bpftool link show 108: netns prog 357 netns_ino 0 attach_type flow_dissector # bpftool link -jp show [{ ""id"": 108, ""type"": ""netns"", ""prog_id"": 357, ""netns_ino"": 0, ""attach_type"": ""flow_dissector"" } ] Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200531082846.2117903-9-jakub@cloudflare.com","tools/bpf/bpftool/link.c | 10 ++++++++++; 1 file changed, 10 insertions(+)","Enhance bpftool to display netns-attached BPF links using netns inode numbers.","bpftool,netns,links","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"be6e19818ba626eb1b354490aee40a2cfc1a219f","be6e19818ba626eb1b354490aee40a2cfc1a219f","Jakub Sitnicki","jakub@cloudflare.com","1590913721","Alexei Starovoitov","ast@kernel.org","1591050063","dd45dc2eeff5cc6fd1893064d7f46f39413a9018","d60d81acc2c180e33244857e35ef60072573b000","bpftool: Extract helpers for showing link attach type Code for printing link attach_type is duplicated in a couple of places, and likely will be duplicated for future link types as well. Create helpers to prevent duplication. Suggested-by: Andrii Nakryiko Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200531082846.2117903-8-jakub@cloudflare.com","tools/bpf/bpftool/link.c | 44 ++++++++++++++++++++++----------------------; 1 file changed, 22 insertions(+), 22 deletions(-)","Refactors bpftool to use helpers for printing link attach types to reduce code duplication.","bpftool,helpers,refactoring","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"d60d81acc2c180e33244857e35ef60072573b000","d60d81acc2c180e33244857e35ef60072573b000","Jakub Sitnicki","jakub@cloudflare.com","1590913720","Alexei Starovoitov","ast@kernel.org","1591050063","11247584ab1f2753c51c2a968a49c7933ff73c7b","0c047ecbb7bab4c1d2136f5f04bb47a66a9a12b8","libbpf: Add support for bpf_link-based netns attachment Add bpf_program__attach_nets(), which uses LINK_CREATE subcommand to create an FD-based kernel bpf_link, for attach types tied to network namespace, that is BPF_FLOW_DISSECTOR for the moment. Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200531082846.2117903-7-jakub@cloudflare.com","tools/lib/bpf/libbpf.c | 23 ++++++++++++++++++-----; tools/lib/bpf/libbpf.h | 2 ++; tools/lib/bpf/libbpf.map | 1 +; 3 files changed, 21 insertions(+), 5 deletions(-)","Adds support in libbpf for BPF_FLOW_DISSECTOR attachment via bpf_link in network namespaces.","libbpf,BPF_FLOW_DISSECTOR,bpf_link","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Netfilter related type programs. It impacts programs interacting with the Netfilter framework used in packet filtering and NAT.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"0c047ecbb7bab4c1d2136f5f04bb47a66a9a12b8","0c047ecbb7bab4c1d2136f5f04bb47a66a9a12b8","Jakub Sitnicki","jakub@cloudflare.com","1590913719","Alexei Starovoitov","ast@kernel.org","1591050063","0efdb4ab26c8013322151d42e1eaf31968ce0ed4","7f045a49fee04b5662cbdeaf0838f9322ae8c63a","bpf, cgroup: Return ENOLINK for auto-detached links on update Failure to update a bpf_link because it has been auto-detached by a dying cgroup currently results in EINVAL error, even though the arguments passed to bpf() syscall are not wrong. bpf_links attaching to netns in this case will return ENOLINK, which carries the message that the link is no longer attached to anything. Change cgroup bpf_links to do the same to keep the uAPI errors consistent. Fixes: 0c991ebc8c69 (""bpf: Implement bpf_prog replacement for an active bpf_cgroup_link"") Suggested-by: Lorenz Bauer Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200531082846.2117903-6-jakub@cloudflare.com","kernel/bpf/cgroup.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","This commit changes cgroup bpf_links to return ENOLINK instead of EINVAL for auto-detached links on update.","ENOLINK,cgroup,bpf_links","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"7f045a49fee04b5662cbdeaf0838f9322ae8c63a","7f045a49fee04b5662cbdeaf0838f9322ae8c63a","Jakub Sitnicki","jakub@cloudflare.com","1590913718","Alexei Starovoitov","ast@kernel.org","1591050063","dece77e22630b3ebb07fefe626c652573509690b","b27f7bb590ba835b32ef122389db158e44cfda1e","bpf: Add link-based BPF program attachment to network namespace Extend bpf() syscall subcommands that operate on bpf_link, that is LINK_CREATE, LINK_UPDATE, OBJ_GET_INFO, to accept attach types tied to network namespaces (only flow dissector at the moment). Link-based and prog-based attachment can be used interchangeably, but only one can exist at a time. Attempts to attach a link when a prog is already attached directly, and the other way around, will be met with -EEXIST. Attempts to detach a program when link exists result in -EINVAL. Attachment of multiple links of same attach type to one netns is not supported with the intention to lift the restriction when a use-case presents itself. Because of that link create returns -E2BIG when trying to create another netns link, when one already exists. Link-based attachments to netns don't keep a netns alive by holding a ref to it. Instead links get auto-detached from netns when the latter is being destroyed, using a pernet pre_exit callback. When auto-detached, link lives in defunct state as long there are open FDs for it. -ENOLINK is returned if a user tries to update a defunct link. Because bpf_link to netns doesn't hold a ref to struct net, special care is taken when releasing, updating, or filling link info. The netns might be getting torn down when any of these link operations are in progress. That is why auto-detach and update/release/fill_info are synchronized by the same mutex. Also, link ops have to always check if auto-detach has not happened yet and if netns is still alive (refcnt > 0). Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200531082846.2117903-5-jakub@cloudflare.com","include/linux/bpf-netns.h | 8 ++; include/linux/bpf_types.h | 3 +; include/net/netns/bpf.h | 1 +; include/uapi/linux/bpf.h | 5 +; kernel/bpf/net_namespace.c | 244 ++++++++++++++++++++++++++++++++++++++++-; kernel/bpf/syscall.c | 3 +; tools/include/uapi/linux/bpf.h | 5 +; 7 files changed, 267 insertions(+), 2 deletions(-)","This commit introduces link-based BPF program attachments to network namespaces for managing flow dissector programs with specific constraints and handling detach scenarios.","BPF,network namespace,attachments","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"b27f7bb590ba835b32ef122389db158e44cfda1e","b27f7bb590ba835b32ef122389db158e44cfda1e","Jakub Sitnicki","jakub@cloudflare.com","1590913717","Alexei Starovoitov","ast@kernel.org","1591050062","79716052834fb939fcb957d357f0b9213c9cb5fc","a3fd7ceee05431d2c51ed86c6cae015d236a51f0","flow_dissector: Move out netns_bpf prog callbacks Move functions to manage BPF programs attached to netns that are not specific to flow dissector to a dedicated module named bpf/net_namespace.c. The set of functions will grow with the addition of bpf_link support for netns attached programs. This patch prepares ground by creating a place for it. This is a code move with no functional changes intended. Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200531082846.2117903-4-jakub@cloudflare.com","include/net/flow_dissector.h | 6 ++; kernel/bpf/Makefile | 1 +; kernel/bpf/net_namespace.c | 133 +++++++++++++++++++++++++++++++++++++++++++; net/core/flow_dissector.c | 125 ++--------------------------------------; 4 files changed, 144 insertions(+), 121 deletions(-)","Reorganized code for managing BPF programs attached to netns into a new dedicated module without functional changes.","netns,bpf,callbacks","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"a3fd7ceee05431d2c51ed86c6cae015d236a51f0","a3fd7ceee05431d2c51ed86c6cae015d236a51f0","Jakub Sitnicki","jakub@cloudflare.com","1590913716","Alexei Starovoitov","ast@kernel.org","1591050062","239fb6cb80a26ab38befd59faa7d4354d5eac190","171526f6fee84de0c39e2b7aa7e666ba0bbfd173","net: Introduce netns_bpf for BPF programs attached to netns In order to: (1) attach more than one BPF program type to netns, or (2) support attaching BPF programs to netns with bpf_link, or (3) support multi-prog attach points for netns we will need to keep more state per netns than a single pointer like we have now for BPF flow dissector program. Prepare for the above by extracting netns_bpf that is part of struct net, for storing all state related to BPF programs attached to netns. Turn flow dissector callbacks for querying/attaching/detaching a program into generic ones that operate on netns_bpf. Next patch will move the generic callbacks into their own module. This is similar to how it is organized for cgroup with cgroup_bpf. Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Cc: Stanislav Fomichev Link: https://lore.kernel.org/bpf/20200531082846.2117903-3-jakub@cloudflare.com","include/linux/bpf-netns.h | 56 +++++++++++++++++++++++; include/linux/skbuff.h | 26 -----------; include/net/net_namespace.h | 4 +-; include/net/netns/bpf.h | 17 +++++++; kernel/bpf/syscall.c | 7 +--; net/core/flow_dissector.c | 105 +++++++++++++++++++++++++++++---------------; 6 files changed, 149 insertions(+), 66 deletions(-)","Introduce netns_bpf to allow multiple BPF programs to be attached to network namespaces.","netns_bpf,multi-prog,attach","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","[""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"171526f6fee84de0c39e2b7aa7e666ba0bbfd173","171526f6fee84de0c39e2b7aa7e666ba0bbfd173","Jakub Sitnicki","jakub@cloudflare.com","1590913715","Alexei Starovoitov","ast@kernel.org","1591050062","1ac0a09641c79cee0e5800c3557ba5c63320b91b","febeb6dff7beafcaf89521f6c8ff7b0adac08d54","flow_dissector: Pull locking up from prog attach callback Split out the part of attach callback that happens with attach/detach lock acquired. This structures the prog attach callback in a way that opens up doors for moving the locking out of flow_dissector and into generic callbacks for attaching/detaching progs to netns in subsequent patches. Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Reviewed-by: Stanislav Fomichev Link: https://lore.kernel.org/bpf/20200531082846.2117903-2-jakub@cloudflare.com","net/core/flow_dissector.c | 40 ++++++++++++++++++++--------------------; 1 file changed, 20 insertions(+), 20 deletions(-)","The commit moves locking outside the flow dissector's program attach callback for future attach/detach improvements.","flow_dissector, locking, callback","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"febeb6dff7beafcaf89521f6c8ff7b0adac08d54","febeb6dff7beafcaf89521f6c8ff7b0adac08d54","Andrii Nakryiko","andriin@fb.com","1591043161","Alexei Starovoitov","ast@kernel.org","1591049584","966abc0e092da570677472003cf1ca09939f9f4d","958a3f2d2aff896ae2a622878e456114f4a4cd15","libbpf: Add _GNU_SOURCE for reallocarray to ringbuf.c On systems with recent enough glibc, reallocarray compat won't kick in, so reallocarray() itself has to come from stdlib.h include. But _GNU_SOURCE is necessary to enable it. So add it. Fixes: bf99c936f947 (""libbpf: Add BPF ring buffer support"") Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Acked-by: Song Liu Link: https://lore.kernel.org/bpf/20200601202601.2139477-1-andriin@fb.com","tools/lib/bpf/ringbuf.c | 3 +++; 1 file changed, 3 insertions(+)","The commit adds _GNU_SOURCE to enable reallocarray in ringbuf.c for systems with recent glibc.","_GNU_SOURCE,reallocarray,ringbuf.c","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"958a3f2d2aff896ae2a622878e456114f4a4cd15","958a3f2d2aff896ae2a622878e456114f4a4cd15","Jiri Olsa","jolsa@kernel.org","1590939775","Alexei Starovoitov","ast@kernel.org","1591049284","ba564f500bb4a0c4525abe9b6a9603c11b3f62d9","1b698fa5d8ef958007c455e316aa44c37ab3c5fb","bpf: Use tracing helpers for lsm programs Currenty lsm uses bpf_tracing_func_proto helpers which do not include stack trace or perf event output. It's useful to have those for bpftrace lsm support [1]. Using tracing_prog_func_proto helpers for lsm programs. [1] https://github.com/iovisor/bpftrace/pull/1347 Signed-off-by: Jiri Olsa Signed-off-by: Alexei Starovoitov Cc: KP Singh Link: https://lore.kernel.org/bpf/20200531154255.896551-1-jolsa@kernel.org","include/linux/bpf.h | 3 +++; kernel/bpf/bpf_lsm.c | 2 +-; kernel/trace/bpf_trace.c | 2 +-; 3 files changed, 5 insertions(+), 2 deletions(-)","The commit updates LSM programs to use tracing_prog_func_proto helpers for enhanced tracing and event output.","tracing, LSM, helpers","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['LSM type related programs. It relates to eBPF programs used with Linux Security Modules (LSMs) for security enhancements.', 'Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"1b698fa5d8ef958007c455e316aa44c37ab3c5fb","1b698fa5d8ef958007c455e316aa44c37ab3c5fb","Lorenzo Bianconi","lorenzo@kernel.org","1590698849","Alexei Starovoitov","ast@kernel.org","1591048973","001620fb89ec9f7bdf0e3ca2e9ad64ea2950ed80","fc37987265b5979129a72c672b20245119768fb8","xdp: Rename convert_to_xdp_frame in xdp_convert_buff_to_frame In order to use standard 'xdp' prefix, rename convert_to_xdp_frame utility routine in xdp_convert_buff_to_frame and replace all the occurrences Signed-off-by: Lorenzo Bianconi Signed-off-by: Alexei Starovoitov Acked-by: Jesper Dangaard Brouer Link: https://lore.kernel.org/bpf/6344f739be0d1a08ab2b9607584c4d5478c8c083.1590698295.git.lorenzo@kernel.org","drivers/net/ethernet/amazon/ena/ena_netdev.c | 2 +-; drivers/net/ethernet/intel/i40e/i40e_txrx.c | 2 +-; drivers/net/ethernet/intel/ice/ice_txrx_lib.c | 2 +-; drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 2 +-; drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 2 +-; drivers/net/ethernet/marvell/mvneta.c | 2 +-; drivers/net/ethernet/mellanox/mlx5/core/en/xdp.c | 10 +++++-----; drivers/net/ethernet/sfc/rx.c | 2 +-; drivers/net/ethernet/socionext/netsec.c | 2 +-; drivers/net/ethernet/ti/cpsw_priv.c | 2 +-; drivers/net/tun.c | 2 +-; drivers/net/veth.c | 2 +-; drivers/net/virtio_net.c | 4 ++--; include/net/xdp.h | 2 +-; kernel/bpf/cpumap.c | 2 +-; kernel/bpf/devmap.c | 2 +-; 16 files changed, 21 insertions(+), 21 deletions(-)","Renames the utility function convert_to_xdp_frame to xdp_convert_buff_to_frame in various networking driver files.","xdp,rename,function","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"fc37987265b5979129a72c672b20245119768fb8","fc37987265b5979129a72c672b20245119768fb8","Lorenzo Bianconi","lorenzo@kernel.org","1590698848","Alexei Starovoitov","ast@kernel.org","1591048973","0db2d17cad54922b10d061997f7d1d7db7cf6f02","c48a24f00e7a8b90c817e3f7aa800a3150bb83d0","xdp: Introduce xdp_convert_frame_to_buff utility routine Introduce xdp_convert_frame_to_buff utility routine to initialize xdp_buff fields from xdp_frames ones. Rely on xdp_convert_frame_to_buff in veth xdp code. Suggested-by: Jesper Dangaard Brouer Signed-off-by: Lorenzo Bianconi Signed-off-by: Alexei Starovoitov Acked-by: Jesper Dangaard Brouer Link: https://lore.kernel.org/bpf/87acf133073c4b2d4cbb8097e8c2480c0a0fac32.1590698295.git.lorenzo@kernel.org","drivers/net/veth.c | 6 +-----; include/net/xdp.h | 10 ++++++++++; 2 files changed, 11 insertions(+), 5 deletions(-)","Introduces the xdp_convert_frame_to_buff utility to improve XDP operations in the veth driver.","xdp veth utility","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here."", ""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"c48a24f00e7a8b90c817e3f7aa800a3150bb83d0","c48a24f00e7a8b90c817e3f7aa800a3150bb83d0","Alexei Starovoitov","ast@kernel.org","1591048635","Alexei Starovoitov","ast@kernel.org","1591048820","bba2031049e20cce4e5ff3d21f6749c6b9e625b5","bb2359f4dbe98e8863b4e885fc09269ef4682ec3 9c441fe4c06a553ad770b6f21616327a3badf793","Merge branch 'bpf_setsockopt-SO_BINDTODEVICE' Ferenc Fejes says: ==================== This option makes it possible to programatically bind sockets to netdevices. With the help of this option sockets of VRF unaware applications could be distributed between multiple VRFs with an eBPF program. This lets the applications benefit from multiple possible routes. v2: - splitting up the patch to three parts - lock_sk parameter for optional locking in sock_bindtoindex - Stanislav Fomichev - testing the SO_BINDTODEVICE option - Andrii Nakryiko ==================== Signed-off-by: Alexei Starovoitov ","","The commit integrates a branch allowing eBPF programs to bind sockets to network interfaces for VRF distribution.","eBPF, sockets, VRF","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's likely a merge commit. It involves changes across multiple use cases or events."", ""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"9c441fe4c06a553ad770b6f21616327a3badf793","9c441fe4c06a553ad770b6f21616327a3badf793","Ferenc Fejes","fejes@inf.elte.hu","1590872942","Alexei Starovoitov","ast@kernel.org","1591048634","bba2031049e20cce4e5ff3d21f6749c6b9e625b5","70c58997c1e864c96dfdf072572047303db8f42a","selftests/bpf: Add test for SO_BINDTODEVICE opt of bpf_setsockopt This test intended to verify if SO_BINDTODEVICE option works in bpf_setsockopt. Because we already in the SOL_SOCKET level in this connect bpf prog its safe to verify the sanity in the beginning of the connect_v4_prog by calling the bind_to_device test helper. The testing environment already created by the test_sock_addr.sh script so this test assume that two netdevices already existing in the system: veth pair with names test_sock_addr1 and test_sock_addr2. The test will try to bind the socket to those devices first. Then the test assume there are no netdevice with ""nonexistent_dev"" name so the bpf_setsockopt will give use ENODEV error. At the end the test remove the device binding from the socket by binding it to an empty name. Signed-off-by: Ferenc Fejes Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/3f055b8e45c65639c5c73d0b4b6c589e60b86f15.1590871065.git.fejes@inf.elte.hu","tools/testing/selftests/bpf/progs/connect4_prog.c | 33 +++++++++++++++++++++++; 1 file changed, 33 insertions(+)","Added a selftest to verify the SO_BINDTODEVICE option functionality using bpf_setsockopt within the BPF framework.","selftests,BPF,SO_BINDTODEVICE","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"70c58997c1e864c96dfdf072572047303db8f42a","70c58997c1e864c96dfdf072572047303db8f42a","Ferenc Fejes","fejes@inf.elte.hu","1590872941","Alexei Starovoitov","ast@kernel.org","1591048634","faa56d742c1bd4f6091fbdd535a043354eae0387","8ea204c2b658eaef55b4716fde469fb66c589a3d","bpf: Allow SO_BINDTODEVICE opt in bpf_setsockopt Extending the supported sockopts in bpf_setsockopt with SO_BINDTODEVICE. We call sock_bindtoindex with parameter lock_sk = false in this context because we already owning the socket. Signed-off-by: Ferenc Fejes Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/4149e304867b8d5a606a305bc59e29b063e51f49.1590871065.git.fejes@inf.elte.hu","net/core/filter.c | 28 +++++++++++++++++++++++++++-; 1 file changed, 27 insertions(+), 1 deletion(-)","This commit extends the bpf_setsockopt function to support the SO_BINDTODEVICE socket option.","bpf_setsockopt,SO_BINDTODEVICE,socket","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"8ea204c2b658eaef55b4716fde469fb66c589a3d","8ea204c2b658eaef55b4716fde469fb66c589a3d","Ferenc Fejes","fejes@inf.elte.hu","1590872940","Alexei Starovoitov","ast@kernel.org","1591048634","dc158cbccc05c8a068e015ada9d29d4f0a9d42c4","bb2359f4dbe98e8863b4e885fc09269ef4682ec3","net: Make locking in sock_bindtoindex optional The sock_bindtoindex intended for kernel wide usage however it will lock the socket regardless of the context. This modification relax this behavior optionally: locking the socket will be optional by calling the sock_bindtoindex with lock_sk = true. The modification applied to all users of the sock_bindtoindex. Signed-off-by: Ferenc Fejes Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/bee6355da40d9e991b2f2d12b67d55ebb5f5b207.1590871065.git.fejes@inf.elte.hu","include/net/sock.h | 2 +-; net/core/sock.c | 10 ++++++----; net/ipv4/udp_tunnel.c | 2 +-; net/ipv6/ip6_udp_tunnel.c | 2 +-; 4 files changed, 9 insertions(+), 7 deletions(-)","The commit modifies sock_bindtoindex to make socket locking optional for flexible usage in kernel contexts.","socket, locking, optional","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"bb2359f4dbe98e8863b4e885fc09269ef4682ec3","bb2359f4dbe98e8863b4e885fc09269ef4682ec3","Denis Efremov","efremov@linux.com","1591028894","Alexei Starovoitov","ast@kernel.org","1591048113","0a444c6c75337492ed4b11c448e283af7856f026","7b805819c412e822c0bd58252b46188cddc60300","bpf: Change kvfree to kfree in generic_map_lookup_batch() buf_prevkey in generic_map_lookup_batch() is allocated with kmalloc(). It's safe to free it with kfree(). Fixes: cb4d03ab499d (""bpf: Add generic support for lookup batch op"") Signed-off-by: Denis Efremov Signed-off-by: Alexei Starovoitov Acked-by: Song Liu Link: https://lore.kernel.org/bpf/20200601162814.17426-1-efremov@linux.com Signed-off-by: Alexei Starovoitov ","kernel/bpf/syscall.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","The commit changes kvfree to kfree in generic_map_lookup_batch to correctly free memory allocated with kmalloc.","kvfree,kfree,generic_map_lookup_batch","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"7b805819c412e822c0bd58252b46188cddc60300","7b805819c412e822c0bd58252b46188cddc60300","Alexei Starovoitov","ast@kernel.org","1591046208","Alexei Starovoitov","ast@kernel.org","1591048113","bb9c682653317ac5d67719f67ab9a011b545613f","df8fe57c071c58f355d0a4985ecd2fcaf99b050f 463bac5f1ca79fcd964bf50426eab024fb4dd8a4","Merge branch 'fix-ktls-with-sk_skb_verdict' John Fastabend says: ==================== If a socket is running a BPF_SK_SKB_SREAM_VERDICT program and KTLS is enabled the data stream may be broken if both TLS stream parser and BPF stream parser try to handle data. Fix this here by making KTLS stream parser run first to ensure TLS messages are received correctly and then calling the verdict program. This analogous to how we handle a similar conflict on the TX side. Note, this is a fix but it doesn't make sense to push this late to bpf tree so targeting bpf-next and keeping fixes tags. ==================== Signed-off-by: Alexei Starovoitov ","","The commit merges a fix for handling BPF_SK_SKB_SREAM_VERDICT with KTLS to ensure correct stream processing order.","KTLS, BPF, FIX","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"df8fe57c071c58f355d0a4985ecd2fcaf99b050f","df8fe57c071c58f355d0a4985ecd2fcaf99b050f","Alexei Starovoitov","ast@kernel.org","1591046032","Alexei Starovoitov","ast@kernel.org","1591048112","4756f5b7df1140fceb71448854112c4cbc84beed","906312ca0d620cdcdb54d07594d26da0aed7eed2","tools/bpf: sync bpf.h Sync bpf.h into tool/include/uapi/ Signed-off-by: Alexei Starovoitov ","tools/include/uapi/linux/bpf.h | 1 +; 1 file changed, 1 insertion(+)","The commit updates the bpf.h header file in the tool/include/uapi directory.","sync,bpf,header","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"463bac5f1ca79fcd964bf50426eab024fb4dd8a4","463bac5f1ca79fcd964bf50426eab024fb4dd8a4","John Fastabend","john.fastabend@gmail.com","1590793639","Alexei Starovoitov","ast@kernel.org","1591048112","bb9c682653317ac5d67719f67ab9a011b545613f","e91de6afa81c10e9f855c5695eb9a53168d96b73","bpf, selftests: Add test for ktls with skb bpf ingress policy This adds a test for bpf ingress policy. To ensure data writes happen as expected with extra TLS headers we run these tests with data verification enabled by default. This will test receive packets have ""PASS"" stamped into the front of the payload. Signed-off-by: John Fastabend Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/159079363965.5745.3390806911628980210.stgit@john-Precision-5820-Tower Signed-off-by: Alexei Starovoitov ",".../selftests/bpf/progs/test_sockmap_kern.h | 46 +++++-; tools/testing/selftests/bpf/test_sockmap.c | 163 ++++++++++++++++++---; 2 files changed, 187 insertions(+), 22 deletions(-)","This commit introduces a test for BPF ingress policy with ktls to ensure data writes occur as expected with TLS headers.","test, ingress, ktls","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"906312ca0d620cdcdb54d07594d26da0aed7eed2","906312ca0d620cdcdb54d07594d26da0aed7eed2","Alexei Starovoitov","ast@kernel.org","1591044573","Alexei Starovoitov","ast@kernel.org","1591048112","315a7405aabf602bdff8a8d95450829cd25f61ba","b36e62eb85215a60916f910070f6d494b4f3e73a d39aec79e5923bf984df991ffe51d4a2b7a9e746","Merge branch 'xdp_devmap' David Ahern says: ==================== Implementation of Daniel's proposal for allowing DEVMAP entries to be a device index, program fd pair. Programs are run after XDP_REDIRECT and have access to both Rx device and Tx device. v4 - moved struct bpf_devmap_val from uapi to devmap.c, named the union and dropped the prefix from the elements - Jesper - fixed 2 bugs in selftests v3 - renamed struct to bpf_devmap_val - used offsetofend to check for expected map size, modification of Toke's comment - check for explicit value sizes - adjusted switch statement in dev_map_run_prog per Andrii's comment - changed SEC shortcut to xdp_devmap - changed selftests to use skeleton and new map declaration v2 - moved dev_map_ext_val definition to uapi to formalize the API for devmap extensions; add bpf_ prefix to the prog_fd and prog_id entries - changed devmap code to handle struct in a way that it can support future extensions - fixed subject in libbpf patch v1 - fixed prog put on invalid program - Toke - changed write value from id to fd per Toke's comments about capabilities - add test cases ==================== Signed-off-by: Alexei Starovoitov ","","This commit merges updates for DEVMAP entry implementation linking device index with program file descriptor for XDP programs.","DEVMAP,XDP,program","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's likely a merge commit. It involves changes across multiple use cases or events."", ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"e91de6afa81c10e9f855c5695eb9a53168d96b73","e91de6afa81c10e9f855c5695eb9a53168d96b73","John Fastabend","john.fastabend@gmail.com","1590793619","Alexei Starovoitov","ast@kernel.org","1591048112","ba666cc88807dd13b946d3531c5e6bb947b55f99","ca2f5f21dbbd5e3a00cd3e97f728aa2ca0b2e011","bpf: Fix running sk_skb program types with ktls KTLS uses a stream parser to collect TLS messages and send them to the upper layer tls receive handler. This ensures the tls receiver has a full TLS header to parse when it is run. However, when a socket has BPF_SK_SKB_STREAM_VERDICT program attached before KTLS is enabled we end up with two stream parsers running on the same socket. The result is both try to run on the same socket. First the KTLS stream parser runs and calls read_sock() which will tcp_read_sock which in turn calls tcp_rcv_skb(). This dequeues the skb from the sk_receive_queue. When this is done KTLS code then data_ready() callback which because we stacked KTLS on top of the bpf stream verdict program has been replaced with sk_psock_start_strp(). This will in turn kick the stream parser again and eventually do the same thing KTLS did above calling into tcp_rcv_skb() and dequeuing a skb from the sk_receive_queue. At this point the data stream is broke. Part of the stream was handled by the KTLS side some other bytes may have been handled by the BPF side. Generally this results in either missing data or more likely a ""Bad Message"" complaint from the kTLS receive handler as the BPF program steals some bytes meant to be in a TLS header and/or the TLS header length is no longer correct. We've already broke the idealized model where we can stack ULPs in any order with generic callbacks on the TX side to handle this. So in this patch we do the same thing but for RX side. We add a sk_psock_strp_enabled() helper so TLS can learn a BPF verdict program is running and add a tls_sw_has_ctx_rx() helper so BPF side can learn there is a TLS ULP on the socket. Then on BPF side we omit calling our stream parser to avoid breaking the data stream for the KTLS receiver. Then on the KTLS side we call BPF_SK_SKB_STREAM_VERDICT once the KTLS receiver is done with the packet but before it posts the msg to userspace. This gives us symmetry between the TX and RX halfs and IMO makes it usable again. On the TX side we process packets in this order BPF -> TLS -> TCP and on the receive side in the reverse order TCP -> TLS -> BPF. Discovered while testing OpenSSL 3.0 Alpha2.0 release. Fixes: d829e9c4112b5 (""tls: convert to generic sk_msg interface"") Signed-off-by: John Fastabend Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/159079361946.5745.605854335665044485.stgit@john-Precision-5820-Tower Signed-off-by: Alexei Starovoitov ","include/linux/skmsg.h | 8 ++++++++; include/net/tls.h | 9 +++++++++; net/core/skmsg.c | 43 ++++++++++++++++++++++++++++++++++++++++---; net/tls/tls_sw.c | 20 ++++++++++++++++++--; 4 files changed, 75 insertions(+), 5 deletions(-)","This commit fixes issues with dual stream parsers in sockets with BPF_SK_SKB_STREAM_VERDICT and KTLS, ensuring data integrity is preserved.","sk_skb, ktls, parser","A bug fix. It primarily resolves a bug or issue in the code.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"d39aec79e5923bf984df991ffe51d4a2b7a9e746","d39aec79e5923bf984df991ffe51d4a2b7a9e746","David Ahern","dsahern@kernel.org","1590790036","Alexei Starovoitov","ast@kernel.org","1591048112","315a7405aabf602bdff8a8d95450829cd25f61ba","2778797037a658be71a6c55b54700bf58ba21eb7","selftest: Add tests for XDP programs in devmap entries Add tests to verify ability to add an XDP program to a entry in a DEVMAP. Add negative tests to show DEVMAP programs can not be attached to devices as a normal XDP program, and accesses to egress_ifindex require BPF_XDP_DEVMAP attach type. Signed-off-by: David Ahern Signed-off-by: Alexei Starovoitov Acked-by: Toke Høiland-Jørgensen Link: https://lore.kernel.org/bpf/20200529220716.75383-6-dsahern@kernel.org Signed-off-by: Alexei Starovoitov ",".../selftests/bpf/prog_tests/xdp_devmap_attach.c | 97 ++++++++++++++++++++++; .../selftests/bpf/progs/test_xdp_devmap_helpers.c | 22 +++++; .../bpf/progs/test_xdp_with_devmap_helpers.c | 44 ++++++++++; 3 files changed, 163 insertions(+)","The commit adds self-tests for XDP programs within DEVMAP entries to verify attachment functionality and restrictions.","tests,XDP,DEVMAP","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"ca2f5f21dbbd5e3a00cd3e97f728aa2ca0b2e011","ca2f5f21dbbd5e3a00cd3e97f728aa2ca0b2e011","John Fastabend","john.fastabend@gmail.com","1590793601","Alexei Starovoitov","ast@kernel.org","1591048112","5aeebc8c7dc5e317b92dfd90bb723bd2d8960f83","df8fe57c071c58f355d0a4985ecd2fcaf99b050f","bpf: Refactor sockmap redirect code so its easy to reuse We will need this block of code called from tls context shortly lets refactor the redirect logic so its easy to use. This also cleans up the switch stmt so we have fewer fallthrough cases. No logic changes are intended. Fixes: d829e9c4112b5 (""tls: convert to generic sk_msg interface"") Signed-off-by: John Fastabend Signed-off-by: Alexei Starovoitov Reviewed-by: Jakub Sitnicki Acked-by: Song Liu Link: https://lore.kernel.org/bpf/159079360110.5745.7024009076049029819.stgit@john-Precision-5820-Tower Signed-off-by: Alexei Starovoitov ","net/core/skmsg.c | 55 ++++++++++++++++++++++++++++++++++---------------------; 1 file changed, 34 insertions(+), 21 deletions(-)","The commit refactors sockmap redirect code to improve reusability and clean up switch statements without changing logic.","refactor,sockmap,redirect","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"2778797037a658be71a6c55b54700bf58ba21eb7","2778797037a658be71a6c55b54700bf58ba21eb7","David Ahern","dsahern@kernel.org","1590790035","Alexei Starovoitov","ast@kernel.org","1591048112","78a6041e8cb731474142743d307ddb6d4e9ac72f","64b59025c15b244c0954cf52b24fbabfcf5ed8f6","libbpf: Add SEC name for xdp programs attached to device map Support SEC(""xdp_devmap*"") as a short cut for loading the program with type BPF_PROG_TYPE_XDP and expected attach type BPF_XDP_DEVMAP. Signed-off-by: David Ahern Signed-off-by: Alexei Starovoitov Acked-by: Toke Høiland-Jørgensen Link: https://lore.kernel.org/bpf/20200529220716.75383-5-dsahern@kernel.org Signed-off-by: Alexei Starovoitov ","tools/lib/bpf/libbpf.c | 2 ++; 1 file changed, 2 insertions(+)","This commit adds support in libbpf for using SEC names to load XDP programs attached to device maps.","libbpf XDP devmap","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"64b59025c15b244c0954cf52b24fbabfcf5ed8f6","64b59025c15b244c0954cf52b24fbabfcf5ed8f6","David Ahern","dsahern@kernel.org","1590790034","Alexei Starovoitov","ast@kernel.org","1591048112","6d47a7f0f047306a1aede92a803a50e629b6c50a","fbee97feed9b3e4acdf9590e1f6b4a2eefecfffe","xdp: Add xdp_txq_info to xdp_buff Add xdp_txq_info as the Tx counterpart to xdp_rxq_info. At the moment only the device is added. Other fields (queue_index) can be added as use cases arise. >From a UAPI perspective, add egress_ifindex to xdp context for bpf programs to see the Tx device. Update the verifier to only allow accesses to egress_ifindex by XDP programs with BPF_XDP_DEVMAP expected attach type. Signed-off-by: David Ahern Signed-off-by: Alexei Starovoitov Acked-by: Toke Høiland-Jørgensen Link: https://lore.kernel.org/bpf/20200529220716.75383-4-dsahern@kernel.org Signed-off-by: Alexei Starovoitov ","include/net/xdp.h | 5 +++++; include/uapi/linux/bpf.h | 2 ++; kernel/bpf/devmap.c | 3 +++; net/core/filter.c | 17 +++++++++++++++++; tools/include/uapi/linux/bpf.h | 2 ++; 5 files changed, 29 insertions(+)","This commit introduces xdp_txq_info to xdp_buff for accessing Tx device information in XDP programs.","xdp,txq_info,egress_ifindex","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', 'Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"fbee97feed9b3e4acdf9590e1f6b4a2eefecfffe","fbee97feed9b3e4acdf9590e1f6b4a2eefecfffe","David Ahern","dsahern@kernel.org","1590790033","Alexei Starovoitov","ast@kernel.org","1591048112","0a0db20d9c9840d8b1988c1960a0c25a21713d59","7f1c04269fe7b3293dea38ea65da4fd6614d6f80","bpf: Add support to attach bpf program to a devmap entry Add BPF_XDP_DEVMAP attach type for use with programs associated with a DEVMAP entry. Allow DEVMAPs to associate a program with a device entry by adding a bpf_prog.fd to 'struct bpf_devmap_val'. Values read show the program id, so the fd and id are a union. bpf programs can get access to the struct via vmlinux.h. The program associated with the fd must have type XDP with expected attach type BPF_XDP_DEVMAP. When a program is associated with a device index, the program is run on an XDP_REDIRECT and before the buffer is added to the per-cpu queue. At this point rxq data is still valid; the next patch adds tx device information allowing the prorgam to see both ingress and egress device indices. XDP generic is skb based and XDP programs do not work with skb's. Block the use case by walking maps used by a program that is to be attached via xdpgeneric and fail if any of them are DEVMAP / DEVMAP_HASH with Block attach of BPF_XDP_DEVMAP programs to devices. Signed-off-by: David Ahern Signed-off-by: Alexei Starovoitov Acked-by: Toke Høiland-Jørgensen Link: https://lore.kernel.org/bpf/20200529220716.75383-3-dsahern@kernel.org Signed-off-by: Alexei Starovoitov ","include/linux/bpf.h | 5 +++; include/uapi/linux/bpf.h | 1 +; kernel/bpf/devmap.c | 88 ++++++++++++++++++++++++++++++++++++++++--; net/core/dev.c | 18 +++++++++; tools/include/uapi/linux/bpf.h | 1 +; 5 files changed, 109 insertions(+), 4 deletions(-)","Add support to attach an XDP program to a DEVMAP entry enabling execution on XDP_REDIRECT.","XDP,DEVMAP,attach","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"b36e62eb85215a60916f910070f6d494b4f3e73a","b36e62eb85215a60916f910070f6d494b4f3e73a","Yonghong Song","yhs@fb.com","1590713290","Alexei Starovoitov","ast@kernel.org","1591048111","fe2877fddbe43d1430761ecbf07d4b3104a9f433","c3c16f2ea6d20159903cf93afbb1155f3d8348d5","bpf: Use strncpy_from_unsafe_strict() in bpf_seq_printf() helper In bpf_seq_printf() helper, when user specified a ""%s"" in the format string, strncpy_from_unsafe() is used to read the actual string to a buffer. The string could be a format string or a string in the kernel data structure. It is really unlikely that the string will reside in the user memory. This is different from Commit b2a5212fb634 (""bpf: Restrict bpf_trace_printk()'s %s usage and add %pks, %pus specifier"") which still used strncpy_from_unsafe() for ""%s"" to preserve the old behavior. If in the future, bpf_seq_printf() indeed needs to read user memory, we can implement ""%pus"" format string. Based on discussion in [1], if the intent is to read kernel memory, strncpy_from_unsafe_strict() should be used. So this patch changed to use strncpy_from_unsafe_strict(). [1]: https://lore.kernel.org/bpf/20200521152301.2587579-1-hch@lst.de/T/ Fixes: 492e639f0c22 (""bpf: Add bpf_seq_printf and bpf_seq_write helpers"") Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Song Liu Cc: Christoph Hellwig Link: https://lore.kernel.org/bpf/20200529004810.3352219-1-yhs@fb.com Signed-off-by: Alexei Starovoitov ","kernel/trace/bpf_trace.c | 6 +++---; 1 file changed, 3 insertions(+), 3 deletions(-)","The commit changes bpf_seq_printf() helper to use strncpy_from_unsafe_strict() for safer kernel memory access.","bpf_seq_printf, strncpy_from_unsafe_strict, security","A security fix. It resolves a security vulnerability or strengthens security measures.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"7f1c04269fe7b3293dea38ea65da4fd6614d6f80","7f1c04269fe7b3293dea38ea65da4fd6614d6f80","David Ahern","dsahern@kernel.org","1590790032","Alexei Starovoitov","ast@kernel.org","1591048111","cd4c6feac28a86b0376bd694720e70f9a7ed21a6","b36e62eb85215a60916f910070f6d494b4f3e73a","devmap: Formalize map value as a named struct Add 'struct bpf_devmap_val' to formalize the expected values that can be passed in for a DEVMAP. Update devmap code to use the struct. Signed-off-by: David Ahern Signed-off-by: Alexei Starovoitov Acked-by: Toke Høiland-Jørgensen Link: https://lore.kernel.org/bpf/20200529220716.75383-2-dsahern@kernel.org Signed-off-by: Alexei Starovoitov ","kernel/bpf/devmap.c | 45 ++++++++++++++++++++++++++++-----------------; 1 file changed, 28 insertions(+), 17 deletions(-)","The commit structures DEVMAP values with 'struct bpf_devmap_val' and updates code for consistent implementation.","devmap, struct, bpf","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"c3c16f2ea6d20159903cf93afbb1155f3d8348d5","c3c16f2ea6d20159903cf93afbb1155f3d8348d5","Amritha Nambiar","amritha.nambiar@intel.com","1590539676","Alexei Starovoitov","ast@kernel.org","1591047503","0948edc2fb124f13909092894f1946e0dfebcb43","e255d3273920dfd2d4e1cf2afe565b942c122219","bpf: Add rx_queue_mapping to bpf_sock Add ""rx_queue_mapping"" to bpf_sock. This gives read access for the existing field (sk_rx_queue_mapping) of struct sock from bpf_sock. Semantics for the bpf_sock rx_queue_mapping access are similar to sk_rx_queue_get(), i.e the value NO_QUEUE_MAPPING is not allowed and -1 is returned in that case. This is useful for transmit queue selection based on the received queue index which is cached in the socket in the receive path. v3: Addressed review comments to add usecase in patch description, and fixed default value for rx_queue_mapping. v2: fixed build error for CONFIG_XPS wrapping, reported by kbuild test robot Signed-off-by: Amritha Nambiar Signed-off-by: Alexei Starovoitov ","include/uapi/linux/bpf.h | 1 +; net/core/filter.c | 18 ++++++++++++++++++; 2 files changed, 19 insertions(+)","The commit adds rx_queue_mapping to bpf_sock for selecting transmit queues based on received queue indices.","rx_queue_mapping,bpf_sock,socket","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"e255d3273920dfd2d4e1cf2afe565b942c122219","e255d3273920dfd2d4e1cf2afe565b942c122219","Daniel Borkmann","daniel@iogearbox.net","1590765069","Alexei Starovoitov","ast@kernel.org","1591047503","2af8a49b786c2f9e879b3433c7962464cfa77518","43dd115b1fffdd8d2c4cc15659c00b2a1addbc43 97abb2b396821f21c21cee2d537bb4e0a0eef31b","Merge branch 'bpf-ring-buffer' Andrii Nakryiko says: ==================== Implement a new BPF ring buffer, as presented at BPF virtual conference ([0]). It presents an alternative to perf buffer, following its semantics closely, but allowing sharing same instance of ring buffer across multiple CPUs efficiently. Most patches have extensive commentary explaining various aspects, so I'll keep cover letter short. Overall structure of the patch set: - patch #1 adds BPF ring buffer implementation to kernel and necessary verifier support; - patch #2 adds libbpf consumer implementation for BPF ringbuf; - patch #3 adds selftest, both for single BPF ring buf use case, as well as using it with array/hash of maps; - patch #4 adds extensive benchmarks and provide some analysis in commit message, it builds upon selftests/bpf's bench runner. - patch #5 adds most of patch #1 commit message as a doc under Documentation/bpf/ringbuf.rst. Litmus tests, validating consumer/producer protocols and memory orderings, were moved out as discussed in [1] and are going to be posted against -rcu tree and put under Documentation/litmus-tests/bpf-rb. [0] https://docs.google.com/presentation/d/18ITdg77Bj6YDOH2LghxrnFxiPWe0fAqcmJY95t_qr0w [1] https://lkml.org/lkml/2020/5/22/1011 v3->v4: - fix ringbuf freeing (vunmap, __free_page); verified with a trivial loop creating and closing ringbuf map endlessly (Daniel); v2->v3: - dropped unnecessary smp_wmb() (Paul); - verifier reference type enhancement patch was dropped (Alexei); - better verifier message for various memory access checks (Alexei); - clarified a bit roundup_len() bit shifting (Alexei); - converted doc to .rst (Alexei); - fixed warning on 32-bit arches regarding tautological ring area size check. v1->v2: - commit()/discard()/output() accept flags (NO_WAKEUP/FORCE_WAKEUP) (Stanislav); - bpf_ringbuf_query() added, returning available data size, ringbuf size, consumer/producer positions, needed to implement smarter notification policy (Stanislav); - added ringbuf UAPI constants to include/uapi/linux/bpf.h (Jonathan); - fixed sample size check, added proper ringbuf size check (Jonathan, Alexei); - wake_up_all() is done through irq_work (Alexei); - consistent use of smp_load_acquire/smp_store_release, no READ_ONCE/WRITE_ONCE (Alexei); - added Documentation/bpf/ringbuf.txt (Stanislav); - updated litmus test with smp_load_acquire/smp_store_release changes; - added ring_buffer__consume() API to libbpf for busy-polling; - ring_buffer__poll() on success returns number of records consumed; - fixed EPOLL notifications, don't assume available data, done similarly to perfbuf's implementation; - both ringbuf and perfbuf now have --rb-sampled mode, instead of pb-raw/pb-custom mode, updated benchmark results; - extended ringbuf selftests to validate epoll logic/manual notification logic, as well as bpf_ringbuf_query(). ==================== Signed-off-by: Daniel Borkmann ","","This commit merges a new BPF ring buffer for efficient CPU sharing with supporting tests, documentation, and benchmarks.","BPF,ring,buffer","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"43dd115b1fffdd8d2c4cc15659c00b2a1addbc43","43dd115b1fffdd8d2c4cc15659c00b2a1addbc43","Anton Protopopov","a.s.protopopov@gmail.com","1590605820","Alexei Starovoitov","ast@kernel.org","1591047502","c12bee6e69cccf7ebeb5b2c6b8228d0982660fe5","1ea0f9120c8ce105ca181b070561df5cbd6bc049","selftests/bpf: Add tests for write-only stacks/queues For write-only stacks and queues bpf_map_update_elem should be allowed, but bpf_map_lookup_elem and bpf_map_lookup_and_delete_elem should fail with EPERM. Signed-off-by: Anton Protopopov Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200527185700.14658-6-a.s.protopopov@gmail.com Signed-off-by: Alexei Starovoitov ","tools/testing/selftests/bpf/test_maps.c | 40 ++++++++++++++++++++++++++++++++-; 1 file changed, 39 insertions(+), 1 deletion(-)","Added self-tests for BPF write-only stacks and queues ensuring correct behavior of map element update and access functions.","selftests,bpf,write-only","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"97abb2b396821f21c21cee2d537bb4e0a0eef31b","97abb2b396821f21c21cee2d537bb4e0a0eef31b","Andrii Nakryiko","andriin@fb.com","1590738864","Alexei Starovoitov","ast@kernel.org","1591047502","2af8a49b786c2f9e879b3433c7962464cfa77518","c97099b0f22722be7d0f290278a26d297cc4b7ca","docs/bpf: Add BPF ring buffer design notes Add commit description from patch #1 as a stand-alone documentation under Documentation/bpf, as it might be more convenient format, in long term perspective. Suggested-by: Stanislav Fomichev Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200529075424.3139988-6-andriin@fb.com Signed-off-by: Alexei Starovoitov ","Documentation/bpf/ringbuf.rst | 209 ++++++++++++++++++++++++++++++++++++++++++; 1 file changed, 209 insertions(+)","This commit adds design documentation for the BPF ring buffer under Documentation/bpf.","BPF,ring,documentation","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"c97099b0f22722be7d0f290278a26d297cc4b7ca","c97099b0f22722be7d0f290278a26d297cc4b7ca","Andrii Nakryiko","andriin@fb.com","1590738863","Alexei Starovoitov","ast@kernel.org","1591047502","e4d0ffeda9530c131e41d499a849c4db2dda743b","cb1c9ddd552520abd49031d47397c6e95bad882e","bpf: Add BPF ringbuf and perf buffer benchmarks Extend bench framework with ability to have benchmark-provided child argument parser for custom benchmark-specific parameters. This makes bench generic code modular and independent from any specific benchmark. Also implement a set of benchmarks for new BPF ring buffer and existing perf buffer. 4 benchmarks were implemented: 2 variations for each of BPF ringbuf and perfbuf:, - rb-libbpf utilizes stock libbpf ring_buffer manager for reading data; - rb-custom implements custom ring buffer setup and reading code, to eliminate overheads inherent in generic libbpf code due to callback functions and the need to update consumer position after each consumed record, instead of batching updates (due to pessimistic assumption that user callback might take long time and thus could unnecessarily hold ring buffer space for too long); - pb-libbpf uses stock libbpf perf_buffer code with all the default settings, though uses higher-performance raw event callback to minimize unnecessary overhead; - pb-custom implements its own custom consumer code to minimize any possible overhead of generic libbpf implementation and indirect function calls. All of the test support default, no data notification skipped, mode, as well as sampled mode (with --rb-sampled flag), which allows to trigger epoll notification less frequently and reduce overhead. As will be shown, this mode is especially critical for perf buffer, which suffers from high overhead of wakeups in kernel. Otherwise, all benchamrks implement similar way to generate a batch of records by using fentry/sys_getpgid BPF program, which pushes a bunch of records in a tight loop and records number of successful and dropped samples. Each record is a small 8-byte integer, to minimize the effect of memory copying with bpf_perf_event_output() and bpf_ringbuf_output(). Benchmarks that have only one producer implement optional back-to-back mode, in which record production and consumption is alternating on the same CPU. This is the highest-throughput happy case, showing ultimate performance achievable with either BPF ringbuf or perfbuf. All the below scenarios are implemented in a script in benchs/run_bench_ringbufs.sh. Tests were performed on 28-core/56-thread Intel Xeon CPU E5-2680 v4 @ 2.40GHz CPU. Single-producer, parallel producer ================================== rb-libbpf 12.054 ± 0.320M/s (drops 0.000 ± 0.000M/s) rb-custom 8.158 ± 0.118M/s (drops 0.001 ± 0.003M/s) pb-libbpf 0.931 ± 0.007M/s (drops 0.000 ± 0.000M/s) pb-custom 0.965 ± 0.003M/s (drops 0.000 ± 0.000M/s) Single-producer, parallel producer, sampled notification ======================================================== rb-libbpf 11.563 ± 0.067M/s (drops 0.000 ± 0.000M/s) rb-custom 15.895 ± 0.076M/s (drops 0.000 ± 0.000M/s) pb-libbpf 9.889 ± 0.032M/s (drops 0.000 ± 0.000M/s) pb-custom 9.866 ± 0.028M/s (drops 0.000 ± 0.000M/s) Single producer on one CPU, consumer on another one, both running at full speed. Curiously, rb-libbpf has higher throughput than objectively faster (due to more lightweight consumer code path) rb-custom. It appears that faster consumer causes kernel to send notifications more frequently, because consumer appears to be caught up more frequently. Performance of perfbuf suffers from default ""no sampling"" policy and huge overhead that causes. In sampled mode, rb-custom is winning very significantly eliminating too frequent in-kernel wakeups, the gain appears to be more than 2x. Perf buffer achieves even more impressive wins, compared to stock perfbuf settings, with 10x improvements in throughput with 1:500 sampling rate. The trade-off is that with sampling, application might not get next X events until X+1st arrives, which is not always acceptable. With steady influx of events, though, this shouldn't be a problem. Overall, single-producer performance of ring buffers seems to be better no matter the sampled/non-sampled modes, but it especially beats ring buffer without sampling due to its adaptive notification approach. Single-producer, back-to-back mode ================================== rb-libbpf 15.507 ± 0.247M/s (drops 0.000 ± 0.000M/s) rb-libbpf-sampled 14.692 ± 0.195M/s (drops 0.000 ± 0.000M/s) rb-custom 21.449 ± 0.157M/s (drops 0.000 ± 0.000M/s) rb-custom-sampled 20.024 ± 0.386M/s (drops 0.000 ± 0.000M/s) pb-libbpf 1.601 ± 0.015M/s (drops 0.000 ± 0.000M/s) pb-libbpf-sampled 8.545 ± 0.064M/s (drops 0.000 ± 0.000M/s) pb-custom 1.607 ± 0.022M/s (drops 0.000 ± 0.000M/s) pb-custom-sampled 8.988 ± 0.144M/s (drops 0.000 ± 0.000M/s) Here we test a back-to-back mode, which is arguably best-case scenario both for BPF ringbuf and perfbuf, because there is no contention and for ringbuf also no excessive notification, because consumer appears to be behind after the first record. For ringbuf, custom consumer code clearly wins with 21.5 vs 16 million records per second exchanged between producer and consumer. Sampled mode actually hurts a bit due to slightly slower producer logic (it needs to fetch amount of data available to decide whether to skip or force notification). Perfbuf with wakeup sampling gets 5.5x throughput increase, compared to no-sampling version. There also doesn't seem to be noticeable overhead from generic libbpf handling code. Perfbuf back-to-back, effect of sample rate =========================================== pb-sampled-1 1.035 ± 0.012M/s (drops 0.000 ± 0.000M/s) pb-sampled-5 3.476 ± 0.087M/s (drops 0.000 ± 0.000M/s) pb-sampled-10 5.094 ± 0.136M/s (drops 0.000 ± 0.000M/s) pb-sampled-25 7.118 ± 0.153M/s (drops 0.000 ± 0.000M/s) pb-sampled-50 8.169 ± 0.156M/s (drops 0.000 ± 0.000M/s) pb-sampled-100 8.887 ± 0.136M/s (drops 0.000 ± 0.000M/s) pb-sampled-250 9.180 ± 0.209M/s (drops 0.000 ± 0.000M/s) pb-sampled-500 9.353 ± 0.281M/s (drops 0.000 ± 0.000M/s) pb-sampled-1000 9.411 ± 0.217M/s (drops 0.000 ± 0.000M/s) pb-sampled-2000 9.464 ± 0.167M/s (drops 0.000 ± 0.000M/s) pb-sampled-3000 9.575 ± 0.273M/s (drops 0.000 ± 0.000M/s) This benchmark shows the effect of event sampling for perfbuf. Back-to-back mode for highest throughput. Just doing every 5th record notification gives 3.5x speed up. 250-500 appears to be the point of diminishing return, with almost 9x speed up. Most benchmarks use 500 as the default sampling for pb-raw and pb-custom. Ringbuf back-to-back, effect of sample rate =========================================== rb-sampled-1 1.106 ± 0.010M/s (drops 0.000 ± 0.000M/s) rb-sampled-5 4.746 ± 0.149M/s (drops 0.000 ± 0.000M/s) rb-sampled-10 7.706 ± 0.164M/s (drops 0.000 ± 0.000M/s) rb-sampled-25 12.893 ± 0.273M/s (drops 0.000 ± 0.000M/s) rb-sampled-50 15.961 ± 0.361M/s (drops 0.000 ± 0.000M/s) rb-sampled-100 18.203 ± 0.445M/s (drops 0.000 ± 0.000M/s) rb-sampled-250 19.962 ± 0.786M/s (drops 0.000 ± 0.000M/s) rb-sampled-500 20.881 ± 0.551M/s (drops 0.000 ± 0.000M/s) rb-sampled-1000 21.317 ± 0.532M/s (drops 0.000 ± 0.000M/s) rb-sampled-2000 21.331 ± 0.535M/s (drops 0.000 ± 0.000M/s) rb-sampled-3000 21.688 ± 0.392M/s (drops 0.000 ± 0.000M/s) Similar benchmark for ring buffer also shows a great advantage (in terms of throughput) of skipping notifications. Skipping every 5th one gives 4x boost. Also similar to perfbuf case, 250-500 seems to be the point of diminishing returns, giving roughly 20x better results. Keep in mind, for this test, notifications are controlled manually with BPF_RB_NO_WAKEUP and BPF_RB_FORCE_WAKEUP. As can be seen from previous benchmarks, adaptive notifications based on consumer's positions provides same (or even slightly better due to simpler load generator on BPF side) benefits in favorable back-to-back scenario. Over zealous and fast consumer, which is almost always caught up, will make thoughput numbers smaller. That's the case when manual notification control might prove to be extremely beneficial. Ringbuf back-to-back, reserve+commit vs output ============================================== reserve 22.819 ± 0.503M/s (drops 0.000 ± 0.000M/s) output 18.906 ± 0.433M/s (drops 0.000 ± 0.000M/s) Ringbuf sampled, reserve+commit vs output ========================================= reserve-sampled 15.350 ± 0.132M/s (drops 0.000 ± 0.000M/s) output-sampled 14.195 ± 0.144M/s (drops 0.000 ± 0.000M/s) BPF ringbuf supports two sets of APIs with various usability and performance tradeoffs: bpf_ringbuf_reserve()+bpf_ringbuf_commit() vs bpf_ringbuf_output(). This benchmark clearly shows superiority of reserve+commit approach, despite using a small 8-byte record size. Single-producer, consumer/producer competing on the same CPU, low batch count ============================================================================= rb-libbpf 3.045 ± 0.020M/s (drops 3.536 ± 0.148M/s) rb-custom 3.055 ± 0.022M/s (drops 3.893 ± 0.066M/s) pb-libbpf 1.393 ± 0.024M/s (drops 0.000 ± 0.000M/s) pb-custom 1.407 ± 0.016M/s (drops 0.000 ± 0.000M/s) This benchmark shows one of the worst-case scenarios, in which producer and consumer do not coordinate *and* fight for the same CPU. No batch count and sampling settings were able to eliminate drops for ringbuffer, producer is just too fast for consumer to keep up. But ringbuf and perfbuf still able to pass through quite a lot of messages, which is more than enough for a lot of applications. Ringbuf, multi-producer contention ================================== rb-libbpf nr_prod 1 10.916 ± 0.399M/s (drops 0.000 ± 0.000M/s) rb-libbpf nr_prod 2 4.931 ± 0.030M/s (drops 0.000 ± 0.000M/s) rb-libbpf nr_prod 3 4.880 ± 0.006M/s (drops 0.000 ± 0.000M/s) rb-libbpf nr_prod 4 3.926 ± 0.004M/s (drops 0.000 ± 0.000M/s) rb-libbpf nr_prod 8 4.011 ± 0.004M/s (drops 0.000 ± 0.000M/s) rb-libbpf nr_prod 12 3.967 ± 0.016M/s (drops 0.000 ± 0.000M/s) rb-libbpf nr_prod 16 2.604 ± 0.030M/s (drops 0.001 ± 0.002M/s) rb-libbpf nr_prod 20 2.233 ± 0.003M/s (drops 0.000 ± 0.000M/s) rb-libbpf nr_prod 24 2.085 ± 0.015M/s (drops 0.000 ± 0.000M/s) rb-libbpf nr_prod 28 2.055 ± 0.004M/s (drops 0.000 ± 0.000M/s) rb-libbpf nr_prod 32 1.962 ± 0.004M/s (drops 0.000 ± 0.000M/s) rb-libbpf nr_prod 36 2.089 ± 0.005M/s (drops 0.000 ± 0.000M/s) rb-libbpf nr_prod 40 2.118 ± 0.006M/s (drops 0.000 ± 0.000M/s) rb-libbpf nr_prod 44 2.105 ± 0.004M/s (drops 0.000 ± 0.000M/s) rb-libbpf nr_prod 48 2.120 ± 0.058M/s (drops 0.000 ± 0.001M/s) rb-libbpf nr_prod 52 2.074 ± 0.024M/s (drops 0.007 ± 0.014M/s) Ringbuf uses a very short-duration spinlock during reservation phase, to check few invariants, increment producer count and set record header. This is the biggest point of contention for ringbuf implementation. This benchmark evaluates the effect of multiple competing writers on overall throughput of a single shared ringbuffer. Overall throughput drops almost 2x when going from single to two highly-contended producers, gradually dropping with additional competing producers. Performance drop stabilizes at around 20 producers and hovers around 2mln even with 50+ fighting producers, which is a 5x drop compared to non-contended case. Good kernel implementation in kernel helps maintain decent performance here. Note, that in the intended real-world scenarios, it's not expected to get even close to such a high levels of contention. But if contention will become a problem, there is always an option of sharding few ring buffers across a set of CPUs. Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200529075424.3139988-5-andriin@fb.com Signed-off-by: Alexei Starovoitov ","tools/testing/selftests/bpf/Makefile | 5 +-; tools/testing/selftests/bpf/bench.c | 16 +; .../testing/selftests/bpf/benchs/bench_ringbufs.c | 566 +++++++++++++++++++++; .../selftests/bpf/benchs/run_bench_ringbufs.sh | 75 +++; tools/testing/selftests/bpf/progs/perfbuf_bench.c | 33 ++; tools/testing/selftests/bpf/progs/ringbuf_bench.c | 60 +++; 6 files changed, 754 insertions(+), 1 deletion(-)","This commit extends the bench framework for BPF ring buffer and perf buffer benchmarks.","ringbuf, benchmarks, buffers","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"cb1c9ddd552520abd49031d47397c6e95bad882e","cb1c9ddd552520abd49031d47397c6e95bad882e","Andrii Nakryiko","andriin@fb.com","1590738862","Alexei Starovoitov","ast@kernel.org","1591047502","f3a8313d99afc70a079e8659b96274d8f6ea7210","bf99c936f9478a05d51e9f101f90de70bee9a89c","selftests/bpf: Add BPF ringbuf selftests Both singleton BPF ringbuf and BPF ringbuf with map-in-map use cases are tested. Also reserve+submit/discards and output variants of API are validated. Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200529075424.3139988-4-andriin@fb.com Signed-off-by: Alexei Starovoitov ","tools/testing/selftests/bpf/prog_tests/ringbuf.c | 211 +++++++++++++++++++++; .../selftests/bpf/prog_tests/ringbuf_multi.c | 102 ++++++++++; tools/testing/selftests/bpf/progs/test_ringbuf.c | 78 ++++++++; .../selftests/bpf/progs/test_ringbuf_multi.c | 77 ++++++++; 4 files changed, 468 insertions(+)","The commit introduces tests for BPF ring buffers, including singleton and map-in-map scenarios.","BPF,selftests,ringbuf","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"bf99c936f9478a05d51e9f101f90de70bee9a89c","bf99c936f9478a05d51e9f101f90de70bee9a89c","Andrii Nakryiko","andriin@fb.com","1590738861","Alexei Starovoitov","ast@kernel.org","1591047502","a86e2c74513f1cc4bfe77c315a21ef3f259b5de1","457f44363a8894135c85b7a9afd2bd8196db24ab","libbpf: Add BPF ring buffer support Declaring and instantiating BPF ring buffer doesn't require any changes to libbpf, as it's just another type of maps. So using existing BTF-defined maps syntax with __uint(type, BPF_MAP_TYPE_RINGBUF) and __uint(max_elements, ) is all that's necessary to create and use BPF ring buffer. This patch adds BPF ring buffer consumer to libbpf. It is very similar to perf_buffer implementation in terms of API, but also attempts to fix some minor problems and inconveniences with existing perf_buffer API. ring_buffer support both single ring buffer use case (with just using ring_buffer__new()), as well as allows to add more ring buffers, each with its own callback and context. This allows to efficiently poll and consume multiple, potentially completely independent, ring buffers, using single epoll instance. The latter is actually a problem in practice for applications that are using multiple sets of perf buffers. They have to create multiple instances for struct perf_buffer and poll them independently or in a loop, each approach having its own problems (e.g., inability to use a common poll timeout). struct ring_buffer eliminates this problem by aggregating many independent ring buffer instances under the single ""ring buffer manager"". Second, perf_buffer's callback can't return error, so applications that need to stop polling due to error in data or data signalling the end, have to use extra mechanisms to signal that polling has to stop. ring_buffer's callback can return error, which will be passed through back to user code and can be acted upon appropariately. Two APIs allow to consume ring buffer data: - ring_buffer__poll(), which will wait for data availability notification and will consume data only from reported ring buffer(s); this API allows to efficiently use resources by reading data only when it becomes available; - ring_buffer__consume(), will attempt to read new records regardless of data availablity notification sub-system. This API is useful for cases when lowest latency is required, in expense of burning CPU resources. Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200529075424.3139988-3-andriin@fb.com Signed-off-by: Alexei Starovoitov ","tools/lib/bpf/Build | 2 +-; tools/lib/bpf/libbpf.h | 21 ++++; tools/lib/bpf/libbpf.map | 5 +; tools/lib/bpf/libbpf_probes.c | 5 +; tools/lib/bpf/ringbuf.c | 285 ++++++++++++++++++++++++++++++++++++++++++; 5 files changed, 317 insertions(+), 1 deletion(-)","The commit introduces BPF ring buffer support in libbpf for efficient data handling.","libbpf,ring buffer,efficiency","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"457f44363a8894135c85b7a9afd2bd8196db24ab","457f44363a8894135c85b7a9afd2bd8196db24ab","Andrii Nakryiko","andriin@fb.com","1590738860","Alexei Starovoitov","ast@kernel.org","1591047502","bf3551fca471cb5bf7ac3b9c91f375a689909dfc","43dd115b1fffdd8d2c4cc15659c00b2a1addbc43","bpf: Implement BPF ring buffer and verifier support for it This commit adds a new MPSC ring buffer implementation into BPF ecosystem, which allows multiple CPUs to submit data to a single shared ring buffer. On the consumption side, only single consumer is assumed. Motivation ---------- There are two distinctive motivators for this work, which are not satisfied by existing perf buffer, which prompted creation of a new ring buffer implementation. - more efficient memory utilization by sharing ring buffer across CPUs; - preserving ordering of events that happen sequentially in time, even across multiple CPUs (e.g., fork/exec/exit events for a task). These two problems are independent, but perf buffer fails to satisfy both. Both are a result of a choice to have per-CPU perf ring buffer. Both can be also solved by having an MPSC implementation of ring buffer. The ordering problem could technically be solved for perf buffer with some in-kernel counting, but given the first one requires an MPSC buffer, the same solution would solve the second problem automatically. Semantics and APIs ------------------ Single ring buffer is presented to BPF programs as an instance of BPF map of type BPF_MAP_TYPE_RINGBUF. Two other alternatives considered, but ultimately rejected. One way would be to, similar to BPF_MAP_TYPE_PERF_EVENT_ARRAY, make BPF_MAP_TYPE_RINGBUF could represent an array of ring buffers, but not enforce ""same CPU only"" rule. This would be more familiar interface compatible with existing perf buffer use in BPF, but would fail if application needed more advanced logic to lookup ring buffer by arbitrary key. HASH_OF_MAPS addresses this with current approach. Additionally, given the performance of BPF ringbuf, many use cases would just opt into a simple single ring buffer shared among all CPUs, for which current approach would be an overkill. Another approach could introduce a new concept, alongside BPF map, to represent generic ""container"" object, which doesn't necessarily have key/value interface with lookup/update/delete operations. This approach would add a lot of extra infrastructure that has to be built for observability and verifier support. It would also add another concept that BPF developers would have to familiarize themselves with, new syntax in libbpf, etc. But then would really provide no additional benefits over the approach of using a map. BPF_MAP_TYPE_RINGBUF doesn't support lookup/update/delete operations, but so doesn't few other map types (e.g., queue and stack; array doesn't support delete, etc). The approach chosen has an advantage of re-using existing BPF map infrastructure (introspection APIs in kernel, libbpf support, etc), being familiar concept (no need to teach users a new type of object in BPF program), and utilizing existing tooling (bpftool). For common scenario of using a single ring buffer for all CPUs, it's as simple and straightforward, as would be with a dedicated ""container"" object. On the other hand, by being a map, it can be combined with ARRAY_OF_MAPS and HASH_OF_MAPS map-in-maps to implement a wide variety of topologies, from one ring buffer for each CPU (e.g., as a replacement for perf buffer use cases), to a complicated application hashing/sharding of ring buffers (e.g., having a small pool of ring buffers with hashed task's tgid being a look up key to preserve order, but reduce contention). Key and value sizes are enforced to be zero. max_entries is used to specify the size of ring buffer and has to be a power of 2 value. There are a bunch of similarities between perf buffer (BPF_MAP_TYPE_PERF_EVENT_ARRAY) and new BPF ring buffer semantics: - variable-length records; - if there is no more space left in ring buffer, reservation fails, no blocking; - memory-mappable data area for user-space applications for ease of consumption and high performance; - epoll notifications for new incoming data; - but still the ability to do busy polling for new data to achieve the lowest latency, if necessary. BPF ringbuf provides two sets of APIs to BPF programs: - bpf_ringbuf_output() allows to *copy* data from one place to a ring buffer, similarly to bpf_perf_event_output(); - bpf_ringbuf_reserve()/bpf_ringbuf_commit()/bpf_ringbuf_discard() APIs split the whole process into two steps. First, a fixed amount of space is reserved. If successful, a pointer to a data inside ring buffer data area is returned, which BPF programs can use similarly to a data inside array/hash maps. Once ready, this piece of memory is either committed or discarded. Discard is similar to commit, but makes consumer ignore the record. bpf_ringbuf_output() has disadvantage of incurring extra memory copy, because record has to be prepared in some other place first. But it allows to submit records of the length that's not known to verifier beforehand. It also closely matches bpf_perf_event_output(), so will simplify migration significantly. bpf_ringbuf_reserve() avoids the extra copy of memory by providing a memory pointer directly to ring buffer memory. In a lot of cases records are larger than BPF stack space allows, so many programs have use extra per-CPU array as a temporary heap for preparing sample. bpf_ringbuf_reserve() avoid this needs completely. But in exchange, it only allows a known constant size of memory to be reserved, such that verifier can verify that BPF program can't access memory outside its reserved record space. bpf_ringbuf_output(), while slightly slower due to extra memory copy, covers some use cases that are not suitable for bpf_ringbuf_reserve(). The difference between commit and discard is very small. Discard just marks a record as discarded, and such records are supposed to be ignored by consumer code. Discard is useful for some advanced use-cases, such as ensuring all-or-nothing multi-record submission, or emulating temporary malloc()/free() within single BPF program invocation. Each reserved record is tracked by verifier through existing reference-tracking logic, similar to socket ref-tracking. It is thus impossible to reserve a record, but forget to submit (or discard) it. bpf_ringbuf_query() helper allows to query various properties of ring buffer. Currently 4 are supported: - BPF_RB_AVAIL_DATA returns amount of unconsumed data in ring buffer; - BPF_RB_RING_SIZE returns the size of ring buffer; - BPF_RB_CONS_POS/BPF_RB_PROD_POS returns current logical possition of consumer/producer, respectively. Returned values are momentarily snapshots of ring buffer state and could be off by the time helper returns, so this should be used only for debugging/reporting reasons or for implementing various heuristics, that take into account highly-changeable nature of some of those characteristics. One such heuristic might involve more fine-grained control over poll/epoll notifications about new data availability in ring buffer. Together with BPF_RB_NO_WAKEUP/BPF_RB_FORCE_WAKEUP flags for output/commit/discard helpers, it allows BPF program a high degree of control and, e.g., more efficient batched notifications. Default self-balancing strategy, though, should be adequate for most applications and will work reliable and efficiently already. Design and implementation ------------------------- This reserve/commit schema allows a natural way for multiple producers, either on different CPUs or even on the same CPU/in the same BPF program, to reserve independent records and work with them without blocking other producers. This means that if BPF program was interruped by another BPF program sharing the same ring buffer, they will both get a record reserved (provided there is enough space left) and can work with it and submit it independently. This applies to NMI context as well, except that due to using a spinlock during reservation, in NMI context, bpf_ringbuf_reserve() might fail to get a lock, in which case reservation will fail even if ring buffer is not full. The ring buffer itself internally is implemented as a power-of-2 sized circular buffer, with two logical and ever-increasing counters (which might wrap around on 32-bit architectures, that's not a problem): - consumer counter shows up to which logical position consumer consumed the data; - producer counter denotes amount of data reserved by all producers. Each time a record is reserved, producer that ""owns"" the record will successfully advance producer counter. At that point, data is still not yet ready to be consumed, though. Each record has 8 byte header, which contains the length of reserved record, as well as two extra bits: busy bit to denote that record is still being worked on, and discard bit, which might be set at commit time if record is discarded. In the latter case, consumer is supposed to skip the record and move on to the next one. Record header also encodes record's relative offset from the beginning of ring buffer data area (in pages). This allows bpf_ringbuf_commit()/bpf_ringbuf_discard() to accept only the pointer to the record itself, without requiring also the pointer to ring buffer itself. Ring buffer memory location will be restored from record metadata header. This significantly simplifies verifier, as well as improving API usability. Producer counter increments are serialized under spinlock, so there is a strict ordering between reservations. Commits, on the other hand, are completely lockless and independent. All records become available to consumer in the order of reservations, but only after all previous records where already committed. It is thus possible for slow producers to temporarily hold off submitted records, that were reserved later. Reservation/commit/consumer protocol is verified by litmus tests in Documentation/litmus-test/bpf-rb. One interesting implementation bit, that significantly simplifies (and thus speeds up as well) implementation of both producers and consumers is how data area is mapped twice contiguously back-to-back in the virtual memory. This allows to not take any special measures for samples that have to wrap around at the end of the circular buffer data area, because the next page after the last data page would be first data page again, and thus the sample will still appear completely contiguous in virtual memory. See comment and a simple ASCII diagram showing this visually in bpf_ringbuf_area_alloc(). Another feature that distinguishes BPF ringbuf from perf ring buffer is a self-pacing notifications of new data being availability. bpf_ringbuf_commit() implementation will send a notification of new record being available after commit only if consumer has already caught up right up to the record being committed. If not, consumer still has to catch up and thus will see new data anyways without needing an extra poll notification. Benchmarks (see tools/testing/selftests/bpf/benchs/bench_ringbuf.c) show that this allows to achieve a very high throughput without having to resort to tricks like ""notify only every Nth sample"", which are necessary with perf buffer. For extreme cases, when BPF program wants more manual control of notifications, commit/discard/output helpers accept BPF_RB_NO_WAKEUP and BPF_RB_FORCE_WAKEUP flags, which give full control over notifications of data availability, but require extra caution and diligence in using this API. Comparison to alternatives -------------------------- Before considering implementing BPF ring buffer from scratch existing alternatives in kernel were evaluated, but didn't seem to meet the needs. They largely fell into few categores: - per-CPU buffers (perf, ftrace, etc), which don't satisfy two motivations outlined above (ordering and memory consumption); - linked list-based implementations; while some were multi-producer designs, consuming these from user-space would be very complicated and most probably not performant; memory-mapping contiguous piece of memory is simpler and more performant for user-space consumers; - io_uring is SPSC, but also requires fixed-sized elements. Naively turning SPSC queue into MPSC w/ lock would have subpar performance compared to locked reserve + lockless commit, as with BPF ring buffer. Fixed sized elements would be too limiting for BPF programs, given existing BPF programs heavily rely on variable-sized perf buffer already; - specialized implementations (like a new printk ring buffer, [0]) with lots of printk-specific limitations and implications, that didn't seem to fit well for intended use with BPF programs. [0] https://lwn.net/Articles/779550/ Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200529075424.3139988-2-andriin@fb.com Signed-off-by: Alexei Starovoitov ","include/linux/bpf.h | 13 +; include/linux/bpf_types.h | 1 +; include/linux/bpf_verifier.h | 4 +; include/uapi/linux/bpf.h | 84 +++-; kernel/bpf/Makefile | 2 +-; kernel/bpf/helpers.c | 10 +; kernel/bpf/ringbuf.c | 501 +++++++++++++++++++++; kernel/bpf/syscall.c | 12 +; kernel/bpf/verifier.c | 195 ++++++--; kernel/trace/bpf_trace.c | 10 +; tools/include/uapi/linux/bpf.h | 84 +++-; tools/testing/selftests/bpf/verifier/and.c | 4 +-; .../testing/selftests/bpf/verifier/array_access.c | 4 +-; tools/testing/selftests/bpf/verifier/bounds.c | 6 +-; tools/testing/selftests/bpf/verifier/calls.c | 2 +-; .../selftests/bpf/verifier/direct_value_access.c | 4 +-; .../selftests/bpf/verifier/helper_access_var_len.c | 2 +-; .../selftests/bpf/verifier/helper_value_access.c | 6 +-; .../selftests/bpf/verifier/value_ptr_arith.c | 8 +-; 19 files changed, 882 insertions(+), 70 deletions(-)","Implemented a new BPF ring buffer with verifier support for MPSC operations in eBPF programs.","BPF,ring buffer,MPSC","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', 'XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"1ea0f9120c8ce105ca181b070561df5cbd6bc049","1ea0f9120c8ce105ca181b070561df5cbd6bc049","Anton Protopopov","a.s.protopopov@gmail.com","1590605819","Alexei Starovoitov","ast@kernel.org","1591047501","7e4c0c652d27f92872fc680e3dd06fb67548ec75","efbc3b8fe1e6259777670aadf931500545073c6c","bpf: Fix map permissions check The map_lookup_and_delete_elem() function should check for both FMODE_CAN_WRITE and FMODE_CAN_READ permissions because it returns a map element to user space. Fixes: bd513cd08f10 (""bpf: add MAP_LOOKUP_AND_DELETE_ELEM syscall"") Signed-off-by: Anton Protopopov Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200527185700.14658-5-a.s.protopopov@gmail.com Signed-off-by: Alexei Starovoitov ","kernel/bpf/syscall.c | 3 ++-; 1 file changed, 2 insertions(+), 1 deletion(-)","Fixes map permissions in map_lookup_and_delete_elem() to ensure both read and write access in eBPF.","map,permissions,fix","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"efbc3b8fe1e6259777670aadf931500545073c6c","efbc3b8fe1e6259777670aadf931500545073c6c","Anton Protopopov","a.s.protopopov@gmail.com","1590605818","Alexei Starovoitov","ast@kernel.org","1591047501","89ffc2c844edef7702c6ee26e5fa30f74218cfd3","36ef9a2d3f764a37cf3d8e619bfebf5c99c070a0","selftests/bpf: Cleanup comments in test_maps Make comments inside the test_map_rdonly and test_map_wronly tests consistent with logic. Signed-off-by: Anton Protopopov Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200527185700.14658-4-a.s.protopopov@gmail.com Signed-off-by: Alexei Starovoitov ","tools/testing/selftests/bpf/test_maps.c | 6 +++---; 1 file changed, 3 insertions(+), 3 deletions(-)","The commit cleans up comments in BPF selftests ensuring they align with test logic.","selftests, comments, cleanup","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"36ef9a2d3f764a37cf3d8e619bfebf5c99c070a0","36ef9a2d3f764a37cf3d8e619bfebf5c99c070a0","Anton Protopopov","a.s.protopopov@gmail.com","1590605817","Alexei Starovoitov","ast@kernel.org","1591047501","b4ced0e00beae26036791881c3503f2af563cac9","204fb0413a92342d31f3e2557db0bb5babed586c","selftests/bpf: Cleanup some file descriptors in test_maps The test_map_rdonly and test_map_wronly tests should close file descriptors which they open. Signed-off-by: Anton Protopopov Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200527185700.14658-3-a.s.protopopov@gmail.com Signed-off-by: Alexei Starovoitov ","tools/testing/selftests/bpf/test_maps.c | 4 ++++; 1 file changed, 4 insertions(+)","eBPF selftest cleanup to ensure file descriptors are closed in test_maps.","selftests,close,descriptors","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"204fb0413a92342d31f3e2557db0bb5babed586c","204fb0413a92342d31f3e2557db0bb5babed586c","Anton Protopopov","a.s.protopopov@gmail.com","1590605816","Alexei Starovoitov","ast@kernel.org","1591047501","b074c8206e3374c6e4bed93fe8d49698b9c76ff1","601b05ca6edb0422bf6ce313fbfd55ec7bbbc0fd","selftests/bpf: Fix a typo in test_maps Trivial fix to a typo in the test_map_wronly test: ""read"" -> ""write"" Signed-off-by: Anton Protopopov Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200527185700.14658-2-a.s.protopopov@gmail.com Signed-off-by: Alexei Starovoitov ","tools/testing/selftests/bpf/test_maps.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Fixed a typo in the selftests/bpf test_maps.c file changing ""read"" to ""write"".","typo,selftests,bpf","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"601b05ca6edb0422bf6ce313fbfd55ec7bbbc0fd","601b05ca6edb0422bf6ce313fbfd55ec7bbbc0fd","Eelco Chaudron","echaudro@redhat.com","1590568920","Alexei Starovoitov","ast@kernel.org","1591047501","9f30bade6912c01daf605dae76521b213c80f368","ee103e9f1544e04ecd1db5eb5e9eb9a8b8698879","libbpf: Fix perf_buffer__free() API for sparse allocs In case the cpu_bufs are sparsely allocated they are not all free'ed. These changes will fix this. Fixes: fb84b8224655 (""libbpf: add perf buffer API"") Signed-off-by: Eelco Chaudron Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/159056888305.330763.9684536967379110349.stgit@ebuild Signed-off-by: Alexei Starovoitov ","tools/lib/bpf/libbpf.c | 5 ++++-; 1 file changed, 4 insertions(+), 1 deletion(-)","This commit fixes an issue in libbpf's perf_buffer__free() API for sparse allocations.","libbpf,perf_buffer,fix","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"ee103e9f1544e04ecd1db5eb5e9eb9a8b8698879","ee103e9f1544e04ecd1db5eb5e9eb9a8b8698879","John Fastabend","john.fastabend@gmail.com","1590339117","Alexei Starovoitov","ast@kernel.org","1591047501","959148dc9a5a0c3a401d0ecdde95807946c40cdb","1d9c037a898b3c0344cfe5064ba6c482bf9b46b0","bpf, selftests: Test probe_* helpers from SCHED_CLS Lets test using probe* in SCHED_CLS network programs as well just to be sure these keep working. Its cheap to add the extra test and provides a second context to test outside of sk_msg after we generalized probe* helpers to all networking types. Signed-off-by: John Fastabend Signed-off-by: Daniel Borkmann Acked-by: Yonghong Song Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/159033911685.12355.15951980509828906214.stgit@john-Precision-5820-Tower Signed-off-by: Alexei Starovoitov ",".../testing/selftests/bpf/prog_tests/skb_helpers.c | 30 ++++++++++++++++++++++; .../testing/selftests/bpf/progs/test_skb_helpers.c | 28 ++++++++++++++++++++; 2 files changed, 58 insertions(+)","Added tests for probe helpers in SCHED_CLS programs to ensure functionality across network contexts.","probe_helpers,SCHED_CLS,tests","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['tc related type programs. It affects programs managing traffic control (tc) for queuing or prioritizing network traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"1d9c037a898b3c0344cfe5064ba6c482bf9b46b0","1d9c037a898b3c0344cfe5064ba6c482bf9b46b0","John Fastabend","john.fastabend@gmail.com","1590339096","Alexei Starovoitov","ast@kernel.org","1591047500","71f222c6cd12005abfa7cb7e8b20518e9040998e","13d70f5a5ecff367db2fb18ed4ebe433eab8a74c","bpf, selftests: Add sk_msg helpers load and attach test The test itself is not particularly useful but it encodes a common pattern we have. Namely do a sk storage lookup then depending on data here decide if we need to do more work or alternatively allow packet to PASS. Then if we need to do more work consult task_struct for more information about the running task. Finally based on this additional information drop or pass the data. In this case the suspicious check is not so realisitic but it encodes the general pattern and uses the helpers so we test the workflow. This is a load test to ensure verifier correctly handles this case. Signed-off-by: John Fastabend Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/159033909665.12355.6166415847337547879.stgit@john-Precision-5820-Tower Signed-off-by: Alexei Starovoitov ",".../selftests/bpf/prog_tests/sockmap_basic.c | 35 ++++++++++++++++; .../selftests/bpf/progs/test_skmsg_load_helpers.c | 47 ++++++++++++++++++++++; 2 files changed, 82 insertions(+)","Add a selftest for sk_msg helpers to verify verifier capabilities in common eBPF workflows.","selftests, sk_msg, helpers","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"13d70f5a5ecff367db2fb18ed4ebe433eab8a74c","13d70f5a5ecff367db2fb18ed4ebe433eab8a74c","John Fastabend","john.fastabend@gmail.com","1590339075","Alexei Starovoitov","ast@kernel.org","1591047500","bc3bc59b3ccbbe64caa3b1909b83d545f74e4ff1","f470378c7562a2818b45ed11c98973f2b89eedd3","bpf, sk_msg: Add get socket storage helpers Add helpers to use local socket storage. Signed-off-by: John Fastabend Signed-off-by: Daniel Borkmann Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/159033907577.12355.14740125020572756560.stgit@john-Precision-5820-Tower Signed-off-by: Alexei Starovoitov ","include/uapi/linux/bpf.h | 2 ++; net/core/filter.c | 15 +++++++++++++++; tools/include/uapi/linux/bpf.h | 2 ++; 3 files changed, 19 insertions(+)","This commit introduces helper functions for accessing socket storage in eBPF sk_msg programs.","socket,storage,helpers","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"f470378c7562a2818b45ed11c98973f2b89eedd3","f470378c7562a2818b45ed11c98973f2b89eedd3","John Fastabend","john.fastabend@gmail.com","1590339055","Alexei Starovoitov","ast@kernel.org","1591047500","644a058b0dd4945cc4fe53c4e07c299ba68d16a7","abe3cac8706bffeda3ebc06e4a9fa6e9cadacf26","bpf: Extend bpf_base_func_proto helpers with probe_* and *current_task* Often it is useful when applying policy to know something about the task. If the administrator has CAP_SYS_ADMIN rights then they can use kprobe + networking hook and link the two programs together to accomplish this. However, this is a bit clunky and also means we have to call both the network program and kprobe program when we could just use a single program and avoid passing metadata through sk_msg/skb->cb, socket, maps, etc. To accomplish this add probe_* helpers to bpf_base_func_proto programs guarded by a perfmon_capable() check. New supported helpers are the following, BPF_FUNC_get_current_task BPF_FUNC_probe_read_user BPF_FUNC_probe_read_kernel BPF_FUNC_probe_read_user_str BPF_FUNC_probe_read_kernel_str Signed-off-by: John Fastabend Signed-off-by: Daniel Borkmann Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/159033905529.12355.4368381069655254932.stgit@john-Precision-5820-Tower Signed-off-by: Alexei Starovoitov ","kernel/bpf/helpers.c | 24 ++++++++++++++++++++++++; kernel/trace/bpf_trace.c | 10 +++++-----; 2 files changed, 29 insertions(+), 5 deletions(-)","This commit extends bpf_base_func_proto helpers with new functionalities for accessing current task information and probe capabilities with CAP_SYS_ADMIN rights.","probe,helpers,current_task","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.']" +"abe3cac8706bffeda3ebc06e4a9fa6e9cadacf26","abe3cac8706bffeda3ebc06e4a9fa6e9cadacf26","John Fastabend","john.fastabend@gmail.com","1590339033","Alexei Starovoitov","ast@kernel.org","1591047500","bc46d5b791ee91b93716a916cbafb802a9858cf0","55983299b7ea94d714c19cdfd8d969ba86e0d7e9","bpf, sk_msg: Add some generic helpers that may be useful from sk_msg Add these generic helpers that may be useful to use from sk_msg programs. The helpers do not depend on ctx so we can simply add them here, BPF_FUNC_perf_event_output BPF_FUNC_get_current_uid_gid BPF_FUNC_get_current_pid_tgid BPF_FUNC_get_current_cgroup_id BPF_FUNC_get_current_ancestor_cgroup_id BPF_FUNC_get_cgroup_classid Signed-off-by: John Fastabend Signed-off-by: Daniel Borkmann Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/159033903373.12355.15489763099696629346.stgit@john-Precision-5820-Tower Signed-off-by: Alexei Starovoitov ","net/core/filter.c | 16 ++++++++++++++++; 1 file changed, 16 insertions(+)","This commit introduces generic BPF helpers for sk_msg programs to access various data without context dependency.","generic,helpers,sk_msg","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"55983299b7ea94d714c19cdfd8d969ba86e0d7e9","55983299b7ea94d714c19cdfd8d969ba86e0d7e9","Yauheni Kaliuta","yauheni.kaliuta@redhat.com","1590387526","Alexei Starovoitov","ast@kernel.org","1591047500","7fe16a98c535f3cb14c784a444ef57cb61d69213","0142dddcbe965450338076c486d0d757b3184352","libbpf: Use .so dynamic symbols for abi check Since dynamic symbols are used for dynamic linking it makes sense to use them (readelf --dyn-syms) for abi check. Found with some configuration on powerpc where linker puts local *.plt_call.* symbols into .so. Signed-off-by: Yauheni Kaliuta Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200525061846.16524-1-yauheni.kaliuta@redhat.com Signed-off-by: Alexei Starovoitov ","tools/lib/bpf/Makefile | 4 ++--; 1 file changed, 2 insertions(+), 2 deletions(-)","This commit updates the libbpf Makefile to use dynamic symbols for ABI checks.","libbpf, dynamic, symbols","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"0142dddcbe965450338076c486d0d757b3184352","0142dddcbe965450338076c486d0d757b3184352","Chris Packham","chris.packham@alliedtelesis.co.nz","1590447624","Alexei Starovoitov","ast@kernel.org","1591047500","39acec44895569087c9353a63b0eaee573cfadea","93581359e7aeb11358018f2e3a737776d1e899ae","bpf: Fix spelling in comment explaining ARG1 in ___bpf_prog_run Change 'handeled' to 'handled'. Signed-off-by: Chris Packham Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200525230025.14470-1-chris.packham@alliedtelesis.co.nz Signed-off-by: Alexei Starovoitov ","kernel/bpf/core.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","This commit corrects a typo in a comment within the kernel BPF core code.","typo, comment, fix","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","I'm not sure about the logic component of the commit. The affected logic component is unclear.","[""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"93581359e7aeb11358018f2e3a737776d1e899ae","93581359e7aeb11358018f2e3a737776d1e899ae","Nikolay Borisov","nborisov@suse.com","1590515172","Alexei Starovoitov","ast@kernel.org","1591047500","46e161c4f60ac912ad4b0880b9f610d587a80cd2","272d51af32890632134845ddf35318c11da20c7b","libbpf: Install headers as part of make install Current 'make install' results in only pkg-config and library binaries being installed. For consistency also install headers as part of ""make install"" Signed-off-by: Nikolay Borisov Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200526174612.5447-1-nborisov@suse.com Signed-off-by: Alexei Starovoitov ","tools/lib/bpf/Makefile | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","The commit updates the Makefile to install library headers with 'make install' for consistency.","libbpf, makefile, install","A build system or CI/CD change. It affects the build process continuous integration or deployment pipelines.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"272d51af32890632134845ddf35318c11da20c7b","272d51af32890632134845ddf35318c11da20c7b","Eelco Chaudron","echaudro@redhat.com","1590484902","Alexei Starovoitov","ast@kernel.org","1591047499","2a0a27eb06b4c0b624d4bf7aa45deb9ffdf57798","2b983b407a3a1f47f7d8595245066854ff352c65","libbpf: Add API to consume the perf ring buffer content This new API, perf_buffer__consume, can be used as follows: - When you have a perf ring where wakeup_events is higher than 1, and you have remaining data in the rings you would like to pull out on exit (or maybe based on a timeout). - For low latency cases where you burn a CPU that constantly polls the queues. Signed-off-by: Eelco Chaudron Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/159048487929.89441.7465713173442594608.stgit@ebuild Signed-off-by: Alexei Starovoitov ","tools/lib/bpf/libbpf.c | 19 +++++++++++++++++++; tools/lib/bpf/libbpf.h | 1 +; tools/lib/bpf/libbpf.map | 1 +; 3 files changed, 21 insertions(+)","Adds a new API to libbpf for consuming perf ring buffer content efficiently.","libbpf,perf buffer,API","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', 'kprobe/ftrace like type kernel dynamic probe programs. It affects kernel-level probes used for tracing kernel functions. It can be other kernel probes in perf-events.', 'uprobe/usdt like type user-space dynamic probe programs. It impacts user-space probes for tracing user-space applications. It can be other user-space probes in perf-events.']" +"2b983b407a3a1f47f7d8595245066854ff352c65","2b983b407a3a1f47f7d8595245066854ff352c65","Lukas Bulwahn","lukas.bulwahn@gmail.com","1590416153","Alexei Starovoitov","ast@kernel.org","1591047499","7f5b9f92de0e08446cc5740fd2ff7775514b180f","fe537393b5795ecbe5746eec0e16124bc998a594","MAINTAINERS: Adjust entry in XDP SOCKETS to actual file name Commit 2b43470add8c (""xsk: Introduce AF_XDP buffer allocation API"") added a new header file include/net/xsk_buff_pool.h, but commit 28bee21dc04b (""MAINTAINERS, xsk: Update AF_XDP section after moves/adds"") added a file entry referring to include/net/xsk_buffer_pool.h. Hence, ./scripts/get_maintainer.pl --self-test=patterns complains: warning: no file matches F: include/net/xsk_buffer_pool.h Adjust the entry in XDP SOCKETS to the actual file name. Signed-off-by: Lukas Bulwahn Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200525141553.7035-1-lukas.bulwahn@gmail.com Signed-off-by: Alexei Starovoitov ","MAINTAINERS | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Adjust MAINTAINERS entry for XDP SOCKETS to correct the file name.","MAINTAINERS,XDP,entry","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","I'm not sure about the implementation component of the commit. The component affected by It is unclear.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"fe537393b5795ecbe5746eec0e16124bc998a594","fe537393b5795ecbe5746eec0e16124bc998a594","Jakub Sitnicki","jakub@cloudflare.com","1590409768","Alexei Starovoitov","ast@kernel.org","1591047499","ec320e5e1cf106fb6ac8897740bc0988817bf11d","dc3ca5cf3e0be9fb73f4691247367d76a22bf30b","bpf: Fix returned error sign when link doesn't support updates System calls encode returned errors as negative values. Fix a typo that breaks this convention for bpf(LINK_UPDATE) when bpf_link doesn't support update operation. Fixes: f9d041271cf4 (""bpf: Refactor bpf_link update handling"") Signed-off-by: Jakub Sitnicki Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200525122928.1164495-1-jakub@cloudflare.com Signed-off-by: Alexei Starovoitov ","kernel/bpf/syscall.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Corrects error return sign for unsupported bpf(LINK_UPDATE) syscall operation.","error, LINK_UPDATE, syscall","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"dc3ca5cf3e0be9fb73f4691247367d76a22bf30b","dc3ca5cf3e0be9fb73f4691247367d76a22bf30b","Tobias Klauser","tklauser@distanz.ch","1590414861","Alexei Starovoitov","ast@kernel.org","1591047499","d7393cd6ba68b08787e37d9414c32a9ce10fbdf4","73a4f0407e67cdfdf55dd94f573ed4ee2d0d62fe","tools, bpftool: Print correct error message when failing to load BTF btf__parse_raw and btf__parse_elf return negative error numbers wrapped in an ERR_PTR, so the extracted value needs to be negated before passing them to strerror which expects a positive error number. Before: Error: failed to load BTF from .../vmlinux: Unknown error -2 After: Error: failed to load BTF from .../vmlinux: No such file or directory Signed-off-by: Tobias Klauser Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200525135421.4154-1-tklauser@distanz.ch Signed-off-by: Alexei Starovoitov ","tools/bpf/bpftool/btf.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Fixes error message handling in bpftool for correct display when BTF loading fails.","bpftool,error,message","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"73a4f0407e67cdfdf55dd94f573ed4ee2d0d62fe","73a4f0407e67cdfdf55dd94f573ed4ee2d0d62fe","Quentin Monnet","quentin@isovalent.com","1590195767","Alexei Starovoitov","ast@kernel.org","1591047499","de9dacc696448b9aede25eb32955e6edddf0d472","90040351a832acf862c8f1855c29411303d23755","tools, bpftool: Make capability check account for new BPF caps Following the introduction of CAP_BPF, and the switch from CAP_SYS_ADMIN to other capabilities for various BPF features, update the capability checks (and potentially, drops) in bpftool for feature probes. Because bpftool and/or the system might not know of CAP_BPF yet, some caution is necessary: - If compiled and run on a system with CAP_BPF, check CAP_BPF, CAP_SYS_ADMIN, CAP_PERFMON, CAP_NET_ADMIN. - Guard against CAP_BPF being undefined, to allow compiling bpftool from latest sources on older systems. If the system where feature probes are run does not know of CAP_BPF, stop checking after CAP_SYS_ADMIN, as this should be the only capability required for all the BPF probing. - If compiled from latest sources on a system without CAP_BPF, but later executed on a newer system with CAP_BPF knowledge, then we only test CAP_SYS_ADMIN. Some probes may fail if the bpftool process has CAP_SYS_ADMIN but misses the other capabilities. The alternative would be to redefine the value for CAP_BPF in bpftool, but this does not look clean, and the case sounds relatively rare anyway. Note that libcap offers a cap_to_name() function to retrieve the name of a given capability (e.g. ""cap_sys_admin""). We do not use it because deriving the names from the macros looks simpler than using cap_to_name() (doing a strdup() on the string) + cap_free() + handling the case of failed allocations, when we just want to use the name of the capability in an error message. The checks when compiling without libcap (i.e. root versus non-root) are unchanged. v2: - Do not allocate cap_list dynamically. - Drop BPF-related capabilities when running with ""unprivileged"", even if we didn't have the full set in the first place (in v1, we would skip dropping them in that case). - Keep track of what capabilities we have, print the names of the missing ones for privileged probing. - Attempt to drop only the capabilities we actually have. - Rename a couple variables. Signed-off-by: Quentin Monnet Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200523010247.20654-1-quentin@isovalent.com Signed-off-by: Alexei Starovoitov ","tools/bpf/bpftool/feature.c | 85 +++++++++++++++++++++++++++++++++++----------; 1 file changed, 66 insertions(+), 19 deletions(-)","Updates bpftool capability checks for new and existing BPF capabilities, ensuring compatibility across different system versions.","bpftool, capabilities, compatibility","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"90040351a832acf862c8f1855c29411303d23755","90040351a832acf862c8f1855c29411303d23755","Quentin Monnet","quentin@isovalent.com","1590196071","Alexei Starovoitov","ast@kernel.org","1591047498","567809c56719ac0e38227d83459c76212de63d00","eae9d3c0167df840e821317040efcf0ca6789cb9","tools, bpftool: Clean subcommand help messages This is a clean-up for the formatting of the do_help functions for bpftool's subcommands. The following fixes are included: - Do not use argv[-2] for ""iter"" help message, as the help is shown by default if no ""iter"" action is selected, resulting in messages looking like ""./bpftool bpftool pin..."". - Do not print unused HELP_SPEC_PROGRAM in help message for ""bpftool link"". - Andrii used argument indexing to avoid having multiple occurrences of bin_name and argv[-2] in the fprintf() for the help message, for ""bpftool gen"" and ""bpftool link"". Let's reuse this for all other help functions. We can remove up to thirty arguments for the ""bpftool map"" help message. - Harmonise all functions, e.g. use ending quotes-comma on a separate line. Signed-off-by: Quentin Monnet Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200523010751.23465-1-quentin@isovalent.com Signed-off-by: Alexei Starovoitov ","tools/bpf/bpftool/btf.c | 8 ++++----; tools/bpf/bpftool/cgroup.c | 14 ++++++--------; tools/bpf/bpftool/feature.c | 6 +++---; tools/bpf/bpftool/gen.c | 6 +++---; tools/bpf/bpftool/iter.c | 8 ++++----; tools/bpf/bpftool/link.c | 1 -; tools/bpf/bpftool/map.c | 41 ++++++++++++++++++-----------------------; tools/bpf/bpftool/net.c | 12 ++++++------; tools/bpf/bpftool/perf.c | 2 +-; tools/bpf/bpftool/prog.c | 27 ++++++++++++---------------; tools/bpf/bpftool/struct_ops.c | 15 +++++++--------; 11 files changed, 64 insertions(+), 76 deletions(-)","This commit improves consistency and readability in bpftool's subcommand help messages.","bpftool,cleanup,help","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"19835b1ba6b1f2d3fb5aefffa01ebd626513ff4a","19835b1ba6b1f2d3fb5aefffa01ebd626513ff4a","Linus Torvalds","torvalds@linux-foundation.org","1590945413","Linus Torvalds","torvalds@linux-foundation.org","1590945413","f74f7a730c442acf55f06563ee15c6f0657d87a2","ffeb595d84811dde16a28b33d8a7cf26d51d51b3 d9a81a225277686eb629938986d97629ea102633","Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net Pull networking fixes from David Miller: ""Another week, another set of bug fixes: 1) Fix pskb_pull length in __xfrm_transport_prep(), from Xin Long. 2) Fix double xfrm_state put in esp{4,6}_gro_receive(), also from Xin Long. 3) Re-arm discovery timer properly in mac80211 mesh code, from Linus Lüssing. 4) Prevent buffer overflows in nf_conntrack_pptp debug code, from Pablo Neira Ayuso. 5) Fix race in ktls code between tls_sw_recvmsg() and tls_decrypt_done(), from Vinay Kumar Yadav. 6) Fix crashes on TCP fallback in MPTCP code, from Paolo Abeni. 7) More validation is necessary of untrusted GSO packets coming from virtualization devices, from Willem de Bruijn. 8) Fix endianness of bnxt_en firmware message length accesses, from Edwin Peer. 9) Fix infinite loop in sch_fq_pie, from Davide Caratti. 10) Fix lockdep splat in DSA by setting lockless TX in netdev features for slave ports, from Vladimir Oltean. 11) Fix suspend/resume crashes in mlx5, from Mark Bloch. 12) Fix use after free in bpf fmod_ret, from Alexei Starovoitov. 13) ARP retransmit timer guard uses wrong offset, from Hongbin Liu. 14) Fix leak in inetdev_init(), from Yang Yingliang. 15) Don't try to use inet hash and unhash in l2tp code, results in crashes. From Eric Dumazet"" * git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (77 commits) l2tp: add sk_family checks to l2tp_validate_socket l2tp: do not use inet_hash()/inet_unhash() net: qrtr: Allocate workqueue before kernel_bind mptcp: remove msk from the token container at destruction time. mptcp: fix race between MP_JOIN and close mptcp: fix unblocking connect() net/sched: act_ct: add nat mangle action only for NAT-conntrack devinet: fix memleak in inetdev_init() virtio_vsock: Fix race condition in virtio_transport_recv_pkt drivers/net/ibmvnic: Update VNIC protocol version reporting NFC: st21nfca: add missed kfree_skb() in an error path neigh: fix ARP retransmit timer guard bpf, selftests: Add a verifier test for assigning 32bit reg states to 64bit ones bpf, selftests: Verifier bounds tests need to be updated bpf: Fix a verifier issue when assigning 32bit reg states to 64bit ones bpf: Fix use-after-free in fmod_ret check net/mlx5e: replace EINVAL in mlx5e_flower_parse_meta() net/mlx5e: Fix MLX5_TC_CT dependencies net/mlx5e: Properly set default values when disabling adaptive moderation net/mlx5e: Fix arch depending casting issue in FEC ...","","The commit merges numerous networking bug fixes from the netdev branch, improving various components in the Linux kernel.","networking,bug,fixes","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"02c71b144c811bcdd865e0a1226d0407d11357e8","02c71b144c811bcdd865e0a1226d0407d11357e8","Eric Dumazet","edumazet@google.com","1590776453","David S. Miller","davem@davemloft.net","1590900916","de0f44fe966cde44da0e81394e3223b014288a22","c6e08d6251f342090a9b9abccbf26b19bcb54d17","l2tp: do not use inet_hash()/inet_unhash() syzbot recently found a way to crash the kernel [1] Issue here is that inet_hash() & inet_unhash() are currently only meant to be used by TCP & DCCP, since only these protocols provide the needed hashinfo pointer. L2TP uses a single list (instead of a hash table) This old bug became an issue after commit 610236587600 (""bpf: Add new cgroup attach type to enable sock modifications"") since after this commit, sk_common_release() can be called while the L2TP socket is still considered 'hashed'. general protection fault, probably for non-canonical address 0xdffffc0000000001: 0000 [#1] PREEMPT SMP KASAN KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f] CPU: 0 PID: 7063 Comm: syz-executor654 Not tainted 5.7.0-rc6-syzkaller #0 Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011 RIP: 0010:inet_unhash+0x11f/0x770 net/ipv4/inet_hashtables.c:600 Code: 03 0f b6 04 02 84 c0 74 08 3c 03 0f 8e dd 04 00 00 48 8d 7d 08 44 8b 73 08 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 55 05 00 00 48 8d 7d 14 4c 8b 6d 08 48 b8 00 00 RSP: 0018:ffffc90001777d30 EFLAGS: 00010202 RAX: dffffc0000000000 RBX: ffff88809a6df940 RCX: ffffffff8697c242 RDX: 0000000000000001 RSI: ffffffff8697c251 RDI: 0000000000000008 RBP: 0000000000000000 R08: ffff88809f3ae1c0 R09: fffffbfff1514cc1 R10: ffffffff8a8a6607 R11: fffffbfff1514cc0 R12: ffff88809a6df9b0 R13: 0000000000000007 R14: 0000000000000000 R15: ffffffff873a4d00 FS: 0000000001d2b880(0000) GS:ffff8880ae600000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000006cd090 CR3: 000000009403a000 CR4: 00000000001406f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: sk_common_release+0xba/0x370 net/core/sock.c:3210 inet_create net/ipv4/af_inet.c:390 [inline] inet_create+0x966/0xe00 net/ipv4/af_inet.c:248 __sock_create+0x3cb/0x730 net/socket.c:1428 sock_create net/socket.c:1479 [inline] __sys_socket+0xef/0x200 net/socket.c:1521 __do_sys_socket net/socket.c:1530 [inline] __se_sys_socket net/socket.c:1528 [inline] __x64_sys_socket+0x6f/0xb0 net/socket.c:1528 do_syscall_64+0xf6/0x7d0 arch/x86/entry/common.c:295 entry_SYSCALL_64_after_hwframe+0x49/0xb3 RIP: 0033:0x441e29 Code: e8 fc b3 02 00 48 83 c4 18 c3 0f 1f 80 00 00 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 eb 08 fc ff c3 66 2e 0f 1f 84 00 00 00 00 RSP: 002b:00007ffdce184148 EFLAGS: 00000246 ORIG_RAX: 0000000000000029 RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000000441e29 RDX: 0000000000000073 RSI: 0000000000000002 RDI: 0000000000000002 RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 R13: 0000000000402c30 R14: 0000000000000000 R15: 0000000000000000 Modules linked in: ---[ end trace 23b6578228ce553e ]--- RIP: 0010:inet_unhash+0x11f/0x770 net/ipv4/inet_hashtables.c:600 Code: 03 0f b6 04 02 84 c0 74 08 3c 03 0f 8e dd 04 00 00 48 8d 7d 08 44 8b 73 08 48 b8 00 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 <80> 3c 02 00 0f 85 55 05 00 00 48 8d 7d 14 4c 8b 6d 08 48 b8 00 00 RSP: 0018:ffffc90001777d30 EFLAGS: 00010202 RAX: dffffc0000000000 RBX: ffff88809a6df940 RCX: ffffffff8697c242 RDX: 0000000000000001 RSI: ffffffff8697c251 RDI: 0000000000000008 RBP: 0000000000000000 R08: ffff88809f3ae1c0 R09: fffffbfff1514cc1 R10: ffffffff8a8a6607 R11: fffffbfff1514cc0 R12: ffff88809a6df9b0 R13: 0000000000000007 R14: 0000000000000000 R15: ffffffff873a4d00 FS: 0000000001d2b880(0000) GS:ffff8880ae600000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00000000006cd090 CR3: 000000009403a000 CR4: 00000000001406f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Fixes: 0d76751fad77 (""l2tp: Add L2TPv3 IP encapsulation (no UDP) support"") Signed-off-by: Eric Dumazet Cc: James Chapman Cc: Andrii Nakryiko Reported-by: syzbot+3610d489778b57cc8031@syzkaller.appspotmail.com","net/l2tp/l2tp_ip.c | 29 ++++++++++++++++++++++-------; net/l2tp/l2tp_ip6.c | 30 ++++++++++++++++++++++--------; 2 files changed, 44 insertions(+), 15 deletions(-)","Fixes a kernel crash by removing improper use of inet_hash and inet_unhash functions in L2TP sockets.","inet_hash, L2TP, syzbot","A bug fix. It primarily resolves a bug or issue in the code.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"56e2287b4110fbb81456a346b1d4c12bee7cf044","56e2287b4110fbb81456a346b1d4c12bee7cf044","Jesper Dangaard Brouer","brouer@redhat.com","1590587049","Saeed Mahameed","saeedm@mellanox.com","1590812419","1eb01f47a99a6fe30d7fabe4b3f903b05a212326","971ae1ed0346658a70f5b411d59f528b94553009","mlx5: fix xdp data_meta setup in mlx5e_fill_xdp_buff The helper function xdp_set_data_meta_invalid() must be called after setting xdp->data as it depends on it. The bug was introduced in the cited patch below, and cause the kernel to crash when using BPF helper bpf_xdp_adjust_head() on mlx5 driver. Fixes: 39d6443c8daf (""mlx5, xsk: Migrate to new MEM_TYPE_XSK_BUFF_POOL"") Reported-by: David Ahern Signed-off-by: Jesper Dangaard Brouer Tested-by: David Ahern Signed-off-by: Saeed Mahameed ","drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","This commit fixes a kernel crash issue related to the xdp data_meta setup in the mlx5 driver.","mlx5,xdp,bug","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"f9e0ce3ddc48d51d5d16a4722b6406e5094375f6","f9e0ce3ddc48d51d5d16a4722b6406e5094375f6","David S. Miller","davem@davemloft.net","1590793148","David S. Miller","davem@davemloft.net","1590793148","b72615c912e8c13af83f6badca7f781c9018e469","942110fdf2f1a298e66cdb3b776c854b157cd820 cf66c29bd7534813d2e1971fab71e25fe87c7e0a","Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf Alexei Starovoitov says: ==================== pull-request: bpf 2020-05-29 The following pull-request contains BPF updates for your *net* tree. We've added 6 non-merge commits during the last 7 day(s) which contain a total of 4 files changed, 55 insertions(+), 34 deletions(-). The main changes are: 1) minor verifier fix for fmod_ret progs, from Alexei. 2) af_xdp overflow check, from Bjorn. 3) minor verifier fix for 32bit assignment, from John. 4) powerpc has non-overlapping addr space, from Petr. ==================== Signed-off-by: David S. Miller ","","This commit merges BPF updates including verifier fixes and protocol enhancements into the net tree.","BPF,merge,net","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"cf66c29bd7534813d2e1971fab71e25fe87c7e0a","cf66c29bd7534813d2e1971fab71e25fe87c7e0a","John Fastabend","john.fastabend@gmail.com","1590773358","Alexei Starovoitov","ast@kernel.org","1590784446","eb3bc7075c713962947025b9927e9e71eaeb5a26","e3effcdfe02eb20f23d4f1833c75658ddc49e65a","bpf, selftests: Add a verifier test for assigning 32bit reg states to 64bit ones Added a verifier test for assigning 32bit reg states to 64bit where 32bit reg holds a constant value of 0. Without previous kernel verifier.c fix, the test in this patch will fail. Signed-off-by: Yonghong Song Signed-off-by: John Fastabend Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/159077335867.6014.2075350327073125374.stgit@john-Precision-5820-Tower","tools/testing/selftests/bpf/verifier/bounds.c | 22 ++++++++++++++++++++++; 1 file changed, 22 insertions(+)","The commit introduces a verifier test in bpf selftests for 32bit to 64bit register assignments.","verifier,selftests,registers","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"e3effcdfe02eb20f23d4f1833c75658ddc49e65a","e3effcdfe02eb20f23d4f1833c75658ddc49e65a","John Fastabend","john.fastabend@gmail.com","1590773339","Alexei Starovoitov","ast@kernel.org","1590784446","14f8a4ceea46af539056ea47e926eb5e5b044ad5","3a71dc366d4aa51a22f385445f2862231d3fda3b","bpf, selftests: Verifier bounds tests need to be updated After previous fix for zero extension test_verifier tests #65 and #66 now fail. Before the fix we can see the alu32 mov op at insn 10 10: R0_w=map_value(id=0,off=0,ks=8,vs=8,imm=0) R1_w=invP(id=0, smin_value=4294967168,smax_value=4294967423, umin_value=4294967168,umax_value=4294967423, var_off=(0x0; 0x1ffffffff), s32_min_value=-2147483648,s32_max_value=2147483647, u32_min_value=0,u32_max_value=-1) R10=fp0 fp-8_w=mmmmmmmm 10: (bc) w1 = w1 11: R0_w=map_value(id=0,off=0,ks=8,vs=8,imm=0) R1_w=invP(id=0, smin_value=0,smax_value=2147483647, umin_value=0,umax_value=4294967295, var_off=(0x0; 0xffffffff), s32_min_value=-2147483648,s32_max_value=2147483647, u32_min_value=0,u32_max_value=-1) R10=fp0 fp-8_w=mmmmmmmm After the fix at insn 10 because we have 's32_min_value < 0' the following step 11 now has 'smax_value=U32_MAX' where before we pulled the s32_max_value bound into the smax_value as seen above in 11 with smax_value=2147483647. 10: R0_w=map_value(id=0,off=0,ks=8,vs=8,imm=0) R1_w=inv(id=0, smin_value=4294967168,smax_value=4294967423, umin_value=4294967168,umax_value=4294967423, var_off=(0x0; 0x1ffffffff), s32_min_value=-2147483648, s32_max_value=2147483647, u32_min_value=0,u32_max_value=-1) R10=fp0 fp-8_w=mmmmmmmm 10: (bc) w1 = w1 11: R0_w=map_value(id=0,off=0,ks=8,vs=8,imm=0) R1_w=inv(id=0, smin_value=0,smax_value=4294967295, umin_value=0,umax_value=4294967295, var_off=(0x0; 0xffffffff), s32_min_value=-2147483648, s32_max_value=2147483647, u32_min_value=0, u32_max_value=-1) R10=fp0 fp-8_w=mmmmmmmm The fall out of this is by the time we get to the failing instruction at step 14 where previously we had the following: 14: R0_w=map_value(id=0,off=0,ks=8,vs=8,imm=0) R1_w=inv(id=0, smin_value=72057594021150720,smax_value=72057594029539328, umin_value=72057594021150720,umax_value=72057594029539328, var_off=(0xffffffff000000; 0xffffff), s32_min_value=-16777216,s32_max_value=-1, u32_min_value=-16777216,u32_max_value=-1) R10=fp0 fp-8_w=mmmmmmmm 14: (0f) r0 += r1 We now have, 14: R0_w=map_value(id=0,off=0,ks=8,vs=8,imm=0) R1_w=inv(id=0, smin_value=0,smax_value=72057594037927935, umin_value=0,umax_value=72057594037927935, var_off=(0x0; 0xffffffffffffff), s32_min_value=-2147483648,s32_max_value=2147483647, u32_min_value=0,u32_max_value=-1) R10=fp0 fp-8_w=mmmmmmmm 14: (0f) r0 += r1 In the original step 14 'smin_value=72057594021150720' this trips the logic in the verifier function check_reg_sane_offset(), if (smin >= BPF_MAX_VAR_OFF || smin <= -BPF_MAX_VAR_OFF) { verbose(env, ""value %lld makes %s pointer be out of bounds\n"", smin, reg_type_str[type]); return false; } Specifically, the 'smin <= -BPF_MAX_VAR_OFF' check. But with the fix at step 14 we have bounds 'smin_value=0' so the above check is not tripped because BPF_MAX_VAR_OFF=1<<29. We have a smin_value=0 here because at step 10 the smaller smin_value=0 means the subtractions at steps 11 and 12 bring the smin_value negative. 11: (17) r1 -= 2147483584 12: (17) r1 -= 2147483584 13: (77) r1 >>= 8 Then the shift clears the top bit and smin_value is set to 0. Note we still have the smax_value in the fixed code so any reads will fail. An alternative would be to have reg_sane_check() do both smin and smax value tests. To fix the test we can omit the 'r1 >>=8' at line 13. This will change the err string, but keeps the intention of the test as suggseted by the title, ""check after truncation of boundary-crossing range"". If the verifier logic changes a different value is likely to be thrown in the error or the error will no longer be thrown forcing this test to be examined. With this change we see the new state at step 13. 13: R0_w=map_value(id=0,off=0,ks=8,vs=8,imm=0) R1_w=invP(id=0, smin_value=-4294967168,smax_value=127, umin_value=0,umax_value=18446744073709551615, s32_min_value=-2147483648,s32_max_value=2147483647, u32_min_value=0,u32_max_value=-1) R10=fp0 fp-8_w=mmmmmmmm Giving the expected out of bounds error, ""value -4294967168 makes map_value pointer be out of bounds"" However, for unpriv case we see a different error now because of the mixed signed bounds pointer arithmatic. This seems OK so I've only added the unpriv_errstr for this. Another optino may have been to do addition on r1 instead of subtraction but I favor the approach above slightly. Signed-off-by: John Fastabend Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/159077333942.6014.14004320043595756079.stgit@john-Precision-5820-Tower","tools/testing/selftests/bpf/verifier/bounds.c | 24 ++++++++++--------------; 1 file changed, 10 insertions(+), 14 deletions(-)","Update BPF verifier selftests to address errors caused by changes to zero extension handling.","BPF,verifier,selftests","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"3a71dc366d4aa51a22f385445f2862231d3fda3b","3a71dc366d4aa51a22f385445f2862231d3fda3b","John Fastabend","john.fastabend@gmail.com","1590773320","Alexei Starovoitov","ast@kernel.org","1590784446","f8c671d98346fec4a52967a908b001d154d2b0d5","18644cec714aabbab173729192c7594ee57a406b","bpf: Fix a verifier issue when assigning 32bit reg states to 64bit ones With the latest trunk llvm (llvm 11), I hit a verifier issue for test_prog subtest test_verif_scale1. The following simplified example illustrate the issue: w9 = 0 /* R9_w=inv0 */ r8 = *(u32 *)(r1 + 80) /* __sk_buff->data_end */ r7 = *(u32 *)(r1 + 76) /* __sk_buff->data */ ...... w2 = w9 /* R2_w=inv0 */ r6 = r7 /* R6_w=pkt(id=0,off=0,r=0,imm=0) */ r6 += r2 /* R6_w=inv(id=0) */ r3 = r6 /* R3_w=inv(id=0) */ r3 += 14 /* R3_w=inv(id=0) */ if r3 > r8 goto end r5 = *(u32 *)(r6 + 0) /* R6_w=inv(id=0) */ <== error here: R6 invalid mem access 'inv' ... end: In real test_verif_scale1 code, ""w9 = 0"" and ""w2 = w9"" are in different basic blocks. In the above, after ""r6 += r2"", r6 becomes a scalar, which eventually caused the memory access error. The correct register state should be a pkt pointer. The inprecise register state starts at ""w2 = w9"". The 32bit register w9 is 0, in __reg_assign_32_into_64(), the 64bit reg->smax_value is assigned to be U32_MAX. The 64bit reg->smin_value is 0 and the 64bit register itself remains constant based on reg->var_off. In adjust_ptr_min_max_vals(), the verifier checks for a known constant, smin_val must be equal to smax_val. Since they are not equal, the verifier decides r6 is a unknown scalar, which caused later failure. The llvm10 does not have this issue as it generates different code: w9 = 0 /* R9_w=inv0 */ r8 = *(u32 *)(r1 + 80) /* __sk_buff->data_end */ r7 = *(u32 *)(r1 + 76) /* __sk_buff->data */ ...... r6 = r7 /* R6_w=pkt(id=0,off=0,r=0,imm=0) */ r6 += r9 /* R6_w=pkt(id=0,off=0,r=0,imm=0) */ r3 = r6 /* R3_w=pkt(id=0,off=0,r=0,imm=0) */ r3 += 14 /* R3_w=pkt(id=0,off=14,r=0,imm=0) */ if r3 > r8 goto end ... To fix the above issue, we can include zero in the test condition for assigning the s32_max_value and s32_min_value to their 64-bit equivalents smax_value and smin_value. Further, fix the condition to avoid doing zero extension bounds checks when s32_min_value <= 0. This could allow for the case where bounds 32-bit bounds (-1,1) get incorrectly translated to (0,1) 64-bit bounds. When in-fact the -1 min value needs to force U32_MAX bound. Fixes: 3f50f132d840 (""bpf: Verifier, do explicit ALU32 bounds tracking"") Signed-off-by: John Fastabend Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/159077331983.6014.5758956193749002737.stgit@john-Precision-5820-Tower","kernel/bpf/verifier.c | 10 +++++-----; 1 file changed, 5 insertions(+), 5 deletions(-)","Fixes a register state assignment issue in eBPF verifier with 32-bit to 64-bit transition.","verifier, register, fix","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"18644cec714aabbab173729192c7594ee57a406b","18644cec714aabbab173729192c7594ee57a406b","Alexei Starovoitov","ast@kernel.org","1590727116","Daniel Borkmann","daniel@iogearbox.net","1590783958","044c143312f84f90aeecc7e4bd2a9dc4b5df63dd","d195b1d1d1196681ac4775e0361e9cca70f740c2","bpf: Fix use-after-free in fmod_ret check Fix the following issue: [ 436.749342] BUG: KASAN: use-after-free in bpf_trampoline_put+0x39/0x2a0 [ 436.749995] Write of size 4 at addr ffff8881ef38b8a0 by task kworker/3:5/2243 [ 436.750712] [ 436.752677] Workqueue: events bpf_prog_free_deferred [ 436.753183] Call Trace: [ 436.756483] bpf_trampoline_put+0x39/0x2a0 [ 436.756904] bpf_prog_free_deferred+0x16d/0x3d0 [ 436.757377] process_one_work+0x94a/0x15b0 [ 436.761969] [ 436.762130] Allocated by task 2529: [ 436.763323] bpf_trampoline_lookup+0x136/0x540 [ 436.763776] bpf_check+0x2872/0xa0a8 [ 436.764144] bpf_prog_load+0xb6f/0x1350 [ 436.764539] __do_sys_bpf+0x16d7/0x3720 [ 436.765825] [ 436.765988] Freed by task 2529: [ 436.767084] kfree+0xc6/0x280 [ 436.767397] bpf_trampoline_put+0x1fd/0x2a0 [ 436.767826] bpf_check+0x6832/0xa0a8 [ 436.768197] bpf_prog_load+0xb6f/0x1350 [ 436.768594] __do_sys_bpf+0x16d7/0x3720 prog->aux->trampoline = tr should be set only when prog is valid. Otherwise prog freeing will try to put trampoline via prog->aux->trampoline, but it may not point to a valid trampoline. Fixes: 6ba43b761c41 (""bpf: Attachment verification for BPF_MODIFY_RETURN"") Signed-off-by: Alexei Starovoitov Signed-off-by: Daniel Borkmann Acked-by: KP Singh Link: https://lore.kernel.org/bpf/20200529043839.15824-2-alexei.starovoitov@gmail.com","kernel/bpf/verifier.c | 24 +++++++++++-------------; 1 file changed, 11 insertions(+), 13 deletions(-)","The commit fixes a use-after-free bug in the bpf_trampoline_put function of the eBPF infrastructure.","use-after-free,bpf_trampoline,fix","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"70943490784222b3fd26f5604cba71abb4d7ee6d","70943490784222b3fd26f5604cba71abb4d7ee6d","Stephane Eranian","eranian@google.com","1588703383","Arnaldo Carvalho de Melo","acme@redhat.com","1590781898","4395c76c8e9eaf574bdc0d65f97bebf422b96771","82352ae28fc9118ff539fc4c9cd8d94428b258bf","perf tools: Add optional support for libpfm4 This patch links perf with the libpfm4 library if it is available and LIBPFM4 is passed to the build. The libpfm4 library contains hardware event tables for all processors supported by perf_events. It is a helper library that helps convert from a symbolic event name to the event encoding required by the underlying kernel interface. This library is open-source and available from: http://perfmon2.sf.net. With this patch, it is possible to specify full hardware events by name. Hardware filters are also supported. Events must be specified via the --pfm-events and not -e option. Both options are active at the same time and it is possible to mix and match: $ perf stat --pfm-events inst_retired:any_p:c=1:i -e cycles .... One needs to explicitely ask for its inclusion by using the LIBPFM4 make command line option, ie its opt-in rather than opt-out of feature detection and build support. Signed-off-by: Stephane Eranian Reviewed-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Alexei Starovoitov Cc: Alexey Budankov Cc: Andi Kleen Cc: Andrii Nakryiko Cc: Daniel Borkmann Cc: Florian Fainelli Cc: Greg Kroah-Hartman Cc: Igor Lubashev Cc: Jin Yao Cc: Jiri Olsa Cc: Jiwei Sun Cc: John Garry Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Martin KaFai Lau Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Thomas Gleixner Cc: Yonghong Song Cc: bpf@vger.kernel.org Cc: netdev@vger.kernel.org Cc: yuzhoujian Link: http://lore.kernel.org/lkml/20200505182943.218248-2-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/Documentation/perf-record.txt | 11 ++; tools/perf/Documentation/perf-stat.txt | 10 ++; tools/perf/Documentation/perf-top.txt | 11 ++; tools/perf/Makefile.config | 13 ++; tools/perf/Makefile.perf | 3 +; tools/perf/builtin-record.c | 6 +; tools/perf/builtin-stat.c | 6 +; tools/perf/builtin-top.c | 6 +; tools/perf/tests/Build | 1 +; tools/perf/tests/builtin-test.c | 9 +; tools/perf/tests/pfm.c | 203 ++++++++++++++++++++++; tools/perf/tests/tests.h | 3 +; tools/perf/util/Build | 2 +; tools/perf/util/evsel.c | 2 +-; tools/perf/util/evsel.h | 1 +; tools/perf/util/parse-events.c | 30 +++-; tools/perf/util/parse-events.h | 4 +; tools/perf/util/pfm.c | 281 +++++++++++++++++++++++++++++++; tools/perf/util/pfm.h | 37 ++++; 19 files changed, 631 insertions(+), 8 deletions(-)","This commit adds libpfm4 support to perf tools enabling symbolic hardware event specification.","libpfm4, perf tools, hardware","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"a88f70de1b5024db75e8dab42bcce5d648d81957","a88f70de1b5024db75e8dab42bcce5d648d81957","Arnaldo Carvalho de Melo","acme@redhat.com","1590761519","Arnaldo Carvalho de Melo","acme@redhat.com","1590781873","422b2886f9151f528f5bca588648b625fba5a7bd","d21cb73a9025ffa9ef4f5a0d4051780c264fa02e","perf build: Remove libaudit from the default feature checks Ingo reported that the libaudit was always appearing as OFF: Auto-detecting system features: ... dwarf: [ on ] ... dwarf_getlocations: [ on ] ... glibc: [ on ] ... gtk2: [ on ] ... libaudit: [ OFF ] And everything seemed to work, i.e. we were checking for a feature that we don't use, causing confusion for people building perf, so work to remove that nuisance while making sure that it works when an arch doesn't provide the alternative method to generate the syscall id/name conversion tables. Longer explanation of the new modus operandi: $ make -C tools/perf O=/tmp/build/perf NO_SYSCALL_TABLE=1 Auto-detecting system features: ... dwarf: [ on ] ... dwarf_getlocations: [ on ] ... glibc: [ on ] ... gtk2: [ on ] ... libbfd: [ on ] ... libcap: [ on ] ... libelf: [ on ] ... libnuma: [ on ] ... numa_num_possible_cpus: [ on ] ... libperl: [ on ] ... libpython: [ on ] ... libcrypto: [ on ] ... libunwind: [ on ] ... libdw-dwarf-unwind: [ on ] ... zlib: [ on ] ... lzma: [ on ] ... get_cpuid: [ on ] ... bpf: [ on ] ... libaio: [ on ] ... libzstd: [ on ] ... disassembler-four-args: [ on ] Makefile.config:665: No libaudit.h found, disables 'trace' tool, please install audit-libs-devel or libaudit-dev GEN /tmp/build/perf/common-cmds.h MKDIR /tmp/build/perf/fd/ MKDIR /tmp/build/perf/fs/ $ The libaudit test is forced and it fails when audit-libs-devel isn't available: $ cat /tmp/build/perf/feature/test-libaudit.make.output test-libaudit.c:2:10: fatal error: libaudit.h: No such file or directory 2 | #include | ^~~~~~~~~~~~ compilation terminated. $ If we install audit-libs-devel and rebuild it continues not to be shown as OFF in the main auto-detection summary, but again gets tested and this time: $ rpm -q audit-libs-devel audit-libs-devel-3.0-0.15.20191104git1c2f876.fc31.x86_64 $ The make output for the feature detection comes clean: $ cat /tmp/build/perf/feature/test-libaudit.make.output And the feature detection binary is successfully built and is dynamicly linked with libaudit: $ ldd /tmp/build/perf/feature/test-libaudit.bin | grep audit libaudit.so.1 => /lib64/libaudit.so.1 (0x00007f5bf5177000) $ As well as the resulting perf binary: $ ldd /tmp/build/perf/perf | grep audit libaudit.so.1 => /lib64/libaudit.so.1 (0x00007fad511c7000) $ And 'perf trace' works using the libaudit method: $ sudo /tmp/build/perf/perf trace -e nanosleep sleep 1 0.000 (1000.067 ms): sleep/281872 nanosleep(rqtp: 0x7ffedbbe69d0) = 0 $ If we leave audit-libs-devel installed but don't disable the use of the best method, the one using SYSCALL_TABLE, the default for architectures that provide the script to build the syscall id/name mapping using the .tbl files copied from the kernel sources, we get: $ rm -rf /tmp/build/perf ; mkdir -p /tmp/build/perf $ make -C tools/perf O=/tmp/build/perf Auto-detecting system features: ... dwarf: [ on ] ... dwarf_getlocations: [ on ] ... glibc: [ on ] ... gtk2: [ on ] ... libbfd: [ on ] ... libcap: [ on ] ... libelf: [ on ] ... libnuma: [ on ] ... numa_num_possible_cpus: [ on ] ... libperl: [ on ] ... libpython: [ on ] ... libcrypto: [ on ] ... libunwind: [ on ] ... libdw-dwarf-unwind: [ on ] ... zlib: [ on ] ... lzma: [ on ] ... get_cpuid: [ on ] ... bpf: [ on ] ... libaio: [ on ] ... libzstd: [ on ] ... disassembler-four-args: [ on ] GEN /tmp/build/perf/common-cmds.h $ Again, no mention of libaudit being on or OFF and: $ cat /tmp/build/perf/feature/test-libaudit.make.output cat: /tmp/build/perf/feature/test-libaudit.make.output: No such file or directory $ We didn't even bother checking for its availability, slightly speeding up the build process and: $ ldd /tmp/build/perf/perf | grep libaudit $ We don't link with it, also: $ sudo /tmp/build/perf/perf trace -e nanosleep sleep 1 0.000 (1000.053 ms): sleep/299125 nanosleep(rqtp: 0x7ffc24611b50) = 0 $ And globs become available: $ sudo /tmp/build/perf/perf trace -e *sleep sleep 1 0.000 (1000.072 ms): sleep/299136 nanosleep(rqtp: 0x7ffe7a3c4ff0) = 0 $ Reported-by: Ingo Molnar Cc: Adrian Hunter Cc: Jiri Olsa Cc: Namhyung Kim Signed-off-by: Arnaldo Carvalho de Melo ","tools/build/Makefile.feature | 2 --; tools/build/feature/Makefile | 2 +-; tools/build/feature/test-all.c | 5 -----; tools/perf/Makefile.config | 1 +; 4 files changed, 2 insertions(+), 8 deletions(-)","The commit removes unnecessary libaudit checks from the perf build configuration to prevent confusion during feature detection.","libaudit,perf,build","A build system or CI/CD change. It affects the build process continuous integration or deployment pipelines.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"43de3869b5164c85f536297c24d0e7eba8e75120","43de3869b5164c85f536297c24d0e7eba8e75120","Arnaldo Carvalho de Melo","acme@redhat.com","1590678220","Arnaldo Carvalho de Melo","acme@redhat.com","1590781824","4fdf6bc61c4b79d66265beba5286569ac2fc72e4","9b90d9734ab72292de080a6e2a46f037994e0fb9","perf build: Allow explicitely disabling the NO_SYSCALL_TABLE variable This is useful to see if, on x86, the legacy libaudit still works, as it is used in architectures that don't have the SYSCALL_TABLE logic and we want to have it tested in 'make -C tools/perf/ build-test'. E.g.: Without having audit-libs-devel installed: $ make NO_SYSCALL_TABLE=1 O=/tmp/build/perf -C tools/perf install-bin make: Entering directory '/home/acme/git/perf/tools/perf' BUILD: Doing 'make -j12' parallel build Auto-detecting system features: ... libaudit: [ OFF ] ... libbfd: [ on ] ... libcap: [ on ] Makefile.config:664: No libaudit.h found, disables 'trace' tool, please install audit-libs-devel or libaudit-dev After installing it: $ rm -rf /tmp/build/perf ; mkdir -p /tmp/build/perf $ time make NO_SYSCALL_TABLE=1 O=/tmp/build/perf -C tools/perf install-bin ; perf test python make: Entering directory '/home/acme/git/perf/tools/perf' BUILD: Doing 'make -j12' parallel build HOSTCC /tmp/build/perf/fixdep.o HOSTLD /tmp/build/perf/fixdep-in.o LINK /tmp/build/perf/fixdep Warning: Kernel ABI header at 'tools/arch/x86/include/asm/msr-index.h' differs from latest version at 'arch/x86/include/asm/msr-index.h' diff -u tools/arch/x86/include/asm/msr-index.h arch/x86/include/asm/msr-index.h Warning: Kernel ABI header at 'tools/perf/util/hashmap.h' differs from latest version at 'tools/lib/bpf/hashmap.h' diff -u tools/perf/util/hashmap.h tools/lib/bpf/hashmap.h Warning: Kernel ABI header at 'tools/perf/util/hashmap.c' differs from latest version at 'tools/lib/bpf/hashmap.c' diff -u tools/perf/util/hashmap.c tools/lib/bpf/hashmap.c Auto-detecting system features: ... libaudit: [ on ] ... libbfd: [ on ] ... libcap: [ on ] $ ldd ~/bin/perf | grep audit libaudit.so.1 => /lib64/libaudit.so.1 (0x00007fc18978e000) $ Acked-by: Jiri Olsa Cc: Adrian Hunter Cc: Ingo Molnar Cc: Namhyung Kim Link: http://lore.kernel.org/lkml/20200529155552.463-3-acme@kernel.org Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/Makefile.config | 24 +++++++++++++-----------; tools/perf/Makefile.perf | 3 +++; 2 files changed, 16 insertions(+), 11 deletions(-)","This commit allows explicit disabling of the NO_SYSCALL_TABLE variable to test legacy libaudit functionality on x86 architectures without SYSCALL_TABLE logic.","perf, NO_SYSCALL_TABLE, libaudit","A build system or CI/CD change. It affects the build process continuous integration or deployment pipelines.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"d27865279f12035c730818aa1a0280fada866a37","d27865279f12035c730818aa1a0280fada866a37","Will Deacon","will@kernel.org","1590685251","Will Deacon","will@kernel.org","1590685251","5c4462885c2a6d7453b34ceb51d39b390030a2a6","342403bcb4dfe41324a0f6f4cb5a8d324f31c725 a4eb355a3fdad85d16e4b098e8d56bb28b812ce0","Merge branch 'for-next/bti' into for-next/core Support for Branch Target Identification (BTI) in user and kernel (Mark Brown and others) * for-next/bti: (39 commits) arm64: vdso: Fix CFI directives in sigreturn trampoline arm64: vdso: Don't prefix sigreturn trampoline with a BTI C instruction arm64: bti: Fix support for userspace only BTI arm64: kconfig: Update and comment GCC version check for kernel BTI arm64: vdso: Map the vDSO text with guarded pages when built for BTI arm64: vdso: Force the vDSO to be linked as BTI when built for BTI arm64: vdso: Annotate for BTI arm64: asm: Provide a mechanism for generating ELF note for BTI arm64: bti: Provide Kconfig for kernel mode BTI arm64: mm: Mark executable text as guarded pages arm64: bpf: Annotate JITed code for BTI arm64: Set GP bit in kernel page tables to enable BTI for the kernel arm64: asm: Override SYM_FUNC_START when building the kernel with BTI arm64: bti: Support building kernel C code using BTI arm64: Document why we enable PAC support for leaf functions arm64: insn: Report PAC and BTI instructions as skippable arm64: insn: Don't assume unrecognized HINTs are skippable arm64: insn: Provide a better name for aarch64_insn_is_nop() arm64: insn: Add constants for new HINT instruction decode arm64: Disable old style assembly annotations ...","","This commit merges Branch Target Identification (BTI) support into ARM64 architecture for enhanced security.","BTI,ARM64,merge","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"342403bcb4dfe41324a0f6f4cb5a8d324f31c725","342403bcb4dfe41324a0f6f4cb5a8d324f31c725","Will Deacon","will@kernel.org","1590684454","Will Deacon","will@kernel.org","1590684454","849a1905597c561f12e522a5691f509d9ff365a7","09cda9a71350e61d8803058470697b95f3d3b4cb fd868f14818901821699988fdac680ebd80cd360 b130a8f70cbbf907c399799bd1073a78763ca0e7 184dbc152e398d7136dabd59ed3f5c5521935712 357dd8a2aff25270971e11a37ddec807f37488e9 4fc92254bf86b19ac1ef81f61f4e690fccfcba4a 10f6cd2af21bb44faab31a50ec3361d7649e5a39 c0fc00ec6304a8e2e438ca1688b243815084dc50 472de63b0b8383565e103f809f5df37d1c4390ab 269fd61e15d785b9e20786672765400732dde8a0 7e9f5e6629f62865e67b8a02a5b522dd9af890bd","Merge branches 'for-next/acpi', 'for-next/bpf', 'for-next/cpufeature', 'for-next/docs', 'for-next/kconfig', 'for-next/misc', 'for-next/perf', 'for-next/ptr-auth', 'for-next/sdei', 'for-next/smccc' and 'for-next/vdso' into for-next/core ACPI and IORT updates (Lorenzo Pieralisi) * for-next/acpi: ACPI/IORT: Remove the unused __get_pci_rid() ACPI/IORT: Fix PMCG node single ID mapping handling ACPI: IORT: Add comments for not calling acpi_put_table() ACPI: GTDT: Put GTDT table after parsing ACPI: IORT: Add extra message ""applying workaround"" for off-by-1 issue ACPI/IORT: work around num_ids ambiguity Revert ""ACPI/IORT: Fix 'Number of IDs' handling in iort_id_map()"" ACPI/IORT: take _DMA methods into account for named components BPF JIT optimisations for immediate value generation (Luke Nelson) * for-next/bpf: bpf, arm64: Optimize ADD,SUB,JMP BPF_K using arm64 add/sub immediates bpf, arm64: Optimize AND,OR,XOR,JSET BPF_K using arm64 logical immediates arm64: insn: Fix two bugs in encoding 32-bit logical immediates Addition of new CPU ID register fields and removal of some benign sanity checks (Anshuman Khandual and others) * for-next/cpufeature: (27 commits) KVM: arm64: Check advertised Stage-2 page size capability arm64/cpufeature: Add get_arm64_ftr_reg_nowarn() arm64/cpuinfo: Add ID_MMFR4_EL1 into the cpuinfo_arm64 context arm64/cpufeature: Add remaining feature bits in ID_AA64PFR1 register arm64/cpufeature: Add remaining feature bits in ID_AA64PFR0 register arm64/cpufeature: Add remaining feature bits in ID_AA64ISAR0 register arm64/cpufeature: Add remaining feature bits in ID_MMFR4 register arm64/cpufeature: Add remaining feature bits in ID_PFR0 register arm64/cpufeature: Introduce ID_MMFR5 CPU register arm64/cpufeature: Introduce ID_DFR1 CPU register arm64/cpufeature: Introduce ID_PFR2 CPU register arm64/cpufeature: Make doublelock a signed feature in ID_AA64DFR0 arm64/cpufeature: Drop TraceFilt feature exposure from ID_DFR0 register arm64/cpufeature: Add explicit ftr_id_isar0[] for ID_ISAR0 register arm64/cpufeature: Drop open encodings while extracting parange arm64/cpufeature: Validate hypervisor capabilities during CPU hotplug arm64: cpufeature: Group indexed system register definitions by name arm64: cpufeature: Extend comment to describe absence of field info arm64: drop duplicate definitions of ID_AA64MMFR0_TGRAN constants arm64: cpufeature: Add an overview comment for the cpufeature framework ... Minor documentation tweaks for silicon errata and booting requirements (Rob Herring and Will Deacon) * for-next/docs: arm64: silicon-errata.rst: Sort the Cortex-A55 entries arm64: docs: Mandate that the I-cache doesn't hold stale kernel text Minor Kconfig cleanups (Geert Uytterhoeven) * for-next/kconfig: arm64: cpufeature: Add ""or"" to mitigations for multiple errata arm64: Sort vendor-specific errata Miscellaneous updates (Ard Biesheuvel and others) * for-next/misc: arm64: mm: Add asid_gen_match() helper arm64: stacktrace: Factor out some common code into on_stack() arm64: Call debug_traps_init() from trap_init() to help early kgdb arm64: cacheflush: Fix KGDB trap detection arm64/cpuinfo: Move device_initcall() near cpuinfo_regs_init() arm64: kexec_file: print appropriate variable arm: mm: use __pfn_to_section() to get mem_section arm64: Reorder the macro arguments in the copy routines efi/libstub/arm64: align PE/COFF sections to segment alignment KVM: arm64: Drop PTE_S2_MEMATTR_MASK arm64/kernel: Fix range on invalidating dcache for boot page tables arm64: set TEXT_OFFSET to 0x0 in preparation for removing it entirely arm64: lib: Consistently enable crc32 extension arm64/mm: Use phys_to_page() to access pgtable memory arm64: smp: Make cpus_stuck_in_kernel static arm64: entry: remove unneeded semicolon in el1_sync_handler() arm64/kernel: vmlinux.lds: drop redundant discard/keep macros arm64: drop GZFLAGS definition and export arm64: kexec_file: Avoid temp buffer for RNG seed arm64: rename stext to primary_entry Perf PMU driver updates (Tang Bin and others) * for-next/perf: pmu/smmuv3: Clear IRQ affinity hint on device removal drivers/perf: hisi: Permit modular builds of HiSilicon uncore drivers drivers/perf: hisi: Fix typo in events attribute array drivers/perf: arm_spe_pmu: Avoid duplicate printouts drivers/perf: arm_dsu_pmu: Avoid duplicate printouts Pointer authentication updates and support for vmcoreinfo (Amit Daniel Kachhap and Mark Rutland) * for-next/ptr-auth: Documentation/vmcoreinfo: Add documentation for 'KERNELPACMASK' arm64/crash_core: Export KERNELPACMASK in vmcoreinfo arm64: simplify ptrauth initialization arm64: remove ptrauth_keys_install_kernel sync arg SDEI cleanup and non-critical fixes (James Morse and others) * for-next/sdei: firmware: arm_sdei: Document the motivation behind these set_fs() calls firmware: arm_sdei: remove unused interfaces firmware: arm_sdei: Put the SDEI table after using it firmware: arm_sdei: Drop check for /firmware/ node and always register driver SMCCC updates and refactoring (Sudeep Holla) * for-next/smccc: firmware: smccc: Fix missing prototype warning for arm_smccc_version_init firmware: smccc: Add function to fetch SMCCC version firmware: smccc: Refactor SMCCC specific bits into separate file firmware: smccc: Drop smccc_version enum and use ARM_SMCCC_VERSION_1_x instead firmware: smccc: Add the definition for SMCCCv1.2 version/error codes firmware: smccc: Update link to latest SMCCC specification firmware: smccc: Add HAVE_ARM_SMCCC_DISCOVERY to identify SMCCC v1.1 and above vDSO cleanup and non-critical fixes (Mark Rutland and Vincenzo Frascino) * for-next/vdso: arm64: vdso: Add --eh-frame-hdr to ldflags arm64: vdso: use consistent 'map' nomenclature arm64: vdso: use consistent 'abi' nomenclature arm64: vdso: simplify arch_vdso_type ifdeffery arm64: vdso: remove aarch32_vdso_pages[] arm64: vdso: Add '-Bsymbolic' to ldflags","","This commit merges multiple branches into 'for-next/core', including updates for ACPI, BPF, cpu features, documentation, and more.","merge, branches, updates","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"d195b1d1d1196681ac4775e0361e9cca70f740c2","d195b1d1d1196681ac4775e0361e9cca70f740c2","Petr Mladek","pmladek@suse.com","1590582524","Daniel Borkmann","daniel@iogearbox.net","1590678738","a806a8b3e096f7e8d1e6b2ffffd52c549bdf9353","b16a87d0aef7a6be766f6618976dc5ff2c689291","powerpc/bpf: Enable bpf_probe_read{, str}() on powerpc again The commit 0ebeea8ca8a4d1d453a (""bpf: Restrict bpf_probe_read{, str}() only to archs where they work"") caused that bpf_probe_read{, str}() functions were not longer available on architectures where the same logical address might have different content in kernel and user memory mapping. These architectures should use probe_read_{user,kernel}_str helpers. For backward compatibility, the problematic functions are still available on architectures where the user and kernel address spaces are not overlapping. This is defined CONFIG_ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE. At the moment, these backward compatible functions are enabled only on x86_64, arm, and arm64. Let's do it also on powerpc that has the non overlapping address space as well. Fixes: 0ebeea8ca8a4 (""bpf: Restrict bpf_probe_read{, str}() only to archs where they work"") Signed-off-by: Petr Mladek Signed-off-by: Daniel Borkmann Acked-by: Michael Ellerman Link: https://lore.kernel.org/lkml/20200527122844.19524-1-pmladek@suse.com","arch/powerpc/Kconfig | 1 +; 1 file changed, 1 insertion(+)","Re-enable bpf_probe_read functions on powerpc for architectures with non-overlapping address spaces.","powerpc,bpf_probe_read,compatibility","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"e2ce1059b0b3d032aa07cc51c24d28ec498feb5f","e2ce1059b0b3d032aa07cc51c24d28ec498feb5f","Ian Rogers","irogers@google.com","1589998811","Arnaldo Carvalho de Melo","acme@redhat.com","1590671008","400a95daaa8555b1ee03022266bde7811d3e7caa","05530a7921c0f5149a01e34c4e031c5b18bdc1cc","perf metricgroup: Remove unnecessary ',' from events Remove unnecessary commas from events before they are parsed. This avoids ',' being echoed by parse-events.l. Signed-off-by: Ian Rogers Acked-by: Jiri Olsa Cc: Alexander Shishkin Cc: Andi Kleen Cc: Andrii Nakryiko Cc: Cong Wang Cc: Jin Yao Cc: John Garry Cc: Kajol Jain Cc: Kan Liang Cc: Kim Phillips Cc: Mark Rutland Cc: Namhyung Kim Cc: Paul Clarke Cc: Peter Zijlstra Cc: Song Liu Cc: Srikar Dronamraju Cc: Stephane Eranian Cc: Vince Weaver Cc: bpf@vger.kernel.org Cc: netdev@vger.kernel.org Link: http://lore.kernel.org/lkml/20200520182011.32236-8-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/util/metricgroup.c | 9 +++++++--; 1 file changed, 7 insertions(+), 2 deletions(-)","The commit removes unnecessary commas from perf metricgroup events to enhance parse-events processing.","perf,events,commas","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Profile related type programs. It affects programs used for profiling system or application performance.']" +"05530a7921c0f5149a01e34c4e031c5b18bdc1cc","05530a7921c0f5149a01e34c4e031c5b18bdc1cc","Ian Rogers","irogers@google.com","1589998810","Arnaldo Carvalho de Melo","acme@redhat.com","1590671008","3617c7f3f405ec251c14f3fdd8e50b8da02fc294","2440689d62e93574ca71c87129f7d523ddff7679","perf metricgroup: Add options to not group or merge Add --metric-no-group that causes all events within metrics to not be grouped. This can allow the event to get more time when multiplexed, but may also lower accuracy. Add --metric-no-merge option. By default events in different metrics may be shared if the group of events for one metric is the same or larger than that of the second. Sharing may increase or lower accuracy and so is now configurable. Signed-off-by: Ian Rogers Acked-by: Jiri Olsa Cc: Alexander Shishkin Cc: Andi Kleen Cc: Andrii Nakryiko Cc: Cong Wang Cc: Jin Yao Cc: John Garry Cc: Kajol Jain Cc: Kan Liang Cc: Kim Phillips Cc: Mark Rutland Cc: Namhyung Kim Cc: Paul Clarke Cc: Peter Zijlstra Cc: Song Liu Cc: Srikar Dronamraju Cc: Stephane Eranian Cc: Vince Weaver Cc: bpf@vger.kernel.org Cc: netdev@vger.kernel.org Link: http://lore.kernel.org/lkml/20200520182011.32236-7-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/Documentation/perf-stat.txt | 19 ++++++++++; tools/perf/builtin-stat.c | 11 +++++-; tools/perf/util/metricgroup.c | 68 ++++++++++++++++++++++++++--------; tools/perf/util/metricgroup.h | 6 ++-; tools/perf/util/stat.h | 2 +; 5 files changed, 87 insertions(+), 19 deletions(-)","The commit adds options to the perf metric group tool to configure event grouping and merging for increased flexibility.","perf,metric,options","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"2440689d62e93574ca71c87129f7d523ddff7679","2440689d62e93574ca71c87129f7d523ddff7679","Ian Rogers","irogers@google.com","1589998809","Arnaldo Carvalho de Melo","acme@redhat.com","1590671008","b136e1f18896821145c07015a94917726ed88bbc","6bf2102bec4e600e72f87569d2c8e01a3efb340e","perf metricgroup: Remove duped metric group events A metric group contains multiple metrics. These metrics may use the same events. If metrics use separate events then it leads to more multiplexing and overall metric counts fail to sum to 100%. Modify how metrics are associated with events so that if the events in an earlier group satisfy the current metric, the same events are used. A record of used events is kept and at the end of processing unnecessary events are eliminated. Before: $ perf stat -a -M TopDownL1 sleep 1 Performance counter stats for 'system wide': 920,211,343 uops_issued.any # 0.5 Backend_Bound (16.56%) 1,977,733,128 idq_uops_not_delivered.core (16.56%) 51,668,510 int_misc.recovery_cycles (16.56%) 732,305,692 uops_retired.retire_slots (16.56%) 1,497,621,849 cycles (16.56%) 721,098,274 uops_issued.any # 0.1 Bad_Speculation (16.79%) 1,332,681,791 cycles (16.79%) 552,475,482 uops_retired.retire_slots (16.79%) 47,708,340 int_misc.recovery_cycles (16.79%) 1,383,713,292 cycles # 0.4 Frontend_Bound (16.76%) 2,013,757,701 idq_uops_not_delivered.core (16.76%) 1,373,363,790 cycles # 0.1 Retiring (33.54%) 577,302,589 uops_retired.retire_slots (33.54%) 392,766,987 inst_retired.any # 0.3 IPC (50.24%) 1,351,873,350 cpu_clk_unhalted.thread (50.24%) 1,332,510,318 cycles # 5330041272.0 SLOTS (49.90%) 1.006336145 seconds time elapsed After: $ perf stat -a -M TopDownL1 sleep 1 Performance counter stats for 'system wide': 765,949,145 uops_issued.any # 0.1 Bad_Speculation # 0.5 Backend_Bound (50.09%) 1,883,830,591 idq_uops_not_delivered.core # 0.3 Frontend_Bound (50.09%) 48,237,080 int_misc.recovery_cycles (50.09%) 581,798,385 uops_retired.retire_slots # 0.1 Retiring (50.09%) 1,361,628,527 cycles # 5446514108.0 SLOTS (50.09%) 391,415,714 inst_retired.any # 0.3 IPC (49.91%) 1,336,486,781 cpu_clk_unhalted.thread (49.91%) 1.005469298 seconds time elapsed Note: Bad_Speculation + Backend_Bound + Frontend_Bound + Retiring = 100% after, where as before it is 110%. After there are 2 groups, whereas before there are 6. After the cycles event appears once, before it appeared 5 times. Signed-off-by: Ian Rogers Acked-by: Jiri Olsa Cc: Alexander Shishkin Cc: Andi Kleen Cc: Andrii Nakryiko Cc: Cong Wang Cc: Jin Yao Cc: John Garry Cc: Kajol Jain Cc: Kan Liang Cc: Kim Phillips Cc: Mark Rutland Cc: Namhyung Kim Cc: Paul Clarke Cc: Peter Zijlstra Cc: Song Liu Cc: Srikar Dronamraju Cc: Stephane Eranian Cc: Vince Weaver Cc: bpf@vger.kernel.org Cc: netdev@vger.kernel.org Link: http://lore.kernel.org/lkml/20200520182011.32236-6-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/util/metricgroup.c | 91 +++++++++++++++++++++++++++++--------------; 1 file changed, 62 insertions(+), 29 deletions(-)","The commit optimizes perf's metric group handling by eliminating duplicate events for more accurate metric calculation.","perf, metricgroup, optimization","A performance optimization. It improves the performance of existing code such as reducing latency or improving throughput.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"6bf2102bec4e600e72f87569d2c8e01a3efb340e","6bf2102bec4e600e72f87569d2c8e01a3efb340e","Ian Rogers","irogers@google.com","1589998808","Arnaldo Carvalho de Melo","acme@redhat.com","1590671008","c633d9a8b2c5282cc4d3e1fb41238e4fa4700c6d","7f9eca51c1e8e5acc4264f960c2cdec150f597f9","perf metricgroup: Order event groups by size When adding event groups to the group list, insert them in size order. This performs an insertion sort on the group list. By placing the largest groups at the front of the group list it is possible to see if a larger group contains the same events as a later group. This can make the later group redundant - it can reuse the events from the large group. A later patch will add this sharing. Signed-off-by: Ian Rogers Acked-by: Jiri Olsa Cc: Alexander Shishkin Cc: Andi Kleen Cc: Andrii Nakryiko Cc: Cong Wang Cc: Jin Yao Cc: John Garry Cc: Kajol Jain Cc: Kan Liang Cc: Kim Phillips Cc: Mark Rutland Cc: Namhyung Kim Cc: Paul Clarke Cc: Peter Zijlstra Cc: Song Liu Cc: Srikar Dronamraju Cc: Stephane Eranian Cc: Vince Weaver Cc: bpf@vger.kernel.org Cc: netdev@vger.kernel.org Link: http://lore.kernel.org/lkml/20200520182011.32236-5-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/util/metricgroup.c | 16 +++++++++++++++-; 1 file changed, 15 insertions(+), 1 deletion(-)","This commit optimizes perf metricgroup by ordering event groups by size for potential event reuse.","perf,metricgroup,events","A performance optimization. It improves the performance of existing code such as reducing latency or improving throughput.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"7f9eca51c1e8e5acc4264f960c2cdec150f597f9","7f9eca51c1e8e5acc4264f960c2cdec150f597f9","Ian Rogers","irogers@google.com","1589998807","Arnaldo Carvalho de Melo","acme@redhat.com","1590671008","a6ebc4b39b9af01c19f2f40870de49b7477e092b","908103991a9970a8e033e9f3aedd092a2c993f49","perf metricgroup: Delay events string creation Currently event groups are placed into groups_list at the same time as the events string containing the events is built. Separate these two operations and build the groups_list first, then the event string from the groups_list. This adds an ability to reorder the groups_list that will be used in a later patch. Signed-off-by: Ian Rogers Acked-by: Jiri Olsa Cc: Alexander Shishkin Cc: Andi Kleen Cc: Andrii Nakryiko Cc: Cong Wang Cc: Jin Yao Cc: John Garry Cc: Kajol Jain Cc: Kan Liang Cc: Kim Phillips Cc: Mark Rutland Cc: Namhyung Kim Cc: Paul Clarke Cc: Peter Zijlstra Cc: Song Liu Cc: Srikar Dronamraju Cc: Stephane Eranian Cc: Vince Weaver Cc: bpf@vger.kernel.org Cc: netdev@vger.kernel.org Link: http://lore.kernel.org/lkml/20200520182011.32236-4-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/util/metricgroup.c | 33 +++++++++++++++++++++------------; 1 file changed, 21 insertions(+), 12 deletions(-)","The commit separates event grouping and event string building in the perf metricgroup to allow future reordering capabilities.","perf,metricgroup,events","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"908103991a9970a8e033e9f3aedd092a2c993f49","908103991a9970a8e033e9f3aedd092a2c993f49","Ian Rogers","irogers@google.com","1589998806","Arnaldo Carvalho de Melo","acme@redhat.com","1590671008","a599b9375635e764879ad56ac70754f1320dcd1e","4e21c13aca38b69c4470b68ef29d198802e7d74e","perf metricgroup: Use early return in add_metric Use early return in metricgroup__add_metric and try to make the intent of the returns more intention revealing. Suggested-by: Jiri Olsa Signed-off-by: Ian Rogers Acked-by: Jiri Olsa Cc: Alexander Shishkin Cc: Andi Kleen Cc: Andrii Nakryiko Cc: Cong Wang Cc: Jin Yao Cc: John Garry Cc: Kajol Jain Cc: Kan Liang Cc: Kim Phillips Cc: Mark Rutland Cc: Namhyung Kim Cc: Paul Clarke Cc: Peter Zijlstra Cc: Song Liu Cc: Srikar Dronamraju Cc: Stephane Eranian Cc: Vince Weaver Cc: bpf@vger.kernel.org Cc: netdev@vger.kernel.org Link: http://lore.kernel.org/lkml/20200520182011.32236-3-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/util/metricgroup.c | 22 +++++++++++++++-------; 1 file changed, 15 insertions(+), 7 deletions(-)","Refactor 'add_metric' in perf's metricgroup for clearer intent using early returns.","early return,metricgroup,refactor","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"4e21c13aca38b69c4470b68ef29d198802e7d74e","4e21c13aca38b69c4470b68ef29d198802e7d74e","Ian Rogers","irogers@google.com","1589998805","Arnaldo Carvalho de Melo","acme@redhat.com","1590671008","539a416132d3a876fdfa9dae18b11663860e3213","a159e2fe89b4d1f9fb54b0ae418b961e239bf617","perf metricgroup: Always place duration_time last If a metric contains the duration_time event then the event is placed outside of the metric's group of events. Rather than split the group, make it so the duration_time is immediately after the group. Signed-off-by: Ian Rogers Acked-by: Jiri Olsa Cc: Alexander Shishkin Cc: Andi Kleen Cc: Andrii Nakryiko Cc: Cong Wang Cc: Jin Yao Cc: John Garry Cc: Kajol Jain Cc: Kan Liang Cc: Kim Phillips Cc: Mark Rutland Cc: Namhyung Kim Cc: Paul Clarke Cc: Peter Zijlstra Cc: Song Liu Cc: Srikar Dronamraju Cc: Stephane Eranian Cc: Vince Weaver Cc: bpf@vger.kernel.org Cc: netdev@vger.kernel.org Link: http://lore.kernel.org/lkml/20200520182011.32236-2-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/util/metricgroup.c | 18 +++++++++---------; 1 file changed, 9 insertions(+), 9 deletions(-)","Adjust the placement of duration_time event in perf metricgroup to be immediately after the group's events.","perf,metricgroup,duration_time","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Profile related type programs. It affects programs used for profiling system or application performance.']" +"a159e2fe89b4d1f9fb54b0ae418b961e239bf617","a159e2fe89b4d1f9fb54b0ae418b961e239bf617","Ian Rogers","irogers@google.com","1588916184","Arnaldo Carvalho de Melo","acme@redhat.com","1590671007","09f03970a42b95f3cd3e699956b268a1ba0283ec","fa99ce828291cbbf8782284665365bc2c48e9318","perf metricgroup: Free metric_events on error Avoid a simple memory leak. Signed-off-by: Ian Rogers Cc: Alexander Shishkin Cc: Alexei Starovoitov Cc: Andi Kleen Cc: Andrii Nakryiko Cc: Cong Wang Cc: Daniel Borkmann Cc: Jin Yao Cc: Jiri Olsa Cc: John Fastabend Cc: John Garry Cc: Kajol Jain Cc: Kan Liang Cc: Kim Phillips Cc: Mark Rutland Cc: Martin KaFai Lau Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Song Liu Cc: Stephane Eranian Cc: Vince Weaver Cc: Yonghong Song Cc: bpf@vger.kernel.org Cc: kp singh Cc: netdev@vger.kernel.org Link: http://lore.kernel.org/lkml/20200508053629.210324-10-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/util/metricgroup.c | 3 +++; 1 file changed, 3 insertions(+)","This commit addresses a simple memory leak in the perf metricgroup by freeing metric_events on error.","memory leak, perf, error","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"04f9bf2bac72480ca1d289b751b956dd1707a5d5","04f9bf2bac72480ca1d289b751b956dd1707a5d5","Wang ShaoBo","bobo.shaobowang@huawei.com","1589945536","Arnaldo Carvalho de Melo","acme@redhat.com","1590671007","d18d06586fa9a0ca40a3ceb385e1229ddcd78eaa","c7e5b328a8d46f754910cd3caaf96e2a9f7e901e","perf bpf-loader: Add missing '*' for key_scan_pos key_scan_pos is a pointer for getting scan position in bpf__obj_config_map() for each BPF map configuration term, but it's misused when error not happened. Committer notes: The point is that the only user of this is: tools/perf/util/parse-events.c err = bpf__config_obj(obj, term, parse_state->evlist, &error_pos); if (err) bpf__strerror_config_obj(obj, term, parse_state->evlist, &error_pos, err, errbuf, sizeof(errbuf)); And then: int bpf__strerror_config_obj(struct bpf_object *obj __maybe_unused, struct parse_events_term *term __maybe_unused, struct evlist *evlist __maybe_unused, int *error_pos __maybe_unused, int err, char *buf, size_t size) { bpf__strerror_head(err, buf, size); bpf__strerror_entry(BPF_LOADER_ERRNO__OBJCONF_MAP_TYPE, ""Can't use this config term with this map type""); bpf__strerror_end(buf, size); return 0; } So this is infrastructure that Wang Nan put in place for providing better error messages but that he ended up not using, so I'll apply the fix, its correct even not fixing any real problem at this time. Fixes: 066dacbf2a32 (""perf bpf: Add API to set values to map entries in a bpf object"") Signed-off-by: Wang ShaoBo Acked-by: Jiri Olsa Cc: Alexander Shishkin Cc: Cheng Jian Cc: Hanjun Guo Cc: Li Bin Cc: Mark Rutland Cc: Wang Nan Cc: Xie XiuQi Cc: bpf@vger.kernel.org Link: http://lore.kernel.org/lkml/20200520033216.48310-1-bobo.shaobowang@huawei.com Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/util/bpf-loader.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Fixed the misuse of 'key_scan_pos' pointer in the perf bpf-loader for better error message handling.","perf,bpf-loader,pointer","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"45db55f2ef5e98ef096096efad975dc684a9493f","45db55f2ef5e98ef096096efad975dc684a9493f","Ian Rogers","irogers@google.com","1589959688","Arnaldo Carvalho de Melo","acme@redhat.com","1590671007","b448e495480fc18759eb0591bbe0cdb83381809e","ae7626418d71ae551fd1f0a85ae7ad9d8b2d4f28","perf metricgroup: Make 'evlist_used' variable a bitmap instead of array of bools Use a bitmap rather than an array of bools. Signed-off-by: Ian Rogers Acked-by: Jiri Olsa Cc: Alexander Shishkin Cc: Andi Kleen Cc: Andrii Nakryiko Cc: Cong Wang Cc: Jin Yao Cc: John Garry Cc: Kajol Jain Cc: Kan Liang Cc: Kim Phillips Cc: Mark Rutland Cc: Namhyung Kim Cc: Paul Clarke Cc: Peter Zijlstra Cc: Song Liu Cc: Srikar Dronamraju Cc: Stephane Eranian Cc: Vince Weaver Cc: bpf@vger.kernel.org Cc: netdev@vger.kernel.org Link: http://lore.kernel.org/lkml/20200520072814.128267-2-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/util/metricgroup.c | 18 ++++++++----------; 1 file changed, 8 insertions(+), 10 deletions(-)","The commit modifies 'evlist_used' to a bitmap for better efficiency in perf metricgroup.","evlist_used,bitmap,perf","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"498ef715a00bb87ca65a89e7893c644499bb309c","498ef715a00bb87ca65a89e7893c644499bb309c","Paul A. Clarke","pc@us.ibm.com","1589911102","Arnaldo Carvalho de Melo","acme@redhat.com","1590671007","5a8f5ca1ba2a0f8d09703e9f28c90de246bd9f65","acd1ac23156e0c7f08e99be47b2828b0ad71f020","perf script: Better align register values in dump Before: $ perf script --dump-raw-trace [...] 2492031077254920 0x1e08 [0x308]: PERF_RECORD_SAMPLE(IP, 0x1): 47557/47557: 0xc00000000012eeb0 period: 1 addr: 0 ... user regs: mask 0x1fffffffffff ABI 64-bit .... r0 0xb .... r1 0x7ffff3b90fa0 .... r2 0x7fffbabf7300 .... r3 0x7ffff3b9ed60 .... r4 0x7ffff3b95cc0 .... r5 0x1000c5a2940 .... r6 0xfefefefefefefeff .... r7 0x7f7f7f7f7f7f7f7f .... r8 0x7ffff3b9ed60 .... r9 0x0 [...] After: [...] 2492031077254920 0x1e08 [0x308]: PERF_RECORD_SAMPLE(IP, 0x1): 47557/47557: 0xc00000000012eeb0 period: 1 addr: 0 ... user regs: mask 0x1fffffffffff ABI 64-bit .... r0 0x000000000000000b .... r1 0x00007ffff3b90fa0 .... r2 0x00007fffbabf7300 .... r3 0x00007ffff3b9ed60 .... r4 0x00007ffff3b95cc0 .... r5 0x000001000c5a2940 .... r6 0xfefefefefefefeff .... r7 0x7f7f7f7f7f7f7f7f .... r8 0x00007ffff3b9ed60 .... r9 0x0000000000000000 [...] Committer testing: Full set of instructions, testing on x86_64: # perf record -I ^C[ perf record: Woken up 1 times to write data ] [ perf record: Captured and wrote 2.855 MB perf.data (4902 samples) ] # perf evlist -v cycles: size: 120, { sample_period, sample_freq }: 4000, sample_type: IP|TID|TIME|ID|CPU|PERIOD|REGS_INTR, read_format: ID, disabled: 1, inherit: 1, freq: 1, precise_ip: 3, sample_id_all: 1, exclude_guest: 1, sample_regs_intr: 0xff0fff dummy:HG: type: 1, size: 120, config: 0x9, { sample_period, sample_freq }: 4000, sample_type: IP|TID|TIME|ID|CPU|PERIOD|REGS_INTR, read_format: ID, inherit: 1, mmap: 1, comm: 1, freq: 1, task: 1, sample_id_all: 1, mmap2: 1, comm_exec: 1, ksymbol: 1, bpf_event: 1, sample_regs_intr: 0xff0fff # Before: # perf script --dump-raw-trace [...] 0 1542674658099675 0x1cb700 [0xe0]: PERF_RECORD_SAMPLE(IP, 0x4001): 1825/1825: 0xffffffff9506e544 period: 1 addr: 0 ... intr regs: mask 0xff0fff ABI 64-bit .... AX 0xf .... BX 0xffff96e1064125a0 .... CX 0x38f .... DX 0x7 .... SI 0xf .... DI 0x38f .... BP 0x1 .... SP 0xfffffe000000bdf0 .... IP 0xffffffff9506e544 .... FLAGS 0xa .... CS 0x10 .... SS 0x18 .... R8 0x0 .... R9 0x0 .... R10 0xfffffe00000260c8 .... R11 0xfffffe000000bef8 .... R12 0x1 .... R13 0x64 .... R14 0x390 .... R15 0xffff96e1064125a0 ... thread: perf:1825 ...... dso: /proc/kcore perf 1825 [000] 1542674.658099: 1 cycles: ffffffff9506e544 native_write_msr+0x4 (vmlinux [...] After: # perf script --dump-raw-trace [...] 0 1542674658096068 0x1cb620 [0xe0]: PERF_RECORD_SAMPLE(IP, 0x4001): 1825/1825: 0xffffffff9506e544 period: 1 addr: 0 ... intr regs: mask 0xff0fff ABI 64-bit .... AX 0x000000000000000f .... BX 0xffff96e1064125a0 .... CX 0x000000000000038f .... DX 0x0000000000000007 .... SI 0x000000000000000f .... DI 0x000000000000038f .... BP 0x0000000000000000 .... SP 0xffffb3e788fb7c20 .... IP 0xffffffff9506e544 .... FLAGS 0x000000000000000a .... CS 0x0000000000000010 .... SS 0x0000000000000018 .... R8 0x00057b0deeffdfe3 .... R9 0xffff96e106432480 .... R10 0x0000000000000000 .... R11 0xffff96e106412cc0 .... R12 0xffffb3e788fb7d00 .... R13 0xffff96e106432408 .... R14 0xffff96e106432400 .... R15 0xffff96e0e09a4800 ... thread: perf:1825 ...... dso: /proc/kcore perf 1825 [000] 1542674.658096: 1 cycles: ffffffff9506e544 native_write_msr+0x4 (vmlinux) [...] Signed-off-by: Paul Clarke Reviewed-by: Andi Kleen Tested-by: Arnaldo Carvalho de Melo Cc: Jin Yao Cc: Jiri Olsa Cc: Kan Liang Cc: Namhyung Kim LPU-Reference: 1589911102-9460-1-git-send-email-pc@us.ibm.com Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/util/session.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Aligns register values format in perf script for better readability.","perf, align, register","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"ded80bda8bc9bb65a344b79b36d5acf45a907b25","ded80bda8bc9bb65a344b79b36d5acf45a907b25","Ian Rogers","irogers@google.com","1589581052","Arnaldo Carvalho de Melo","acme@redhat.com","1590671006","ec45adaf10e85930775375755e4d171ab94b3c96","eee19501926d98c894f15c1644b815c7d1fbd187","perf expr: Migrate expr ids table to a hashmap Use a hashmap between a char* string and a double* value. While bpf's hashmap entries are size_t in size, we can't guarantee sizeof(size_t) >= sizeof(double). Avoid a memory allocation when gathering ids by making 0.0 a special value encoded as NULL. Original map suggestion by Andi Kleen: https://lore.kernel.org/lkml/20200224210308.GQ160988@tassilo.jf.intel.com/ and seconded by Jiri Olsa: https://lore.kernel.org/lkml/20200423112915.GH1136647@krava/ Committer notes: There are fixes that need to land upstream before we can use libbpf's headers, for now use our copy unconditionally, since the data structures at this point are exactly the same, no problem. When the fixes for libbpf's hashmap land upstream, we can fix this up. Testing it: Building with LIBBPF=1, i.e. the default: $ perf -vv | grep -i bpf bpf: [ on ] # HAVE_LIBBPF_SUPPORT $ nm ~/bin/perf | grep -i libbpf_ | wc -l 39 $ nm ~/bin/perf | grep -i hashmap_ | wc -l 17 $ Explicitely building without LIBBPF: $ perf -vv | grep -i bpf bpf: [ OFF ] # HAVE_LIBBPF_SUPPORT $ $ nm ~/bin/perf | grep -i libbpf_ | wc -l 0 $ nm ~/bin/perf | grep -i hashmap_ | wc -l 9 $ Signed-off-by: Ian Rogers Tested-by: Arnaldo Carvalho de Melo Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Alexei Starovoitov Cc: Andi Kleen Cc: Andrii Nakryiko Cc: Cong Wang Cc: Daniel Borkmann Cc: Jin Yao Cc: Jiri Olsa Cc: John Fastabend Cc: John Garry Cc: Kajol Jain Cc: Kan Liang Cc: Kim Phillips Cc: Leo Yan Cc: Mark Rutland Cc: Martin KaFai Lau Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Song Liu Cc: Stephane Eranian Cc: Yonghong Song Cc: bpf@vger.kernel.org Cc: kp singh Cc: netdev@vger.kernel.org Link: http://lore.kernel.org/lkml/20200515221732.44078-8-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/tests/expr.c | 44 +++++++-------; tools/perf/tests/pmu-events.c | 25 ++++----; tools/perf/util/expr.c | 129 +++++++++++++++++++++++-------------------; tools/perf/util/expr.h | 29 +++++-----; tools/perf/util/expr.y | 22 +------; tools/perf/util/metricgroup.c | 92 ++++++++++++++----------------; tools/perf/util/stat-shadow.c | 49 ++++++++++------; 7 files changed, 200 insertions(+), 190 deletions(-)","The commit migrates perf's expression ID table to a hashmap for optimized memory usage and efficiency.","perf, hashmap, migrate","A performance optimization. It improves the performance of existing code such as reducing latency or improving throughput.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"eee19501926d98c894f15c1644b815c7d1fbd187","eee19501926d98c894f15c1644b815c7d1fbd187","Ian Rogers","irogers@google.com","1589581049","Arnaldo Carvalho de Melo","acme@redhat.com","1590671006","d3f0ae10e05abc0001907e4655ec2b56cf67bca0","ea9eb1f456a08c18feb485894185f7a4e31cc8a4","perf tools: Grab a copy of libbpf's hashmap Allow use of hashmap in perf. Modify perf's check-headers.sh script to check that the files are kept in sync, in the same way kernel headers are checked. This will warn if they are out of sync at the start of a perf build. Committer note: This starts out of synch as a fix went thru the bpf tree, namely the one removing the needless libbpf_internal.h include in hashmap.h. There is also another change related to __WORDSIZE, that as is in tools/lib/bpf/hashmap.h causes the tools/perf/ build to fail in systems such as Alpine Linus, that uses the Musl libc, so we need an alternative way of having __WORDSIZE available, use the one used by tools/include/linux/bitops.h, that builds in all the systems I have build containers for. These differences will be resolved at some point, so keep the warning in check-headers.sh as a reminder. Signed-off-by: Ian Rogers Acked-by: Andrii Nakryiko Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Alexei Starovoitov Cc: Andi Kleen Cc: Cong Wang Cc: Daniel Borkmann Cc: Jin Yao Cc: Jiri Olsa Cc: John Fastabend Cc: John Garry Cc: Kajol Jain Cc: Kan Liang Cc: Kim Phillips Cc: Leo Yan Cc: Mark Rutland Cc: Martin KaFai Lau Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Song Liu Cc: Stephane Eranian Cc: Yonghong Song Cc: bpf@vger.kernel.org Cc: kp singh Cc: netdev@vger.kernel.org Link: http://lore.kernel.org/lkml/20200515221732.44078-5-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/check-headers.sh | 4 +; tools/perf/util/Build | 4 +; tools/perf/util/hashmap.c | 238 ++++++++++++++++++++++++++++++++++++++++++++; tools/perf/util/hashmap.h | 176 ++++++++++++++++++++++++++++++++; 4 files changed, 422 insertions(+)","Introduces a copy of libbpf's hashmap to perf tools and ensures file sync checks.","libbpf, hashmap, perf","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"beb6420300046a959082b32851fedaab2973be23","beb6420300046a959082b32851fedaab2973be23","Jiri Olsa","jolsa@kernel.org","1589811027","Arnaldo Carvalho de Melo","acme@redhat.com","1590671006","212911eccf12d1cd45ee4c7e525c328f54e66ea9","6d1f916265aa615218d341ba5d3fd39dfe931cde","perf trace: Fix compilation error for make NO_LIBBPF=1 DEBUG=1 The perf compilation fails for NO_LIBBPF=1 DEBUG=1 with: $ make NO_LIBBPF=1 DEBUG=1 BUILD: Doing 'make -j8' parallel build CC builtin-trace.o LD perf-in.o LINK perf /usr/bin/ld: perf-in.o: in function `trace__find_bpf_map_by_name': /home/jolsa/kernel/linux-perf/tools/perf/builtin-trace.c:4608: undefined reference to `bpf_object__find_map_by_name' collect2: error: ld returned 1 exit status make[2]: *** [Makefile.perf:631: perf] Error 1 make[1]: *** [Makefile.perf:225: sub-make] Error 2 make: *** [Makefile:70: all] Error 2 Move trace__find_bpf_map_by_name calls under HAVE_LIBBPF_SUPPORT ifdef and add make test for this. Committer notes: Add missing: run += make_no_libbpf_DEBUG Signed-off-by: Jiri Olsa Tested-by: Arnaldo Carvalho de Melo Cc: Alexander Shishkin Cc: Michael Petlan Cc: Namhyung Kim Cc: Peter Zijlstra Link: http://lore.kernel.org/lkml/20200518141027.3765877-1-jolsa@kernel.org Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/builtin-trace.c | 54 +++++++++++++++++++++++++++++-----------------; tools/perf/tests/make | 2 ++; 2 files changed, 36 insertions(+), 20 deletions(-)","Fix compilation error in perf trace by conditionally including BPF map calls under HAVE_LIBBPF_SUPPORT.","compilation,NO_LIBBPF,trace","A bug fix. It primarily resolves a bug or issue in the code.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"e12a89ef73b227e9f56c41502aefcee59fd2a05b","e12a89ef73b227e9f56c41502aefcee59fd2a05b","Jiri Olsa","jolsa@kernel.org","1589286190","Arnaldo Carvalho de Melo","acme@redhat.com","1590671006","91358834fa8cc5297aa89120fb8f794a7d3782df","b027cc6fdf1bb41f4572e99e96ff95bbf8cb5783","perf tools: Fix is_bpf_image function logic Adrian reported that is_bpf_image is not working the way it was intended - passing on trampolines and dispatcher names. Instead it returned true for all the bpf names. The reason even this logic worked properly is that all bpf objects, even trampolines and dispatcher, were assigned DSO_BINARY_TYPE__BPF_IMAGE binary_type. The later for bpf_prog objects, the binary_type was fixed in bpf load event processing, which is executed after the ksymbol code. Fixing the is_bpf_image logic, so it properly recognizes trampoline and dispatcher objects. Fixes: 3c29d4483e85 (""perf annotate: Add basic support for bpf_image"") Reported-by: Adrian Hunter Signed-off-by: Jiri Olsa Cc: Alexander Shishkin Cc: Michael Petlan Cc: Namhyung Kim Cc: Peter Zijlstra Link: http://lore.kernel.org/lkml/20200512122310.3154754-1-jolsa@kernel.org Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/util/machine.c | 4 ++--; 1 file changed, 2 insertions(+), 2 deletions(-)","Fix the logic of is_bpf_image function to correctly identify trampoline and dispatcher objects.","perf,bpf,trampolines","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"3301f6ae2d4cb396ae0c103329a5680d14f7a5c6","3301f6ae2d4cb396ae0c103329a5680d14f7a5c6","Linus Torvalds","torvalds@linux-foundation.org","1590602299","Linus Torvalds","torvalds@linux-foundation.org","1590602299","83b63cc5c0063392de969fe3d05b07f53da0c0d8","006f38a1c3dcbe237a75e725fe457bd59cb489c4 eec8fd0277e37cf447b88c6be181e81df867bcf1","Merge branch 'for-5.7-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup Pull cgroup fixes from Tejun Heo: - Reverted stricter synchronization for cgroup recursive stats which was prepping it for event counter usage which never got merged. The change was causing performation regressions in some cases. - Restore bpf-based device-cgroup operation even when cgroup1 device cgroup is disabled. - An out-param init fix. * 'for-5.7-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/cgroup: device_cgroup: Cleanup cgroup eBPF device filter code xattr: fix uninitialized out-param Revert ""cgroup: Add memory barriers to plug cgroup_rstat_updated() race window""","","This commit merges cgroup fixes including BPF-related device filter code cleanup and performance-related reversions.","cgroup,BPF,fixes","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"b16a87d0aef7a6be766f6618976dc5ff2c689291","b16a87d0aef7a6be766f6618976dc5ff2c689291","Björn Töpel","bjorn.topel@intel.com","1590393839","Daniel Borkmann","daniel@iogearbox.net","1590444360","f11fe5d40a3ad84d2fa05b301c0484282f9dbe40","d04322a0da1e86aedaa322ce933cfb8c0191d1eb","xsk: Add overflow check for u64 division, stored into u32 The npgs member of struct xdp_umem is an u32 entity, and stores the number of pages the UMEM consumes. The calculation of npgs npgs = size / PAGE_SIZE can overflow. To avoid overflow scenarios, the division is now first stored in a u64, and the result is verified to fit into 32b. An alternative would be storing the npgs as a u64, however, this wastes memory and is an unrealisticly large packet area. Fixes: c0c77d8fb787 (""xsk: add user memory registration support sockopt"") Reported-by: ""Minh Bùi Quang"" Signed-off-by: Björn Töpel Signed-off-by: Daniel Borkmann Acked-by: Jonathan Lemon Link: https://lore.kernel.org/bpf/CACtPs=GGvV-_Yj6rbpzTVnopgi5nhMoCcTkSkYrJHGQHJWFZMQ@mail.gmail.com/ Link: https://lore.kernel.org/bpf/20200525080400.13195-1-bjorn.topel@gmail.com","net/xdp/xdp_umem.c | 8 ++++++--; 1 file changed, 6 insertions(+), 2 deletions(-)","Add overflow check for division in XDP socket to safely store u64 result into u32.","overflow,division,xdp","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"9f64fbdb774838db1445268fa8c46041fb1c28ab","9f64fbdb774838db1445268fa8c46041fb1c28ab","Valdis Kl ē tnieks","valdis.kletnieks@vt.edu","1588999639","Masahiro Yamada","masahiroy@kernel.org","1590418996","4520331e28e7fe3514aae0b840235782c984825e","6ce16f2bc879fb8943d2165f81862c6f89ec1b77","bpfilter: document build requirements for bpfilter_umh It's not intuitively obvious that bpfilter_umh is a statically linked binary. Mention the toolchain requirement in the Kconfig help, so people have an easier time figuring out what's needed. Signed-off-by: Valdis Kletnieks Signed-off-by: Masahiro Yamada ","net/bpfilter/Kconfig | 4 ++++; 1 file changed, 4 insertions(+)","This commit updates the Kconfig to document build requirements for the bpfilter_umh binary.","bpfilter Kconfig toolchain","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"a152b85984a03e7f83b9d8bcf908c29597d898fc","a152b85984a03e7f83b9d8bcf908c29597d898fc","David S. Miller","davem@davemloft.net","1590197434","David S. Miller","davem@davemloft.net","1590197434","7269af03a60dc0df32f75998e8badc317c00c182","1e6a705266409e0dbe020ac10107d265b73e5ca9 a5dfaa2ab94057dd75c7911143482a0a85593c14","Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next Daniel Borkmann says: ==================== pull-request: bpf-next 2020-05-23 The following pull-request contains BPF updates for your *net-next* tree. We've added 50 non-merge commits during the last 8 day(s) which contain a total of 109 files changed, 2776 insertions(+), 2887 deletions(-). The main changes are: 1) Add a new AF_XDP buffer allocation API to the core in order to help lowering the bar for drivers adopting AF_XDP support. i40e, ice, ixgbe as well as mlx5 have been moved over to the new API and also gained a small improvement in performance, from Björn Töpel and Magnus Karlsson. 2) Add getpeername()/getsockname() attach types for BPF sock_addr programs in order to allow for e.g. reverse translation of load-balancer backend to service address/port tuple from a connected peer, from Daniel Borkmann. 3) Improve the BPF verifier is_branch_taken() logic to evaluate pointers being non-NULL, e.g. if after an initial test another non-NULL test on that pointer follows in a given path, then it can be pruned right away, from John Fastabend. 4) Larger rework of BPF sockmap selftests to make output easier to understand and to reduce overall runtime as well as adding new BPF kTLS selftests that run in combination with sockmap, also from John Fastabend. 5) Batch of misc updates to BPF selftests including fixing up test_align to match verifier output again and moving it under test_progs, allowing bpf_iter selftest to compile on machines with older vmlinux.h, and updating config options for lirc and v6 segment routing helpers, from Stanislav Fomichev, Andrii Nakryiko and Alan Maguire. 6) Conversion of BPF tracing samples outdated internal BPF loader to use libbpf API instead, from Daniel T. Lee. 7) Follow-up to BPF kernel test infrastructure in order to fix a flake in the XDP selftests, from Jesper Dangaard Brouer. 8) Minor improvements to libbpf's internal hashmap implementation, from Ian Rogers. ==================== Signed-off-by: David S. Miller ","","This merge commit incorporates various BPF updates including AF_XDP API enhancements, sock_addr program types, and BPF verifier improvements from multiple contributors.","BPF,merge,update","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"a5dfaa2ab94057dd75c7911143482a0a85593c14","a5dfaa2ab94057dd75c7911143482a0a85593c14","Alan Maguire","alan.maguire@oracle.com","1590147389","Daniel Borkmann","daniel@iogearbox.net","1590189151","e561c90e0db4de497b02683a70a25cbee3bfc59d","3c8e8cf4b18b3a7034fab4c4504fc4b54e4b6195","selftests/bpf: CONFIG_LIRC required for test_lirc_mode2.sh test_lirc_mode2.sh assumes presence of /sys/class/rc/rc0/lirc*/uevent which will not be present unless CONFIG_LIRC=y Fixes: 6bdd533cee9a (""bpf: add selftest for lirc_mode2 type program"") Signed-off-by: Alan Maguire Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/1590147389-26482-3-git-send-email-alan.maguire@oracle.com","tools/testing/selftests/bpf/config | 1 +; 1 file changed, 1 insertion(+)","The commit requires CONFIG_LIRC for test_lirc_mode2.sh to run successfully in BPF self-tests.","CONFIG_LIRC,test_lirc_mode2,selftests","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"3c8e8cf4b18b3a7034fab4c4504fc4b54e4b6195","3c8e8cf4b18b3a7034fab4c4504fc4b54e4b6195","Alan Maguire","alan.maguire@oracle.com","1590147388","Daniel Borkmann","daniel@iogearbox.net","1590189151","a00080f674f1ea8adc4bc4ec0f7a414720ce8b83","6736aa793c2b5fb6c64884d2623c66aa1b9bfa92","selftests/bpf: CONFIG_IPV6_SEG6_BPF required for test_seg6_loop.o test_seg6_loop.o uses the helper bpf_lwt_seg6_adjust_srh(); it will not be present if CONFIG_IPV6_SEG6_BPF is not specified. Fixes: b061017f8b4d (""selftests/bpf: add realistic loop tests"") Signed-off-by: Alan Maguire Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/1590147389-26482-2-git-send-email-alan.maguire@oracle.com","tools/testing/selftests/bpf/config | 1 +; 1 file changed, 1 insertion(+)","This commit adds a configuration requirement for IPv6 Segment Routing in eBPF selftests.","selftests,bpf,CONFIG_IPV6","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"6736aa793c2b5fb6c64884d2623c66aa1b9bfa92","6736aa793c2b5fb6c64884d2623c66aa1b9bfa92","Alan Maguire","alan.maguire@oracle.com","1590146674","Daniel Borkmann","daniel@iogearbox.net","1590189069","fea0c9068a26815e7d58e1388a6e05be38a50a2e","29ae90d221755c7ddb3b7e4de2a73f76a4fdd500","selftests/bpf: Add general instructions for test execution Getting a clean BPF selftests run involves ensuring latest trunk LLVM/clang are used, pahole is recent (>=1.16) and config matches the specified config file as closely as possible. Add to bpf_devel_QA.rst and point tools/testing/selftests/bpf/README.rst to it. Signed-off-by: Alan Maguire Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/1590146674-25485-1-git-send-email-alan.maguire@oracle.com","Documentation/bpf/bpf_devel_QA.rst | 15 +++++++++++++++; tools/testing/selftests/bpf/README.rst | 2 ++; 2 files changed, 17 insertions(+)","Added general instructions for executing BPF selftests to improve testing documentation.","selftests,LLVM,documentation","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"d3b968bc2dee06a88682d035a0fde8bf77af39b9","d3b968bc2dee06a88682d035a0fde8bf77af39b9","David S. Miller","davem@davemloft.net","1590183335","David S. Miller","davem@davemloft.net","1590183335","2cd5e308629564bb49756516568f819781f69539","b4024c9e5c57902155d3b5e7de482e245f492bff 5cf65922bb15279402e1e19b5ee8c51d618fa51f","Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf Daniel Borkmann says: ==================== pull-request: bpf 2020-05-22 The following pull-request contains BPF updates for your *net* tree. We've added 3 non-merge commits during the last 3 day(s) which contain a total of 5 files changed, 69 insertions(+), 11 deletions(-). The main changes are: 1) Fix to reject mmap()'ing read-only array maps as writable since BPF verifier relies on such map content to be frozen, from Andrii Nakryiko. 2) Fix breaking audit from secid_to_secctx() LSM hook by avoiding to use call_int_hook() since this hook is not stackable, from KP Singh. 3) Fix BPF flow dissector program ref leak on netns cleanup, from Jakub Sitnicki. ==================== Signed-off-by: David S. Miller ","","This commit merges multiple fixes into the BPF subsystem addressing issues with mmap, audit hooks, and flow dissector programs.","mmap,security,dissector","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events."", 'Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', 'LSM type related programs. It relates to eBPF programs used with Linux Security Modules (LSMs) for security enhancements.']" +"5cf65922bb15279402e1e19b5ee8c51d618fa51f","5cf65922bb15279402e1e19b5ee8c51d618fa51f","Jakub Sitnicki","jakub@cloudflare.com","1590050075","Alexei Starovoitov","ast@kernel.org","1590108765","1e1ec83eaedcf0e2e973f9cf32d37de8fb8e3264","dfeb376dd4cb2c5004aeb625e2475f58a5ff2ea7","flow_dissector: Drop BPF flow dissector prog ref on netns cleanup When attaching a flow dissector program to a network namespace with bpf(BPF_PROG_ATTACH, ...) we grab a reference to bpf_prog. If netns gets destroyed while a flow dissector is still attached, and there are no other references to the prog, we leak the reference and the program remains loaded. Leak can be reproduced by running flow dissector tests from selftests/bpf: # bpftool prog list # ./test_flow_dissector.sh ... selftests: test_flow_dissector [PASS] # bpftool prog list 4: flow_dissector name _dissect tag e314084d332a5338 gpl loaded_at 2020-05-20T18:50:53+0200 uid 0 xlated 552B jited 355B memlock 4096B map_ids 3,4 btf_id 4 # Fix it by detaching the flow dissector program when netns is going away. Fixes: d58e468b1112 (""flow_dissector: implements flow dissector BPF hook"") Signed-off-by: Jakub Sitnicki Signed-off-by: Alexei Starovoitov Reviewed-by: Stanislav Fomichev Link: https://lore.kernel.org/bpf/20200521083435.560256-1-jakub@cloudflare.com","net/core/flow_dissector.c | 26 +++++++++++++++++++++-----; 1 file changed, 21 insertions(+), 5 deletions(-)","This commit addresses a memory leak by detaching the BPF flow dissector upon network namespace destruction.","flow dissector, netns cleanup, BPF","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","[""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"d844a71bff0fd899146e5981ec44b618afd17d83","d844a71bff0fd899146e5981ec44b618afd17d83","John Fastabend","john.fastabend@gmail.com","1590091706","Alexei Starovoitov","ast@kernel.org","1590108265","26ac9a5812fa137c7ba21cf91a1f083ba39dbd67","f9b16ec0eeb75337aef38954a4066e6eecd7cfe5","bpf: Selftests, add printk to test_sk_lookup_kern to encode null ptr check Adding a printk to test_sk_lookup_kern created the reported failure where a pointer type is checked twice for NULL. Lets add it to the progs test test_sk_lookup_kern.c so we test the case from C all the way into the verifier. We already have printk's in selftests so seems OK to add another one. Signed-off-by: John Fastabend Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/159009170603.6313.1715279795045285176.stgit@john-Precision-5820-Tower","tools/testing/selftests/bpf/progs/test_sk_lookup_kern.c | 1 +; 1 file changed, 1 insertion(+)","Adds a printk to selftests in test_sk_lookup_kern for null pointer verification.","printk,selftests,null","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"f9b16ec0eeb75337aef38954a4066e6eecd7cfe5","f9b16ec0eeb75337aef38954a4066e6eecd7cfe5","John Fastabend","john.fastabend@gmail.com","1590091686","Alexei Starovoitov","ast@kernel.org","1590108265","3358afdf6dfb99ab7c596fd19c9f0452633bbdfc","c72b5cbb09bd76634b8d19695db2219964e24128","bpf: Selftests, verifier case for non null pointer map value branch When we have pointer type that is known to be non-null we only follow the non-null branch. This adds tests to cover the map_value pointer returned from a map lookup. To force an error if both branches are followed we do an ALU op on R10. Signed-off-by: John Fastabend Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/159009168650.6313.7434084136067263554.stgit@john-Precision-5820-Tower","tools/testing/selftests/bpf/verifier/value_or_null.c | 19 +++++++++++++++++++; 1 file changed, 19 insertions(+)","The commit adds a selftest to verify non-null pointer handling in eBPF map value branches.","selftests,verifier,pointer","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"c72b5cbb09bd76634b8d19695db2219964e24128","c72b5cbb09bd76634b8d19695db2219964e24128","John Fastabend","john.fastabend@gmail.com","1590091666","Alexei Starovoitov","ast@kernel.org","1590108265","6cb646f61e25e65cde2356d79c94a984c38a7512","cac616db39c207dc63465a4e05c6ce0e60b2cce4","bpf: Selftests, verifier case for non null pointer check branch taken When we have pointer type that is known to be non-null and comparing against zero we only follow the non-null branch. This adds tests to cover this case for reference tracking. Also add the other case when comparison against a non-zero value and ensure we still fail with unreleased reference. Signed-off-by: John Fastabend Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/159009166599.6313.1593680633787453767.stgit@john-Precision-5820-Tower",".../testing/selftests/bpf/verifier/ref_tracking.c | 33 ++++++++++++++++++++++; 1 file changed, 33 insertions(+)","This commit adds selftests for non-null pointer checks in eBPF verifier reference tracking.","selftests, verifier, reference","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"cac616db39c207dc63465a4e05c6ce0e60b2cce4","cac616db39c207dc63465a4e05c6ce0e60b2cce4","John Fastabend","john.fastabend@gmail.com","1590091646","Alexei Starovoitov","ast@kernel.org","1590108265","80ab0bbd886e284c85778fd97463ac3fa3ba0b07","79917b242c3fe0d89e4752bc25ffef4574c2194b","bpf: Verifier track null pointer branch_taken with JNE and JEQ Currently, when considering the branches that may be taken for a jump instruction if the register being compared is a pointer the verifier assumes both branches may be taken. But, if the jump instruction is comparing if a pointer is NULL we have this information in the verifier encoded in the reg->type so we can do better in these cases. Specifically, these two common cases can be handled. * If the instruction is BPF_JEQ and we are comparing against a zero value. This test is 'if ptr == 0 goto +X' then using the type information in reg->type we can decide if the ptr is not null. This allows us to avoid pushing both branches onto the stack and instead only use the != 0 case. For example PTR_TO_SOCK and PTR_TO_SOCK_OR_NULL encode the null pointer. Note if the type is PTR_TO_SOCK_OR_NULL we can not learn anything. And also if the value is non-zero we learn nothing because it could be any arbitrary value a different pointer for example * If the instruction is BPF_JNE and ware comparing against a zero value then a similar analysis as above can be done. The test in asm looks like 'if ptr != 0 goto +X'. Again using the type information if the non null type is set (from above PTR_TO_SOCK) we know the jump is taken. In this patch we extend is_branch_taken() to consider this extra information and to return only the branch that will be taken. This resolves a verifier issue reported with C code like the following. See progs/test_sk_lookup_kern.c in selftests. sk = bpf_sk_lookup_tcp(skb, tuple, tuple_len, BPF_F_CURRENT_NETNS, 0); bpf_printk(""sk=%d\n"", sk ? 1 : 0); if (sk) bpf_sk_release(sk); return sk ? TC_ACT_OK : TC_ACT_UNSPEC; In the above the bpf_printk() will resolve the pointer from PTR_TO_SOCK_OR_NULL to PTR_TO_SOCK. Then the second test guarding the release will cause the verifier to walk both paths resulting in the an unreleased sock reference. See verifier/ref_tracking.c in selftests for an assembly version of the above. After the above additional logic is added the C code above passes as expected. Reported-by: Andrey Ignatov Suggested-by: Alexei Starovoitov Signed-off-by: John Fastabend Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/159009164651.6313.380418298578070501.stgit@john-Precision-5820-Tower","kernel/bpf/verifier.c | 36 +++++++++++++++++++++++++++++++++---; 1 file changed, 33 insertions(+), 3 deletions(-)","Enhance eBPF verifier to better handle branches involving null pointer comparisons.","verifier,null pointers,branches","A bug fix. It primarily resolves a bug or issue in the code.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"79917b242c3fe0d89e4752bc25ffef4574c2194b","79917b242c3fe0d89e4752bc25ffef4574c2194b","Alexei Starovoitov","ast@kernel.org","1590107487","Alexei Starovoitov","ast@kernel.org","1590107495","2660974ad18b310dada45d930fb7c0ea0cbeedf6","dda18a5c0b75461d1ed228f80b59c67434b8d601 28bee21dc04b39e587af3b68938e68caed02d552","Merge branch 'af_xdp-common-alloc' Björn Töpel says: ==================== Overview ======== Driver adoption for AF_XDP has been slow. The amount of code required to proper support AF_XDP is substantial and the driver/core APIs are vague or even non-existing. Drivers have to manually adjust data offsets, updating AF_XDP handles differently for different modes (aligned/unaligned). This series attempts to improve the situation by introducing an AF_XDP buffer allocation API. The implementation is based on a single core (single producer/consumer) buffer pool for the AF_XDP UMEM. A buffer is allocated using the xsk_buff_alloc() function, and returned using xsk_buff_free(). If a buffer is disassociated with the pool, e.g. when a buffer is passed to an AF_XDP socket, a buffer is said to be released. Currently, the release function is only used by the AF_XDP internals and not visible to the driver. Drivers using this API should register the XDP memory model with the new MEM_TYPE_XSK_BUFF_POOL type, which will supersede the MEM_TYPE_ZERO_COPY type. The buffer type is struct xdp_buff, and follows the lifetime of regular xdp_buffs, i.e. the lifetime of an xdp_buff is restricted to a NAPI context. In other words, the API is not replacing xdp_frames. DMA mapping/synching is folded into the buffer handling as well. @JeffK The Intel drivers changes should go through the bpf-next tree, and not your regular Intel tree, since multiple (non-Intel) drivers are affected. The outline of the series is as following: Patch 1 is a fix for xsk_umem_xdp_frame_sz(). Patch 2 to 4 are restructures/clean ups. The XSKMAP implementation is moved to net/xdp/. Functions/defines/enums that are only used by the AF_XDP internals are moved from the global include/net/xdp_sock.h to net/xdp/xsk.h. We are also introducing a new ""driver include file"", include/net/xdp_sock_drv.h, which is the only file NIC driver developers adding AF_XDP zero-copy support should care about. Patch 5 adds the new API, and migrates the ""copy-mode""/skb-mode AF_XDP path to the new API. Patch 6 to 11 migrates the existing zero-copy drivers to the new API. Patch 12 removes the MEM_TYPE_ZERO_COPY memory type, and the ""handle"" member of struct xdp_buff. Patch 13 simplifies the xdp_return_{frame,frame_rx_napi,buff} functions. Patch 14 is a performance patch, where some functions are inlined. Finally, patch 15 updates the MAINTAINERS file to correctly mirror the new file layout. Note that this series removes the ""handle"" member from struct xdp_buff, which reduces the xdp_buff size. After this series, the diff stat of drivers/net/ is: 27 files changed, 419 insertions(+), 1288 deletions(-) This series is a first step of simplifying the driver side of AF_XDP. I think more of the AF_XDP logic can be moved from the drivers to the AF_XDP core, e.g. the ""need wakeup"" set/clear functionality. Statistics when allocation fails can now be added to the socket statistics via the XDP_STATISTICS getsockopt(). This will be added in a follow up series. Performance =========== As a nice side effect, performance is up a bit as well. * i40e: 3% higher pps for rxdrop, zero-copy, aligned and unaligned (40 GbE, 64B packets). * mlx5: RX +0.8 Mpps, TX +0.4 Mpps Changelog ========= v4->v5: * Fix various kdoc and GCC warnings (W=1). (Jakub) v3->v4: * mlx5: Remove unused variable num_xsk_frames. (Jakub) * i40e: Made i40e_fd_handle_status() static. (kbuild test robot) v2->v3: * Added xsk_umem_xdp_frame_sz() fix to the series. (Björn) * Initialize struct xdp_buff member frame_sz. (Björn) * Add API to query the DMA address of a frame. (Maxim) * Do DMA sync for CPU till the end of the frame to handle possible growth (frame_sz). (Maxim) * mlx5: Handle frame_sz, use xsk_buff_xdp_get_frame_dma, use xsk_buff API for DMA sync on TX, add performance numbers. (Maxim) v1->v2: * mlx5: Fix DMA address handling, set XDP metadata to invalid. (Maxim) * ixgbe: Fixed xdp_buff data_end update. (Björn) * Swapped SoBs in patch 4. (Maxim) rfc->v1: * Fixed build errors/warnings for m68k and riscv. (kbuild test robot) * Added headroom/chunk size getter. (Maxim/Björn) * mlx5: Put back the sanity check for XSK params, use XSK API to get the total headroom size. (Maxim) * Fixed spelling in commit message. (Björn) * Make sure xp_validate_desc() is inlined for Tx perf. (Maxim) * Sorted file entries. (Joe) * Added xdp_return_{frame,frame_rx_napi,buff} simplification (Björn) Thanks for all the comments/input/help! ==================== Signed-off-by: Alexei Starovoitov ","","The commit merges changes introducing an AF_XDP buffer allocation API to improve driver adoption and performance.","AF_XDP,buffer allocation,driver","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', 'Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"28bee21dc04b39e587af3b68938e68caed02d552","28bee21dc04b39e587af3b68938e68caed02d552","Björn Töpel","bjorn.topel@intel.com","1590002463","Alexei Starovoitov","ast@kernel.org","1590107487","2660974ad18b310dada45d930fb7c0ea0cbeedf6","26062b185eee49142adc45f9aa187d909d02d961","MAINTAINERS, xsk: Update AF_XDP section after moves/adds Update MAINTAINERS to correctly mirror the current AF_XDP socket file layout. Also, add the AF_XDP files of libbpf. rfc->v1: Sorted file entries. (Joe) Signed-off-by: Björn Töpel Signed-off-by: Alexei Starovoitov Cc: Joe Perches Link: https://lore.kernel.org/bpf/20200520192103.355233-16-bjorn.topel@gmail.com","MAINTAINERS | 6 +++++-; 1 file changed, 5 insertions(+), 1 deletion(-)","Update MAINTAINERS file to reflect AF_XDP and libbpf file changes.","MAINTAINERS, AF_XDP, libbpf","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"26062b185eee49142adc45f9aa187d909d02d961","26062b185eee49142adc45f9aa187d909d02d961","Björn Töpel","bjorn.topel@intel.com","1590002462","Alexei Starovoitov","ast@kernel.org","1590107487","1d73827201d1c000c6c0381b199c9521c04214a6","82c41671ca4f597b6ff05bd5d118161deec26e07","xsk: Explicitly inline functions and move definitions In order to reduce the number of function calls, the struct xsk_buff_pool definition is moved to xsk_buff_pool.h. The functions xp_get_dma(), xp_dma_sync_for_cpu(), xp_dma_sync_for_device(), xp_validate_desc() and various helper functions are explicitly inlined. Further, move xp_get_handle() and xp_release() to xsk.c, to allow for the compiler to perform inlining. rfc->v1: Make sure xp_validate_desc() is inlined for Tx perf. (Maxim) Signed-off-by: Björn Töpel Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200520192103.355233-15-bjorn.topel@gmail.com","include/net/xsk_buff_pool.h | 98 ++++++++++++++++++++++++++---; net/xdp/xsk.c | 15 +++++; net/xdp/xsk_buff_pool.c | 148 ++------------------------------------------; net/xdp/xsk_queue.h | 45 ++++++++++++++; 4 files changed, 156 insertions(+), 150 deletions(-)","The commit enhances XDP by inlining functions in xsk_buff_pool to improve performance and restructure definitions for better optimization.","inline, xsk, performance","A performance optimization. It improves the performance of existing code such as reducing latency or improving throughput.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"82c41671ca4f597b6ff05bd5d118161deec26e07","82c41671ca4f597b6ff05bd5d118161deec26e07","Björn Töpel","bjorn.topel@intel.com","1590002461","Alexei Starovoitov","ast@kernel.org","1590107487","6bd0694fc24467e3828c350356bd38391079f8cb","0807892ecb35734b7ce6f7c29b078f1b60151c94","xdp: Simplify xdp_return_{frame, frame_rx_napi, buff} The xdp_return_{frame,frame_rx_napi,buff} function are never used, except in xdp_convert_zc_to_xdp_frame(), by the MEM_TYPE_XSK_BUFF_POOL memory type. To simplify and reduce code, change so that xdp_convert_zc_to_xdp_frame() calls xsk_buff_free() directly since the type is know, and remove MEM_TYPE_XSK_BUFF_POOL from the switch statement in __xdp_return() function. Suggested-by: Maxim Mikityanskiy Signed-off-by: Björn Töpel Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200520192103.355233-14-bjorn.topel@gmail.com","net/core/xdp.c | 21 +++++++++------------; 1 file changed, 9 insertions(+), 12 deletions(-)","Simplifies and removes unused xdp_return functions related to MEM_TYPE_XSK_BUFF_POOL in the net/core/xdp.c file.","simplify,xdp,functions","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"0807892ecb35734b7ce6f7c29b078f1b60151c94","0807892ecb35734b7ce6f7c29b078f1b60151c94","Björn Töpel","bjorn.topel@intel.com","1590002460","Alexei Starovoitov","ast@kernel.org","1590107487","6cea7b5ea63776286d6d7efb3534c12d1f588dd8","39d6443c8daf9fefcfcf89de7ae87240956a0b84","xsk: Remove MEM_TYPE_ZERO_COPY and corresponding code There are no users of MEM_TYPE_ZERO_COPY. Remove all corresponding code, including the ""handle"" member of struct xdp_buff. rfc->v1: Fixed spelling in commit message. (Björn) Signed-off-by: Björn Töpel Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200520192103.355233-13-bjorn.topel@gmail.com","drivers/net/hyperv/netvsc_bpf.c | 1 -; include/net/xdp.h | 9 +--; include/net/xdp_sock.h | 45 ------------; include/net/xdp_sock_drv.h | 149 ----------------------------------------; include/trace/events/xdp.h | 1 -; net/core/xdp.c | 42 ++---------; net/xdp/xdp_umem.c | 56 +--------------; net/xdp/xsk.c | 48 +------------; net/xdp/xsk_buff_pool.c | 7 ++; net/xdp/xsk_queue.c | 62 -----------------; net/xdp/xsk_queue.h | 105 ----------------------------; 11 files changed, 15 insertions(+), 510 deletions(-)","The commit removes unused MEM_TYPE_ZERO_COPY code and related xdp_buff structure member from various network driver files.","MEM_TYPE_ZERO_COPY,xdp_buff,remove","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', 'Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"39d6443c8daf9fefcfcf89de7ae87240956a0b84","39d6443c8daf9fefcfcf89de7ae87240956a0b84","Björn Töpel","bjorn.topel@intel.com","1590002459","Alexei Starovoitov","ast@kernel.org","1590107487","e42dfb8274fa542b0e014ed8a68fd467516b8055","7117132b22538d24728295ffafa183a0a782fe03","mlx5, xsk: Migrate to new MEM_TYPE_XSK_BUFF_POOL Use the new MEM_TYPE_XSK_BUFF_POOL API in lieu of MEM_TYPE_ZERO_COPY in mlx5e. It allows to drop a lot of code from the driver (which is now common in AF_XDP core and was related to XSK RX frame allocation, DMA mapping, etc.) and slightly improve performance (RX +0.8 Mpps, TX +0.4 Mpps). rfc->v1: Put back the sanity check for XSK params, use XSK API to get the total headroom size. (Maxim) v1->v2: Fix DMA address handling, set XDP metadata to invalid. (Maxim) v2->v3: Handle frame_sz, use xsk_buff_xdp_get_frame_dma, use xsk_buff API for DMA sync on TX, add performance numbers. (Maxim) v3->v4: Remove unused variable num_xsk_frames. (Jakub) Signed-off-by: Björn Töpel Signed-off-by: Maxim Mikityanskiy Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200520192103.355233-12-bjorn.topel@gmail.com","drivers/net/ethernet/mellanox/mlx5/core/en.h | 7 +-; .../net/ethernet/mellanox/mlx5/core/en/params.c | 13 +--; drivers/net/ethernet/mellanox/mlx5/core/en/xdp.c | 31 ++----; drivers/net/ethernet/mellanox/mlx5/core/en/xdp.h | 2 +-; .../net/ethernet/mellanox/mlx5/core/en/xsk/rx.c | 113 ++++-----------------; .../net/ethernet/mellanox/mlx5/core/en/xsk/rx.h | 23 +++--; .../net/ethernet/mellanox/mlx5/core/en/xsk/tx.c | 9 +-; .../net/ethernet/mellanox/mlx5/core/en/xsk/umem.c | 49 ++-------; drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 25 +----; drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 34 ++++++-; 10 files changed, 96 insertions(+), 210 deletions(-)","This commit migrates the mlx5 driver to the new MEM_TYPE_XSK_BUFF_POOL for code simplification and improved performance.","mlx5,XSK,MEM_TYPE_XSK_BUFF_POOL","A performance optimization. It improves the performance of existing code such as reducing latency or improving throughput.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"7117132b22538d24728295ffafa183a0a782fe03","7117132b22538d24728295ffafa183a0a782fe03","Björn Töpel","bjorn.topel@intel.com","1590002458","Alexei Starovoitov","ast@kernel.org","1590107487","f8876636f26abaadcac06f08b0296b13e9cbc1cd","175fc430670be92c00317b9aada8bf39b47b717e","ixgbe, xsk: Migrate to new MEM_TYPE_XSK_BUFF_POOL Remove MEM_TYPE_ZERO_COPY in favor of the new MEM_TYPE_XSK_BUFF_POOL APIs. v1->v2: Fixed xdp_buff data_end update. (Björn) Signed-off-by: Björn Töpel Signed-off-by: Alexei Starovoitov Cc: intel-wired-lan@lists.osuosl.org Link: https://lore.kernel.org/bpf/20200520192103.355233-11-bjorn.topel@gmail.com","drivers/net/ethernet/intel/ixgbe/ixgbe.h | 9 +-; drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 15 +-; .../net/ethernet/intel/ixgbe/ixgbe_txrx_common.h | 2 +-; drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 307 ++++-----------------; 4 files changed, 62 insertions(+), 271 deletions(-)","The commit updates ixgbe and xsk modules to use MEM_TYPE_XSK_BUFF_POOL APIs instead of MEM_TYPE_ZERO_COPY, improving memory handling.","ixgbe,XSK,MEM_TYPE","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"175fc430670be92c00317b9aada8bf39b47b717e","175fc430670be92c00317b9aada8bf39b47b717e","Björn Töpel","bjorn.topel@intel.com","1590002457","Alexei Starovoitov","ast@kernel.org","1590107486","69ced983bb5258ace5cd5877680525d0d1936e76","3b4f0b66c2b3dceea01bd26efa8c4c6f01b4961f","ice, xsk: Migrate to new MEM_TYPE_XSK_BUFF_POOL Remove MEM_TYPE_ZERO_COPY in favor of the new MEM_TYPE_XSK_BUFF_POOL APIs. v4->v5: Fixed ""warning: Excess function parameter 'alloc' description in 'ice_alloc_rx_bufs_zc'"" and ""warning: Excess function parameter 'xdp' description in 'ice_construct_skb_zc'"". (Jakub) Signed-off-by: Maciej Fijalkowski Signed-off-by: Björn Töpel Signed-off-by: Alexei Starovoitov Cc: intel-wired-lan@lists.osuosl.org Link: https://lore.kernel.org/bpf/20200520192103.355233-10-bjorn.topel@gmail.com","drivers/net/ethernet/intel/ice/ice_base.c | 16 +-; drivers/net/ethernet/intel/ice/ice_txrx.h | 8 +-; drivers/net/ethernet/intel/ice/ice_xsk.c | 376 ++++--------------------------; drivers/net/ethernet/intel/ice/ice_xsk.h | 13 +-; 4 files changed, 54 insertions(+), 359 deletions(-)","The commit migrates Intel ice network drivers to use the MEM_TYPE_XSK_BUFF_POOL API for xsk buffer management.","ice,xsk,MEM_TYPE_XSK_BUFF_POOL","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", 'XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"3b4f0b66c2b3dceea01bd26efa8c4c6f01b4961f","3b4f0b66c2b3dceea01bd26efa8c4c6f01b4961f","Björn Töpel","bjorn.topel@intel.com","1590002456","Alexei Starovoitov","ast@kernel.org","1590107486","f432cb379637f87396e7d7237cb77891720b82b2","be1222b585fdc410b8c1dbcc57dd03a00f04eff5","i40e, xsk: Migrate to new MEM_TYPE_XSK_BUFF_POOL Remove MEM_TYPE_ZERO_COPY in favor of the new MEM_TYPE_XSK_BUFF_POOL APIs. The AF_XDP zero-copy rx_bi ring is now simply a struct xdp_buff pointer. v4->v5: Fixed ""warning: Excess function parameter 'bi' description in 'i40e_construct_skb_zc'"". (Jakub) Signed-off-by: Björn Töpel Signed-off-by: Alexei Starovoitov Cc: intel-wired-lan@lists.osuosl.org Link: https://lore.kernel.org/bpf/20200520192103.355233-9-bjorn.topel@gmail.com","drivers/net/ethernet/intel/i40e/i40e_main.c | 19 +-; drivers/net/ethernet/intel/i40e/i40e_txrx.h | 9 +-; drivers/net/ethernet/intel/i40e/i40e_xsk.c | 353 +++-------------------------; drivers/net/ethernet/intel/i40e/i40e_xsk.h | 1 -; 4 files changed, 47 insertions(+), 335 deletions(-)","The commit updates Intel i40e driver to use MEM_TYPE_XSK_BUFF_POOL for better XSK support.","i40e, XSK, MEM_TYPE_XSK_BUFF_POOL","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"be1222b585fdc410b8c1dbcc57dd03a00f04eff5","be1222b585fdc410b8c1dbcc57dd03a00f04eff5","Björn Töpel","bjorn.topel@intel.com","1590002455","Alexei Starovoitov","ast@kernel.org","1590107486","6c910bd9b103654a35ce42cce7caa26f016ed912","e1675f97367bed74d4dcfe08de9ce9b5d6b288c1","i40e: Separate kernel allocated rx_bi rings from AF_XDP rings Continuing the path to support MEM_TYPE_XSK_BUFF_POOL, the AF_XDP zero-copy/sk_buff rx_bi rings are now separate. Functions to properly allocate the different rings are added as well. v3->v4: Made i40e_fd_handle_status() static. (kbuild test robot) v4->v5: Fix kdoc for i40e_clean_programming_status(). (Jakub) Signed-off-by: Björn Töpel Signed-off-by: Alexei Starovoitov Cc: intel-wired-lan@lists.osuosl.org Link: https://lore.kernel.org/bpf/20200520192103.355233-8-bjorn.topel@gmail.com","drivers/net/ethernet/intel/i40e/i40e_main.c | 7 ++; drivers/net/ethernet/intel/i40e/i40e_txrx.c | 119 ++++++++-------------; drivers/net/ethernet/intel/i40e/i40e_txrx.h | 22 ++--; drivers/net/ethernet/intel/i40e/i40e_txrx_common.h | 40 +++++--; drivers/net/ethernet/intel/i40e/i40e_type.h | 5 +-; drivers/net/ethernet/intel/i40e/i40e_xsk.c | 74 +++++++------; drivers/net/ethernet/intel/i40e/i40e_xsk.h | 2 +; 7 files changed, 142 insertions(+), 127 deletions(-)","The commit separates AF_XDP zero-copy rings from rx_bi rings in the i40e driver and adds functions for proper allocation.","AF_XDP, zero-copy, rings","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"e1675f97367bed74d4dcfe08de9ce9b5d6b288c1","e1675f97367bed74d4dcfe08de9ce9b5d6b288c1","Björn Töpel","bjorn.topel@intel.com","1590002454","Alexei Starovoitov","ast@kernel.org","1590107486","bac046173b51d601f3fe71d30bad4bd567a23f3d","2b43470add8c8ff1e1ee28dffc5c5df97e955d09","i40e: Refactor rx_bi accesses As a first step to migrate i40e to the new MEM_TYPE_XSK_BUFF_POOL APIs, code that accesses the rx_bi (SW/shadow ring) is refactored to use an accessor function. Signed-off-by: Björn Töpel Signed-off-by: Alexei Starovoitov Cc: intel-wired-lan@lists.osuosl.org Link: https://lore.kernel.org/bpf/20200520192103.355233-7-bjorn.topel@gmail.com","drivers/net/ethernet/intel/i40e/i40e_txrx.c | 17 +++++++++++------; drivers/net/ethernet/intel/i40e/i40e_xsk.c | 18 ++++++++++++------; 2 files changed, 23 insertions(+), 12 deletions(-)","The i40e driver code is refactored to use accessor functions for rx_bi to support migration to new APIs.","i40e,refactor,accessor","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"2b43470add8c8ff1e1ee28dffc5c5df97e955d09","2b43470add8c8ff1e1ee28dffc5c5df97e955d09","Björn Töpel","bjorn.topel@intel.com","1590002453","Alexei Starovoitov","ast@kernel.org","1590107486","f2e61f5891abf48c657365a324d091cdf3922ff0","89e4a376e3a3dab639a3947a6c7cf5d461d1aa4c","xsk: Introduce AF_XDP buffer allocation API In order to simplify AF_XDP zero-copy enablement for NIC driver developers, a new AF_XDP buffer allocation API is added. The implementation is based on a single core (single producer/consumer) buffer pool for the AF_XDP UMEM. A buffer is allocated using the xsk_buff_alloc() function, and returned using xsk_buff_free(). If a buffer is disassociated with the pool, e.g. when a buffer is passed to an AF_XDP socket, a buffer is said to be released. Currently, the release function is only used by the AF_XDP internals and not visible to the driver. Drivers using this API should register the XDP memory model with the new MEM_TYPE_XSK_BUFF_POOL type. The API is defined in net/xdp_sock_drv.h. The buffer type is struct xdp_buff, and follows the lifetime of regular xdp_buffs, i.e. the lifetime of an xdp_buff is restricted to a NAPI context. In other words, the API is not replacing xdp_frames. In addition to introducing the API and implementations, the AF_XDP core is migrated to use the new APIs. rfc->v1: Fixed build errors/warnings for m68k and riscv. (kbuild test robot) Added headroom/chunk size getter. (Maxim/Björn) v1->v2: Swapped SoBs. (Maxim) v2->v3: Initialize struct xdp_buff member frame_sz. (Björn) Add API to query the DMA address of a frame. (Maxim) Do DMA sync for CPU till the end of the frame to handle possible growth (frame_sz). (Maxim) Signed-off-by: Björn Töpel Signed-off-by: Maxim Mikityanskiy Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200520192103.355233-6-bjorn.topel@gmail.com","include/net/xdp.h | 4 +-; include/net/xdp_sock.h | 2 +; include/net/xdp_sock_drv.h | 164 ++++++++++++++++; include/net/xsk_buff_pool.h | 56 ++++++; include/trace/events/xdp.h | 3 +-; net/core/xdp.c | 14 +-; net/xdp/Makefile | 1 +; net/xdp/xdp_umem.c | 19 +-; net/xdp/xsk.c | 147 +++++---------; net/xdp/xsk_buff_pool.c | 467 ++++++++++++++++++++++++++++++++++++++++++++; net/xdp/xsk_diag.c | 2 +-; net/xdp/xsk_queue.h | 59 ++++--; 12 files changed, 819 insertions(+), 119 deletions(-)","Introduces a new AF_XDP buffer allocation API for simplifying zero-copy enablement in NIC drivers.","AF_XDP, buffer, API","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', 'Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"89e4a376e3a3dab639a3947a6c7cf5d461d1aa4c","89e4a376e3a3dab639a3947a6c7cf5d461d1aa4c","Björn Töpel","bjorn.topel@intel.com","1590002452","Alexei Starovoitov","ast@kernel.org","1590107486","394e656862e6d530f0975ba246f2fa28a4f92c59","a71506a4fda92a39c8ece119876bc7ccde6d3c9d","xsk: Move defines only used by AF_XDP internals to xsk.h Move the XSK_NEXT_PG_CONTIG_{MASK,SHIFT}, and XDP_UMEM_USES_NEED_WAKEUP defines from xdp_sock.h to the AF_XDP internal xsk.h file. Also, start using the BIT{,_ULL} macro instead of explicit shifts. Signed-off-by: Björn Töpel Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200520192103.355233-5-bjorn.topel@gmail.com","include/net/xdp_sock.h | 14 --------------; net/xdp/xsk.h | 14 ++++++++++++++; net/xdp/xsk_queue.h | 2 ++; 3 files changed, 16 insertions(+), 14 deletions(-)","The commit moves certain defines used by AF_XDP internals to a dedicated header file and refactors code for readability.","AF_XDP,moves,defines","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"a71506a4fda92a39c8ece119876bc7ccde6d3c9d","a71506a4fda92a39c8ece119876bc7ccde6d3c9d","Magnus Karlsson","magnus.karlsson@intel.com","1590002451","Alexei Starovoitov","ast@kernel.org","1590107486","f250c0691192d4a2157ee7cbf1543cdd302692a3","d20a1676df7e4c3c23d73299159811a50e4854bc","xsk: Move driver interface to xdp_sock_drv.h Move the AF_XDP zero-copy driver interface to its own include file called xdp_sock_drv.h. This, hopefully, will make it more clear for NIC driver implementors to know what functions to use for zero-copy support. v4->v5: Fix -Wmissing-prototypes by include header file. (Jakub) Signed-off-by: Magnus Karlsson Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200520192103.355233-4-bjorn.topel@gmail.com","drivers/net/ethernet/intel/i40e/i40e_main.c | 2 +-; drivers/net/ethernet/intel/i40e/i40e_xsk.c | 2 +-; drivers/net/ethernet/intel/ice/ice_xsk.c | 2 +-; drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 2 +-; drivers/net/ethernet/mellanox/mlx5/core/en/xdp.c | 2 +-; .../net/ethernet/mellanox/mlx5/core/en/xsk/rx.h | 2 +-; .../net/ethernet/mellanox/mlx5/core/en/xsk/tx.h | 2 +-; .../net/ethernet/mellanox/mlx5/core/en/xsk/umem.c | 2 +-; include/net/xdp_sock.h | 214 +-------------------; include/net/xdp_sock_drv.h | 217 +++++++++++++++++++++; net/ethtool/channels.c | 2 +-; net/ethtool/ioctl.c | 2 +-; net/xdp/xdp_umem.h | 2 +-; net/xdp/xsk.c | 2 +-; net/xdp/xsk_queue.c | 1 +; 15 files changed, 238 insertions(+), 218 deletions(-)","This commit refactors the AF_XDP zero-copy driver interface into a separate header file xdp_sock_drv.h for clarity.","AF_XDP, zero-copy, refactor","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', 'Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"d20a1676df7e4c3c23d73299159811a50e4854bc","d20a1676df7e4c3c23d73299159811a50e4854bc","Björn Töpel","bjorn.topel@intel.com","1590002450","Alexei Starovoitov","ast@kernel.org","1590107486","5492329a8b772bb2e1291b680ebb5e544107364e","44ac082b30dc2a05a7e23ed7e17b5f9513873386","xsk: Move xskmap.c to net/xdp/ The XSKMAP is partly implemented by net/xdp/xsk.c. Move xskmap.c from kernel/bpf/ to net/xdp/, which is the logical place for AF_XDP related code. Also, move AF_XDP struct definitions, and function declarations only used by AF_XDP internals into net/xdp/xsk.h. Signed-off-by: Björn Töpel Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200520192103.355233-3-bjorn.topel@gmail.com","include/net/xdp_sock.h | 20 ----; kernel/bpf/Makefile | 3 -; kernel/bpf/xskmap.c | 265 ------------------------------------------------; net/xdp/Makefile | 2 +-; net/xdp/xsk.h | 16 +++; net/xdp/xskmap.c | 267 +++++++++++++++++++++++++++++++++++++++++++++++++; 6 files changed, 284 insertions(+), 289 deletions(-)","The commit relocates xskmap.c to net/xdp for better organization of AF_XDP related code.","xskmap, AF_XDP, refactoring","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"44ac082b30dc2a05a7e23ed7e17b5f9513873386","44ac082b30dc2a05a7e23ed7e17b5f9513873386","Björn Töpel","bjorn.topel@intel.com","1590002449","Alexei Starovoitov","ast@kernel.org","1590107486","c3a094687c7d6d0ebf5b5e437db42699deddea05","dda18a5c0b75461d1ed228f80b59c67434b8d601","xsk: Fix xsk_umem_xdp_frame_sz() Calculating the ""data_hard_end"" for an XDP buffer coming from AF_XDP zero-copy mode, the return value of xsk_umem_xdp_frame_sz() is added to ""data_hard_start"". Currently, the chunk size of the UMEM is returned by xsk_umem_xdp_frame_sz(). This is not correct, if the fixed UMEM headroom is non-zero. Fix this by returning the chunk_size without the UMEM headroom. Fixes: 2a637c5b1aaf (""xdp: For Intel AF_XDP drivers add XDP frame_sz"") Signed-off-by: Björn Töpel Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200520192103.355233-2-bjorn.topel@gmail.com","include/net/xdp_sock.h | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","This commit fixes the xsk_umem_xdp_frame_sz() function to correctly handle XDP buffer sizes without UMEM headroom.","xsk,umem,xdp","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', 'Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"a5534617007a1c33095db35c36b6455ee7add00b","a5534617007a1c33095db35c36b6455ee7add00b","David S. Miller","davem@davemloft.net","1590106806","David S. Miller","davem@davemloft.net","1590106825","57d5ed24720738b99f0af664b99cb6648bbc2aa9","04ba6b7dd8cadeb8ffdc4cba144024c3dad6a6ac 635d9398178659d8ddba79dd061f9451cec0b4d1","Merge branch 'net-tls-fix-encryption-error-path' Vadim Fedorenko says: ==================== net/tls: fix encryption error path The problem with data stream corruption was found in KTLS transmit path with small socket send buffers and large amount of data. bpf_exec_tx_verdict() frees open record on any type of error including EAGAIN, ENOMEM and ENOSPC while callers are able to recover this transient errors. Also wrong error code was returned to user space in that case. This patchset fixes the problems. ==================== Acked-by: Jakub Kicinski Signed-off-by: David S. Miller ","","This merge commit addresses fixes for stream corruption in the KTLS transmit path related to socket buffer sizes.","KTLS, corruption, socket","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","It's not related to any above. E.g. It affects a logic component in eBPF that is not listed here and not related to other events.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"a7bff11f6f9afa87c25711db8050c9b5324db0e2","a7bff11f6f9afa87c25711db8050c9b5324db0e2","Vadim Fedorenko","vfedorenko@novek.ru","1589964103","David S. Miller","davem@davemloft.net","1590106806","bb6a3e2bd6a20d7a822094a4998e9c34c897f206","04ba6b7dd8cadeb8ffdc4cba144024c3dad6a6ac","net/tls: fix encryption error checking bpf_exec_tx_verdict() can return negative value for copied variable. In that case this value will be pushed back to caller and the real error code will be lost. Fix it using signed type and checking for positive value. Fixes: d10523d0b3d7 (""net/tls: free the record on encryption error"") Fixes: d3b18ad31f93 (""tls: add bpf support to sk_msg handling"") Signed-off-by: Vadim Fedorenko Signed-off-by: David S. Miller ","net/tls/tls_sw.c | 11 ++++++-----; 1 file changed, 6 insertions(+), 5 deletions(-)","The commit fixes error handling in net/tls related to bpf_exec_tx_verdict's return value using the correct signed type.","fix,tls,encryption","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"dfeb376dd4cb2c5004aeb625e2475f58a5ff2ea7","dfeb376dd4cb2c5004aeb625e2475f58a5ff2ea7","Andrii Nakryiko","andriin@fb.com","1589866704","Alexei Starovoitov","ast@kernel.org","1590031313","641c6f335575c230f294743042295a404e1e3aee","0550cfe8c2c6f8e7a4c348b6603a794576db12dd","bpf: Prevent mmap()'ing read-only maps as writable As discussed in [0], it's dangerous to allow mapping BPF map, that's meant to be frozen and is read-only on BPF program side, because that allows user-space to actually store a writable view to the page even after it is frozen. This is exacerbated by BPF verifier making a strong assumption that contents of such frozen map will remain unchanged. To prevent this, disallow mapping BPF_F_RDONLY_PROG mmap()'able BPF maps as writable, ever. [0] https://lore.kernel.org/bpf/CAEf4BzYGWYhXdp6BJ7_=9OQPJxQpgug080MMjdSB72i9R+5c6g@mail.gmail.com/ Fixes: fc9702273e2e (""bpf: Add mmap() support for BPF_MAP_TYPE_ARRAY"") Suggested-by: Jann Horn Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Reviewed-by: Jann Horn Link: https://lore.kernel.org/bpf/20200519053824.1089415-1-andriin@fb.com","kernel/bpf/syscall.c | 17 ++++++++++++++---; tools/testing/selftests/bpf/prog_tests/mmap.c | 13 ++++++++++++-; tools/testing/selftests/bpf/progs/test_mmap.c | 8 ++++++++; 3 files changed, 34 insertions(+), 4 deletions(-)","The commit prevents mapping read-only eBPF maps as writable to maintain program safety.","mmap,readonly,security","A security fix. It resolves a security vulnerability or strengthens security measures.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"0550cfe8c2c6f8e7a4c348b6603a794576db12dd","0550cfe8c2c6f8e7a4c348b6603a794576db12dd","KP Singh","kpsingh@google.com","1589979376","Alexei Starovoitov","ast@kernel.org","1590030727","5d01836dd15038bed2fdd235c31d7e528e1fd9b3","20a785aa52c82246055a089e55df9dac47d67da1","security: Fix hook iteration for secid_to_secctx secid_to_secctx is not stackable, and since the BPF LSM registers this hook by default, the call_int_hook logic is not suitable which ""bails-on-fail"" and casues issues when other LSMs register this hook and eventually breaks Audit. In order to fix this, directly iterate over the security hooks instead of using call_int_hook as suggested in: https: //lore.kernel.org/bpf/9d0eb6c6-803a-ff3a-5603-9ad6d9edfc00@schaufler-ca.com/#t Fixes: 98e828a0650f (""security: Refactor declaration of LSM hooks"") Fixes: 625236ba3832 (""security: Fix the default value of secid_to_secctx hook"") Reported-by: Alexei Starovoitov Signed-off-by: KP Singh Signed-off-by: Alexei Starovoitov Acked-by: James Morris Link: https://lore.kernel.org/bpf/20200520125616.193765-1-kpsingh@chromium.org","security/security.c | 16 ++++++++++++++--; 1 file changed, 14 insertions(+), 2 deletions(-)","Fixes secid_to_secctx hook iteration to prevent issues with BPF LSM and other LSMs affecting audit.","secid_to_secctx, security, BPF","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","It's not related to any above. E.g. It affects a logic component in eBPF that is not listed here and not related to other events.","['LSM type related programs. It relates to eBPF programs used with Linux Security Modules (LSMs) for security enhancements.']" +"dda18a5c0b75461d1ed228f80b59c67434b8d601","dda18a5c0b75461d1ed228f80b59c67434b8d601","Andrii Nakryiko","andriin@fb.com","1589916221","Alexei Starovoitov","ast@kernel.org","1589922239","38e89495be47e9ab1391cd1c5ffc2e8414aa70f7","b9f4c01f3e0b06579a8074dcc8638fae89a1ca67","selftests/bpf: Convert bpf_iter_test_kern{3, 4}.c to define own bpf_iter_meta b9f4c01f3e0b (""selftest/bpf: Make bpf_iter selftest compilable against old vmlinux.h"") missed the fact that bpf_iter_test_kern{3,4}.c are not just including bpf_iter_test_kern_common.h and need similar bpf_iter_meta re-definition explicitly. Fixes: b9f4c01f3e0b (""selftest/bpf: Make bpf_iter selftest compilable against old vmlinux.h"") Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200519192341.134360-1-andriin@fb.com","tools/testing/selftests/bpf/progs/bpf_iter_test_kern3.c | 15 +++++++++++++++; tools/testing/selftests/bpf/progs/bpf_iter_test_kern4.c | 15 +++++++++++++++; 2 files changed, 30 insertions(+)","The commit updates selftests to redefine bpf_iter_meta in certain kernels for older vmlinux.h compatibility.","selftests, bpf_iter_meta, compatibility","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"b9f4c01f3e0b06579a8074dcc8638fae89a1ca67","b9f4c01f3e0b06579a8074dcc8638fae89a1ca67","Andrii Nakryiko","andriin@fb.com","1589845516","Alexei Starovoitov","ast@kernel.org","1589913709","a0208522bf9fdb6c66c0fdde5ae35a8fe52f74cb","fb53d3b63743585ce918094d6109a3865fa66e5f","selftest/bpf: Make bpf_iter selftest compilable against old vmlinux.h It's good to be able to compile bpf_iter selftest even on systems that don't have the very latest vmlinux.h, e.g., for libbpf tests against older kernels in Travis CI. To that extent, re-define bpf_iter_meta and corresponding bpf_iter context structs in each selftest. To avoid type clashes with vmlinux.h, rename vmlinux.h's definitions to get them out of the way. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Acked-by: Jesper Dangaard Brouer Link: https://lore.kernel.org/bpf/20200518234516.3915052-1-andriin@fb.com","tools/testing/selftests/bpf/progs/bpf_iter_bpf_map.c | 16 ++++++++++++++++; .../testing/selftests/bpf/progs/bpf_iter_ipv6_route.c | 16 ++++++++++++++++; tools/testing/selftests/bpf/progs/bpf_iter_netlink.c | 16 ++++++++++++++++; tools/testing/selftests/bpf/progs/bpf_iter_task.c | 16 ++++++++++++++++; tools/testing/selftests/bpf/progs/bpf_iter_task_file.c | 18 ++++++++++++++++++; .../selftests/bpf/progs/bpf_iter_test_kern_common.h | 16 ++++++++++++++++; 6 files changed, 98 insertions(+)","The commit updates bpf_iter selftests for compatibility with older kernel versions by redefining certain structures to avoid clashes.","bpf_iter,selftest,compatibility","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"fb53d3b63743585ce918094d6109a3865fa66e5f","fb53d3b63743585ce918094d6109a3865fa66e5f","Alexei Starovoitov","ast@kernel.org","1589913593","Alexei Starovoitov","ast@kernel.org","1589913593","69878f3380bbf7da6bc8205b2e50ecba3e3b00e3","0e5633acc59573994d9aca02ad1b2f3a3de44181","tools/bpf: sync bpf.h Sync tools/include/uapi/linux/bpf.h from include/uapi. Signed-off-by: Alexei Starovoitov ","tools/include/uapi/linux/bpf.h | 6 +++---; 1 file changed, 3 insertions(+), 3 deletions(-)","The commit syncs the bpf.h header file between different directories in the repository.","sync,bpf.h,header","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"0e5633acc59573994d9aca02ad1b2f3a3de44181","0e5633acc59573994d9aca02ad1b2f3a3de44181","Alexei Starovoitov","ast@kernel.org","1589913124","Alexei Starovoitov","ast@kernel.org","1589913314","55fe5f6a92563b0db505cfa422e2d2033ecdd283","d800bad67d4c21aaf11722f04e0f7547fb915ab5 566fc3f5d1c641b510ec487cf274a047f8a1e849","Merge branch 'getpeername' Daniel Borkmann says: ==================== Trivial patch to add get{peer,sock}name cgroup attach types to the BPF sock_addr programs in order to enable rewriting sockaddr structs from both calls along with libbpf and bpftool support as well as selftests. Thanks! v1 -> v2: - use __u16 for ports in start_server_with_port() signature and in expected_{local,peer} ports in the test case (Andrey) - Added both Andrii's and Andrey's ACKs ==================== Signed-off-by: Alexei Starovoitov ","","This commit merges the 'getpeername' branch, introducing cgroup attach types to BPF sock_addr programs with enhanced support.","merge,getpeername,cgroup","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', 'cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).', ""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"566fc3f5d1c641b510ec487cf274a047f8a1e849","566fc3f5d1c641b510ec487cf274a047f8a1e849","Daniel Borkmann","daniel@iogearbox.net","1589841948","Alexei Starovoitov","ast@kernel.org","1589913124","55fe5f6a92563b0db505cfa422e2d2033ecdd283","05ee19c18c2bb3dea69e29219017367c4a77e65a","bpf, testing: Add get{peer, sock}name selftests to test_progs Extend the existing connect_force_port test to assert get{peer,sock}name programs as well. The workflow for e.g. IPv4 is as follows: i) server binds to concrete port, ii) client calls getsockname() on server fd which exposes 1.2.3.4:60000 to client, iii) client connects to service address 1.2.3.4:60000 binds to concrete local address (127.0.0.1:22222) and remaps service address to a concrete backend address (127.0.0.1:60123), iv) client then calls getsockname() on its own fd to verify local address (127.0.0.1:22222) and getpeername() on its own fd which then publishes service address (1.2.3.4:60000) instead of actual backend. Same workflow is done for IPv6 just with different address/port tuples. # ./test_progs -t connect_force_port #14 connect_force_port:OK Summary: 1/0 PASSED, 0 SKIPPED, 0 FAILED Signed-off-by: Daniel Borkmann Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Acked-by: Andrey Ignatov Link: https://lore.kernel.org/bpf/3343da6ad08df81af715a95d61a84fb4a960f2bf.1589841594.git.daniel@iogearbox.net","tools/testing/selftests/bpf/network_helpers.c | 11 ++-; tools/testing/selftests/bpf/network_helpers.h | 1 +; .../selftests/bpf/prog_tests/connect_force_port.c | 107 +++++++++++++++------; .../selftests/bpf/progs/connect_force_port4.c | 59 +++++++++++-; .../selftests/bpf/progs/connect_force_port6.c | 70 +++++++++++++-; 5 files changed, 215 insertions(+), 33 deletions(-)","This commit enhances BPF selftests by adding getsockname and getpeername tests to the connect_force_port testing suite.","selftests, getsockname, getpeername","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"05ee19c18c2bb3dea69e29219017367c4a77e65a","05ee19c18c2bb3dea69e29219017367c4a77e65a","Daniel Borkmann","daniel@iogearbox.net","1589841947","Alexei Starovoitov","ast@kernel.org","1589913124","f4c4f4c527b62dc432eecf3701dbfea55f8f91b7","f15ed0185de7d471e907783739dffbe397a93142","bpf, bpftool: Enable get{peer, sock}name attach types Make bpftool aware and add the new get{peer,sock}name attach types to its cli, documentation and bash completion to allow attachment/detachment of sock_addr programs there. Signed-off-by: Daniel Borkmann Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Acked-by: Andrey Ignatov Link: https://lore.kernel.org/bpf/9765b3d03e4c29210c4df56a9cc7e52f5f7bb5ef.1589841594.git.daniel@iogearbox.net","tools/bpf/bpftool/Documentation/bpftool-cgroup.rst | 10 +++++++---; tools/bpf/bpftool/Documentation/bpftool-prog.rst | 3 ++-; tools/bpf/bpftool/bash-completion/bpftool | 15 +++++++++------; tools/bpf/bpftool/cgroup.c | 7 ++++---; tools/bpf/bpftool/main.h | 4 ++++; tools/bpf/bpftool/prog.c | 6 ++++--; 6 files changed, 30 insertions(+), 15 deletions(-)","The commit updates bpftool to support getpeername and getsockname attachment types, enhancing its CLI, documentation, and bash completion.","bpftool, attach types, sock_addr","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"f15ed0185de7d471e907783739dffbe397a93142","f15ed0185de7d471e907783739dffbe397a93142","Daniel Borkmann","daniel@iogearbox.net","1589841946","Alexei Starovoitov","ast@kernel.org","1589913124","bfeecfcf7b9960e1b16de67f2efa335d19fee673","1b66d253610c7f8f257103808a9460223a087469","bpf, libbpf: Enable get{peer, sock}name attach types Trivial patch to add the new get{peer,sock}name attach types to the section definitions in order to hook them up to sock_addr cgroup program type. Signed-off-by: Daniel Borkmann Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Acked-by: Andrey Ignatov Link: https://lore.kernel.org/bpf/7fcd4b1e41a8ebb364754a5975c75a7795051bd2.1589841594.git.daniel@iogearbox.net","tools/lib/bpf/libbpf.c | 8 ++++++++; 1 file changed, 8 insertions(+)","This commit adds support for get{peer,sock}name attach types to the sock_addr cgroup program type in libbpf.","libbpf,sock_addr,cgroup","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"1b66d253610c7f8f257103808a9460223a087469","1b66d253610c7f8f257103808a9460223a087469","Daniel Borkmann","daniel@iogearbox.net","1589841945","Alexei Starovoitov","ast@kernel.org","1589913124","e1b37c8c2f7fd3a557d51de9705dacf71f566c9f","d800bad67d4c21aaf11722f04e0f7547fb915ab5","bpf: Add get{peer, sock}name attach types for sock_addr As stated in 983695fa6765 (""bpf: fix unconnected udp hooks""), the objective for the existing cgroup connect/sendmsg/recvmsg/bind BPF hooks is to be transparent to applications. In Cilium we make use of these hooks [0] in order to enable E-W load balancing for existing Kubernetes service types for all Cilium managed nodes in the cluster. Those backends can be local or remote. The main advantage of this approach is that it operates as close as possible to the socket, and therefore allows to avoid packet-based NAT given in connect/sendmsg/recvmsg hooks we only need to xlate sock addresses. This also allows to expose NodePort services on loopback addresses in the host namespace, for example. As another advantage, this also efficiently blocks bind requests for applications in the host namespace for exposed ports. However, one missing item is that we also need to perform reverse xlation for inet{,6}_getname() hooks such that we can return the service IP/port tuple back to the application instead of the remote peer address. The vast majority of applications does not bother about getpeername(), but in a few occasions we've seen breakage when validating the peer's address since it returns unexpectedly the backend tuple instead of the service one. Therefore, this trivial patch allows to customise and adds a getpeername() as well as getsockname() BPF cgroup hook for both IPv4 and IPv6 in order to address this situation. Simple example: # ./cilium/cilium service list ID Frontend Service Type Backend 1 1.2.3.4:80 ClusterIP 1 => 10.0.0.10:80 Before; curl's verbose output example, no getpeername() reverse xlation: # curl --verbose 1.2.3.4 * Rebuilt URL to: 1.2.3.4/ * Trying 1.2.3.4... * TCP_NODELAY set * Connected to 1.2.3.4 (10.0.0.10) port 80 (#0) > GET / HTTP/1.1 > Host: 1.2.3.4 > User-Agent: curl/7.58.0 > Accept: */* [...] After; with getpeername() reverse xlation: # curl --verbose 1.2.3.4 * Rebuilt URL to: 1.2.3.4/ * Trying 1.2.3.4... * TCP_NODELAY set * Connected to 1.2.3.4 (1.2.3.4) port 80 (#0) > GET / HTTP/1.1 > Host: 1.2.3.4 > User-Agent: curl/7.58.0 > Accept: */* [...] Originally, I had both under a BPF_CGROUP_INET{4,6}_GETNAME type and exposed peer to the context similar as in inet{,6}_getname() fashion, but API-wise this is suboptimal as it always enforces programs having to test for ctx->peer which can easily be missed, hence BPF_CGROUP_INET{4,6}_GET{PEER,SOCK}NAME split. Similarly, the checked return code is on tnum_range(1, 1), but if a use case comes up in future, it can easily be changed to return an error code instead. Helper and ctx member access is the same as with connect/sendmsg/etc hooks. [0] https://github.com/cilium/cilium/blob/master/bpf/bpf_sock.c Signed-off-by: Daniel Borkmann Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Acked-by: Andrey Ignatov Link: https://lore.kernel.org/bpf/61a479d759b2482ae3efb45546490bacd796a220.1589841594.git.daniel@iogearbox.net","include/linux/bpf-cgroup.h | 1 +; include/uapi/linux/bpf.h | 4 ++++; kernel/bpf/syscall.c | 12 ++++++++++++; kernel/bpf/verifier.c | 6 +++++-; net/core/filter.c | 4 ++++; net/ipv4/af_inet.c | 8 ++++++--; net/ipv6/af_inet6.c | 9 ++++++---; tools/include/uapi/linux/bpf.h | 4 ++++; 8 files changed, 42 insertions(+), 6 deletions(-)","This commit adds getpeername and getsockname attach types for sock_addr to enhance application transparency in socket operations.","getpeername,getsockname,socket","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', 'cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).', ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"d800bad67d4c21aaf11722f04e0f7547fb915ab5","d800bad67d4c21aaf11722f04e0f7547fb915ab5","Jesper Dangaard Brouer","brouer@redhat.com","1589807127","Daniel Borkmann","daniel@iogearbox.net","1589903794","e7dbca49e7a5c1b6a8c5bd42acec8624903914df","59929cd1fec508a48ea2a04d8f2e4fdef907a2cd","bpf: Fix too large copy from user in bpf_test_init Commit bc56c919fce7 (""bpf: Add xdp.frame_sz in bpf_prog_test_run_xdp()."") recently changed bpf_prog_test_run_xdp() to use larger frames for XDP in order to test tail growing frames (via bpf_xdp_adjust_tail) and to have memory backing frame better resemble drivers. The commit contains a bug, as it tries to copy the max data size from userspace, instead of the size provided by userspace. This cause XDP unit tests to fail sporadically with EFAULT, an unfortunate behavior. The fix is to only copy the size specified by userspace. Fixes: bc56c919fce7 (""bpf: Add xdp.frame_sz in bpf_prog_test_run_xdp()."") Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/158980712729.256597.6115007718472928659.stgit@firesoul","net/bpf/test_run.c | 8 +++++---; 1 file changed, 5 insertions(+), 3 deletions(-)","The commit fixes a bug in bpf_test_init by correcting the copy size from user space for XDP frames.","bug,XDP,copy","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"59929cd1fec508a48ea2a04d8f2e4fdef907a2cd","59929cd1fec508a48ea2a04d8f2e4fdef907a2cd","Daniel T. Lee","danieltimlee@gmail.com","1589601968","Daniel Borkmann","daniel@iogearbox.net","1589901183","2daef9645a717e2ad5ac0dbdfc89e92cd0738adf","14846dda634e28cc0430f1fbbfa6c758a2e5f873","samples, bpf: Refactor kprobe, tail call kern progs map definition Because the previous two commit replaced the bpf_load implementation of the user program with libbpf, the corresponding kernel program's MAP definition can be replaced with new BTF-defined map syntax. This commit only updates the samples which uses libbpf API for loading bpf program not with bpf_load. Signed-off-by: Daniel T. Lee Signed-off-by: Daniel Borkmann Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200516040608.1377876-6-danieltimlee@gmail.com","samples/bpf/sampleip_kern.c | 12 ++++++------; samples/bpf/sockex3_kern.c | 36 ++++++++++++++++++------------------; samples/bpf/trace_event_kern.c | 24 ++++++++++++------------; samples/bpf/tracex2_kern.c | 24 ++++++++++++------------; samples/bpf/tracex3_kern.c | 24 ++++++++++++------------; samples/bpf/tracex4_kern.c | 12 ++++++------; samples/bpf/tracex5_kern.c | 14 +++++++-------; samples/bpf/tracex6_kern.c | 38 ++++++++++++++++++++------------------; 8 files changed, 93 insertions(+), 91 deletions(-)","The commit refactors BPF map definitions in kernel sample programs to use BTF-defined syntax under the libbpf API.","refactor,map,libbpf","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"14846dda634e28cc0430f1fbbfa6c758a2e5f873","14846dda634e28cc0430f1fbbfa6c758a2e5f873","Daniel T. Lee","danieltimlee@gmail.com","1589601967","Daniel Borkmann","daniel@iogearbox.net","1589901180","e836cd239c9c2fb7cb682191d28570c47d454737","bc1a85977b950407d67cd1e5b74f261a4bee3284","samples, bpf: Add tracex7 test file to .gitignore This commit adds tracex7 test file (testfile.img) to .gitignore which comes from test_override_return.sh. Signed-off-by: Daniel T. Lee Signed-off-by: Daniel Borkmann Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200516040608.1377876-5-danieltimlee@gmail.com","samples/bpf/.gitignore | 1 +; 1 file changed, 1 insertion(+)","Add tracex7 test file from test_override_return.sh to .gitignore in samples/bpf.","tracex7,.gitignore,testfile","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"bc1a85977b950407d67cd1e5b74f261a4bee3284","bc1a85977b950407d67cd1e5b74f261a4bee3284","Daniel T. Lee","danieltimlee@gmail.com","1589601966","Daniel Borkmann","daniel@iogearbox.net","1589901176","e4c5283ae3815b08fe2a09a34576a7ebf7931ecf","63841bc0833623ecd4f758ec055b543cf1bc56ba","samples, bpf: Refactor tail call user progs with libbpf BPF tail call uses the BPF_MAP_TYPE_PROG_ARRAY type map for calling into other BPF programs and this PROG_ARRAY should be filled prior to use. Currently, samples with the PROG_ARRAY type MAP fill this program array with bpf_load. For bpf_load to fill this map, kernel BPF program must specify the section with specific format of / (e.g. SEC(""socket/0"")) But by using libbpf instead of bpf_load, user program can specify which programs should be added to PROG_ARRAY. The advantage of this approach is that you can selectively add only the programs you want, rather than adding all of them to PROG_ARRAY, and it's much more intuitive than the traditional approach. This commit refactors user programs with the PROG_ARRAY type MAP with libbpf instead of using bpf_load. Signed-off-by: Daniel T. Lee Signed-off-by: Daniel Borkmann Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200516040608.1377876-4-danieltimlee@gmail.com","samples/bpf/Makefile | 4 +--; samples/bpf/sockex3_user.c | 64 +++++++++++++++++++++++++++++---------------; samples/bpf/tracex5_user.c | 66 ++++++++++++++++++++++++++++++++++++++++------; 3 files changed, 103 insertions(+), 31 deletions(-)","Refactors BPF user programs using libbpf for better flexibility in managing PROG_ARRAY maps.","libbpf,PROG_ARRAY,refactor","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"63841bc0833623ecd4f758ec055b543cf1bc56ba","63841bc0833623ecd4f758ec055b543cf1bc56ba","Daniel T. Lee","danieltimlee@gmail.com","1589601965","Daniel Borkmann","daniel@iogearbox.net","1589901173","c1a534f8aaa1f3ce52712e752fdfd425d77a1eb7","0efdcefb00d768442efef21560ea4c44d481fa5c","samples, bpf: Refactor kprobe tracing user progs with libbpf Currently, the kprobe BPF program attachment method for bpf_load is quite old. The implementation of bpf_load ""directly"" controls and manages(create, delete) the kprobe events of DEBUGFS. On the other hand, using using the libbpf automatically manages the kprobe event. (under bpf_link interface) By calling bpf_program__attach(_kprobe) in libbpf, the corresponding kprobe is created and the BPF program will be attached to this kprobe. To remove this, by simply invoking bpf_link__destroy will clean up the event. This commit refactors kprobe tracing programs (tracex{1~7}_user.c) with libbpf using bpf_link interface and bpf_program__attach. tracex2_kern.c, which tracks system calls (sys_*), has been modified to append prefix depending on architecture. Signed-off-by: Daniel T. Lee Signed-off-by: Daniel Borkmann Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200516040608.1377876-3-danieltimlee@gmail.com","samples/bpf/Makefile | 12 ++++-----; samples/bpf/trace_common.h | 13 ++++++++++; samples/bpf/tracex1_user.c | 37 ++++++++++++++++++++++------; samples/bpf/tracex2_kern.c | 3 ++-; samples/bpf/tracex2_user.c | 51 +++++++++++++++++++++++++++++++-------; samples/bpf/tracex3_user.c | 61 ++++++++++++++++++++++++++++++++++------------; samples/bpf/tracex4_user.c | 51 +++++++++++++++++++++++++++++---------; samples/bpf/tracex6_user.c | 49 ++++++++++++++++++++++++++++++++-----; samples/bpf/tracex7_user.c | 39 +++++++++++++++++++++++------; 9 files changed, 252 insertions(+), 64 deletions(-)","Refactor kprobe tracing programs using libbpf and bpf_link interface for automatic management of kprobe events.","libbpf,kprobe,refactor","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['kprobe/ftrace like type kernel dynamic probe programs. It affects kernel-level probes used for tracing kernel functions. It can be other kernel probes in perf-events.']" +"0efdcefb00d768442efef21560ea4c44d481fa5c","0efdcefb00d768442efef21560ea4c44d481fa5c","Daniel T. Lee","danieltimlee@gmail.com","1589601964","Daniel Borkmann","daniel@iogearbox.net","1589901169","8be1ed7d70e6a61c43d53f984061e5d2acd1e4a3","96586dd9268d26b278a1dd9110080001a6acbb0f","samples, bpf: Refactor pointer error check with libbpf Current method of checking pointer error is not user friendly. Especially the __must_check define makes this less intuitive. Since, libbpf has an API libbpf_get_error() which checks pointer error, this commit refactors existing pointer error check logic with libbpf. Signed-off-by: Daniel T. Lee Signed-off-by: Daniel Borkmann Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200516040608.1377876-2-danieltimlee@gmail.com","samples/bpf/sampleip_user.c | 7 ++-----; samples/bpf/trace_event_user.c | 9 +++------; samples/bpf/xdp_redirect_cpu_user.c | 5 +----; 3 files changed, 6 insertions(+), 15 deletions(-)","Refactor pointer error checking in BPF samples using libbpf's API for improved usability.","pointer,error,refactor","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"8a2cc0505cc4313e6ce2bc8fc1ce3607b410e114","8a2cc0505cc4313e6ce2bc8fc1ce3607b410e114","Masahiro Yamada","masahiroy@kernel.org","1588131915","Masahiro Yamada","masahiroy@kernel.org","1589709121","abef38449c4e91d31465aece7994e5f23319c540","7f3a59db274c3e3d884c785e363a054110f1c266","bpfilter: use 'userprogs' syntax to build bpfilter_umh The user mode helper should be compiled for the same architecture as the kernel. This Makefile reused the 'hostprogs' syntax by overriding HOSTCC with CC. Use the new syntax 'userprogs' to fix the Makefile mess. Signed-off-by: Masahiro Yamada Acked-by: Sam Ravnborg ","net/bpfilter/Makefile | 12 ++++--------; 1 file changed, 4 insertions(+), 8 deletions(-)","The commit updates the Makefile to use 'userprogs' syntax for building bpfilter_umh suited to the kernel's architecture.","userprogs, Makefile, bpfilter","A build system or CI/CD change. It affects the build process continuous integration or deployment pipelines.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"7f3a59db274c3e3d884c785e363a054110f1c266","7f3a59db274c3e3d884c785e363a054110f1c266","Masahiro Yamada","masahiroy@kernel.org","1588131914","Masahiro Yamada","masahiroy@kernel.org","1589709121","1fa677287ef851e18ba143a8a943d93a74e16585","b1183b6dca3e0d59ce8fa81767def6ea6188e8ec","kbuild: add infrastructure to build userspace programs Kbuild supports the infrastructure to build host programs, but there was no support to build userspace programs for the target architecture (i.e. the same architecture as the kernel). Sam Ravnborg worked on this in 2014 (https://lkml.org/lkml/2014/7/13/154), but it was not merged. One problem at that time was, there was no good way to know whether $(CC) can link standalone programs. In fact, pre-built kernel.org toolchains [1] are often used for building the kernel, but they do not provide libc. Now, we can handle this cleanly because the compiler capability is evaluated at the Kconfig time. If $(CC) cannot link standalone programs, the relevant options are hidden by 'depends on CC_CAN_LINK'. The implementation just mimics scripts/Makefile.host The userspace programs are compiled with the same flags as the host programs. In addition, it uses -m32 or -m64 if it is found in $(KBUILD_CFLAGS). This new syntax has two usecases. - Sample programs Several userspace programs under samples/ include UAPI headers installed in usr/include. Most of them were previously built for the host architecture just to use the 'hostprogs' syntax. However, 'make headers' always works for the target architecture. This caused the arch mismatch in cross-compiling. To fix this distortion, sample code should be built for the target architecture. - Bpfilter net/bpfilter/Makefile compiles bpfilter_umh as the user mode helper, and embeds it into the kernel. Currently, it overrides HOSTCC with CC to use the 'hostprogs' syntax. This hack should go away. [1]: https://mirrors.edge.kernel.org/pub/tools/crosstool/ Signed-off-by: Masahiro Yamada Acked-by: Sam Ravnborg ","Makefile | 13 ++++++++++---; scripts/Makefile.build | 6 ++++++; scripts/Makefile.clean | 2 +-; scripts/Makefile.userprogs | 45 +++++++++++++++++++++++++++++++++++++++++++++; 4 files changed, 62 insertions(+), 4 deletions(-)","Adds infrastructure to build userspace programs for target architecture in Kbuild without affecting eBPF subsystem.","kbuild, infrastructure, userspace","A build system or CI/CD change. It affects the build process continuous integration or deployment pipelines.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"b1183b6dca3e0d59ce8fa81767def6ea6188e8ec","b1183b6dca3e0d59ce8fa81767def6ea6188e8ec","Masahiro Yamada","masahiroy@kernel.org","1589009955","Masahiro Yamada","masahiroy@kernel.org","1589709121","0ddba79b19f44ad98ae7e918601c531462f4d52b","9371f86ecb60f6f1f120e3d93fe892bbb70d04c0","bpfilter: check if $(CC) can link static libc in Kconfig On Fedora, linking static glibc requires the glibc-static RPM package, which is not part of the glibc-devel package. CONFIG_CC_CAN_LINK does not check the capability of static linking, so you can enable CONFIG_BPFILTER_UMH, then fail to build: HOSTLD net/bpfilter/bpfilter_umh /usr/bin/ld: cannot find -lc collect2: error: ld returned 1 exit status Add CONFIG_CC_CAN_LINK_STATIC, and make CONFIG_BPFILTER_UMH depend on it. Reported-by: Valdis Kletnieks Signed-off-by: Masahiro Yamada Acked-by: Alexei Starovoitov ","init/Kconfig | 5 +++++; net/bpfilter/Kconfig | 2 +-; 2 files changed, 6 insertions(+), 1 deletion(-)","Enhance Kconfig to ensure static linking capability of compiler for bpfilter feature.","bpfilter,Kconfig,linking","A build system or CI/CD change. It affects the build process continuous integration or deployment pipelines.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"9371f86ecb60f6f1f120e3d93fe892bbb70d04c0","9371f86ecb60f6f1f120e3d93fe892bbb70d04c0","Masahiro Yamada","masahiroy@kernel.org","1588131913","Masahiro Yamada","masahiroy@kernel.org","1589709121","3bf829d594785687c136b1d8295197f58b2038ef","59721d4eb7f66f27440ad74f875b97e64133ee3b","bpfilter: match bit size of bpfilter_umh to that of the kernel bpfilter_umh is built for the default machine bit of the compiler, which may not match to the bit size of the kernel. This happens in the scenario below: You can use biarch GCC that defaults to 64-bit for building the 32-bit kernel. In this case, Kbuild passes -m32 to teach the compiler to produce 32-bit kernel space objects. However, it is missing when building bpfilter_umh. It is built as a 64-bit ELF, and then embedded into the 32-bit kernel. The 32-bit kernel and 64-bit umh is a bad combination. In theory, we can have 32-bit umh running on 64-bit kernel, but we do not have a good reason to support such a usecase. The best is to match the bit size between them. Pass -m32 or -m64 to the umh build command if it is found in $(KBUILD_CFLAGS). Evaluate CC_CAN_LINK against the kernel bit-size. Signed-off-by: Masahiro Yamada ","init/Kconfig | 4 +++-; net/bpfilter/Makefile | 5 +++--; usr/include/Makefile | 4 ++++; 3 files changed, 10 insertions(+), 3 deletions(-)","This commit ensures the bit size of bpfilter_umh matches the kernel's bit size by passing appropriate flags during build.","bpfilter, bit size, build","A build system or CI/CD change. It affects the build process continuous integration or deployment pipelines.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"96586dd9268d26b278a1dd9110080001a6acbb0f","96586dd9268d26b278a1dd9110080001a6acbb0f","John Fastabend","john.fastabend@gmail.com","1589397362","Daniel Borkmann","daniel@iogearbox.net","1589590609","20db81316e8437b136cd0e605b76f7f7b9397bbe","a7238f7c79dda1c484f92478c42408e1a3d418c6","bpf: Selftests, add ktls tests to test_sockmap Until now we have only had minimal ktls+sockmap testing when being used with helpers and different sendmsg/sendpage patterns. Add a pass with ktls here. To run just ktls tests, $ ./test_sockmap --whitelist=""ktls"" Signed-off-by: John Fastabend Signed-off-by: Daniel Borkmann Reviewed-by: Jakub Sitnicki Link: https://lore.kernel.org/bpf/158939736278.15176.5435314315563203761.stgit@john-Precision-5820-Tower","tools/testing/selftests/bpf/test_sockmap.c | 70 +++++++++++++++++++-----------; 1 file changed, 44 insertions(+), 26 deletions(-)","This commit enhances the bpf selftests by adding ktls tests to the test_sockmap suite.","ktls,sockmap,selftests","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"a7238f7c79dda1c484f92478c42408e1a3d418c6","a7238f7c79dda1c484f92478c42408e1a3d418c6","John Fastabend","john.fastabend@gmail.com","1589397343","Daniel Borkmann","daniel@iogearbox.net","1589590609","d63560d601d013dab9d36398921bf9e7fc6d7de2","065a74cbd0d0bd7115846d630e141a95a95e1ce1","bpf: Selftests, add blacklist to test_sockmap This adds a blacklist to test_sockmap. For example, now we can run all apply and cork tests except those with timeouts by doing, $ ./test_sockmap --whitelist ""apply,cork"" --blacklist ""hang"" Signed-off-by: John Fastabend Signed-off-by: Daniel Borkmann Reviewed-by: Jakub Sitnicki Link: https://lore.kernel.org/bpf/158939734350.15176.6643981099665208826.stgit@john-Precision-5820-Tower","tools/testing/selftests/bpf/test_sockmap.c | 33 ++++++++++++++++++++++++++++--; 1 file changed, 31 insertions(+), 2 deletions(-)","Add blacklist capability to test_sockmap selftests in BPF.","blacklist,test_sockmap,selftests","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"065a74cbd0d0bd7115846d630e141a95a95e1ce1","065a74cbd0d0bd7115846d630e141a95a95e1ce1","John Fastabend","john.fastabend@gmail.com","1589397324","Daniel Borkmann","daniel@iogearbox.net","1589590609","6d79d0efd87ad3653c26b51b62770584a369b1b0","b98ca90c56ee498c751ff5c20b9db8cb64c13fc5","bpf: Selftests, add whitelist option to test_sockmap Allow running specific tests with a comma deliminated whitelist. For example to run all apply and cork tests. $ ./test_sockmap --whitelist=""cork,apply"" Signed-off-by: John Fastabend Signed-off-by: Daniel Borkmann Reviewed-by: Jakub Sitnicki Link: https://lore.kernel.org/bpf/158939732464.15176.1959113294944564542.stgit@john-Precision-5820-Tower","tools/testing/selftests/bpf/test_sockmap.c | 31 +++++++++++++++++++++++++++++-; 1 file changed, 30 insertions(+), 1 deletion(-)","Adds a whitelist option to the bpf selftest tool test_sockmap for running specific tests.","selftests,whitelist,test_sockmap","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"b98ca90c56ee498c751ff5c20b9db8cb64c13fc5","b98ca90c56ee498c751ff5c20b9db8cb64c13fc5","John Fastabend","john.fastabend@gmail.com","1589397304","Daniel Borkmann","daniel@iogearbox.net","1589590609","1c6f28cd156fc17d10445d59ca2603bb2bb0de61","328aa08a081bb94f9aba506363186de6ec3382ec","bpf: Selftests, provide verbose option for selftests execution Pass options from command line args into individual tests which allows us to use verbose option from command line with selftests. Now when verbose option is set individual subtest details will be printed. Also we can consolidate cgroup bring up and tear down. Additionally just setting verbose is very noisy so introduce verbose=1 and verbose=2. Really verbose=2 is only useful when developing tests or debugging some specific issue. For example now we get output like this with --verbose, #20/17 sockhash:txmsg test pull-data:OK [TEST 160]: (512, 1, 3, sendpage, pop (1,3),): msg_loop_rx: iov_count 1 iov_buf 1 cnt 512 err 0 [TEST 161]: (100, 1, 5, sendpage, pop (1,3),): msg_loop_rx: iov_count 1 iov_buf 3 cnt 100 err 0 [TEST 162]: (2, 1024, 256, sendpage, pop (4096,8192),): msg_loop_rx: iov_count 1 iov_buf 255 cnt 2 err 0 [TEST 163]: (512, 1, 3, sendpage, redir,pop (1,3),): msg_loop_rx: iov_count 1 iov_buf 1 cnt 512 err 0 [TEST 164]: (100, 1, 5, sendpage, redir,pop (1,3),): msg_loop_rx: iov_count 1 iov_buf 3 cnt 100 err 0 [TEST 165]: (512, 1, 3, sendpage, cork 512,pop (1,3),): msg_loop_rx: iov_count 1 iov_buf 1 cnt 512 err 0 [TEST 166]: (100, 1, 5, sendpage, cork 512,pop (1,3),): msg_loop_rx: iov_count 1 iov_buf 3 cnt 100 err 0 [TEST 167]: (512, 1, 3, sendpage, redir,cork 4,pop (1,3),): msg_loop_rx: iov_count 1 iov_buf 1 cnt 512 err 0 [TEST 168]: (100, 1, 5, sendpage, redir,cork 4,pop (1,3),): msg_loop_rx: iov_count 1 iov_buf 3 cnt 100 err 0 Signed-off-by: John Fastabend Signed-off-by: Daniel Borkmann Reviewed-by: Jakub Sitnicki Link: https://lore.kernel.org/bpf/158939730412.15176.1975675235035143367.stgit@john-Precision-5820-Tower","tools/testing/selftests/bpf/test_sockmap.c | 179 ++++++++++++-----------------; 1 file changed, 71 insertions(+), 108 deletions(-)","Enhances eBPF selftests with a verbose option for more detailed execution output.","selftests,verbose,detailed","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"328aa08a081bb94f9aba506363186de6ec3382ec","328aa08a081bb94f9aba506363186de6ec3382ec","John Fastabend","john.fastabend@gmail.com","1589397284","Daniel Borkmann","daniel@iogearbox.net","1589590609","62c6d74e082a7fe0d0d4ddeddba37e81199afc81","18d4e900a4500c54af56b9ad39f4d3b378eb0661","bpf: Selftests, break down test_sockmap into subtests At the moment test_sockmap runs all 800+ tests ungrouped which is not ideal because it makes it hard to see what is failing but also more importantly its hard to confirm all cases are tested. Additionally, after inspecting we noticed the runtime is bloated because we run many duplicate tests. Worse some of these tests are known error cases that wait for the recvmsg handler to timeout which creats long delays. Also we noted some tests were not clearing their options and as a result the following tests would run with extra and incorrect options. Fix this by reorganizing test code so its clear what tests are running and when. Then it becomes easy to remove duplication and run tests with only the set of send/recv patterns that are relavent. To accomplish this break test_sockmap into subtests and remove unnecessary duplication. The output is more readable now and the runtime reduced. Now default output prints subtests like this, $ ./test_sockmap # 1/ 6 sockmap:txmsg test passthrough:OK ... #22/ 1 sockhash:txmsg test push/pop data:OK Pass: 22 Fail: 0 Signed-off-by: John Fastabend Signed-off-by: Daniel Borkmann Reviewed-by: Jakub Sitnicki Link: https://lore.kernel.org/bpf/158939728384.15176.13601520183665880762.stgit@john-Precision-5820-Tower","tools/testing/selftests/bpf/test_sockmap.c | 723 ++++++++++++++---------------; 1 file changed, 348 insertions(+), 375 deletions(-)","The commit reorganizes the test_sockmap into subtests to improve readability and reduce runtime by eliminating duplicate tests.","test_sockmap,subtests,duplication","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"18d4e900a4500c54af56b9ad39f4d3b378eb0661","18d4e900a4500c54af56b9ad39f4d3b378eb0661","John Fastabend","john.fastabend@gmail.com","1589397265","Daniel Borkmann","daniel@iogearbox.net","1589590609","78827911ef4cfb0e31c8e946f71c94560fe5636f","248aba1d526e052ee9aba6dd9c5a198e30839cbd","bpf: Selftests, improve test_sockmap total bytes counter The recv thread in test_sockmap waits to receive all bytes from sender but in the case we use pop data it may wait for more bytes then actually being sent. This stalls the test harness for multiple seconds. Because this happens in multiple tests it slows time to run the selftest. Fix by doing a better job of accounting for total bytes when pop helpers are used. Signed-off-by: John Fastabend Signed-off-by: Daniel Borkmann Reviewed-by: Jakub Sitnicki Link: https://lore.kernel.org/bpf/158939726542.15176.5964532245173539540.stgit@john-Precision-5820-Tower","tools/testing/selftests/bpf/test_sockmap.c | 11 ++++++++---; 1 file changed, 8 insertions(+), 3 deletions(-)","The commit enhances the byte counting method in bpf selftest for test_sockmap to avoid delays due to pop helpers.","selftests,sockmap,bytes","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"248aba1d526e052ee9aba6dd9c5a198e30839cbd","248aba1d526e052ee9aba6dd9c5a198e30839cbd","John Fastabend","john.fastabend@gmail.com","1589397245","Daniel Borkmann","daniel@iogearbox.net","1589590609","7f110d88791624e81735929690805d2dc2e4ca33","13a5f3ffd202f73f1d0c2ed36dd66a0cd891e61a","bpf: Selftests, print error in test_sockmap error cases Its helpful to know the error value if an error occurs. Signed-off-by: John Fastabend Signed-off-by: Daniel Borkmann Reviewed-by: Jakub Sitnicki Link: https://lore.kernel.org/bpf/158939724566.15176.12079885932643225626.stgit@john-Precision-5820-Tower","tools/testing/selftests/bpf/test_sockmap.c | 25 +++++++++++++++++--------; 1 file changed, 17 insertions(+), 8 deletions(-)","The commit adds error printing to the test_sockmap in bpf selftests for better debugging.","selftests,error,print","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"13a5f3ffd202f73f1d0c2ed36dd66a0cd891e61a","13a5f3ffd202f73f1d0c2ed36dd66a0cd891e61a","John Fastabend","john.fastabend@gmail.com","1589397226","Daniel Borkmann","daniel@iogearbox.net","1589590609","3cbeae64b5576dbb1365881328437a30ffbb7166","d79a32129b21296f1dce1bd9d703826853bb63a6","bpf: Selftests, sockmap test prog run without setting cgroup Running test_sockmap with arguments to specify a test pattern requires including a cgroup argument. Instead of requiring this if the option is not provided create one This is not used by selftest runs but I use it when I want to test a specific test. Most useful when developing new code and/or tests. Signed-off-by: John Fastabend Signed-off-by: Daniel Borkmann Reviewed-by: Jakub Sitnicki Link: https://lore.kernel.org/bpf/158939722675.15176.6294210959489131688.stgit@john-Precision-5820-Tower","tools/testing/selftests/bpf/test_sockmap.c | 28 ++++++++++++++++++++++------; 1 file changed, 22 insertions(+), 6 deletions(-)","The commit enhances bpf selftests for sockmap by creating a default cgroup when not specified for targeted test runs.","sockmap,selftests,cgroup","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"d79a32129b21296f1dce1bd9d703826853bb63a6","d79a32129b21296f1dce1bd9d703826853bb63a6","John Fastabend","john.fastabend@gmail.com","1589397207","Daniel Borkmann","daniel@iogearbox.net","1589590609","5df3a25f93e9429085ed5360c1afa6e50996c323","991e35eebe1e90ffc1c75105286a50e627b56dd1","bpf: Selftests, remove prints from sockmap tests The prints in the test_sockmap programs were only useful when we didn't have enough control over test infrastructure to know from user program what was being pushed into kernel side. Now that we have or will shortly have better test controls lets remove the printers. This means we can remove half the programs and cleanup bpf side. Signed-off-by: John Fastabend Signed-off-by: Daniel Borkmann Reviewed-by: Jakub Sitnicki Link: https://lore.kernel.org/bpf/158939720756.15176.9806965887313279429.stgit@john-Precision-5820-Tower",".../selftests/bpf/progs/test_sockmap_kern.h | 158 +--------------------; tools/testing/selftests/bpf/test_sockmap.c | 25 +---; 2 files changed, 9 insertions(+), 174 deletions(-)","The commit removes print statements from sockmap selftests to streamline testing and clean up the code.","selftests,sockmap,cleanup","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"991e35eebe1e90ffc1c75105286a50e627b56dd1","991e35eebe1e90ffc1c75105286a50e627b56dd1","John Fastabend","john.fastabend@gmail.com","1589397189","Daniel Borkmann","daniel@iogearbox.net","1589590609","50e69a19c0f452fd33a951123aa3cfb68fdba54d","3b09d27cc93d584f49bc18f1e1696ba19d43233a","bpf: Selftests, move sockmap bpf prog header into progs Moves test_sockmap_kern.h into progs directory but does not change code at all. Signed-off-by: John Fastabend Signed-off-by: Daniel Borkmann Reviewed-by: Jakub Sitnicki Link: https://lore.kernel.org/bpf/158939718921.15176.5766299102332077086.stgit@john-Precision-5820-Tower",".../selftests/bpf/progs/test_sockmap_kern.h | 451 +++++++++++++++++++++; tools/testing/selftests/bpf/test_sockmap_kern.h | 451 ---------------------; 2 files changed, 451 insertions(+), 451 deletions(-)","The commit relocates a sockmap BPF program header file within the eBPF test directories without any code changes.","sockmap,selftests,header","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"3b09d27cc93d584f49bc18f1e1696ba19d43233a","3b09d27cc93d584f49bc18f1e1696ba19d43233a","Stanislav Fomichev","sdf@google.com","1589572144","Daniel Borkmann","daniel@iogearbox.net","1589584694","1a5cdf017ef195a8c53accf14883db92b3b52eb8","5366d2269139ba8eb6a906d73a0819947e3e4e0a","selftests/bpf: Move test_align under test_progs There is a much higher chance we can see the regressions if the test is part of test_progs. Signed-off-by: Stanislav Fomichev Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200515194904.229296-2-sdf@google.com","tools/testing/selftests/bpf/prog_tests/align.c | 666 +++++++++++++++++++++++; tools/testing/selftests/bpf/test_align.c | 720 -------------------------; 2 files changed, 666 insertions(+), 720 deletions(-)","The commit relocates test_align to test_progs for improved regression detection in selftests.","selftests,bpf,test_progs","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"5366d2269139ba8eb6a906d73a0819947e3e4e0a","5366d2269139ba8eb6a906d73a0819947e3e4e0a","Stanislav Fomichev","sdf@google.com","1589572143","Daniel Borkmann","daniel@iogearbox.net","1589584687","29c6a76f6499b8afd1986c725e6dd1c090be92ce","8d35d74f52ae07689e575ea21f7dc2e07dd1392f","selftests/bpf: Fix test_align verifier log patterns Commit 294f2fc6da27 (""bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds()"") changed the way verifier logs some of its state, adjust the test_align accordingly. Where possible, I tried to not copy-paste the entire log line and resorted to dropping the last closing brace instead. Fixes: 294f2fc6da27 (""bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds()"") Signed-off-by: Stanislav Fomichev Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200515194904.229296-1-sdf@google.com","tools/testing/selftests/bpf/test_align.c | 41 ++++++++++++++++----------------; 1 file changed, 21 insertions(+), 20 deletions(-)","This commit fixes the test_align verifier log patterns in selftests for eBPF after changes in verifier state logging.","selftests,bpf,verifier","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"8d35d74f52ae07689e575ea21f7dc2e07dd1392f","8d35d74f52ae07689e575ea21f7dc2e07dd1392f","Ian Rogers","irogers@google.com","1589561403","Daniel Borkmann","daniel@iogearbox.net","1589583965","fb494f06c3e84fa224b6ff2baced24437ad4092a","f516acd5397fdbb77ef0aad0798d9ef7c3001d72","libbpf, hashmap: Fix signedness warnings Fixes the following warnings: hashmap.c: In function ‘hashmap__clear’: hashmap.h:150:20: error: comparison of integer expressions of different signedness: ‘int’ and ‘size_t’ {aka ‘long unsigned int’} [-Werror=sign-compare] 150 | for (bkt = 0; bkt < map->cap; bkt++) \ hashmap.c: In function ‘hashmap_grow’: hashmap.h:150:20: error: comparison of integer expressions of different signedness: ‘int’ and ‘size_t’ {aka ‘long unsigned int’} [-Werror=sign-compare] 150 | for (bkt = 0; bkt < map->cap; bkt++) \ Signed-off-by: Ian Rogers Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200515165007.217120-4-irogers@google.com","tools/lib/bpf/hashmap.c | 5 ++---; 1 file changed, 2 insertions(+), 3 deletions(-)","This commit fixes signedness warnings in libbpf's hashmap code.","libbpf hashmap signedness","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"f516acd5397fdbb77ef0aad0798d9ef7c3001d72","f516acd5397fdbb77ef0aad0798d9ef7c3001d72","Ian Rogers","irogers@google.com","1589561402","Daniel Borkmann","daniel@iogearbox.net","1589583916","b059b996eb25ba77b7eb5d17135c0849a704d7e8","2ec0616e870f0f2aa8353e0de057f0c2dc8d52d5","libbpf, hashmap: Remove unused #include Remove #include of libbpf_internal.h that is unused. Discussed in this thread: https://lore.kernel.org/lkml/CAEf4BzZRmiEds_8R8g4vaAeWvJzPb4xYLnpF0X2VNY8oTzkphQ@mail.gmail.com/ Signed-off-by: Ian Rogers Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200515165007.217120-3-irogers@google.com","tools/lib/bpf/hashmap.h | 1 -; 1 file changed, 1 deletion(-)","Remove an unused #include directive from libbpf hashmap header.","libbpf,hashmap,include","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"2ec0616e870f0f2aa8353e0de057f0c2dc8d52d5","2ec0616e870f0f2aa8353e0de057f0c2dc8d52d5","Daniel Borkmann","daniel@iogearbox.net","1589582358","Daniel Borkmann","daniel@iogearbox.net","1589582882","bdbfd9b5b041a9dfef6345cd072a25f2d9a421a7","da07f52d3caf6c24c6dbffb5500f379d819e04bd","bpf: Fix check_return_code to only allow [0,1] in trace_iter progs As per 15d83c4d7cef (""bpf: Allow loading of a bpf_iter program"") we only allow a range of [0,1] for return codes. Therefore BPF_TRACE_ITER relies on the default tnum_range(0, 1) which is set in range var. On recent merge of net into net-next commit e92888c72fbd (""bpf: Enforce returning 0 for fentry/fexit progs"") got pulled in and caused a merge conflict with the changes from 15d83c4d7cef. The resolution had a snall hiccup in that it removed the [0,1] range restriction again so that BPF_TRACE_ITER would have no enforcement. Fix it by adding it back. Fixes: da07f52d3caf (""Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net"") Signed-off-by: Daniel Borkmann Acked-by: Alexei Starovoitov ","kernel/bpf/verifier.c | 3 ++-; 1 file changed, 2 insertions(+), 1 deletion(-)","This commit reinstates the [0,1] return code restriction for BPF_TRACE_ITER programs in the verifier.","return code, trace_iter, verifier","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.']" +"da07f52d3caf6c24c6dbffb5500f379d819e04bd","da07f52d3caf6c24c6dbffb5500f379d819e04bd","David S. Miller","davem@davemloft.net","1589575739","David S. Miller","davem@davemloft.net","1589575739","836e51994554f1aeddeebb6cb6ee568944a467e7","93d43e58683efd958a0421b932a273df74e0e008 f85c1598ddfe83f61d0656bd1d2025fa3b148b99","Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net Move the bpf verifier trace check into the new switch statement in HEAD. Resolve the overlapping changes in hinic, where bug fixes overlap the addition of VF support. Signed-off-by: David S. Miller ","","Merge changes from netdev repository addressing overlapping changes and moving BPF verifier trace check.","merge,verifier,netdev","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"f85c1598ddfe83f61d0656bd1d2025fa3b148b99","f85c1598ddfe83f61d0656bd1d2025fa3b148b99","Linus Torvalds","torvalds@linux-foundation.org","1589573406","Linus Torvalds","torvalds@linux-foundation.org","1589573406","8eb85a90ecaa578f9a994f269a5e094f619f240a","d5dfe4f1b44ed532653c2335267ad9599c8a698e 8e1381049ed5d213e7a1a7f95bbff83af8c59234","Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net Pull networking fixes from David Miller: 1) Fix sk_psock reference count leak on receive, from Xiyu Yang. 2) CONFIG_HNS should be invisible, from Geert Uytterhoeven. 3) Don't allow locking route MTUs in ipv6, RFCs actually forbid this, from Maciej Żenczykowski. 4) ipv4 route redirect backoff wasn't actually enforced, from Paolo Abeni. 5) Fix netprio cgroup v2 leak, from Zefan Li. 6) Fix infinite loop on rmmod in conntrack, from Florian Westphal. 7) Fix tcp SO_RCVLOWAT hangs, from Eric Dumazet. 8) Various bpf probe handling fixes, from Daniel Borkmann. * git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (68 commits) selftests: mptcp: pm: rm the right tmp file dpaa2-eth: properly handle buffer size restrictions bpf: Restrict bpf_trace_printk()'s %s usage and add %pks, %pus specifier bpf: Add bpf_probe_read_{user, kernel}_str() to do_refine_retval_range bpf: Restrict bpf_probe_read{, str}() only to archs where they work MAINTAINERS: Mark networking drivers as Maintained. ipmr: Add lockdep expression to ipmr_for_each_table macro ipmr: Fix RCU list debugging warning drivers: net: hamradio: Fix suspicious RCU usage warning in bpqether.c net: phy: broadcom: fix BCM54XX_SHD_SCR3_TRDDAPD value for BCM54810 tcp: fix error recovery in tcp_zerocopy_receive() MAINTAINERS: Add Jakub to networking drivers. MAINTAINERS: another add of Karsten Graul for S390 networking drivers: ipa: fix typos for ipa_smp2p structure doc pppoe: only process PADT targeted at local interfaces selftests/bpf: Enforce returning 0 for fentry/fexit programs bpf: Enforce returning 0 for fentry/fexit progs net: stmmac: fix num_por initialization security: Fix the default value of secid_to_secctx hook libbpf: Fix register naming in PT_REGS s390 macros ...","","This commit merges networking fixes from the netdev repository involving reference count leaks and improvements in BPF probe handling.","networking,BPF,merge","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"8e1381049ed5d213e7a1a7f95bbff83af8c59234","8e1381049ed5d213e7a1a7f95bbff83af8c59234","David S. Miller","davem@davemloft.net","1589565441","David S. Miller","davem@davemloft.net","1589565441","25f0cead7a4ebfcbb634196ab7078ace6b74812a","9a2dbb59ebd17a91f99a20b0286dfb6445981ecf 59df9f1fb4977b40cfad8d07b0d5baeb3a07e22c","Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf Alexei Starovoitov says: ==================== pull-request: bpf 2020-05-15 The following pull-request contains BPF updates for your *net* tree. We've added 9 non-merge commits during the last 2 day(s) which contain a total of 14 files changed, 137 insertions(+), 43 deletions(-). The main changes are: 1) Fix secid_to_secctx LSM hook default value, from Anders. 2) Fix bug in mmap of bpf array, from Andrii. 3) Restrict bpf_probe_read to archs where they work, from Daniel. 4) Enforce returning 0 for fentry/fexit progs, from Yonghong. ==================== Signed-off-by: David S. Miller ","","This commit merges BPF updates with security and bug fixes into the net tree.","BPF, updates, merge","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"3430223d393dd23734cc87177d704449cfc294a8","3430223d393dd23734cc87177d704449cfc294a8","David S. Miller","davem@davemloft.net","1589564632","David S. Miller","davem@davemloft.net","1589564632","8a82f0640e498d463d8b059aa0dabb27e5214b13","0141792f8b7300006b874dda1c35acd0abd90d9d ed24a7a852b542911479383d5c80b9a2b4bb8caa","Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next Alexei Starovoitov says: ==================== pull-request: bpf-next 2020-05-15 The following pull-request contains BPF updates for your *net-next* tree. We've added 37 non-merge commits during the last 1 day(s) which contain a total of 67 files changed, 741 insertions(+), 252 deletions(-). The main changes are: 1) bpf_xdp_adjust_tail() now allows to grow the tail as well, from Jesper. 2) bpftool can probe CONFIG_HZ, from Daniel. 3) CAP_BPF is introduced to isolate user processes that use BPF infra and to secure BPF networking services by dropping CAP_SYS_ADMIN requirement in certain cases, from Alexei. ==================== Signed-off-by: David S. Miller ","","This commit merges updates from the bpf-next branch into the net-next tree, including enhancements like bpf_xdp_adjust_tail() tail growth.","bpf, changes, merge","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"ed24a7a852b542911479383d5c80b9a2b4bb8caa","ed24a7a852b542911479383d5c80b9a2b4bb8caa","Daniel Borkmann","daniel@iogearbox.net","1589556582","Daniel Borkmann","daniel@iogearbox.net","1589556586","6315790b1ff6943b35aab55167ec86996184b770","0ee52c0f6c67e187ff1906f6048af7c96df320c7 81626001187609b9c49696a5b48d5abcf0e5f9be","Merge branch 'bpf-cap' Alexei Starovoitov says: ==================== v6->v7: - permit SK_REUSEPORT program type under CAP_BPF as suggested by Marek Majkowski. It's equivalent to SOCKET_FILTER which is unpriv. v5->v6: - split allow_ptr_leaks into four flags. - retain bpf_jit_limit under cap_sys_admin. - fixed few other issues spotted by Daniel. v4->v5: Split BPF operations that are allowed under CAP_SYS_ADMIN into combination of CAP_BPF, CAP_PERFMON, CAP_NET_ADMIN and keep some of them under CAP_SYS_ADMIN. The user process has to have - CAP_BPF to create maps, do other sys_bpf() commands and load SK_REUSEPORT progs. Note: dev_map, sock_hash, sock_map map types still require CAP_NET_ADMIN. That could be relaxed in the future. - CAP_BPF and CAP_PERFMON to load tracing programs. - CAP_BPF and CAP_NET_ADMIN to load networking programs. (or CAP_SYS_ADMIN for backward compatibility). CAP_BPF solves three main goals: 1. provides isolation to user space processes that drop CAP_SYS_ADMIN and switch to CAP_BPF. More on this below. This is the major difference vs v4 set back from Sep 2019. 2. makes networking BPF progs more secure, since CAP_BPF + CAP_NET_ADMIN prevents pointer leaks and arbitrary kernel memory access. 3. enables fuzzers to exercise all of the verifier logic. Eventually finding bugs and making BPF infra more secure. Currently fuzzers run in unpriv. They will be able to run with CAP_BPF. The patchset is long overdue follow-up from the last plumbers conference. Comparing to what was discussed at LPC the CAP* checks at attach time are gone. For tracing progs the CAP_SYS_ADMIN check was done at load time only. There was no check at attach time. For networking and cgroup progs CAP_SYS_ADMIN was required at load time and CAP_NET_ADMIN at attach time, but there are several ways to bypass CAP_NET_ADMIN: - if networking prog is using tail_call writing FD into prog_array will effectively attach it, but bpf_map_update_elem is an unprivileged operation. - freplace prog with CAP_SYS_ADMIN can replace networking prog Consolidating all CAP checks at load time makes security model similar to open() syscall. Once the user got an FD it can do everything with it. read/write/poll don't check permissions. The same way when bpf_prog_load command returns an FD the user can do everything (including attaching, detaching, and bpf_test_run). The important design decision is to allow ID->FD transition for CAP_SYS_ADMIN only. What it means that user processes can run with CAP_BPF and CAP_NET_ADMIN and they will not be able to affect each other unless they pass FDs via scm_rights or via pinning in bpffs. ID->FD is a mechanism for human override and introspection. An admin can do 'sudo bpftool prog ...'. It's possible to enforce via LSM that only bpftool binary does bpf syscall with CAP_SYS_ADMIN and the rest of user space processes do bpf syscall with CAP_BPF isolating bpf objects (progs, maps, links) that are owned by such processes from each other. Another significant change from LPC is that the verifier checks are split into four flags. The allow_ptr_leaks flag allows pointer manipulations. The bpf_capable flag enables all modern verifier features like bpf-to-bpf calls, BTF, bounded loops, dead code elimination, etc. All the goodness. The bypass_spec_v1 flag enables indirect stack access from bpf programs and disables speculative analysis and bpf array mitigations. The bypass_spec_v4 flag disables store sanitation. That allows networking progs with CAP_BPF + CAP_NET_ADMIN enjoy modern verifier features while being more secure. Some networking progs may need CAP_BPF + CAP_NET_ADMIN + CAP_PERFMON, since subtracting pointers (like skb->data_end - skb->data) is a pointer leak, but the verifier may get smarter in the future. ==================== Signed-off-by: Daniel Borkmann ","","This commit merges the 'bpf-cap' branch to introduce new CAP_BPF capabilities for enhanced security in eBPF program management.","CAP_BPF, security, eBPF","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"81626001187609b9c49696a5b48d5abcf0e5f9be","81626001187609b9c49696a5b48d5abcf0e5f9be","Alexei Starovoitov","ast@kernel.org","1589411035","Daniel Borkmann","daniel@iogearbox.net","1589556581","6315790b1ff6943b35aab55167ec86996184b770","2c78ee898d8f10ae6fb2fa23a3fbaec96b1b7366","selftests/bpf: Use CAP_BPF and CAP_PERFMON in tests Make all test_verifier test exercise CAP_BPF and CAP_PERFMON Signed-off-by: Alexei Starovoitov Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200513230355.7858-4-alexei.starovoitov@gmail.com","tools/testing/selftests/bpf/test_verifier.c | 44 +++++++++++++++++++-----; tools/testing/selftests/bpf/verifier/calls.c | 16 ++++-----; tools/testing/selftests/bpf/verifier/dead_code.c | 10 +++---; 3 files changed, 49 insertions(+), 21 deletions(-)","This commit updates BPF selftests to exercise CAP_BPF and CAP_PERFMON capabilities.","CAP_BPF,CAP_PERFMON,selftests","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"2c78ee898d8f10ae6fb2fa23a3fbaec96b1b7366","2c78ee898d8f10ae6fb2fa23a3fbaec96b1b7366","Alexei Starovoitov","ast@kernel.org","1589411034","Daniel Borkmann","daniel@iogearbox.net","1589556581","6f2c093168b9b2c532127994bd50ff9f8e82401e","a17b53c4a4b55ec322c132b6670743612229ee9c","bpf: Implement CAP_BPF Implement permissions as stated in uapi/linux/capability.h In order to do that the verifier allow_ptr_leaks flag is split into four flags and they are set as: env->allow_ptr_leaks = bpf_allow_ptr_leaks(); env->bypass_spec_v1 = bpf_bypass_spec_v1(); env->bypass_spec_v4 = bpf_bypass_spec_v4(); env->bpf_capable = bpf_capable(); The first three currently equivalent to perfmon_capable(), since leaking kernel pointers and reading kernel memory via side channel attacks is roughly equivalent to reading kernel memory with cap_perfmon. 'bpf_capable' enables bounded loops, precision tracking, bpf to bpf calls and other verifier features. 'allow_ptr_leaks' enable ptr leaks, ptr conversions, subtraction of pointers. 'bypass_spec_v1' disables speculative analysis in the verifier, run time mitigations in bpf array, and enables indirect variable access in bpf programs. 'bypass_spec_v4' disables emission of sanitation code by the verifier. That means that the networking BPF program loaded with CAP_BPF + CAP_NET_ADMIN will have speculative checks done by the verifier and other spectre mitigation applied. Such networking BPF program will not be able to leak kernel pointers and will not be able to access arbitrary kernel memory. Signed-off-by: Alexei Starovoitov Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200513230355.7858-3-alexei.starovoitov@gmail.com","drivers/media/rc/bpf-lirc.c | 2 +-; include/linux/bpf.h | 18 ++++++++-; include/linux/bpf_verifier.h | 3 ++; kernel/bpf/arraymap.c | 10 ++---; kernel/bpf/bpf_struct_ops.c | 2 +-; kernel/bpf/core.c | 2 +-; kernel/bpf/cpumap.c | 2 +-; kernel/bpf/hashtab.c | 4 +-; kernel/bpf/helpers.c | 4 +-; kernel/bpf/lpm_trie.c | 2 +-; kernel/bpf/map_in_map.c | 2 +-; kernel/bpf/queue_stack_maps.c | 2 +-; kernel/bpf/reuseport_array.c | 2 +-; kernel/bpf/stackmap.c | 2 +-; kernel/bpf/syscall.c | 89 +++++++++++++++++++++++++++++++++----------; kernel/bpf/verifier.c | 37 +++++++++---------; kernel/trace/bpf_trace.c | 3 ++; net/core/bpf_sk_storage.c | 4 +-; net/core/filter.c | 4 +-; 19 files changed, 134 insertions(+), 60 deletions(-)","Implements CAP_BPF by expanding `allow_ptr_leaks` into multiple flags, enhancing verifier capabilities and security measures.","CAP_BPF,verifier,permissions","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"a17b53c4a4b55ec322c132b6670743612229ee9c","a17b53c4a4b55ec322c132b6670743612229ee9c","Alexei Starovoitov","ast@kernel.org","1589411033","Daniel Borkmann","daniel@iogearbox.net","1589556581","91deeb77f85935198bc7625d4c79006ccdb460f3","0ee52c0f6c67e187ff1906f6048af7c96df320c7","bpf, capability: Introduce CAP_BPF Split BPF operations that are allowed under CAP_SYS_ADMIN into combination of CAP_BPF, CAP_PERFMON, CAP_NET_ADMIN. For backward compatibility include them in CAP_SYS_ADMIN as well. The end result provides simple safety model for applications that use BPF: - to load tracing program types BPF_PROG_TYPE_{KPROBE, TRACEPOINT, PERF_EVENT, RAW_TRACEPOINT, etc} use CAP_BPF and CAP_PERFMON - to load networking program types BPF_PROG_TYPE_{SCHED_CLS, XDP, SK_SKB, etc} use CAP_BPF and CAP_NET_ADMIN There are few exceptions from this rule: - bpf_trace_printk() is allowed in networking programs, but it's using tracing mechanism, hence this helper needs additional CAP_PERFMON if networking program is using this helper. - BPF_F_ZERO_SEED flag for hash/lru map is allowed under CAP_SYS_ADMIN only to discourage production use. - BPF HW offload is allowed under CAP_SYS_ADMIN. - bpf_probe_write_user() is allowed under CAP_SYS_ADMIN only. CAPs are not checked at attach/detach time with two exceptions: - loading BPF_PROG_TYPE_CGROUP_SKB is allowed for unprivileged users, hence CAP_NET_ADMIN is required at attach time. - flow_dissector detach doesn't check prog FD at detach, hence CAP_NET_ADMIN is required at detach time. CAP_SYS_ADMIN is required to iterate BPF objects (progs, maps, links) via get_next_id command and convert them to file descriptor via GET_FD_BY_ID command. This restriction guarantees that mutliple tasks with CAP_BPF are not able to affect each other. That leads to clean isolation of tasks. For example: task A with CAP_BPF and CAP_NET_ADMIN loads and attaches a firewall via bpf_link. task B with the same capabilities cannot detach that firewall unless task A explicitly passed link FD to task B via scm_rights or bpffs. CAP_SYS_ADMIN can still detach/unload everything. Two networking user apps with CAP_SYS_ADMIN and CAP_NET_ADMIN can accidentely mess with each other programs and maps. Two networking user apps with CAP_NET_ADMIN and CAP_BPF cannot affect each other. CAP_NET_ADMIN + CAP_BPF allows networking programs access only packet data. Such networking progs cannot access arbitrary kernel memory or leak pointers. bpftool, bpftrace, bcc tools binaries should NOT be installed with CAP_BPF and CAP_PERFMON, since unpriv users will be able to read kernel secrets. But users with these two permissions will be able to use these tracing tools. CAP_PERFMON is least secure, since it allows kprobes and kernel memory access. CAP_NET_ADMIN can stop network traffic via iproute2. CAP_BPF is the safest from security point of view and harmless on its own. Having CAP_BPF and/or CAP_NET_ADMIN is not enough to write into arbitrary map and if that map is used by firewall-like bpf prog. CAP_BPF allows many bpf prog_load commands in parallel. The verifier may consume large amount of memory and significantly slow down the system. Existing unprivileged BPF operations are not affected. In particular unprivileged users are allowed to load socket_filter and cg_skb program types and to create array, hash, prog_array, map-in-map map types. Signed-off-by: Alexei Starovoitov Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200513230355.7858-2-alexei.starovoitov@gmail.com","include/linux/capability.h | 5 +++++; include/uapi/linux/capability.h | 34 +++++++++++++++++++++++++++++++++-; security/selinux/include/classmap.h | 4 ++--; 3 files changed, 40 insertions(+), 3 deletions(-)","The commit introduces the new CAP_BPF capability, reorganizing eBPF permissions and ensuring compatibility with existing CAP_SYS_ADMIN capabilities.","CAP_BPF,CAP_SYS_ADMIN,permissions","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"0ee52c0f6c67e187ff1906f6048af7c96df320c7","0ee52c0f6c67e187ff1906f6048af7c96df320c7","Daniel Borkmann","daniel@iogearbox.net","1589356729","Alexei Starovoitov","ast@kernel.org","1589555933","58be0afc7de627f5b4ca43e603af0eae37940f3f","5cc5924d8315a53e03e7dbfa7a3067cde7a81ded","bpf, bpftool: Allow probing for CONFIG_HZ from kernel config In Cilium we've recently switched to make use of bpf_jiffies64() for parts of our tc and XDP datapath since bpf_ktime_get_ns() is more expensive and high-precision is not needed for our timeouts we have anyway. Our agent has a probe manager which picks up the json of bpftool's feature probe and we also use the macro output in our C programs e.g. to have workarounds when helpers are not available on older kernels. Extend the kernel config info dump to also include the kernel's CONFIG_HZ, and rework the probe_kernel_image_config() for allowing a macro dump such that CONFIG_HZ can be propagated to BPF C code as a simple define if available via config. Latter allows to have _compile- time_ resolution of jiffies <-> sec conversion in our code since all are propagated as known constants. Given we cannot generally assume availability of kconfig everywhere, we also have a kernel hz probe [0] as a fallback. Potentially, bpftool could have an integrated probe fallback as well, although to derive it, we might need to place it under 'bpftool feature probe full' or similar given it would slow down the probing process overall. Yet 'full' doesn't fit either for us since we don't want to pollute the kernel log with warning messages from bpf_probe_write_user() and bpf_trace_printk() on agent startup; I've left it out for the time being. [0] https://github.com/cilium/cilium/blob/master/bpf/cilium-probe-kernel-hz.c Signed-off-by: Daniel Borkmann Signed-off-by: Alexei Starovoitov Reviewed-by: Quentin Monnet Cc: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200513075849.20868-1-daniel@iogearbox.net","tools/bpf/bpftool/feature.c | 120 +++++++++++++++++++++++++-------------------; 1 file changed, 67 insertions(+), 53 deletions(-)","The commit enhances bpftool to probe CONFIG_HZ from the kernel config for better compile-time jiffies conversion in BPF C code.","bpftool, CONFIG_HZ, probe","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['tc related type programs. It affects programs managing traffic control (tc) for queuing or prioritizing network traffic.', 'XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"59df9f1fb4977b40cfad8d07b0d5baeb3a07e22c","59df9f1fb4977b40cfad8d07b0d5baeb3a07e22c","Alexei Starovoitov","ast@kernel.org","1589555436","Alexei Starovoitov","ast@kernel.org","1589555707","bb520b4c58247f567a586756c98ab5840d21f8f8","6d74f64b922b8394dccc52576659cb0dc0a1da7b b2a5212fb634561bb734c6356904e37f6665b955","Merge branch 'restrict-bpf_probe_read' Daniel Borkmann says: ==================== Small set of fixes in order to restrict BPF helpers for tracing which are broken on archs with overlapping address ranges as per discussion in [0]. I've targetted this for -bpf tree so they can be routed as fixes. Thanks! v1 -> v2: - switch to reusable %pks, %pus format specifiers (Yonghong) - fixate %s on kernel_ds probing for archs with overlapping addr space [0] https://lore.kernel.org/bpf/CAHk-=wjJKo0GVixYLmqPn-Q22WFu0xHaBSjKEo7e7Yw72y5SPQ@mail.gmail.com/T/ ==================== Signed-off-by: Alexei Starovoitov ","","The commit merges fixes to restrict BPF helpers for tracing on architectures with overlapping address ranges.","restrict,BPF,helpers","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"b2a5212fb634561bb734c6356904e37f6665b955","b2a5212fb634561bb734c6356904e37f6665b955","Daniel Borkmann","daniel@iogearbox.net","1589537478","Alexei Starovoitov","ast@kernel.org","1589555436","bb520b4c58247f567a586756c98ab5840d21f8f8","47cc0ed574abcbbde0cf143ddb21a0baed1aa2df","bpf: Restrict bpf_trace_printk()'s %s usage and add %pks, %pus specifier Usage of plain %s conversion specifier in bpf_trace_printk() suffers from the very same issue as bpf_probe_read{,str}() helpers, that is, it is broken on archs with overlapping address ranges. While the helpers have been addressed through work in 6ae08ae3dea2 (""bpf: Add probe_read_{user, kernel} and probe_read_{user, kernel}_str helpers""), we need an option for bpf_trace_printk() as well to fix it. Similarly as with the helpers, force users to make an explicit choice by adding %pks and %pus specifier to bpf_trace_printk() which will then pick the corresponding strncpy_from_unsafe*() variant to perform the access under KERNEL_DS or USER_DS. The %pk* (kernel specifier) and %pu* (user specifier) can later also be extended for other objects aside strings that are probed and printed under tracing, and reused out of other facilities like bpf_seq_printf() or BTF based type printing. Existing behavior of %s for current users is still kept working for archs where it is not broken and therefore gated through CONFIG_ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE. For archs not having this property we fall-back to pick probing under KERNEL_DS as a sensible default. Fixes: 8d3b7dce8622 (""bpf: add support for %s specifier to bpf_trace_printk()"") Reported-by: Linus Torvalds Reported-by: Christoph Hellwig Signed-off-by: Daniel Borkmann Signed-off-by: Alexei Starovoitov Cc: Masami Hiramatsu Cc: Brendan Gregg Link: https://lore.kernel.org/bpf/20200515101118.6508-4-daniel@iogearbox.net","Documentation/core-api/printk-formats.rst | 14 +++++; kernel/trace/bpf_trace.c | 94 ++++++++++++++++++++-----------; lib/vsprintf.c | 12 ++++; 3 files changed, 88 insertions(+), 32 deletions(-)","Restrict bpf_trace_printk()'s %s usage by adding %pks and %pus specifiers to address overlapping address range issues on certain architectures.","bpf_trace_printk %s-specifier overlapping-addresses","A bug fix. It primarily resolves a bug or issue in the code.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.']" +"47cc0ed574abcbbde0cf143ddb21a0baed1aa2df","47cc0ed574abcbbde0cf143ddb21a0baed1aa2df","Daniel Borkmann","daniel@iogearbox.net","1589537477","Alexei Starovoitov","ast@kernel.org","1589555436","b8872b7cca31323beb60b824bbd073bd5b34197c","0ebeea8ca8a4d1d453ad299aef0507dab04f6e8d","bpf: Add bpf_probe_read_{user, kernel}_str() to do_refine_retval_range Given bpf_probe_read{,str}() BPF helpers are now only available under CONFIG_ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE, we need to add the drop-in replacements of bpf_probe_read_{kernel,user}_str() to do_refine_retval_range() as well to avoid hitting the same issue as in 849fa50662fbc (""bpf/verifier: refine retval R0 state for bpf_get_stack helper""). Signed-off-by: Daniel Borkmann Signed-off-by: Alexei Starovoitov Acked-by: John Fastabend Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200515101118.6508-3-daniel@iogearbox.net","kernel/bpf/verifier.c | 4 +++-; 1 file changed, 3 insertions(+), 1 deletion(-)","Adds bpf_probe_read_{kernel,user}_str() to do_refine_retval_range to ensure proper retval refinement in eBPF verifier.","bpf_probe_read verifier refinement","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"0ebeea8ca8a4d1d453ad299aef0507dab04f6e8d","0ebeea8ca8a4d1d453ad299aef0507dab04f6e8d","Daniel Borkmann","daniel@iogearbox.net","1589537476","Alexei Starovoitov","ast@kernel.org","1589555436","6d869e1310be667ec0900ccede6290c912b61071","6d74f64b922b8394dccc52576659cb0dc0a1da7b","bpf: Restrict bpf_probe_read{, str}() only to archs where they work Given the legacy bpf_probe_read{,str}() BPF helpers are broken on archs with overlapping address ranges, we should really take the next step to disable them from BPF use there. To generally fix the situation, we've recently added new helper variants bpf_probe_read_{user,kernel}() and bpf_probe_read_{user,kernel}_str(). For details on them, see 6ae08ae3dea2 (""bpf: Add probe_read_{user, kernel} and probe_read_{user,kernel}_str helpers""). Given bpf_probe_read{,str}() have been around for ~5 years by now, there are plenty of users at least on x86 still relying on them today, so we cannot remove them entirely w/o breaking the BPF tracing ecosystem. However, their use should be restricted to archs with non-overlapping address ranges where they are working in their current form. Therefore, move this behind a CONFIG_ARCH_HAS_NON_OVERLAPPING_ADDRESS_SPACE and have x86, arm64, arm select it (other archs supporting it can follow-up on it as well). For the remaining archs, they can workaround easily by relying on the feature probe from bpftool which spills out defines that can be used out of BPF C code to implement the drop-in replacement for old/new kernels via: bpftool feature probe macro Suggested-by: Linus Torvalds Signed-off-by: Daniel Borkmann Signed-off-by: Alexei Starovoitov Reviewed-by: Masami Hiramatsu Acked-by: Linus Torvalds Cc: Brendan Gregg Cc: Christoph Hellwig Link: https://lore.kernel.org/bpf/20200515101118.6508-2-daniel@iogearbox.net","arch/arm/Kconfig | 1 +; arch/arm64/Kconfig | 1 +; arch/x86/Kconfig | 1 +; init/Kconfig | 3 +++; kernel/trace/bpf_trace.c | 6 ++++--; 5 files changed, 10 insertions(+), 2 deletions(-)","The commit restricts bpf_probe_read and bpf_probe_read_str helpers to specific architectures where they function correctly.","bpf_probe_read,architecture,restriction","A bug fix. It primarily resolves a bug or issue in the code.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['kprobe/ftrace like type kernel dynamic probe programs. It affects kernel-level probes used for tracing kernel functions. It can be other kernel probes in perf-events.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"5cc5924d8315a53e03e7dbfa7a3067cde7a81ded","5cc5924d8315a53e03e7dbfa7a3067cde7a81ded","Alexei Starovoitov","ast@kernel.org","1589516517","Alexei Starovoitov","ast@kernel.org","1589518203","0c842b02f62a8b7e2e7bd6f0a91053e652b45f7a","d00f26b623333f2419f4c3b95ff11c8b1bb96f56 7ae2e00e8fc23f10169079fadd388317d81012be","Merge branch 'xdp-grow-tail' Jesper Dangaard Brouer says: ==================== V4: - Fixup checkpatch.pl issues - Collected more ACKs V3: - Fix issue on virtio_net patch spotted by Jason Wang - Adjust name for variable in mlx5 patch - Collected more ACKs V2: - Fix bug in mlx5 for XDP_PASS case - Collected nitpicks and ACKs from mailing list V1: - Fix bug in dpaa2 XDP have evolved to support several frame sizes, but xdp_buff was not updated with this information. This have caused the side-effect that XDP frame data hard end is unknown. This have limited the BPF-helper bpf_xdp_adjust_tail to only shrink the packet. This patchset address this and add packet tail extend/grow. The purpose of the patchset is ALSO to reserve a memory area that can be used for storing extra information, specifically for extending XDP with multi-buffer support. One proposal is to use same layout as skb_shared_info, which is why this area is currently 320 bytes. When converting xdp_frame to SKB (veth and cpumap), the full tailroom area can now be used and SKB truesize is now correct. For most drivers this result in a much larger tailroom in SKB ""head"" data area. The network stack can now take advantage of this when doing SKB coalescing. Thus, a good driver test is to use xdp_redirect_cpu from samples/bpf/ and do some TCP stream testing. Use-cases for tail grow/extend: (1) IPsec / XFRM needs a tail extend[1][2]. (2) DNS-cache responses in XDP. (3) HAProxy ALOHA would need it to convert to XDP. (4) Add tail info e.g. timestamp and collect via tcpdump [1] http://vger.kernel.org/netconf2019_files/xfrm_xdp.pdf [2] http://vger.kernel.org/netconf2019.html Examples on howto access the tail area of an XDP packet is shown in the XDP-tutorial example[3]. [3] https://github.com/xdp-project/xdp-tutorial/blob/master/experiment01-tailgrow/ ==================== Signed-off-by: Alexei Starovoitov ","","Merges changes to support XDP frame tail growth and multi-buffer capabilities enhancing network packet handling.","XDP, tail extend, multi-buffer","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's likely a merge commit. It involves changes across multiple use cases or events."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"7ae2e00e8fc23f10169079fadd388317d81012be","7ae2e00e8fc23f10169079fadd388317d81012be","Jesper Dangaard Brouer","brouer@redhat.com","1589453505","Alexei Starovoitov","ast@kernel.org","1589516517","0c842b02f62a8b7e2e7bd6f0a91053e652b45f7a","68545fb6f2ff621de26d96a3f15868abfb6897b0","selftests/bpf: Xdp_adjust_tail add grow tail tests Extend BPF selftest xdp_adjust_tail with grow tail tests, which is added as subtest's. The first grow test stays in same form as original shrink test. The second grow test use the newer bpf_prog_test_run_xattr() calls, and does extra checking of data contents. Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/158945350567.97035.9632611946765811876.stgit@firesoul",".../selftests/bpf/prog_tests/xdp_adjust_tail.c | 116 ++++++++++++++++++++-; .../bpf/progs/test_xdp_adjust_tail_grow.c | 33 ++++++; 2 files changed, 144 insertions(+), 5 deletions(-)","The commit introduces additional tests for xdp_adjust_tail with grow tail scenarios in BPF selftests.","selftests,bpf,XDP","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"68545fb6f2ff621de26d96a3f15868abfb6897b0","68545fb6f2ff621de26d96a3f15868abfb6897b0","Jesper Dangaard Brouer","brouer@redhat.com","1589453500","Alexei Starovoitov","ast@kernel.org","1589516517","56bbe494fecdc792da57cc1e402957f64b245d81","bc56c919fce782f616823b76fb70a788f4762cf5","selftests/bpf: Adjust BPF selftest for xdp_adjust_tail Current selftest for BPF-helper xdp_adjust_tail only shrink tail. Make it more clear that this is a shrink test case. Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/158945350058.97035.17280775016196207372.stgit@firesoul",".../selftests/bpf/prog_tests/xdp_adjust_tail.c | 9 +++++--; .../testing/selftests/bpf/progs/test_adjust_tail.c | 30 ----------------------; .../bpf/progs/test_xdp_adjust_tail_shrink.c | 30 ++++++++++++++++++++++; 3 files changed, 37 insertions(+), 32 deletions(-)","The commit refines a BPF self-test to emphasize the shrinkage behavior of the xdp_adjust_tail helper.","BPF,selftest,xdp","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"bc56c919fce782f616823b76fb70a788f4762cf5","bc56c919fce782f616823b76fb70a788f4762cf5","Jesper Dangaard Brouer","brouer@redhat.com","1589453495","Alexei Starovoitov","ast@kernel.org","1589516516","eaeac8cc29065dac36ceda034db0a102dfd4605b","ddb47d518ca10948d1f64a983cb9274720f691cd","bpf: Add xdp.frame_sz in bpf_prog_test_run_xdp(). Update the memory requirements, when adding xdp.frame_sz in BPF test_run function bpf_prog_test_run_xdp() which e.g. is used by XDP selftests. Specifically add the expected reserved tailroom, but also allocated a larger memory area to reflect that XDP frames usually comes in this format. Limit the provided packet data size to 4096 minus headroom + tailroom, as this also reflect a common 3520 bytes MTU limit with XDP. Note that bpf_test_init already use a memory allocation method that clears memory. Thus, this already guards against leaking uninit kernel memory. Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/158945349549.97035.15316291762482444006.stgit@firesoul","net/bpf/test_run.c | 16 ++++++++++++----; 1 file changed, 12 insertions(+), 4 deletions(-)","Improve memory allocation and constraints in bpf_prog_test_run_xdp for XDP selftests.","memory,XDP,frames","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"ddb47d518ca10948d1f64a983cb9274720f691cd","ddb47d518ca10948d1f64a983cb9274720f691cd","Jesper Dangaard Brouer","brouer@redhat.com","1589453490","Alexei Starovoitov","ast@kernel.org","1589516516","0cf318eef490d4bc486d0eeae7604cd6a660f8ab","c8741e2bfe872425ea6f10bb6f7dc1d67bc60c3a","xdp: Clear grow memory in bpf_xdp_adjust_tail() Clearing memory of tail when grow happens, because it is too easy to write a XDP_PASS program that extend the tail, which expose this memory to users that can run tcpdump. Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Acked-by: Toke Høiland-Jørgensen Link: https://lore.kernel.org/bpf/158945349039.97035.5262100484553494.stgit@firesoul","net/core/filter.c | 4 ++++; 1 file changed, 4 insertions(+)","The commit clears memory in bpf_xdp_adjust_tail to prevent exposure during XDP tail growth.","xdp, memory, tail","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"c8741e2bfe872425ea6f10bb6f7dc1d67bc60c3a","c8741e2bfe872425ea6f10bb6f7dc1d67bc60c3a","Jesper Dangaard Brouer","brouer@redhat.com","1589453485","Alexei Starovoitov","ast@kernel.org","1589516516","f03ab9412cde9c6a8076e9f1b83e6fe1aae17058","d628ee4fef1dbd6f2fa11e3548322c7839319537","xdp: Allow bpf_xdp_adjust_tail() to grow packet size Finally, after all drivers have a frame size, allow BPF-helper bpf_xdp_adjust_tail() to grow or extend packet size at frame tail. Remember that helper/macro xdp_data_hard_end have reserved some tailroom. Thus, this helper makes sure that the BPF-prog don't have access to this tailroom area. V2: Remove one chicken check and use WARN_ONCE for other Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/158945348530.97035.12577148209134239291.stgit@firesoul","include/uapi/linux/bpf.h | 4 ++--; net/core/filter.c | 11 +++++++++--; 2 files changed, 11 insertions(+), 4 deletions(-)","This commit allows the bpf_xdp_adjust_tail() helper to grow packet size in eBPF XDP programs.","bpf_xdp_adjust_tail, packet, grow","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"d628ee4fef1dbd6f2fa11e3548322c7839319537","d628ee4fef1dbd6f2fa11e3548322c7839319537","Jesper Dangaard Brouer","brouer@redhat.com","1589453480","Alexei Starovoitov","ast@kernel.org","1589516516","6c0f701b8b77beea54d67a60617f2b171918dced","2a637c5b1aaf3b21418fadffad7e56ff27cee6f7","mlx5: Rx queue setup time determine frame_sz for XDP The mlx5 driver have multiple memory models, which are also changed according to whether a XDP bpf_prog is attached. The 'rx_striding_rq' setting is adjusted via ethtool priv-flags e.g.: # ethtool --set-priv-flags mlx5p2 rx_striding_rq off On the general case with 4K page_size and regular MTU packet, then the frame_sz is 2048 and 4096 when XDP is enabled, in both modes. The info on the given frame size is stored differently depending on the RQ-mode and encoded in a union in struct mlx5e_rq union wqe/mpwqe. In rx striding mode rq->mpwqe.log_stride_sz is either 11 or 12, which corresponds to 2048 or 4096 (MLX5_WQ_TYPE_LINKED_LIST_STRIDING_RQ). In non-striding mode (MLX5_WQ_TYPE_CYCLIC) the frag_stride is stored in rq->wqe.info.arr[0].frag_stride, for the first fragment, which is what the XDP case cares about. To reduce effect on fast-path, this patch determine the frame_sz at setup time, to avoid determining the memory model runtime. Variable is named frame0_sz to make it clear that this is only the frame size of the first fragment. This mlx5 driver does a DMA-sync on XDP_TX action, but grow is safe as it have done a DMA-map on the entire PAGE_SIZE. The driver also already does a XDP length check against sq->hw_mtu on the possible XDP xmit paths mlx5e_xmit_xdp_frame() + mlx5e_xmit_xdp_frame_mpwqe(). V3+4: Change variable name first_frame_sz to frame0_sz V2: Fix that frag_size need to be recalc before creating SKB. Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Acked-by: Tariq Toukan Cc: Saeed Mahameed Link: https://lore.kernel.org/bpf/158945348021.97035.12295039384250022883.stgit@firesoul","drivers/net/ethernet/mellanox/mlx5/core/en.h | 1 +; drivers/net/ethernet/mellanox/mlx5/core/en/xdp.c | 1 +; drivers/net/ethernet/mellanox/mlx5/core/en_main.c | 6 ++++++; drivers/net/ethernet/mellanox/mlx5/core/en_rx.c | 2 ++; 4 files changed, 10 insertions(+)","The commit optimizes frame size determination for the mlx5 driver during RX queue setup to enhance XDP performance.","mlx5,frame,XDP","A performance optimization. It improves the performance of existing code such as reducing latency or improving throughput.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"2a637c5b1aaf3b21418fadffad7e56ff27cee6f7","2a637c5b1aaf3b21418fadffad7e56ff27cee6f7","Jesper Dangaard Brouer","brouer@redhat.com","1589453475","Alexei Starovoitov","ast@kernel.org","1589516516","4d87b314bcb0fb6fa15411505cb234946b6bb5c4","d4ecdbf7aa2fa4feac09befb04cdaf44e6dc938b","xdp: For Intel AF_XDP drivers add XDP frame_sz Intel drivers implement native AF_XDP zerocopy in separate C-files, that have its own invocation of bpf_prog_run_xdp(). The setup of xdp_buff is also handled in separately from normal code path. This patch update XDP frame_sz for AF_XDP zerocopy drivers i40e, ice and ixgbe, as the code changes needed are very similar. Introduce a helper function xsk_umem_xdp_frame_sz() for calculating frame size. Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Acked-by: Björn Töpel Cc: intel-wired-lan@lists.osuosl.org Cc: Magnus Karlsson Link: https://lore.kernel.org/bpf/158945347511.97035.8536753731329475655.stgit@firesoul","drivers/net/ethernet/intel/i40e/i40e_xsk.c | 2 ++; drivers/net/ethernet/intel/ice/ice_xsk.c | 2 ++; drivers/net/ethernet/intel/ixgbe/ixgbe_xsk.c | 2 ++; include/net/xdp_sock.h | 11 +++++++++++; 4 files changed, 17 insertions(+)","This commit updates XDP frame size for Intel AF_XDP zerocopy drivers by introducing a helper function to calculate frame size.","XDP,AF_XDP,Intel","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"d4ecdbf7aa2fa4feac09befb04cdaf44e6dc938b","d4ecdbf7aa2fa4feac09befb04cdaf44e6dc938b","Jesper Dangaard Brouer","brouer@redhat.com","1589453470","Alexei Starovoitov","ast@kernel.org","1589516516","2cbc3416a573bffba3b7105c0118a05964c79d57","24104024ce0553ae7738bb1ea5e6e3ed6619160d","ice: Add XDP frame size to driver This driver uses different memory models depending on PAGE_SIZE at compile time. For PAGE_SIZE 4K it uses page splitting, meaning for normal MTU frame size is 2048 bytes (and headroom 192 bytes). For larger MTUs the driver still use page splitting, by allocating order-1 pages (8192 bytes) for RX frames. For PAGE_SIZE larger than 4K, driver instead advance its rx_buffer->page_offset with the frame size ""truesize"". For XDP frame size calculations, this mean that in PAGE_SIZE larger than 4K mode the frame_sz change on a per packet basis. For the page split 4K PAGE_SIZE mode, xdp.frame_sz is more constant and can be updated once outside the main NAPI loop. The default setting in the driver uses build_skb(), which provides the necessary headroom and tailroom for XDP-redirect in RX-frame (in both modes). There is one complication, which is legacy-rx mode (configurable via ethtool priv-flags). There are zero headroom in this mode, which is a requirement for XDP-redirect to work. The conversion to xdp_frame (convert_to_xdp_frame) will detect this insufficient space, and xdp_do_redirect() call will fail. This is deemed acceptable, as it allows other XDP actions to still work in legacy-mode. In legacy-mode + larger PAGE_SIZE due to lacking tailroom, we also accept that xdp_adjust_tail shrink doesn't work. Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Cc: intel-wired-lan@lists.osuosl.org Cc: Jeff Kirsher Cc: Alexander Duyck Link: https://lore.kernel.org/bpf/158945347002.97035.328088795813704587.stgit@firesoul","drivers/net/ethernet/intel/ice/ice_txrx.c | 34 +++++++++++++++++++++++--------; 1 file changed, 25 insertions(+), 9 deletions(-)","The commit enhances the Intel ice driver to handle XDP frame sizes for varying PAGE_SIZE configurations.","XDP,ice,frame","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"24104024ce0553ae7738bb1ea5e6e3ed6619160d","24104024ce0553ae7738bb1ea5e6e3ed6619160d","Jesper Dangaard Brouer","brouer@redhat.com","1589453464","Alexei Starovoitov","ast@kernel.org","1589516516","d056b1e7d1c687826a6dded471fd0d81cd91d21a","81f3c6283cff03efae139a85851602a4c1c6bd72","i40e: Add XDP frame size to driver This driver uses different memory models depending on PAGE_SIZE at compile time. For PAGE_SIZE 4K it uses page splitting, meaning for normal MTU frame size is 2048 bytes (and headroom 192 bytes). For larger MTUs the driver still use page splitting, by allocating order-1 pages (8192 bytes) for RX frames. For PAGE_SIZE larger than 4K, driver instead advance its rx_buffer->page_offset with the frame size ""truesize"". For XDP frame size calculations, this mean that in PAGE_SIZE larger than 4K mode the frame_sz change on a per packet basis. For the page split 4K PAGE_SIZE mode, xdp.frame_sz is more constant and can be updated once outside the main NAPI loop. The default setting in the driver uses build_skb(), which provides the necessary headroom and tailroom for XDP-redirect in RX-frame (in both modes). There is one complication, which is legacy-rx mode (configurable via ethtool priv-flags). There are zero headroom in this mode, which is a requirement for XDP-redirect to work. The conversion to xdp_frame (convert_to_xdp_frame) will detect this insufficient space, and xdp_do_redirect() call will fail. This is deemed acceptable, as it allows other XDP actions to still work in legacy-mode. In legacy-mode + larger PAGE_SIZE due to lacking tailroom, we also accept that xdp_adjust_tail shrink doesn't work. Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Cc: intel-wired-lan@lists.osuosl.org Cc: Jeff Kirsher Cc: Alexander Duyck Link: https://lore.kernel.org/bpf/158945346494.97035.12809400414566061815.stgit@firesoul","drivers/net/ethernet/intel/i40e/i40e_txrx.c | 30 ++++++++++++++++++++++++-----; 1 file changed, 25 insertions(+), 5 deletions(-)","The commit enhances the Intel i40e driver to support variable XDP frame sizes depending on the memory model and PAGE_SIZE.","XDP, i40e, driver","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"81f3c6283cff03efae139a85851602a4c1c6bd72","81f3c6283cff03efae139a85851602a4c1c6bd72","Jesper Dangaard Brouer","brouer@redhat.com","1589453459","Alexei Starovoitov","ast@kernel.org","1589516516","5eebc7def063cfd661a678f3e115b0322e42e6e9","cf02512899805d6f3d48c0cf1825148f5d24fe71","ixgbevf: Add XDP frame size to VF driver This patch mirrors the changes to ixgbe in previous patch. This VF driver doesn't support XDP_REDIRECT, but correct tailroom is still necessary for BPF-helper xdp_adjust_tail. In legacy-mode + larger PAGE_SIZE, due to lacking tailroom, we accept that xdp_adjust_tail shrink doesn't work. Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Cc: intel-wired-lan@lists.osuosl.org Cc: Jeff Kirsher Cc: Alexander Duyck Link: https://lore.kernel.org/bpf/158945345984.97035.13518286183248025173.stgit@firesoul","drivers/net/ethernet/intel/ixgbevf/ixgbevf_main.c | 34 ++++++++++++++++++-----; 1 file changed, 27 insertions(+), 7 deletions(-)","Adds XDP frame size handling to ixgbevf driver, ensuring correct tailroom for BPF-helper xdp_adjust_tail adjustment.","ixgbevf,XDP,tailroom","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"cf02512899805d6f3d48c0cf1825148f5d24fe71","cf02512899805d6f3d48c0cf1825148f5d24fe71","Jesper Dangaard Brouer","brouer@redhat.com","1589453454","Alexei Starovoitov","ast@kernel.org","1589516515","c059ccf0b40dfbb6909dafcbe6820166cacd689b","88eb0ee17b2ece64fcf6689a4557a5c2e7a89c4b","ixgbe: Add XDP frame size to driver This driver uses different memory models depending on PAGE_SIZE at compile time. For PAGE_SIZE 4K it uses page splitting, meaning for normal MTU frame size is 2048 bytes (and headroom 192 bytes). For larger MTUs the driver still use page splitting, by allocating order-1 pages (8192 bytes) for RX frames. For PAGE_SIZE larger than 4K, driver instead advance its rx_buffer->page_offset with the frame size ""truesize"". For XDP frame size calculations, this mean that in PAGE_SIZE larger than 4K mode the frame_sz change on a per packet basis. For the page split 4K PAGE_SIZE mode, xdp.frame_sz is more constant and can be updated once outside the main NAPI loop. The default setting in the driver uses build_skb(), which provides the necessary headroom and tailroom for XDP-redirect in RX-frame (in both modes). There is one complication, which is legacy-rx mode (configurable via ethtool priv-flags). There are zero headroom in this mode, which is a requirement for XDP-redirect to work. The conversion to xdp_frame (convert_to_xdp_frame) will detect this insufficient space, and xdp_do_redirect() call will fail. This is deemed acceptable, as it allows other XDP actions to still work in legacy-mode. In legacy-mode + larger PAGE_SIZE due to lacking tailroom, we also accept that xdp_adjust_tail shrink doesn't work. Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Cc: intel-wired-lan@lists.osuosl.org Cc: Jeff Kirsher Cc: Alexander Duyck Link: https://lore.kernel.org/bpf/158945345455.97035.14334355929030628741.stgit@firesoul","drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 34 ++++++++++++++++++++-------; 1 file changed, 26 insertions(+), 8 deletions(-)","The commit modifies the ixgbe driver to accommodate varying XDP frame sizes for different memory models and page sizes.","ixgbe,XDP,driver","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"88eb0ee17b2ece64fcf6689a4557a5c2e7a89c4b","88eb0ee17b2ece64fcf6689a4557a5c2e7a89c4b","Jesper Dangaard Brouer","brouer@redhat.com","1589453449","Alexei Starovoitov","ast@kernel.org","1589516515","587662826d6a0920cf746c4ff3e28a5401eaefff","9ce6146ec7b50718fa5ef5287f1d6561b25a5da8","ixgbe: Fix XDP redirect on archs with PAGE_SIZE above 4K The ixgbe driver have another memory model when compiled on archs with PAGE_SIZE above 4096 bytes. In this mode it doesn't split the page in two halves, but instead increment rx_buffer->page_offset by truesize of packet (which include headroom and tailroom for skb_shared_info). This is done correctly in ixgbe_build_skb(), but in ixgbe_rx_buffer_flip which is currently only called on XDP_TX and XDP_REDIRECT, it forgets to add the tailroom for skb_shared_info. This breaks XDP_REDIRECT, for veth and cpumap. Fix by adding size of skb_shared_info tailroom. Maintainers notice: This fix have been queued to Jeff. Fixes: 6453073987ba (""ixgbe: add initial support for xdp redirect"") Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Cc: Jeff Kirsher Link: https://lore.kernel.org/bpf/158945344946.97035.17031588499266605743.stgit@firesoul","drivers/net/ethernet/intel/ixgbe/ixgbe_main.c | 3 ++-; 1 file changed, 2 insertions(+), 1 deletion(-)","The commit fixes an issue with XDP redirect in the ixgbe driver on architectures with PAGE_SIZE above 4K.","ixgbe,XDP,redirect","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"9ce6146ec7b50718fa5ef5287f1d6561b25a5da8","9ce6146ec7b50718fa5ef5287f1d6561b25a5da8","Jesper Dangaard Brouer","brouer@redhat.com","1589453444","Alexei Starovoitov","ast@kernel.org","1589516515","db318afaf6040e9f32853b98e625a8222fcd861f","05afee298afc2f2497b7400b53e9d60fcc24d525","virtio_net: Add XDP frame size in two code paths The virtio_net driver is running inside the guest-OS. There are two XDP receive code-paths in virtio_net, namely receive_small() and receive_mergeable(). The receive_big() function does not support XDP. In receive_small() the frame size is available in buflen. The buffer backing these frames are allocated in add_recvbuf_small() with same size, except for the headroom, but tailroom have reserved room for skb_shared_info. The headroom is encoded in ctx pointer as a value. In receive_mergeable() the frame size is more dynamic. There are two basic cases: (1) buffer size is based on a exponentially weighted moving average (see DECLARE_EWMA) of packet length. Or (2) in case virtnet_get_headroom() have any headroom then buffer size is PAGE_SIZE. The ctx pointer is this time used for encoding two values; the buffer len ""truesize"" and headroom. In case (1) if the rx buffer size is underestimated, the packet will have been split over more buffers (num_buf info in virtio_net_hdr_mrg_rxbuf placed in top of buffer area). If that happens the XDP path does a xdp_linearize_page operation. V3: Adjust frame_sz in receive_mergeable() case, spotted by Jason Wang. The code is really hard to follow, so some hints to reviewers. The receive_mergeable() case gets frames that were allocated in add_recvbuf_mergeable() which uses headroom=virtnet_get_headroom(), and 'buf' ptr is advanced this headroom. The headroom can only be 0 or VIRTIO_XDP_HEADROOM, as virtnet_get_headroom is really simple: static unsigned int virtnet_get_headroom(struct virtnet_info *vi) { return vi->xdp_queue_pairs ? VIRTIO_XDP_HEADROOM : 0; } As frame_sz is an offset size from xdp.data_hard_start, reviewers should notice how this is calculated in receive_mergeable(): int offset = buf - page_address(page); [...] data = page_address(xdp_page) + offset; xdp.data_hard_start = data - VIRTIO_XDP_HEADROOM + vi->hdr_len; The calculated offset will always be VIRTIO_XDP_HEADROOM when reaching this code. Thus, xdp.data_hard_start will be page-start address plus vi->hdr_len. Given this xdp.frame_sz need to be reduced with vi->hdr_len size. IMHO a followup patch should cleanup this code to make it easier to maintain and understand, but it is outside the scope of this patchset. Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Acked-by: Michael S. Tsirkin Acked-by: Jason Wang Link: https://lore.kernel.org/bpf/158945344436.97035.9445115070189151680.stgit@firesoul","drivers/net/virtio_net.c | 15 ++++++++++++---; 1 file changed, 12 insertions(+), 3 deletions(-)","This commit optimizes virtio_net by accurately adjusting XDP frame size in two receiving paths, enhancing packet handling in virtualized networks.","virtio_net,XDP,frame","A performance optimization. It improves the performance of existing code such as reducing latency or improving throughput.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"05afee298afc2f2497b7400b53e9d60fcc24d525","05afee298afc2f2497b7400b53e9d60fcc24d525","Jesper Dangaard Brouer","brouer@redhat.com","1589453439","Alexei Starovoitov","ast@kernel.org","1589516515","dcda0b333a72b6af22edd6bd36a9e65914aef529","fb3e6e9307973d2f70a173f1b33d1054fa2b691f","vhost_net: Also populate XDP frame size In vhost_net_build_xdp() the 'buf' that gets queued via an xdp_buff have embedded a struct tun_xdp_hdr (located at xdp->data_hard_start) which contains the buffer length 'buflen' (with tailroom for skb_shared_info). Also storing this buflen in xdp->frame_sz, does not obsolete struct tun_xdp_hdr, as it also contains a struct virtio_net_hdr with other information. Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Acked-by: Michael S. Tsirkin Acked-by: Jason Wang Link: https://lore.kernel.org/bpf/158945343928.97035.4620233649151726289.stgit@firesoul","drivers/vhost/net.c | 1 +; 1 file changed, 1 insertion(+)","The commit updates the vhost_net driver to store buffer length in xdp->frame_sz for XDP frames.","vhost_net,XDP,frame","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"fb3e6e9307973d2f70a173f1b33d1054fa2b691f","fb3e6e9307973d2f70a173f1b33d1054fa2b691f","Jesper Dangaard Brouer","brouer@redhat.com","1589453434","Alexei Starovoitov","ast@kernel.org","1589516515","32bcb2a25ff637e86999d7b7931f6aeb2557f801","fa6540b8efd8944f8627c2f304114663ef4aadc4","tun: Add XDP frame size The tun driver have two code paths for running XDP (bpf_prog_run_xdp). In both cases 'buflen' contains enough tailroom for skb_shared_info. Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Acked-by: Michael S. Tsirkin Acked-by: Jason Wang Link: https://lore.kernel.org/bpf/158945343419.97035.9594485183958037621.stgit@firesoul","drivers/net/tun.c | 2 ++; 1 file changed, 2 insertions(+)","The tun driver update adds XDP frame size handling with sufficient tailroom for skb_shared_info in both XDP paths.","tun,XDP,frame","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"fa6540b8efd8944f8627c2f304114663ef4aadc4","fa6540b8efd8944f8627c2f304114663ef4aadc4","Jesper Dangaard Brouer","brouer@redhat.com","1589453429","Alexei Starovoitov","ast@kernel.org","1589516515","b2e6d1f90196c4cd2761099f5587d7a7eee504fa","c8145b263dd85f9e589c7c7ba531423d82ca96ae","nfp: Add XDP frame size to netronome driver The netronome nfp driver use PAGE_SIZE when xdp_prog is set, but xdp.data_hard_start begins at offset NFP_NET_RX_BUF_HEADROOM. Thus, adjust for this when setting xdp.frame_sz, as it counts from data_hard_start. When doing XDP_TX this driver is smart and instead of a full DMA-map does a DMA-sync on with packet length. As xdp_adjust_tail can now grow packet length, add checks to make sure that grow size is within the DMA-mapped size. Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Reviewed-by: Jakub Kicinski Link: https://lore.kernel.org/bpf/158945342911.97035.11214251236208648808.stgit@firesoul","drivers/net/ethernet/netronome/nfp/nfp_net_common.c | 6 ++++++; 1 file changed, 6 insertions(+)","The commit updates the Netronome driver for XDP frame size adjustment due to NFP_NET_RX_BUF_HEADROOM.","XDP,Netronome,driver","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"c8145b263dd85f9e589c7c7ba531423d82ca96ae","c8145b263dd85f9e589c7c7ba531423d82ca96ae","Jesper Dangaard Brouer","brouer@redhat.com","1589453424","Alexei Starovoitov","ast@kernel.org","1589516515","d457e23b3f93ffa444c7be3c1ed39a55d890b53d","d201ea9ebc519fb34ad9ef1f49ab2ab31f5111ea","net: thunderx: Add XDP frame size To help reviewers these are the defines related to RCV_FRAG_LEN #define DMA_BUFFER_LEN 1536 /* In multiples of 128bytes */ #define RCV_FRAG_LEN (SKB_DATA_ALIGN(DMA_BUFFER_LEN + NET_SKB_PAD) + \ SKB_DATA_ALIGN(sizeof(struct skb_shared_info))) Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Cc: Sunil Goutham Cc: Robert Richter Link: https://lore.kernel.org/bpf/158945342402.97035.12649844447148990032.stgit@firesoul","drivers/net/ethernet/cavium/thunder/nicvf_main.c | 1 +; 1 file changed, 1 insertion(+)","This commit adds an XDP frame size definition to the ThunderX network driver.","XDP, frame, ThunderX","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"d201ea9ebc519fb34ad9ef1f49ab2ab31f5111ea","d201ea9ebc519fb34ad9ef1f49ab2ab31f5111ea","Jesper Dangaard Brouer","brouer@redhat.com","1589453418","Alexei Starovoitov","ast@kernel.org","1589516515","2e795958ceb00dd9477337388146931ad21e936f","08fc1cfd2d250be853d33d6505ae11ff52b83b74","mlx4: Add XDP frame size and adjust max XDP MTU The mlx4 drivers size of memory backing the RX packet is stored in frag_stride. For XDP mode this will be PAGE_SIZE (normally 4096). For normal mode frag_stride is 2048. Also adjust MLX4_EN_MAX_XDP_MTU to take tailroom into account. Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Reviewed-by: Tariq Toukan Cc: Saeed Mahameed Link: https://lore.kernel.org/bpf/158945341893.97035.2688142527052329942.stgit@firesoul","drivers/net/ethernet/mellanox/mlx4/en_netdev.c | 3 ++-; drivers/net/ethernet/mellanox/mlx4/en_rx.c | 1 +; 2 files changed, 3 insertions(+), 1 deletion(-)","The commit updates mlx4 drivers to support XDP frame size and adjust maximum XDP MTU based on tailroom.","mlx4,XDP,MTU","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"08fc1cfd2d250be853d33d6505ae11ff52b83b74","08fc1cfd2d250be853d33d6505ae11ff52b83b74","Jesper Dangaard Brouer","brouer@redhat.com","1589453413","Alexei Starovoitov","ast@kernel.org","1589516515","1016ab5fd555dac5c05409deb5e786e9a92eab28","c88c35181d6ab83e439855681032653ef8728045","ena: Add XDP frame size to amazon NIC driver Frame size ENA_PAGE_SIZE is limited to 16K on systems with larger PAGE_SIZE than 16K. Change ENA_XDP_MAX_MTU to also take into account the reserved tailroom. Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Acked-by: Sameeh Jubran Cc: Arthur Kiyanovski Link: https://lore.kernel.org/bpf/158945341384.97035.907403694833419456.stgit@firesoul","drivers/net/ethernet/amazon/ena/ena_netdev.c | 1 +; drivers/net/ethernet/amazon/ena/ena_netdev.h | 5 +++--; 2 files changed, 4 insertions(+), 2 deletions(-)","This commit updates the frame size handling for XDP in the Amazon NIC driver by considering system PAGE_SIZE and tailroom.","XDP, ENA, NIC","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","It's not related to any above. E.g. It affects a logic component in eBPF that is not listed here and not related to other events.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"c88c35181d6ab83e439855681032653ef8728045","c88c35181d6ab83e439855681032653ef8728045","Jesper Dangaard Brouer","brouer@redhat.com","1589453408","Alexei Starovoitov","ast@kernel.org","1589516515","ca9bb2c37bc80fccc35057ade63c10b07931ad71","bc1c5745d77963a4f4684c78cc2b3323900af68b","net: ethernet: ti: Add XDP frame size to driver cpsw The driver code cpsw.c and cpsw_new.c both use page_pool with default order-0 pages or their RX-pages. Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Reviewed-by: Grygorii Strashko Cc: Ilias Apalodimas Link: https://lore.kernel.org/bpf/158945340875.97035.752144756428532878.stgit@firesoul","drivers/net/ethernet/ti/cpsw.c | 1 +; drivers/net/ethernet/ti/cpsw_new.c | 1 +; 2 files changed, 2 insertions(+)","The commit adds XDP frame size support to the TI Ethernet driver cpsw.","XDP,cpsw,Ethernet","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"bc1c5745d77963a4f4684c78cc2b3323900af68b","bc1c5745d77963a4f4684c78cc2b3323900af68b","Jesper Dangaard Brouer","brouer@redhat.com","1589453403","Alexei Starovoitov","ast@kernel.org","1589516515","1b289888a3954029c68fb965c13cca24566754a3","7358877ac11041a22ce1cb35c352809051eac48f","qlogic/qede: Add XDP frame size to driver The driver qede uses a full page, when XDP is enabled. The drivers value in rx_buf_seg_size (struct qede_rx_queue) will be PAGE_SIZE when an XDP bpf_prog is attached. Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Cc: Ariel Elior Cc: GR-everest-linux-l2@marvell.com Link: https://lore.kernel.org/bpf/158945340366.97035.7764939691580349618.stgit@firesoul","drivers/net/ethernet/qlogic/qede/qede_fp.c | 1 +; drivers/net/ethernet/qlogic/qede/qede_main.c | 2 +-; 2 files changed, 2 insertions(+), 1 deletion(-)","This commit updates the qede network driver to handle XDP frame size when XDP is enabled.","qede,XDP,PAGE_SIZE","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"7358877ac11041a22ce1cb35c352809051eac48f","7358877ac11041a22ce1cb35c352809051eac48f","Jesper Dangaard Brouer","brouer@redhat.com","1589453398","Alexei Starovoitov","ast@kernel.org","1589516514","6458f0482c41723e6a8521fb7c1105b2d5914942","4a9b052a590d6217237502efde7d598156966080","hv_netvsc: Add XDP frame size to driver The hyperv NIC driver does memory allocation and copy even without XDP. In XDP mode it will allocate a new page for each packet and copy over the payload, before invoking the XDP BPF-prog. The positive thing it that its easy to determine the xdp.frame_sz. The XDP implementation for hv_netvsc transparently passes xdp_prog to the associated VF NIC. Many of the Azure VMs are using SRIOV, so majority of the data are actually processed directly on the VF driver's XDP path. So the overhead of the synthetic data path (hv_netvsc) is minimal. Then XDP is enabled on this driver, XDP_PASS and XDP_TX will create the SKB via build_skb (based on the newly allocated page). Now using XDP frame_sz this will provide more skb_tailroom, which netstack can use for SKB coalescing (e.g tcp_try_coalesce -> skb_try_coalesce). V3: Adjust patch desc to be more positive. Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Cc: Wei Liu Cc: ""K. Y. Srinivasan"" Cc: Haiyang Zhang Cc: Stephen Hemminger Link: https://lore.kernel.org/bpf/158945339857.97035.10212138582505736163.stgit@firesoul","drivers/net/hyperv/netvsc_bpf.c | 1 +; drivers/net/hyperv/netvsc_drv.c | 2 +-; 2 files changed, 2 insertions(+), 1 deletion(-)","The commit adds support for XDP frame size to the hv_netvsc driver to optimize SKB coalescing in Azure VMs.","XDP,frame,netvsc","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"4a9b052a590d6217237502efde7d598156966080","4a9b052a590d6217237502efde7d598156966080","Jesper Dangaard Brouer","brouer@redhat.com","1589453393","Alexei Starovoitov","ast@kernel.org","1589516514","2757eabca952f799f81ff7c729e470089d82fa55","45a9e6d8a687e6a0ea6c2f78f15955ae96be4720","dpaa2-eth: Add XDP frame size The dpaa2-eth driver reserve some headroom used for hardware and software annotation area in RX/TX buffers. Thus, xdp.data_hard_start doesn't start at page boundary. When XDP is configured the area reserved via dpaa2_fd_get_offset(fd) is 448 bytes of which XDP have reserved 256 bytes. As frame_sz is calculated as an offset from xdp_buff.data_hard_start, an adjust from the full PAGE_SIZE == DPAA2_ETH_RX_BUF_RAW_SIZE. When doing XDP_REDIRECT, the driver doesn't need this reserved headroom any-longer and allows xdp_do_redirect() to use it. This is an advantage for the drivers own ndo-xdp_xmit, as it uses part of this headroom for itself. Patch also adjust frame_sz in this case. The driver cannot support XDP data_meta, because it uses the headroom just before xdp.data for struct dpaa2_eth_swa (DPAA2_ETH_SWA_SIZE=64), when transmitting the packet. When transmitting a xdp_frame in dpaa2_eth_xdp_xmit_frame (call via ndo_xdp_xmit) is uses this area to store a pointer to xdp_frame and dma_size, which is used in TX completion (free_tx_fd) to return frame via xdp_return_frame(). Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Cc: Ioana Radulescu Link: https://lore.kernel.org/bpf/158945339348.97035.8562488847066908856.stgit@firesoul","drivers/net/ethernet/freescale/dpaa2/dpaa2-eth.c | 7 +++++++; 1 file changed, 7 insertions(+)","The commit adds XDP frame size management to the dpaa2-eth driver in the Linux kernel.","XDP, dpaa2-eth, frame","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here."", ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"45a9e6d8a687e6a0ea6c2f78f15955ae96be4720","45a9e6d8a687e6a0ea6c2f78f15955ae96be4720","Jesper Dangaard Brouer","brouer@redhat.com","1589453388","Alexei Starovoitov","ast@kernel.org","1589516514","38f75f66fdcbb8de6e0605cc447ee31dc589787a","5c8572251fabc5bb49fd623c064e95a9daf6a3e3","veth: Xdp using frame_sz in veth driver The veth driver can run XDP in ""native"" mode in it's own NAPI handler, and since commit 9fc8d518d9d5 (""veth: Handle xdp_frames in xdp napi ring"") packets can come in two forms either xdp_frame or skb, calling respectively veth_xdp_rcv_one() or veth_xdp_rcv_skb(). For packets to arrive in xdp_frame format, they will have been redirected from an XDP native driver. In case of XDP_PASS or no XDP-prog attached, the veth driver will allocate and create an SKB. The current code in veth_xdp_rcv_one() xdp_frame case, had to guess the frame truesize of the incoming xdp_frame, when using veth_build_skb(). With xdp_frame->frame_sz this is not longer necessary. Calculating the frame_sz in veth_xdp_rcv_skb() skb case, is done similar to the XDP-generic handling code in net/core/dev.c. Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Reviewed-by: Lorenzo Bianconi Acked-by: Toke Høiland-Jørgensen Acked-by: Toshiaki Makita Link: https://lore.kernel.org/bpf/158945338840.97035.935897116345700902.stgit@firesoul","drivers/net/veth.c | 22 +++++++++++++---------; 1 file changed, 13 insertions(+), 9 deletions(-)","The commit refines the veth driver's XDP functionality by utilizing frame_sz for accurate truesize calculation of xdp_frames.","veth,XDP,frame_sz","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"5c8572251fabc5bb49fd623c064e95a9daf6a3e3","5c8572251fabc5bb49fd623c064e95a9daf6a3e3","Jesper Dangaard Brouer","brouer@redhat.com","1589453383","Alexei Starovoitov","ast@kernel.org","1589516514","af0d8d251053e850131e18b69960540f1188be58","db612f749e2454c506f20155bba2871f0307d133","veth: Adjust hard_start offset on redirect XDP frames When native XDP redirect into a veth device, the frame arrives in the xdp_frame structure. It is then processed in veth_xdp_rcv_one(), which can run a new XDP bpf_prog on the packet. Doing so requires converting xdp_frame to xdp_buff, but the tricky part is that xdp_frame memory area is located in the top (data_hard_start) memory area that xdp_buff will point into. The current code tried to protect the xdp_frame area, by assigning xdp_buff.data_hard_start past this memory. This results in 32 bytes less headroom to expand into via BPF-helper bpf_xdp_adjust_head(). This protect step is actually not needed, because BPF-helper bpf_xdp_adjust_head() already reserve this area, and don't allow BPF-prog to expand into it. Thus, it is safe to point data_hard_start directly at xdp_frame memory area. Fixes: 9fc8d518d9d5 (""veth: Handle xdp_frames in xdp napi ring"") Reported-by: Mao Wenan Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Acked-by: Toshiaki Makita Acked-by: Toke Høiland-Jørgensen Link: https://lore.kernel.org/bpf/158945338331.97035.5923525383710752178.stgit@firesoul","drivers/net/veth.c | 8 ++++----; 1 file changed, 4 insertions(+), 4 deletions(-)","The commit refines memory management for XDP frame handling in veth devices to ensure sufficient headroom.","XDP,veth,headroom","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"db612f749e2454c506f20155bba2871f0307d133","db612f749e2454c506f20155bba2871f0307d133","Jesper Dangaard Brouer","brouer@redhat.com","1589453378","Alexei Starovoitov","ast@kernel.org","1589516514","6c06de2552a875163ec1c586cc03cd2c104c0c67","34cc0b338a61de3eee3a2bfcaf4f9d6e9fae091a","xdp: Cpumap redirect use frame_sz and increase skb_tailroom Knowing the memory size backing the packet/xdp_frame data area, and knowing it already have reserved room for skb_shared_info, simplifies using build_skb significantly. With this change we no-longer lie about the SKB truesize, but more importantly a significant larger skb_tailroom is now provided, e.g. when drivers uses a full PAGE_SIZE. This extra tailroom (in linear area) can be used by the network stack when coalescing SKBs (e.g. in skb_try_coalesce, see TCP cases where tcp_queue_rcv() can 'eat' skb). Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Acked-by: Toke Høiland-Jørgensen Link: https://lore.kernel.org/bpf/158945337822.97035.13557959180460986059.stgit@firesoul","kernel/bpf/cpumap.c | 21 +++------------------; 1 file changed, 3 insertions(+), 18 deletions(-)","This commit optimizes the XDP cpumap redirection by utilizing frame size and increasing skb_tailroom for enhanced SKB coalescing capabilities.","xdp, cpumap, skb_tailroom","A performance optimization. It improves the performance of existing code such as reducing latency or improving throughput.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"34cc0b338a61de3eee3a2bfcaf4f9d6e9fae091a","34cc0b338a61de3eee3a2bfcaf4f9d6e9fae091a","Jesper Dangaard Brouer","brouer@redhat.com","1589453373","Alexei Starovoitov","ast@kernel.org","1589516514","fb51ed98a7080db136df2260b9de579b645482ef","a075767bbdc659066b89be282c8377fa880e9dc4","xdp: Xdp_frame add member frame_sz and handle in convert_to_xdp_frame Use hole in struct xdp_frame, when adding member frame_sz, which keeps same sizeof struct (32 bytes) Drivers ixgbe and sfc had bug cases where the necessary/expected tailroom was not reserved. This can lead to some hard to catch memory corruption issues. Having the drivers frame_sz this can be detected when packet length/end via xdp->data_end exceed the xdp_data_hard_end pointer, which accounts for the reserved the tailroom. When detecting this driver issue, simply fail the conversion with NULL, which results in feedback to driver (failing xdp_do_redirect()) causing driver to drop packet. Given the lack of consistent XDP stats, this can be hard to troubleshoot. And given this is a driver bug, we want to generate some more noise in form of a WARN stack dump (to ID the driver code that inlined convert_to_xdp_frame). Inlining the WARN macro is problematic, because it adds an asm instruction (on Intel CPUs ud2) what influence instruction cache prefetching. Thus, introduce xdp_warn and macro XDP_WARN, to avoid this and at the same time make identifying the function and line of this inlined function easier. Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Acked-by: Toke Høiland-Jørgensen Link: https://lore.kernel.org/bpf/158945337313.97035.10015729316710496600.stgit@firesoul","include/net/xdp.h | 14 +++++++++++++-; net/core/xdp.c | 8 ++++++++; 2 files changed, 21 insertions(+), 1 deletion(-)","Enhance xdp_frame by adding frame_sz to handle driver bugs in convert_to_xdp_frame and report errors more effectively.","xdp_frame, frame_sz, debugging","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"a075767bbdc659066b89be282c8377fa880e9dc4","a075767bbdc659066b89be282c8377fa880e9dc4","Jesper Dangaard Brouer","brouer@redhat.com","1589453368","Alexei Starovoitov","ast@kernel.org","1589516514","9b7b752af8904ab5f8e2c67591cca1e7f571bc70","495de55f70199bd7ea09079c484283e58bf75c82","net: XDP-generic determining XDP frame size The SKB ""head"" pointer points to the data area that contains skb_shared_info, that can be found via skb_end_pointer(). Given xdp->data_hard_start have been established (basically pointing to skb->head), frame size is between skb_end_pointer() and data_hard_start, plus the size reserved to skb_shared_info. Change the bpf_xdp_adjust_tail offset adjust of skb->len, to be a positive offset number on grow, and negative number on shrink. As this seems more natural when reading the code. Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Acked-by: Toke Høiland-Jørgensen Link: https://lore.kernel.org/bpf/158945336804.97035.7164852191163722056.stgit@firesoul","net/core/dev.c | 14 ++++++++------; 1 file changed, 8 insertions(+), 6 deletions(-)","The commit refines XDP frame size adjustment by changing skb length handling in the XDP-generic implementation for better code readability.","XDP,frame,skb","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"495de55f70199bd7ea09079c484283e58bf75c82","495de55f70199bd7ea09079c484283e58bf75c82","Ilias Apalodimas","ilias.apalodimas@linaro.org","1589453363","Alexei Starovoitov","ast@kernel.org","1589516514","1c40cb3ed216c824fb274bcf303c7c992148928a","494f44d54e25dd79af0ed6734c2d6be0aa0b6d94","net: netsec: Add support for XDP frame size This driver takes advantage of page_pool PP_FLAG_DMA_SYNC_DEV that can help reduce the number of cache-lines that need to be flushed when doing DMA sync for_device. Due to xdp_adjust_tail can grow the area accessible to the by the CPU (can possibly write into), then max sync length *after* bpf_prog_run_xdp() needs to be taken into account. For XDP_TX action the driver is smart and does DMA-sync. When growing tail this is still safe, because page_pool have DMA-mapped the entire page size. Signed-off-by: Ilias Apalodimas Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Acked-by: Lorenzo Bianconi Link: https://lore.kernel.org/bpf/158945336295.97035.15034759661036971024.stgit@firesoul","drivers/net/ethernet/socionext/netsec.c | 30 ++++++++++++++++++------------; 1 file changed, 18 insertions(+), 12 deletions(-)","Add support for XDP frame size adjustments in netsec driver to optimize DMA synchronization.","XDP,netsec,DMA","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', ""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"494f44d54e25dd79af0ed6734c2d6be0aa0b6d94","494f44d54e25dd79af0ed6734c2d6be0aa0b6d94","Jesper Dangaard Brouer","brouer@redhat.com","1589453357","Alexei Starovoitov","ast@kernel.org","1589516514","1af0fc96fdf441274a429dd15c4576444a71a06b","983e43451830742fa93f83656ccbdcb865ea4259","mvneta: Add XDP frame size to driver This marvell driver mvneta uses PAGE_SIZE frames, which makes it really easy to convert. Driver updates rxq and now frame_sz once per NAPI call. This driver takes advantage of page_pool PP_FLAG_DMA_SYNC_DEV that can help reduce the number of cache-lines that need to be flushed when doing DMA sync for_device. Due to xdp_adjust_tail can grow the area accessible to the by the CPU (can possibly write into), then max sync length *after* bpf_prog_run_xdp() needs to be taken into account. For XDP_TX action the driver is smart and does DMA-sync. When growing tail this is still safe, because page_pool have DMA-mapped the entire page size. Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Acked-by: Lorenzo Bianconi Cc: thomas.petazzoni@bootlin.com Link: https://lore.kernel.org/bpf/158945335786.97035.12714388304493736747.stgit@firesoul","drivers/net/ethernet/marvell/mvneta.c | 25 +++++++++++++++----------; 1 file changed, 15 insertions(+), 10 deletions(-)","The commit updates the Marvell mvneta driver to support XDP frame size and optimize DMA sync for device efficiency.","XDP,DMA-sync,mvneta","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"983e43451830742fa93f83656ccbdcb865ea4259","983e43451830742fa93f83656ccbdcb865ea4259","Jesper Dangaard Brouer","brouer@redhat.com","1589453352","Alexei Starovoitov","ast@kernel.org","1589516514","f0e236cfb7c075e68f9ac05fe16f93811338ed5e","63fe91ab3d1c5c0b4497b993b8eeaa54f6688d53","sfc: Add XDP frame size This driver uses RX page-split when possible. It was recently fixed in commit 86e85bf6981c (""sfc: fix XDP-redirect in this driver"") to add needed tailroom for XDP-redirect. After the fix efx->rx_page_buf_step is the frame size, with enough head and tail-room for XDP-redirect. Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/158945335278.97035.14611425333184621652.stgit@firesoul","drivers/net/ethernet/sfc/rx.c | 1 +; 1 file changed, 1 insertion(+)","Add XDP frame size support in the sfc driver to ensure adequate head and tail-room for XDP-redirect.","XDP,frame,driver","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"63fe91ab3d1c5c0b4497b993b8eeaa54f6688d53","63fe91ab3d1c5c0b4497b993b8eeaa54f6688d53","Jesper Dangaard Brouer","brouer@redhat.com","1589453347","Alexei Starovoitov","ast@kernel.org","1589516514","5c83a01696e65ccabcc69d6705ab08c0cae10c4d","f95f0f95cfb7f180ed7571d4915432d5098df7ec","bnxt: Add XDP frame size to driver This driver uses full PAGE_SIZE pages when XDP is enabled. In case of XDP uses driver uses __bnxt_alloc_rx_page which does full page DMA-map. Thus, xdp_adjust_tail grow is DMA compliant for XDP_TX action that does DMA-sync. Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Reviewed-by: Andy Gospodarek Cc: Michael Chan Cc: Andy Gospodarek Link: https://lore.kernel.org/bpf/158945334769.97035.13437970179897613984.stgit@firesoul","drivers/net/ethernet/broadcom/bnxt/bnxt_xdp.c | 1 +; 1 file changed, 1 insertion(+)","The commit adds XDP frame size handling to the bnxt driver to improve DMA compliance for XDP_TX actions.","XDP, bnxt, DMA","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"f95f0f95cfb7f180ed7571d4915432d5098df7ec","f95f0f95cfb7f180ed7571d4915432d5098df7ec","Jesper Dangaard Brouer","brouer@redhat.com","1589453342","Alexei Starovoitov","ast@kernel.org","1589516514","4d2360c5f6375836ac272346e1a31de48aa55ddd","d00f26b623333f2419f4c3b95ff11c8b1bb96f56","xdp: Add frame size to xdp_buff XDP have evolved to support several frame sizes, but xdp_buff was not updated with this information. The frame size (frame_sz) member of xdp_buff is introduced to know the real size of the memory the frame is delivered in. When introducing this also make it clear that some tailroom is reserved/required when creating SKBs using build_skb(). It would also have been an option to introduce a pointer to data_hard_end (with reserved offset). The advantage with frame_sz is that (like rxq) drivers only need to setup/assign this value once per NAPI cycle. Due to XDP-generic (and some drivers) it's not possible to store frame_sz inside xdp_rxq_info, because it's varies per packet as it can be based/depend on packet length. V2: nitpick: deduct -> deduce Signed-off-by: Jesper Dangaard Brouer Signed-off-by: Alexei Starovoitov Acked-by: Toke Høiland-Jørgensen Link: https://lore.kernel.org/bpf/158945334261.97035.555255657490688547.stgit@firesoul","include/net/xdp.h | 13 +++++++++++++; 1 file changed, 13 insertions(+)","This commit adds a frame size property to the xdp_buff structure for enhanced XDP frame memory management.","xdp frame xdp_buff","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"d00f26b623333f2419f4c3b95ff11c8b1bb96f56","d00f26b623333f2419f4c3b95ff11c8b1bb96f56","David S. Miller","davem@davemloft.net","1589513481","David S. Miller","davem@davemloft.net","1589513481","fa1ae8e845b1b788168ecbba8bcec77633f4f683","9b65d2ffe853e4cf81585eaf60ce00237b277dc0 b92d44b5c2efe70dbe7fc44fdd2ad46f8612418a","Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next Alexei Starovoitov says: ==================== pull-request: bpf-next 2020-05-14 The following pull-request contains BPF updates for your *net-next* tree. The main changes are: 1) Merged tag 'perf-for-bpf-2020-05-06' from tip tree that includes CAP_PERFMON. 2) support for narrow loads in bpf_sock_addr progs and additional helpers in cg-skb progs, from Andrey. 3) bpf benchmark runner, from Andrii. 4) arm and riscv JIT optimizations, from Luke. 5) bpf iterator infrastructure, from Yonghong. ==================== Signed-off-by: David S. Miller ","","This commit merges updates from the bpf-next tree, including optimizations, new helper functions, and iterator infrastructure.","merge,optimizations,iterator","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"b92d44b5c2efe70dbe7fc44fdd2ad46f8612418a","b92d44b5c2efe70dbe7fc44fdd2ad46f8612418a","Alexei Starovoitov","ast@kernel.org","1589506868","Alexei Starovoitov","ast@kernel.org","1589506922","2aedd112ac4556c8f07b2c00bec1b8d657bbbc4a","5b0004d92b4511c39db0df23aa84395722f1d706 68e916bc8d3211ffe0b4c418184ab1b57398200c","Merge branch 'expand-cg_skb-helpers' Andrey Ignatov says: ==================== v2->v3: - better documentation for bpf_sk_cgroup_id in uapi (Yonghong Song) - save/restore errno in network helpers (Yonghong Song) - cleanup leftover after switching selftest to skeleton (Yonghong Song) - switch from map to skel->bss in selftest (Yonghong Song) v1->v2: - switch selftests to skeleton. This patch set allows a bunch of existing sk lookup and skb cgroup id helpers, and adds two new bpf_sk_{,ancestor_}cgroup_id helpers to be used in cgroup skb programs. It fills the gap to cover a use-case to apply intra-host cgroup-bpf network policy based on a source cgroup a packet comes from. For example, there can be multiple containers A, B, C running on a host. Every such container runs in its own cgroup that can have multiple sub-cgroups. But all these containers can share some IP addresses. At the same time container A wants to have a policy for a server S running in it so that only clients from this same container can connect to S, but not from other containers (such as B, C). Source IP address can't be used to decide whether to allow or deny a packet, but it looks reasonable to filter by cgroup id. The patch set allows to implement the following policy: * when an ingress packet comes to container's cgroup, lookup peer (client) socket this packet comes from; * having peer socket, get its cgroup id; * compare peer cgroup id with self cgroup id and allow packet only if they match, i.e. it comes from same cgroup; * the ""sub-cgroup"" part of the story can be addressed by getting not direct cgroup id of the peer socket, but ancestor cgroup id on specified level, similar to existing ""ancestor"" flavors of cgroup id helpers. A newly introduced selftest implements such a policy in its basic form to provide a better idea on the use-case. Patch 1 allows existing sk lookup helpers in cgroup skb. Patch 2 allows skb_ancestor_cgroup_id in cgrou skb. Patch 3 introduces two new helpers to get cgroup id of socket. Patch 4 extends network helpers to use them in the next patch. Patch 5 adds selftest / example of use-case. ==================== Signed-off-by: Alexei Starovoitov ","","This commit merges enhancements for cgroup skb programs, including new bpf_sk_{,ancestor_}cgroup_id helpers for network policy in intra-host containers.","cgroup,helpers,socket","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"68e916bc8d3211ffe0b4c418184ab1b57398200c","68e916bc8d3211ffe0b4c418184ab1b57398200c","Andrey Ignatov","rdna@fb.com","1589486629","Alexei Starovoitov","ast@kernel.org","1589506868","2aedd112ac4556c8f07b2c00bec1b8d657bbbc4a","383724e17ab02d8e440def7792c4e151b13ef4d4","selftests/bpf: Test for sk helpers in cgroup skb Test bpf_sk_lookup_tcp, bpf_sk_release, bpf_sk_cgroup_id and bpf_sk_ancestor_cgroup_id helpers from cgroup skb program. The test creates a testing cgroup, starts a TCPv6 server inside the cgroup and creates two client sockets: one inside testing cgroup and one outside. Then it attaches cgroup skb program to the cgroup that checks all TCP segments coming to the server and allows only those coming from the cgroup of the server. If a segment comes from a peer outside of the cgroup, it'll be dropped. Finally the test checks that client from inside testing cgroup can successfully connect to the server, but client outside the cgroup fails to connect by timeout. The main goal of the test is to check newly introduced bpf_sk_{,ancestor_}cgroup_id helpers. It also checks a couple of socket lookup helpers (tcp & release), but lookup helpers were introduced much earlier and covered by other tests. Here it's mostly checked that they can be called from cgroup skb. Signed-off-by: Andrey Ignatov Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/171f4c5d75e8ff4fe1c4e8c1c12288b5240a4549.1589486450.git.rdna@fb.com",".../bpf/prog_tests/cgroup_skb_sk_lookup.c | 95 +++++++++++++++++++++; .../bpf/progs/cgroup_skb_sk_lookup_kern.c | 97 ++++++++++++++++++++++; 2 files changed, 192 insertions(+)","The commit adds a test for new sk helpers within cgroup skb programs, verifying TCPv6 connectivity based on cgroup constraints.","sk helpers,cgroup,skb","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"383724e17ab02d8e440def7792c4e151b13ef4d4","383724e17ab02d8e440def7792c4e151b13ef4d4","Andrey Ignatov","rdna@fb.com","1589486628","Alexei Starovoitov","ast@kernel.org","1589506868","10dec16b5626e4108805d9ae34a56e5f0f5c1aef","f307fa2cb4c935f7f1ff0aeb880c7b44fb9a642b","selftests/bpf: Add connect_fd_to_fd, connect_wait net helpers Add two new network helpers. connect_fd_to_fd connects an already created client socket fd to address of server fd. Sometimes it's useful to separate client socket creation and connecting this socket to a server, e.g. if client socket has to be created in a cgroup different from that of server cgroup. Additionally connect_to_fd is now implemented using connect_fd_to_fd, both helpers don't treat EINPROGRESS as an error and let caller decide how to proceed with it. connect_wait is a helper to work with non-blocking client sockets so that if connect_to_fd or connect_fd_to_fd returned -1 with errno == EINPROGRESS, caller can wait for connect to finish or for connection timeout. The helper returns -1 on error, 0 on timeout (1sec, hard-coded), and positive number on success. Signed-off-by: Andrey Ignatov Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/1403fab72300f379ca97ead4820ae43eac4414ef.1589486450.git.rdna@fb.com","tools/testing/selftests/bpf/network_helpers.c | 74 ++++++++++++++++++++++-----; tools/testing/selftests/bpf/network_helpers.h | 2 +; 2 files changed, 63 insertions(+), 13 deletions(-)","Added new network helpers to assist with socket connections and handling non-blocking scenarios in tests.","network,helpers,non-blocking","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"f307fa2cb4c935f7f1ff0aeb880c7b44fb9a642b","f307fa2cb4c935f7f1ff0aeb880c7b44fb9a642b","Andrey Ignatov","rdna@fb.com","1589486627","Alexei Starovoitov","ast@kernel.org","1589506867","dce575da97bf84e2fc907274202d228f8aa1a6c6","06d3e4c9f11afc849dc201ecf9ef7a43eeb1dddd","bpf: Introduce bpf_sk_{, ancestor_}cgroup_id helpers With having ability to lookup sockets in cgroup skb programs it becomes useful to access cgroup id of retrieved sockets so that policies can be implemented based on origin cgroup of such socket. For example, a container running in a cgroup can have cgroup skb ingress program that can lookup peer socket that is sending packets to a process inside the container and decide whether those packets should be allowed or denied based on cgroup id of the peer. More specifically such ingress program can implement intra-host policy ""allow incoming packets only from this same container and not from any other container on same host"" w/o relying on source IP addresses since quite often it can be the case that containers share same IP address on the host. Introduce two new helpers for this use-case: bpf_sk_cgroup_id() and bpf_sk_ancestor_cgroup_id(). These helpers are similar to existing bpf_skb_{,ancestor_}cgroup_id helpers with the only difference that sk is used to get cgroup id instead of skb, and share code with them. See documentation in UAPI for more details. Signed-off-by: Andrey Ignatov Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/f5884981249ce911f63e9b57ecd5d7d19154ff39.1589486450.git.rdna@fb.com","include/uapi/linux/bpf.h | 36 ++++++++++++++++++++++++-; net/core/filter.c | 60 +++++++++++++++++++++++++++++++++++-------; tools/include/uapi/linux/bpf.h | 36 ++++++++++++++++++++++++-; 3 files changed, 121 insertions(+), 11 deletions(-)","Introduce helpers to access cgroup IDs from sockets for implementing container-specific policies in eBPF programs.","helpers,cgroup,sockets","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"06d3e4c9f11afc849dc201ecf9ef7a43eeb1dddd","06d3e4c9f11afc849dc201ecf9ef7a43eeb1dddd","Andrey Ignatov","rdna@fb.com","1589486626","Alexei Starovoitov","ast@kernel.org","1589506867","b5deca627ef2679e3715b57c3ba611c2f15bc16e","d56c2f95adb3d401bf982b6cf8fc4bb6d2f7acdd","bpf: Allow skb_ancestor_cgroup_id helper in cgroup skb cgroup skb programs already can use bpf_skb_cgroup_id. Allow bpf_skb_ancestor_cgroup_id as well so that container policies can be implemented for a container that can have sub-cgroups dynamically created, but policies should still be implemented based on cgroup id of container itself not on an id of a sub-cgroup. Signed-off-by: Andrey Ignatov Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/8874194d6041eba190356453ea9f6071edf5f658.1589486450.git.rdna@fb.com","net/core/filter.c | 2 ++; 1 file changed, 2 insertions(+)","The commit enables the use of bpf_skb_ancestor_cgroup_id in cgroup skb programs for container policy implementation.","skb ancestor cgroup","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"d56c2f95adb3d401bf982b6cf8fc4bb6d2f7acdd","d56c2f95adb3d401bf982b6cf8fc4bb6d2f7acdd","Andrey Ignatov","rdna@fb.com","1589486625","Alexei Starovoitov","ast@kernel.org","1589506867","8b46a965e49905f1bc932fb85ff3df8b53946ab5","5b0004d92b4511c39db0df23aa84395722f1d706","bpf: Allow sk lookup helpers in cgroup skb Currently sk lookup helpers are allowed in tc, xdp, sk skb, and cgroup sock_addr programs. But they would be useful in cgroup skb as well so that for example cgroup skb ingress program can lookup a peer socket a packet comes from on same host and make a decision whether to allow or deny this packet based on the properties of that socket, e.g. cgroup that peer socket belongs to. Allow the following sk lookup helpers in cgroup skb: * bpf_sk_lookup_tcp; * bpf_sk_lookup_udp; * bpf_sk_release; * bpf_skc_lookup_tcp. Signed-off-by: Andrey Ignatov Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/f8c7ee280f1582b586629436d777b6db00597d63.1589486450.git.rdna@fb.com","net/core/filter.c | 8 ++++++++; 1 file changed, 8 insertions(+)","This commit enables sk lookup helpers in cgroup skb programs for socket-based decision-making regarding packet handling.","sk lookup, cgroup, helpers","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"5b0004d92b4511c39db0df23aa84395722f1d706","5b0004d92b4511c39db0df23aa84395722f1d706","Colin Ian King","colin.king@canonical.com","1589458529","Alexei Starovoitov","ast@kernel.org","1589506746","1f58686adc6819a0b8bc18e6a08773330f6b3ac8","c70f34a8ac66c2cb05593ef5760142e5f862a9b4","selftest/bpf: Fix spelling mistake ""SIGALARM"" -> ""SIGALRM"" There is a spelling mistake in an error message, fix it. Signed-off-by: Colin Ian King Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200514121529.259668-1-colin.king@canonical.com","tools/testing/selftests/bpf/bench.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","This commit corrects a spelling error in an error message within eBPF selftests.","spelling,error,selftest","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"c70f34a8ac66c2cb05593ef5760142e5f862a9b4","c70f34a8ac66c2cb05593ef5760142e5f862a9b4","Andrii Nakryiko","andriin@fb.com","1589435497","Alexei Starovoitov","ast@kernel.org","1589506652","8c0045ceb528c231cc94e10534e305f9d196cc3c","0645f7eb6f6af78aba2bdd37ae776bd8754bc8f0","bpf: Fix bpf_iter's task iterator logic task_seq_get_next might stop prematurely if get_pid_task() fails to get task_struct. Failure to do so doesn't mean that there are no more tasks with higher pids. Procfs's iteration algorithm (see next_tgid in fs/proc/base.c) does a retry in such case. After this fix, instead of stopping prematurely after about 300 tasks on my server, bpf_iter program now returns >4000, which sounds much closer to reality. Fixes: eaaacd23910f (""bpf: Add task and task/file iterator targets"") Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200514055137.1564581-1-andriin@fb.com","kernel/bpf/task_iter.c | 8 +++++++-; 1 file changed, 7 insertions(+), 1 deletion(-)","The commit fixes the bpf_iter task iterator logic to address premature iteration stoppage over task_struct tasks.","bpf_iter,task,iterator","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"0645f7eb6f6af78aba2bdd37ae776bd8754bc8f0","0645f7eb6f6af78aba2bdd37ae776bd8754bc8f0","Andrey Ignatov","rdna@fb.com","1589421028","Alexei Starovoitov","ast@kernel.org","1589506257","3d8086669504dd31f102268bbe0d639812e893d6","7aebfa1b3885b5aa29fcb4a596d0485ac463bbe8","selftests/bpf: Test narrow loads for bpf_sock_addr.user_port Test 1,2,4-byte loads from bpf_sock_addr.user_port in sock_addr programs. Signed-off-by: Andrey Ignatov Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/e5c734a58cca4041ab30cb5471e644246f8cdb5a.1589420814.git.rdna@fb.com","tools/testing/selftests/bpf/test_sock_addr.c | 38 ++++++++++++++++++++--------; 1 file changed, 28 insertions(+), 10 deletions(-)","The commit adds tests for narrow loads from bpf_sock_addr.user_port in sock_addr programs.","selftests,bpf_sock_addr,user_port","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"7aebfa1b3885b5aa29fcb4a596d0485ac463bbe8","7aebfa1b3885b5aa29fcb4a596d0485ac463bbe8","Andrey Ignatov","rdna@fb.com","1589421027","Alexei Starovoitov","ast@kernel.org","1589506257","63b1598db717838cec551892a04b6245c316539e","6a09815428547657f3ffd2f5c31ac2a191e7fdf3","bpf: Support narrow loads from bpf_sock_addr.user_port bpf_sock_addr.user_port supports only 4-byte load and it leads to ugly code in BPF programs, like: volatile __u32 user_port = ctx->user_port; __u16 port = bpf_ntohs(user_port); Since otherwise clang may optimize the load to be 2-byte and it's rejected by verifier. Add support for 1- and 2-byte loads same way as it's supported for other fields in bpf_sock_addr like user_ip4, msg_src_ip4, etc. Signed-off-by: Andrey Ignatov Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/c1e983f4c17573032601d0b2b1f9d1274f24bc16.1589420814.git.rdna@fb.com","include/uapi/linux/bpf.h | 2 +-; net/core/filter.c | 15 +++++++--------; tools/include/uapi/linux/bpf.h | 2 +-; 3 files changed, 9 insertions(+), 10 deletions(-)","Support added for 1- and 2-byte loads from bpf_sock_addr.user_port to enhance code structure and functionality in BPF programs.","narrow loads,user_port,bpf","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"6a09815428547657f3ffd2f5c31ac2a191e7fdf3","6a09815428547657f3ffd2f5c31ac2a191e7fdf3","Lorenzo Bianconi","lorenzo@kernel.org","1589301040","Alexei Starovoitov","ast@kernel.org","1589506020","6c0440b39af3f58237445d117e75369a71a69e78","8f4605ac3e64cbb929df1fa09d5c6cdf3f195e7b","samples/bpf: xdp_redirect_cpu: Set MAX_CPUS according to NR_CPUS xdp_redirect_cpu is currently failing in bpf_prog_load_xattr() allocating cpu_map map if CONFIG_NR_CPUS is less than 64 since cpu_map_alloc() requires max_entries to be less than NR_CPUS. Set cpu_map max_entries according to NR_CPUS in xdp_redirect_cpu_kern.c and get currently running cpus in xdp_redirect_cpu_user.c Signed-off-by: Lorenzo Bianconi Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/374472755001c260158c4e4b22f193bdd3c56fb7.1589300442.git.lorenzo@kernel.org","samples/bpf/xdp_redirect_cpu_kern.c | 2 +-; samples/bpf/xdp_redirect_cpu_user.c | 29 ++++++++++++++++-------------; 2 files changed, 17 insertions(+), 14 deletions(-)","Update xdp_redirect_cpu to set MAX_CPUS based on NR_CPUS for correct cpu_map allocation.","xdp_redirect_cpu,MAX_CPUS,NR_CPUS","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"6d74f64b922b8394dccc52576659cb0dc0a1da7b","6d74f64b922b8394dccc52576659cb0dc0a1da7b","Yonghong Song","yhs@fb.com","1589434327","Alexei Starovoitov","ast@kernel.org","1589486033","b5ce79a9ae71c9711784c00b70b3d5aa85fcc2b6","e92888c72fbdc6f9d07b3b0604c012e81d7c0da7","selftests/bpf: Enforce returning 0 for fentry/fexit programs There are a few fentry/fexit programs returning non-0. The tests with these programs will break with the previous patch which enfoced return-0 rules. Fix them properly. Fixes: ac065870d928 (""selftests/bpf: Add BPF_PROG, BPF_KPROBE, and BPF_KRETPROBE macros"") Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200514053207.1298479-1-yhs@fb.com","tools/testing/selftests/bpf/progs/test_overhead.c | 4 ++--; 1 file changed, 2 insertions(+), 2 deletions(-)","Fixed fentry/fexit programs to always return 0, aligning with new enforcement rules.","fentry,fexit,return","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"e92888c72fbdc6f9d07b3b0604c012e81d7c0da7","e92888c72fbdc6f9d07b3b0604c012e81d7c0da7","Yonghong Song","yhs@fb.com","1589434325","Alexei Starovoitov","ast@kernel.org","1589485810","b2ad05c336d5bb8cf8cbbc5081f8848338516263","625236ba3832ae947cb3ebb7acc1f30788b274ef","bpf: Enforce returning 0 for fentry/fexit progs Currently, tracing/fentry and tracing/fexit prog return values are not enforced. In trampoline codes, the fentry/fexit prog return values are ignored. Let us enforce it to be 0 to avoid confusion and allows potential future extension. This patch also explicitly added return value checking for tracing/raw_tp, tracing/fmod_ret, and freplace programs such that these program return values can be anything. The purpose are two folds: 1. to make it explicit about return value expectations for these programs in verifier. 2. for tracing prog_type, if a future attach type is added, the default is -ENOTSUPP which will enforce to specify return value ranges explicitly. Fixes: fec56f5890d9 (""bpf: Introduce BPF trampoline"") Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200514053206.1298415-1-yhs@fb.com","kernel/bpf/verifier.c | 17 +++++++++++++++++; 1 file changed, 17 insertions(+)","The commit enforces fentry and fexit programs to return 0 and clarifies return values for tracing programs.","enforce,return,tracing","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.']" +"625236ba3832ae947cb3ebb7acc1f30788b274ef","625236ba3832ae947cb3ebb7acc1f30788b274ef","Anders Roxell","anders.roxell@linaro.org","1589305567","Alexei Starovoitov","ast@kernel.org","1589485594","92fddc6d618c70560b7c95830649d25c3d4edf49","516d8d497c017a6820019c76acbb7912a24ec57b","security: Fix the default value of secid_to_secctx hook security_secid_to_secctx is called by the bpf_lsm hook and a successful return value (i.e 0) implies that the parameter will be consumed by the LSM framework. The current behaviour return success when the pointer isn't initialized when CONFIG_BPF_LSM is enabled, with the default return from kernel/bpf/bpf_lsm.c. This is the internal error: [ 1229.341488][ T2659] usercopy: Kernel memory exposure attempt detected from null address (offset 0, size 280)! [ 1229.374977][ T2659] ------------[ cut here ]------------ [ 1229.376813][ T2659] kernel BUG at mm/usercopy.c:99! [ 1229.378398][ T2659] Internal error: Oops - BUG: 0 [#1] PREEMPT SMP [ 1229.380348][ T2659] Modules linked in: [ 1229.381654][ T2659] CPU: 0 PID: 2659 Comm: systemd-journal Tainted: G B W 5.7.0-rc5-next-20200511-00019-g864e0c6319b8-dirty #13 [ 1229.385429][ T2659] Hardware name: linux,dummy-virt (DT) [ 1229.387143][ T2659] pstate: 80400005 (Nzcv daif +PAN -UAO BTYPE=--) [ 1229.389165][ T2659] pc : usercopy_abort+0xc8/0xcc [ 1229.390705][ T2659] lr : usercopy_abort+0xc8/0xcc [ 1229.392225][ T2659] sp : ffff000064247450 [ 1229.393533][ T2659] x29: ffff000064247460 x28: 0000000000000000 [ 1229.395449][ T2659] x27: 0000000000000118 x26: 0000000000000000 [ 1229.397384][ T2659] x25: ffffa000127049e0 x24: ffffa000127049e0 [ 1229.399306][ T2659] x23: ffffa000127048e0 x22: ffffa000127048a0 [ 1229.401241][ T2659] x21: ffffa00012704b80 x20: ffffa000127049e0 [ 1229.403163][ T2659] x19: ffffa00012704820 x18: 0000000000000000 [ 1229.405094][ T2659] x17: 0000000000000000 x16: 0000000000000000 [ 1229.407008][ T2659] x15: 0000000000000000 x14: 003d090000000000 [ 1229.408942][ T2659] x13: ffff80000d5b25b2 x12: 1fffe0000d5b25b1 [ 1229.410859][ T2659] x11: 1fffe0000d5b25b1 x10: ffff80000d5b25b1 [ 1229.412791][ T2659] x9 : ffffa0001034bee0 x8 : ffff00006ad92d8f [ 1229.414707][ T2659] x7 : 0000000000000000 x6 : ffffa00015eacb20 [ 1229.416642][ T2659] x5 : ffff0000693c8040 x4 : 0000000000000000 [ 1229.418558][ T2659] x3 : ffffa0001034befc x2 : d57a7483a01c6300 [ 1229.420610][ T2659] x1 : 0000000000000000 x0 : 0000000000000059 [ 1229.422526][ T2659] Call trace: [ 1229.423631][ T2659] usercopy_abort+0xc8/0xcc [ 1229.425091][ T2659] __check_object_size+0xdc/0x7d4 [ 1229.426729][ T2659] put_cmsg+0xa30/0xa90 [ 1229.428132][ T2659] unix_dgram_recvmsg+0x80c/0x930 [ 1229.429731][ T2659] sock_recvmsg+0x9c/0xc0 [ 1229.431123][ T2659] ____sys_recvmsg+0x1cc/0x5f8 [ 1229.432663][ T2659] ___sys_recvmsg+0x100/0x160 [ 1229.434151][ T2659] __sys_recvmsg+0x110/0x1a8 [ 1229.435623][ T2659] __arm64_sys_recvmsg+0x58/0x70 [ 1229.437218][ T2659] el0_svc_common.constprop.1+0x29c/0x340 [ 1229.438994][ T2659] do_el0_svc+0xe8/0x108 [ 1229.440587][ T2659] el0_svc+0x74/0x88 [ 1229.441917][ T2659] el0_sync_handler+0xe4/0x8b4 [ 1229.443464][ T2659] el0_sync+0x17c/0x180 [ 1229.444920][ T2659] Code: aa1703e2 aa1603e1 910a8260 97ecc860 (d4210000) [ 1229.447070][ T2659] ---[ end trace 400497d91baeaf51 ]--- [ 1229.448791][ T2659] Kernel panic - not syncing: Fatal exception [ 1229.450692][ T2659] Kernel Offset: disabled [ 1229.452061][ T2659] CPU features: 0x240002,20002004 [ 1229.453647][ T2659] Memory Limit: none [ 1229.455015][ T2659] ---[ end Kernel panic - not syncing: Fatal exception ]--- Rework the so the default return value is -EOPNOTSUPP. There are likely other callbacks such as security_inode_getsecctx() that may have the same problem, and that someone that understand the code better needs to audit them. Thank you Arnd for helping me figure out what went wrong. Fixes: 98e828a0650f (""security: Refactor declaration of LSM hooks"") Signed-off-by: Anders Roxell Signed-off-by: Alexei Starovoitov Acked-by: James Morris Cc: Arnd Bergmann Link: https://lore.kernel.org/bpf/20200512174607.9630-1-anders.roxell@linaro.org","include/linux/lsm_hook_defs.h | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Fixes the default return value for secid_to_secctx hook in the bpf_lsm to prevent null pointer dereference.","secid_to_secctx,bpf_lsm,EOPNOTSUPP","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"516d8d497c017a6820019c76acbb7912a24ec57b","516d8d497c017a6820019c76acbb7912a24ec57b","Sumanth Korikkar","sumanthk@linux.ibm.com","1589384654","Alexei Starovoitov","ast@kernel.org","1589485457","a58f848e0d91cac20fdb130e25ca6e10fb768dd7","333291ce5055f2039afc907badaf5b66bc1adfdc","libbpf: Fix register naming in PT_REGS s390 macros Fix register naming in PT_REGS s390 macros Fixes: b8ebce86ffe6 (""libbpf: Provide CO-RE variants of PT_REGS macros"") Signed-off-by: Sumanth Korikkar Signed-off-by: Alexei Starovoitov Reviewed-by: Julian Wiedmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200513154414.29972-1-sumanthk@linux.ibm.com","tools/lib/bpf/bpf_tracing.h | 4 ++--; 1 file changed, 2 insertions(+), 2 deletions(-)","This commit fixes register naming in PT_REGS macros for the s390 architecture in libbpf.","register, s390, macros","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"333291ce5055f2039afc907badaf5b66bc1adfdc","333291ce5055f2039afc907badaf5b66bc1adfdc","Andrii Nakryiko","andriin@fb.com","1589327965","Alexei Starovoitov","ast@kernel.org","1589485204","27c603d11355ab26e741a267cf52b112b70a91b5","23ad04669f81f958e9a4121b0266228d2eb3c357","bpf: Fix bug in mmap() implementation for BPF array map mmap() subsystem allows user-space application to memory-map region with initial page offset. This wasn't taken into account in initial implementation of BPF array memory-mapping. This would result in wrong pages, not taking into account requested page shift, being memory-mmaped into user-space. This patch fixes this gap and adds a test for such scenario. Fixes: fc9702273e2e (""bpf: Add mmap() support for BPF_MAP_TYPE_ARRAY"") Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200512235925.3817805-1-andriin@fb.com","kernel/bpf/arraymap.c | 7 ++++++-; tools/testing/selftests/bpf/prog_tests/mmap.c | 8 ++++++++; 2 files changed, 14 insertions(+), 1 deletion(-)","The commit fixes a bug in mmap() implementation for BPF array map by accounting for initial page offsets and adds a corresponding test.","bug,mmap,BPF","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"23ad04669f81f958e9a4121b0266228d2eb3c357","23ad04669f81f958e9a4121b0266228d2eb3c357","Matteo Croce","mcroce@redhat.com","1589196754","Alexei Starovoitov","ast@kernel.org","1589485059","2ece36c6de87c9082ed13dc93c0903f6a87d10b5","9de5d235b60a7cdfcdd5461e70c5663e713fde87","samples: bpf: Fix build error GCC 10 is very strict about symbol clash, and lwt_len_hist_user contains a symbol which clashes with libbpf: /usr/bin/ld: samples/bpf/lwt_len_hist_user.o:(.bss+0x0): multiple definition of `bpf_log_buf'; samples/bpf/bpf_load.o:(.bss+0x8c0): first defined here collect2: error: ld returned 1 exit status bpf_log_buf here seems to be a leftover, so removing it. Signed-off-by: Matteo Croce Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200511113234.80722-1-mcroce@redhat.com","samples/bpf/lwt_len_hist_user.c | 2 --; 1 file changed, 2 deletions(-)","Fixes GCC 10 build error by removing a symbol conflict in lwt_len_hist_user.c.","GCC,symbol,conflict","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"8f4605ac3e64cbb929df1fa09d5c6cdf3f195e7b","8f4605ac3e64cbb929df1fa09d5c6cdf3f195e7b","Alexei Starovoitov","ast@kernel.org","1589398250","Alexei Starovoitov","ast@kernel.org","1589398312","eb5cdde87004c269a26a1e25fb0dd2d8264e98ee","0aa0372f9229bf66113343cc87a73611979ebe97 03421a92f5627430d23ed95df55958e04848f184","Merge branch 'bpf_iter-fixes' Yonghong Song says: ==================== Commit ae24345da54e (""bpf: Implement an interface to register bpf_iter targets"") and its subsequent commits in the same patch set introduced bpf iterator, a way to run bpf program when iterating kernel data structures. This patch set addressed some followup issues. One big change is to allow target to pass ctx arg register types to verifier for verification purpose. Please see individual patch for details. Changelogs: v1 -> v2: . add ""const"" qualifier to struct bpf_iter_reg for bpf_iter_[un]reg_target, and this results in additional ""const"" qualifiers in some other places . drop the patch which will issue WARN_ONCE if seq_ops->show() returns a positive value. If this does happen, code review should spot this or author does know what he is doing. In the future, we do want to implement a mechanism to find out all registered targets so we will be aware of new additions. ==================== Acked-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov ","","The commit merges 'bpf_iter-fixes' to address issues and enhance verifier functionality for bpf iterators.","merge,bpf_iter,verifier","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"03421a92f5627430d23ed95df55958e04848f184","03421a92f5627430d23ed95df55958e04848f184","Yonghong Song","yhs@fb.com","1589392943","Alexei Starovoitov","ast@kernel.org","1589398250","eb5cdde87004c269a26a1e25fb0dd2d8264e98ee","3c32cc1bceba8a1755dc35cd97516f6c67856844","samples/bpf: Remove compiler warnings Commit 5fbc220862fc (""tools/libpf: Add offsetof/container_of macro in bpf_helpers.h"") added macros offsetof/container_of to bpf_helpers.h. Unfortunately, it caused compilation warnings below for a few samples/bpf programs: In file included from /data/users/yhs/work/net-next/samples/bpf/sockex2_kern.c:4: In file included from /data/users/yhs/work/net-next/include/uapi/linux/in.h:24: In file included from /data/users/yhs/work/net-next/include/linux/socket.h:8: In file included from /data/users/yhs/work/net-next/include/linux/uio.h:8: /data/users/yhs/work/net-next/include/linux/kernel.h:992:9: warning: 'container_of' macro redefined [-Wmacro-redefined] ^ /data/users/yhs/work/net-next/tools/lib/bpf/bpf_helpers.h:46:9: note: previous definition is here ^ 1 warning generated. CLANG-bpf samples/bpf/sockex3_kern.o In all these cases, bpf_helpers.h is included first, followed by other standard headers. The macro container_of is defined unconditionally in kernel.h, causing the compiler warning. The fix is to move bpf_helpers.h after standard headers. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200513180223.2949987-1-yhs@fb.com","samples/bpf/offwaketime_kern.c | 4 ++--; samples/bpf/sockex2_kern.c | 4 ++--; samples/bpf/sockex3_kern.c | 4 ++--; 3 files changed, 6 insertions(+), 6 deletions(-)","The commit reorders header includes to resolve compiler warnings in eBPF sample programs.","compiler,warnings,eBPF","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"3c32cc1bceba8a1755dc35cd97516f6c67856844","3c32cc1bceba8a1755dc35cd97516f6c67856844","Yonghong Song","yhs@fb.com","1589392941","Alexei Starovoitov","ast@kernel.org","1589398250","10e978c4bc1374703070d8ecee9e4e007b13183b","ab2ee4fcb9d61fd57db70db694adbcf54662bd80","bpf: Enable bpf_iter targets registering ctx argument types Commit b121b341e598 (""bpf: Add PTR_TO_BTF_ID_OR_NULL support"") adds a field btf_id_or_null_non0_off to bpf_prog->aux structure to indicate that the first ctx argument is PTR_TO_BTF_ID reg_type and all others are PTR_TO_BTF_ID_OR_NULL. This approach does not really scale if we have other different reg types in the future, e.g., a pointer to a buffer. This patch enables bpf_iter targets registering ctx argument reg types which may be different from the default one. For example, for pointers to structures, the default reg_type is PTR_TO_BTF_ID for tracing program. The target can register a particular pointer type as PTR_TO_BTF_ID_OR_NULL which can be used by the verifier to enforce accesses. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200513180221.2949882-1-yhs@fb.com","include/linux/bpf.h | 12 +++++++++++-; include/net/ip6_fib.h | 7 +++++++; kernel/bpf/bpf_iter.c | 5 +++++; kernel/bpf/btf.c | 15 ++++++++++-----; kernel/bpf/map_iter.c | 5 +++++; kernel/bpf/task_iter.c | 12 ++++++++++++; kernel/bpf/verifier.c | 1 -; net/ipv6/ip6_fib.c | 5 -----; net/ipv6/route.c | 5 +++++; net/netlink/af_netlink.c | 5 +++++; 10 files changed, 60 insertions(+), 12 deletions(-)","The commit enables bpf_iter targets to register different ctx argument types to enhance verifier capabilities.","bpf_iter, ctx_argument, verifier","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.']" +"ab2ee4fcb9d61fd57db70db694adbcf54662bd80","ab2ee4fcb9d61fd57db70db694adbcf54662bd80","Yonghong Song","yhs@fb.com","1589392940","Alexei Starovoitov","ast@kernel.org","1589398250","40305c8c6341399cf726ef6553c8fa88c4938f98","15172a46fa2796c1a1358a36babd31274716ed41","bpf: Change func bpf_iter_unreg_target() signature Change func bpf_iter_unreg_target() parameter from target name to target reg_info, similar to bpf_iter_reg_target(). Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200513180220.2949737-1-yhs@fb.com","include/linux/bpf.h | 2 +-; kernel/bpf/bpf_iter.c | 4 ++--; net/ipv6/route.c | 2 +-; 3 files changed, 4 insertions(+), 4 deletions(-)","The commit updates the bpf_iter_unreg_target function signature to use target reg_info instead of target name.","bpf_iter_unreg_target, reg_info, signature","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", 'Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.']" +"15172a46fa2796c1a1358a36babd31274716ed41","15172a46fa2796c1a1358a36babd31274716ed41","Yonghong Song","yhs@fb.com","1589392939","Alexei Starovoitov","ast@kernel.org","1589398250","c03b6ee05a943f83193860af50c6a9b364b13d4f","2e3ed68bfcd9c5ca2cf8b88ba23a34992ccd0b1f","bpf: net: Refactor bpf_iter target registration Currently bpf_iter_reg_target takes parameters from target and allocates memory to save them. This is really not necessary, esp. in the future we may grow information passed from targets to bpf_iter manager. The patch refactors the code so target reg_info becomes static and bpf_iter manager can just take a reference to it. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200513180219.2949605-1-yhs@fb.com","include/linux/bpf.h | 2 +-; kernel/bpf/bpf_iter.c | 36 +++++++++++++++++-------------------; kernel/bpf/map_iter.c | 18 +++++++++---------; kernel/bpf/task_iter.c | 30 ++++++++++++++++--------------; net/ipv6/route.c | 18 +++++++++---------; net/netlink/af_netlink.c | 18 +++++++++---------; 6 files changed, 61 insertions(+), 61 deletions(-)","Refactor bpf_iter target registration to make reg_info static, eliminating unnecessary memory allocation for future expansions.","bpf_iter, refactor, registration","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"2e3ed68bfcd9c5ca2cf8b88ba23a34992ccd0b1f","2e3ed68bfcd9c5ca2cf8b88ba23a34992ccd0b1f","Yonghong Song","yhs@fb.com","1589392938","Alexei Starovoitov","ast@kernel.org","1589398250","7a6512153de614c5ef0f5ef361da4ba3d19d5b7b","21aef70eade22a656297c28d5da93301915d2ac2","bpf: Add comments to interpret bpf_prog return values Add a short comment in bpf_iter_run_prog() function to explain how bpf_prog return value is converted to seq_ops->show() return value: bpf_prog return seq_ops()->show() return 0 0 1 -EAGAIN When show() return value is -EAGAIN, the current bpf_seq_read() will end. If the current seq_file buffer is empty, -EAGAIN will return to user space. Otherwise, the buffer will be copied to user space. In both cases, the next bpf_seq_read() call will try to show the same object which returned -EAGAIN previously. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200513180218.2949517-1-yhs@fb.com","kernel/bpf/bpf_iter.c | 6 ++++++; 1 file changed, 6 insertions(+)","The commit adds comments to clarify the conversion of bpf_prog return values in the bpf_iter_run_prog() function.","comments, bpf_prog, conversion","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.']" +"21aef70eade22a656297c28d5da93301915d2ac2","21aef70eade22a656297c28d5da93301915d2ac2","Yonghong Song","yhs@fb.com","1589392936","Alexei Starovoitov","ast@kernel.org","1589398249","65d4b196f967e2b3d0f5a4b471f00bd75fd8f906","99aaf53e2f7c4a1b152b7f300c6b07ffbc2fe192","bpf: Change btf_iter func proto prefix to ""bpf_iter_"" This is to be consistent with tracing and lsm programs which have prefix ""bpf_trace_"" and ""bpf_lsm_"" respectively. Suggested-by: Alexei Starovoitov Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200513180216.2949387-1-yhs@fb.com","include/linux/bpf.h | 6 +++---; tools/lib/bpf/libbpf.c | 2 +-; 2 files changed, 4 insertions(+), 4 deletions(-)","This commit renames BTF iterator function prototype prefixes for consistency with tracing and LSM programs.","btf_iter,bpf_iter,rename","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"99aaf53e2f7c4a1b152b7f300c6b07ffbc2fe192","99aaf53e2f7c4a1b152b7f300c6b07ffbc2fe192","Yonghong Song","yhs@fb.com","1589392935","Alexei Starovoitov","ast@kernel.org","1589398249","5fa064c03afbcde41ec88725b0bb720be64eb55c","0aa0372f9229bf66113343cc87a73611979ebe97","tools/bpf: selftests : Explain bpf_iter test failures with llvm 10.0.0 Commit 6879c042e105 (""tools/bpf: selftests: Add bpf_iter selftests"") added self tests for bpf_iter feature. But two subtests ipv6_route and netlink needs llvm latest 10.x release branch or trunk due to a bug in llvm BPF backend. This patch added the file README.rst to document these two failures so people using llvm 10.0.0 can be aware of them. Suggested-by: Alexei Starovoitov Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200513180215.2949237-1-yhs@fb.com","tools/testing/selftests/bpf/README.rst | 43 ++++++++++++++++++++++++++++++++++; 1 file changed, 43 insertions(+)","The commit documents bpf_iter test failures with LLVM 10.0.0 in selftests for awareness.","bpf_iter,selftests,LLVM","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"c5d420c32cb44fdd10d76f0f01bcd0b09383d0b5","c5d420c32cb44fdd10d76f0f01bcd0b09383d0b5","Andrii Nakryiko","andriin@fb.com","1589311485","Alexei Starovoitov","ast@kernel.org","1589397578","4c9bb7338b851dc010ee408e7b833677de98d190","4eaf0b5c5e04c21a866431bd763ab4b1f24c4d16","selftest/bpf: Add BPF triggering benchmark It is sometimes desirable to be able to trigger BPF program from user-space with minimal overhead. sys_enter would seem to be a good candidate, yet in a lot of cases there will be a lot of noise from syscalls triggered by other processes on the system. So while searching for low-overhead alternative, I've stumbled upon getpgid() syscall, which seems to be specific enough to not suffer from accidental syscall by other apps. This set of benchmarks compares tp, raw_tp w/ filtering by syscall ID, kprobe, fentry and fmod_ret with returning error (so that syscall would not be executed), to determine the lowest-overhead way. Here are results on my machine (using benchs/run_bench_trigger.sh script): base : 9.200 ± 0.319M/s tp : 6.690 ± 0.125M/s rawtp : 8.571 ± 0.214M/s kprobe : 6.431 ± 0.048M/s fentry : 8.955 ± 0.241M/s fmodret : 8.903 ± 0.135M/s So it seems like fmodret doesn't give much benefit for such lightweight syscall. Raw tracepoint is pretty decent despite additional filtering logic, but it will be called for any other syscall in the system, which rules it out. Fentry, though, seems to be adding the least amoung of overhead and achieves 97.3% of performance of baseline no-BPF-attached syscall. Using getpgid() seems to be preferable to set_task_comm() approach from test_overhead, as it's about 2.35x faster in a baseline performance. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Acked-by: John Fastabend Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200512192445.2351848-5-andriin@fb.com","tools/testing/selftests/bpf/Makefile | 4 +-; tools/testing/selftests/bpf/bench.c | 12 ++; tools/testing/selftests/bpf/benchs/bench_trigger.c | 167 +++++++++++++++++++++; .../selftests/bpf/benchs/run_bench_trigger.sh | 9 ++; tools/testing/selftests/bpf/progs/trigger_bench.c | 47 ++++++; 5 files changed, 238 insertions(+), 1 deletion(-)","This commit adds benchmarks to test the overhead of various BPF program trigger methods using the getpgid() syscall.","BPF,benchmark,getpgid","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', 'kprobe/ftrace like type kernel dynamic probe programs. It affects kernel-level probes used for tracing kernel functions. It can be other kernel probes in perf-events.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"4eaf0b5c5e04c21a866431bd763ab4b1f24c4d16","4eaf0b5c5e04c21a866431bd763ab4b1f24c4d16","Andrii Nakryiko","andriin@fb.com","1589311484","Alexei Starovoitov","ast@kernel.org","1589397578","b87945d54c2f31218f6d65facefa0bd60b71bf61","8e7c2a023ac04e04c72cd7b640329511dda92672","selftest/bpf: Fmod_ret prog and implement test_overhead as part of bench Add fmod_ret BPF program to existing test_overhead selftest. Also re-implement user-space benchmarking part into benchmark runner to compare results. Results with ./bench are consistently somewhat lower than test_overhead's, but relative performance of various types of BPF programs stay consisten (e.g., kretprobe is noticeably slower). This slowdown seems to be coming from the fact that test_overhead is single-threaded, while benchmark always spins off at least one thread for producer. This has been confirmed by hacking multi-threaded test_overhead variant and also single-threaded bench variant. Resutls are below. run_bench_rename.sh script from benchs/ subdirectory was used to produce results for ./bench. Single-threaded implementations =============================== /* bench: single-threaded, atomics */ base : 4.622 ± 0.049M/s kprobe : 3.673 ± 0.052M/s kretprobe : 2.625 ± 0.052M/s rawtp : 4.369 ± 0.089M/s fentry : 4.201 ± 0.558M/s fexit : 4.309 ± 0.148M/s fmodret : 4.314 ± 0.203M/s /* selftest: single-threaded, no atomics */ task_rename base 4555K events per sec task_rename kprobe 3643K events per sec task_rename kretprobe 2506K events per sec task_rename raw_tp 4303K events per sec task_rename fentry 4307K events per sec task_rename fexit 4010K events per sec task_rename fmod_ret 3984K events per sec Multi-threaded implementations ============================== /* bench: multi-threaded w/ atomics */ base : 3.910 ± 0.023M/s kprobe : 3.048 ± 0.037M/s kretprobe : 2.300 ± 0.015M/s rawtp : 3.687 ± 0.034M/s fentry : 3.740 ± 0.087M/s fexit : 3.510 ± 0.009M/s fmodret : 3.485 ± 0.050M/s /* selftest: multi-threaded w/ atomics */ task_rename base 3872K events per sec task_rename kprobe 3068K events per sec task_rename kretprobe 2350K events per sec task_rename raw_tp 3731K events per sec task_rename fentry 3639K events per sec task_rename fexit 3558K events per sec task_rename fmod_ret 3511K events per sec /* selftest: multi-threaded, no atomics */ task_rename base 3945K events per sec task_rename kprobe 3298K events per sec task_rename kretprobe 2451K events per sec task_rename raw_tp 3718K events per sec task_rename fentry 3782K events per sec task_rename fexit 3543K events per sec task_rename fmod_ret 3526K events per sec Note that the fact that ./bench benchmark always uses atomic increments for counting, while test_overhead doesn't, doesn't influence test results all that much. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Acked-by: John Fastabend Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200512192445.2351848-4-andriin@fb.com","tools/testing/selftests/bpf/Makefile | 4 +-; tools/testing/selftests/bpf/bench.c | 14 ++; tools/testing/selftests/bpf/benchs/bench_rename.c | 195 +++++++++++++++++++++; .../selftests/bpf/benchs/run_bench_rename.sh | 9 +; .../selftests/bpf/prog_tests/test_overhead.c | 14 +-; tools/testing/selftests/bpf/progs/test_overhead.c | 6 +; 6 files changed, 240 insertions(+), 2 deletions(-)","The commit adds and tests the fmod_ret BPF program as part of a selftest and benchmarking suite.","fmod_ret, benchmark, test_overhead","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"8e7c2a023ac04e04c72cd7b640329511dda92672","8e7c2a023ac04e04c72cd7b640329511dda92672","Andrii Nakryiko","andriin@fb.com","1589311483","Alexei Starovoitov","ast@kernel.org","1589397578","08c86f56a5d23adc94594beb4aac21a9cd3e960e","cd49291ce18aeef3f2ec950bc99bd72d5a05fa86","selftests/bpf: Add benchmark runner infrastructure While working on BPF ringbuf implementation, testing, and benchmarking, I've developed a pretty generic and modular benchmark runner, which seems to be generically useful, as I've already used it for one more purpose (testing fastest way to trigger BPF program, to minimize overhead of in-kernel code). This patch adds generic part of benchmark runner and sets up Makefile for extending it with more sets of benchmarks. Benchmarker itself operates by spinning up specified number of producer and consumer threads, setting up interval timer sending SIGALARM signal to application once a second. Every second, current snapshot with hits/drops counters are collected and stored in an array. Drops are useful for producer/consumer benchmarks in which producer might overwhelm consumers. Once test finishes after given amount of warm-up and testing seconds, mean and stddev are calculated (ignoring warm-up results) and is printed out to stdout. This setup seems to give consistent and accurate results. To validate behavior, I added two atomic counting tests: global and local. For global one, all the producer threads are atomically incrementing same counter as fast as possible. This, of course, leads to huge drop of performance once there is more than one producer thread due to CPUs fighting for the same memory location. Local counting, on the other hand, maintains one counter per each producer thread, incremented independently. Once per second, all counters are read and added together to form final ""counting throughput"" measurement. As expected, such setup demonstrates linear scalability with number of producers (as long as there are enough physical CPU cores, of course). See example output below. Also, this setup can nicely demonstrate disastrous effects of false sharing, if care is not taken to take those per-producer counters apart into independent cache lines. Demo output shows global counter first with 1 producer, then with 4. Both total and per-producer performance significantly drop. The last run is local counter with 4 producers, demonstrating near-perfect scalability. $ ./bench -a -w1 -d2 -p1 count-global Setting up benchmark 'count-global'... Benchmark 'count-global' started. Iter 0 ( 24.822us): hits 148.179M/s (148.179M/prod), drops 0.000M/s Iter 1 ( 37.939us): hits 149.308M/s (149.308M/prod), drops 0.000M/s Iter 2 (-10.774us): hits 150.717M/s (150.717M/prod), drops 0.000M/s Iter 3 ( 3.807us): hits 151.435M/s (151.435M/prod), drops 0.000M/s Summary: hits 150.488 ± 1.079M/s (150.488M/prod), drops 0.000 ± 0.000M/s $ ./bench -a -w1 -d2 -p4 count-global Setting up benchmark 'count-global'... Benchmark 'count-global' started. Iter 0 ( 60.659us): hits 53.910M/s ( 13.477M/prod), drops 0.000M/s Iter 1 (-17.658us): hits 53.722M/s ( 13.431M/prod), drops 0.000M/s Iter 2 ( 5.865us): hits 53.495M/s ( 13.374M/prod), drops 0.000M/s Iter 3 ( 0.104us): hits 53.606M/s ( 13.402M/prod), drops 0.000M/s Summary: hits 53.608 ± 0.113M/s ( 13.402M/prod), drops 0.000 ± 0.000M/s $ ./bench -a -w1 -d2 -p4 count-local Setting up benchmark 'count-local'... Benchmark 'count-local' started. Iter 0 ( 23.388us): hits 640.450M/s (160.113M/prod), drops 0.000M/s Iter 1 ( 2.291us): hits 605.661M/s (151.415M/prod), drops 0.000M/s Iter 2 ( -6.415us): hits 607.092M/s (151.773M/prod), drops 0.000M/s Iter 3 ( -1.361us): hits 601.796M/s (150.449M/prod), drops 0.000M/s Summary: hits 604.849 ± 2.739M/s (151.212M/prod), drops 0.000 ± 0.000M/s Benchmark runner supports setting thread affinity for producer and consumer threads. You can use -a flag for default CPU selection scheme, where first consumer gets CPU #0, next one gets CPU #1, and so on. Then producer threads pick up next CPU and increment one-by-one as well. But user can also specify a set of CPUs independently for producers and consumers with --prod-affinity 1,2-10,15 and --cons-affinity . The latter allows to force producers and consumers to share same set of CPUs, if necessary. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200512192445.2351848-3-andriin@fb.com","tools/testing/selftests/bpf/.gitignore | 1 +; tools/testing/selftests/bpf/Makefile | 13 +-; tools/testing/selftests/bpf/bench.c | 423 +++++++++++++++++++++++; tools/testing/selftests/bpf/bench.h | 81 +++++; tools/testing/selftests/bpf/benchs/bench_count.c | 91 +++++; 5 files changed, 608 insertions(+), 1 deletion(-)","The commit introduces a modular benchmark runner infrastructure for BPF selftests to aid in performance testing and benchmarking.","benchmark, runner, selftests","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"cd49291ce18aeef3f2ec950bc99bd72d5a05fa86","cd49291ce18aeef3f2ec950bc99bd72d5a05fa86","Andrii Nakryiko","andriin@fb.com","1589311482","Alexei Starovoitov","ast@kernel.org","1589397578","19a0d826c4a6491cb89d43e0a3f1d5654a12b415","fd9eef1a132d1974405c3ebf9d5688ec5c51da94","selftests/bpf: Extract parse_num_list into generic testing_helpers.c Add testing_helpers.c, which will contain generic helpers for test runners and tests needing some common generic functionality, like parsing a set of numbers. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200512192445.2351848-2-andriin@fb.com","tools/testing/selftests/bpf/Makefile | 3 +-; tools/testing/selftests/bpf/test_progs.c | 67 ++-------------------------; tools/testing/selftests/bpf/test_progs.h | 1 +; tools/testing/selftests/bpf/testing_helpers.c | 66 ++++++++++++++++++++++++++; tools/testing/selftests/bpf/testing_helpers.h | 5 ++; 5 files changed, 78 insertions(+), 64 deletions(-)","The commit organizes common testing functions into testing_helpers.c for BPF selftests.","selftests,generic,helpers","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"fd9eef1a132d1974405c3ebf9d5688ec5c51da94","fd9eef1a132d1974405c3ebf9d5688ec5c51da94","Eelco Chaudron","echaudro@redhat.com","1589274280","Daniel Borkmann","daniel@iogearbox.net","1589358594","0843535343ed67d8743ad0df18e895d77f801209","309b81f0fdc4209d998bc63f0da52c2e96340d4e","libbpf: Fix probe code to return EPERM if encountered When the probe code was failing for any reason ENOTSUP was returned, even if this was due to not having enough lock space. This patch fixes this by returning EPERM to the user application, so it can respond and increase the RLIMIT_MEMLOCK size. Signed-off-by: Eelco Chaudron Signed-off-by: Daniel Borkmann Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/158927424896.2342.10402475603585742943.stgit@ebuild","tools/lib/bpf/libbpf.c | 36 +++++++++++++++++++++++++++++-------; 1 file changed, 29 insertions(+), 7 deletions(-)","The commit fixes libbpf probe code to return EPERM properly when lock space is insufficient, allowing user applications to adjust RLIMIT_MEMLOCK.","libbpf,fix,EPERM","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"309b81f0fdc4209d998bc63f0da52c2e96340d4e","309b81f0fdc4209d998bc63f0da52c2e96340d4e","Yauheni Kaliuta","yauheni.kaliuta@redhat.com","1589336242","Daniel Borkmann","daniel@iogearbox.net","1589358341","6b23174084f77516dfb5ab70b4abe58978d3c5ad","ff20460e94af5d11ebffd9d97c1eaa00e520ecbe","selftests/bpf: Install generated test progs Before commit 74b5a5968fe8 (""selftests/bpf: Replace test_progs and test_maps w/ general rule"") selftests/bpf used generic install target from selftests/lib.mk to install generated bpf test progs by mentioning them in TEST_GEN_FILES variable. Take that functionality back. Fixes: 74b5a5968fe8 (""selftests/bpf: Replace test_progs and test_maps w/ general rule"") Signed-off-by: Yauheni Kaliuta Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200513021722.7787-1-yauheni.kaliuta@redhat.com","tools/testing/selftests/bpf/Makefile | 1 +; 1 file changed, 1 insertion(+)","This commit reinstates installation of generated BPF test programs using a makefile change in selftests.","selftests,install,makefile","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"ff20460e94af5d11ebffd9d97c1eaa00e520ecbe","ff20460e94af5d11ebffd9d97c1eaa00e520ecbe","Quentin Monnet","quentin@isovalent.com","1589213736","Daniel Borkmann","daniel@iogearbox.net","1589224856","7702390326cdd84ba3e85d263f4f51b88281e85d","ab8d78093dfa2e7820ca0c28dda9142aa771c510","tools, bpf: Synchronise BPF UAPI header with tools Synchronise the bpf.h header under tools, to report the fixes recently brought to the documentation for the BPF helpers. Signed-off-by: Quentin Monnet Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200511161536.29853-5-quentin@isovalent.com","tools/include/uapi/linux/bpf.h | 109 ++++++++++++++++++++++-------------------; 1 file changed, 59 insertions(+), 50 deletions(-)","The commit synchronizes the BPF UAPI header in tools with recent documentation fixes for BPF helpers.","Synchronise,BPF,tools","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"ab8d78093dfa2e7820ca0c28dda9142aa771c510","ab8d78093dfa2e7820ca0c28dda9142aa771c510","Quentin Monnet","quentin@isovalent.com","1589213735","Daniel Borkmann","daniel@iogearbox.net","1589224853","9a70e74818d4814e139bb87636b482eb3ec740c8","c8caa0bb4b383a86a77f4c8727a4f7c7f9825260","bpf: Minor fixes to BPF helpers documentation Minor improvements to the documentation for BPF helpers: * Fix formatting for the description of ""bpf_socket"" for bpf_getsockopt() and bpf_setsockopt(), thus suppressing two warnings from rst2man about ""Unexpected indentation"". * Fix formatting for return values for bpf_sk_assign() and seq_file helpers. * Fix and harmonise formatting, in particular for function/struct names. * Remove blank lines before ""Return:"" sections. * Replace tabs found in the middle of text lines. * Fix typos. * Add a note to the footer (in Python script) about ""bpftool feature probe"", including for listing features available to unprivileged users, and add a reference to bpftool man page. Thanks to Florian for reporting two typos (duplicated words). Signed-off-by: Quentin Monnet Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200511161536.29853-4-quentin@isovalent.com","include/uapi/linux/bpf.h | 109 ++++++++++++++++++++++++---------------------; scripts/bpf_helpers_doc.py | 6 +++; 2 files changed, 65 insertions(+), 50 deletions(-)","This commit involves formatting fixes and improvements to the documentation for BPF helper functions.","documentation, formatting, helpers","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"c8caa0bb4b383a86a77f4c8727a4f7c7f9825260","c8caa0bb4b383a86a77f4c8727a4f7c7f9825260","Quentin Monnet","quentin@isovalent.com","1589213734","Daniel Borkmann","daniel@iogearbox.net","1589224850","a4aaf4dd6e0b8bb672066ec5459702ae64fcebf1","6e7e034e88e8e22cb14765c86da92416017e45b8","tools, bpftool: Minor fixes for documentation Bring minor improvements to bpftool documentation. Fix or harmonise formatting, update map types (including in interactive help), improve description for ""map create"", fix a build warning due to a missing line after the double-colon for the ""bpftool prog profile"" example, complete/harmonise/sort the list of related bpftool man pages in footers. v2: - Remove (instead of changing) mark-up on ""value"" in bpftool-map.rst, when it does not refer to something passed on the command line. - Fix an additional typo (""hexadeximal"") in the same file. Signed-off-by: Quentin Monnet Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200511161536.29853-3-quentin@isovalent.com","tools/bpf/bpftool/Documentation/bpftool-btf.rst | 11 +++++--; tools/bpf/bpftool/Documentation/bpftool-cgroup.rst | 12 ++++---; .../bpf/bpftool/Documentation/bpftool-feature.rst | 12 ++++---; tools/bpf/bpftool/Documentation/bpftool-gen.rst | 21 ++++++------; tools/bpf/bpftool/Documentation/bpftool-iter.rst | 12 +++----; tools/bpf/bpftool/Documentation/bpftool-link.rst | 9 ++++--; tools/bpf/bpftool/Documentation/bpftool-map.rst | 37 ++++++++++++++--------; tools/bpf/bpftool/Documentation/bpftool-net.rst | 12 ++++---; tools/bpf/bpftool/Documentation/bpftool-perf.rst | 12 ++++---; tools/bpf/bpftool/Documentation/bpftool-prog.rst | 23 ++++++++------; .../bpftool/Documentation/bpftool-struct_ops.rst | 11 ++++---; tools/bpf/bpftool/Documentation/bpftool.rst | 11 ++++---; tools/bpf/bpftool/map.c | 3 +-; 13 files changed, 116 insertions(+), 70 deletions(-)","This commit brings minor improvements to bpftool documentation by fixing typos harmonizing formatting and updating descriptions.","bpftool,documentation,fixes","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"6e7e034e88e8e22cb14765c86da92416017e45b8","6e7e034e88e8e22cb14765c86da92416017e45b8","Quentin Monnet","quentin@isovalent.com","1589213733","Daniel Borkmann","daniel@iogearbox.net","1589224846","a51838934255b07523f0eaf6517713ff7c92a99f","385bbf7b119a4feb6d6bcf3586f1bb1dd9c5b0a0","tools, bpftool: Poison and replace kernel integer typedefs Replace the use of kernel-only integer typedefs (u8, u32, etc.) by their user space counterpart (__u8, __u32, etc.). Similarly to what libbpf does, poison the typedefs to avoid introducing them again in the future. Signed-off-by: Quentin Monnet Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200511161536.29853-2-quentin@isovalent.com","tools/bpf/bpftool/btf_dumper.c | 4 ++--; tools/bpf/bpftool/cfg.c | 4 ++--; tools/bpf/bpftool/main.h | 3 +++; tools/bpf/bpftool/map_perf_ring.c | 2 +-; tools/bpf/bpftool/prog.c | 2 +-; 5 files changed, 9 insertions(+), 6 deletions(-)","This commit replaces kernel integer typedefs with user space equivalents in the bpftool utility.","bpftool, integer, typedefs","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"385bbf7b119a4feb6d6bcf3586f1bb1dd9c5b0a0","385bbf7b119a4feb6d6bcf3586f1bb1dd9c5b0a0","Gustavo A. R. Silva","gustavoars@kernel.org","1588877457","Daniel Borkmann","daniel@iogearbox.net","1589209007","46fe9e3745705302599a9e8fb89bf176bf755cf2","b4563facdcae55c83039d5efcc3b45a63da14d2f","bpf, libbpf: Replace zero-length array with flexible-array The current codebase makes use of the zero-length array language extension to the C90 standard, but the preferred mechanism to declare variable-length types such as these ones is a flexible array member[1][2], introduced in C99: struct foo { int stuff; struct boo array[]; }; By making use of the mechanism above, we will get a compiler warning in case the flexible array does not occur last in the structure, which will help us prevent some kind of undefined behavior bugs from being inadvertently introduced[3] to the codebase from now on. Also, notice that, dynamic memory allocations won't be affected by this change: ""Flexible array members have incomplete type, and so the sizeof operator may not be applied. As a quirk of the original implementation of zero-length arrays, sizeof evaluates to zero.""[1] sizeof(flexible-array-member) triggers a warning because flexible array members have incomplete type[1]. There are some instances of code in which the sizeof operator is being incorrectly/erroneously applied to zero-length arrays and the result is zero. Such instances may be hiding some bugs. So, this work (flexible-array member conversions) will also help to get completely rid of those sorts of issues. This issue was found with the help of Coccinelle. [1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html [2] https://github.com/KSPP/linux/issues/21 [3] commit 76497732932f (""cxgb3/l2t: Fix undefined behaviour"") Signed-off-by: Gustavo A. R. Silva Signed-off-by: Daniel Borkmann Acked-by: Yonghong Song Link: https://lore.kernel.org/bpf/20200507185057.GA13981@embeddedor","kernel/bpf/queue_stack_maps.c | 2 +-; tools/lib/bpf/libbpf.c | 2 +-; tools/lib/bpf/libbpf_internal.h | 2 +-; tools/testing/selftests/bpf/progs/core_reloc_types.h | 2 +-; 4 files changed, 4 insertions(+), 4 deletions(-)","Replaces zero-length arrays with flexible arrays in eBPF for safer structure definitions.","flexible-array, libbpf, Coccinelle","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"fd868f14818901821699988fdac680ebd80cd360","fd868f14818901821699988fdac680ebd80cd360","Luke Nelson","lukenels@cs.washington.edu","1588961746","Will Deacon","will@kernel.org","1589196099","7cbceb89d9585da12aac300019a938310e42a0aa","fd49591cb49b72abd1b665222a635ccb17df7923","bpf, arm64: Optimize ADD,SUB,JMP BPF_K using arm64 add/sub immediates The current code for BPF_{ADD,SUB} BPF_K loads the BPF immediate to a temporary register before performing the addition/subtraction. Similarly, BPF_JMP BPF_K cases load the immediate to a temporary register before comparison. This patch introduces optimizations that use arm64 immediate add, sub, cmn, or cmp instructions when the BPF immediate fits. If the immediate does not fit, it falls back to using a temporary register. Example of generated code for BPF_ALU64_IMM(BPF_ADD, R0, 2): without optimization: 24: mov x10, #0x2 28: add x7, x7, x10 with optimization: 24: add x7, x7, #0x2 The code could use A64_{ADD,SUB}_I directly and check if it returns AARCH64_BREAK_FAULT, similar to how logical immediates are handled. However, aarch64_insn_gen_add_sub_imm from insn.c prints error messages when the immediate does not fit, and it's simpler to check if the immediate fits ahead of time. Co-developed-by: Xi Wang Signed-off-by: Xi Wang Signed-off-by: Luke Nelson Acked-by: Daniel Borkmann Link: https://lore.kernel.org/r/20200508181547.24783-4-luke.r.nels@gmail.com Signed-off-by: Will Deacon ","arch/arm64/net/bpf_jit.h | 8 ++++++++; arch/arm64/net/bpf_jit_comp.c | 36 ++++++++++++++++++++++++++++++------; 2 files changed, 38 insertions(+), 6 deletions(-)","This commit optimizes the arm64 eBPF JIT compiler for immediate operations like ADD, SUB, and JMP using arm64 instructions directly.","arm64,optimization,JIT","A performance optimization. It improves the performance of existing code such as reducing latency or improving throughput.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"fd49591cb49b72abd1b665222a635ccb17df7923","fd49591cb49b72abd1b665222a635ccb17df7923","Luke Nelson","lukenels@cs.washington.edu","1588961745","Will Deacon","will@kernel.org","1589196099","bfc1029abeee3aff6580e3346a49f81436682794","579d1b3faa3735e781ff74aac0afd598515dbc63","bpf, arm64: Optimize AND,OR,XOR,JSET BPF_K using arm64 logical immediates The current code for BPF_{AND,OR,XOR,JSET} BPF_K loads the immediate to a temporary register before use. This patch changes the code to avoid using a temporary register when the BPF immediate is encodable using an arm64 logical immediate instruction. If the encoding fails (due to the immediate not being encodable), it falls back to using a temporary register. Example of generated code for BPF_ALU32_IMM(BPF_AND, R0, 0x80000001): without optimization: 24: mov w10, #0x8000ffff 28: movk w10, #0x1 2c: and w7, w7, w10 with optimization: 24: and w7, w7, #0x80000001 Since the encoding process is quite complex, the JIT reuses existing functionality in arch/arm64/kernel/insn.c for encoding logical immediates rather than duplicate it in the JIT. Co-developed-by: Xi Wang Signed-off-by: Xi Wang Signed-off-by: Luke Nelson Acked-by: Daniel Borkmann Link: https://lore.kernel.org/r/20200508181547.24783-3-luke.r.nels@gmail.com Signed-off-by: Will Deacon ","arch/arm64/net/bpf_jit.h | 14 ++++++++++++++; arch/arm64/net/bpf_jit_comp.c | 37 +++++++++++++++++++++++++++++--------; 2 files changed, 43 insertions(+), 8 deletions(-)","Optimize BPF operations by using arm64 logical immediates when encoding allows, reducing reliance on temporary registers.","optimize, arm64, immediate","A performance optimization. It improves the performance of existing code such as reducing latency or improving throughput.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"b4563facdcae55c83039d5efcc3b45a63da14d2f","b4563facdcae55c83039d5efcc3b45a63da14d2f","Song Liu","songliubraving@fb.com","1588613786","Alexei Starovoitov","ast@kernel.org","1589072493","2360ace1000f2787c6c75de7377bb7a7e092055b","180139dca8b38c858027b8360ee10064fdb2fbf7","bpf, runqslower: include proper uapi/bpf.h runqslower doesn't specify include path for uapi/bpf.h. This causes the following warning: In file included from runqslower.c:10: .../tools/testing/selftests/bpf/tools/include/bpf/bpf.h:234:38: warning: 'enum bpf_stats_type' declared inside parameter list will not be visible outside of this definition or declaration 234 | LIBBPF_API int bpf_enable_stats(enum bpf_stats_type type); Fix this by adding -I tools/includ/uapi to the Makefile. Reported-by: Alexei Starovoitov Signed-off-by: Song Liu Acked-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov ","tools/bpf/runqslower/Makefile | 3 ++-; 1 file changed, 2 insertions(+), 1 deletion(-)","The commit updates the include path in runqslower's Makefile to resolve a warning.","runqslower, include, Makefile","A build system or CI/CD change. It affects the build process continuous integration or deployment pipelines.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"180139dca8b38c858027b8360ee10064fdb2fbf7","180139dca8b38c858027b8360ee10064fdb2fbf7","Alexei Starovoitov","ast@kernel.org","1589069127","Alexei Starovoitov","ast@kernel.org","1589069133","4491e7c009f30efcb70b55948767df86a1f8ce70","8086fbaf49345f988deec539ec8e182b02914401 6879c042e10584ea9d5e2204939cafadcd500465","Merge branch 'bpf_iter' Yonghong Song says: ==================== Motivation: The current way to dump kernel data structures mostly: 1. /proc system 2. various specific tools like ""ss"" which requires kernel support. 3. drgn The dropback for the first two is that whenever you want to dump more, you need change the kernel. For example, Martin wants to dump socket local storage with ""ss"". Kernel change is needed for it to work ([1]). This is also the direct motivation for this work. drgn ([2]) solves this proble nicely and no kernel change is not needed. But since drgn is not able to verify the validity of a particular pointer value, it might present the wrong results in rare cases. In this patch set, we introduce bpf iterator. Initial kernel changes are still needed for interested kernel data, but a later data structure change will not require kernel changes any more. bpf program itself can adapt to new data structure changes. This will give certain flexibility with guaranteed correctness. In this patch set, kernel seq_ops is used to facilitate iterating through kernel data, similar to current /proc and many other lossless kernel dumping facilities. In the future, different iterators can be implemented to trade off losslessness for other criteria e.g. no repeated object visits, etc. User Interface: 1. Similar to prog/map/link, the iterator can be pinned into a path within a bpffs mount point. 2. The bpftool command can pin an iterator to a file bpftool iter pin 3. Use `cat ` to dump the contents. Use `rm -f ` to remove the pinned iterator. 4. The anonymous iterator can be created as well. Please see patch #19 andd #20 for bpf programs and bpf iterator output examples. Note that certain iterators are namespace aware. For example, task and task_file targets only iterate through current pid namespace. ipv6_route and netlink will iterate through current net namespace. Please see individual patches for implementation details. Performance: The bpf iterator provides in-kernel aggregation abilities for kernel data. This can greatly improve performance compared to e.g., iterating all process directories under /proc. For example, I did an experiment on my VM with an application forking different number of tasks and each forked process opening various number of files. The following is the result with the latency with unit of microseconds: # of forked tasks # of open files # of bpf_prog calls # latency (us) 100 100 11503 7586 1000 1000 1013203 709513 10000 100 1130203 764519 The number of bpf_prog calls may be more than forked tasks multipled by open files since there are other tasks running on the system. The bpf program is a do-nothing program. One millions of bpf calls takes less than one second. Although the initial motivation is from Martin's sk_local_storage, this patch didn't implement tcp6 sockets and sk_local_storage. The /proc/net/tcp6 involves three types of sockets, timewait, request and tcp6 sockets. Some kind of type casting or other mechanism is needed to handle all these socket types in one bpf program. This will be addressed in future work. Currently, we do not support kernel data generated under module. This requires some BTF work. More work for more iterators, e.g., tcp, udp, bpf_map elements, etc. Changelog: v3 -> v4: - in bpf_seq_read(), if start() failed with an error, return that error to user space (Andrii) - in bpf_seq_printf(), if reading kernel memory failed for %s and %p{i,I}{4,6}, set buffer to empty string or address 0. Documented this behavior in uapi header (Andrii) - fix a few error handling issues for bpftool (Andrii) - A few other minor fixes and cosmetic changes. v2 -> v3: - add bpf_iter_unreg_target() to unregister a target, used in the error path of the __init functions. - handle err != 0 before handling overflow (Andrii) - reference count ""task"" for task_file target (Andrii) - remove some redundancy for bpf_map/task/task_file targets - add bpf_iter_unreg_target() in ip6_route_cleanup() - Handling ""%%"" format in bpf_seq_printf() (Andrii) - implement auto-attach for bpf_iter in libbpf (Andrii) - add macros offsetof and container_of in bpf_helpers.h (Andrii) - add tests for auto-attach and program-return-1 cases - some other minor fixes v1 -> v2: - removed target_feature, using callback functions instead - checking target to ensure program specified btf_id supported (Martin) - link_create change with new changes from Andrii - better handling of btf_iter vs. seq_file private data (Martin, Andrii) - implemented bpf_seq_read() (Andrii, Alexei) - percpu buffer for bpf_seq_printf() (Andrii) - better syntax for BPF_SEQ_PRINTF macro (Andrii) - bpftool fixes (Quentin) - a lot of other fixes RFC v2 -> v1: - rename bpfdump to bpf_iter - use bpffs instead of a new file system - use bpf_link to streamline and simplify iterator creation. References: [1]: https://lore.kernel.org/bpf/20200225230427.1976129-1-kafai@fb.com [2]: https://github.com/osandov/drgn ==================== Signed-off-by: Alexei Starovoitov ","","This commit merges the branch 'bpf_iter' to introduce bpf iterator for efficient kernel data structure dumping.","bpf,iterator,kernel","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"6879c042e10584ea9d5e2204939cafadcd500465","6879c042e10584ea9d5e2204939cafadcd500465","Yonghong Song","yhs@fb.com","1589047163","Alexei Starovoitov","ast@kernel.org","1589069127","4491e7c009f30efcb70b55948767df86a1f8ce70","acf61631746c01850a9df0cd5617c5c29214776c","tools/bpf: selftests: Add bpf_iter selftests The added test includes the following subtests: - test verifier change for btf_id_or_null - test load/create_iter/read for ipv6_route/netlink/bpf_map/task/task_file - test anon bpf iterator - test anon bpf iterator reading one char at a time - test file bpf iterator - test overflow (single bpf program output not overflow) - test overflow (single bpf program output overflows) - test bpf prog returning 1 The ipv6_route tests the following verifier change - access fields in the variable length array of the structure. The netlink load tests the following verifier change - put a btf_id ptr value in a stack and accessible to tracing/iter programs. The anon bpf iterator also tests link auto attach through skeleton. $ test_progs -n 2 #2/1 btf_id_or_null:OK #2/2 ipv6_route:OK #2/3 netlink:OK #2/4 bpf_map:OK #2/5 task:OK #2/6 task_file:OK #2/7 anon:OK #2/8 anon-read-one-char:OK #2/9 file:OK #2/10 overflow:OK #2/11 overflow-e2big:OK #2/12 prog-ret-1:OK #2 bpf_iter:OK Summary: 1/12 PASSED, 0 SKIPPED, 0 FAILED Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200509175923.2477637-1-yhs@fb.com","tools/testing/selftests/bpf/prog_tests/bpf_iter.c | 409 +++++++++++++++++++++; .../selftests/bpf/progs/bpf_iter_test_kern1.c | 4 +; .../selftests/bpf/progs/bpf_iter_test_kern2.c | 4 +; .../selftests/bpf/progs/bpf_iter_test_kern3.c | 18 +; .../selftests/bpf/progs/bpf_iter_test_kern4.c | 52 +++; .../bpf/progs/bpf_iter_test_kern_common.h | 22 ++; 6 files changed, 509 insertions(+)","This commit adds several new bpf_iter selftests to assess eBPF functionalities including verifier modifications and iterator operations.","bpf_iter,selftests,iterator","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"acf61631746c01850a9df0cd5617c5c29214776c","acf61631746c01850a9df0cd5617c5c29214776c","Yonghong Song","yhs@fb.com","1589047162","Alexei Starovoitov","ast@kernel.org","1589069127","6be8f88c4a6646cff6c3bcdeedd0b9f467ceef89","7c128a6bbd4f5b6780a90f3ce9aff192b7dd9d6a","tools/bpf: selftests: Add iter progs for bpf_map/task/task_file The implementation is arbitrary, just to show how the bpf programs can be written for bpf_map/task/task_file. They can be costomized for specific needs. For example, for bpf_map, the iterator prints out: $ cat /sys/fs/bpf/my_bpf_map id refcnt usercnt locked_vm 3 2 0 20 6 2 0 20 9 2 0 20 12 2 0 20 13 2 0 20 16 2 0 20 19 2 0 20 %%% END %%% For task, the iterator prints out: $ cat /sys/fs/bpf/my_task tgid gid 1 1 2 2 .... 1944 1944 1948 1948 1949 1949 1953 1953 === END === For task/file, the iterator prints out: $ cat /sys/fs/bpf/my_task_file tgid gid fd file 1 1 0 ffffffff95c97600 1 1 1 ffffffff95c97600 1 1 2 ffffffff95c97600 .... 1895 1895 255 ffffffff95c8fe00 1932 1932 0 ffffffff95c8fe00 1932 1932 1 ffffffff95c8fe00 1932 1932 2 ffffffff95c8fe00 1932 1932 3 ffffffff95c185c0 This is able to print out all open files (fd and file->f_op), so user can compare f_op against a particular kernel file operations to find what it is. For example, from /proc/kallsyms, we can find ffffffff95c185c0 r eventfd_fops so we will know tgid 1932 fd 3 is an eventfd file descriptor. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200509175922.2477576-1-yhs@fb.com",".../testing/selftests/bpf/progs/bpf_iter_bpf_map.c | 28 ++++++++++++++++++++++; tools/testing/selftests/bpf/progs/bpf_iter_task.c | 25 +++++++++++++++++++; .../selftests/bpf/progs/bpf_iter_task_file.c | 26 ++++++++++++++++++++; 3 files changed, 79 insertions(+)","Added self-test BPF iterator programs for bpf_map, task, and task_file with example outputs.","selftests, bpf_map, iterators","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"7c128a6bbd4f5b6780a90f3ce9aff192b7dd9d6a","7c128a6bbd4f5b6780a90f3ce9aff192b7dd9d6a","Yonghong Song","yhs@fb.com","1589047161","Alexei Starovoitov","ast@kernel.org","1589069127","68c29d659e390192c63e8d8709d8338fd8f6f298","9406b485dea5e25bed7c81cd822747d494cc8bde","tools/bpf: selftests: Add iterator programs for ipv6_route and netlink Two bpf programs are added in this patch for netlink and ipv6_route target. On my VM, I am able to achieve identical results compared to /proc/net/netlink and /proc/net/ipv6_route. $ cat /proc/net/netlink sk Eth Pid Groups Rmem Wmem Dump Locks Drops Inode 000000002c42d58b 0 0 00000000 0 0 0 2 0 7 00000000a4e8b5e1 0 1 00000551 0 0 0 2 0 18719 00000000e1b1c195 4 0 00000000 0 0 0 2 0 16422 000000007e6b29f9 6 0 00000000 0 0 0 2 0 16424 .... 00000000159a170d 15 1862 00000002 0 0 0 2 0 1886 000000009aca4bc9 15 3918224839 00000002 0 0 0 2 0 19076 00000000d0ab31d2 15 1 00000002 0 0 0 2 0 18683 000000008398fb08 16 0 00000000 0 0 0 2 0 27 $ cat /sys/fs/bpf/my_netlink sk Eth Pid Groups Rmem Wmem Dump Locks Drops Inode 000000002c42d58b 0 0 00000000 0 0 0 2 0 7 00000000a4e8b5e1 0 1 00000551 0 0 0 2 0 18719 00000000e1b1c195 4 0 00000000 0 0 0 2 0 16422 000000007e6b29f9 6 0 00000000 0 0 0 2 0 16424 .... 00000000159a170d 15 1862 00000002 0 0 0 2 0 1886 000000009aca4bc9 15 3918224839 00000002 0 0 0 2 0 19076 00000000d0ab31d2 15 1 00000002 0 0 0 2 0 18683 000000008398fb08 16 0 00000000 0 0 0 2 0 27 $ cat /proc/net/ipv6_route fe800000000000000000000000000000 40 00000000000000000000000000000000 00 00000000000000000000000000000000 00000100 00000001 00000000 00000001 eth0 00000000000000000000000000000000 00 00000000000000000000000000000000 00 00000000000000000000000000000000 ffffffff 00000001 00000000 00200200 lo 00000000000000000000000000000001 80 00000000000000000000000000000000 00 00000000000000000000000000000000 00000000 00000003 00000000 80200001 lo fe80000000000000c04b03fffe7827ce 80 00000000000000000000000000000000 00 00000000000000000000000000000000 00000000 00000002 00000000 80200001 eth0 ff000000000000000000000000000000 08 00000000000000000000000000000000 00 00000000000000000000000000000000 00000100 00000003 00000000 00000001 eth0 00000000000000000000000000000000 00 00000000000000000000000000000000 00 00000000000000000000000000000000 ffffffff 00000001 00000000 00200200 lo $ cat /sys/fs/bpf/my_ipv6_route fe800000000000000000000000000000 40 00000000000000000000000000000000 00 00000000000000000000000000000000 00000100 00000001 00000000 00000001 eth0 00000000000000000000000000000000 00 00000000000000000000000000000000 00 00000000000000000000000000000000 ffffffff 00000001 00000000 00200200 lo 00000000000000000000000000000001 80 00000000000000000000000000000000 00 00000000000000000000000000000000 00000000 00000003 00000000 80200001 lo fe80000000000000c04b03fffe7827ce 80 00000000000000000000000000000000 00 00000000000000000000000000000000 00000000 00000002 00000000 80200001 eth0 ff000000000000000000000000000000 08 00000000000000000000000000000000 00 00000000000000000000000000000000 00000100 00000003 00000000 00000001 eth0 00000000000000000000000000000000 00 00000000000000000000000000000000 00 00000000000000000000000000000000 ffffffff 00000001 00000000 00200200 lo Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200509175921.2477493-1-yhs@fb.com",".../selftests/bpf/progs/bpf_iter_ipv6_route.c | 62 ++++++++++++++++++++; .../testing/selftests/bpf/progs/bpf_iter_netlink.c | 66 ++++++++++++++++++++++; 2 files changed, 128 insertions(+)","This commit introduces BPF iterator programs for ipv6_route and netlink for self-testing purposes.","BPF, ipv6_route, netlink","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.']" +"9406b485dea5e25bed7c81cd822747d494cc8bde","9406b485dea5e25bed7c81cd822747d494cc8bde","Yonghong Song","yhs@fb.com","1589047160","Alexei Starovoitov","ast@kernel.org","1589069127","cf9cc5392af40aefce4a272233d977da23bff7a1","5fbc220862fc7a53a0455ccd2d96c82141e222d4","tools/bpftool: Add bpf_iter support for bptool Currently, only one command is supported bpftool iter pin It will pin the trace/iter bpf program in the object file to the where should be on a bpffs mount. For example, $ bpftool iter pin ./bpf_iter_ipv6_route.o \ /sys/fs/bpf/my_route User can then do a `cat` to print out the results: $ cat /sys/fs/bpf/my_route fe800000000000000000000000000000 40 00000000000000000000000000000000 ... 00000000000000000000000000000000 00 00000000000000000000000000000000 ... 00000000000000000000000000000001 80 00000000000000000000000000000000 ... fe800000000000008c0162fffebdfd57 80 00000000000000000000000000000000 ... ff000000000000000000000000000000 08 00000000000000000000000000000000 ... 00000000000000000000000000000000 00 00000000000000000000000000000000 ... The implementation for ipv6_route iterator is in one of subsequent patches. This patch also added BPF_LINK_TYPE_ITER to link query. In the future, we may add additional parameters to pin command by parameterizing the bpf iterator. For example, a map_id or pid may be added to let bpf program only traverses a single map or task, similar to kernel seq_file single_open(). We may also add introspection command for targets/iterators by leveraging the bpf_iter itself. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200509175920.2477247-1-yhs@fb.com","tools/bpf/bpftool/Documentation/bpftool-iter.rst | 83 ++++++++++++++++++++++; tools/bpf/bpftool/bash-completion/bpftool | 13 ++++; tools/bpf/bpftool/iter.c | 88 ++++++++++++++++++++++++; tools/bpf/bpftool/link.c | 1 +; tools/bpf/bpftool/main.c | 3 +-; tools/bpf/bpftool/main.h | 1 +; 6 files changed, 188 insertions(+), 1 deletion(-)","This commit adds bpf_iter support to bpftool for pinning and introspecting BPF programs using bpf iterators.","bpftool,bpf_iter,iterator","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"5fbc220862fc7a53a0455ccd2d96c82141e222d4","5fbc220862fc7a53a0455ccd2d96c82141e222d4","Yonghong Song","yhs@fb.com","1589047159","Alexei Starovoitov","ast@kernel.org","1589069127","a163830ff0f8a707eb45743aa95b3947857e0d1f","c09add2fbc5aece00a5b54a48ce39fd4e3284d87","tools/libpf: Add offsetof/container_of macro in bpf_helpers.h These two helpers will be used later in bpf_iter bpf program bpf_iter_netlink.c. Put them in bpf_helpers.h since they could be useful in other cases. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200509175919.2477104-1-yhs@fb.com","tools/lib/bpf/bpf_helpers.h | 14 ++++++++++++++; 1 file changed, 14 insertions(+)","Add offsetof and container_of macros to bpf_helpers.h for future use in bpf_iter programs.","offsetof,container_of,bpf_helpers","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"c09add2fbc5aece00a5b54a48ce39fd4e3284d87","c09add2fbc5aece00a5b54a48ce39fd4e3284d87","Yonghong Song","yhs@fb.com","1589047157","Alexei Starovoitov","ast@kernel.org","1589069127","221ce4b3c6ae0308ad18857624954760580abdf5","9c5f8a1008a121e4c6b24af211034e24b0b63081","tools/libbpf: Add bpf_iter support Two new libbpf APIs are added to support bpf_iter: - bpf_program__attach_iter Given a bpf program and additional parameters, which is none now, returns a bpf_link. - bpf_iter_create syscall level API to create a bpf iterator. The macro BPF_SEQ_PRINTF are also introduced. The format looks like: BPF_SEQ_PRINTF(seq, ""task id %d\n"", pid); This macro can help bpf program writers with nicer bpf_seq_printf syntax similar to the kernel one. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200509175917.2476936-1-yhs@fb.com","tools/lib/bpf/bpf.c | 10 +++++++++; tools/lib/bpf/bpf.h | 2 ++; tools/lib/bpf/bpf_tracing.h | 16 ++++++++++++++; tools/lib/bpf/libbpf.c | 52 +++++++++++++++++++++++++++++++++++++++++++++; tools/lib/bpf/libbpf.h | 9 ++++++++; tools/lib/bpf/libbpf.map | 2 ++; 6 files changed, 91 insertions(+)","This commit adds support for bpf_iter in libbpf with new APIs bpf_program__attach_iter and bpf_iter_create.","bpf_iter, libbpf, API","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"9c5f8a1008a121e4c6b24af211034e24b0b63081","9c5f8a1008a121e4c6b24af211034e24b0b63081","Yonghong Song","yhs@fb.com","1589047156","Alexei Starovoitov","ast@kernel.org","1589069127","5bab59eab8c7aef4830ad807b30f617c007ec78b","1d68f22b3d53d368d5cc8d09de890250cae5c945","bpf: Support variable length array in tracing programs In /proc/net/ipv6_route, we have struct fib6_info { struct fib6_table *fib6_table; ... struct fib6_nh fib6_nh[0]; } struct fib6_nh { struct fib_nh_common nh_common; struct rt6_info **rt6i_pcpu; struct rt6_exception_bucket *rt6i_exception_bucket; }; struct fib_nh_common { ... u8 nhc_gw_family; ... } The access: struct fib6_nh *fib6_nh = &rt->fib6_nh; ... fib6_nh->nh_common.nhc_gw_family ... This patch ensures such an access is handled properly. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200509175916.2476853-1-yhs@fb.com","kernel/bpf/btf.c | 37 +++++++++++++++++++++++++++++++++++++; 1 file changed, 37 insertions(+)","The commit adds support for variable length arrays in tracing programs to handle specific kernel data structures correctly.","variable length arrays","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"1d68f22b3d53d368d5cc8d09de890250cae5c945","1d68f22b3d53d368d5cc8d09de890250cae5c945","Yonghong Song","yhs@fb.com","1589047155","Alexei Starovoitov","ast@kernel.org","1589069127","a334f400fd965545b5309cdebe477566ac32d30e","492e639f0c222784e2e0f121966375f641c61b15","bpf: Handle spilled PTR_TO_BTF_ID properly when checking stack_boundary This specifically to handle the case like below: // ptr below is a socket ptr identified by PTR_TO_BTF_ID u64 param[2] = { ptr, val }; bpf_seq_printf(seq, fmt, sizeof(fmt), param, sizeof(param)); In this case, the 16 bytes stack for ""param"" contains: 8 bytes for ptr with spilled PTR_TO_BTF_ID 8 bytes for val as STACK_MISC The current verifier will complain the ptr should not be visible to the helper. ... 16: (7b) *(u64 *)(r10 -64) = r2 18: (7b) *(u64 *)(r10 -56) = r1 19: (bf) r4 = r10 ; 20: (07) r4 += -64 ; BPF_SEQ_PRINTF(seq, fmt1, (long)s, s->sk_protocol); 21: (bf) r1 = r6 22: (18) r2 = 0xffffa8d00018605a 24: (b4) w3 = 10 25: (b4) w5 = 16 26: (85) call bpf_seq_printf#125 R0=inv(id=0) R1_w=ptr_seq_file(id=0,off=0,imm=0) R2_w=map_value(id=0,off=90,ks=4,vs=144,imm=0) R3_w=inv10 R4_w=fp-64 R5_w=inv16 R6=ptr_seq_file(id=0,off=0,imm=0) R7=ptr_netlink_sock(id=0,off=0,imm=0) R10=fp0 fp-56_w=mmmmmmmm fp-64_w=ptr_ last_idx 26 first_idx 13 regs=8 stack=0 before 25: (b4) w5 = 16 regs=8 stack=0 before 24: (b4) w3 = 10 invalid indirect read from stack off -64+0 size 16 Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200509175915.2476783-1-yhs@fb.com","kernel/bpf/verifier.c | 5 +++++; 1 file changed, 5 insertions(+)","Fix handling of PTR_TO_BTF_ID when checking stack boundaries to prevent verifier complaints.","PTR_TO_BTF_ID,stack_boundary,verifier","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"492e639f0c222784e2e0f121966375f641c61b15","492e639f0c222784e2e0f121966375f641c61b15","Yonghong Song","yhs@fb.com","1589047154","Alexei Starovoitov","ast@kernel.org","1589069126","316f1e3a1ddee5a9bd5bebb586b7aa405b8295ac","b121b341e5983bdccf7a5d6cf9236a45c965a31f","bpf: Add bpf_seq_printf and bpf_seq_write helpers Two helpers bpf_seq_printf and bpf_seq_write, are added for writing data to the seq_file buffer. bpf_seq_printf supports common format string flag/width/type fields so at least I can get identical results for netlink and ipv6_route targets. For bpf_seq_printf and bpf_seq_write, return value -EOVERFLOW specifically indicates a write failure due to overflow, which means the object will be repeated in the next bpf invocation if object collection stays the same. Note that if the object collection is changed, depending how collection traversal is done, even if the object still in the collection, it may not be visited. For bpf_seq_printf, format %s, %p{i,I}{4,6} needs to read kernel memory. Reading kernel memory may fail in the following two cases: - invalid kernel address, or - valid kernel address but requiring a major fault If reading kernel memory failed, the %s string will be an empty string and %p{i,I}{4,6} will be all 0. Not returning error to bpf program is consistent with what bpf_trace_printk() does for now. bpf_seq_printf may return -EBUSY meaning that internal percpu buffer for memory copy of strings or other pointees is not available. Bpf program can return 1 to indicate it wants the same object to be repeated. Right now, this should not happen on no-RT kernels since migrate_disable(), which guards bpf prog call, calls preempt_disable(). Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200509175914.2476661-1-yhs@fb.com","include/uapi/linux/bpf.h | 39 +++++++-; kernel/trace/bpf_trace.c | 214 +++++++++++++++++++++++++++++++++++++++++; scripts/bpf_helpers_doc.py | 2 +; tools/include/uapi/linux/bpf.h | 39 +++++++-; 4 files changed, 292 insertions(+), 2 deletions(-)","The commit introduces bpf_seq_printf and bpf_seq_write helpers for writing data to seq_file buffer efficiently.","bpf_seq_printf,helpers,overflow","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"b121b341e5983bdccf7a5d6cf9236a45c965a31f","b121b341e5983bdccf7a5d6cf9236a45c965a31f","Yonghong Song","yhs@fb.com","1589047152","Alexei Starovoitov","ast@kernel.org","1589069126","cf9b12cb78f31f1be6df106598fcaf4874da1245","eaaacd23910f2d7c4b22d43f591002cc217d294b","bpf: Add PTR_TO_BTF_ID_OR_NULL support Add bpf_reg_type PTR_TO_BTF_ID_OR_NULL support. For tracing/iter program, the bpf program context definition, e.g., for previous bpf_map target, looks like struct bpf_iter__bpf_map { struct bpf_iter_meta *meta; struct bpf_map *map; }; The kernel guarantees that meta is not NULL, but map pointer maybe NULL. The NULL map indicates that all objects have been traversed, so bpf program can take proper action, e.g., do final aggregation and/or send final report to user space. Add btf_id_or_null_non0_off to prog->aux structure, to indicate that if the context access offset is not 0, set to PTR_TO_BTF_ID_OR_NULL instead of PTR_TO_BTF_ID. This bit is set for tracing/iter program. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200509175912.2476576-1-yhs@fb.com","include/linux/bpf.h | 2 ++; kernel/bpf/btf.c | 5 ++++-; kernel/bpf/verifier.c | 16 ++++++++++++----; 3 files changed, 18 insertions(+), 5 deletions(-)","This commit adds support for PTR_TO_BTF_ID_OR_NULL in tracing programs to handle NULL map pointers in eBPF contexts.","PTR_TO_BTF_ID_OR_NULL,tracing,context","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.']" +"eaaacd23910f2d7c4b22d43f591002cc217d294b","eaaacd23910f2d7c4b22d43f591002cc217d294b","Yonghong Song","yhs@fb.com","1589047151","Alexei Starovoitov","ast@kernel.org","1589069126","d7c73d5da65294b3049c8c121a7486994de226a1","138d0be35b141e09f6b267c6ae4094318d4e4491","bpf: Add task and task/file iterator targets Only the tasks belonging to ""current"" pid namespace are enumerated. For task/file target, the bpf program will have access to struct task_struct *task u32 fd struct file *file where fd/file is an open file for the task. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200509175911.2476407-1-yhs@fb.com","kernel/bpf/Makefile | 2 +-; kernel/bpf/task_iter.c | 333 +++++++++++++++++++++++++++++++++++++++++++++++++; 2 files changed, 334 insertions(+), 1 deletion(-)","This commit implements task and task/file iterators for eBPF programs to access kernel structures within pid namespace.","task,file,iterator","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['kprobe/ftrace like type kernel dynamic probe programs. It affects kernel-level probes used for tracing kernel functions. It can be other kernel probes in perf-events.', 'Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', 'Scheduler related type programs. It modifies programs that interact with kernel-level scheduling mechanisms.']" +"138d0be35b141e09f6b267c6ae4094318d4e4491","138d0be35b141e09f6b267c6ae4094318d4e4491","Yonghong Song","yhs@fb.com","1589047150","Alexei Starovoitov","ast@kernel.org","1589069126","76a12178ba458cf724b25df390e3d66ccd5ecfbf","6086d29def80edd78f9832ea6eafa74e3818f6a7","net: bpf: Add netlink and ipv6_route bpf_iter targets This patch added netlink and ipv6_route targets, using the same seq_ops (except show() and minor changes for stop()) for /proc/net/{netlink,ipv6_route}. The net namespace for these targets are the current net namespace at file open stage, similar to /proc/net/{netlink,ipv6_route} reference counting the net namespace at seq_file open stage. Since module is not supported for now, ipv6_route is supported only if the IPV6 is built-in, i.e., not compiled as a module. The restriction can be lifted once module is properly supported for bpf_iter. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200509175910.2476329-1-yhs@fb.com","fs/proc/proc_net.c | 19 +++++++++++; include/linux/proc_fs.h | 3 ++; net/ipv6/ip6_fib.c | 65 ++++++++++++++++++++++++++++++++++--; net/ipv6/route.c | 37 ++++++++++++++++++++; net/netlink/af_netlink.c | 87 ++++++++++++++++++++++++++++++++++++++++++++++--; 5 files changed, 207 insertions(+), 4 deletions(-)","The commit introduces bpf_iter targets for netlink and ipv6_route, enhancing eBPF networking capabilities.","bpf_iter, netlink, ipv6_route","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Netfilter related type programs. It impacts programs interacting with the Netfilter framework used in packet filtering and NAT.', 'Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"6086d29def80edd78f9832ea6eafa74e3818f6a7","6086d29def80edd78f9832ea6eafa74e3818f6a7","Yonghong Song","yhs@fb.com","1589047149","Alexei Starovoitov","ast@kernel.org","1589069126","abaedb47ce4edee0744294fef6e1bfecb69856ab","e5158d987b72c3f318b4b52a01ac6f3997bd0c00","bpf: Add bpf_map iterator Implement seq_file operations to traverse all bpf_maps. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200509175909.2476096-1-yhs@fb.com","include/linux/bpf.h | 1 +; kernel/bpf/Makefile | 2 +-; kernel/bpf/map_iter.c | 97 +++++++++++++++++++++++++++++++++++++++++++++++++++; kernel/bpf/syscall.c | 19 ++++++++++; 4 files changed, 118 insertions(+), 1 deletion(-)","The commit introduces the bpf_map iterator utilizing seq_file operations to iterate through all bpf_maps.","bpf_map,iterator,seq_file","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"e5158d987b72c3f318b4b52a01ac6f3997bd0c00","e5158d987b72c3f318b4b52a01ac6f3997bd0c00","Yonghong Song","yhs@fb.com","1589047147","Alexei Starovoitov","ast@kernel.org","1589069126","7297cfe0ea166ab5064887fd9af91c9e52bdfc83","367ec3e4834cbd611401c2c40a23c22c825474f1","bpf: Implement common macros/helpers for target iterators Macro DEFINE_BPF_ITER_FUNC is implemented so target can define an init function to capture the BTF type which represents the target. The bpf_iter_meta is a structure holding meta data, common to all targets in the bpf program. Additional marker functions are called before or after bpf_seq_read() show()/next()/stop() callback functions to help calculate precise seq_num and whether call bpf_prog inside stop(). Two functions, bpf_iter_get_info() and bpf_iter_run_prog(), are implemented so target can get needed information from bpf_iter infrastructure and can run the program. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200509175907.2475956-1-yhs@fb.com","include/linux/bpf.h | 11 +++++++; kernel/bpf/bpf_iter.c | 85 ++++++++++++++++++++++++++++++++++++++++++++++++---; 2 files changed, 91 insertions(+), 5 deletions(-)","This commit introduces common macros and helpers for target iterators in the BPF subsystem.","macros, iterators, helpers","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"367ec3e4834cbd611401c2c40a23c22c825474f1","367ec3e4834cbd611401c2c40a23c22c825474f1","Yonghong Song","yhs@fb.com","1589047146","Alexei Starovoitov","ast@kernel.org","1589069126","168079defa34ecb2b4860c765de8639bc001c222","ac51d99bf81caac8d8881fe52098948110d0de68","bpf: Create file bpf iterator To produce a file bpf iterator, the fd must be corresponding to a link_fd assocciated with a trace/iter program. When the pinned file is opened, a seq_file will be generated. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200509175906.2475893-1-yhs@fb.com","include/linux/bpf.h | 2 ++; kernel/bpf/bpf_iter.c | 17 ++++++++++++++++-; kernel/bpf/inode.c | 5 ++++-; 3 files changed, 22 insertions(+), 2 deletions(-)","This commit introduces a bpf iterator for generating seq_files via link_fd related to trace/iter programs.","bpf iterator, seq_file, link_fd","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"ac51d99bf81caac8d8881fe52098948110d0de68","ac51d99bf81caac8d8881fe52098948110d0de68","Yonghong Song","yhs@fb.com","1589047145","Alexei Starovoitov","ast@kernel.org","1589069126","9c7545c775f20bb4e1b51a46be06af04d5f2755e","fd4f12bc38c3ad9107169e7c9e6e7f81d93dda97","bpf: Create anonymous bpf iterator A new bpf command BPF_ITER_CREATE is added. The anonymous bpf iterator is seq_file based. The seq_file private data are referenced by targets. The bpf_iter infrastructure allocated additional space at seq_file->private before the space used by targets to store some meta data, e.g., prog: prog to run session_id: an unique id for each opened seq_file seq_num: how many times bpf programs are queried in this session done_stop: an internal state to decide whether bpf program should be called in seq_ops->stop() or not The seq_num will start from 0 for valid objects. The bpf program may see the same seq_num more than once if - seq_file buffer overflow happens and the same object is retried by bpf_seq_read(), or - the bpf program explicitly requests a retry of the same object Since module is not supported for bpf_iter, all target registeration happens at __init time, so there is no need to change bpf_iter_unreg_target() as it is used mostly in error path of the init function at which time no bpf iterators have been created yet. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200509175905.2475770-1-yhs@fb.com","include/linux/bpf.h | 1 +; include/uapi/linux/bpf.h | 6 ++; kernel/bpf/bpf_iter.c | 129 +++++++++++++++++++++++++++++++++++++++++; kernel/bpf/syscall.c | 26 +++++++++; tools/include/uapi/linux/bpf.h | 6 ++; 5 files changed, 168 insertions(+)","Adds a new BPF_ITER_CREATE command for creating anonymous bpf iterators to improve seq_file data management.","bpf iterator,seq_file,BPF_ITER_CREATE","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"fd4f12bc38c3ad9107169e7c9e6e7f81d93dda97","fd4f12bc38c3ad9107169e7c9e6e7f81d93dda97","Yonghong Song","yhs@fb.com","1589047144","Alexei Starovoitov","ast@kernel.org","1589069126","b56407cffddf4ca487a888d9f2cb75b45e53a9e8","2057c92bc927f09b22f5609425eb37d7e782f484","bpf: Implement bpf_seq_read() for bpf iterator bpf iterator uses seq_file to provide a lossless way to transfer data to user space. But we want to call bpf program after all objects have been traversed, and bpf program may write additional data to the seq_file buffer. The current seq_read() does not work for this use case. Besides allowing stop() function to write to the buffer, the bpf_seq_read() also fixed the buffer size to one page. If any single call of show() or stop() will emit data more than one page to cause overflow, -E2BIG error code will be returned to user space. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200509175904.2475468-1-yhs@fb.com","kernel/bpf/bpf_iter.c | 123 ++++++++++++++++++++++++++++++++++++++++++++++++++; 1 file changed, 123 insertions(+)","The commit adds bpf_seq_read in bpf iterator for improved data transfer to user-space and manages buffer overflow errors.","bpf iterator, seq_file, buffer","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"2057c92bc927f09b22f5609425eb37d7e782f484","2057c92bc927f09b22f5609425eb37d7e782f484","Yonghong Song","yhs@fb.com","1589047142","Alexei Starovoitov","ast@kernel.org","1589069126","6d57cae7bcf2ab6af09aebe987704e2e2778fe46","de4e05cac46d206f9090051ef09930514bff73e4","bpf: Support bpf tracing/iter programs for BPF_LINK_UPDATE Added BPF_LINK_UPDATE support for tracing/iter programs. This way, a file based bpf iterator, which holds a reference to the link, can have its bpf program updated without creating new files. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200509175902.2475262-1-yhs@fb.com","kernel/bpf/bpf_iter.c | 31 +++++++++++++++++++++++++++++++; 1 file changed, 31 insertions(+)","Added support for updating bpf tracing/iter programs without creating new files using BPF_LINK_UPDATE.","BPF_LINK_UPDATE,tracing,iter","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.']" +"de4e05cac46d206f9090051ef09930514bff73e4","de4e05cac46d206f9090051ef09930514bff73e4","Yonghong Song","yhs@fb.com","1589047141","Alexei Starovoitov","ast@kernel.org","1589069126","8464f4f13b9cd5f7c8d027ebdfdf09505c9a00d7","15d83c4d7cef5c067a8b075ce59e97df4f60706e","bpf: Support bpf tracing/iter programs for BPF_LINK_CREATE Given a bpf program, the step to create an anonymous bpf iterator is: - create a bpf_iter_link, which combines bpf program and the target. In the future, there could be more information recorded in the link. A link_fd will be returned to the user space. - create an anonymous bpf iterator with the given link_fd. The bpf_iter_link can be pinned to bpffs mount file system to create a file based bpf iterator as well. The benefit to use of bpf_iter_link: - using bpf link simplifies design and implementation as bpf link is used for other tracing bpf programs. - for file based bpf iterator, bpf_iter_link provides a standard way to replace underlying bpf programs. - for both anonymous and free based iterators, bpf link query capability can be leveraged. The patch added support of tracing/iter programs for BPF_LINK_CREATE. A new link type BPF_LINK_TYPE_ITER is added to facilitate link querying. Currently, only prog_id is needed, so there is no additional in-kernel show_fdinfo() and fill_link_info() hook is needed for BPF_LINK_TYPE_ITER link. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200509175901.2475084-1-yhs@fb.com","include/linux/bpf.h | 1 +; include/linux/bpf_types.h | 1 +; include/uapi/linux/bpf.h | 1 +; kernel/bpf/bpf_iter.c | 62 ++++++++++++++++++++++++++++++++++++++++++; kernel/bpf/syscall.c | 14 ++++++++++; tools/include/uapi/linux/bpf.h | 1 +; 6 files changed, 80 insertions(+)","This commit adds support for BPF tracing and iterator programs to create anonymous iterators using BPF_LINK_CREATE.","bpf, iterator, link","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.']" +"15d83c4d7cef5c067a8b075ce59e97df4f60706e","15d83c4d7cef5c067a8b075ce59e97df4f60706e","Yonghong Song","yhs@fb.com","1589047140","Alexei Starovoitov","ast@kernel.org","1589069126","b6baafd12655fe3a8d53f8db5d87fcfb95de4559","ae24345da54e452880808b011fa2d8a0bbd191ba","bpf: Allow loading of a bpf_iter program A bpf_iter program is a tracing program with attach type BPF_TRACE_ITER. The load attribute attach_btf_id is used by the verifier against a particular kernel function, which represents a target, e.g., __bpf_iter__bpf_map for target bpf_map which is implemented later. The program return value must be 0 or 1 for now. 0 : successful, except potential seq_file buffer overflow which is handled by seq_file reader. 1 : request to restart the same object In the future, other return values may be used for filtering or teminating the iterator. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200509175900.2474947-1-yhs@fb.com","include/linux/bpf.h | 3 +++; include/uapi/linux/bpf.h | 1 +; kernel/bpf/bpf_iter.c | 36 ++++++++++++++++++++++++++++++++++++; kernel/bpf/verifier.c | 21 +++++++++++++++++++++; tools/include/uapi/linux/bpf.h | 1 +; 5 files changed, 62 insertions(+)","This commit allows the loading of bpf_iter programs for the BPF_TRACE_ITER attach type to trace kernel functions.","bpf_iter, tracing, iter","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"ae24345da54e452880808b011fa2d8a0bbd191ba","ae24345da54e452880808b011fa2d8a0bbd191ba","Yonghong Song","yhs@fb.com","1589047139","Alexei Starovoitov","ast@kernel.org","1589069125","7164a9f76d2fdb61070e81525fb2a628c2dab71e","8086fbaf49345f988deec539ec8e182b02914401","bpf: Implement an interface to register bpf_iter targets The target can call bpf_iter_reg_target() to register itself. The needed information: target: target name seq_ops: the seq_file operations for the target init_seq_private target callback to initialize seq_priv during file open fini_seq_private target callback to clean up seq_priv during file release seq_priv_size: the private_data size needed by the seq_file operations The target name represents a target which provides a seq_ops for iterating objects. The target can provide two callback functions, init_seq_private and fini_seq_private, called during file open/release time. For example, /proc/net/{tcp6, ipv6_route, netlink, ...}, net name space needs to be setup properly during file open and released properly during file release. Function bpf_iter_unreg_target() is also implemented to unregister a particular target. Signed-off-by: Yonghong Song Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200509175859.2474669-1-yhs@fb.com","include/linux/bpf.h | 15 +++++++++++++; kernel/bpf/Makefile | 2 +-; kernel/bpf/bpf_iter.c | 59 +++++++++++++++++++++++++++++++++++++++++++++++++++; 3 files changed, 75 insertions(+), 1 deletion(-)","Implement bpf_iter registration interface for iterating objects with seq_ops.","bpf_iter, seq_ops, registration","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"db803036ada7d61d096783726f9771b3fc540370","db803036ada7d61d096783726f9771b3fc540370","Vincent Minet","v.minet@criteo.com","1588889662","Jakub Kicinski","kuba@kernel.org","1588990015","538a193dd95f6afe20309e7af2182ec6fd7d6845","14d8f7486a344ee64c37641c70b2d67013eb9de6","umh: fix memory leak on execve failure If a UMH process created by fork_usermode_blob() fails to execute, a pair of struct file allocated by umh_pipe_setup() will leak. Under normal conditions, the caller (like bpfilter) needs to manage the lifetime of the UMH and its two pipes. But when fork_usermode_blob() fails, the caller doesn't really have a way to know what needs to be done. It seems better to do the cleanup ourselves in this case. Fixes: 449325b52b7a (""umh: introduce fork_usermode_blob() helper"") Signed-off-by: Vincent Minet Signed-off-by: Jakub Kicinski ","kernel/umh.c | 6 ++++++; 1 file changed, 6 insertions(+)","Fixes a memory leak issue during UMH process creation failure by cleaning up resources in kernel umh.c.","umh,memory leak,execve failure","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"14d8f7486a344ee64c37641c70b2d67013eb9de6","14d8f7486a344ee64c37641c70b2d67013eb9de6","Jakub Kicinski","kuba@kernel.org","1588989519","Jakub Kicinski","kuba@kernel.org","1588989519","53407f0b097cda0e2851cfc93ec0893b4d796cab","6d32a5119811d2e9b5caa284181944c6f1f192ed 81aabbb9fb7b4b1efd073b62f0505d3adad442f3","Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf Daniel Borkmann says: ==================== pull-request: bpf 2020-05-09 The following pull-request contains BPF updates for your *net* tree. We've added 4 non-merge commits during the last 9 day(s) which contain a total of 4 files changed, 11 insertions(+), 6 deletions(-). The main changes are: 1) Fix msg_pop_data() helper incorrectly setting an sge length in some cases as well as fixing bpf_tcp_ingress() wrongly accounting bytes in sg.size, from John Fastabend. 2) Fix to return an -EFAULT error when copy_to_user() of the value fails in map_lookup_and_delete_elem(), from Wei Yongjun. 3) Fix sk_psock refcnt leak in tcp_bpf_recvmsg(), from Xiyu Yang. ==================== Signed-off-by: Jakub Kicinski ","","The commit merges BPF updates focusing on bug fixes in various components.","BPF,update,merge","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"8086fbaf49345f988deec539ec8e182b02914401","8086fbaf49345f988deec539ec8e182b02914401","Stanislav Fomichev","sdf@google.com","1588959971","Daniel Borkmann","daniel@iogearbox.net","1588978100","0c7f078dca26060f1ef9217c2f959cb058614a37","cb0721c7e200750907bb8ef59b12646a5cb2dadf","bpf: Allow any port in bpf_bind helper We want to have a tighter control on what ports we bind to in the BPF_CGROUP_INET{4,6}_CONNECT hooks even if it means connect() becomes slightly more expensive. The expensive part comes from the fact that we now need to call inet_csk_get_port() that verifies that the port is not used and allocates an entry in the hash table for it. Since we can't rely on ""snum || !bind_address_no_port"" to prevent us from calling POST_BIND hook anymore, let's add another bind flag to indicate that the call site is BPF program. v5: * fix wrong AF_INET (should be AF_INET6) in the bpf program for v6 v3: * More bpf_bind documentation refinements (Martin KaFai Lau) * Add UDP tests as well (Martin KaFai Lau) * Don't start the thread, just do socket+bind+listen (Martin KaFai Lau) v2: * Update documentation (Andrey Ignatov) * Pass BIND_FORCE_ADDRESS_NO_PORT conditionally (Andrey Ignatov) Signed-off-by: Stanislav Fomichev Signed-off-by: Daniel Borkmann Acked-by: Andrey Ignatov Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200508174611.228805-5-sdf@google.com","include/net/inet_common.h | 2 +; include/uapi/linux/bpf.h | 9 +-; net/core/filter.c | 18 ++--; net/ipv4/af_inet.c | 10 +-; net/ipv6/af_inet6.c | 12 ++-; tools/include/uapi/linux/bpf.h | 9 +-; .../selftests/bpf/prog_tests/connect_force_port.c | 115 +++++++++++++++++++++; .../selftests/bpf/progs/connect_force_port4.c | 28 +++++; .../selftests/bpf/progs/connect_force_port6.c | 28 +++++; 9 files changed, 203 insertions(+), 28 deletions(-)","This commit enhances control over port binding in BPF programs by introducing new functionality in BPF_CGROUP_INET_CONNECT hooks.","port, bpf, hooks","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"cb0721c7e200750907bb8ef59b12646a5cb2dadf","cb0721c7e200750907bb8ef59b12646a5cb2dadf","Stanislav Fomichev","sdf@google.com","1588959970","Daniel Borkmann","daniel@iogearbox.net","1588978100","3c93173356e40ed0144c918bd845c2a50ee4ab4c","488a23b89d175cc78f352417114f4f5a10470722","net: Refactor arguments of inet{,6}_bind The intent is to add an additional bind parameter in the next commit. Instead of adding another argument, let's convert all existing flag arguments into an extendable bit field. No functional changes. Signed-off-by: Stanislav Fomichev Signed-off-by: Daniel Borkmann Acked-by: Andrey Ignatov Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200508174611.228805-4-sdf@google.com","include/net/inet_common.h | 6 +++++-; include/net/ipv6_stubs.h | 2 +-; net/core/filter.c | 6 ++++--; net/ipv4/af_inet.c | 10 +++++-----; net/ipv6/af_inet6.c | 10 +++++-----; 5 files changed, 20 insertions(+), 14 deletions(-)","Refactor inet bind arguments to prepare for additional parameters by converting existing flags into an extendable bit field.","inet,refactor,bitfield","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","It's not related to any above. E.g. It affects a logic component in eBPF that is not listed here and not related to other events.","[""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"488a23b89d175cc78f352417114f4f5a10470722","488a23b89d175cc78f352417114f4f5a10470722","Stanislav Fomichev","sdf@google.com","1588959969","Daniel Borkmann","daniel@iogearbox.net","1588978100","547d059679ced0d9deb2f18100789bdedba84e1f","33181bb8e8fe947e1f8020a4b103601a4cac94d9","selftests/bpf: Move existing common networking parts into network_helpers 1. Move pkt_v4 and pkt_v6 into network_helpers and adjust the users. 2. Copy-paste spin_lock_thread into two tests that use it. Signed-off-by: Stanislav Fomichev Signed-off-by: Daniel Borkmann Acked-by: Martin KaFai Lau Acked-by: Andrey Ignatov Link: https://lore.kernel.org/bpf/20200508174611.228805-3-sdf@google.com","tools/testing/selftests/bpf/network_helpers.c | 17 ++++++++++++; tools/testing/selftests/bpf/network_helpers.h | 29 +++++++++++++++++++++; .../selftests/bpf/prog_tests/fexit_bpf2bpf.c | 1 +; .../selftests/bpf/prog_tests/flow_dissector.c | 1 +; .../bpf/prog_tests/flow_dissector_load_bytes.c | 1 +; .../testing/selftests/bpf/prog_tests/global_data.c | 1 +; tools/testing/selftests/bpf/prog_tests/kfree_skb.c | 1 +; tools/testing/selftests/bpf/prog_tests/l4lb_all.c | 1 +; tools/testing/selftests/bpf/prog_tests/map_lock.c | 14 ++++++++++; .../testing/selftests/bpf/prog_tests/pkt_access.c | 1 +; .../selftests/bpf/prog_tests/pkt_md_access.c | 1 +; .../selftests/bpf/prog_tests/prog_run_xattr.c | 1 +; .../selftests/bpf/prog_tests/queue_stack_map.c | 1 +; .../selftests/bpf/prog_tests/signal_pending.c | 1 +; tools/testing/selftests/bpf/prog_tests/skb_ctx.c | 1 +; tools/testing/selftests/bpf/prog_tests/spinlock.c | 14 ++++++++++; tools/testing/selftests/bpf/prog_tests/xdp.c | 1 +; .../selftests/bpf/prog_tests/xdp_adjust_tail.c | 1 +; .../testing/selftests/bpf/prog_tests/xdp_bpf2bpf.c | 1 +; .../selftests/bpf/prog_tests/xdp_noinline.c | 1 +; tools/testing/selftests/bpf/test_progs.c | 30 ----------------------; tools/testing/selftests/bpf/test_progs.h | 23 -----------------; 22 files changed, 90 insertions(+), 53 deletions(-)","Refactor BPF selftests by moving common networking code to a separate helper module and adjusting test programs accordingly.","selftests,bpf,networking","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"33181bb8e8fe947e1f8020a4b103601a4cac94d9","33181bb8e8fe947e1f8020a4b103601a4cac94d9","Stanislav Fomichev","sdf@google.com","1588959968","Daniel Borkmann","daniel@iogearbox.net","1588978100","bc14ba3f6a663f0c0dc8505c983fbfdfd07c618a","2b6c6f0716322fc51332e8fa1c40e2d68f289bec","selftests/bpf: Generalize helpers to control background listener Move the following routines that let us start a background listener thread and connect to a server by fd to the test_prog: * start_server - socket+bind+listen * connect_to_fd - connect to the server identified by fd These will be used in the next commit. Also, extend these helpers to support AF_INET6 and accept the family as an argument. v5: * drop pthread.h (Martin KaFai Lau) * add SO_SNDTIMEO (Martin KaFai Lau) v4: * export extra helper to start server without a thread (Martin KaFai Lau) * tcp_rtt is no longer starting background thread (Martin KaFai Lau) v2: * put helpers into network_helpers.c (Andrii Nakryiko) Signed-off-by: Stanislav Fomichev Signed-off-by: Daniel Borkmann Acked-by: Andrey Ignatov Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200508174611.228805-2-sdf@google.com","tools/testing/selftests/bpf/Makefile | 2 +-; tools/testing/selftests/bpf/network_helpers.c | 93 ++++++++++++++++++; tools/testing/selftests/bpf/network_helpers.h | 10 ++; tools/testing/selftests/bpf/prog_tests/tcp_rtt.c | 116 +----------------------; 4 files changed, 108 insertions(+), 113 deletions(-)","The commit generalizes helper functions for managing background network listeners and adds IPv6 support in eBPF selftests.","helper,listener,IPv6","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"059c6d68cfc5f85ba3ab71d71a6de380016f7936","059c6d68cfc5f85ba3ab71d71a6de380016f7936","Thomas Gleixner","tglx@linutronix.de","1588942812","Thomas Gleixner","tglx@linutronix.de","1588942812","32dc5be3d88cb56d8e38c1f093a130978e34b3ab","4bd30106ddb26d2304adc5bb7bd269825300440d 19ce2321739da5fc27f6a5ed1e1cb15e384ad030","Merge tag 'perf-core-for-mingo-5.8-20200506' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux into perf/core Pull perf updates from Arnaldo: perf/core improvements and fixes: perf record: - Introduce --switch-output-event to use arbitrary events to be setup and read from a side band thread and, when they take place a signal be sent to the main 'perf record' thread, reusing the --switch-output code to take perf.data snapshots from the --overwrite ring buffer, e.g.: # perf record --overwrite -e sched:* \ --switch-output-event syscalls:*connect* \ workload will take perf.data.YYYYMMDDHHMMSS snapshots up to around the connect syscalls. Stephane Eranian: - Add --num-synthesize-threads option to control degree of parallelism of the synthesize_mmap() code which is scanning /proc/PID/task/PID/maps and can be time consuming. This mimics pre-existing behaviour in 'perf top'. Intel PT: Adrian Hunter: - Add support for synthesizing branch stacks for regular events (cycles, instructions, etc) from Intel PT data. perf bench: Ian Rogers: - Add a multi-threaded synthesize benchmark. - Add kallsyms parsing benchmark. Tommi Rantala: - Fix div-by-zero if runtime is zero. perf synthetic events: - Remove use of sscanf from /proc reading when parsing pre-existing threads to generate synthetic PERF_RECORD_{FORK,MMAP,COMM,etc} events. tools api: - Add a lightweight buffered reading API. libsymbols: - Parse kallsyms using new lightweight buffered reading io API. perf parse-events: - Fix memory leaks found on parse_events. perf mem2node: - Avoid double free related to realloc(). perf stat: Jin Yao: - Zero all the 'ena' and 'run' array slot stats for interval mode. - Improve runtime stat for interval mode Kajol Jain: - Enable Hz/hz printing for --metric-only option - Enhance JSON/metric infrastructure to handle ""?"". perf tests: Kajol Jain: - Added test for runtime param in metric expression. Tommi Rantala: - Fix data path in the session topology test. perf vendor events power9: Kajol Jain: - Add hv_24x7 socket/chip level metric events Coresight: Leo Yan: - Move definition of 'traceid_list' global variable from header file. Mike Leach: - Update to build with latest opencsd version. perf pmu: Shaokun Zhang: - Fix function name in comment, its get_cpuid_str(), not get_cpustr() Stephane Eranian: - Add perf_pmu__find_by_type() helper perf script: Stephane Eranian: - Remove extraneous newline in perf_sample__fprintf_regs(). Ian Rogers: - Avoid NULL dereference on symbol. tools feature: Stephane Eranian: - Add support for detecting libpfm4. perf symbol: Thomas Richter: - Fix kernel symbol address display in TUI verbose mode. perf cgroup: Tommi Rantala: - Avoid needless closing of unopened fd libperf: He Zhe: - Add NULL pointer check for cpu_map iteration and NULL assignment for all_cpus. Ian Rogers: - Fix a refcount leak in evlist method. Arnaldo Carvalho de Melo: - Rename the code in tools/perf/util, i.e. perf tooling specific, that operates on 'struct evsel' to evsel__, leaving the perf_evsel__ namespace for the routines in tools/lib/perf/ that operate on 'struct perf_evsel__'. tools/perf specific libraries: Konstantin Khlebnikov: - Fix reading new topology attribute ""core_cpus"" - Simplify checking if SMT is active. perf flamegraph: Arnaldo Carvalho de Melo: - Use /bin/bash for report and record scripts, just like all other such scripts, fixing a package dependency bug in a Linaro OpenEmbedded build checker. perf evlist: Jagadeesh Pagadala: - Remove duplicate headers. Miscelaneous: Zou Wei: - Remove unneeded semicolon in libtraceevent, 'perf c2c' and others. - Fix warning assignment of 0/1 to bool variable in 'perf report' Signed-off-by: Arnaldo Carvalho de Melo ","","The commit merges perf updates, including new features and bug fixes, across multiple aspects of the perf subsystem.","merge,perf,updates","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"fa76cfe65c1d748ef418e930a4b631a03b28f04c","fa76cfe65c1d748ef418e930a4b631a03b28f04c","Mark Brown","broonie@kernel.org","1588794692","Will Deacon","will@kernel.org","1588870400","88e80af33df552d3947701536401eedf38592828","c8027285e3660e3b76eb2fb75a32f1596064b5e4","arm64: bpf: Annotate JITed code for BTI In order to extend the protection offered by BTI to all code executing in kernel mode we need to annotate JITed BPF code appropriately for BTI. To do this we need to add a landing pad to the start of each BPF function and also immediately after the function prologue if we are emitting a function which can be tail called. Jumps within BPF functions are all to immediate offsets and therefore do not require landing pads. Signed-off-by: Mark Brown Reviewed-by: Catalin Marinas Link: https://lore.kernel.org/r/20200506195138.22086-6-broonie@kernel.org Signed-off-by: Will Deacon ","arch/arm64/net/bpf_jit.h | 8 ++++++++; arch/arm64/net/bpf_jit_comp.c | 12 ++++++++++++; 2 files changed, 20 insertions(+)","The commit annotates JITed BPF code for BTI protection in arm64 architecture.","annotate,JITed,BPF","A security fix. It resolves a security vulnerability or strengthens security measures.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"2b6c6f0716322fc51332e8fa1c40e2d68f289bec","2b6c6f0716322fc51332e8fa1c40e2d68f289bec","Jason Yan","yanaijie@huawei.com","1588773832","Daniel Borkmann","daniel@iogearbox.net","1588861754","576b2f65ac73f8f54831145d5fd9f4d17bc6e24d","f87b87a1c969f767b9938d435f0211d293e323db","bpf, i386: Remove unneeded conversion to bool The '==' expression itself is bool, no need to convert it to bool again. This fixes the following coccicheck warning: arch/x86/net/bpf_jit_comp32.c:1478:50-55: WARNING: conversion to bool not needed here arch/x86/net/bpf_jit_comp32.c:1479:50-55: WARNING: conversion to bool not needed here Signed-off-by: Jason Yan Signed-off-by: Daniel Borkmann Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200506140352.37154-1-yanaijie@huawei.com","arch/x86/net/bpf_jit_comp32.c | 4 ++--; 1 file changed, 2 insertions(+), 2 deletions(-)","The commit removes unnecessary boolean conversion in the i386 BPF JIT compiler code.","conversion, bool, i386","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"f87b87a1c969f767b9938d435f0211d293e323db","f87b87a1c969f767b9938d435f0211d293e323db","Alexei Starovoitov","ast@kernel.org","1588810364","Alexei Starovoitov","ast@kernel.org","1588810364","b315d103bc610caf0682329320839ec8dc51fa59","a085a1eeea5ed4ae7aa0c19031449ade145110fc 980737282232b752bb14dab96d77665c15889c36","Merge tag 'perf-for-bpf-2020-05-06' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip into bpf-next CAP_PERFMON for BPF","","Merge tag 'perf-for-bpf-2020-05-06' into bpf-next, integrating CAP_PERFMON for BPF.","merge,CAP_PERFMON,BPF","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"a085a1eeea5ed4ae7aa0c19031449ade145110fc","a085a1eeea5ed4ae7aa0c19031449ade145110fc","Daniel Borkmann","daniel@iogearbox.net","1588751296","Daniel Borkmann","daniel@iogearbox.net","1588751323","f1ca6237c59417e3626b2e1c583fb525683dd52e","5447e8e01e101ba19fe5b7551f02d37367156f6b 073ca6a0369e09c586a103e665f2dd67f1c71444","Merge branch 'bpf-rv64-jit' Luke Nelson says: ==================== This patch series introduces a set of optimizations to the BPF JIT on RV64. The optimizations are related to the verifier zero-extension optimization and BPF_JMP BPF_K. We tested the optimizations on a QEMU riscv64 virt machine, using lib/test_bpf and test_verifier, and formally verified their correctness using Serval. ==================== Signed-off-by: Daniel Borkmann ","","This commit merges a series of optimizations for the BPF JIT on RV64 architecture.","optimizations,jit,rv64","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"073ca6a0369e09c586a103e665f2dd67f1c71444","073ca6a0369e09c586a103e665f2dd67f1c71444","Luke Nelson","lukenels@cs.washington.edu","1588723400","Daniel Borkmann","daniel@iogearbox.net","1588751295","f1ca6237c59417e3626b2e1c583fb525683dd52e","ca349a6a104e58479defdc08ce56472a48f7cb81","bpf, riscv: Optimize BPF_JSET BPF_K using andi on RV64 This patch optimizes BPF_JSET BPF_K by using a RISC-V andi instruction when the BPF immediate fits in 12 bits, instead of first loading the immediate to a temporary register. Examples of generated code with and without this optimization: BPF_JMP_IMM(BPF_JSET, R1, 2, 1) without optimization: 20: li t1,2 24: and t1,a0,t1 28: bnez t1,0x30 BPF_JMP_IMM(BPF_JSET, R1, 2, 1) with optimization: 20: andi t1,a0,2 24: bnez t1,0x2c BPF_JMP32_IMM(BPF_JSET, R1, 2, 1) without optimization: 20: li t1,2 24: mv t2,a0 28: slli t2,t2,0x20 2c: srli t2,t2,0x20 30: slli t1,t1,0x20 34: srli t1,t1,0x20 38: and t1,t2,t1 3c: bnez t1,0x44 BPF_JMP32_IMM(BPF_JSET, R1, 2, 1) with optimization: 20: andi t1,a0,2 24: bnez t1,0x2c In these examples, because the upper 32 bits of the sign-extended immediate are 0, BPF_JMP BPF_JSET and BPF_JMP32 BPF_JSET are equivalent and therefore the JIT produces identical code for them. Co-developed-by: Xi Wang Signed-off-by: Xi Wang Signed-off-by: Luke Nelson Signed-off-by: Daniel Borkmann Reviewed-by: Björn Töpel Acked-by: Björn Töpel Link: https://lore.kernel.org/bpf/20200506000320.28965-5-luke.r.nels@gmail.com","arch/riscv/net/bpf_jit_comp64.c | 27 +++++++++++++++++++--------; 1 file changed, 19 insertions(+), 8 deletions(-)","The commit optimizes BPF_JSET BPF_K operation in RISC-V by using andi instruction when the immediate fits in 12 bits.","optimization,BPF_JSET,RISC-V","A performance optimization. It improves the performance of existing code such as reducing latency or improving throughput.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"ca349a6a104e58479defdc08ce56472a48f7cb81","ca349a6a104e58479defdc08ce56472a48f7cb81","Luke Nelson","lukenels@cs.washington.edu","1588723399","Daniel Borkmann","daniel@iogearbox.net","1588751295","d597679f49d864c875930ea34c87350d7b230e88","21a099abb765c3754689e1f7ca4536fa560112d0","bpf, riscv: Optimize BPF_JMP BPF_K when imm == 0 on RV64 This patch adds an optimization to BPF_JMP (32- and 64-bit) BPF_K for when the BPF immediate is zero. When the immediate is zero, the code can directly use the RISC-V zero register instead of loading a zero immediate to a temporary register first. Co-developed-by: Xi Wang Signed-off-by: Xi Wang Signed-off-by: Luke Nelson Signed-off-by: Daniel Borkmann Reviewed-by: Björn Töpel Acked-by: Björn Töpel Link: https://lore.kernel.org/bpf/20200506000320.28965-4-luke.r.nels@gmail.com","arch/riscv/net/bpf_jit_comp64.c | 15 ++++++++++-----; 1 file changed, 10 insertions(+), 5 deletions(-)","This commit optimizes BPF_JMP for RV64 by using the RISC-V zero register instead of a temporary register when the immediate is zero.","optimize,RISC-V,BPF","A performance optimization. It improves the performance of existing code such as reducing latency or improving throughput.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"21a099abb765c3754689e1f7ca4536fa560112d0","21a099abb765c3754689e1f7ca4536fa560112d0","Luke Nelson","lukenels@cs.washington.edu","1588723398","Daniel Borkmann","daniel@iogearbox.net","1588751295","c6d2bc71c49617d48dd2d01a93821de4d6162349","0224b2acea0f9e3908d33e27b2dcb4e04686e997","bpf, riscv: Optimize FROM_LE using verifier_zext on RV64 This patch adds two optimizations for BPF_ALU BPF_END BPF_FROM_LE in the RV64 BPF JIT. First, it enables the verifier zero-extension optimization to avoid zero extension when imm == 32. Second, it avoids generating code for imm == 64, since it is equivalent to a no-op. Co-developed-by: Xi Wang Signed-off-by: Xi Wang Signed-off-by: Luke Nelson Signed-off-by: Daniel Borkmann Reviewed-by: Björn Töpel Acked-by: Björn Töpel Link: https://lore.kernel.org/bpf/20200506000320.28965-3-luke.r.nels@gmail.com","arch/riscv/net/bpf_jit_comp64.c | 20 ++++++++++++++------; 1 file changed, 14 insertions(+), 6 deletions(-)","This commit optimizes the RV64 BPF JIT by enhancing verifier zero-extension for specific immediate values.","optimization,RV64,verifier","A performance optimization. It improves the performance of existing code such as reducing latency or improving throughput.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"0224b2acea0f9e3908d33e27b2dcb4e04686e997","0224b2acea0f9e3908d33e27b2dcb4e04686e997","Luke Nelson","lukenels@cs.washington.edu","1588723397","Daniel Borkmann","daniel@iogearbox.net","1588751295","2db8ed7242e21b2c7b59b36ecc99fdd0e7bf1107","5447e8e01e101ba19fe5b7551f02d37367156f6b","bpf, riscv: Enable missing verifier_zext optimizations on RV64 Commit 66d0d5a854a6 (""riscv: bpf: eliminate zero extension code-gen"") added support for the verifier zero-extension optimization on RV64 and commit 46dd3d7d287b (""bpf, riscv: Enable zext optimization for more RV64G ALU ops"") enabled it for more instruction cases. However, BPF_LSH BPF_X and BPF_{LSH,RSH,ARSH} BPF_K are still missing the optimization. This patch enables the zero-extension optimization for these remaining cases. Co-developed-by: Xi Wang Signed-off-by: Xi Wang Signed-off-by: Luke Nelson Signed-off-by: Daniel Borkmann Reviewed-by: Björn Töpel Acked-by: Björn Töpel Link: https://lore.kernel.org/bpf/20200506000320.28965-2-luke.r.nels@gmail.com","arch/riscv/net/bpf_jit_comp64.c | 8 ++++----; 1 file changed, 4 insertions(+), 4 deletions(-)","Enable zero-extension optimization for additional RV64 ALU operations in BPF JIT for RISC-V.","verifier zext RV64","A performance optimization. It improves the performance of existing code such as reducing latency or improving throughput.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"81aabbb9fb7b4b1efd073b62f0505d3adad442f3","81aabbb9fb7b4b1efd073b62f0505d3adad442f3","John Fastabend","john.fastabend@gmail.com","1588612904","Daniel Borkmann","daniel@iogearbox.net","1588717342","8926d0f003b0c46fbfb9de2eba8bcc697fe922a6","3e104c23816220919ea1b3fd93fabe363c67c484","bpf, sockmap: bpf_tcp_ingress needs to subtract bytes from sg.size In bpf_tcp_ingress we used apply_bytes to subtract bytes from sg.size which is used to track total bytes in a message. But this is not correct because apply_bytes is itself modified in the main loop doing the mem_charge. Then at the end of this we have sg.size incorrectly set and out of sync with actual sk values. Then we can get a splat if we try to cork the data later and again try to redirect the msg to ingress. To fix instead of trying to track msg.size do the easy thing and include it as part of the sk_msg_xfer logic so that when the msg is moved the sg.size is always correct. To reproduce the below users will need ingress + cork and hit an error path that will then try to 'free' the skmsg. [ 173.699981] BUG: KASAN: null-ptr-deref in sk_msg_free_elem+0xdd/0x120 [ 173.699987] Read of size 8 at addr 0000000000000008 by task test_sockmap/5317 [ 173.700000] CPU: 2 PID: 5317 Comm: test_sockmap Tainted: G I 5.7.0-rc1+ #43 [ 173.700005] Hardware name: Dell Inc. Precision 5820 Tower/002KVM, BIOS 1.9.2 01/24/2019 [ 173.700009] Call Trace: [ 173.700021] dump_stack+0x8e/0xcb [ 173.700029] ? sk_msg_free_elem+0xdd/0x120 [ 173.700034] ? sk_msg_free_elem+0xdd/0x120 [ 173.700042] __kasan_report+0x102/0x15f [ 173.700052] ? sk_msg_free_elem+0xdd/0x120 [ 173.700060] kasan_report+0x32/0x50 [ 173.700070] sk_msg_free_elem+0xdd/0x120 [ 173.700080] __sk_msg_free+0x87/0x150 [ 173.700094] tcp_bpf_send_verdict+0x179/0x4f0 [ 173.700109] tcp_bpf_sendpage+0x3ce/0x5d0 Fixes: 604326b41a6fb (""bpf, sockmap: convert to generic sk_msg interface"") Signed-off-by: John Fastabend Signed-off-by: Daniel Borkmann Reviewed-by: Jakub Sitnicki Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/158861290407.14306.5327773422227552482.stgit@john-Precision-5820-Tower","include/linux/skmsg.h | 1 +; net/ipv4/tcp_bpf.c | 1 -; 2 files changed, 1 insertion(+), 1 deletion(-)","Fix a null pointer dereference in bpf_tcp_ingress by correcting sk_msg_xfer logic for byte tracking.","bpf_tcp_ingress, null-ptr-deref, sk_msg_xfer","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"3e104c23816220919ea1b3fd93fabe363c67c484","3e104c23816220919ea1b3fd93fabe363c67c484","John Fastabend","john.fastabend@gmail.com","1588612883","Daniel Borkmann","daniel@iogearbox.net","1588717335","43f716321caeb07f120136fe004d0cd929b0bdc8","7f645462ca01d01abb94d75e6768c8b3ed3a188b","bpf, sockmap: msg_pop_data can incorrecty set an sge length When sk_msg_pop() is called where the pop operation is working on the end of a sge element and there is no additional trailing data and there _is_ data in front of pop, like the following case, |____________a_____________|__pop__| We have out of order operations where we incorrectly set the pop variable so that instead of zero'ing pop we incorrectly leave it untouched, effectively. This can cause later logic to shift the buffers around believing it should pop extra space. The result is we have 'popped' more data then we expected potentially breaking program logic. It took us a while to hit this case because typically we pop headers which seem to rarely be at the end of a scatterlist elements but we can't rely on this. Fixes: 7246d8ed4dcce (""bpf: helper to pop data from messages"") Signed-off-by: John Fastabend Signed-off-by: Daniel Borkmann Reviewed-by: Jakub Sitnicki Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/158861288359.14306.7654891716919968144.stgit@john-Precision-5820-Tower","net/core/filter.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Fix incorrect setting of sge length in bpf sockmap's msg_pop_data function.","bpf,sockmap,msg","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"3a50dc76058d7cd8315f9c712b793d81a7ff4541","3a50dc76058d7cd8315f9c712b793d81a7ff4541","Stephane Eranian","eranian@google.com","1588202082","Arnaldo Carvalho de Melo","acme@redhat.com","1588707331","327b673522f339dc3ae4a14d4d823c375e9147d1","5ef86146de941f273d669a8e018036f549bf058c","perf pmu: Add perf_pmu__find_by_type helper This is used by libpfm4 during event parsing to locate the pmu for an event. Signed-off-by: Stephane Eranian Reviewed-by: Ian Rogers Acked-by: Jiri Olsa Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Alexei Starovoitov Cc: Alexey Budankov Cc: Andi Kleen Cc: Andrii Nakryiko Cc: Daniel Borkmann Cc: Florian Fainelli Cc: Greg Kroah-Hartman Cc: Igor Lubashev Cc: Jin Yao Cc: Jiwei Sun Cc: John Garry Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Martin KaFai Lau Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Thomas Gleixner Cc: Yonghong Song Cc: bpf@vger.kernel.org Cc: netdev@vger.kernel.org Cc: yuzhoujian Link: http://lore.kernel.org/lkml/20200429231443.207201-4-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/util/pmu.c | 11 +++++++++++; tools/perf/util/pmu.h | 1 +; 2 files changed, 12 insertions(+)","Add a helper function perf_pmu__find_by_type in perf pmu for event parsing in libpfm4.","perf,pmu,helper","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"5ef86146de941f273d669a8e018036f549bf058c","5ef86146de941f273d669a8e018036f549bf058c","Stephane Eranian","eranian@google.com","1588202081","Arnaldo Carvalho de Melo","acme@redhat.com","1588707331","a3fe193fbf24079ee61d8016317bd32580701b88","4b1984491e65c9592f9f2bfbe8fb5bf4d4e51587","tools feature: Add support for detecting libpfm4 libpfm4 provides an alternate command line encoding of perf events. Signed-off-by: Stephane Eranian Reviewed-by: Ian Rogers Acked-by: Jiri Olsa Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Alexei Starovoitov Cc: Alexey Budankov Cc: Andi Kleen Cc: Andrii Nakryiko Cc: Daniel Borkmann Cc: Florian Fainelli Cc: Greg Kroah-Hartman Cc: Igor Lubashev Cc: Jin Yao Cc: Jiwei Sun Cc: John Garry Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Martin KaFai Lau Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Thomas Gleixner Cc: Yonghong Song Cc: bpf@vger.kernel.org Cc: netdev@vger.kernel.org Cc: yuzhoujian Link: http://lore.kernel.org/lkml/20200429231443.207201-3-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo ","tools/build/Makefile.feature | 3 ++-; tools/build/feature/Makefile | 6 +++++-; tools/build/feature/test-libpfm4.c | 9 +++++++++; 3 files changed, 16 insertions(+), 2 deletions(-)","This commit introduces support for detecting libpfm4 for alternative encoding of perf events.","libpfm4,perf,events","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","It's not related to any above. E.g. It affects a logic component in eBPF that is not listed here and not related to other events.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"4b1984491e65c9592f9f2bfbe8fb5bf4d4e51587","4b1984491e65c9592f9f2bfbe8fb5bf4d4e51587","Ian Rogers","irogers@google.com","1588202080","Arnaldo Carvalho de Melo","acme@redhat.com","1588707331","80389fc058a85a64b91a89a3cbd84760c8cf0d99","266150c94c69429cf6d18e130237224a047f5061","perf doc: Pass ASCIIDOC_EXTRA as an argument commit e9cfa47e687d (""perf doc: allow ASCIIDOC_EXTRA to be an argument"") allowed ASCIIDOC_EXTRA to be passed as an option to the Documentation Makefile. This change passes ASCIIDOC_EXTRA, set by detected features or command line options, prior to doing a Documentation build. This is necessary to allow conditional compilation, based on configuration variables, in asciidoc code. Signed-off-by: Ian Rogers Acked-by: Jiri Olsa Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Alexei Starovoitov Cc: Alexey Budankov Cc: Andi Kleen Cc: Andrii Nakryiko Cc: Daniel Borkmann Cc: Florian Fainelli Cc: Greg Kroah-Hartman Cc: Igor Lubashev Cc: Jin Yao Cc: Jiwei Sun Cc: John Garry Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Martin KaFai Lau Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Stephane Eranian Cc: Thomas Gleixner Cc: Yonghong Song Cc: bpf@vger.kernel.org Cc: netdev@vger.kernel.org Cc: yuzhoujian Link: http://lore.kernel.org/lkml/20200429231443.207201-2-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/Makefile.perf | 6 +++---; 1 file changed, 3 insertions(+), 3 deletions(-)","Passes ASCIIDOC_EXTRA as an argument for conditional compilation in the perf documentation build.","ASCIIDOC_EXTRA, Documentation, Makefile","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"976be84504b8285d43dc890b02ceff432cd0dd4b","976be84504b8285d43dc890b02ceff432cd0dd4b","Arnaldo Carvalho de Melo","acme@redhat.com","1588020867","Arnaldo Carvalho de Melo","acme@redhat.com","1588707329","a88083f12fb92645027cdd9cfed15607ecb36bda","9a39994467d493eba38d8f69e42fd9c31cb1da9a","perf evlist: Allow reusing the side band thread for more purposes I.e. so far we had just one event in that side band thread, a dummy one with attr.bpf_event set, so that 'perf record' can go ahead and ask the kernel for further information about BPF programs being loaded. Allow for more than one event to be there, so that we can use it as well for the upcoming --switch-output-event feature. Acked-by: Jiri Olsa Cc: Adrian Hunter Cc: Namhyung Kim Cc: Song Liu Link: http://lore.kernel.org/lkml/20200429131106.27974-6-acme@kernel.org Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/util/evlist.h | 1 +; tools/perf/util/sideband_evlist.c | 23 +++++++++++++++++++++++; 2 files changed, 24 insertions(+)","The commit enhances 'perf evlist' to reuse the side band thread for multiple events including a new switch-output-event feature.","perf, evlist, sideband","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"d0abbc3ce695437fe83446aef44b2f5ef65a80b9","d0abbc3ce695437fe83446aef44b2f5ef65a80b9","Arnaldo Carvalho de Melo","acme@redhat.com","1588006691","Arnaldo Carvalho de Melo","acme@redhat.com","1588707329","e3611ddcfc0a99a2ef105ab0292887b090c622f2","b38d85ef49cf6af9d1deaaf01daf0986d47e6c7a","perf parse-events: Add parse_events_option() variant that creates evlist For the upcoming --switch-output-event option we want to create the side band event, populate it with the specified events and then, if it is present multiple times, go on adding to it, then, if the BPF tracking is required, use the first event to set its attr.bpf_event to get those PERF_RECORD_BPF_EVENT metadata events too. Acked-by: Jiri Olsa Cc: Adrian Hunter Cc: Namhyung Kim Cc: Song Liu Link: http://lore.kernel.org/lkml/20200429131106.27974-5-acme@kernel.org Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/util/parse-events.c | 23 +++++++++++++++++++++++; tools/perf/util/parse-events.h | 1 +; 2 files changed, 24 insertions(+)","The commit introduces a parse_events_option() variant to support --switch-output-event with BPF tracking for metadata events.","parse_events_option,BPF,metadata","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.']" +"b38d85ef49cf6af9d1deaaf01daf0986d47e6c7a","b38d85ef49cf6af9d1deaaf01daf0986d47e6c7a","Arnaldo Carvalho de Melo","acme@redhat.com","1587741891","Arnaldo Carvalho de Melo","acme@redhat.com","1588707329","191921050dec780e42492758daedd099c30d9af5","ca6c9c8b107f9788662117587cd24bbb19cea94d","perf bpf: Decouple creating the evlist from adding the SB event Renaming bpf_event__add_sb_event() to evlist__add_sb_event() and requiring that the evlist be allocated beforehand. This will allow using the same side band thread and evlist to be used for multiple purposes in addition to react to PERF_RECORD_BPF_EVENT soon after they are generated. Acked-by: Jiri Olsa Cc: Adrian Hunter Cc: Namhyung Kim Cc: Song Liu Link: http://lore.kernel.org/lkml/20200429131106.27974-4-acme@kernel.org Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/builtin-record.c | 17 ++++++++++++++---; tools/perf/builtin-top.c | 15 +++++++++++++--; tools/perf/util/bpf-event.c | 3 +--; tools/perf/util/bpf-event.h | 7 +++----; tools/perf/util/evlist.c | 21 ++++-----------------; tools/perf/util/evlist.h | 2 +-; 6 files changed, 36 insertions(+), 29 deletions(-)","The commit refactors the perf BPF code to decouple evlist creation from adding SB events for enhanced flexibility and manageability in processing BPF events.","evlist, decouple, refactors","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.']" +"5447e8e01e101ba19fe5b7551f02d37367156f6b","5447e8e01e101ba19fe5b7551f02d37367156f6b","Arnd Bergmann","arnd@arndb.de","1588687632","Alexei Starovoitov","ast@kernel.org","1588705172","c13c56ae37086a6ef504ef8930bd154fdba8c8fd","07bf2d97d1f37e7ac8d7be2d84ff108d43556a1d","sysctl: Fix unused function warning The newly added bpf_stats_handler function has the wrong #ifdef check around it, leading to an unused-function warning when CONFIG_SYSCTL is disabled: kernel/sysctl.c:205:12: error: unused function 'bpf_stats_handler' [-Werror,-Wunused-function] static int bpf_stats_handler(struct ctl_table *table, int write, Fix the check to match the reference. Fixes: d46edd671a14 (""bpf: Sharing bpf runtime stats with BPF_ENABLE_STATS"") Signed-off-by: Arnd Bergmann Signed-off-by: Alexei Starovoitov Reviewed-by: Luis Chamberlain Acked-by: Martin KaFai Lau Acked-by: Song Liu Link: https://lore.kernel.org/bpf/20200505140734.503701-1-arnd@arndb.de","kernel/sysctl.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Fixes an unused function warning in the bpf_stats_handler due to an incorrect #ifdef check.","unused, function, warning","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"07bf2d97d1f37e7ac8d7be2d84ff108d43556a1d","07bf2d97d1f37e7ac8d7be2d84ff108d43556a1d","Magnus Karlsson","magnus.karlsson@intel.com","1588599232","Daniel Borkmann","daniel@iogearbox.net","1588625786","048c1cb760f8dd7ec426dc66a2c5ee6649f03bd1","e4e5aefc113510c03d34e182ab30bc0cc196675c","xsk: Remove unnecessary member in xdp_umem Remove the unnecessary member of address in struct xdp_umem as it is only used during the umem registration. No need to carry this around as it is not used during run-time nor when unregistering the umem. Signed-off-by: Magnus Karlsson Signed-off-by: Daniel Borkmann Acked-by: Jonathan Lemon Link: https://lore.kernel.org/bpf/1588599232-24897-3-git-send-email-magnus.karlsson@intel.com","include/net/xdp_sock.h | 1 -; net/xdp/xdp_umem.c | 7 +++----; 2 files changed, 3 insertions(+), 5 deletions(-)","Remove unnecessary 'address' member from struct xdp_umem to optimize runtime usage.","xdp_umem,address,removal","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"e4e5aefc113510c03d34e182ab30bc0cc196675c","e4e5aefc113510c03d34e182ab30bc0cc196675c","Magnus Karlsson","magnus.karlsson@intel.com","1588599231","Daniel Borkmann","daniel@iogearbox.net","1588625786","6a5d71785996f770cd0c69f88e565894afd86a60","d26c0cc53950464a24adfa76867f1d71f0cbbea6","xsk: Change two variable names for increased clarity Change two variables names so that it is clearer what they represent. The first one is xsk_list that in fact only contains the list of AF_XDP sockets with a Tx component. Change this to xsk_tx_list for improved clarity. The second variable is size in the ring structure. One might think that this is the size of the ring, but it is in fact the size of the umem, copied into the ring structure to improve performance. Rename this variable umem_size to avoid any confusion. Signed-off-by: Magnus Karlsson Signed-off-by: Daniel Borkmann Acked-by: Jonathan Lemon Link: https://lore.kernel.org/bpf/1588599232-24897-2-git-send-email-magnus.karlsson@intel.com","include/net/xdp_sock.h | 4 ++--; net/xdp/xdp_umem.c | 14 +++++++-------; net/xdp/xsk.c | 8 ++++----; net/xdp/xsk_queue.c | 4 ++--; net/xdp/xsk_queue.h | 8 ++++----; 5 files changed, 19 insertions(+), 19 deletions(-)","This commit renames two variables for clarity in AF_XDP socket and umem size representation.","variables,clarity,rename","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"d26c0cc53950464a24adfa76867f1d71f0cbbea6","d26c0cc53950464a24adfa76867f1d71f0cbbea6","Arnd Bergmann","arnd@arndb.de","1588282247","Daniel Borkmann","daniel@iogearbox.net","1588625682","31d9b92c73807fe11c553dbbf5b78770f8fa15d7","c648c9c7429e979ca081359f39b6902aed92d490","bpf: Avoid gcc-10 stringop-overflow warning in struct bpf_prog gcc-10 warns about accesses to zero-length arrays: kernel/bpf/core.c: In function 'bpf_patch_insn_single': cc1: warning: writing 8 bytes into a region of size 0 [-Wstringop-overflow=] In file included from kernel/bpf/core.c:21: include/linux/filter.h:550:20: note: at offset 0 to object 'insnsi' with size 0 declared here 550 | struct bpf_insn insnsi[0]; | ^~~~~~ In this case, we really want to have two flexible-array members, but that is not possible. Removing the union to make insnsi a flexible-array member while leaving insns as a zero-length array fixes the warning, as nothing writes to the other one in that way. This trick only works on linux-3.18 or higher, as older versions had additional members in the union. Fixes: 60a3b2253c41 (""net: bpf: make eBPF interpreter images read-only"") Signed-off-by: Arnd Bergmann Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200430213101.135134-6-arnd@arndb.de","include/linux/filter.h | 6 ++----; 1 file changed, 2 insertions(+), 4 deletions(-)","This commit resolves a GCC-10 warning by changing struct bpf_prog's zero-length arrays to flexible arrays.","gcc-10,zero-length,flexible-array","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"c648c9c7429e979ca081359f39b6902aed92d490","c648c9c7429e979ca081359f39b6902aed92d490","Luke Nelson","lukenels@cs.washington.edu","1588298530","Daniel Borkmann","daniel@iogearbox.net","1588604682","86f5d9bfc42c012d4553fdfe6a79aebb228c6584","cf48db69bdfad2930b95fd51d64444e5a7b469ae","bpf, arm: Optimize ALU ARSH K using asr immediate instruction This patch adds an optimization that uses the asr immediate instruction for BPF_ALU BPF_ARSH BPF_K, rather than loading the immediate to a temporary register. This is similar to existing code for handling BPF_ALU BPF_{LSH,RSH} BPF_K. This optimization saves two instructions and is more consistent with LSH and RSH. Example of the code generated for BPF_ALU32_IMM(BPF_ARSH, BPF_REG_0, 5) before the optimization: 2c: mov r8, #5 30: mov r9, #0 34: asr r0, r0, r8 and after optimization: 2c: asr r0, r0, #5 Tested on QEMU using lib/test_bpf and test_verifier. Co-developed-by: Xi Wang Signed-off-by: Xi Wang Signed-off-by: Luke Nelson Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200501020210.32294-3-luke.r.nels@gmail.com","arch/arm/net/bpf_jit_32.c | 10 +++++++---; arch/arm/net/bpf_jit_32.h | 3 +++; 2 files changed, 10 insertions(+), 3 deletions(-)","This commit optimizes the ARM BPF JIT compiler by directly using the ASR immediate instruction for ALU ARSH K operations, saving instructions.","ARM, optimization, ALU","A performance optimization. It improves the performance of existing code such as reducing latency or improving throughput.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"cf48db69bdfad2930b95fd51d64444e5a7b469ae","cf48db69bdfad2930b95fd51d64444e5a7b469ae","Luke Nelson","lukenels@cs.washington.edu","1588298529","Daniel Borkmann","daniel@iogearbox.net","1588604682","5949744e14c415cf767d9009771de173ecb8d544","60bcbc41ffb35572288681f41d1d8ab8bdb98841","bpf, arm: Optimize ALU64 ARSH X using orrpl conditional instruction This patch optimizes the code generated by emit_a32_arsh_r64, which handles the BPF_ALU64 BPF_ARSH BPF_X instruction. The original code uses a conditional B followed by an unconditional ORR. The optimization saves one instruction by removing the B instruction and using a conditional ORR (with an inverted condition). Example of the code generated for BPF_ALU64_REG(BPF_ARSH, BPF_REG_0, BPF_REG_1), before optimization: 34: rsb ip, r2, #32 38: subs r9, r2, #32 3c: lsr lr, r0, r2 40: orr lr, lr, r1, lsl ip 44: bmi 0x4c 48: orr lr, lr, r1, asr r9 4c: asr ip, r1, r2 50: mov r0, lr 54: mov r1, ip and after optimization: 34: rsb ip, r2, #32 38: subs r9, r2, #32 3c: lsr lr, r0, r2 40: orr lr, lr, r1, lsl ip 44: orrpl lr, lr, r1, asr r9 48: asr ip, r1, r2 4c: mov r0, lr 50: mov r1, ip Tested on QEMU using lib/test_bpf and test_verifier. Co-developed-by: Xi Wang Signed-off-by: Xi Wang Signed-off-by: Luke Nelson Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200501020210.32294-2-luke.r.nels@gmail.com","arch/arm/net/bpf_jit_32.c | 4 ++--; 1 file changed, 2 insertions(+), 2 deletions(-)","Optimizes BPF_ALU64_ARSH X instruction for ARM architecture using conditional ORR instruction, reducing it by one instruction.","optimization, ARM, instruction","A performance optimization. It improves the performance of existing code such as reducing latency or improving throughput.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"115506fea499f1cd9a80290b31eca4352e0559e9","115506fea499f1cd9a80290b31eca4352e0559e9","David S. Miller","davem@davemloft.net","1588377747","David S. Miller","davem@davemloft.net","1588377747","25e4ff3b5a49115d964fab690cf72fa18a5f96bf","5b95dea31636ce93660930d16172fe75589b2e70 57dc6f3b4133f45e73d87895180ca1f3eaf01722","Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next Alexei Starovoitov says: ==================== pull-request: bpf-next 2020-05-01 (v2) The following pull-request contains BPF updates for your *net-next* tree. We've added 61 non-merge commits during the last 6 day(s) which contain a total of 153 files changed, 6739 insertions(+), 3367 deletions(-). The main changes are: 1) pulled work.sysctl from vfs tree with sysctl bpf changes. 2) bpf_link observability, from Andrii. 3) BTF-defined map in map, from Andrii. 4) asan fixes for selftests, from Andrii. 5) Allow bpf_map_lookup_elem for SOCKMAP and SOCKHASH, from Jakub. 6) production cloudflare classifier as a selftes, from Lorenz. 7) bpf_ktime_get_*_ns() helper improvements, from Maciej. 8) unprivileged bpftool feature probe, from Quentin. 9) BPF_ENABLE_STATS command, from Song. 10) enable bpf_[gs]etsockopt() helpers for sock_ops progs, from Stanislav. 11) enable a bunch of common helpers for cg-device, sysctl, sockopt progs, from Stanislav. ==================== Signed-off-by: David S. Miller ","","This commit merges various eBPF updates including sysctl changes, observability enhancements, and helper improvements into the net-next tree.","merge,eBPF,updates","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"57dc6f3b4133f45e73d87895180ca1f3eaf01722","57dc6f3b4133f45e73d87895180ca1f3eaf01722","Stanislav Fomichev","sdf@google.com","1588373000","Alexei Starovoitov","ast@kernel.org","1588377067","6e87f2015986d5727f3dd82ed5f07f682c60236e","138c67677ff5ac0bce7131033c39d52a81e87a60","selftests/bpf: Use reno instead of dctcp Andrey pointed out that we can use reno instead of dctcp for CC tests and drop CONFIG_TCP_CONG_DCTCP=y requirement. Fixes: beecf11bc218 (""bpf: Bpf_{g,s}etsockopt for struct bpf_sock_addr"") Suggested-by: Andrey Ignatov Signed-off-by: Stanislav Fomichev Signed-off-by: Alexei Starovoitov Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200501224320.28441-1-sdf@google.com","tools/testing/selftests/bpf/config | 1 -; tools/testing/selftests/bpf/progs/connect4_prog.c | 6 +++---; 2 files changed, 3 insertions(+), 4 deletions(-)","This commit replaces the DCTCP with Reno for congestion control tests in BPF selftests.","selftests, reno, dctcp","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"138c67677ff5ac0bce7131033c39d52a81e87a60","138c67677ff5ac0bce7131033c39d52a81e87a60","Andrii Nakryiko","andriin@fb.com","1588359382","Alexei Starovoitov","ast@kernel.org","1588371185","2c02575c961a943cc4ca46c9c126ea42a5b76453","beecf11bc2188067824591612151c4dc6ec383c7","bpf: Fix use-after-free of bpf_link when priming half-fails If bpf_link_prime() succeeds to allocate new anon file, but then fails to allocate ID for it, link priming is considered to be failed and user is supposed ot be able to directly kfree() bpf_link, because it was never exposed to user-space. But at that point file already keeps a pointer to bpf_link and will eventually call bpf_link_release(), so if bpf_link was kfree()'d by caller, that would lead to use-after-free. Fix this by first allocating ID and only then allocating file. Adding ID to link_idr is ok, because link at that point still doesn't have its ID set, so no user-space process can create a new FD for it. Fixes: a3b80e107894 (""bpf: Allocate ID for bpf_link"") Reported-by: syzbot+39b64425f91b5aab714d@syzkaller.appspotmail.com Suggested-by: Martin KaFai Lau Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200501185622.3088964-1-andriin@fb.com","kernel/bpf/syscall.c | 13 +++++++------; 1 file changed, 7 insertions(+), 6 deletions(-)","Fixes a use-after-free issue in bpf_link by reordering allocation steps in link priming.","use-after-free,bpf_link,allocation","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"beecf11bc2188067824591612151c4dc6ec383c7","beecf11bc2188067824591612151c4dc6ec383c7","Stanislav Fomichev","sdf@google.com","1588289512","Alexei Starovoitov","ast@kernel.org","1588362268","69f6fa04eedbf42c247de70bb0df443bacd42c44","3dbb5b5040c396274a253b607289748f39a680a0","bpf: Bpf_{g,s}etsockopt for struct bpf_sock_addr Currently, bpf_getsockopt and bpf_setsockopt helpers operate on the 'struct bpf_sock_ops' context in BPF_PROG_TYPE_SOCK_OPS program. Let's generalize them and make them available for 'struct bpf_sock_addr'. That way, in the future, we can allow those helpers in more places. As an example, let's expose those 'struct bpf_sock_addr' based helpers to BPF_CGROUP_INET{4,6}_CONNECT hooks. That way we can override CC before the connection is made. v3: * Expose custom helpers for bpf_sock_addr context instead of doing generic bpf_sock argument (as suggested by Daniel). Even with try_socket_lock that doesn't sleep we have a problem where context sk is already locked and socket lock is non-nestable. v2: * s/BPF_PROG_TYPE_CGROUP_SOCKOPT/BPF_PROG_TYPE_SOCK_OPS/ Signed-off-by: Stanislav Fomichev Signed-off-by: Alexei Starovoitov Acked-by: Martin KaFai Lau Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200430233152.199403-1-sdf@google.com","include/uapi/linux/bpf.h | 14 ++-; net/core/filter.c | 118 +++++++++++++++++-----; tools/include/uapi/linux/bpf.h | 14 ++-; tools/testing/selftests/bpf/config | 1 +; tools/testing/selftests/bpf/progs/connect4_prog.c | 46 +++++++++; 5 files changed, 166 insertions(+), 27 deletions(-)","Generalizes bpf_getsockopt and bpf_setsockopt helpers for bpf_sock_addr to enhance usability in BPF_CGROUP_INET_CONNECT hooks.","bpf_getsockopt bpf_sock_addr helpers","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', 'cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"3dbb5b5040c396274a253b607289748f39a680a0","3dbb5b5040c396274a253b607289748f39a680a0","Alexei Starovoitov","ast@kernel.org","1588354592","Alexei Starovoitov","ast@kernel.org","1588354654","6b010c99c159d08a48680e709ca37e3fe3e17971","c321022244708aec4675de4f032ef1ba9ff0c640 31a9f7fe93378ab587d758d5b2e96a237caa7b8c","Merge branch 'bpf_enable_stats' Song Liu says: ==================== run_time_ns is a useful stats for BPF programs. However, it is gated by sysctl kernel.bpf_stats_enabled. When multiple user space tools are toggling kernl.bpf_stats_enabled at the same time, they may confuse each other. Solve this problem with a new BPF command BPF_ENABLE_STATS. Changes v8 => v9: 1. Clean up in selftest (Andrii). 2. Not using static variable in test program (Andrii). Changes v7 => v8: 1. Change name BPF_STATS_RUNTIME_CNT => BPF_STATS_RUN_TIME (Alexei). 2. Add CHECK_ATTR to bpf_enable_stats() (Alexei). 3. Rebase (Andrii). 4. Simplfy the selftest (Alexei). Changes v6 => v7: 1. Add test to verify run_cnt matches count measured by the program. Changes v5 => v6: 1. Simplify test program (Yonghong). 2. Rebase (with some conflicts). Changes v4 => v5: 1. Use memset to zero bpf_attr in bpf_enable_stats() (Andrii). Changes v3 => v4: 1. Add libbpf support and selftest; 2. Avoid cleaning trailing space. Changes v2 => v3: 1. Rename the command to BPF_ENABLE_STATS, and make it extendible. 2. fix commit log; 3. remove unnecessary headers. ==================== Signed-off-by: Alexei Starovoitov ","","Merge branch for enabling a new BPF command BPF_ENABLE_STATS to improve user space tool interactions.","BPF_ENABLE_STATS, sysctl, stats","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"31a9f7fe93378ab587d758d5b2e96a237caa7b8c","31a9f7fe93378ab587d758d5b2e96a237caa7b8c","Song Liu","songliubraving@fb.com","1588230906","Alexei Starovoitov","ast@kernel.org","1588354592","6b010c99c159d08a48680e709ca37e3fe3e17971","0bee106716cfb2c6da81916b968395db22bd7755","bpf: Add selftest for BPF_ENABLE_STATS Add test for BPF_ENABLE_STATS, which should enable run_time_ns stats. ~/selftests/bpf# ./test_progs -t enable_stats -v test_enable_stats:PASS:skel_open_and_load 0 nsec test_enable_stats:PASS:get_stats_fd 0 nsec test_enable_stats:PASS:attach_raw_tp 0 nsec test_enable_stats:PASS:get_prog_info 0 nsec test_enable_stats:PASS:check_stats_enabled 0 nsec test_enable_stats:PASS:check_run_cnt_valid 0 nsec Summary: 1/0 PASSED, 0 SKIPPED, 0 FAILED Signed-off-by: Song Liu Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200430071506.1408910-4-songliubraving@fb.com",".../selftests/bpf/prog_tests/enable_stats.c | 45 ++++++++++++++++++++++; .../selftests/bpf/progs/test_enable_stats.c | 18 +++++++++; 2 files changed, 63 insertions(+)","This commit adds a self-test for the BPF_ENABLE_STATS functionality in the eBPF subsystem.","BPF_ENABLE_STATS,selftest,run_time_ns","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"0bee106716cfb2c6da81916b968395db22bd7755","0bee106716cfb2c6da81916b968395db22bd7755","Song Liu","songliubraving@fb.com","1588230905","Alexei Starovoitov","ast@kernel.org","1588354592","6a438ee3a2376d99a6cccee19c280f2e4e791db8","d46edd671a147032e22cfeb271a5734703093649","libbpf: Add support for command BPF_ENABLE_STATS bpf_enable_stats() is added to enable given stats. Signed-off-by: Song Liu Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200430071506.1408910-3-songliubraving@fb.com","tools/lib/bpf/bpf.c | 10 ++++++++++; tools/lib/bpf/bpf.h | 1 +; tools/lib/bpf/libbpf.map | 1 +; 3 files changed, 12 insertions(+)","This commit introduces bpf_enable_stats() in libbpf to support the BPF_ENABLE_STATS command for enabling stats.","libbpf,BPF_ENABLE_STATS,stats","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"d46edd671a147032e22cfeb271a5734703093649","d46edd671a147032e22cfeb271a5734703093649","Song Liu","songliubraving@fb.com","1588230904","Alexei Starovoitov","ast@kernel.org","1588354592","eee3bc7ad6740e4115f5df017b375ea8ea974829","c321022244708aec4675de4f032ef1ba9ff0c640","bpf: Sharing bpf runtime stats with BPF_ENABLE_STATS Currently, sysctl kernel.bpf_stats_enabled controls BPF runtime stats. Typical userspace tools use kernel.bpf_stats_enabled as follows: 1. Enable kernel.bpf_stats_enabled; 2. Check program run_time_ns; 3. Sleep for the monitoring period; 4. Check program run_time_ns again, calculate the difference; 5. Disable kernel.bpf_stats_enabled. The problem with this approach is that only one userspace tool can toggle this sysctl. If multiple tools toggle the sysctl at the same time, the measurement may be inaccurate. To fix this problem while keep backward compatibility, introduce a new bpf command BPF_ENABLE_STATS. On success, this command enables stats and returns a valid fd. BPF_ENABLE_STATS takes argument ""type"". Currently, only one type, BPF_STATS_RUN_TIME, is supported. We can extend the command to support other types of stats in the future. With BPF_ENABLE_STATS, user space tool would have the following flow: 1. Get a fd with BPF_ENABLE_STATS, and make sure it is valid; 2. Check program run_time_ns; 3. Sleep for the monitoring period; 4. Check program run_time_ns again, calculate the difference; 5. Close the fd. Signed-off-by: Song Liu Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200430071506.1408910-2-songliubraving@fb.com","include/linux/bpf.h | 1 +; include/uapi/linux/bpf.h | 11 ++++++++; kernel/bpf/syscall.c | 57 ++++++++++++++++++++++++++++++++++++++++++; kernel/sysctl.c | 36 +++++++++++++++++++++++++-; tools/include/uapi/linux/bpf.h | 11 ++++++++; 5 files changed, 115 insertions(+), 1 deletion(-)","The commit introduces a new command BPF_ENABLE_STATS to enable eBPF runtime statistics, allowing concurrent stats tracking by multiple userspace tools.","BPF_ENABLE_STATS,runtime stats,userspace","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"54261af473be4c5481f6196064445d2945f2bdab","54261af473be4c5481f6196064445d2945f2bdab","KP Singh","kpsingh@google.com","1588261960","James Morris","jmorris@namei.org","1588303774","2ecf12c8d354b371ac63bae7da0297d90ca4db70","c45e8bccecaf633480d378daff11e122dfd5e96d","security: Fix the default value of fs_context_parse_param hook security_fs_context_parse_param is called by vfs_parse_fs_param and a succussful return value (i.e 0) implies that a parameter will be consumed by the LSM framework. This stops all further parsing of the parmeter by VFS. Furthermore, if an LSM hook returns a success, the remaining LSM hooks are not invoked for the parameter. The current default behavior of returning success means that all the parameters are expected to be parsed by the LSM hook and none of them end up being populated by vfs in fs_context This was noticed when lsm=bpf is supplied on the command line before any other LSM. As the bpf lsm uses this default value to implement a default hook, this resulted in a failure to parse any fs_context parameters and a failure to mount the root filesystem. Fixes: 98e828a0650f (""security: Refactor declaration of LSM hooks"") Reported-by: Mikko Ylinen Signed-off-by: KP Singh Signed-off-by: James Morris ","include/linux/lsm_hook_defs.h | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","This commit fixes a bug in the default return value of the fs_context_parse_param hook affecting parameter parsing in the LSM framework.","fs_context,LSM,default","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"c321022244708aec4675de4f032ef1ba9ff0c640","c321022244708aec4675de4f032ef1ba9ff0c640","Jakub Sitnicki","jakub@cloudflare.com","1588243658","Daniel Borkmann","daniel@iogearbox.net","1588256474","51d2d2304240d011b32fa31fa3f44caed6360ef9","063e688133914505ddb396cc33231f22f12e0685","selftests/bpf: Test allowed maps for bpf_sk_select_reuseport Check that verifier allows passing a map of type: BPF_MAP_TYPE_REUSEPORT_SOCKARRARY, or BPF_MAP_TYPE_SOCKMAP, or BPF_MAP_TYPE_SOCKHASH ... to bpf_sk_select_reuseport helper. Suggested-by: John Fastabend Signed-off-by: Jakub Sitnicki Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200430104738.494180-1-jakub@cloudflare.com","tools/testing/selftests/bpf/test_verifier.c | 12 +++++++-; tools/testing/selftests/bpf/verifier/sock.c | 45 +++++++++++++++++++++++++++++; 2 files changed, 56 insertions(+), 1 deletion(-)","This commit adds tests to verify valid map types for the bpf_sk_select_reuseport helper in eBPF self-tests.","tests, maps, bpf_sk_select_reuseport","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"7f645462ca01d01abb94d75e6768c8b3ed3a188b","7f645462ca01d01abb94d75e6768c8b3ed3a188b","Wei Yongjun","weiyongjun1@huawei.com","1588234731","Daniel Borkmann","daniel@iogearbox.net","1588256348","9b4fe3e64486b14b38c6598a089e5ca6bc5107cb","18f02ad19e2c2a1d9e1d55a4e1c0cbf51419151c","bpf: Fix error return code in map_lookup_and_delete_elem() Fix to return negative error code -EFAULT from the copy_to_user() error handling case instead of 0, as done elsewhere in this function. Fixes: bd513cd08f10 (""bpf: add MAP_LOOKUP_AND_DELETE_ELEM syscall"") Signed-off-by: Wei Yongjun Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200430081851.166996-1-weiyongjun1@huawei.com","kernel/bpf/syscall.c | 4 +++-; 1 file changed, 3 insertions(+), 1 deletion(-)","Fixes error return code in map_lookup_and_delete_elem function to return -EFAULT instead of 0.","error, return, EFAULT","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"063e688133914505ddb396cc33231f22f12e0685","063e688133914505ddb396cc33231f22f12e0685","Andrii Nakryiko","andriin@fb.com","1588212876","Daniel Borkmann","daniel@iogearbox.net","1588256161","7bc89c3a901b2df4c9d93c35c2b526f8a739f033","91f658587a962378a410cc7dc90e122a4ccd7cf3","libbpf: Fix false uninitialized variable warning Some versions of GCC falsely detect that vi might not be initialized. That's not true, but let's silence it with NULL initialization. Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200430021436.1522502-1-andriin@fb.com","tools/lib/bpf/libbpf.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Fix GCC false uninitialized variable warning by initializing variable with NULL in libbpf.","GCC false uninitialized","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"91f658587a962378a410cc7dc90e122a4ccd7cf3","91f658587a962378a410cc7dc90e122a4ccd7cf3","Luke Nelson","lukenels@cs.washington.edu","1588207887","Daniel Borkmann","daniel@iogearbox.net","1588256090","300253daf28b81fb3300a04e7baa0a66a9f412b7","449e14bfdb83bf772200840a7ac4dcc1d7cacf54","bpf, riscv: Fix stack layout of JITed code on RV32 This patch fixes issues with stackframe unwinding and alignment in the current stack layout for BPF programs on RV32. In the current layout, RV32 fp points to the JIT scratch registers, rather than to the callee-saved registers. This breaks stackframe unwinding, which expects fp to point just above the saved ra and fp registers. This patch fixes the issue by moving the callee-saved registers to be stored on the top of the stack, pointed to by fp. This satisfies the assumptions of stackframe unwinding. This patch also fixes an issue with the old layout that the stack was not aligned to 16 bytes. Stacktrace from JITed code using the old stack layout: [ 12.196249 ] [] walk_stackframe+0x0/0x96 Stacktrace using the new stack layout: [ 13.062888 ] [] walk_stackframe+0x0/0x96 [ 13.063028 ] [] show_stack+0x28/0x32 [ 13.063253 ] [] bpf_prog_82b916b2dfa00464+0x80/0x908 [ 13.063417 ] [] bpf_test_run+0x124/0x39a [ 13.063553 ] [] bpf_prog_test_run_skb+0x234/0x448 [ 13.063704 ] [] __do_sys_bpf+0x766/0x13b4 [ 13.063840 ] [] sys_bpf+0xc/0x14 [ 13.063961 ] [] ret_from_syscall+0x0/0x2 The new code is also simpler to understand and includes an ASCII diagram of the stack layout. Tested on riscv32 QEMU virt machine. Signed-off-by: Luke Nelson Signed-off-by: Daniel Borkmann Acked-by: Xi Wang Link: https://lore.kernel.org/bpf/20200430005127.2205-1-luke.r.nels@gmail.com","arch/riscv/net/bpf_jit_comp32.c | 98 +++++++++++++++++++++++++++--------------; 1 file changed, 65 insertions(+), 33 deletions(-)","This commit fixes stack layout and alignment issues in the RISC-V 32-bit eBPF JIT compiler to correct stackframe unwinding.","stack,alignment,RISC-V","A bug fix. It primarily resolves a bug or issue in the code.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"fad1f1e7dedcd97593e8af36786b6bbdd093990d","fad1f1e7dedcd97593e8af36786b6bbdd093990d","Stephane Eranian","eranian@google.com","1587251948","Arnaldo Carvalho de Melo","acme@redhat.com","1588254512","c3b4f4de75a72251671da21355f62302cb100940","2069425eb3f8257e6e73548030fe65d5f0faca0d","perf script: Remove extraneous newline in perf_sample__fprintf_regs() When printing iregs, there was a double newline printed because perf_sample__fprintf_regs() was printing its own and then at the end of all fields, perf script was adding one. This was causing blank line in the output: Before: $ perf script -Fip,iregs 401b8d ABI:2 DX:0x100 SI:0x4a8340 DI:0x4a9340 401b8d ABI:2 DX:0x100 SI:0x4a9340 DI:0x4a8340 401b8d ABI:2 DX:0x100 SI:0x4a8340 DI:0x4a9340 401b8d ABI:2 DX:0x100 SI:0x4a9340 DI:0x4a8340 After: $ perf script -Fip,iregs 401b8d ABI:2 DX:0x100 SI:0x4a8340 DI:0x4a9340 401b8d ABI:2 DX:0x100 SI:0x4a9340 DI:0x4a8340 401b8d ABI:2 DX:0x100 SI:0x4a8340 DI:0x4a9340 Committer testing: First we need to figure out how to request that registers be recorded, so we use: # perf record -h reg Usage: perf record [] [] or: perf record [] -- [] -I, --intr-regs[=] sample selected machine registers on interrupt, use '-I?' to list register names --buildid-all Record build-id of all DSOs regardless of hits --user-regs[=] sample selected machine registers on interrupt, use '--user-regs=?' to list register names # Ok, now lets ask for them all: # perf record -a --intr-regs --user-regs sleep 1 [ perf record: Woken up 1 times to write data ] [ perf record: Captured and wrote 4.105 MB perf.data (2760 samples) ] # Lets look at the first 6 output lines: # perf script -Fip,iregs | head -6 ffffffff8a06f2f4 ABI:2 AX:0xffffd168fee0a980 BX:0xffff8a23b087f000 CX:0xfffeb69aaeb25d73 DX:0xffff8a253e8310f0 SI:0xfffffff9bafe7359 DI:0xffffb1690204fb10 BP:0xffffd168fee0a950 SP:0xffffb1690204fb88 IP:0xffffffff8a06f2f4 FLAGS:0x4e CS:0x10 SS:0x18 R8:0x1495f0a91129a R9:0xffff8a23b087f000 R10:0x1 R11:0xffffffff R12:0x0 R13:0xffff8a253e827e00 R14:0xffffd168fee0aa5c R15:0xffffd168fee0a980 ffffffff8a06f2f4 ABI:2 AX:0x0 BX:0xffffd168fee0a950 CX:0x5684cc1118491900 DX:0x0 SI:0xffffd168fee0a9d0 DI:0x202 BP:0xffffb1690204fd70 SP:0xffffb1690204fd20 IP:0xffffffff8a06f2f4 FLAGS:0x24e CS:0x10 SS:0x18 R8:0x0 R9:0xffffd168fee0a9d0 R10:0x1 R11:0xffffffff R12:0xffffffff8a23e480 R13:0xffff8a23b087f240 R14:0xffff8a23b087f000 R15:0xffffd168fee0a950 ffffffff8a06f2f4 ABI:2 AX:0x0 BX:0x0 CX:0x7f25f334335b DX:0x0 SI:0x2400 DI:0x4 BP:0x7fff5f264570 SP:0x7fff5f264538 IP:0xffffffff8a06f2f4 FLAGS:0x24e CS:0x10 SS:0x2b R8:0x0 R9:0x2312d20 R10:0x0 R11:0x246 R12:0x22cc0e0 R13:0x0 R14:0x0 R15:0x22d0780 # Reproduced, apply the patch and: [root@five ~]# perf script -Fip,iregs | head -6 ffffffff8a06f2f4 ABI:2 AX:0xffffd168fee0a980 BX:0xffff8a23b087f000 CX:0xfffeb69aaeb25d73 DX:0xffff8a253e8310f0 SI:0xfffffff9bafe7359 DI:0xffffb1690204fb10 BP:0xffffd168fee0a950 SP:0xffffb1690204fb88 IP:0xffffffff8a06f2f4 FLAGS:0x4e CS:0x10 SS:0x18 R8:0x1495f0a91129a R9:0xffff8a23b087f000 R10:0x1 R11:0xffffffff R12:0x0 R13:0xffff8a253e827e00 R14:0xffffd168fee0aa5c R15:0xffffd168fee0a980 ffffffff8a06f2f4 ABI:2 AX:0x0 BX:0xffffd168fee0a950 CX:0x5684cc1118491900 DX:0x0 SI:0xffffd168fee0a9d0 DI:0x202 BP:0xffffb1690204fd70 SP:0xffffb1690204fd20 IP:0xffffffff8a06f2f4 FLAGS:0x24e CS:0x10 SS:0x18 R8:0x0 R9:0xffffd168fee0a9d0 R10:0x1 R11:0xffffffff R12:0xffffffff8a23e480 R13:0xffff8a23b087f240 R14:0xffff8a23b087f000 R15:0xffffd168fee0a950 ffffffff8a06f2f4 ABI:2 AX:0x0 BX:0x0 CX:0x7f25f334335b DX:0x0 SI:0x2400 DI:0x4 BP:0x7fff5f264570 SP:0x7fff5f264538 IP:0xffffffff8a06f2f4 FLAGS:0x24e CS:0x10 SS:0x2b R8:0x0 R9:0x2312d20 R10:0x0 R11:0x246 R12:0x22cc0e0 R13:0x0 R14:0x0 R15:0x22d0780 ffffffff8a24074b ABI:2 AX:0xcb BX:0xcb CX:0x0 DX:0x0 SI:0xffffb1690204ff58 DI:0xcb BP:0xffffb1690204ff58 SP:0xffffb1690204ff40 IP:0xffffffff8a24074b FLAGS:0x24e CS:0x10 SS:0x18 R8:0x0 R9:0x0 R10:0x0 R11:0x0 R12:0x0 R13:0x0 R14:0x0 R15:0x0 ffffffff8a310600 ABI:2 AX:0x0 BX:0xffffffff8b8c39a0 CX:0x0 DX:0xffff8a2503890300 SI:0xffffb1690204ff20 DI:0xffff8a23e4080000 BP:0xffff8a23e4080000 SP:0xffffb1690204fec0 IP:0xffffffff8a310600 FLAGS:0x28e CS:0x10 SS:0x18 R8:0x0 R9:0x0 R10:0x0 R11:0x0 R12:0xffffffffffffffea R13:0xffff8a23e4080020 R14:0x0 R15:0x0 ffffffff8a11b688 ABI:2 AX:0x0 BX:0xffff8a237b7c8800 CX:0xffffb1690204fae0 DX:0x78 SI:0xffff8a237b7c8800 DI:0xffffb1690204fa10 BP:0xffffb1690204fb00 SP:0xffffb1690204fa00 IP:0xffffffff8a11b688 FLAGS:0x8a CS:0x10 SS:0x18 R8:0x1495f0a917eba R9:0xffffd168fde19a48 R10:0xffffb1690204fd98 R11:0xffff8a253e82afb0 R12:0xffff8a237b7c8800 R13:0xffffb1690204fb00 R14:0x0 R15:0xffff8a237b7c8800 [root@five ~]# To see it more clearly, lets get just two of those registers by sample: # perf record -a --intr-regs=ax,bx --user-regs=cx,dx sleep 1 [ perf record: Woken up 1 times to write data ] [ perf record: Captured and wrote 3.502 MB perf.data (1653 samples) ] # Extra info, lets see what gets setup in that 'struct perf_event_attr': # perf evlist -v cycles: size: 120, { sample_period, sample_freq }: 4000, sample_type: IP|TID|TIME|CPU|PERIOD|REGS_USER|REGS_INTR, read_format: ID, disabled: 1, inherit: 1, mmap: 1, comm: 1, freq: 1, task: 1, precise_ip: 2, sample_id_all: 1, exclude_guest: 1, mmap2: 1, comm_exec: 1, ksymbol: 1, bpf_event: 1, sample_regs_user: 0xc, sample_regs_intr: 0x3 # Cook, some PERF_SAMPLE_REGS_USER|PERF_SAMPLE_REGS_INTR + attr.sample_regs_user and attr.sample_regs_intr register masks, now lets see if those newlines are gone in a more compact fashion: # perf script -Fip,iregs,uregs ffffffff8a56df78 ABI:2 AX:0xffff8a25137b6028 BX:0xffff8a2502f18000 ABI:2 CX:0x7f204460e49b DX:0xf42920 ffffffff8a56df78 ABI:2 AX:0xffff8a25137b6028 BX:0xffff8a2502f18000 ABI:2 CX:0x7f204460e49b DX:0xf42920 ffffffff8a56df78 ABI:2 AX:0xffff8a25137b6028 BX:0xffff8a2502f18000 ABI:2 CX:0x7f204460e49b DX:0xf42920 ffffffff8a56df78 ABI:2 AX:0xffff8a25137b6028 BX:0xffff8a2502f18000 ABI:2 CX:0x7f204460e49b DX:0xf42920 ffffffff8a56df78 ABI:2 AX:0xffff8a25137b6028 BX:0xffff8a2502f18000 ABI:2 CX:0x7f204460e49b DX:0xf42920 ffffffff8a56df78 ABI:2 AX:0xffff8a25137b6028 BX:0xffff8a2502f18000 ABI:2 CX:0x7f204460e49b DX:0xf42920 ffffffff8a29b78d ABI:2 AX:0x2a20ffcd6000 BX:0x2ec7d9000 ABI:2 CX:0x7f204460e49b DX:0xf42920 # And where was that? # perf script -Fip,iregs,uregs,sym,dso ffffffff8a56df78 strrchr (/lib/modules/5.7.0-rc2/build/vmlinux) ABI:2 AX:0xffff8a25137b6028 BX:0xffff8a2502f18000 ABI:2 CX:0x7f204460e49b DX:0xf42920 ffffffff8a56df78 strrchr (/lib/modules/5.7.0-rc2/build/vmlinux) ABI:2 AX:0xffff8a25137b6028 BX:0xffff8a2502f18000 ABI:2 CX:0x7f204460e49b DX:0xf42920 ffffffff8a56df78 strrchr (/lib/modules/5.7.0-rc2/build/vmlinux) ABI:2 AX:0xffff8a25137b6028 BX:0xffff8a2502f18000 ABI:2 CX:0x7f204460e49b DX:0xf42920 ffffffff8a56df78 strrchr (/lib/modules/5.7.0-rc2/build/vmlinux) ABI:2 AX:0xffff8a25137b6028 BX:0xffff8a2502f18000 ABI:2 CX:0x7f204460e49b DX:0xf42920 ffffffff8a56df78 strrchr (/lib/modules/5.7.0-rc2/build/vmlinux) ABI:2 AX:0xffff8a25137b6028 BX:0xffff8a2502f18000 ABI:2 CX:0x7f204460e49b DX:0xf42920 ffffffff8a56df78 strrchr (/lib/modules/5.7.0-rc2/build/vmlinux) ABI:2 AX:0xffff8a25137b6028 BX:0xffff8a2502f18000 ABI:2 CX:0x7f204460e49b DX:0xf42920 ffffffff8a29b78d __vma_link_rb (/lib/modules/5.7.0-rc2/build/vmlinux) ABI:2 AX:0x2a20ffcd6000 BX:0x2ec7d9000 ABI:2 CX:0x7f204460e49b DX:0xf42920 # Signed-off-by: Stephane Eranian Tested-by: Arnaldo Carvalho de Melo Cc: Andi Kleen Cc: Ian Rogers Cc: Jiri Olsa Cc: Kan Liang Cc: Peter Zijlstra Link: http://lore.kernel.org/lkml/20200418231908.152212-1-eranian@google.com Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/builtin-script.c | 2 --; 1 file changed, 2 deletions(-)","The commit removes an unnecessary newline from the perf_sample__fprintf_regs function to correct output formatting issues in perf script.","newline,perf,formatting","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"449e14bfdb83bf772200840a7ac4dcc1d7cacf54","449e14bfdb83bf772200840a7ac4dcc1d7cacf54","Arnd Bergmann","arnd@arndb.de","1588166518","Daniel Borkmann","daniel@iogearbox.net","1588198882","7732e14fc869413c8315acf9eef20e3929f96b57","0b9ad56b1ea66382a3dcc8e3e7c54967bf8c6d94","bpf: Fix unused variable warning Hiding the only using of bpf_link_type_strs[] in an #ifdef causes an unused-variable warning: kernel/bpf/syscall.c:2280:20: error: 'bpf_link_type_strs' defined but not used [-Werror=unused-variable] 2280 | static const char *bpf_link_type_strs[] = { Move the definition into the same #ifdef. Fixes: f2e10bff16a0 (""bpf: Add support for BPF_OBJ_GET_INFO_BY_FD for bpf_link"") Signed-off-by: Arnd Bergmann Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200429132217.1294289-1-arnd@arndb.de","kernel/bpf/syscall.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Fixes an unused variable warning by moving its definition into an appropriate #ifdef block.","unused, variable, #ifdef","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"0b9ad56b1ea66382a3dcc8e3e7c54967bf8c6d94","0b9ad56b1ea66382a3dcc8e3e7c54967bf8c6d94","Jakub Sitnicki","jakub@cloudflare.com","1588183914","Daniel Borkmann","daniel@iogearbox.net","1588195860","41b9c7b0452287c11e5e08c8a6ee067d664db85e","34a2cc6eee809f974111979f4c2b3c62aaaad457","selftests/bpf: Use SOCKMAP for server sockets in bpf_sk_assign test Update bpf_sk_assign test to fetch the server socket from SOCKMAP, now that map lookup from BPF in SOCKMAP is enabled. This way the test TC BPF program doesn't need to know what address server socket is bound to. Signed-off-by: Jakub Sitnicki Signed-off-by: Daniel Borkmann Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200429181154.479310-4-jakub@cloudflare.com","tools/testing/selftests/bpf/Makefile | 2 +-; tools/testing/selftests/bpf/prog_tests/sk_assign.c | 21 +++++-; tools/testing/selftests/bpf/progs/test_sk_assign.c | 82 +++++++++-------------; 3 files changed, 53 insertions(+), 52 deletions(-)","The commit updates the bpf_sk_assign test to use SOCKMAP for fetching server sockets instead of predefined addresses.","SOCKMAP, bpf_sk_assign, selftests","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"34a2cc6eee809f974111979f4c2b3c62aaaad457","34a2cc6eee809f974111979f4c2b3c62aaaad457","Jakub Sitnicki","jakub@cloudflare.com","1588183913","Daniel Borkmann","daniel@iogearbox.net","1588195859","0d040f5dfba95a525da7a3046a73a06e79a87e2d","64d85290d79c0677edb5a8ee2295b36c022fa5df","selftests/bpf: Test that lookup on SOCKMAP/SOCKHASH is allowed Now that bpf_map_lookup_elem() is white-listed for SOCKMAP/SOCKHASH, replace the tests which check that verifier prevents lookup on these map types with ones that ensure that lookup operation is permitted, but only with a release of acquired socket reference. Signed-off-by: Jakub Sitnicki Signed-off-by: Daniel Borkmann Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200429181154.479310-3-jakub@cloudflare.com",".../selftests/bpf/verifier/prevent_map_lookup.c | 30 ----------; tools/testing/selftests/bpf/verifier/sock.c | 70 ++++++++++++++++++++++; 2 files changed, 70 insertions(+), 30 deletions(-)","The commit updates selftests to check that bpf_map_lookup_elem is permitted on SOCKMAP/SOCKHASH with proper socket reference release.","selftests,SOCKMAP,lookup","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"64d85290d79c0677edb5a8ee2295b36c022fa5df","64d85290d79c0677edb5a8ee2295b36c022fa5df","Jakub Sitnicki","jakub@cloudflare.com","1588183912","Daniel Borkmann","daniel@iogearbox.net","1588195859","b8bc403085811e0d4358be3d4d57ae24a6ff1e2f","0b3b9ca3d154486baa08a41cbc62fde67ba8c6c3","bpf: Allow bpf_map_lookup_elem for SOCKMAP and SOCKHASH White-list map lookup for SOCKMAP/SOCKHASH from BPF. Lookup returns a pointer to a full socket and acquires a reference if necessary. To support it we need to extend the verifier to know that: (1) register storing the lookup result holds a pointer to socket, if lookup was done on SOCKMAP/SOCKHASH, and that (2) map lookup on SOCKMAP/SOCKHASH is a reference acquiring operation, which needs a corresponding reference release with bpf_sk_release. On sock_map side, lookup handlers exposed via bpf_map_ops now bump sk_refcnt if socket is reference counted. In turn, bpf_sk_select_reuseport, the only in-kernel user of SOCKMAP/SOCKHASH ops->map_lookup_elem, was updated to release the reference. Sockets fetched from a map can be used in the same way as ones returned by BPF socket lookup helpers, such as bpf_sk_lookup_tcp. In particular, they can be used with bpf_sk_assign to direct packets toward a socket on TC ingress path. Suggested-by: Lorenz Bauer Signed-off-by: Jakub Sitnicki Signed-off-by: Daniel Borkmann Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200429181154.479310-2-jakub@cloudflare.com","kernel/bpf/verifier.c | 45 +++++++++++++++++++++++++++++++++++----------; net/core/filter.c | 4 ++++; net/core/sock_map.c | 18 ++++++++++++++++--; 3 files changed, 55 insertions(+), 12 deletions(-)","This commit enables socket reference management for bpf_map_lookup_elem on SOCKMAP and SOCKHASH types.","SOCKMAP SOCKHASH reference","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"0b3b9ca3d154486baa08a41cbc62fde67ba8c6c3","0b3b9ca3d154486baa08a41cbc62fde67ba8c6c3","Quentin Monnet","quentin@isovalent.com","1588171506","Daniel Borkmann","daniel@iogearbox.net","1588195511","ec30b445def82778746dca7a9f5ad752abaf7112","cf9bf714523dbbc97953be6de6ca14d57d4f8a21","tools: bpftool: Make libcap dependency optional The new libcap dependency is not used for an essential feature of bpftool, and we could imagine building the tool without checks on CAP_SYS_ADMIN by disabling probing features as an unprivileged users. Make it so, in order to avoid a hard dependency on libcap, and to ease packaging/embedding of bpftool. Signed-off-by: Quentin Monnet Signed-off-by: Daniel Borkmann Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200429144506.8999-4-quentin@isovalent.com",".../bpf/bpftool/Documentation/bpftool-feature.rst | 4 +++-; tools/bpf/bpftool/Makefile | 13 +++++++----; tools/bpf/bpftool/feature.c | 26 ++++++++++++++++++++++; 3 files changed, 38 insertions(+), 5 deletions(-)","The commit makes the libcap dependency optional in bpftool to ease packaging and embedding.","bpftool,libcap,optional","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"cf9bf714523dbbc97953be6de6ca14d57d4f8a21","cf9bf714523dbbc97953be6de6ca14d57d4f8a21","Quentin Monnet","quentin@isovalent.com","1588171505","Daniel Borkmann","daniel@iogearbox.net","1588195511","f2890e332ccafa9c1130f91b1aae9b17f01dc2de","e3450b79dfe47632ffa65042c6d5a6b48263da4e","tools: bpftool: Allow unprivileged users to probe features There is demand for a way to identify what BPF helper functions are available to unprivileged users. To do so, allow unprivileged users to run ""bpftool feature probe"" to list BPF-related features. This will only show features accessible to those users, and may not reflect the full list of features available (to administrators) on the system. To avoid the case where bpftool is inadvertently run as non-root and would list only a subset of the features supported by the system when it would be expected to list all of them, running as unprivileged is gated behind the ""unprivileged"" keyword passed to the command line. When used by a privileged user, this keyword allows to drop the CAP_SYS_ADMIN and to list the features available to unprivileged users. Note that this addsd a dependency on libpcap for compiling bpftool. Note that there is no particular reason why the probes were restricted to root, other than the fact I did not need them for unprivileged and did not bother with the additional checks at the time probes were added. Signed-off-by: Quentin Monnet Signed-off-by: Daniel Borkmann Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200429144506.8999-3-quentin@isovalent.com",".../bpf/bpftool/Documentation/bpftool-feature.rst | 10 +-; tools/bpf/bpftool/Makefile | 2 +-; tools/bpf/bpftool/bash-completion/bpftool | 2 +-; tools/bpf/bpftool/feature.c | 102 ++++++++++++++++++---; 4 files changed, 100 insertions(+), 16 deletions(-)","This commit allows unprivileged users to use bpftool to probe available BPF features on a system.","bpftool,unprivileged,features","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"e3450b79dfe47632ffa65042c6d5a6b48263da4e","e3450b79dfe47632ffa65042c6d5a6b48263da4e","Quentin Monnet","quentin@isovalent.com","1588171504","Daniel Borkmann","daniel@iogearbox.net","1588195511","fc8ec16eecc92c97f72c9b92fbc96bec5f9da2f9","fd9c40c575a023c6dc9faecce1af81a464615375","tools: bpftool: For ""feature probe"" define ""full_mode"" bool as global The ""full_mode"" variable used for switching between full or partial feature probing (i.e. with or without probing helpers that will log warnings in kernel logs) was piped from the main do_probe() function down to probe_helpers_for_progtype(), where it is needed. Define it as a global variable: the calls will be more readable, and if other similar flags were to be used in the future, we could use global variables as well instead of extending again the list of arguments with new flags. Signed-off-by: Quentin Monnet Signed-off-by: Daniel Borkmann Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/20200429144506.8999-2-quentin@isovalent.com","tools/bpf/bpftool/feature.c | 15 +++++++--------; 1 file changed, 7 insertions(+), 8 deletions(-)","Refactor bpftool feature probe by making the full_mode variable global for improved code readability and potential future flag handling.","bpftool,global,refactor","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"e4e8f4d047fdcf7ac7d944e266e85d8041f16cd6","e4e8f4d047fdcf7ac7d944e266e85d8041f16cd6","Andrii Nakryiko","andriin@fb.com","1588123271","Alexei Starovoitov","ast@kernel.org","1588128485","601fc375ee4e37badeb290d7af73c9b3870ebe15","8d30e80a049ad699264e4a12911e349f93c7279a","selftests/bpf: Add runqslower binary to .gitignore With recent changes, runqslower is being copied into selftests/bpf root directory. So add it into .gitignore. Fixes: b26d1e2b6028 (""selftests/bpf: Copy runqslower to OUTPUT directory"") Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Cc: Veronika Kabatova Link: https://lore.kernel.org/bpf/20200429012111.277390-12-andriin@fb.com","tools/testing/selftests/bpf/.gitignore | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Added runqslower binary to .gitignore in selftests/bpf directory due to recent changes.","gitignore,selftests,runqslower","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"8d30e80a049ad699264e4a12911e349f93c7279a","8d30e80a049ad699264e4a12911e349f93c7279a","Andrii Nakryiko","andriin@fb.com","1588123270","Alexei Starovoitov","ast@kernel.org","1588128485","abfc2b532c66164727d648e7f1092c90b56f6237","36d0b6159f6a6f51f600bf1777702f7036fb9839","selftests/bpf: Fix bpf_link leak in ns_current_pid_tgid selftest If condition is inverted, but it's also just not necessary. Fixes: 1c1052e0140a (""tools/testing/selftests/bpf: Add self-tests for new helper bpf_get_ns_current_pid_tgid."") Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Cc: Carlos Neira Link: https://lore.kernel.org/bpf/20200429012111.277390-11-andriin@fb.com","tools/testing/selftests/bpf/prog_tests/ns_current_pid_tgid.c | 5 +----; 1 file changed, 1 insertion(+), 4 deletions(-)","Fixes a bpf_link memory leak in the selftest for bpf_get_ns_current_pid_tgid helper.","bpf_link, selftest, leak","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"36d0b6159f6a6f51f600bf1777702f7036fb9839","36d0b6159f6a6f51f600bf1777702f7036fb9839","Andrii Nakryiko","andriin@fb.com","1588123269","Alexei Starovoitov","ast@kernel.org","1588128485","1c5155a79da98960060508bf5fa5b464b4ee3fcc","3521ffa2ee9a48c3236c93f54ae11c074490ebce","selftests/bpf: Disable ASAN instrumentation for mmap()'ed memory read AddressSanitizer assumes that all memory dereferences are done against memory allocated by sanitizer's malloc()/free() code and not touched by anyone else. Seems like this doesn't hold for perf buffer memory. Disable instrumentation on perf buffer callback function. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200429012111.277390-10-andriin@fb.com","tools/testing/selftests/bpf/prog_tests/perf_buffer.c | 5 +++++; 1 file changed, 5 insertions(+)","The commit disables ASAN instrumentation for memory mapped during perf buffer callbacks in eBPF selftests.","ASAN, instrumentation, perf","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"3521ffa2ee9a48c3236c93f54ae11c074490ebce","3521ffa2ee9a48c3236c93f54ae11c074490ebce","Andrii Nakryiko","andriin@fb.com","1588123268","Alexei Starovoitov","ast@kernel.org","1588128485","77d887266884f290af1c02cdb5ec7fab10157896","13c908495e5d51718a6da84ae925fa2aac056380","libbpf: Fix huge memory leak in libbpf_find_vmlinux_btf_id() BTF object wasn't freed. Fixes: a6ed02cac690 (""libbpf: Load btf_vmlinux only once per object."") Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Cc: KP Singh Link: https://lore.kernel.org/bpf/20200429012111.277390-9-andriin@fb.com","tools/lib/bpf/libbpf.c | 5 ++++-; 1 file changed, 4 insertions(+), 1 deletion(-)","The commit fixes a memory leak issue in the libbpf library related to BTF object handling.","libbpf,BTF,memory","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"13c908495e5d51718a6da84ae925fa2aac056380","13c908495e5d51718a6da84ae925fa2aac056380","Andrii Nakryiko","andriin@fb.com","1588123267","Alexei Starovoitov","ast@kernel.org","1588128485","17dfdb683c42933de1fbb2213550526c273104e2","9f56bb531a809ecaa7f0ddca61d2cf3adc1cb81a","selftests/bpf: Fix invalid memory reads in core_relo selftest Another one found by AddressSanitizer. input_len is bigger than actually initialized data size. Fixes: c7566a69695c (""selftests/bpf: Add field existence CO-RE relocs tests"") Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200429012111.277390-8-andriin@fb.com","tools/testing/selftests/bpf/prog_tests/core_reloc.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","The commit fixes an invalid memory read issue in the core_relo selftest detected by AddressSanitizer in eBPF tests.","fix,memory,selftest","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"9f56bb531a809ecaa7f0ddca61d2cf3adc1cb81a","9f56bb531a809ecaa7f0ddca61d2cf3adc1cb81a","Andrii Nakryiko","andriin@fb.com","1588123266","Alexei Starovoitov","ast@kernel.org","1588128485","21da84b408cfb4672d905865373ce6749c4d94b5","f25d5416d64c796aa639136eb0b076c8bd579b54","selftests/bpf: Fix memory leak in extract_build_id() getline() allocates string, which has to be freed. Fixes: 81f77fd0deeb (""bpf: add selftest for stackmap with BPF_F_STACK_BUILD_ID"") Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Cc: Song Liu Link: https://lore.kernel.org/bpf/20200429012111.277390-7-andriin@fb.com","tools/testing/selftests/bpf/test_progs.c | 1 +; 1 file changed, 1 insertion(+)","This commit fixes a memory leak in the extract_build_id function within BPF selftests.","memory leak, extract_build_id, selftests","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"f25d5416d64c796aa639136eb0b076c8bd579b54","f25d5416d64c796aa639136eb0b076c8bd579b54","Andrii Nakryiko","andriin@fb.com","1588123265","Alexei Starovoitov","ast@kernel.org","1588128485","4ed8683754c2b827cc591fc1a2d1dd164f910c5d","229bf8bf4d910510bc1a2fd0b89bd467cd71050d","selftests/bpf: Fix memory leak in test selector Free test selector substrings, which were strdup()'ed. Fixes: b65053cd94f4 (""selftests/bpf: Add whitelist/blacklist of test names to test_progs"") Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200429012111.277390-6-andriin@fb.com","tools/testing/selftests/bpf/test_progs.c | 20 ++++++++++++++++----; 1 file changed, 16 insertions(+), 4 deletions(-)","The commit fixes a memory leak in the BPF selftests by freeing memory allocated for test selector strings.","memory leak, selftests, strdup","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"229bf8bf4d910510bc1a2fd0b89bd467cd71050d","229bf8bf4d910510bc1a2fd0b89bd467cd71050d","Andrii Nakryiko","andriin@fb.com","1588123264","Alexei Starovoitov","ast@kernel.org","1588128485","cddf013296aff40219e40f654f9c212bd1f070c9","42fce2cfb405e613f0355c4f92429d651bf0a5b3","libbpf: Fix memory leak and possible double-free in hashmap__clear Fix memory leak in hashmap_clear() not freeing hashmap_entry structs for each of the remaining entries. Also NULL-out bucket list to prevent possible double-free between hashmap__clear() and hashmap__free(). Running test_progs-asan flavor clearly showed this problem. Reported-by: Alston Tang Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200429012111.277390-5-andriin@fb.com","tools/lib/bpf/hashmap.c | 7 +++++++; 1 file changed, 7 insertions(+)","This commit addresses a memory leak and double-free prevention in libbpf's hashmap__clear function.","memory leak double-free hashmap","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"42fce2cfb405e613f0355c4f92429d651bf0a5b3","42fce2cfb405e613f0355c4f92429d651bf0a5b3","Andrii Nakryiko","andriin@fb.com","1588123263","Alexei Starovoitov","ast@kernel.org","1588128485","78d7def42a87f25f49ac44cd010255dbdac46e7b","02995dd4bb02a5359a08e44abb3c18c2f456bd19","selftests/bpf: Convert test_hashmap into test_progs test Fold stand-alone test_hashmap test into test_progs. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200429012111.277390-4-andriin@fb.com","tools/testing/selftests/bpf/.gitignore | 2 -; tools/testing/selftests/bpf/Makefile | 2 +-; tools/testing/selftests/bpf/prog_tests/hashmap.c | 380 ++++++++++++++++++++++; tools/testing/selftests/bpf/test_hashmap.c | 382 -----------------------; 4 files changed, 381 insertions(+), 385 deletions(-)","The commit integrates the standalone test_hashmap into the test_progs suite within BPF selftests.","test_hashmap,test_progs,selftests","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"02995dd4bb02a5359a08e44abb3c18c2f456bd19","02995dd4bb02a5359a08e44abb3c18c2f456bd19","Andrii Nakryiko","andriin@fb.com","1588123262","Alexei Starovoitov","ast@kernel.org","1588128485","168dae1d2daf703c4333119a925439273d4dfdd3","76148faa161e7cfb2d7719f35b37d7db4f3f8596","selftests/bpf: Add SAN_CFLAGS param to selftests build to allow sanitizers Add ability to specify extra compiler flags with SAN_CFLAGS for compilation of all user-space C files. This allows to build all of selftest programs with, e.g., custom sanitizer flags, without requiring support for such sanitizers from anyone compiling selftest/bpf. As an example, to compile everything with AddressSanitizer, one would do: $ make clean && make SAN_CFLAGS=""-fsanitize=address"" For AddressSanitizer to work, one needs appropriate libasan shared library installed in the system, with version of libasan matching what GCC links against. E.g., GCC8 needs libasan5, while GCC7 uses libasan4. For CentOS 7, to build everything successfully one would need to: $ sudo yum install devtoolset-8-gcc devtoolset-libasan-devel $ scl enable devtoolset-8 bash # set up environment For Arch Linux to run selftests, one would need to install gcc-libs package to get libasan.so.5: $ sudo pacman -S gcc-libs N.B. EXTRA_CFLAGS name wasn't used, because it's also used by libbpf's Makefile and this causes few issues: 1. default ""-g -Wall"" flags are overriden; 2. compiling shared library with AddressSanitizer generates a bunch of symbols like: ""_GLOBAL__sub_D_00099_0_btf_dump.c"", ""_GLOBAL__sub_D_00099_0_bpf.c"", etc, which screws up versioned symbols check. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Cc: Julia Kartseva Link: https://lore.kernel.org/bpf/20200429012111.277390-3-andriin@fb.com","tools/testing/selftests/bpf/Makefile | 7 ++++---; 1 file changed, 4 insertions(+), 3 deletions(-)","Added SAN_CFLAGS parameter in selftests/bpf Makefile to support custom sanitizer flags during test builds.","SAN_CFLAGS,selftests,Makefile","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"76148faa161e7cfb2d7719f35b37d7db4f3f8596","76148faa161e7cfb2d7719f35b37d7db4f3f8596","Andrii Nakryiko","andriin@fb.com","1588123261","Alexei Starovoitov","ast@kernel.org","1588128484","388dd662dc6146f01de1b87f002fc78bac740f6d","3271e8f3f63d4793ce9e4a00d3f8b436b9e8d5b4","selftests/bpf: Ensure test flavors use correct skeletons Ensure that test runner flavors include their own skeletons from / directory. Previously, skeletons generated for no-flavor test_progs were used. Apart from fixing correctness, this also makes it possible to compile only flavors individually: $ make clean && make test_progs-no_alu32 ... now succeeds ... Fixes: 74b5a5968fe8 (""selftests/bpf: Replace test_progs and test_maps w/ general rule"") Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200429012111.277390-2-andriin@fb.com","tools/testing/selftests/bpf/Makefile | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","This commit ensures BPF test flavors use correct skeletons for individual compilation.","selftests,bpf,skeletons","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"3271e8f3f63d4793ce9e4a00d3f8b436b9e8d5b4","3271e8f3f63d4793ce9e4a00d3f8b436b9e8d5b4","Alexei Starovoitov","ast@kernel.org","1588120503","Alexei Starovoitov","ast@kernel.org","1588120548","9d13ddbdc3ac707e0f674ef643b8cf028e914377","1f427a8077996f8aaefbc99e40ff3068ee627d8d 646f02ffdd49c466cb81642c2b013beb80092d01","Merge branch 'BTF-map-in-map' Andrii Nakryiko says: ==================== This patch set teaches libbpf how to declare and initialize ARRAY_OF_MAPS and HASH_OF_MAPS maps. See patch #3 for all the details. Patch #1 refactors parsing BTF definition of map to re-use it cleanly for inner map definition parsing. Patch #2 refactors map creation and destruction logic for reuse. It also fixes existing bug with not closing successfully created maps when bpf_object map creation overall fails. Patch #3 adds support for an extension of BTF-defined map syntax, as well as parsing, recording, and use of relocations to allow declaratively initialize outer maps with references to inner maps. v1->v2: - rename __inner to __array (Alexei). ==================== Signed-off-by: Alexei Starovoitov ","","This commit merges changes for supporting 'BTF-map-in-map' in libbpf, enhancing map initialization and fixing bugs.","BTF, libbpf, maps","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"646f02ffdd49c466cb81642c2b013beb80092d01","646f02ffdd49c466cb81642c2b013beb80092d01","Andrii Nakryiko","andriin@fb.com","1588120059","Alexei Starovoitov","ast@kernel.org","1588120503","9d13ddbdc3ac707e0f674ef643b8cf028e914377","2d39d7c56f115148b05d1d8c6b8698a5730c8b53","libbpf: Add BTF-defined map-in-map support As discussed at LPC 2019 ([0]), this patch brings (a quite belated) support for declarative BTF-defined map-in-map support in libbpf. It allows to define ARRAY_OF_MAPS and HASH_OF_MAPS BPF maps without any user-space initialization code involved. Additionally, it allows to initialize outer map's slots with references to respective inner maps at load time, also completely declaratively. Despite a weak type system of C, the way BTF-defined map-in-map definition works, it's actually quite hard to accidentally initialize outer map with incompatible inner maps. This being C, of course, it's still possible, but even that would be caught at load time and error returned with helpful debug log pointing exactly to the slot that failed to be initialized. As an example, here's a rather advanced HASH_OF_MAPS declaration and initialization example, filling slots #0 and #4 with two inner maps: #include struct inner_map { __uint(type, BPF_MAP_TYPE_ARRAY); __uint(max_entries, 1); __type(key, int); __type(value, int); } inner_map1 SEC("".maps""), inner_map2 SEC("".maps""); struct outer_hash { __uint(type, BPF_MAP_TYPE_HASH_OF_MAPS); __uint(max_entries, 5); __uint(key_size, sizeof(int)); __array(values, struct inner_map); } outer_hash SEC("".maps"") = { .values = { [0] = &inner_map2, [4] = &inner_map1, }, }; Here's the relevant part of libbpf debug log showing pretty clearly of what's going on with map-in-map initialization: libbpf: .maps relo #0: for 6 value 0 rel.r_offset 96 name 260 ('inner_map1') libbpf: .maps relo #0: map 'outer_arr' slot [0] points to map 'inner_map1' libbpf: .maps relo #1: for 7 value 32 rel.r_offset 112 name 249 ('inner_map2') libbpf: .maps relo #1: map 'outer_arr' slot [2] points to map 'inner_map2' libbpf: .maps relo #2: for 7 value 32 rel.r_offset 144 name 249 ('inner_map2') libbpf: .maps relo #2: map 'outer_hash' slot [0] points to map 'inner_map2' libbpf: .maps relo #3: for 6 value 0 rel.r_offset 176 name 260 ('inner_map1') libbpf: .maps relo #3: map 'outer_hash' slot [4] points to map 'inner_map1' libbpf: map 'inner_map1': created successfully, fd=4 libbpf: map 'inner_map2': created successfully, fd=5 libbpf: map 'outer_hash': created successfully, fd=7 libbpf: map 'outer_hash': slot [0] set to map 'inner_map2' fd=5 libbpf: map 'outer_hash': slot [4] set to map 'inner_map1' fd=4 Notice from the log above that fd=6 (not logged explicitly) is used for inner ""prototype"" map, necessary for creation of outer map. It is destroyed immediately after outer map is created. See also included selftest with some extra comments explaining extra details of usage. Additionally, similar initialization syntax and libbpf functionality can be used to do initialization of BPF_PROG_ARRAY with references to BPF sub-programs. This can be done in follow up patches, if there will be a demand for this. [0] https://linuxplumbersconf.org/event/4/contributions/448/ Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Acked-by: Toke Høiland-Jørgensen Link: https://lore.kernel.org/bpf/20200429002739.48006-4-andriin@fb.com","tools/lib/bpf/bpf_helpers.h | 1 +; tools/lib/bpf/libbpf.c | 281 +++++++++++++++++++--; .../selftests/bpf/prog_tests/btf_map_in_map.c | 49 ++++; .../selftests/bpf/progs/test_btf_map_in_map.c | 76 ++++++; 4 files changed, 384 insertions(+), 23 deletions(-)","Adds support for BTF-defined map-in-map feature in libbpf allowing a declarative way to initialize outer maps with inner maps.","BTF,libbpf,map-in-map","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"2d39d7c56f115148b05d1d8c6b8698a5730c8b53","2d39d7c56f115148b05d1d8c6b8698a5730c8b53","Andrii Nakryiko","andriin@fb.com","1588120058","Alexei Starovoitov","ast@kernel.org","1588120503","2543255be722f52abf7e2cde02c6200a4e102ff2","41017e56af6cf99122c86655f60fe4e1b75ecf48","libbpf: Refactor map creation logic and fix cleanup leak Factor out map creation and destruction logic to simplify code and especially error handling. Also fix map FD leak in case of partially successful map creation during bpf_object load operation. Fixes: 57a00f41644f (""libbpf: Add auto-pinning of maps when loading BPF objects"") Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Acked-by: Toke Høiland-Jørgensen Link: https://lore.kernel.org/bpf/20200429002739.48006-3-andriin@fb.com","tools/lib/bpf/libbpf.c | 226 ++++++++++++++++++++++++++-----------------------; 1 file changed, 121 insertions(+), 105 deletions(-)","The commit refactors libbpf's map creation logic and fixes a file descriptor leak issue during BPF object load operations.","map creation, libbpf, cleanup","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"41017e56af6cf99122c86655f60fe4e1b75ecf48","41017e56af6cf99122c86655f60fe4e1b75ecf48","Andrii Nakryiko","andriin@fb.com","1588120057","Alexei Starovoitov","ast@kernel.org","1588120503","ea82bb5ec2386221ab5ce4e40f895a8739b323dd","1f427a8077996f8aaefbc99e40ff3068ee627d8d","libbpf: Refactor BTF-defined map definition parsing logic Factor out BTF map definition logic into stand-alone routine for easier reuse for map-in-map case. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200429002739.48006-2-andriin@fb.com","tools/lib/bpf/libbpf.c | 195 ++++++++++++++++++++++++++-----------------------; 1 file changed, 103 insertions(+), 92 deletions(-)","Refactor libbpf by factoring out BTF map definition logic for easier reuse, particularly in map-in-map scenarios.","refactor,BTF,map","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"1f427a8077996f8aaefbc99e40ff3068ee627d8d","1f427a8077996f8aaefbc99e40ff3068ee627d8d","Alexei Starovoitov","ast@kernel.org","1588120028","Alexei Starovoitov","ast@kernel.org","1588120085","117f3fbc26264d8f0fc03a8c469e50b2338cbc5f","9b329d0dbe413bf46eb5010edd06b3076960a60a 5d085ad2e68cceec8332b23ea8f630a28b506366","Merge branch 'bpf_link-observability' Andrii Nakryiko says: ==================== This patch series adds various observability APIs to bpf_link: - each bpf_link now gets ID, similar to bpf_map and bpf_prog, by which user-space can iterate over all existing bpf_links and create limited FD from ID; - allows to get extra object information with bpf_link general and type-specific information; - implements `bpf link show` command which lists all active bpf_links in the system; - implements `bpf link pin` allowing to pin bpf_link by ID or from other pinned path. v2->v3: - improve spin locking around bpf_link ID (Alexei); - simplify bpf_link_info handling and fix compilation error on sh arch; v1->v2: - simplified `bpftool link show` implementation (Quentin); - fixed formatting of bpftool-link.rst (Quentin); - fixed attach type printing logic (Quentin); rfc->v1: - dropped read-only bpf_links (Alexei); - fixed bug in bpf_link_cleanup() not removing ID; - fixed bpftool link pinning search logic; - added bash-completion and man page. ==================== Signed-off-by: Alexei Starovoitov ","","This commit merges changes that enhance observability for bpf_link by adding new commands and managing IDs.","observability, bpf_link, ID","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"5d085ad2e68cceec8332b23ea8f630a28b506366","5d085ad2e68cceec8332b23ea8f630a28b506366","Andrii Nakryiko","andriin@fb.com","1588119374","Alexei Starovoitov","ast@kernel.org","1588120028","117f3fbc26264d8f0fc03a8c469e50b2338cbc5f","7464d013ccd4db8544df5eddb05ddd509b9c46e5","bpftool: Add link bash completions Extend bpftool's bash-completion script to handle new link command and its sub-commands. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Reviewed-by: Quentin Monnet Link: https://lore.kernel.org/bpf/20200429001614.1544-11-andriin@fb.com","tools/bpf/bpftool/bash-completion/bpftool | 39 +++++++++++++++++++++++++++++++; 1 file changed, 39 insertions(+)","The commit adds support for bash completions to bpftool's new link command and its sub-commands.","bpftool,bash,completions","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"7464d013ccd4db8544df5eddb05ddd509b9c46e5","7464d013ccd4db8544df5eddb05ddd509b9c46e5","Andrii Nakryiko","andriin@fb.com","1588119373","Alexei Starovoitov","ast@kernel.org","1588120028","b0fd2d32e55364eea9fab108d2509960f2790667","c5481f9a954f27b8730c1dfeebbc9b3b5b2b2481","bpftool: Add bpftool-link manpage Add bpftool-link manpage with information and examples of link-related commands. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Reviewed-by: Quentin Monnet Link: https://lore.kernel.org/bpf/20200429001614.1544-10-andriin@fb.com","tools/bpf/bpftool/Documentation/bpftool-link.rst | 118 +++++++++++++++++++++++; 1 file changed, 118 insertions(+)","This commit introduces a new manpage for bpftool-link with examples of link-related commands.","bpftool-link, manpage, examples","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"c5481f9a954f27b8730c1dfeebbc9b3b5b2b2481","c5481f9a954f27b8730c1dfeebbc9b3b5b2b2481","Andrii Nakryiko","andriin@fb.com","1588119372","Alexei Starovoitov","ast@kernel.org","1588120028","1216fbaf2b507e41c05885879ca289d9293e8e2b","50325b1761e31ad17d252e795af72a9af8c5a7d7","bpftool: Add bpf_link show and pin support Add `bpftool link show` and `bpftool link pin` commands. Example plain output for `link show` (with showing pinned paths): [vmuser@archvm bpf]$ sudo ~/local/linux/tools/bpf/bpftool/bpftool -f link 1: tracing prog 12 prog_type tracing attach_type fentry pinned /sys/fs/bpf/my_test_link pinned /sys/fs/bpf/my_test_link2 2: tracing prog 13 prog_type tracing attach_type fentry 3: tracing prog 14 prog_type tracing attach_type fentry 4: tracing prog 15 prog_type tracing attach_type fentry 5: tracing prog 16 prog_type tracing attach_type fentry 6: tracing prog 17 prog_type tracing attach_type fentry 7: raw_tracepoint prog 21 tp 'sys_enter' 8: cgroup prog 25 cgroup_id 584 attach_type egress 9: cgroup prog 25 cgroup_id 599 attach_type egress 10: cgroup prog 25 cgroup_id 614 attach_type egress 11: cgroup prog 25 cgroup_id 629 attach_type egress Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Reviewed-by: Quentin Monnet Link: https://lore.kernel.org/bpf/20200429001614.1544-9-andriin@fb.com","tools/bpf/bpftool/common.c | 2 +; tools/bpf/bpftool/link.c | 333 +++++++++++++++++++++++++++++++++++++++++++++; tools/bpf/bpftool/main.c | 6 +-; tools/bpf/bpftool/main.h | 5 +; 4 files changed, 345 insertions(+), 1 deletion(-)","The commit adds 'bpf_link show' and 'bpf_link pin' support to the bpftool utility for displaying and managing eBPF link states.","bpftool, link, commands","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"50325b1761e31ad17d252e795af72a9af8c5a7d7","50325b1761e31ad17d252e795af72a9af8c5a7d7","Andrii Nakryiko","andriin@fb.com","1588119371","Alexei Starovoitov","ast@kernel.org","1588120028","8906e3ed16ed15ff936df0460050ce4459645ecd","2c2837b09e9ab4874353186599609fa2e1ccabce","bpftool: Expose attach_type-to-string array to non-cgroup code Move attach_type_strings into main.h for access in non-cgroup code. bpf_attach_type is used for non-cgroup attach types quite widely now. So also complete missing string translations for non-cgroup attach types. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Reviewed-by: Quentin Monnet Link: https://lore.kernel.org/bpf/20200429001614.1544-8-andriin@fb.com","tools/bpf/bpftool/cgroup.c | 48 +++++++++++++++-------------------------------; tools/bpf/bpftool/main.h | 32 +++++++++++++++++++++++++++++++; 2 files changed, 47 insertions(+), 33 deletions(-)","The commit moves attach_type_strings to main.h for access by non-cgroup code in bpftool and completes missing string translations for non-cgroup attach types.","bpftool,attach_type_strings,non-cgroup","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"2c2837b09e9ab4874353186599609fa2e1ccabce","2c2837b09e9ab4874353186599609fa2e1ccabce","Andrii Nakryiko","andriin@fb.com","1588119370","Alexei Starovoitov","ast@kernel.org","1588120028","0e0412388fc77286acd54445ed4c6deccdcc18fa","0dbc866832a0fbf9f2b98d412da44c5cfd1b7756","selftests/bpf: Test bpf_link's get_next_id, get_fd_by_id, and get_obj_info Extend bpf_obj_id selftest to verify bpf_link's observability APIs. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200429001614.1544-7-andriin@fb.com",".../testing/selftests/bpf/prog_tests/bpf_obj_id.c | 110 +++++++++++++++++++--; tools/testing/selftests/bpf/progs/test_obj_id.c | 14 +--; 2 files changed, 104 insertions(+), 20 deletions(-)","Enhancement of bpf selftests to verify observability APIs for bpf_link.","bpf_link,selftests,observability","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"0dbc866832a0fbf9f2b98d412da44c5cfd1b7756","0dbc866832a0fbf9f2b98d412da44c5cfd1b7756","Andrii Nakryiko","andriin@fb.com","1588119369","Alexei Starovoitov","ast@kernel.org","1588120028","c34dd9df1ba6d23c9bba3034467376a2c08fd52c","f2e10bff16a0fdd41ba278c84da9813700e356af","libbpf: Add low-level APIs for new bpf_link commands Add low-level API calls for bpf_link_get_next_id() and bpf_link_get_fd_by_id(). Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200429001614.1544-6-andriin@fb.com","tools/lib/bpf/bpf.c | 19 +++++++++++++++++--; tools/lib/bpf/bpf.h | 4 +++-; tools/lib/bpf/libbpf.map | 6 ++++++; 3 files changed, 26 insertions(+), 3 deletions(-)","This commit adds low-level APIs to libbpf for new bpf_link commands.","libbpf, bpf_link, APIs","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"f2e10bff16a0fdd41ba278c84da9813700e356af","f2e10bff16a0fdd41ba278c84da9813700e356af","Andrii Nakryiko","andriin@fb.com","1588119368","Alexei Starovoitov","ast@kernel.org","1588120028","16f010477a98090542c424315f405b2f5e3b2d44","2d602c8cf40d65d4a7ac34fe18648d8778e6e594","bpf: Add support for BPF_OBJ_GET_INFO_BY_FD for bpf_link Add ability to fetch bpf_link details through BPF_OBJ_GET_INFO_BY_FD command. Also enhance show_fdinfo to potentially include bpf_link type-specific information (similarly to obj_info). Also introduce enum bpf_link_type stored in bpf_link itself and expose it in UAPI. bpf_link_tracing also now will store and return bpf_attach_type. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200429001614.1544-5-andriin@fb.com","include/linux/bpf-cgroup.h | 2 -; include/linux/bpf.h | 8 ++-; include/linux/bpf_types.h | 6 ++; include/uapi/linux/bpf.h | 28 ++++++++; kernel/bpf/btf.c | 2 +; kernel/bpf/cgroup.c | 43 +++++++++++-; kernel/bpf/syscall.c | 155 ++++++++++++++++++++++++++++++++++++-----; kernel/bpf/verifier.c | 2 +; tools/include/uapi/linux/bpf.h | 31 +++++++++; 9 files changed, 253 insertions(+), 24 deletions(-)","Add support for BPF_OBJ_GET_INFO_BY_FD command to fetch bpf_link details and update related UAPI and structures.","bpf_link BPF_OBJ_GET_INFO_BY_FD UAPI","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"2d602c8cf40d65d4a7ac34fe18648d8778e6e594","2d602c8cf40d65d4a7ac34fe18648d8778e6e594","Andrii Nakryiko","andriin@fb.com","1588119367","Alexei Starovoitov","ast@kernel.org","1588120028","6c34aec45b8df74c35b19e7b7516c788f4dd29fa","a3b80e1078943dc12553166fb08e258463dec013","bpf: Support GET_FD_BY_ID and GET_NEXT_ID for bpf_link Add support to look up bpf_link by ID and iterate over all existing bpf_links in the system. GET_FD_BY_ID code handles not-yet-ready bpf_link by checking that its ID hasn't been set to non-zero value yet. Setting bpf_link's ID is done as the very last step in finalizing bpf_link, together with installing FD. This approach allows users of bpf_link in kernel code to not worry about races between user-space and kernel code that hasn't finished attaching and initializing bpf_link. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200429001614.1544-4-andriin@fb.com","include/uapi/linux/bpf.h | 2 ++; kernel/bpf/syscall.c | 49 ++++++++++++++++++++++++++++++++++++++++++++++++; 2 files changed, 51 insertions(+)","This commit adds support for looking up and iterating over bpf_links using their IDs.","bpf_link, lookup, iterate","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"a3b80e1078943dc12553166fb08e258463dec013","a3b80e1078943dc12553166fb08e258463dec013","Andrii Nakryiko","andriin@fb.com","1588119366","Alexei Starovoitov","ast@kernel.org","1588120028","e022212949f8028eacf0c5d3ad77218d7f1a7b1a","f9d041271cf44ca02eed0cc82e1a6d8c814c53ed","bpf: Allocate ID for bpf_link Generate ID for each bpf_link using IDR, similarly to bpf_map and bpf_prog. bpf_link creation, initialization, attachment, and exposing to user-space through FD and ID is a complicated multi-step process, abstract it away through bpf_link_primer and bpf_link_prime(), bpf_link_settle(), and bpf_link_cleanup() internal API. They guarantee that until bpf_link is properly attached, user-space won't be able to access partially-initialized bpf_link either from FD or ID. All this allows to simplify bpf_link attachment and error handling code. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200429001614.1544-3-andriin@fb.com","include/linux/bpf.h | 17 ++++--; include/uapi/linux/bpf.h | 1 +; kernel/bpf/cgroup.c | 14 ++---; kernel/bpf/syscall.c | 143 ++++++++++++++++++++++++++++++++---------------; 4 files changed, 118 insertions(+), 57 deletions(-)","The commit allocates IDs for bpf_link and introduces APIs to simplify the attachment process and error handling.","bpf_link, ID, attachment","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"f9d041271cf44ca02eed0cc82e1a6d8c814c53ed","f9d041271cf44ca02eed0cc82e1a6d8c814c53ed","Andrii Nakryiko","andriin@fb.com","1588119365","Alexei Starovoitov","ast@kernel.org","1588120027","a248c1de80b38d6ab048574215a164431ce8ea83","9b329d0dbe413bf46eb5010edd06b3076960a60a","bpf: Refactor bpf_link update handling Make bpf_link update support more generic by making it into another bpf_link_ops methods. This allows generic syscall handling code to be agnostic to various conditionally compiled features (e.g., the case of CONFIG_CGROUP_BPF). This also allows to keep link type-specific code to remain static within respective code base. Refactor existing bpf_cgroup_link code and take advantage of this. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200429001614.1544-2-andriin@fb.com","include/linux/bpf-cgroup.h | 12 ------------; include/linux/bpf.h | 3 ++-; kernel/bpf/cgroup.c | 30 ++++++++++++++++++++++++++++--; kernel/bpf/syscall.c | 11 ++++-------; kernel/cgroup/cgroup.c | 27 ---------------------------; 5 files changed, 34 insertions(+), 49 deletions(-)","Refactor bpf_link update handling to support generic syscall and improve maintainability by centralizing logic across different components.","refactor,generic,bpf_link","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"9b329d0dbe413bf46eb5010edd06b3076960a60a","9b329d0dbe413bf46eb5010edd06b3076960a60a","Alexei Starovoitov","ast@kernel.org","1588113048","Alexei Starovoitov","ast@kernel.org","1588113119","bef5d38593986461a5a834c644b3935dec1a97e5","a6bbdf2e750f245d219d39f3c3d06ace2c5871e6","selftests/bpf: fix test_sysctl_prog with alu32 Similar to commit b7a0d65d80a0 (""bpf, testing: Workaround a verifier failure for test_progs"") fix test_sysctl_prog.c as well. Signed-off-by: Alexei Starovoitov ","tools/testing/selftests/bpf/progs/test_sysctl_prog.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Fixes an issue in test_sysctl_prog with alu32 in BPF selftests.","fix, sysctl, test","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"a6bbdf2e750f245d219d39f3c3d06ace2c5871e6","a6bbdf2e750f245d219d39f3c3d06ace2c5871e6","Zou Wei","zou_wei@huawei.com","1588064829","Daniel Borkmann","daniel@iogearbox.net","1588103267","fd8d6d0671763487ba25e05741e63ef24901ae09","b26d1e2b60284dc9f66ffad9ccd5c5da1100bb4b","libbpf: Remove unneeded semicolon in btf_dump_emit_type Fixes the following coccicheck warning: tools/lib/bpf/btf_dump.c:661:4-5: Unneeded semicolon Reported-by: Hulk Robot Signed-off-by: Zou Wei Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/1588064829-70613-1-git-send-email-zou_wei@huawei.com","tools/lib/bpf/btf_dump.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","This commit removes an unneeded semicolon in btf_dump_emit_type to fix a coccicheck warning.","semicolon, coccicheck, libbpf","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"b26d1e2b60284dc9f66ffad9ccd5c5da1100bb4b","b26d1e2b60284dc9f66ffad9ccd5c5da1100bb4b","Veronika Kabatova","vkabatov@redhat.com","1588095462","Daniel Borkmann","daniel@iogearbox.net","1588102040","a2be1e841385a60a3d853df5503967a9ed9cf0b2","0b54142e4b09fbf719eb9fc6fe8bcacbd0547ac3","selftests/bpf: Copy runqslower to OUTPUT directory $(OUTPUT)/runqslower makefile target doesn't actually create runqslower binary in the $(OUTPUT) directory. As lib.mk expects all TEST_GEN_PROGS_EXTENDED (which runqslower is a part of) to be present in the OUTPUT directory, this results in an error when running e.g. `make install`: rsync: link_stat ""tools/testing/selftests/bpf/runqslower"" failed: No such file or directory (2) Copy the binary into the OUTPUT directory after building it to fix the error. Fixes: 3a0d3092a4ed (""selftests/bpf: Build runqslower from selftests"") Signed-off-by: Veronika Kabatova Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200428173742.2988395-1-vkabatov@redhat.com","tools/testing/selftests/bpf/Makefile | 3 ++-; 1 file changed, 2 insertions(+), 1 deletion(-)","Fixes Makefile to ensure 'runqslower' binary is copied to OUTPUT directory for successful test execution.","selftests, Makefile, runqslower","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"0b54142e4b09fbf719eb9fc6fe8bcacbd0547ac3","0b54142e4b09fbf719eb9fc6fe8bcacbd0547ac3","Daniel Borkmann","daniel@iogearbox.net","1588101620","Daniel Borkmann","daniel@iogearbox.net","1588101818","e65147d1aec55854e854a9a00ec9ac17af193208","8c1b2bf16d5944cd5c3a8a72e24ed9e22360c1af 32927393dc1ccd60fb2bdc05b9e8e88753761469","Merge branch 'work.sysctl' of ssh://gitolite.kernel.org/pub/scm/linux/kernel/git/viro/vfs Pull in Christoph Hellwig's series that changes the sysctl's ->proc_handler methods to take kernel pointers instead. It gets rid of the set_fs address space overrides used by BPF. As per discussion, pull in the feature branch into bpf-next as it relates to BPF sysctl progs. Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200427071508.GV23230@ZenIV.linux.org.uk/T/","","The commit merges a branch updating sysctl proc_handler methods for BPF sysctl programs, eliminating set_fs address space overrides.","sysctl, merge, BPF","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"18f02ad19e2c2a1d9e1d55a4e1c0cbf51419151c","18f02ad19e2c2a1d9e1d55a4e1c0cbf51419151c","Xiyu Yang","xiyuyang19@fudan.edu.cn","1587872115","Daniel Borkmann","daniel@iogearbox.net","1588021445","2469e6fd5815c9d482d05637742e15ce603b3e86","37255e7a8f470a7d9678be89c18ba15d6ebf43f7","bpf: Fix sk_psock refcnt leak when receiving message tcp_bpf_recvmsg() invokes sk_psock_get(), which returns a reference of the specified sk_psock object to ""psock"" with increased refcnt. When tcp_bpf_recvmsg() returns, local variable ""psock"" becomes invalid, so the refcount should be decreased to keep refcount balanced. The reference counting issue happens in several exception handling paths of tcp_bpf_recvmsg(). When those error scenarios occur such as ""flags"" includes MSG_ERRQUEUE, the function forgets to decrease the refcnt increased by sk_psock_get(), causing a refcnt leak. Fix this issue by calling sk_psock_put() or pulling up the error queue read handling when those error scenarios occur. Fixes: e7a5f1f1cd000 (""bpf/sockmap: Read psock ingress_msg before sk_receive_queue"") Signed-off-by: Xiyu Yang Signed-off-by: Xin Tan Signed-off-by: Daniel Borkmann Reviewed-by: Jakub Sitnicki Link: https://lore.kernel.org/bpf/1587872115-42805-1-git-send-email-xiyuyang19@fudan.edu.cn","net/ipv4/tcp_bpf.c | 9 ++++++---; 1 file changed, 6 insertions(+), 3 deletions(-)","This commit fixes a reference counting leak in tcp_bpf_recvmsg() by adjusting error handling paths for sk_psock objects.","refcnt,tcp_bpf_recvmsg,psock","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"8c1b2bf16d5944cd5c3a8a72e24ed9e22360c1af","8c1b2bf16d5944cd5c3a8a72e24ed9e22360c1af","Christoph Hellwig","hch@lst.de","1587710614","Daniel Borkmann","daniel@iogearbox.net","1588018822","0daa0a2c700445eb28839516bc5de307d09fed9f","e411eb257b331bf44cbe8845b5351260c8222c6c","bpf, cgroup: Remove unused exports Except for a few of the networking hooks called from modular ipv4 or ipv6 code, all of hooks are just called from guaranteed to be built-in code. Signed-off-by: Christoph Hellwig Signed-off-by: Daniel Borkmann Acked-by: Andrey Ignatov Link: https://lore.kernel.org/bpf/20200424064338.538313-2-hch@lst.de","kernel/bpf/cgroup.c | 4 ----; 1 file changed, 4 deletions(-)","The commit removes unused exports from the cgroup BPF code, primarily improving code maintainability.","unused exports cgroup","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"095f5614bfe16e5b3e191b34ea41b10d6fdd4ced","095f5614bfe16e5b3e191b34ea41b10d6fdd4ced","Xiyu Yang","xiyuyang19@fudan.edu.cn","1587819277","David S. Miller","davem@davemloft.net","1588011436","a5468ac927f1ac27565b6da62f24d080eb95126e","6de556c31061e3b9c36546ffaaac5fdb679a2f14","net/tls: Fix sk_psock refcnt leak in bpf_exec_tx_verdict() bpf_exec_tx_verdict() invokes sk_psock_get(), which returns a reference of the specified sk_psock object to ""psock"" with increased refcnt. When bpf_exec_tx_verdict() returns, local variable ""psock"" becomes invalid, so the refcount should be decreased to keep refcount balanced. The reference counting issue happens in one exception handling path of bpf_exec_tx_verdict(). When ""policy"" equals to NULL but ""psock"" is not NULL, the function forgets to decrease the refcnt increased by sk_psock_get(), causing a refcnt leak. Fix this issue by calling sk_psock_put() on this error path before bpf_exec_tx_verdict() returns. Signed-off-by: Xiyu Yang Signed-off-by: Xin Tan Signed-off-by: David S. Miller ","net/tls/tls_sw.c | 2 ++; 1 file changed, 2 insertions(+)","Fixes a reference count leak in bpf_exec_tx_verdict() by correctly decreasing refcnt during an error path.","refcnt,psock,leak","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"e411eb257b331bf44cbe8845b5351260c8222c6c","e411eb257b331bf44cbe8845b5351260c8222c6c","Mao Wenan","maowenan@huawei.com","1587882995","Daniel Borkmann","daniel@iogearbox.net","1587991400","170b90071dc2c6fa576a1586698d4cbee4da60ee","f131bd3eee9745cc77701296e8bb7ca2b8d3345b","libbpf: Return err if bpf_object__load failed bpf_object__load() has various return code, when it failed to load object, it must return err instead of -EINVAL. Signed-off-by: Mao Wenan Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200426063635.130680-3-maowenan@huawei.com","tools/lib/bpf/libbpf.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Fix bpf_object__load to return an error instead of -EINVAL upon failure.","libbpf,bpf_object,error","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"f131bd3eee9745cc77701296e8bb7ca2b8d3345b","f131bd3eee9745cc77701296e8bb7ca2b8d3345b","Alexei Starovoitov","ast@kernel.org","1587920437","Alexei Starovoitov","ast@kernel.org","1587920443","bb2907b29132c578e7520de58d34065e78419c00","6f8a57ccf8511724e6f48d732cb2940889789ab2 234589012ba0e5bf448e3fdbbac0f4c265dbdd7b","Merge branch 'cloudflare-prog' Lorenz Bauer says: ==================== We've been developing an in-house L4 load balancer based on XDP and TC for a while. Following Alexei's call for more up-to-date examples of production BPF in the kernel tree [1], Cloudflare is making this available under dual GPL-2.0 or BSD 3-clause terms. The code requires at least v5.3 to function correctly. 1: https://lore.kernel.org/bpf/20200326210719.den5isqxntnoqhmv@ast-mbp/ ==================== Signed-off-by: Alexei Starovoitov ","","Cloudflare's load balancer using XDP and TC is merged under dual licenses into the kernel.","XDP,TC,Cloudflare","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', 'tc related type programs. It affects programs managing traffic control (tc) for queuing or prioritizing network traffic.', ""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"234589012ba0e5bf448e3fdbbac0f4c265dbdd7b","234589012ba0e5bf448e3fdbbac0f4c265dbdd7b","Lorenz Bauer","lmb@cloudflare.com","1587754555","Alexei Starovoitov","ast@kernel.org","1587920436","bb2907b29132c578e7520de58d34065e78419c00","6f8a57ccf8511724e6f48d732cb2940889789ab2","selftests/bpf: Add cls_redirect classifier cls_redirect is a TC clsact based replacement for the glb-redirect iptables module available at [1]. It enables what GitHub calls ""second chance"" flows [2], similarly proposed by the Beamer paper [3]. In contrast to glb-redirect, it also supports migrating UDP flows as long as connected sockets are used. cls_redirect is in production at Cloudflare, as part of our own L4 load balancer. We have modified the encapsulation format slightly from glb-redirect: glbgue_chained_routing.private_data_type has been repurposed to form a version field and several flags. Both have been arranged in a way that a private_data_type value of zero matches the current glb-redirect behaviour. This means that cls_redirect will understand packets in glb-redirect format, but not vice versa. The test suite only covers basic features. For example, cls_redirect will correctly forward path MTU discovery packets, but this is not exercised. It is also possible to switch the encapsulation format to GRE on the last hop, which is also not tested. There are two major distinctions from glb-redirect: first, cls_redirect relies on receiving encapsulated packets directly from a router. This is because we don't have access to the neighbour tables from BPF, yet. See forward_to_next_hop for details. Second, cls_redirect performs decapsulation instead of using separate ipip and sit tunnel devices. This avoids issues with the sit tunnel [4] and makes deploying the classifier easier: decapsulated packets appear on the same interface, so existing firewall rules continue to work as expected. The code base started it's life on v4.19, so there are most likely still hold overs from old workarounds. In no particular order: - The function buf_off is required to defeat a clang optimization that leads to the verifier rejecting the program due to pointer arithmetic in the wrong order. - The function pkt_parse_ipv6 is force inlined, because it would otherwise be rejected due to returning a pointer to stack memory. - The functions fill_tuple and classify_tcp contain kludges, because we've run out of function arguments. - The logic in general is rather nested, due to verifier restrictions. I think this is either because the verifier loses track of constants on the stack, or because it can't track enum like variables. 1: https://github.com/github/glb-director/tree/master/src/glb-redirect 2: https://github.com/github/glb-director/blob/master/docs/development/second-chance-design.md 3: https://www.usenix.org/conference/nsdi18/presentation/olteanu 4: https://github.com/github/glb-director/issues/64 Signed-off-by: Lorenz Bauer Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200424185556.7358-2-lmb@cloudflare.com",".../selftests/bpf/prog_tests/cls_redirect.c | 456 +++++++++; .../selftests/bpf/progs/test_cls_redirect.c | 1058 ++++++++++++++++++++; .../selftests/bpf/progs/test_cls_redirect.h | 54 +; tools/testing/selftests/bpf/test_progs.h | 7 +; 4 files changed, 1575 insertions(+)","The commit introduces the cls_redirect classifier in selftests as a TC-based alternative to glb-redirect, supporting UDP flow migration and enhancing L4 load balancing.","cls_redirect,selftests,TC","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['tc related type programs. It affects programs managing traffic control (tc) for queuing or prioritizing network traffic.']" +"6f8a57ccf8511724e6f48d732cb2940889789ab2","6f8a57ccf8511724e6f48d732cb2940889789ab2","Andrii Nakryiko","andriin@fb.com","1587671930","Alexei Starovoitov","ast@kernel.org","1587919657","1638c1eaa2059939a709c26a170f4beac7973337","71d19214776e61b33da48f7c1b46e522c7f78221","bpf: Make verifier log more relevant by default To make BPF verifier verbose log more releavant and easier to use to debug verification failures, ""pop"" parts of log that were successfully verified. This has effect of leaving only verifier logs that correspond to code branches that lead to verification failure, which in practice should result in much shorter and more relevant verifier log dumps. This behavior is made the default behavior and can be overriden to do exhaustive logging by specifying BPF_LOG_LEVEL2 log level. Using BPF_LOG_LEVEL2 to disable this behavior is not ideal, because in some cases it's good to have BPF_LOG_LEVEL2 per-instruction register dump verbosity, but still have only relevant verifier branches logged. But for this patch, I didn't want to add any new flags. It might be worth-while to just rethink how BPF verifier logging is performed and requested and streamline it a bit. But this trimming of successfully verified branches seems to be useful and a good default behavior. To test this, I modified runqslower slightly to introduce read of uninitialized stack variable. Log (**truncated in the middle** to save many lines out of this commit message) BEFORE this change: ; int handle__sched_switch(u64 *ctx) 0: (bf) r6 = r1 ; struct task_struct *prev = (struct task_struct *)ctx[1]; 1: (79) r1 = *(u64 *)(r6 +8) func 'sched_switch' arg1 has btf_id 151 type STRUCT 'task_struct' 2: (b7) r2 = 0 ; struct event event = {}; 3: (7b) *(u64 *)(r10 -24) = r2 last_idx 3 first_idx 0 regs=4 stack=0 before 2: (b7) r2 = 0 4: (7b) *(u64 *)(r10 -32) = r2 5: (7b) *(u64 *)(r10 -40) = r2 6: (7b) *(u64 *)(r10 -48) = r2 ; if (prev->state == TASK_RUNNING) [ ... instruction dump from insn #7 through #50 are cut out ... ] 51: (b7) r2 = 16 52: (85) call bpf_get_current_comm#16 last_idx 52 first_idx 42 regs=4 stack=0 before 51: (b7) r2 = 16 ; bpf_perf_event_output(ctx, &events, BPF_F_CURRENT_CPU, 53: (bf) r1 = r6 54: (18) r2 = 0xffff8881f3868800 56: (18) r3 = 0xffffffff 58: (bf) r4 = r7 59: (b7) r5 = 32 60: (85) call bpf_perf_event_output#25 last_idx 60 first_idx 53 regs=20 stack=0 before 59: (b7) r5 = 32 61: (bf) r2 = r10 ; event.pid = pid; 62: (07) r2 += -16 ; bpf_map_delete_elem(&start, &pid); 63: (18) r1 = 0xffff8881f3868000 65: (85) call bpf_map_delete_elem#3 ; } 66: (b7) r0 = 0 67: (95) exit from 44 to 66: safe from 34 to 66: safe from 11 to 28: R1_w=inv0 R2_w=inv0 R6_w=ctx(id=0,off=0,imm=0) R10=fp0 fp-8=mmmm???? fp-24_w=00000000 fp-32_w=00000000 fp-40_w=00000000 fp-48_w=00000000 ; bpf_map_update_elem(&start, &pid, &ts, 0); 28: (bf) r2 = r10 ; 29: (07) r2 += -16 ; tsp = bpf_map_lookup_elem(&start, &pid); 30: (18) r1 = 0xffff8881f3868000 32: (85) call bpf_map_lookup_elem#1 invalid indirect read from stack off -16+0 size 4 processed 65 insns (limit 1000000) max_states_per_insn 1 total_states 5 peak_states 5 mark_read 4 Notice how there is a successful code path from instruction 0 through 67, few successfully verified jumps (44->66, 34->66), and only after that 11->28 jump plus error on instruction #32. AFTER this change (full verifier log, **no truncation**): ; int handle__sched_switch(u64 *ctx) 0: (bf) r6 = r1 ; struct task_struct *prev = (struct task_struct *)ctx[1]; 1: (79) r1 = *(u64 *)(r6 +8) func 'sched_switch' arg1 has btf_id 151 type STRUCT 'task_struct' 2: (b7) r2 = 0 ; struct event event = {}; 3: (7b) *(u64 *)(r10 -24) = r2 last_idx 3 first_idx 0 regs=4 stack=0 before 2: (b7) r2 = 0 4: (7b) *(u64 *)(r10 -32) = r2 5: (7b) *(u64 *)(r10 -40) = r2 6: (7b) *(u64 *)(r10 -48) = r2 ; if (prev->state == TASK_RUNNING) 7: (79) r2 = *(u64 *)(r1 +16) ; if (prev->state == TASK_RUNNING) 8: (55) if r2 != 0x0 goto pc+19 R1_w=ptr_task_struct(id=0,off=0,imm=0) R2_w=inv0 R6_w=ctx(id=0,off=0,imm=0) R10=fp0 fp-24_w=00000000 fp-32_w=00000000 fp-40_w=00000000 fp-48_w=00000000 ; trace_enqueue(prev->tgid, prev->pid); 9: (61) r1 = *(u32 *)(r1 +1184) 10: (63) *(u32 *)(r10 -4) = r1 ; if (!pid || (targ_pid && targ_pid != pid)) 11: (15) if r1 == 0x0 goto pc+16 from 11 to 28: R1_w=inv0 R2_w=inv0 R6_w=ctx(id=0,off=0,imm=0) R10=fp0 fp-8=mmmm???? fp-24_w=00000000 fp-32_w=00000000 fp-40_w=00000000 fp-48_w=00000000 ; bpf_map_update_elem(&start, &pid, &ts, 0); 28: (bf) r2 = r10 ; 29: (07) r2 += -16 ; tsp = bpf_map_lookup_elem(&start, &pid); 30: (18) r1 = 0xffff8881db3ce800 32: (85) call bpf_map_lookup_elem#1 invalid indirect read from stack off -16+0 size 4 processed 65 insns (limit 1000000) max_states_per_insn 1 total_states 5 peak_states 5 mark_read 4 Notice how in this case, there are 0-11 instructions + jump from 11 to 28 is recorded + 28-32 instructions with error on insn #32. test_verifier test runner was updated to specify BPF_LOG_LEVEL2 for VERBOSE_ACCEPT expected result due to potentially ""incomplete"" success verbose log at BPF_LOG_LEVEL1. On success, verbose log will only have a summary of number of processed instructions, etc, but no branch tracing log. Having just a last succesful branch tracing seemed weird and confusing. Having small and clean summary log in success case seems quite logical and nice, though. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200423195850.1259827-1-andriin@fb.com","kernel/bpf/verifier.c | 29 +++++++++++++++++++++++++----; tools/testing/selftests/bpf/test_verifier.c | 7 ++++++-; 2 files changed, 31 insertions(+), 5 deletions(-)","The commit refines the BPF verifier logging to focus on relevant paths by default, enhancing debugging efficiency.","BPF, verifier, log","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"71d19214776e61b33da48f7c1b46e522c7f78221","71d19214776e61b33da48f7c1b46e522c7f78221","Maciej Żenczykowski","maze@google.com","1587917725","Alexei Starovoitov","ast@kernel.org","1587919385","424b2ecd19cc56edb46333e2a2773cd062bdaf82","0a05861f80fe7d4dcfdabcc98d9854947573e072","bpf: add bpf_ktime_get_boot_ns() On a device like a cellphone which is constantly suspending and resuming CLOCK_MONOTONIC is not particularly useful for keeping track of or reacting to external network events. Instead you want to use CLOCK_BOOTTIME. Hence add bpf_ktime_get_boot_ns() as a mirror of bpf_ktime_get_ns() based around CLOCK_BOOTTIME instead of CLOCK_MONOTONIC. Signed-off-by: Maciej Żenczykowski Signed-off-by: Alexei Starovoitov ","drivers/media/rc/bpf-lirc.c | 2 ++; include/linux/bpf.h | 1 +; include/uapi/linux/bpf.h | 13 ++++++++++++-; kernel/bpf/core.c | 1 +; kernel/bpf/helpers.c | 14 ++++++++++++++; kernel/trace/bpf_trace.c | 2 ++; tools/include/uapi/linux/bpf.h | 13 ++++++++++++-; 7 files changed, 44 insertions(+), 2 deletions(-)","The commit introduces a new helper, bpf_ktime_get_boot_ns(), to utilize CLOCK_BOOTTIME in eBPF.","bpf_ktime_get_boot_ns,CLOCK_BOOTTIME,helper","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"0a05861f80fe7d4dcfdabcc98d9854947573e072","0a05861f80fe7d4dcfdabcc98d9854947573e072","Tobias Klauser","tklauser@distanz.ch","1587511767","Alexei Starovoitov","ast@kernel.org","1587919291","f17b4d54eb374f86021fe7dbb4d607256327033c","082b57e3eb09810d357083cca5ee2df02c16aec9","xsk: Fix typo in xsk_umem_consume_tx and xsk_generic_xmit comments s/backpreassure/backpressure/ Signed-off-by: Tobias Klauser Signed-off-by: Alexei Starovoitov Acked-by: Magnus Karlsson Link: https://lore.kernel.org/bpf/20200421232927.21082-1-tklauser@distanz.ch","net/xdp/xsk.c | 4 ++--; 1 file changed, 2 insertions(+), 2 deletions(-)","This commit corrects a typographical error in the comments of xsk.c related to XDP socket functions.","typo,comments,XDP","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"082b57e3eb09810d357083cca5ee2df02c16aec9","082b57e3eb09810d357083cca5ee2df02c16aec9","Maciej Żenczykowski","maze@google.com","1587408470","Alexei Starovoitov","ast@kernel.org","1587917054","6fe7ed4372099c4dd297d3d4f580c575b7d78ced","6f3f65d80dac8f2bafce2213005821fccdce194c","net: bpf: Make bpf_ktime_get_ns() available to non GPL programs The entire implementation is in kernel/bpf/helpers.c: BPF_CALL_0(bpf_ktime_get_ns) { /* NMI safe access to clock monotonic */ return ktime_get_mono_fast_ns(); } const struct bpf_func_proto bpf_ktime_get_ns_proto = { .func = bpf_ktime_get_ns, .gpl_only = false, .ret_type = RET_INTEGER, }; and this was presumably marked GPL due to kernel/time/timekeeping.c: EXPORT_SYMBOL_GPL(ktime_get_mono_fast_ns); and while that may make sense for kernel modules (although even that is doubtful), there is currently AFAICT no other source of time available to ebpf. Furthermore this is really just equivalent to clock_gettime(CLOCK_MONOTONIC) which is exposed to userspace (via vdso even to make it performant)... As such, I see no reason to keep the GPL restriction. (In the future I'd like to have access to time from Apache licensed ebpf code) Signed-off-by: Maciej Żenczykowski Signed-off-by: Alexei Starovoitov ","kernel/bpf/helpers.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","The commit allows bpf_ktime_get_ns() to be used by non-GPL eBPF programs by modifying kernel/bpf/helpers.c.","bpf, ktime_get_ns, GPL","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"6f3f65d80dac8f2bafce2213005821fccdce194c","6f3f65d80dac8f2bafce2213005821fccdce194c","Lorenzo Colitti","lorenzo@google.com","1587407648","Alexei Starovoitov","ast@kernel.org","1587916850","84e4007084a04076e2386d939cc07c915d37b231","6890896bd765b0504761c61901c9804fca23bfb2","net: bpf: Allow TC programs to call BPF_FUNC_skb_change_head This allows TC eBPF programs to modify and forward (redirect) packets from interfaces without ethernet headers (for example cellular) to interfaces with (for example ethernet/wifi). The lack of this appears to simply be an oversight. Tested: in active use in Android R on 4.14+ devices for ipv6 cellular to wifi tethering offload. Signed-off-by: Lorenzo Colitti Signed-off-by: Maciej Żenczykowski Signed-off-by: Alexei Starovoitov ","net/core/filter.c | 2 ++; 1 file changed, 2 insertions(+)","This commit allows TC eBPF programs to use BPF_FUNC_skb_change_head for modifying and forwarding packets between interfaces with different header requirements.","TC eBPF, BPF_FUNC_skb_change_head, interfaces","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['tc related type programs. It affects programs managing traffic control (tc) for queuing or prioritizing network traffic.']" +"6890896bd765b0504761c61901c9804fca23bfb2","6890896bd765b0504761c61901c9804fca23bfb2","Stanislav Fomichev","sdf@google.com","1587772781","Alexei Starovoitov","ast@kernel.org","1587916393","dbeb4bd9847589b3f84f7c195158f2cded961204","745abfaa9eafa597d31fdf24a3249e5206a98768","bpf: Fix missing bpf_base_func_proto in cgroup_base_func_proto for CGROUP_NET=n linux-next build bot reported compile issue [1] with one of its configs. It looks like when we have CONFIG_NET=n and CONFIG_BPF{,_SYSCALL}=y, we are missing the bpf_base_func_proto definition (from net/core/filter.c) in cgroup_base_func_proto. I'm reshuffling the code a bit to make it work. The common helpers are moved into kernel/bpf/helpers.c and the bpf_base_func_proto is exported from there. Also, bpf_get_raw_cpu_id goes into kernel/bpf/core.c akin to existing bpf_user_rnd_u32. [1] https://lore.kernel.org/linux-next/CAKH8qBsBvKHswiX1nx40LgO+BGeTmb1NX8tiTttt_0uu6T3dCA@mail.gmail.com/T/#mff8b0c083314c68c2e2ef0211cb11bc20dc13c72 Fixes: 0456ea170cd6 (""bpf: Enable more helpers for BPF_PROG_TYPE_CGROUP_{DEVICE,SYSCTL,SOCKOPT}"") Signed-off-by: Stanislav Fomichev Signed-off-by: Alexei Starovoitov Cc: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200424235941.58382-1-sdf@google.com","include/linux/bpf.h | 8 ++++++; include/linux/filter.h | 2 --; kernel/bpf/core.c | 5 ++++; kernel/bpf/helpers.c | 73 ++++++++++++++++++++++++++++++++++++++++++++++; net/core/filter.c | 78 +-------------------------------------------------; 5 files changed, 87 insertions(+), 79 deletions(-)","This commit fixes a compile issue by redistributing common bpf helpers to allow compilation without CONFIG_NET.","bpf, cgroup, compile","A bug fix. It primarily resolves a bug or issue in the code.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"745abfaa9eafa597d31fdf24a3249e5206a98768","745abfaa9eafa597d31fdf24a3249e5206a98768","Luke Nelson","lukenels@cs.washington.edu","1587428884","Alexei Starovoitov","ast@kernel.org","1587915601","7317971ec5e492834da0e4e0b0abd564995f32f8","ae460c022453337850bdc36a36bf7596a6cfcf99","bpf, riscv: Fix tail call count off by one in RV32 BPF JIT This patch fixes an off by one error in the RV32 JIT handling for BPF tail call. Currently, the code decrements TCC before checking if it is less than zero. This limits the maximum number of tail calls to 32 instead of 33 as in other JITs. The fix is to instead check the old value of TCC before decrementing. Fixes: 5f316b65e99f (""riscv, bpf: Add RV32G eBPF JIT"") Signed-off-by: Luke Nelson Signed-off-by: Alexei Starovoitov Acked-by: Xi Wang Link: https://lore.kernel.org/bpf/20200421002804.5118-1-luke.r.nels@gmail.com","arch/riscv/net/bpf_jit_comp32.c | 5 +++--; 1 file changed, 3 insertions(+), 2 deletions(-)","The commit corrects an off-by-one bug in RV32 BPF JIT affecting tail call limits.","tail call,JIT,bug","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"ae460c022453337850bdc36a36bf7596a6cfcf99","ae460c022453337850bdc36a36bf7596a6cfcf99","Yoshiki Komachi","komachi.yoshiki@gmail.com","1587427527","Alexei Starovoitov","ast@kernel.org","1587915601","07a6f1e5b9eff7629dbce7ef95a995ca16e82b3a","0456ea170cd665ddbb9503be92e39f96055dd5fa","bpf_helpers.h: Add note for building with vmlinux.h or linux/types.h The following error was shown when a bpf program was compiled without vmlinux.h auto-generated from BTF: # clang -I./linux/tools/lib/ -I/lib/modules/$(uname -r)/build/include/ \ -O2 -Wall -target bpf -emit-llvm -c bpf_prog.c -o bpf_prog.bc ... In file included from linux/tools/lib/bpf/bpf_helpers.h:5: linux/tools/lib/bpf/bpf_helper_defs.h:56:82: error: unknown type name '__u64' ... It seems that bpf programs are intended for being built together with the vmlinux.h (which will have all the __u64 and other typedefs). But users may mistakenly think ""include "" is missing because the vmlinux.h is not common for non-bpf developers. IMO, an explicit comment therefore should be added to bpf_helpers.h as this patch shows. Signed-off-by: Yoshiki Komachi Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/1587427527-29399-1-git-send-email-komachi.yoshiki@gmail.com","tools/lib/bpf/bpf_helpers.h | 6 ++++++; 1 file changed, 6 insertions(+)","Added documentation note in bpf_helpers.h about necessary includes for eBPF program compilation.","documentation,note,inclusion","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"0456ea170cd665ddbb9503be92e39f96055dd5fa","0456ea170cd665ddbb9503be92e39f96055dd5fa","Stanislav Fomichev","sdf@google.com","1587404770","Alexei Starovoitov","ast@kernel.org","1587915601","c26c94e090b5793498be2d4dbf641b9f23199c72","93e516894752e8b2ae3c2e7671e3ea33e27e3898","bpf: Enable more helpers for BPF_PROG_TYPE_CGROUP_{DEVICE,SYSCTL,SOCKOPT} Currently the following prog types don't fall back to bpf_base_func_proto() (instead they have cgroup_base_func_proto which has a limited set of helpers from bpf_base_func_proto): * BPF_PROG_TYPE_CGROUP_DEVICE * BPF_PROG_TYPE_CGROUP_SYSCTL * BPF_PROG_TYPE_CGROUP_SOCKOPT I don't see any specific reason why we shouldn't use bpf_base_func_proto(), every other type of program (except bpf-lirc and, understandably, tracing) use it, so let's fall back to bpf_base_func_proto for those prog types as well. This basically boils down to adding access to the following helpers: * BPF_FUNC_get_prandom_u32 * BPF_FUNC_get_smp_processor_id * BPF_FUNC_get_numa_node_id * BPF_FUNC_tail_call * BPF_FUNC_ktime_get_ns * BPF_FUNC_spin_lock (CAP_SYS_ADMIN) * BPF_FUNC_spin_unlock (CAP_SYS_ADMIN) * BPF_FUNC_jiffies64 (CAP_SYS_ADMIN) I've also added bpf_perf_event_output() because it's really handy for logging and debugging. Signed-off-by: Stanislav Fomichev Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200420174610.77494-1-sdf@google.com","include/linux/bpf.h | 1 +; kernel/bpf/cgroup.c | 20 +++---------------; net/core/filter.c | 2 +-; .../testing/selftests/bpf/verifier/event_output.c | 24 ++++++++++++++++++++++; 4 files changed, 29 insertions(+), 18 deletions(-)","The commit enables additional helpers for BPF_PROG_TYPE_CGROUP_{DEVICE,SYSCTL,SOCKOPT} by using bpf_base_func_proto.","helpers,cgroup,proto","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"93e516894752e8b2ae3c2e7671e3ea33e27e3898","93e516894752e8b2ae3c2e7671e3ea33e27e3898","Jagadeesh Pagadala","jagdsh.linux@gmail.com","1587274757","Alexei Starovoitov","ast@kernel.org","1587915601","7d2fcb36ff29b722a586bf7f5615ea6fbeb47340","b0b3fb6759220d4fa359e9ac486859c9d422c204","tools/bpf/bpftool: Remove duplicate headers Code cleanup: Remove duplicate headers which are included twice. Signed-off-by: Jagadeesh Pagadala Signed-off-by: Alexei Starovoitov Reviewed-by: Quentin Monnet Link: https://lore.kernel.org/bpf/1587274757-14101-1-git-send-email-jagdsh.linux@gmail.com","tools/bpf/bpftool/btf.c | 1 -; tools/bpf/bpftool/gen.c | 1 -; tools/bpf/bpftool/jit_disasm.c | 1 -; 3 files changed, 3 deletions(-)","The commit cleans up code by removing duplicate header inclusions in bpftool source files.","duplicate,headers,cleanup","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"b0b3fb6759220d4fa359e9ac486859c9d422c204","b0b3fb6759220d4fa359e9ac486859c9d422c204","Mao Wenan","maowenan@huawei.com","1587173855","Alexei Starovoitov","ast@kernel.org","1587915601","6c90dffcd354a412ab54c94ebf0d13309065cf30","3fd8dc269ff0647819589c21b2ce60af6fc0a455","bpf: Remove set but not used variable 'dst_known' Fixes gcc '-Wunused-but-set-variable' warning: kernel/bpf/verifier.c:5603:18: warning: variable ‘dst_known’ set but not used [-Wunused-but-set-variable], delete this variable. Signed-off-by: Mao Wenan Signed-off-by: Alexei Starovoitov Acked-by: Song Liu Link: https://lore.kernel.org/bpf/20200418013735.67882-1-maowenan@huawei.com","kernel/bpf/verifier.c | 4 +---; 1 file changed, 1 insertion(+), 3 deletions(-)","This commit removes an unused variable 'dst_known' from the eBPF verifier to silence a GCC warning.","remove,verifier,warning","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"e2e13925ff74afa011e8c667cd9ceda38f254fc5","e2e13925ff74afa011e8c667cd9ceda38f254fc5","Tiezhu Yang","yangtiezhu@loongson.cn","1587893445","Thomas Bogendoerfer","tsbogend@alpha.franken.de","1587908611","7563b39e6125a88abd3c283237f26c69333c7869","a44f83092d716d8a5e5e1a2620b68cf720c2ed2a","MIPS: Loongson: Add support for perf tool In order to use perf tool on the Loongson platform, we should enable kernel support for various performance events provided by software and hardware, so add CONFIG_PERF_EVENTS=y to loongson3_defconfig. E.g. without this patch: [loongson@localhost perf]$ ./perf list List of pre-defined events (to be used in -e): duration_time [Tool event] rNNN [Raw hardware event descriptor] cpu/t1=v1[,t2=v2,t3 ...]/modifier [Raw hardware event descriptor] (see 'man perf-list' on how to encode it) mem:[/len][:access] [Hardware breakpoint] With this patch: [loongson@localhost perf]$ ./perf list List of pre-defined events (to be used in -e): branch-instructions OR branches [Hardware event] branch-misses [Hardware event] cpu-cycles OR cycles [Hardware event] instructions [Hardware event] alignment-faults [Software event] bpf-output [Software event] context-switches OR cs [Software event] cpu-clock [Software event] cpu-migrations OR migrations [Software event] dummy [Software event] emulation-faults [Software event] major-faults [Software event] minor-faults [Software event] page-faults OR faults [Software event] task-clock [Software event] duration_time [Tool event] L1-dcache-load-misses [Hardware cache event] L1-dcache-store-misses [Hardware cache event] L1-icache-load-misses [Hardware cache event] branch-load-misses [Hardware cache event] branch-loads [Hardware cache event] dTLB-load-misses [Hardware cache event] dTLB-store-misses [Hardware cache event] iTLB-load-misses [Hardware cache event] rNNN [Raw hardware event descriptor] cpu/t1=v1[,t2=v2,t3 ...]/modifier [Raw hardware event descriptor] (see 'man perf-list' on how to encode it) mem:[/len][:access] [Hardware breakpoint] Signed-off-by: Tiezhu Yang Signed-off-by: Thomas Bogendoerfer ","arch/mips/configs/loongson3_defconfig | 1 +; 1 file changed, 1 insertion(+)","Add perf tool support for MIPS Loongson by enabling kernel performance events.","Loongson,perf,events","A build system or CI/CD change. It affects the build process continuous integration or deployment pipelines.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"ab51cac00ef2859f20a73d33a53f3a8987b65e11","ab51cac00ef2859f20a73d33a53f3a8987b65e11","Linus Torvalds","torvalds@linux-foundation.org","1587781050","Linus Torvalds","torvalds@linux-foundation.org","1587781050","0965ed2cb75c77c252333cdb667537c44274353a","5ef58e29078261ef5195c7fee74768546b863182 167ff131cb3dffccab8bb4d65a8d72e7c5ffc398","Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net Pull networking fixes from David Miller: 1) Fix memory leak in netfilter flowtable, from Roi Dayan. 2) Ref-count leaks in netrom and tipc, from Xiyu Yang. 3) Fix warning when mptcp socket is never accepted before close, from Florian Westphal. 4) Missed locking in ovs_ct_exit(), from Tonghao Zhang. 5) Fix large delays during PTP synchornization in cxgb4, from Rahul Lakkireddy. 6) team_mode_get() can hang, from Taehee Yoo. 7) Need to use kvzalloc() when allocating fw tracer in mlx5 driver, from Niklas Schnelle. 8) Fix handling of bpf XADD on BTF memory, from Jann Horn. 9) Fix BPF_STX/BPF_B encoding in x86 bpf jit, from Luke Nelson. 10) Missing queue memory release in iwlwifi pcie code, from Johannes Berg. 11) Fix NULL deref in macvlan device event, from Taehee Yoo. 12) Initialize lan87xx phy correctly, from Yuiko Oshino. 13) Fix looping between VRF and XFRM lookups, from David Ahern. 14) etf packet scheduler assumes all sockets are full sockets, which is not necessarily true. From Eric Dumazet. 15) Fix mptcp data_fin handling in RX path, from Paolo Abeni. 16) fib_select_default() needs to handle nexthop objects, from David Ahern. 17) Use GFP_ATOMIC under spinlock in mac80211_hwsim, from Wei Yongjun. 18) vxlan and geneve use wrong nlattr array, from Sabrina Dubroca. 19) Correct rx/tx stats in bcmgenet driver, from Doug Berger. 20) BPF_LDX zero-extension is encoded improperly in x86_32 bpf jit, fix from Luke Nelson. * git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (100 commits) selftests/bpf: Fix a couple of broken test_btf cases tools/runqslower: Ensure own vmlinux.h is picked up first bpf: Make bpf_link_fops static bpftool: Respect the -d option in struct_ops cmd selftests/bpf: Add test for freplace program with expected_attach_type bpf: Propagate expected_attach_type when verifying freplace programs bpf: Fix leak in LINK_UPDATE and enforce empty old_prog_fd bpf, x86_32: Fix logic error in BPF_LDX zero-extension bpf, x86_32: Fix clobbering of dst for BPF_JSET bpf, x86_32: Fix incorrect encoding in BPF_LDX zero-extension bpf: Fix reStructuredText markup net: systemport: suppress warnings on failed Rx SKB allocations net: bcmgenet: suppress warnings on failed Rx SKB allocations macsec: avoid to set wrong mtu mac80211: sta_info: Add lockdep condition for RCU list usage mac80211: populate debugfs only after cfg80211 init net: bcmgenet: correct per TX/RX ring statistics net: meth: remove spurious copyright text net: phy: bcm84881: clear settings on link down chcr: Fix CPU hard lockup ...","","This commit merges networking fixes from the netdev branch into the main kernel tree.","networking, merge, fixes","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"167ff131cb3dffccab8bb4d65a8d72e7c5ffc398","167ff131cb3dffccab8bb4d65a8d72e7c5ffc398","David S. Miller","davem@davemloft.net","1587777974","David S. Miller","davem@davemloft.net","1587777974","4e1748d884532e9386371f9636f52db61eea9d79","3554e54a46125030c534820c297ed7f6c3907e24 e1cebd841b0aa1ceda771706d54a0501986a3c88","Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf Alexei Starovoitov says: ==================== pull-request: bpf 2020-04-24 The following pull-request contains BPF updates for your *net* tree. We've added 17 non-merge commits during the last 5 day(s) which contain a total of 19 files changed, 203 insertions(+), 85 deletions(-). The main changes are: 1) link_update fix, from Andrii. 2) libbpf get_xdp_id fix, from David. 3) xadd verifier fix, from Jann. 4) x86-32 JIT fixes, from Luke and Wang. 5) test_btf fix, from Stanislav. 6) freplace verifier fix, from Toke. ==================== Signed-off-by: David S. Miller ","","The commit merges a series of BPF updates into the network tree, fixing issues with verifier, JIT, and several components.","BPF,fixes,merge","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"e1cebd841b0aa1ceda771706d54a0501986a3c88","e1cebd841b0aa1ceda771706d54a0501986a3c88","Stanislav Fomichev","sdf@google.com","1587515873","Alexei Starovoitov","ast@kernel.org","1587775660","df8a7d45332898dfac45c68d6461ab8e7100785b","dfc55ace9939e1e8703ad37ddbba41aaa31cc0cb","selftests/bpf: Fix a couple of broken test_btf cases Commit 51c39bb1d5d1 (""bpf: Introduce function-by-function verification"") introduced function linkage flag and changed the error message from ""vlen != 0"" to ""Invalid func linkage"" and broke some fake BPF programs. Adjust the test accordingly. AFACT, the programs don't really need any arguments and only look at BTF for maps, so let's drop the args altogether. Before: BTF raw test[103] (func (Non zero vlen)): do_test_raw:3703:FAIL expected err_str:vlen != 0 magic: 0xeb9f version: 1 flags: 0x0 hdr_len: 24 type_off: 0 type_len: 72 str_off: 72 str_len: 10 btf_total_size: 106 [1] INT (anon) size=4 bits_offset=0 nr_bits=32 encoding=SIGNED [2] INT (anon) size=4 bits_offset=0 nr_bits=32 encoding=(none) [3] FUNC_PROTO (anon) return=0 args=(1 a, 2 b) [4] FUNC func type_id=3 Invalid func linkage BTF libbpf test[1] (test_btf_haskv.o): libbpf: load bpf program failed: Invalid argument libbpf: -- BEGIN DUMP LOG --- libbpf: Validating test_long_fname_2() func#1... Arg#0 type PTR in test_long_fname_2() is not supported yet. processed 0 insns (limit 1000000) max_states_per_insn 0 total_states 0 peak_states 0 mark_read 0 libbpf: -- END LOG -- libbpf: failed to load program 'dummy_tracepoint' libbpf: failed to load object 'test_btf_haskv.o' do_test_file:4201:FAIL bpf_object__load: -4007 BTF libbpf test[2] (test_btf_newkv.o): libbpf: load bpf program failed: Invalid argument libbpf: -- BEGIN DUMP LOG --- libbpf: Validating test_long_fname_2() func#1... Arg#0 type PTR in test_long_fname_2() is not supported yet. processed 0 insns (limit 1000000) max_states_per_insn 0 total_states 0 peak_states 0 mark_read 0 libbpf: -- END LOG -- libbpf: failed to load program 'dummy_tracepoint' libbpf: failed to load object 'test_btf_newkv.o' do_test_file:4201:FAIL bpf_object__load: -4007 BTF libbpf test[3] (test_btf_nokv.o): libbpf: load bpf program failed: Invalid argument libbpf: -- BEGIN DUMP LOG --- libbpf: Validating test_long_fname_2() func#1... Arg#0 type PTR in test_long_fname_2() is not supported yet. processed 0 insns (limit 1000000) max_states_per_insn 0 total_states 0 peak_states 0 mark_read 0 libbpf: -- END LOG -- libbpf: failed to load program 'dummy_tracepoint' libbpf: failed to load object 'test_btf_nokv.o' do_test_file:4201:FAIL bpf_object__load: -4007 Fixes: 51c39bb1d5d1 (""bpf: Introduce function-by-function verification"") Signed-off-by: Stanislav Fomichev Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200422003753.124921-1-sdf@google.com","tools/testing/selftests/bpf/progs/test_btf_haskv.c | 18 +++++-------------; tools/testing/selftests/bpf/progs/test_btf_newkv.c | 18 +++++-------------; tools/testing/selftests/bpf/progs/test_btf_nokv.c | 18 +++++-------------; tools/testing/selftests/bpf/test_btf.c | 2 +-; 4 files changed, 16 insertions(+), 40 deletions(-)","The commit adjusts selftests to accommodate changes in function linkage error messages for BPF programs.","selftests,BTF,error","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"dfc55ace9939e1e8703ad37ddbba41aaa31cc0cb","dfc55ace9939e1e8703ad37ddbba41aaa31cc0cb","Andrii Nakryiko","andriin@fb.com","1587518647","Alexei Starovoitov","ast@kernel.org","1587775520","35163a31c5f64214a7eb414c1560c61d869c092a","6f302bfb221470e712ce3e5911fb83cdca174387","tools/runqslower: Ensure own vmlinux.h is picked up first Reorder include paths to ensure that runqslower sources are picking up vmlinux.h, generated by runqslower's own Makefile. When runqslower is built from selftests/bpf, due to current -I$(BPF_INCLUDE) -I$(OUTPUT) ordering, it might pick up not-yet-complete vmlinux.h, generated by selftests Makefile, which could lead to compilation errors like [0]. So ensure that -I$(OUTPUT) goes first and rely on runqslower's Makefile own dependency chain to ensure vmlinux.h is properly completed before source code relying on it is compiled. [0] https://travis-ci.org/github/libbpf/libbpf/jobs/677905925 Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200422012407.176303-1-andriin@fb.com","tools/bpf/runqslower/Makefile | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Reorder include paths in runqslower Makefile to ensure correct vmlinux.h is used during compilation.","runqslower, vmlinux, Makefile","A build system or CI/CD change. It affects the build process continuous integration or deployment pipelines.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"6f302bfb221470e712ce3e5911fb83cdca174387","6f302bfb221470e712ce3e5911fb83cdca174387","Zou Wei","zou_wei@huawei.com","1587609160","Alexei Starovoitov","ast@kernel.org","1587775364","ef260fbdf088432ff4e51d25dec2808f5fc1151d","32e4c6f4bc00366ede053ab6bb8109ec0fae0e54","bpf: Make bpf_link_fops static Fix the following sparse warning: kernel/bpf/syscall.c:2289:30: warning: symbol 'bpf_link_fops' was not declared. Should it be static? Reported-by: Hulk Robot Signed-off-by: Zou Wei Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/1587609160-117806-1-git-send-email-zou_wei@huawei.com","kernel/bpf/syscall.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","This commit makes the 'bpf_link_fops' static to fix a sparse warning in the kernel code.","bpf,static,sparse","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"32e4c6f4bc00366ede053ab6bb8109ec0fae0e54","32e4c6f4bc00366ede053ab6bb8109ec0fae0e54","Martin KaFai Lau","kafai@fb.com","1587752951","Alexei Starovoitov","ast@kernel.org","1587775254","c9eddcb2c995c15432af25402db356c90ac3d757","1d8a0af5ee1ad219a9ebd9b43559b165bcb3ff40","bpftool: Respect the -d option in struct_ops cmd In the prog cmd, the ""-d"" option turns on the verifier log. This is missed in the ""struct_ops"" cmd and this patch fixes it. Fixes: 65c93628599d (""bpftool: Add struct_ops support"") Signed-off-by: Martin KaFai Lau Signed-off-by: Alexei Starovoitov Reviewed-by: Quentin Monnet Link: https://lore.kernel.org/bpf/20200424182911.1259355-1-kafai@fb.com","tools/bpf/bpftool/struct_ops.c | 8 +++++++-; 1 file changed, 7 insertions(+), 1 deletion(-)","This commit fixes the respect of the -d option in the struct_ops command of bpftool to enable verifier logs.","bpftool,struct_ops,verifier","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Struct_ops type related programs. It affects programs tha t allows user-defined methods to be called by subsystems.']" +"1d8a0af5ee1ad219a9ebd9b43559b165bcb3ff40","1d8a0af5ee1ad219a9ebd9b43559b165bcb3ff40","Toke Høiland-Jørgensen","toke@redhat.com","1587735268","Alexei Starovoitov","ast@kernel.org","1587774870","a26ba95e6cff26762f51193696a29df95026b497","03f87c0b45b177ba5f6b4a9bbe9f95e4aba31026","selftests/bpf: Add test for freplace program with expected_attach_type This adds a new selftest that tests the ability to attach an freplace program to a program type that relies on the expected_attach_type of the target program to pass verification. Signed-off-by: Toke Høiland-Jørgensen Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/158773526831.293902.16011743438619684815.stgit@toke.dk",".../selftests/bpf/prog_tests/fexit_bpf2bpf.c | 30 +++++++++++++++++-----; tools/testing/selftests/bpf/progs/connect4_prog.c | 28 +++++++++++---------; .../selftests/bpf/progs/freplace_connect4.c | 18 +++++++++++++; 3 files changed, 58 insertions(+), 18 deletions(-)","This commit adds a selftest for verifying freplace programs using expected_attach_type in eBPF.","selftest, freplace, verification","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"03f87c0b45b177ba5f6b4a9bbe9f95e4aba31026","03f87c0b45b177ba5f6b4a9bbe9f95e4aba31026","Toke Høiland-Jørgensen","toke@redhat.com","1587735267","Alexei Starovoitov","ast@kernel.org","1587774870","9995324e00de4c15279caa5de4d23663b1d935bf","4adb7a4a151c65ac7e9c3a1aa462c84190d48385","bpf: Propagate expected_attach_type when verifying freplace programs For some program types, the verifier relies on the expected_attach_type of the program being verified in the verification process. However, for freplace programs, the attach type was not propagated along with the verifier ops, so the expected_attach_type would always be zero for freplace programs. This in turn caused the verifier to sometimes make the wrong call for freplace programs. For all existing uses of expected_attach_type for this purpose, the result of this was only false negatives (i.e., freplace functions would be rejected by the verifier even though they were valid programs for the target they were replacing). However, should a false positive be introduced, this can lead to out-of-bounds accesses and/or crashes. The fix introduced in this patch is to propagate the expected_attach_type to the freplace program during verification, and reset it after that is done. Fixes: be8704ff07d2 (""bpf: Introduce dynamic program extensions"") Signed-off-by: Toke Høiland-Jørgensen Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/158773526726.293902.13257293296560360508.stgit@toke.dk","kernel/bpf/verifier.c | 8 ++++++++; 1 file changed, 8 insertions(+)","Propagate expected_attach_type during verification of freplace programs to prevent verification errors.","expected_attach_type,freplace,verifier","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"4adb7a4a151c65ac7e9c3a1aa462c84190d48385","4adb7a4a151c65ac7e9c3a1aa462c84190d48385","Andrii Nakryiko","andriin@fb.com","1587705644","Alexei Starovoitov","ast@kernel.org","1587774422","776699a09bc08d7e2c68d409e67616827ad3a399","5ca1ca01fae1e90f8d010eb1d83374f28dc11ee6","bpf: Fix leak in LINK_UPDATE and enforce empty old_prog_fd Fix bug of not putting bpf_link in LINK_UPDATE command. Also enforce zeroed old_prog_fd if no BPF_F_REPLACE flag is specified. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200424052045.4002963-1-andriin@fb.com","kernel/bpf/syscall.c | 11 +++++++++--; 1 file changed, 9 insertions(+), 2 deletions(-)","This commit fixes a memory leak and enforces validation in the LINK_UPDATE command for eBPF programs.","fix,leak,LINK_UPDATE","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"5ca1ca01fae1e90f8d010eb1d83374f28dc11ee6","5ca1ca01fae1e90f8d010eb1d83374f28dc11ee6","Wang YanQing","udknight@gmail.com","1587618397","Alexei Starovoitov","ast@kernel.org","1587774181","8fec8a8bb6767c895af20b8da8d9aa555539d005","50fe7ebb6475711c15b3397467e6424e20026d94","bpf, x86_32: Fix logic error in BPF_LDX zero-extension When verifier_zext is true, we don't need to emit code for zero-extension. Fixes: 836256bf5f37 (""x32: bpf: eliminate zero extension code-gen"") Signed-off-by: Wang YanQing Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200423050637.GA4029@udknight","arch/x86/net/bpf_jit_comp32.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","The commit corrects a logic error in handling zero-extension for BPF_LDX on x86_32 when verifier_zext is true.","BPF_LDX zero-extension x86_32","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"50fe7ebb6475711c15b3397467e6424e20026d94","50fe7ebb6475711c15b3397467e6424e20026d94","Luke Nelson","lukenels@cs.washington.edu","1587576990","Alexei Starovoitov","ast@kernel.org","1587773506","7148fe1f4e830533d70f313e090b8662ec5497be","5fa9a98fb10380e48a398998cd36a85e4ef711d6","bpf, x86_32: Fix clobbering of dst for BPF_JSET The current JIT clobbers the destination register for BPF_JSET BPF_X and BPF_K by using ""and"" and ""or"" instructions. This is fine when the destination register is a temporary loaded from a register stored on the stack but not otherwise. This patch fixes the problem (for both BPF_K and BPF_X) by always loading the destination register into temporaries since BPF_JSET should not modify the destination register. This bug may not be currently triggerable as BPF_REG_AX is the only register not stored on the stack and the verifier uses it in a limited way. Fixes: 03f5781be2c7b (""bpf, x86_32: add eBPF JIT compiler for ia32"") Signed-off-by: Xi Wang Signed-off-by: Luke Nelson Signed-off-by: Alexei Starovoitov Acked-by: Wang YanQing Link: https://lore.kernel.org/bpf/20200422173630.8351-2-luke.r.nels@gmail.com","arch/x86/net/bpf_jit_comp32.c | 22 ++++++++++++++++++----; 1 file changed, 18 insertions(+), 4 deletions(-)","This commit fixes a bug in the x86_32 eBPF JIT compiler related to register clobbering for BPF_JSET instructions.","bug, JIT, BPF_JSET","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"5fa9a98fb10380e48a398998cd36a85e4ef711d6","5fa9a98fb10380e48a398998cd36a85e4ef711d6","Luke Nelson","lukenels@cs.washington.edu","1587576989","Alexei Starovoitov","ast@kernel.org","1587773506","4b5bd1281976009db88b347a0cc7007ddd26919d","a33d3147945543f9ded67a052f358a75595f1ecb","bpf, x86_32: Fix incorrect encoding in BPF_LDX zero-extension The current JIT uses the following sequence to zero-extend into the upper 32 bits of the destination register for BPF_LDX BPF_{B,H,W}, when the destination register is not on the stack: EMIT3(0xC7, add_1reg(0xC0, dst_hi), 0); The problem is that C7 /0 encodes a MOV instruction that requires a 4-byte immediate; the current code emits only 1 byte of the immediate. This means that the first 3 bytes of the next instruction will be treated as the rest of the immediate, breaking the stream of instructions. This patch fixes the problem by instead emitting ""xor dst_hi,dst_hi"" to clear the upper 32 bits. This fixes the problem and is more efficient than using MOV to load a zero immediate. This bug may not be currently triggerable as BPF_REG_AX is the only register not stored on the stack and the verifier uses it in a limited way, and the verifier implements a zero-extension optimization. But the JIT should avoid emitting incorrect encodings regardless. Fixes: 03f5781be2c7b (""bpf, x86_32: add eBPF JIT compiler for ia32"") Signed-off-by: Xi Wang Signed-off-by: Luke Nelson Signed-off-by: Alexei Starovoitov Reviewed-by: H. Peter Anvin (Intel) Acked-by: Wang YanQing Link: https://lore.kernel.org/bpf/20200422173630.8351-1-luke.r.nels@gmail.com","arch/x86/net/bpf_jit_comp32.c | 4 +++-; 1 file changed, 3 insertions(+), 1 deletion(-)","Fix incorrect instruction encoding in x86_32 eBPF JIT compiler for zero-extension of BPF_LDX.","zero-extension,JIT,fix","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"a33d3147945543f9ded67a052f358a75595f1ecb","a33d3147945543f9ded67a052f358a75595f1ecb","Jakub Wilk","jwilk@jwilk.net","1587543804","Alexei Starovoitov","ast@kernel.org","1587772886","1ce34aba928b87262b69cb0fbeea37b848b57c32","257d7d4f0e69f5e8e3d38351bdcab896719dba04","bpf: Fix reStructuredText markup The patch fixes: $ scripts/bpf_helpers_doc.py > bpf-helpers.rst $ rst2man bpf-helpers.rst > bpf-helpers.7 bpf-helpers.rst:1105: (WARNING/2) Inline strong start-string without end-string. Signed-off-by: Jakub Wilk Signed-off-by: Alexei Starovoitov Reviewed-by: Quentin Monnet Link: https://lore.kernel.org/bpf/20200422082324.2030-1-jwilk@jwilk.net","include/uapi/linux/bpf.h | 2 +-; tools/include/uapi/linux/bpf.h | 2 +-; 2 files changed, 2 insertions(+), 2 deletions(-)","The commit fixes reStructuredText markup warning in BPF documentation.","markup, documentation, warning","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"93a4388b765d6588d145a2e94e350cc77fd44756","93a4388b765d6588d145a2e94e350cc77fd44756","Shuah Khan","skhan@linuxfoundation.org","1586899328","Shuah Khan","skhan@linuxfoundation.org","1587684200","668b0bfed63571856bc16e6d31aea342b5289de8","16bcd0f509e469630d82a33a6d7e5d95bcc738fe","selftests: add build/cross-build dependency check script Add build/cross-build dependency check script kselftest_deps.sh This script does the following: Usage: ./kselftest_deps.sh -[p] [test_name] kselftest_deps.sh [-p] gcc kselftest_deps.sh [-p] gcc vm kselftest_deps.sh [-p] aarch64-linux-gnu-gcc kselftest_deps.sh [-p] aarch64-linux-gnu-gcc vm - Should be run in selftests directory in the kernel repo. - Checks if Kselftests can be built/cross-built on a system. - Parses all test/sub-test Makefile to find library dependencies. - Runs compile test on a trivial C file with LDLIBS specified in the test Makefiles to identify missing library dependencies. - Prints suggested target list for a system filtering out tests failed the build dependency check from the TARGETS in Selftests the main Makefile when optional -p is specified. - Prints pass/fail dependency check for each tests/sub-test. - Prints pass/fail targets and libraries. - Default: runs dependency checks on all tests. - Optional test name can be specified to check dependencies for it. To make LDLIBS parsing easier - change gpio and memfd Makefiles to use the same temporary variable used to find and add libraries to LDLIBS. - simlify LDLIBS append logic in intel_pstate/Makefile. Results from run on x86_64 system (trimmed detailed pass/fail list): ======================================================== Kselftest Dependency Check for [./kselftest_deps.sh gcc ] results... ======================================================== Checked tests defining LDLIBS dependencies -------------------------------------------------------- Total tests with Dependencies: 55 Pass: 53 Fail: 2 -------------------------------------------------------- Targets passed build dependency check on system: bpf capabilities filesystems futex gpio intel_pstate membarrier memfd mqueue net powerpc ptp rseq rtc safesetid timens timers vDSO vm -------------------------------------------------------- FAIL: netfilter/Makefile dependency check: -lmnl FAIL: gpio/Makefile dependency check: -lmount -------------------------------------------------------- Targets failed build dependency check on system: gpio netfilter -------------------------------------------------------- Missing libraries system -lmnl -lmount -------------------------------------------------------- ======================================================== Results from run on x86_64 system with aarch64-linux-gnu-gcc: (trimmed detailed pass/fail list): ======================================================== Kselftest Dependency Check for [./kselftest_deps.sh aarch64-linux-gnu-gcc ] results... ======================================================== Checked tests defining LDLIBS dependencies -------------------------------------------------------- Total tests with Dependencies: 55 Pass: 41 Fail: 14 -------------------------------------------------------- Targets failed build dependency check on system: bpf capabilities filesystems futex gpio intel_pstate membarrier memfd mqueue net powerpc ptp rseq rtc timens timers vDSO vm -------------------------------------------------------- -------------------------------------------------------- Targets failed build dependency check on system: bpf capabilities gpio memfd mqueue net netfilter safesetid vm -------------------------------------------------------- Missing libraries system -lcap -lcap-ng -lelf -lfuse -lmnl -lmount -lnuma -lpopt -lz -------------------------------------------------------- ======================================================== Signed-off-by: Shuah Khan ","tools/testing/selftests/gpio/Makefile | 12 +-; tools/testing/selftests/intel_pstate/Makefile | 2 +-; tools/testing/selftests/kselftest_deps.sh | 272 ++++++++++++++++++++++++++; tools/testing/selftests/memfd/Makefile | 14 +-; 4 files changed, 291 insertions(+), 9 deletions(-)","Adds a build and cross-build dependency check script for Kselftests in the Linux kernel.","dependency, script, Kselftests","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"257d7d4f0e69f5e8e3d38351bdcab896719dba04","257d7d4f0e69f5e8e3d38351bdcab896719dba04","David Ahern","dsahern@gmail.com","1587399523","Alexei Starovoitov","ast@kernel.org","1587618442","f049c1d1032b49cf4cd52751771b27defc1a4f38","d2b6c3ab70dbc0069a69c57edd8c96f365f06b7c","libbpf: Only check mode flags in get_xdp_id The commit in the Fixes tag changed get_xdp_id to only return prog_id if flags is 0, but there are other XDP flags than the modes - e.g., XDP_FLAGS_UPDATE_IF_NOEXIST. Since the intention was only to look at MODE flags, clear other ones before checking if flags is 0. Fixes: f07cbad29741 (""libbpf: Fix bpf_get_link_xdp_id flags handling"") Signed-off-by: David Ahern Signed-off-by: Alexei Starovoitov Acked-by: Andrey Ignatov ","tools/lib/bpf/netlink.c | 2 ++; 1 file changed, 2 insertions(+)","Fixes handling of XDP mode flags in libbpf's get_xdp_id function to ignore non-mode flags.","libbpf,flags,XDP","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"87cfeb1920f84f465a738d4c6589033eefa20b45","87cfeb1920f84f465a738d4c6589033eefa20b45","Ingo Molnar","mingo@kernel.org","1587557308","Ingo Molnar","mingo@kernel.org","1587557308","10b9625c9f1b7be9c722c6a0c6ab24f95df31f6f","18bf34080c4c3beb6699181986cc97dd712498fe 12e89e65f446476951f42aedeef56b6bd6f7f1e6","Merge tag 'perf-core-for-mingo-5.8-20200420' of git://git.kernel.org/pub/scm/linux/kernel/git/acme/linux into perf/core Pull perf/core fixes and improvements from Arnaldo Carvalho de Melo: kernel + tools/perf: Alexey Budankov: - Introduce CAP_PERFMON to kernel and user space. callchains: Adrian Hunter: - Allow using Intel PT to synthesize callchains for regular events. Kan Liang: - Stitch LBR records from multiple samples to get deeper backtraces, there are caveats, see the csets for details. perf script: Andreas Gerstmayr: - Add flamegraph.py script BPF: Jiri Olsa: - Synthesize bpf_trampoline/dispatcher ksymbol events. perf stat: Arnaldo Carvalho de Melo: - Honour --timeout for forked workloads. Stephane Eranian: - Force error in fallback on :k events, to avoid counting nothing when the user asks for kernel events but is not allowed to. perf bench: Ian Rogers: - Add event synthesis benchmark. tools api fs: Stephane Eranian: - Make xxx__mountpoint() more scalable libtraceevent: He Zhe: - Handle return value of asprintf. Signed-off-by: Arnaldo Carvalho de Melo Signed-off-by: Ingo Molnar ","","The commit merges perf tool updates including BPF event synthesis and other improvements into the main repository.","perf,BPF,merge","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"bdebd6a2831b6fab69eb85cee74a8ba77f1a1cc2","bdebd6a2831b6fab69eb85cee74a8ba77f1a1cc2","Jann Horn","jannh@google.com","1587431651","Linus Torvalds","torvalds@linux-foundation.org","1587492716","ab0d5cf962ae15406f5784f4c3da6618ca49cfd0","0783ac95b4a09a18e702c8359053762649b34c94","vmalloc: fix remap_vmalloc_range() bounds checks remap_vmalloc_range() has had various issues with the bounds checks it promises to perform (""This function checks that addr is a valid vmalloc'ed area, and that it is big enough to cover the vma"") over time, e.g.: - not detecting pgoff< Signed-off-by: Andrew Morton Cc: stable@vger.kernel.org Cc: Alexei Starovoitov Cc: Daniel Borkmann Cc: Martin KaFai Lau Cc: Song Liu Cc: Yonghong Song Cc: Andrii Nakryiko Cc: John Fastabend Cc: KP Singh Link: http://lkml.kernel.org/r/20200415222312.236431-1-jannh@google.com Signed-off-by: Linus Torvalds ","fs/proc/vmcore.c | 5 +++--; include/linux/vmalloc.h | 2 +-; mm/vmalloc.c | 16 +++++++++++++---; samples/vfio-mdev/mdpy.c | 2 +-; 4 files changed, 18 insertions(+), 7 deletions(-)","The commit fixes bounds checking issues in remap_vmalloc_range() to prevent potential kernel null pointer dereferences and ASLR bypass vulnerabilities.","vmalloc,bounds,fix","A security fix. It resolves a security vulnerability or strengthens security measures.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","It's not related to any above. E.g. It affects a logic component in eBPF that is not listed here and not related to other events.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"d2b6c3ab70dbc0069a69c57edd8c96f365f06b7c","d2b6c3ab70dbc0069a69c57edd8c96f365f06b7c","Luke Nelson","lukenels@cs.washington.edu","1587252414","Alexei Starovoitov","ast@kernel.org","1587435930","f8f4cf01b82216e46db29d51c0d0d86d23a5f34c","aee194b14dd2b2bde6252b3acf57d36dccfc743a","bpf, selftests: Add test for BPF_STX BPF_B storing R10 This patch adds a test to test_verifier that writes the lower 8 bits of R10 (aka FP) using BPF_B to an array map and reads the result back. The expected behavior is that the result should be the same as first copying R10 to R9, and then storing / loading the lower 8 bits of R9. This test catches a bug that was present in the x86-64 JIT that caused an incorrect encoding for BPF_STX BPF_B when the source operand is R10. Signed-off-by: Xi Wang Signed-off-by: Luke Nelson Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200418232655.23870-2-luke.r.nels@gmail.com","tools/testing/selftests/bpf/verifier/stack_ptr.c | 40 ++++++++++++++++++++++++; 1 file changed, 40 insertions(+)","This commit adds a verifier test for storing lower 8 bits of register R10 into an array map using BPF_B.","BPF,verifier,R10","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"aee194b14dd2b2bde6252b3acf57d36dccfc743a","aee194b14dd2b2bde6252b3acf57d36dccfc743a","Luke Nelson","lukenels@cs.washington.edu","1587252413","Alexei Starovoitov","ast@kernel.org","1587435930","5f904107d4e86b1ef37f4ddbc45af9cc7cf88644","8ff3571f7e1bf3f293cc5e3dc14f2943f4fa7fcf","bpf, x86: Fix encoding for lower 8-bit registers in BPF_STX BPF_B This patch fixes an encoding bug in emit_stx for BPF_B when the source register is BPF_REG_FP. The current implementation for BPF_STX BPF_B in emit_stx saves one REX byte when the operands can be encoded using Mod-R/M alone. The lower 8 bits of registers %rax, %rbx, %rcx, and %rdx can be accessed without using a REX prefix via %al, %bl, %cl, and %dl, respectively. Other registers, (e.g., %rsi, %rdi, %rbp, %rsp) require a REX prefix to use their 8-bit equivalents (%sil, %dil, %bpl, %spl). The current code checks if the source for BPF_STX BPF_B is BPF_REG_1 or BPF_REG_2 (which map to %rdi and %rsi), in which case it emits the required REX prefix. However, it misses the case when the source is BPF_REG_FP (mapped to %rbp). The result is that BPF_STX BPF_B with BPF_REG_FP as the source operand will read from register %ch instead of the correct %bpl. This patch fixes the problem by fixing and refactoring the check on which registers need the extra REX byte. Since no BPF registers map to %rsp, there is no need to handle %spl. Fixes: 622582786c9e0 (""net: filter: x86: internal BPF JIT"") Signed-off-by: Xi Wang Signed-off-by: Luke Nelson Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200418232655.23870-1-luke.r.nels@gmail.com","arch/x86/net/bpf_jit_comp.c | 18 +++++++++++++++---; 1 file changed, 15 insertions(+), 3 deletions(-)","This commit fixes an encoding bug in BPF_STX BPF_B for lower 8-bit registers in the x86 BPF JIT compiler.","encoding, BPF_STX, registers","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"8ff3571f7e1bf3f293cc5e3dc14f2943f4fa7fcf","8ff3571f7e1bf3f293cc5e3dc14f2943f4fa7fcf","Jann Horn","jannh@google.com","1587081607","Alexei Starovoitov","ast@kernel.org","1587433294","d1f5c6273b9160b4a90058afdd0271063f610a4c","6e7e63cbb023976d828cdb22422606bf77baa8a9","bpf: Fix handling of XADD on BTF memory check_xadd() can cause check_ptr_to_btf_access() to be executed with atype==BPF_READ and value_regno==-1 (meaning ""just check whether the access is okay, don't tell me what type it will result in""). Handle that case properly and skip writing type information, instead of indexing into the registers at index -1 and writing into out-of-bounds memory. Note that at least at the moment, you can't actually write through a BTF pointer, so check_xadd() will reject the program after calling check_ptr_to_btf_access with atype==BPF_WRITE; but that's after the verifier has already corrupted memory. This patch assumes that BTF pointers are not available in unprivileged programs. Fixes: 9e15db66136a (""bpf: Implement accurate raw_tp context access via BTF"") Signed-off-by: Jann Horn Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200417000007.10734-2-jannh@google.com","kernel/bpf/verifier.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","This commit fixes a bug in handling BTF memory access during XADD operations in the eBPF verifier.","bpf,XADD,BTF","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"6e7e63cbb023976d828cdb22422606bf77baa8a9","6e7e63cbb023976d828cdb22422606bf77baa8a9","Jann Horn","jannh@google.com","1587081606","Alexei Starovoitov","ast@kernel.org","1587433294","dfd218e7e797b7b269571b907dfd390ac3925e01","bc23d0e3f717ced21fbfacab3ab887d55e5ba367","bpf: Forbid XADD on spilled pointers for unprivileged users When check_xadd() verifies an XADD operation on a pointer to a stack slot containing a spilled pointer, check_stack_read() verifies that the read, which is part of XADD, is valid. However, since the placeholder value -1 is passed as `value_regno`, check_stack_read() can only return a binary decision and can't return the type of the value that was read. The intent here is to verify whether the value read from the stack slot may be used as a SCALAR_VALUE; but since check_stack_read() doesn't check the type, and the type information is lost when check_stack_read() returns, this is not enforced, and a malicious user can abuse XADD to leak spilled kernel pointers. Fix it by letting check_stack_read() verify that the value is usable as a SCALAR_VALUE if no type information is passed to the caller. To be able to use __is_pointer_value() in check_stack_read(), move it up. Fix up the expected unprivileged error message for a BPF selftest that, until now, assumed that unprivileged users can use XADD on stack-spilled pointers. This also gives us a test for the behavior introduced in this patch for free. In theory, this could also be fixed by forbidding XADD on stack spills entirely, since XADD is a locked operation (for operations on memory with concurrency) and there can't be any concurrency on the BPF stack; but Alexei has said that he wants to keep XADD on stack slots working to avoid changes to the test suite [1]. The following BPF program demonstrates how to leak a BPF map pointer as an unprivileged user using this bug: // r7 = map_pointer BPF_LD_MAP_FD(BPF_REG_7, small_map), // r8 = launder(map_pointer) BPF_STX_MEM(BPF_DW, BPF_REG_FP, BPF_REG_7, -8), BPF_MOV64_IMM(BPF_REG_1, 0), ((struct bpf_insn) { .code = BPF_STX | BPF_DW | BPF_XADD, .dst_reg = BPF_REG_FP, .src_reg = BPF_REG_1, .off = -8 }), BPF_LDX_MEM(BPF_DW, BPF_REG_8, BPF_REG_FP, -8), // store r8 into map BPF_MOV64_REG(BPF_REG_ARG1, BPF_REG_7), BPF_MOV64_REG(BPF_REG_ARG2, BPF_REG_FP), BPF_ALU64_IMM(BPF_ADD, BPF_REG_ARG2, -4), BPF_ST_MEM(BPF_W, BPF_REG_ARG2, 0, 0), BPF_EMIT_CALL(BPF_FUNC_map_lookup_elem), BPF_JMP_IMM(BPF_JNE, BPF_REG_0, 0, 1), BPF_EXIT_INSN(), BPF_STX_MEM(BPF_DW, BPF_REG_0, BPF_REG_8, 0), BPF_MOV64_IMM(BPF_REG_0, 0), BPF_EXIT_INSN() [1] https://lore.kernel.org/bpf/20200416211116.qxqcza5vo2ddnkdq@ast-mbp.dhcp.thefacebook.com/ Fixes: 17a5267067f3 (""bpf: verifier (add verifier core)"") Signed-off-by: Jann Horn Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200417000007.10734-1-jannh@google.com","kernel/bpf/verifier.c | 28 +++++++++++++++-------; .../selftests/bpf/verifier/value_illegal_alu.c | 1 +; 2 files changed, 20 insertions(+), 9 deletions(-)","This commit fixes a vulnerability by forbidding XADD operations on spilled pointers for unprivileged users in the eBPF verifier.","XADD,security,user","A security fix. It resolves a security vulnerability or strengthens security measures.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"bc23d0e3f717ced21fbfacab3ab887d55e5ba367","bc23d0e3f717ced21fbfacab3ab887d55e5ba367","Toke Høiland-Jørgensen","toke@redhat.com","1587025880","Alexei Starovoitov","ast@kernel.org","1587433084","d9b55b22a3c6429936b2b7d5d5b3b6b129845a1b","a460fc5d4c170806a31e590df37ead3ab951315c","cpumap: Avoid warning when CONFIG_DEBUG_PER_CPU_MAPS is enabled When the kernel is built with CONFIG_DEBUG_PER_CPU_MAPS, the cpumap code can trigger a spurious warning if CONFIG_CPUMASK_OFFSTACK is also set. This happens because in this configuration, NR_CPUS can be larger than nr_cpumask_bits, so the initial check in cpu_map_alloc() is not sufficient to guard against hitting the warning in cpumask_check(). Fix this by explicitly checking the supplied key against the nr_cpumask_bits variable before calling cpu_possible(). Fixes: 6710e1126934 (""bpf: introduce new bpf cpu map type BPF_MAP_TYPE_CPUMAP"") Reported-by: Xiumei Mu Signed-off-by: Toke Høiland-Jørgensen Signed-off-by: Alexei Starovoitov Tested-by: Xiumei Mu Acked-by: Jesper Dangaard Brouer Acked-by: Song Liu Link: https://lore.kernel.org/bpf/20200416083120.453718-1-toke@redhat.com","kernel/bpf/cpumap.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Fixes a spurious warning in cpumap code when specific kernel configuration options are set.","cpumap,warning,CONFIG_DEBUG","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"5d8e5aee0e9391141fe2ab892d0ac98de5783537","5d8e5aee0e9391141fe2ab892d0ac98de5783537","Stephen Kitt","steve@sk2.org","1584275208","Jonathan Corbet","corbet@lwn.net","1587423563","3d1dda86c306f1c4310f164e7131d1810f084dfe","3f11de39c489b0e947d7bd036be3d154e67e3329","docs: sysctl/kernel: document BPF entries Based on the implementation in kernel/bpf/syscall.c, kernel/bpf/trampoline.c, include/linux/filter.h, and the documentation in bpftool-prog.rst. Signed-off-by: Stephen Kitt Link: https://lore.kernel.org/r/20200315122648.20558-1-steve@sk2.org Signed-off-by: Jonathan Corbet ","Documentation/admin-guide/sysctl/kernel.rst | 24 ++++++++++++++++++++++++; 1 file changed, 24 insertions(+)","This commit enhances the sysctl kernel documentation by adding BPF-related entries.","docs,sysctl,BPF","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"e9cfa47e687d77d256610b7124d736776f137ea0","e9cfa47e687d77d256610b7124d736776f137ea0","Ian Rogers","irogers@google.com","1587054055","Arnaldo Carvalho de Melo","acme@redhat.com","1587211500","5fca2184fe9e1142123763a097441f88efee8884","9fbc61f832ebf432326a90e28184dade05ee34a8","perf doc: allow ASCIIDOC_EXTRA to be an argument This will allow parent makefiles to pass values to asciidoc. Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Alexei Starovoitov Cc: Alexey Budankov Cc: Andi Kleen Cc: Andrii Nakryiko Cc: Daniel Borkmann Cc: Florian Fainelli Cc: Greg Kroah-Hartman Cc: Igor Lubashev Cc: Jin Yao Cc: Jiri Olsa Cc: Jiwei Sun Cc: John Garry Cc: Kan Liang Cc: Leo Yan Cc: Mark Rutland Cc: Martin KaFai Lau Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Stephane Eranian Cc: Thomas Gleixner Cc: Yonghong Song Cc: bpf@vger.kernel.org Cc: netdev@vger.kernel.org Cc: yuzhoujian Link: http://lore.kernel.org/lkml/20200416162058.201954-2-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/Documentation/Makefile | 4 ++--; 1 file changed, 2 insertions(+), 2 deletions(-)","This commit allows ASCIIDOC_EXTRA to be an argument in the perf documentation makefile.","perf, ASCIIDOC_EXTRA, makefile","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"c8372665b4b96d6a818b2693dd49236d5f9c8bc2","c8372665b4b96d6a818b2693dd49236d5f9c8bc2","Linus Torvalds","torvalds@linux-foundation.org","1587073949","Linus Torvalds","torvalds@linux-foundation.org","1587073949","f96f2a2510f6abe52ead6a2c4e1adbd9e0de5d8d","9786cab674574239b04df638f825ee0e7d76a48c d518691cbd3be3dae218e05cca3f3fc9b2f1aa77","Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net Pull networking fixes from David Miller: 1) Disable RISCV BPF JIT builds when !MMU, from Björn Töpel. 2) nf_tables leaves dangling pointer after free, fix from Eric Dumazet. 3) Out of boundary write in __xsk_rcv_memcpy(), fix from Li RongQing. 4) Adjust icmp6 message source address selection when routes have a preferred source address set, from Tim Stallard. 5) Be sure to validate HSR protocol version when creating new links, from Taehee Yoo. 6) CAP_NET_ADMIN should be sufficient to manage l2tp tunnels even in non-initial namespaces, from Michael Weiß. 7) Missing release firmware call in mlx5, from Eran Ben Elisha. 8) Fix variable type in macsec_changelink(), caught by KASAN. Fix from Taehee Yoo. 9) Fix pause frame negotiation in marvell phy driver, from Clemens Gruber. 10) Record RX queue early enough in tun packet paths such that XDP programs will see the correct RX queue index, from Gilberto Bertin. 11) Fix double unlock in mptcp, from Florian Westphal. 12) Fix offset overflow in ARM bpf JIT, from Luke Nelson. 13) marvell10g needs to soft reset PHY when coming out of low power mode, from Russell King. 14) Fix MTU setting regression in stmmac for some chip types, from Florian Fainelli. * git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (101 commits) amd-xgbe: Use __napi_schedule() in BH context mISDN: make dmril and dmrim static net: stmmac: dwmac-sunxi: Provide TX and RX fifo sizes net: dsa: mt7530: fix tagged frames pass-through in VLAN-unaware mode tipc: fix incorrect increasing of link window Documentation: Fix tcp_challenge_ack_limit default value net: tulip: make early_486_chipsets static dt-bindings: net: ethernet-phy: add desciption for ethernet-phy-id1234.d400 ipv6: remove redundant assignment to variable err net/rds: Use ERR_PTR for rds_message_alloc_sgs() net: mscc: ocelot: fix untagged packet drops when enslaving to vlan aware bridge selftests/bpf: Check for correct program attach/detach in xdp_attach test libbpf: Fix type of old_fd in bpf_xdp_set_link_opts libbpf: Always specify expected_attach_type on program load if supported xsk: Add missing check on user supplied headroom size mac80211: fix channel switch trigger from unknown mesh peer mac80211: fix race in ieee80211_register_hw() net: marvell10g: soft-reset the PHY when coming out of low power net: marvell10g: report firmware version net/cxgb4: Check the return from t4_query_params properly ...","","This commit merges networking fixes from the network kernel repository into Linus Torvalds' main branch.","networking,merge,fixes","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"1a2725f3ee5571cf07966f467b73a9941bcbacb8","1a2725f3ee5571cf07966f467b73a9941bcbacb8","Adrian Hunter","adrian.hunter@intel.com","1585836948","Arnaldo Carvalho de Melo","acme@redhat.com","1587050352","c6685fe36b9fd901f2195a6096c9476b06614afc","025b16f81dd7f51f29d0109399d669438c63b6ce","perf script: Simplify auxiliary event printing functions This simplifies the print functions for the following perf script options: --show-task-events --show-namespace-events --show-cgroup-events --show-mmap-events --show-switch-events --show-lost-events --show-bpf-events Example: # perf record --switch-events -a -e cycles -c 10000 sleep 1 Before: # perf script --show-task-events --show-namespace-events --show-cgroup-events --show-mmap-events --show-switch-events --show-lost-events --show-bpf-events > out-before.txt After: # perf script --show-task-events --show-namespace-events --show-cgroup-events --show-mmap-events --show-switch-events --show-lost-events --show-bpf-events > out-after.txt # diff -s out-before.txt out-after.txt Files out-before.txt and out-after.tx are identical Signed-off-by: Adrian Hunter Acked-by: Jiri Olsa Link: http://lore.kernel.org/lkml/20200402141548.21283-1-adrian.hunter@intel.com Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/builtin-script.c | 304 ++++++++++----------------------------------; 1 file changed, 66 insertions(+), 238 deletions(-)","The commit simplifies the perf script auxiliary event printing functions for multiple event options improving maintainability.","perf,simplifies,events","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","I'm not sure about the implementation component of the commit. The component affected by It is unclear.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"031258da05956646c5606023ab0abe10a7e68ea1","031258da05956646c5606023ab0abe10a7e68ea1","Alexey Budankov","alexey.budankov@linux.intel.com","1585817334","Arnaldo Carvalho de Melo","acme@redhat.com","1587050348","a9019348901fb412c93def29f5ba94b6da97be26","4e3d3456b78fa5a70e65de0d7c5309b814281ae3","trace/bpf_trace: Open access for CAP_PERFMON privileged process Open access to bpf_trace monitoring for CAP_PERFMON privileged process. Providing the access under CAP_PERFMON capability singly, without the rest of CAP_SYS_ADMIN credentials, excludes chances to misuse the credentials and makes operation more secure. CAP_PERFMON implements the principle of least privilege for performance monitoring and observability operations (POSIX IEEE 1003.1e 2.2.2.39 principle of least privilege: A security design principle that states that a process or program be granted only those privileges (e.g., capabilities) necessary to accomplish its legitimate function, and only for the time that such privileges are actually required) For backward compatibility reasons access to bpf_trace monitoring remains open for CAP_SYS_ADMIN privileged processes but CAP_SYS_ADMIN usage for secure bpf_trace monitoring is discouraged with respect to CAP_PERFMON capability. Signed-off-by: Alexey Budankov Reviewed-by: James Morris Acked-by: Song Liu Cc: Alexei Starovoitov Cc: Andi Kleen Cc: Igor Lubashev Cc: Jiri Olsa Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Serge Hallyn Cc: Stephane Eranian Cc: Thomas Gleixner Cc: intel-gfx@lists.freedesktop.org Cc: linux-doc@vger.kernel.org Cc: linux-man@vger.kernel.org Cc: linux-security-module@vger.kernel.org Cc: selinux@vger.kernel.org Link: http://lore.kernel.org/lkml/c0a0ae47-8b6e-ff3e-416b-3cd1faaf71c0@linux.intel.com Signed-off-by: Arnaldo Carvalho de Melo ","kernel/trace/bpf_trace.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Open bpf_trace for CAP_PERFMON privilege to enhance security through least privilege access.","CAP_PERFMON,security,bpf_trace","A security fix. It resolves a security vulnerability or strengthens security measures.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"6b3e0e2e04615df128b2d38fa1dd1fcb84f2504c","6b3e0e2e04615df128b2d38fa1dd1fcb84f2504c","Alexey Budankov","alexey.budankov@linux.intel.com","1585817255","Arnaldo Carvalho de Melo","acme@redhat.com","1587050348","7b7ba48b2e3408c849cd2dffc4aced2971a77c42","c9e0924e5c2b59365f9c0d43ff8722e79ecf4088","perf tools: Support CAP_PERFMON capability Extend error messages to mention CAP_PERFMON capability as an option to substitute CAP_SYS_ADMIN capability for secure system performance monitoring and observability operations. Make perf_event_paranoid_check() and __cmd_ftrace() to be aware of CAP_PERFMON capability. CAP_PERFMON implements the principle of least privilege for performance monitoring and observability operations (POSIX IEEE 1003.1e 2.2.2.39 principle of least privilege: A security design principle that states that a process or program be granted only those privileges (e.g., capabilities) necessary to accomplish its legitimate function, and only for the time that such privileges are actually required) For backward compatibility reasons access to perf_events subsystem remains open for CAP_SYS_ADMIN privileged processes but CAP_SYS_ADMIN usage for secure perf_events monitoring is discouraged with respect to CAP_PERFMON capability. Committer testing: Using a libcap with this patch: diff --git a/libcap/include/uapi/linux/capability.h b/libcap/include/uapi/linux/capability.h index 78b2fd4c8a95..89b5b0279b60 100644 --- a/libcap/include/uapi/linux/capability.h +++ b/libcap/include/uapi/linux/capability.h @@ -366,8 +366,9 @@ struct vfs_ns_cap_data { #define CAP_AUDIT_READ 37 +#define CAP_PERFMON 38 -#define CAP_LAST_CAP CAP_AUDIT_READ +#define CAP_LAST_CAP CAP_PERFMON #define cap_valid(x) ((x) >= 0 && (x) <= CAP_LAST_CAP) Note that using '38' in place of 'cap_perfmon' works to some degree with an old libcap, its only when cap_get_flag() is called that libcap performs an error check based on the maximum value known for capabilities that it will fail. This makes determining the default of perf_event_attr.exclude_kernel to fail, as it can't determine if CAP_PERFMON is in place. Using 'perf top -e cycles' avoids the default check and sets perf_event_attr.exclude_kernel to 1. As root, with a libcap supporting CAP_PERFMON: # groupadd perf_users # adduser perf -g perf_users # mkdir ~perf/bin # cp ~acme/bin/perf ~perf/bin/ # chgrp perf_users ~perf/bin/perf # setcap ""cap_perfmon,cap_sys_ptrace,cap_syslog=ep"" ~perf/bin/perf # getcap ~perf/bin/perf /home/perf/bin/perf = cap_sys_ptrace,cap_syslog,cap_perfmon+ep # ls -la ~perf/bin/perf -rwxr-xr-x. 1 root perf_users 16968552 Apr 9 13:10 /home/perf/bin/perf As the 'perf' user in the 'perf_users' group: $ perf top -a --stdio Error: Failed to mmap with 1 (Operation not permitted) $ Either add the cap_ipc_lock capability to the perf binary or reduce the ring buffer size to some smaller value: $ perf top -m10 -a --stdio rounding mmap pages size to 64K (16 pages) Error: Failed to mmap with 1 (Operation not permitted) $ perf top -m4 -a --stdio Error: Failed to mmap with 1 (Operation not permitted) $ perf top -m2 -a --stdio PerfTop: 762 irqs/sec kernel:49.7% exact: 100.0% lost: 0/0 drop: 0/0 [4000Hz cycles], (all, 4 CPUs) ------------------------------------------------------------------------------------------------------ 9.83% perf [.] __symbols__insert 8.58% perf [.] rb_next 5.91% [kernel] [k] module_get_kallsym 5.66% [kernel] [k] kallsyms_expand_symbol.constprop.0 3.98% libc-2.29.so [.] __GI_____strtoull_l_internal 3.66% perf [.] rb_insert_color 2.34% [kernel] [k] vsnprintf 2.30% [kernel] [k] string_nocheck 2.16% libc-2.29.so [.] _IO_getdelim 2.15% [kernel] [k] number 2.13% [kernel] [k] format_decode 1.58% libc-2.29.so [.] _IO_feof 1.52% libc-2.29.so [.] __strcmp_avx2 1.50% perf [.] rb_set_parent_color 1.47% libc-2.29.so [.] __libc_calloc 1.24% [kernel] [k] do_syscall_64 1.17% [kernel] [k] __x86_indirect_thunk_rax $ perf record -a sleep 1 [ perf record: Woken up 1 times to write data ] [ perf record: Captured and wrote 0.552 MB perf.data (74 samples) ] $ perf evlist cycles $ perf evlist -v cycles: size: 120, { sample_period, sample_freq }: 4000, sample_type: IP|TID|TIME|CPU|PERIOD, read_format: ID, disabled: 1, inherit: 1, mmap: 1, comm: 1, freq: 1, task: 1, precise_ip: 3, sample_id_all: 1, exclude_guest: 1, mmap2: 1, comm_exec: 1, ksymbol: 1, bpf_event: 1 $ perf report | head -20 # To display the perf.data header info, please use --header/--header-only options. # # # Total Lost Samples: 0 # # Samples: 74 of event 'cycles' # Event count (approx.): 15694834 # # Overhead Command Shared Object Symbol # ........ ............... .......................... ...................................... # 19.62% perf [kernel.vmlinux] [k] strnlen_user 13.88% swapper [kernel.vmlinux] [k] intel_idle 13.83% ksoftirqd/0 [kernel.vmlinux] [k] pfifo_fast_dequeue 13.51% swapper [kernel.vmlinux] [k] kmem_cache_free 6.31% gnome-shell [kernel.vmlinux] [k] kmem_cache_free 5.66% kworker/u8:3+ix [kernel.vmlinux] [k] delay_tsc 4.42% perf [kernel.vmlinux] [k] __set_cpus_allowed_ptr 3.45% kworker/2:1-eve [kernel.vmlinux] [k] shmem_truncate_range 2.29% gnome-shell libgobject-2.0.so.0.6000.7 [.] g_closure_ref $ Signed-off-by: Alexey Budankov Reviewed-by: James Morris Acked-by: Jiri Olsa Acked-by: Namhyung Kim Tested-by: Arnaldo Carvalho de Melo Cc: Alexei Starovoitov Cc: Andi Kleen Cc: Igor Lubashev Cc: Peter Zijlstra Cc: Serge Hallyn Cc: Song Liu Cc: Stephane Eranian Cc: Thomas Gleixner Cc: intel-gfx@lists.freedesktop.org Cc: linux-doc@vger.kernel.org Cc: linux-man@vger.kernel.org Cc: linux-security-module@vger.kernel.org Cc: selinux@vger.kernel.org Link: http://lore.kernel.org/lkml/a66d5648-2b8e-577e-e1f2-1d56c017ab5e@linux.intel.com Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/builtin-ftrace.c | 5 +++--; tools/perf/design.txt | 3 ++-; tools/perf/util/cap.h | 4 ++++; tools/perf/util/evsel.c | 10 +++++-----; tools/perf/util/util.c | 1 +; 5 files changed, 15 insertions(+), 8 deletions(-)","This commit updates perf tools to support the CAP_PERFMON capability for secure performance monitoring.","CAP_PERFMON,perf tools,security","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"3c29d4483e855b6ba5c6e35b0c81caad7d9e3984","3c29d4483e855b6ba5c6e35b0c81caad7d9e3984","Jiri Olsa","jolsa@kernel.org","1584042970","Arnaldo Carvalho de Melo","acme@redhat.com","1587050346","62fd31250678d4d90189b1d93a133d1ec0994ec3","7eddf7e74e54aea3b24410b3fb8911927836632f","perf annotate: Add basic support for bpf_image Add the DSO_BINARY_TYPE__BPF_IMAGE dso binary type to recognize BPF images that carry trampoline or dispatcher. Upcoming patches will add support to read the image data, store it within the BPF feature in perf.data and display it for annotation purposes. Currently we only display following message: # ./perf annotate bpf_trampoline_24456 --stdio Percent | Source code & Disassembly of . for cycles (504 ... --------------------------------------------------------------- ... : to be implemented Signed-off-by: Jiri Olsa Acked-by: Song Liu Cc: Alexei Starovoitov Cc: Andrii Nakryiko Cc: Björn Töpel Cc: Daniel Borkmann Cc: David S. Miller Cc: Jakub Kicinski Cc: Jesper Dangaard Brouer Cc: John Fastabend Cc: Martin KaFai Lau Cc: Yonghong Song Link: https://lore.kernel.org/bpf/20200312195610.346362-16-jolsa@kernel.org Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/util/annotate.c | 20 ++++++++++++++++++++; tools/perf/util/dso.c | 1 +; tools/perf/util/dso.h | 1 +; tools/perf/util/machine.c | 11 +++++++++++; tools/perf/util/symbol.c | 1 +; 5 files changed, 34 insertions(+)","Add basic support to perf annotate for BPF image recognition related to trampolines and dispatchers.","bpf,image,perf","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"7eddf7e74e54aea3b24410b3fb8911927836632f","7eddf7e74e54aea3b24410b3fb8911927836632f","Jiri Olsa","jolsa@kernel.org","1584042969","Arnaldo Carvalho de Melo","acme@redhat.com","1587050346","abc598bffc9f69a755c52fae38c6d18389972502","943930e4729a64c11142a0370415663b39189996","perf machine: Set ksymbol dso as loaded on arrival There's no special load action for ksymbol data on map__load/dso__load action, where the kernel is getting loaded. It only gets confused with kernel kallsyms/vmlinux load for bpf object, which fails and could mess up with the map. Disabling any further load of the map for ksymbol related dso/map. Signed-off-by: Jiri Olsa Acked-by: Song Liu Cc: Alexei Starovoitov Cc: Andrii Nakryiko Cc: Björn Töpel Cc: Daniel Borkmann Cc: David S. Miller Cc: Jakub Kicinski Cc: Jesper Dangaard Brouer Cc: John Fastabend Cc: Martin KaFai Lau Cc: Yonghong Song Link: https://lore.kernel.org/bpf/20200312195610.346362-15-jolsa@kernel.org Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/util/machine.c | 1 +; 1 file changed, 1 insertion(+)","This commit modifies ksymbol DSO loading in perf machine to prevent conflicts with kernel kallsyms and vmlinux.","perf,ksymbol,loading","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['kprobe/ftrace like type kernel dynamic probe programs. It affects kernel-level probes used for tracing kernel functions. It can be other kernel probes in perf-events.', 'Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"943930e4729a64c11142a0370415663b39189996","943930e4729a64c11142a0370415663b39189996","Jiri Olsa","jolsa@kernel.org","1584042968","Arnaldo Carvalho de Melo","acme@redhat.com","1587050346","9f5a6e062d2e0b820f0cfb2847b75059f52b5c43","cfbd41b786519d4a15e1c15181556689bcf6635a","perf tools: Synthesize bpf_trampoline/dispatcher ksymbol event Synthesize bpf images (trampolines/dispatchers) on start, as ksymbol events from /proc/kallsyms. Having this perf can recognize samples from those images and perf report and top shows them correctly. The rest of the ksymbol handling is already in place from for the bpf programs monitoring, so only the initial state was needed. perf report output: # Overhead Command Shared Object Symbol 12.37% test_progs [kernel.vmlinux] [k] entry_SYSCALL_64 11.80% test_progs [kernel.vmlinux] [k] syscall_return_via_sysret 9.63% test_progs bpf_prog_bcf7977d3b93787c_prog2 [k] bpf_prog_bcf7977d3b93787c_prog2 6.90% test_progs bpf_trampoline_24456 [k] bpf_trampoline_24456 6.36% test_progs [kernel.vmlinux] [k] memcpy_erms Committer notes: Use scnprintf() instead of strncpy() to overcome this on fedora:32, rawhide and OpenMandriva Cooker: CC /tmp/build/perf/util/bpf-event.o In file included from /usr/include/string.h:495, from /git/linux/tools/lib/bpf/libbpf_common.h:12, from /git/linux/tools/lib/bpf/bpf.h:31, from util/bpf-event.c:4: In function 'strncpy', inlined from 'process_bpf_image' at util/bpf-event.c:323:2, inlined from 'kallsyms_process_symbol' at util/bpf-event.c:358:9: /usr/include/bits/string_fortified.h:106:10: error: '__builtin_strncpy' specified bound 256 equals destination size [-Werror=stringop-truncation] 106 | return __builtin___strncpy_chk (__dest, __src, __len, __bos (__dest)); | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ cc1: all warnings being treated as errors Signed-off-by: Jiri Olsa Acked-by: Song Liu Cc: Alexei Starovoitov Cc: Andrii Nakryiko Cc: Björn Töpel Cc: Daniel Borkmann Cc: David S. Miller Cc: Jakub Kicinski Cc: Jesper Dangaard Brouer Cc: John Fastabend Cc: Martin KaFai Lau Cc: Yonghong Song Link: https://lore.kernel.org/bpf/20200312195610.346362-14-jolsa@kernel.org/ Signed-off-by: Arnaldo Carvalho de Melo ","tools/perf/util/bpf-event.c | 93 +++++++++++++++++++++++++++++++++++++++++++++; 1 file changed, 93 insertions(+)","This commit adds support for recognizing bpf trampoline and dispatcher ksymbols to improve perf output.","perf,ksymbol,bpf","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', 'kprobe/ftrace like type kernel dynamic probe programs. It affects kernel-level probes used for tracing kernel functions. It can be other kernel probes in perf-events.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"78b877113f6ed39c96f2e78b8e1fbb13c225377a","78b877113f6ed39c96f2e78b8e1fbb13c225377a","David S. Miller","davem@davemloft.net","1586975742","David S. Miller","davem@davemloft.net","1586975742","e36e369a51d188e1d2cdc11540e3ec182e7afed4","6058ee09ec5208254f99c7bd9f7bae556563ba3b c6c111523d9e697bfb463870759825be5d6caff6","Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf Daniel Borkmann says: ==================== pull-request: bpf 2020-04-15 The following pull-request contains BPF updates for your *net* tree. We've added 10 non-merge commits during the last 3 day(s) which contain a total of 11 files changed, 238 insertions(+), 95 deletions(-). The main changes are: 1) Fix offset overflow for BPF_MEM BPF_DW insn mapping on arm32 JIT, from Luke Nelson and Xi Wang. 2) Prevent mprotect() to make frozen & mmap()'ed BPF map writeable again, from Andrii Nakryiko and Jann Horn. 3) Fix type of old_fd in bpf_xdp_set_link_opts to int in libbpf and add selftests, from Toke Høiland-Jørgensen. 4) Fix AF_XDP to check that headroom cannot be larger than the available space in the chunk, from Magnus Karlsson. 5) Fix reset of XDP prog when expected_fd is set, from David Ahern. 6) Fix a segfault in bpftool's struct_ops command when BTF is not available, from Daniel T. Lee. ==================== Signed-off-by: David S. Miller ","","This commit merges several BPF updates including fixes for JIT mappings and AF_XDP headroom checks.","BPF updates, merge, fixes","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"c6c111523d9e697bfb463870759825be5d6caff6","c6c111523d9e697bfb463870759825be5d6caff6","Toke Høiland-Jørgensen","toke@redhat.com","1586875825","Daniel Borkmann","daniel@iogearbox.net","1586949968","fb949e0ba4bb00676e818ac3d3a70efa62781a18","49b452c382da2c2d1ccee1265cbb92da905c82f7","selftests/bpf: Check for correct program attach/detach in xdp_attach test David Ahern noticed that there was a bug in the EXPECTED_FD code so programs did not get detached properly when that parameter was supplied. This case was not included in the xdp_attach tests; so let's add it to be sure that such a bug does not sneak back in down. Fixes: 87854a0b57b3 (""selftests/bpf: Add tests for attaching XDP programs"") Reported-by: David Ahern Signed-off-by: Toke Høiland-Jørgensen Signed-off-by: Daniel Borkmann Acked-by: Song Liu Link: https://lore.kernel.org/bpf/20200414145025.182163-2-toke@redhat.com",".../testing/selftests/bpf/prog_tests/xdp_attach.c | 30 +++++++++++++++++++++-; 1 file changed, 29 insertions(+), 1 deletion(-)","The commit adds a test case to validate correct XDP program attach/detach process and addresses a previously missed edge case in selftests.","xdp_attach, test, selftests","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"49b452c382da2c2d1ccee1265cbb92da905c82f7","49b452c382da2c2d1ccee1265cbb92da905c82f7","Toke Høiland-Jørgensen","toke@redhat.com","1586875824","Daniel Borkmann","daniel@iogearbox.net","1586949968","940a104c0547f3aa76fb064ec6f8f44eec5b0914","25498a1969bf3687c29c29bbac92821d7a0f8b4a","libbpf: Fix type of old_fd in bpf_xdp_set_link_opts The 'old_fd' parameter used for atomic replacement of XDP programs is supposed to be an FD, but was left as a u32 from an earlier iteration of the patch that added it. It was converted to an int when read, so things worked correctly even with negative values, but better change the definition to correctly reflect the intention. Fixes: bd5ca3ef93cd (""libbpf: Add function to set link XDP fd while specifying old program"") Reported-by: David Ahern Signed-off-by: Toke Høiland-Jørgensen Signed-off-by: Daniel Borkmann Acked-by: David Ahern Acked-by: Song Liu Link: https://lore.kernel.org/bpf/20200414145025.182163-1-toke@redhat.com","tools/lib/bpf/libbpf.h | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","The commit corrects the 'old_fd' parameter type in libbpf for atomic XDP program replacement to reflect its intended use as an FD.","libbpf, XDP, old_fd","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"25498a1969bf3687c29c29bbac92821d7a0f8b4a","25498a1969bf3687c29c29bbac92821d7a0f8b4a","Andrii Nakryiko","andriin@fb.com","1586888805","Daniel Borkmann","daniel@iogearbox.net","1586949763","cc579427faea0bdaa8d7b4087eb048c863ac7906","99e3a236dd43d06c65af0a2ef9cb44306aef6e02","libbpf: Always specify expected_attach_type on program load if supported For some types of BPF programs that utilize expected_attach_type, libbpf won't set load_attr.expected_attach_type, even if expected_attach_type is known from section definition. This was done to preserve backwards compatibility with old kernels that didn't recognize expected_attach_type attribute yet (which was added in 5e43f899b03a (""bpf: Check attach type at prog load time""). But this is problematic for some BPF programs that utilize newer features that require kernel to know specific expected_attach_type (e.g., extended set of return codes for cgroup_skb/egress programs). This patch makes libbpf specify expected_attach_type by default, but also detect support for this field in kernel and not set it during program load. This allows to have a good metadata for bpf_program (e.g., bpf_program__get_extected_attach_type()), but still work with old kernels (for cases where it can work at all). Additionally, due to expected_attach_type being always set for recognized program types, bpf_program__attach_cgroup doesn't have to do extra checks to determine correct attach type, so remove that additional logic. Also adjust section_names selftest to account for this change. More detailed discussion can be found in [0]. [0] https://lore.kernel.org/bpf/20200412003604.GA15986@rdna-mbp.dhcp.thefacebook.com/ Fixes: 5cf1e9145630 (""bpf: cgroup inet skb programs can return 0 to 3"") Fixes: 5e43f899b03a (""bpf: Check attach type at prog load time"") Reported-by: Andrey Ignatov Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Acked-by: Song Liu Acked-by: Andrey Ignatov Link: https://lore.kernel.org/bpf/20200414182645.1368174-1-andriin@fb.com","tools/lib/bpf/libbpf.c | 126 ++++++++++++++-------; .../selftests/bpf/prog_tests/section_names.c | 42 ++++---; 2 files changed, 109 insertions(+), 59 deletions(-)","The commit modifies libbpf to specify expected_attach_type by default, enhancing compatibility with both old and new kernel features.","libbpf expected_attach_type kernels","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"99e3a236dd43d06c65af0a2ef9cb44306aef6e02","99e3a236dd43d06c65af0a2ef9cb44306aef6e02","Magnus Karlsson","magnus.karlsson@intel.com","1586849715","Daniel Borkmann","daniel@iogearbox.net","1586948838","14527dbe4aed7324672dfc119739886f523697d0","89f33dcadb349eb926a92633e2c5f61466afc596","xsk: Add missing check on user supplied headroom size Add a check that the headroom cannot be larger than the available space in the chunk. In the current code, a malicious user can set the headroom to a value larger than the chunk size minus the fixed XDP headroom. That way packets with a length larger than the supported size in the umem could get accepted and result in an out-of-bounds write. Fixes: c0c77d8fb787 (""xsk: add user memory registration support sockopt"") Reported-by: Bui Quang Minh Signed-off-by: Magnus Karlsson Signed-off-by: Daniel Borkmann Link: https://bugzilla.kernel.org/show_bug.cgi?id=207225 Link: https://lore.kernel.org/bpf/1586849715-23490-1-git-send-email-magnus.karlsson@intel.com","net/xdp/xdp_umem.c | 5 ++---; 1 file changed, 2 insertions(+), 3 deletions(-)","This commit adds a safety check to ensure user-supplied headroom in xsk cannot exceed valid boundaries to prevent out-of-bounds writes.","headroom, xsk, bug","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"89f33dcadb349eb926a92633e2c5f61466afc596","89f33dcadb349eb926a92633e2c5f61466afc596","Zou Wei","zou_wei@huawei.com","1586779076","Daniel Borkmann","daniel@iogearbox.net","1586893206","f72000dd6eece4b474b47754752c5ccd038b9637","dfa74909cb6b846cbdabfc2c3c7de1d507fca075","bpf: remove unneeded conversion to bool in __mark_reg_unknown This issue was detected by using the Coccinelle software: kernel/bpf/verifier.c:1259:16-21: WARNING: conversion to bool not needed here The conversion to bool is unneeded, remove it. Reported-by: Hulk Robot Signed-off-by: Zou Wei Signed-off-by: Daniel Borkmann Acked-by: Song Liu Link: https://lore.kernel.org/bpf/1586779076-101346-1-git-send-email-zou_wei@huawei.com","kernel/bpf/verifier.c | 3 +--; 1 file changed, 1 insertion(+), 2 deletions(-)","The commit removes an unnecessary conversion to bool in the eBPF verifier code detected by Coccinelle.","remove, conversion, verifier","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"dfa74909cb6b846cbdabfc2c3c7de1d507fca075","dfa74909cb6b846cbdabfc2c3c7de1d507fca075","David Ahern","dsahern@gmail.com","1586698324","Daniel Borkmann","daniel@iogearbox.net","1586893082","abcec0eda77f457704330ae51338d22e98d656c9","96b2eb6e77959b4b52f80e7a61d03db77606aac6","xdp: Reset prog in dev_change_xdp_fd when fd is negative The commit mentioned in the Fixes tag reuses the local prog variable when looking up an expected_fd. The variable is not reset when fd < 0 causing a detach with the expected_fd set to actually call dev_xdp_install for the existing program. The end result is that the detach does not happen. Fixes: 92234c8f15c8 (""xdp: Support specifying expected existing program when attaching XDP"") Signed-off-by: David Ahern Signed-off-by: Daniel Borkmann Reviewed-by: Jakub Kicinski Reviewed-by: Toke Høiland-Jørgensen Link: https://lore.kernel.org/bpf/20200412133204.43847-1-dsahern@kernel.org","net/core/dev.c | 3 ++-; 1 file changed, 2 insertions(+), 1 deletion(-)","Fixes an issue in dev_change_xdp_fd by resetting the prog variable when fd is negative to ensure proper XDP program detachment.","xdp, detach, prog","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"96b2eb6e77959b4b52f80e7a61d03db77606aac6","96b2eb6e77959b4b52f80e7a61d03db77606aac6","Daniel T. Lee","danieltimlee@gmail.com","1586484372","Daniel Borkmann","daniel@iogearbox.net","1586892833","4b2925662cb05bc2667f432372bcbc02956b0439","642c1654702731ab42a3be771bebbd6ef938f0dc","tools, bpftool: Fix struct_ops command invalid pointer free In commit 65c93628599d (""bpftool: Add struct_ops support"") a new type of command named struct_ops has been added. This command requires a kernel with CONFIG_DEBUG_INFO_BTF=y set and for retrieving BTF info in bpftool, the helper get_btf_vmlinux() is used. When running this command on kernel without BTF debug info, this will lead to 'btf_vmlinux' variable being an invalid(error) pointer. And by this, btf_free() causes a segfault when executing 'bpftool struct_ops'. This commit adds pointer validation with IS_ERR not to free invalid pointer, and this will fix the segfault issue. Fixes: 65c93628599d (""bpftool: Add struct_ops support"") Signed-off-by: Daniel T. Lee Signed-off-by: Daniel Borkmann Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200410020612.2930667-1-danieltimlee@gmail.com","tools/bpf/bpftool/struct_ops.c | 4 +++-; 1 file changed, 3 insertions(+), 1 deletion(-)","Fixes a segfault issue in bpftool struct_ops command by adding pointer validation.","bpftool,struct_ops,segfault","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The bpftool utility. It modifies the bpftool utility used for introspecting and interacting with eBPF programs and maps.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Struct_ops type related programs. It affects programs tha t allows user-defined methods to be called by subsystems.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"642c1654702731ab42a3be771bebbd6ef938f0dc","642c1654702731ab42a3be771bebbd6ef938f0dc","Andrii Nakryiko","andriin@fb.com","1586550373","Daniel Borkmann","daniel@iogearbox.net","1586892537","766a7490a2cdb507523f1369f73ec902fb699e85","1f6cb19be2e231fe092f40decb71f066eba090d7","selftests/bpf: Validate frozen map contents stays frozen Test that frozen and mmap()'ed BPF map can't be mprotect()'ed as writable or executable memory. Also validate that ""downgrading"" from writable to read-only doesn't screw up internal writable count accounting for the purposes of map freezing. Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200410202613.3679837-2-andriin@fb.com","tools/testing/selftests/bpf/prog_tests/mmap.c | 62 ++++++++++++++++++++++++++-; 1 file changed, 60 insertions(+), 2 deletions(-)","The commit adds selftests to ensure mmap'ed BPF maps remain non-writable and validates permission handling during map freezing.","validate,frozen,map","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"1f6cb19be2e231fe092f40decb71f066eba090d7","1f6cb19be2e231fe092f40decb71f066eba090d7","Andrii Nakryiko","andriin@fb.com","1586550372","Daniel Borkmann","daniel@iogearbox.net","1586892537","f403308df2df8c60baedaa5eed2444e617e320f0","4178417cc5359c329790a4a8f4a6604612338cca","bpf: Prevent re-mmap()'ing BPF map as writable for initially r/o mapping VM_MAYWRITE flag during initial memory mapping determines if already mmap()'ed pages can be later remapped as writable ones through mprotect() call. To prevent user application to rewrite contents of memory-mapped as read-only and subsequently frozen BPF map, remove VM_MAYWRITE flag completely on initially read-only mapping. Alternatively, we could treat any memory-mapping on unfrozen map as writable and bump writecnt instead. But there is little legitimate reason to map BPF map as read-only and then re-mmap() it as writable through mprotect(), instead of just mmap()'ing it as read/write from the very beginning. Also, at the suggestion of Jann Horn, drop unnecessary refcounting in mmap operations. We can just rely on VMA holding reference to BPF map's file properly. Fixes: fc9702273e2e (""bpf: Add mmap() support for BPF_MAP_TYPE_ARRAY"") Reported-by: Jann Horn Signed-off-by: Andrii Nakryiko Signed-off-by: Daniel Borkmann Reviewed-by: Jann Horn Link: https://lore.kernel.org/bpf/20200410202613.3679837-1-andriin@fb.com","kernel/bpf/syscall.c | 16 +++++++---------; 1 file changed, 7 insertions(+), 9 deletions(-)","The commit prevents remapping read-only BPF maps as writable by removing the VM_MAYWRITE flag.","BPF mmap VM_MAYWRITE","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"4178417cc5359c329790a4a8f4a6604612338cca","4178417cc5359c329790a4a8f4a6604612338cca","Luke Nelson","lukenels@cs.washington.edu","1586470672","Daniel Borkmann","daniel@iogearbox.net","1586892474","4816744db5c1f822f9a5b55822213b890617f660","e154659ba39a1c2be576aaa0a5bda8088d707950","arm, bpf: Fix offset overflow for BPF_MEM BPF_DW This patch fixes an incorrect check in how immediate memory offsets are computed for BPF_DW on arm. For BPF_LDX/ST/STX + BPF_DW, the 32-bit arm JIT breaks down an 8-byte access into two separate 4-byte accesses using off+0 and off+4. If off fits in imm12, the JIT emits a ldr/str instruction with the immediate and avoids the use of a temporary register. While the current check off <= 0xfff ensures that the first immediate off+0 doesn't overflow imm12, it's not sufficient for the second immediate off+4, which may cause the second access of BPF_DW to read/write the wrong address. This patch fixes the problem by changing the check to off <= 0xfff - 4 for BPF_DW, ensuring off+4 will never overflow. A side effect of simplifying the check is that it now allows using negative immediate offsets in ldr/str. This means that small negative offsets can also avoid the use of a temporary register. This patch introduces no new failures in test_verifier or test_bpf.c. Fixes: c5eae692571d6 (""ARM: net: bpf: improve 64-bit store implementation"") Fixes: ec19e02b343db (""ARM: net: bpf: fix LDX instructions"") Co-developed-by: Xi Wang Signed-off-by: Xi Wang Signed-off-by: Luke Nelson Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200409221752.28448-1-luke.r.nels@gmail.com","arch/arm/net/bpf_jit_32.c | 40 ++++++++++++++++++++++++----------------; 1 file changed, 24 insertions(+), 16 deletions(-)","This commit fixes an offset overflow issue in the ARM BPF JIT for BPF_DW instructions.","offset,ARM,BPF_DW","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"651e0d881461ab2b1cd5cbec3a642d22fc8d6057","651e0d881461ab2b1cd5cbec3a642d22fc8d6057","Andrea Righi","andrea.righi@canonical.com","1586512979","Shuah Khan","skhan@linuxfoundation.org","1586879353","64758fd2c504428a2f3b710350999686cc95ed6d","d925c896956283cf12634c4223f62ad2c080da29","kselftest/runner: allow to properly deliver signals to tests While running seccomp_bpf, kill_after_ptrace() gets stuck if we run it via /usr/bin/timeout (that is the default), until the timeout expires. This is because /usr/bin/timeout is preventing to properly deliver signals to ptrace'd children (SIGSYS in this case). This problem can be easily reproduced by running: $ sudo make TARGETS=seccomp kselftest ... # [ RUN ] TRACE_syscall.skip_a# not ok 1 selftests: seccomp: seccomp_bpf # TIMEOUT The test is hanging at this point until the timeout expires and then it reports the timeout error. Prevent this problem by passing --foreground to /usr/bin/timeout, allowing to properly deliver signals to children processes. Signed-off-by: Andrea Righi Acked-by: Kees Cook Signed-off-by: Shuah Khan ","tools/testing/selftests/kselftest/runner.sh | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","The commit modifies the kselftest runner to deliver signals properly during test execution which prevents timeouts in ptraced child processes.","signals,timeout,runner","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"e3698b23ecb8c099b4b523e7d5c8c042e93ef15d","e3698b23ecb8c099b4b523e7d5c8c042e93ef15d","Arnaldo Carvalho de Melo","acme@redhat.com","1586870859","Arnaldo Carvalho de Melo","acme@redhat.com","1586875205","7c4738852288d3843f2bb7cc89ba988eeea07ed0","5b992add7d32d3106f121c85ad99d2986dc3b8e6","tools headers: Synchronize linux/bits.h with the kernel sources To pick up the changes in these csets: 295bcca84916 (""linux/bits.h: add compile time sanity check of GENMASK inputs"") 3945ff37d2f4 (""linux/bits.h: Extract common header for vDSO"") To address this tools/perf build warning: Warning: Kernel ABI header at 'tools/include/linux/bits.h' differs from latest version at 'include/linux/bits.h' diff -u tools/include/linux/bits.h include/linux/bits.h This clashes with usage of userspace's static_assert(), that, at least on glibc, is guarded by a ifnded/endif pair, do the same to our copy of build_bug.h and avoid that diff in check_headers.sh so that we continue checking for drifts with the kernel sources master copy. This will all be tested with the set of build containers that includes uCLibc, musl libc, lots of glibc versions in lots of distros and cross build environments. The tools/objtool, tools/bpf, etc were tested as well. Cc: Adrian Hunter Cc: Jiri Olsa Cc: Namhyung Kim Cc: Rikard Falkeborn Cc: Thomas Gleixner Cc: Vincenzo Frascino Signed-off-by: Arnaldo Carvalho de Melo ","tools/include/linux/bits.h | 24 ++++++++++--; tools/include/linux/build_bug.h | 82 +++++++++++++++++++++++++++++++++++++++++; tools/include/linux/kernel.h | 4 +-; tools/include/vdso/bits.h | 9 +++++; tools/perf/check-headers.sh | 2 +; 5 files changed, 115 insertions(+), 6 deletions(-)","Synchronize linux/bits.h with kernel sources to resolve build discrepancies and ensure compatibility with various libc versions.","synchronize, build, headers","A build system or CI/CD change. It affects the build process continuous integration or deployment pipelines.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"40fc7ad2c8863479f3db34f9a9283b4884cd0e90","40fc7ad2c8863479f3db34f9a9283b4884cd0e90","David S. Miller","davem@davemloft.net","1586479162","David S. Miller","davem@davemloft.net","1586479162","20d697f61bc6108e7230d629b2cf85ff0e2b094f","690cc86321eb9bcee371710252742fb16fe96824 bb9562cf5c67813034c96afb50bd21130a504441","Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf Daniel Borkmann says: ==================== pull-request: bpf 2020-04-10 The following pull-request contains BPF updates for your *net* tree. We've added 13 non-merge commits during the last 7 day(s) which contain a total of 13 files changed, 137 insertions(+), 43 deletions(-). The main changes are: 1) JIT code emission fixes for riscv and arm32, from Luke Nelson and Xi Wang. 2) Disable vmlinux BTF info if GCC_PLUGIN_RANDSTRUCT is used, from Slava Bacherikov. 3) Fix oob write in AF_XDP when meta data is used, from Li RongQing. 4) Fix bpf_get_link_xdp_id() handling on single prog when flags are specified, from Andrey Ignatov. 5) Fix sk_assign() BPF helper for request sockets that can have sk_reuseport field uninitialized, from Joe Stringer. 6) Fix mprotect() test case for the BPF LSM, from KP Singh. ==================== Signed-off-by: David S. Miller ","","This commit merges multiple BPF updates including JIT fixes and security enhancements into the net tree.","merge,BPF,updates","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"bb9562cf5c67813034c96afb50bd21130a504441","bb9562cf5c67813034c96afb50bd21130a504441","Luke Nelson","lukenels@cs.washington.edu","1586369549","Daniel Borkmann","daniel@iogearbox.net","1586387153","438bbc341bfc83f012c0a77517064f907ae71f54","8e368dc72e86ad1e1a612416f32d5ad22dca88bc","arm, bpf: Fix bugs with ALU64 {RSH, ARSH} BPF_K shift by 0 The current arm BPF JIT does not correctly compile RSH or ARSH when the immediate shift amount is 0. This causes the ""rsh64 by 0 imm"" and ""arsh64 by 0 imm"" BPF selftests to hang the kernel by reaching an instruction the verifier determines to be unreachable. The root cause is in how immediate right shifts are encoded on arm. For LSR and ASR (logical and arithmetic right shift), a bit-pattern of 00000 in the immediate encodes a shift amount of 32. When the BPF immediate is 0, the generated code shifts by 32 instead of the expected behavior (a no-op). This patch fixes the bugs by adding an additional check if the BPF immediate is 0. After the change, the above mentioned BPF selftests pass. Fixes: 39c13c204bb11 (""arm: eBPF JIT compiler"") Co-developed-by: Xi Wang Signed-off-by: Xi Wang Signed-off-by: Luke Nelson Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200408181229.10909-1-luke.r.nels@gmail.com","arch/arm/net/bpf_jit_32.c | 12 ++++++++++--; 1 file changed, 10 insertions(+), 2 deletions(-)","This commit fixes an ARM BPF JIT compiler bug for ALU64 right shifts by zero.","ARM,BPF,JIT","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"8e368dc72e86ad1e1a612416f32d5ad22dca88bc","8e368dc72e86ad1e1a612416f32d5ad22dca88bc","Joe Stringer","joe@wand.net.nz","1586316940","Daniel Borkmann","daniel@iogearbox.net","1586386934","654cd7e341b07cb25b2a1b224d7c900f26ebce91","eb203f4b89c1a1a779d9781e49b568d2a712abc6","bpf: Fix use of sk->sk_reuseport from sk_assign In testing, we found that for request sockets the sk->sk_reuseport field may yet be uninitialized, which caused bpf_sk_assign() to randomly succeed or return -ESOCKTNOSUPPORT when handling the forward ACK in a three-way handshake. Fix it by only applying the reuseport check for full sockets. Fixes: cf7fbe660f2d (""bpf: Add socket assign support"") Signed-off-by: Joe Stringer Signed-off-by: Daniel Borkmann Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200408033540.10339-1-joe@wand.net.nz","net/core/filter.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","Fixes an uninitialized field issue in request sockets for eBPF socket assignment by applying the reuseport check only for full sockets.","sk_reuseport,bpf_sk_assign,fix","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"eb203f4b89c1a1a779d9781e49b568d2a712abc6","eb203f4b89c1a1a779d9781e49b568d2a712abc6","Andrey Ignatov","rdna@fb.com","1586236186","Daniel Borkmann","daniel@iogearbox.net","1586302524","57c44245c09f97a5267d390fe641fa8ab134cff5","f07cbad29741407ace2a9688548fa93d9cb38df3","selftests/bpf: Add test for bpf_get_link_xdp_id Add xdp_info selftest that makes sure that bpf_get_link_xdp_id returns valid prog_id for different input modes: * w/ and w/o flags when no program is attached; * w/ and w/o flags when one program is attached. Signed-off-by: Andrey Ignatov Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/2a9a6d1ce33b91ccc1aa3de6dba2d309f2062811.1586236080.git.rdna@fb.com","tools/testing/selftests/bpf/prog_tests/xdp_info.c | 68 +++++++++++++++++++++++; 1 file changed, 68 insertions(+)","This commit adds a selftest for the function bpf_get_link_xdp_id to ensure valid prog_id return for different input modes in XDP.","test,xdp,prog_id","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"f07cbad29741407ace2a9688548fa93d9cb38df3","f07cbad29741407ace2a9688548fa93d9cb38df3","Andrey Ignatov","rdna@fb.com","1586236185","Daniel Borkmann","daniel@iogearbox.net","1586300255","be1940ed74a8e8b53c45cf3e58168c9e6de2dc5a","489553dd13a88d8a882db10622ba8b9b58582ce4","libbpf: Fix bpf_get_link_xdp_id flags handling Currently if one of XDP_FLAGS_{DRV,HW,SKB}_MODE flags is passed to bpf_get_link_xdp_id() and there is a single XDP program attached to ifindex, that program's id will be returned by bpf_get_link_xdp_id() in prog_id argument no matter what mode the program is attached in, i.e. flags argument is not taken into account. For example, if there is a single program attached with XDP_FLAGS_SKB_MODE but user calls bpf_get_link_xdp_id() with flags = XDP_FLAGS_DRV_MODE, that skb program will be returned. Fix it by returning info->prog_id only if user didn't specify flags. If flags is specified then return corresponding mode-specific-field from struct xdp_link_info. The initial error was introduced in commit 50db9f073188 (""libbpf: Add a support for getting xdp prog id on ifindex"") and then refactored in 473f4e133a12 so 473f4e133a12 is used in the Fixes tag. Fixes: 473f4e133a12 (""libbpf: Add bpf_get_link_xdp_info() function to get more XDP information"") Signed-off-by: Andrey Ignatov Signed-off-by: Daniel Borkmann Acked-by: Toke Høiland-Jørgensen Link: https://lore.kernel.org/bpf/0e9e30490b44b447bb2bebc69c7135e7fe7e4e40.1586236080.git.rdna@fb.com","tools/lib/bpf/netlink.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","The commit fixes the handling of XDP mode flags in the libbpf function bpf_get_link_xdp_id for correct program ID retrieval.","XDP,libbpf,flags","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"489553dd13a88d8a882db10622ba8b9b58582ce4","489553dd13a88d8a882db10622ba8b9b58582ce4","Luke Nelson","lukenels@cs.washington.edu","1586211364","Daniel Borkmann","daniel@iogearbox.net","1586300021","e63f93ad112d4eccb8ea2e11d31e3c98b6dcd2e3","0ac16296ffc638f5163f9aeeeb1fe447268e449f","riscv, bpf: Fix offset range checking for auipc+jalr on RV64 The existing code in emit_call on RV64 checks that the PC-relative offset to the function fits in 32 bits before calling emit_jump_and_link to emit an auipc+jalr pair. However, this check is incorrect because offsets in the range [2^31 - 2^11, 2^31 - 1] cannot be encoded using auipc+jalr on RV64 (see discussion [1]). The RISC-V spec has recently been updated to reflect this fact [2, 3]. This patch fixes the problem by moving the check on the offset into emit_jump_and_link and modifying it to the correct range of encodable offsets, which is [-2^31 - 2^11, 2^31 - 2^11). This also enforces the check on the offset to other uses of emit_jump_and_link (e.g., BPF_JA) as well. Currently, this bug is unlikely to be triggered, because the memory region from which JITed images are allocated is close enough to kernel text for the offsets to not become too large; and because the bounds on BPF program size are small enough. This patch prevents this problem from becoming an issue if either of these change. [1]: https://groups.google.com/a/groups.riscv.org/forum/#!topic/isa-dev/bwWFhBnnZFQ [2]: https://github.com/riscv/riscv-isa-manual/commit/b1e42e09ac55116dbf9de5e4fb326a5a90e4a993 [3]: https://github.com/riscv/riscv-isa-manual/commit/4c1b2066ebd2965a422e41eb262d0a208a7fea07 Signed-off-by: Luke Nelson Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200406221604.18547-1-luke.r.nels@gmail.com","arch/riscv/net/bpf_jit_comp64.c | 49 +++++++++++++++++++++++++++--------------; 1 file changed, 32 insertions(+), 17 deletions(-)","This commit corrects the offset range check in eBPF JIT compilation on RISC-V RV64 architecture.","offset, RV64, JIT","A bug fix. It primarily resolves a bug or issue in the code.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"0ac16296ffc638f5163f9aeeeb1fe447268e449f","0ac16296ffc638f5163f9aeeeb1fe447268e449f","Qiujun Huang","hqjagain@gmail.com","1585901254","Daniel Borkmann","daniel@iogearbox.net","1586202850","f60a3a58643bb42a00d62547b0461da74c7fbb16","4734b0fefbbf98f8c119eb8344efa19dac82cd2c","bpf: Fix a typo ""inacitve"" -> ""inactive"" There is a typo in struct bpf_lru_list's next_inactive_rotation description, thus fix s/inacitve/inactive/. Signed-off-by: Qiujun Huang Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/1585901254-30377-1-git-send-email-hqjagain@gmail.com","kernel/bpf/bpf_lru_list.h | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","This commit fixes a typographical error in the bpf_lru_list struct description.","typo,inactive,bpf_lru_list","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF maps. It changes how data structures shared between user-space and kernel-space (maps) are created or managed.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"4734b0fefbbf98f8c119eb8344efa19dac82cd2c","4734b0fefbbf98f8c119eb8344efa19dac82cd2c","Jeremy Cline","jcline@redhat.com","1585977270","Daniel Borkmann","daniel@iogearbox.net","1586202714","6a5980fc15d7fd3a471f781547370420f5a5a932","db5c97f02373917efe2c218ebf8e3d8b19e343b6","libbpf: Initialize *nl_pid so gcc 10 is happy Builds of Fedora's kernel-tools package started to fail with ""may be used uninitialized"" warnings for nl_pid in bpf_set_link_xdp_fd() and bpf_get_link_xdp_info() on the s390 architecture. Although libbpf_netlink_open() always returns a negative number when it does not set *nl_pid, the compiler does not determine this and thus believes the variable might be used uninitialized. Assuage gcc's fears by explicitly initializing nl_pid. Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1807781 Signed-off-by: Jeremy Cline Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200404051430.698058-1-jcline@redhat.com","tools/lib/bpf/netlink.c | 4 ++--; 1 file changed, 2 insertions(+), 2 deletions(-)","Initialize nl_pid in libbpf to prevent uninitialized variable warnings on gcc 10 for the s390 architecture.","libbpf,nl_pid,gcc","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"db5c97f02373917efe2c218ebf8e3d8b19e343b6","db5c97f02373917efe2c218ebf8e3d8b19e343b6","Li RongQing","lirongqing@baidu.com","1585813930","Daniel Borkmann","daniel@iogearbox.net","1586202485","20fda0873765ba42e4ab7b59f6ee1de2e933fde1","5222d69642a09261222fb9703761a029db16cadf","xsk: Fix out of boundary write in __xsk_rcv_memcpy first_len is the remainder of the first page we're copying. If this size is larger, then out of page boundary write will otherwise happen. Fixes: c05cd3645814 (""xsk: add support to allow unaligned chunk placement"") Signed-off-by: Li RongQing Signed-off-by: Daniel Borkmann Acked-by: Jonathan Lemon Acked-by: Björn Töpel Link: https://lore.kernel.org/bpf/1585813930-19712-1-git-send-email-lirongqing@baidu.com","net/xdp/xsk.c | 5 +++--; 1 file changed, 3 insertions(+), 2 deletions(-)","The commit resolves out-of-bounds write issue in the XDP socket receive function __xsk_rcv_memcpy.","xsk,boundary,write","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.', 'Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"5222d69642a09261222fb9703761a029db16cadf","5222d69642a09261222fb9703761a029db16cadf","KP Singh","kpsingh@google.com","1585858071","Alexei Starovoitov","ast@kernel.org","1585881772","79a2b386c0cc2f1dbbcd1e186f5b38ecb6947447","7a1ca97269ee197ea967de2c9412d8e7e2274ee6","bpf, lsm: Fix the file_mprotect LSM test. The test was previously using an mprotect on the heap memory allocated using malloc and was expecting the allocation to be always using sbrk(2). This is, however, not always true and in certain conditions malloc may end up using anonymous mmaps for heap alloctions. This means that the following condition that is used in the ""lsm/file_mprotect"" program is not sufficent to detect all mprotect calls done on heap memory: is_heap = (vma->vm_start >= vma->vm_mm->start_brk && vma->vm_end <= vma->vm_mm->brk); The test is updated to use an mprotect on memory allocated on the stack. While this would result in the splitting of the vma, this happens only after the security_file_mprotect hook. So, the condition used in the BPF program holds true. Fixes: 03e54f100d57 (""bpf: lsm: Add selftests for BPF_PROG_TYPE_LSM"") Reported-by: Alexei Starovoitov Signed-off-by: KP Singh Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200402200751.26372-1-kpsingh@chromium.org","tools/testing/selftests/bpf/prog_tests/test_lsm.c | 18 +++++++++---------; tools/testing/selftests/bpf/progs/lsm.c | 8 ++++----; 2 files changed, 13 insertions(+), 13 deletions(-)","Fix the file_mprotect LSM test to accurately detect mprotect calls on heap memory by using stack memory allocations.","file_mprotect, LSM, mprotect","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['LSM type related programs. It relates to eBPF programs used with Linux Security Modules (LSMs) for security enhancements.']" +"7a1ca97269ee197ea967de2c9412d8e7e2274ee6","7a1ca97269ee197ea967de2c9412d8e7e2274ee6","Jakub Sitnicki","jakub@cloudflare.com","1585832124","Daniel Borkmann","daniel@iogearbox.net","1585866997","9373a82107813b994bff2956a10828efbe04d84b","93bbb2555b65e582be9daebb752e1b8e7380da20","net, sk_msg: Don't use RCU_INIT_POINTER on sk_user_data sparse reports an error due to use of RCU_INIT_POINTER helper to assign to sk_user_data pointer, which is not tagged with __rcu: net/core/sock.c:1875:25: error: incompatible types in comparison expression (different address spaces): net/core/sock.c:1875:25: void [noderef] * net/core/sock.c:1875:25: void * ... and rightfully so. sk_user_data is not always treated as a pointer to an RCU-protected data. When it is used to point at an RCU-protected object, we access it with __sk_user_data to inform sparse about it. In this case, when the child socket does not inherit sk_user_data from the parent, there is no reason to treat it as an RCU-protected pointer. Use a regular assignment to clear the pointer value. Fixes: f1ff5ce2cd5e (""net, sk_msg: Clear sk_user_data pointer on clone if tagged"") Reported-by: kbuild test robot Signed-off-by: Jakub Sitnicki Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200402125524.851439-1-jakub@cloudflare.com","net/core/sock.c | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","The commit fixes a sparse error by changing RCU_INIT_POINTER usage to a regular assignment for sk_user_data in child sockets.","RCU_INIT_POINTER, sk_user_data, sparse","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"93bbb2555b65e582be9daebb752e1b8e7380da20","93bbb2555b65e582be9daebb752e1b8e7380da20","Björn Töpel","bjorn.topel@gmail.com","1585649446","Daniel Borkmann","daniel@iogearbox.net","1585866822","d59485c92619e468a87c46452c4d4cfff9b9a066","250e778fe1635b237d9f52c5d9df202cf23413d6","riscv, bpf: Remove BPF JIT for nommu builds The BPF JIT fails to build for kernels configured to !MMU. Without an MMU, the BPF JIT does not make much sense, therefore this patch disables the JIT for nommu builds. This was reported by the kbuild test robot: All errors (new ones prefixed by >>): arch/riscv/net/bpf_jit_comp64.c: In function 'bpf_jit_alloc_exec': >> arch/riscv/net/bpf_jit_comp64.c:1094:47: error: 'BPF_JIT_REGION_START' undeclared (first use in this function) 1094 | return __vmalloc_node_range(size, PAGE_SIZE, BPF_JIT_REGION_START, | ^~~~~~~~~~~~~~~~~~~~ arch/riscv/net/bpf_jit_comp64.c:1094:47: note: each undeclared identifier is reported only once for each function it appears in >> arch/riscv/net/bpf_jit_comp64.c:1095:9: error: 'BPF_JIT_REGION_END' undeclared (first use in this function) 1095 | BPF_JIT_REGION_END, GFP_KERNEL, | ^~~~~~~~~~~~~~~~~~ arch/riscv/net/bpf_jit_comp64.c:1098:1: warning: control reaches end of non-void function [-Wreturn-type] 1098 | } | ^ Reported-by: kbuild test robot Signed-off-by: Björn Töpel Signed-off-by: Daniel Borkmann Acked-by: Luke Nelson Link: https://lore.kernel.org/bpf/20200331101046.23252-1-bjorn.topel@gmail.com","arch/riscv/Kconfig | 2 +-; 1 file changed, 1 insertion(+), 1 deletion(-)","The commit removes BPF JIT support for RISC-V architecture's nommu builds due to reported build errors.","BPF JIT, nommu, RISC-V","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF JIT compiler for different architectures. It changes how eBPF bytecode is translated into machine code for different hardware architectures.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"250e778fe1635b237d9f52c5d9df202cf23413d6","250e778fe1635b237d9f52c5d9df202cf23413d6","Colin Ian King","colin.king@canonical.com","1585648830","Daniel Borkmann","daniel@iogearbox.net","1585866594","6e5ad80db862970192719665a3addda83cc25573","7d32e69310d67e6b04af04f26193f79dfc2f05c7","bpf: Fix spelling mistake ""arithmatic"" -> ""arithmetic"" in test_verifier There are a couple of spelling mistakes in two literal strings, fix them. Signed-off-by: Colin Ian King Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200331100030.41372-1-colin.king@canonical.com","tools/testing/selftests/bpf/verifier/bounds.c | 4 ++--; 1 file changed, 2 insertions(+), 2 deletions(-)","The commit fixes spelling mistakes in literal strings within a test file of the eBPF verifier.","spelling, mistakes, verifier","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"7d32e69310d67e6b04af04f26193f79dfc2f05c7","7d32e69310d67e6b04af04f26193f79dfc2f05c7","Slava Bacherikov","slava@bacher09.org","1585860099","Daniel Borkmann","daniel@iogearbox.net","1585866456","0373a81cc322aed49517e4a2873f80c06711c9db","21f64e72e7073199a6f8d7d8efe52cd814d7d665","kbuild, btf: Fix dependencies for DEBUG_INFO_BTF Currently turning on DEBUG_INFO_SPLIT when DEBUG_INFO_BTF is also enabled will produce invalid btf file, since gen_btf function in link-vmlinux.sh script doesn't handle *.dwo files. Enabling DEBUG_INFO_REDUCED will also produce invalid btf file, and using GCC_PLUGIN_RANDSTRUCT with BTF makes no sense. Fixes: e83b9f55448a (""kbuild: add ability to generate BTF type info for vmlinux"") Reported-by: Jann Horn Reported-by: Liu Yiding Signed-off-by: Slava Bacherikov Signed-off-by: Daniel Borkmann Reviewed-by: Kees Cook Acked-by: KP Singh Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200402204138.408021-1-slava@bacher09.org","lib/Kconfig.debug | 2 ++; 1 file changed, 2 insertions(+)","Fixes dependencies related to DEBUG_INFO_BTF to prevent invalid BTF file generation with certain configurations in kbuild.","dependencies,BTF,kbuild","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"c537338c055455040c597eeb305b225fa985711c","c537338c055455040c597eeb305b225fa985711c","Kees Cook","keescook@chromium.org","1585800253","Linus Torvalds","torvalds@linux-foundation.org","1585845326","d221af57b2ffb048ee4a99e594bc8b2fd4bc2849","4ceb229f66c67aec5619c4ef11a5fdbe35365aa0","fs_parse: remove pr_notice() about each validation This notice fills my boot logs with scary-looking asterisks but doesn't really tell me anything. Let's just remove it; validation errors are already reported separately, so this is just a redundant list of filesystems. $ dmesg | grep VALIDATE [ 0.306256] *** VALIDATE tmpfs *** [ 0.307422] *** VALIDATE proc *** [ 0.308355] *** VALIDATE cgroup *** [ 0.308741] *** VALIDATE cgroup2 *** [ 0.813256] *** VALIDATE bpf *** [ 0.815272] *** VALIDATE ramfs *** [ 0.815665] *** VALIDATE hugetlbfs *** [ 0.876970] *** VALIDATE nfs *** [ 0.877383] *** VALIDATE nfs4 *** Signed-off-by: Kees Cook Signed-off-by: Andrew Morton Reviewed-by: Seth Arnold Cc: Alexander Viro Link: http://lkml.kernel.org/r/202003061617.A8835CAAF@keescook Signed-off-by: Linus Torvalds ","fs/fs_parser.c | 2 --; 1 file changed, 2 deletions(-)","The commit removes non-informative validation messages from the boot logs in the filesystem parser component.","validation, fs_parser, logs","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"29d9f30d4ce6c7a38745a54a8cddface10013490","29d9f30d4ce6c7a38745a54a8cddface10013490","Linus Torvalds","torvalds@linux-foundation.org","1585700973","Linus Torvalds","torvalds@linux-foundation.org","1585700973","85649ba6a7b39203584d8db9365e03f64e62c136","56a451b780676bc1cdac011735fe2869fa2e9abf 7f80ccfe996871ca69648efee74a60ae7ad0dcd9","Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next Pull networking updates from David Miller: ""Highlights: 1) Fix the iwlwifi regression, from Johannes Berg. 2) Support BSS coloring and 802.11 encapsulation offloading in hardware, from John Crispin. 3) Fix some potential Spectre issues in qtnfmac, from Sergey Matyukevich. 4) Add TTL decrement action to openvswitch, from Matteo Croce. 5) Allow paralleization through flow_action setup by not taking the RTNL mutex, from Vlad Buslov. 6) A lot of zero-length array to flexible-array conversions, from Gustavo A. R. Silva. 7) Align XDP statistics names across several drivers for consistency, from Lorenzo Bianconi. 8) Add various pieces of infrastructure for offloading conntrack, and make use of it in mlx5 driver, from Paul Blakey. 9) Allow using listening sockets in BPF sockmap, from Jakub Sitnicki. 10) Lots of parallelization improvements during configuration changes in mlxsw driver, from Ido Schimmel. 11) Add support to devlink for generic packet traps, which report packets dropped during ACL processing. And use them in mlxsw driver. From Jiri Pirko. 12) Support bcmgenet on ACPI, from Jeremy Linton. 13) Make BPF compatible with RT, from Thomas Gleixnet, Alexei Starovoitov, and your's truly. 14) Support XDP meta-data in virtio_net, from Yuya Kusakabe. 15) Fix sysfs permissions when network devices change namespaces, from Christian Brauner. 16) Add a flags element to ethtool_ops so that drivers can more simply indicate which coalescing parameters they actually support, and therefore the generic layer can validate the user's ethtool request. Use this in all drivers, from Jakub Kicinski. 17) Offload FIFO qdisc in mlxsw, from Petr Machata. 18) Support UDP sockets in sockmap, from Lorenz Bauer. 19) Fix stretch ACK bugs in several TCP congestion control modules, from Pengcheng Yang. 20) Support virtual functiosn in octeontx2 driver, from Tomasz Duszynski. 21) Add region operations for devlink and use it in ice driver to dump NVM contents, from Jacob Keller. 22) Add support for hw offload of MACSEC, from Antoine Tenart. 23) Add support for BPF programs that can be attached to LSM hooks, from KP Singh. 24) Support for multiple paths, path managers, and counters in MPTCP. From Peter Krystad, Paolo Abeni, Florian Westphal, Davide Caratti, and others. 25) More progress on adding the netlink interface to ethtool, from Michal Kubecek"" * git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next: (2121 commits) net: ipv6: rpl_iptunnel: Fix potential memory leak in rpl_do_srh_inline cxgb4/chcr: nic-tls stats in ethtool net: dsa: fix oops while probing Marvell DSA switches net/bpfilter: remove superfluous testing message net: macb: Fix handling of fixed-link node net: dsa: ksz: Select KSZ protocol tag netdevsim: dev: Fix memory leak in nsim_dev_take_snapshot_write net: stmmac: add EHL 2.5Gbps PCI info and PCI ID net: stmmac: add EHL PSE0 & PSE1 1Gbps PCI info and PCI ID net: stmmac: create dwmac-intel.c to contain all Intel platform net: dsa: bcm_sf2: Support specifying VLAN tag egress rule net: dsa: bcm_sf2: Add support for matching VLAN TCI net: dsa: bcm_sf2: Move writing of CFP_DATA(5) into slicing functions net: dsa: bcm_sf2: Check earlier for FLOW_EXT and FLOW_MAC_EXT net: dsa: bcm_sf2: Disable learning for ASP port net: dsa: b53: Deny enslaving port 7 for 7278 into a bridge net: dsa: b53: Prevent tagged VLAN on port 7 for 7278 net: dsa: b53: Restore VLAN entries upon (re)configuration net: dsa: bcm_sf2: Fix overflow checks hv_netvsc: Remove unnecessary round_up for recv_completion_cnt ...","","This commit merges various networking updates from the net-next branch into the main branch.","merge,networking,updates","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"b3aa112d57b704441143d84b0475fb633a750035","b3aa112d57b704441143d84b0475fb633a750035","Linus Torvalds","torvalds@linux-foundation.org","1585692475","Linus Torvalds","torvalds@linux-foundation.org","1585692475","2611fe0797583f924a309b2655bdc5c89110f877","674d85eb2d7dc6ef436f46f770f7ab3f1b9c6669 c753924b628551564b6eea3c9896e4a95aa25ed9","Merge tag 'selinux-pr-20200330' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux Pull SELinux updates from Paul Moore: ""We've got twenty SELinux patches for the v5.7 merge window, the highlights are below: - Deprecate setting /sys/fs/selinux/checkreqprot to 1. This flag was originally created to deal with legacy userspace and the READ_IMPLIES_EXEC personality flag. We changed the default from 1 to 0 back in Linux v4.4 and now we are taking the next step of deprecating it, at some point in the future we will take the final step of rejecting 1. - Allow kernfs symlinks to inherit the SELinux label of the parent directory. In order to preserve backwards compatibility this is protected by the genfs_seclabel_symlinks SELinux policy capability. - Optimize how we store filename transitions in the kernel, resulting in some significant improvements to policy load times. - Do a better job calculating our internal hash table sizes which resulted in additional policy load improvements and likely general SELinux performance improvements as well. - Remove the unused initial SIDs (labels) and improve how we handle initial SIDs. - Enable per-file labeling for the bpf filesystem. - Ensure that we properly label NFS v4.2 filesystems to avoid a temporary unlabeled condition. - Add some missing XFS quota command types to the SELinux quota access controls. - Fix a problem where we were not updating the seq_file position index correctly in selinuxfs. - We consolidate some duplicated code into helper functions. - A number of list to array conversions. - Update Stephen Smalley's email address in MAINTAINERS"" * tag 'selinux-pr-20200330' of git://git.kernel.org/pub/scm/linux/kernel/git/pcmoore/selinux: selinux: clean up indentation issue with assignment statement NFS: Ensure security label is set for root inode MAINTAINERS: Update my email address selinux: avtab_init() and cond_policydb_init() return void selinux: clean up error path in policydb_init() selinux: remove unused initial SIDs and improve handling selinux: reduce the use of hard-coded hash sizes selinux: Add xfs quota command types selinux: optimize storage of filename transitions selinux: factor out loop body from filename_trans_read() security: selinux: allow per-file labeling for bpffs selinux: generalize evaluate_cond_node() selinux: convert cond_expr to array selinux: convert cond_av_list to array selinux: convert cond_list to array selinux: sel_avc_get_stat_idx should increase position index selinux: allow kernfs symlinks to inherit parent directory context selinux: simplify evaluate_cond_node() Documentation,selinux: deprecate setting checkreqprot to 1 selinux: move status variables out of selinux_ss","","The commit merges SELinux updates including optimizations, policy adjustments, and support for per-file labeling in the bpf filesystem.","SELinux, updates, merge","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"41c55ea6c2a7ca4c663eeec05bdf54f4e2419699","41c55ea6c2a7ca4c663eeec05bdf54f4e2419699","Bruno Meneguele","bmeneg@redhat.com","1585659990","David S. Miller","davem@davemloft.net","1585674471","7c4bf15adcf3329961ce30dacc6e354354798a55","79540d133ed6f65a37dacb54b7a704cc8a24c52d","net/bpfilter: remove superfluous testing message A testing message was brought by 13d0f7b814d9 (""net/bpfilter: fix dprintf usage for /dev/kmsg"") but should've been deleted before patch submission. Although it doesn't cause any harm to the code or functionality itself, it's totally unpleasant to have it displayed on every loop iteration with no real use case. Thus remove it unconditionally. Fixes: 13d0f7b814d9 (""net/bpfilter: fix dprintf usage for /dev/kmsg"") Signed-off-by: Bruno Meneguele Signed-off-by: David S. Miller ","net/bpfilter/main.c | 1 -; 1 file changed, 1 deletion(-)","This commit removes an unnecessary testing message from the net/bpfilter code.","superfluous,testing,message","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","It's not related to any above. E.g. It affects a logic component in eBPF that is not listed here and not related to other events.","[""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"ed52f2c608c9451fa2bad298b2ab927416105d65","ed52f2c608c9451fa2bad298b2ab927416105d65","David S. Miller","davem@davemloft.net","1585623157","David S. Miller","davem@davemloft.net","1585623157","d624be01447b5d578aa79b02b37f0023a867bb42","f87238d30c0d550553a37585d0e27a8052952bb4 8596a75f6c830a693ec86e6467a58b225713a7f1","Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next Signed-off-by: David S. Miller ","","The commit merges changes from the bpf-next branch into the current branch.","merge, bpf-next, branch","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"8596a75f6c830a693ec86e6467a58b225713a7f1","8596a75f6c830a693ec86e6467a58b225713a7f1","Alexei Starovoitov","ast@kernel.org","1585607362","Alexei Starovoitov","ast@kernel.org","1585615001","1d894047fd961e9736b3a45e3bca2da53ac7a5b5","e5ffcc9191ca72ddf1c999a80ae9165705ac4790 7cccee42bf76efc9de69fa2e5b8dbe58bfc8ecdf","Merge branch 'cgroup-bpf_link' Andrii Nakryiko says: ==================== bpf_link abstraction itself was formalized in [0] with justifications for why its semantics is a good fit for attaching BPF programs of various types. This patch set adds bpf_link-based BPF program attachment mechanism for cgroup BPF programs. Cgroup BPF link is semantically compatible with current BPF_F_ALLOW_MULTI semantics of attaching cgroup BPF programs directly. Thus cgroup bpf_link can co-exist with legacy BPF program multi-attachment. bpf_link is destroyed and automatically detached when the last open FD holding the reference to bpf_link is closed. This means that by default, when the process that created bpf_link exits, attached BPF program will be automatically detached due to bpf_link's clean up code. Cgroup bpf_link, like any other bpf_link, can be pinned in BPF FS and by those means survive the exit of process that created the link. This is useful in many scenarios to provide long-living BPF program attachments. Pinning also means that there could be many owners of bpf_link through independent FDs. Additionally, auto-detachmet of cgroup bpf_link is implemented. When cgroup is dying it will automatically detach all active bpf_links. This ensures that cgroup clean up is not delayed due to active bpf_link even despite no chance for any BPF program to be run for a given cgroup. In that sense it's similar to existing behavior of dropping refcnt of attached bpf_prog. But in the case of bpf_link, bpf_link is not destroyed and is still available to user as long as at least one active FD is still open (or if it's pinned in BPF FS). There are two main cgroup-specific differences between bpf_link-based and direct bpf_prog-based attachment. First, as opposed to direct bpf_prog attachment, cgroup itself doesn't ""own"" bpf_link, which makes it possible to auto-clean up attached bpf_link when user process abruptly exits without explicitly detaching BPF program. This makes for a safe default behavior proven in BPF tracing program types. But bpf_link doesn't bump cgroup->bpf.refcnt as well and because of that doesn't prevent cgroup from cleaning up its BPF state. Second, only owners of bpf_link (those who created bpf_link in the first place or obtained a new FD by opening bpf_link from BPF FS) can detach and/or update it. This makes sure that no other process can accidentally remove/replace BPF program. This patch set also implements LINK_UPDATE sub-command, which allows to replace bpf_link's underlying bpf_prog, similarly to BPF_F_REPLACE flag behavior for direct bpf_prog cgroup attachment. Similarly to LINK_CREATE, it is supposed to be generic command for different types of bpf_links. [0] https://lore.kernel.org/bpf/20200228223948.360936-1-andriin@fb.com/ v2->v3: - revert back to just MULTI mode (Alexei); - fix tinyconfig compilation warning (kbuild test robot); v1->v2: - implement exclusive and overridable exclusive modes (Andrey Ignatov); - fix build for !CONFIG_CGROUP_BPF build; - add more selftests for non-multi mode and inter-operability; ==================== Signed-off-by: Alexei Starovoitov ","","The commit merges changes introducing a bpf_link-based attachment mechanism for cgroup BPF programs, enabling cleaner and safer BPF program management.","bpf_link, cgroup, attachment","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).', ""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"7cccee42bf76efc9de69fa2e5b8dbe58bfc8ecdf","7cccee42bf76efc9de69fa2e5b8dbe58bfc8ecdf","Andrii Nakryiko","andriin@fb.com","1585537201","Alexei Starovoitov","ast@kernel.org","1585615001","1d894047fd961e9736b3a45e3bca2da53ac7a5b5","cc4f864bb118e0ae7bf9f4e3418eaeb083aa34f2","selftests/bpf: Test FD-based cgroup attachment Add selftests to exercise FD-based cgroup BPF program attachments and their intermixing with legacy cgroup BPF attachments. Auto-detachment and program replacement (both unconditional and cmpxchng-like) are tested as well. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200330030001.2312810-5-andriin@fb.com",".../testing/selftests/bpf/prog_tests/cgroup_link.c | 244 +++++++++++++++++++++; .../testing/selftests/bpf/progs/test_cgroup_link.c | 24 ++; 2 files changed, 268 insertions(+)","Added selftests for FD-based and legacy cgroup BPF program attachments and auto-detachment.","selftests, FD-based, cgroup","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"cc4f864bb118e0ae7bf9f4e3418eaeb083aa34f2","cc4f864bb118e0ae7bf9f4e3418eaeb083aa34f2","Andrii Nakryiko","andriin@fb.com","1585537200","Alexei Starovoitov","ast@kernel.org","1585615001","c5b57abcdd856f641e0c5d07f3c3bc7ec54e2f15","0c991ebc8c69d29b7fc44db17075c5aa5253e2ab","libbpf: Add support for bpf_link-based cgroup attachment Add bpf_program__attach_cgroup(), which uses BPF_LINK_CREATE subcommand to create an FD-based kernel bpf_link. Also add low-level bpf_link_create() API. If expected_attach_type is not specified explicitly with bpf_program__set_expected_attach_type(), libbpf will try to determine proper attach type from BPF program's section definition. Also add support for bpf_link's underlying BPF program replacement: - unconditional through high-level bpf_link__update_program() API; - cmpxchg-like with specifying expected current BPF program through low-level bpf_link_update() API. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200330030001.2312810-4-andriin@fb.com","tools/include/uapi/linux/bpf.h | 12 +++++++++++; tools/lib/bpf/bpf.c | 34 +++++++++++++++++++++++++++++++; tools/lib/bpf/bpf.h | 19 +++++++++++++++++; tools/lib/bpf/libbpf.c | 46 ++++++++++++++++++++++++++++++++++++++++++; tools/lib/bpf/libbpf.h | 8 +++++++-; tools/lib/bpf/libbpf.map | 4 ++++; 6 files changed, 122 insertions(+), 1 deletion(-)","This commit adds support for bpf_link-based cgroup attachment in libbpf, including APIs for creating and updating kernel bpf_links.","libbpf,bpf_link,cgroup","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"0c991ebc8c69d29b7fc44db17075c5aa5253e2ab","0c991ebc8c69d29b7fc44db17075c5aa5253e2ab","Andrii Nakryiko","andriin@fb.com","1585537199","Alexei Starovoitov","ast@kernel.org","1585614993","e61172384e68887343d57f1e40d47c2e5ecc98cc","af6eea57437a830293eab56246b6025cc7d46ee7","bpf: Implement bpf_prog replacement for an active bpf_cgroup_link Add new operation (LINK_UPDATE), which allows to replace active bpf_prog from under given bpf_link. Currently this is only supported for bpf_cgroup_link, but will be extended to other kinds of bpf_links in follow-up patches. For bpf_cgroup_link, implemented functionality matches existing semantics for direct bpf_prog attachment (including BPF_F_REPLACE flag). User can either unconditionally set new bpf_prog regardless of which bpf_prog is currently active under given bpf_link, or, optionally, can specify expected active bpf_prog. If active bpf_prog doesn't match expected one, no changes are performed, old bpf_link stays intact and attached, operation returns a failure. cgroup_bpf_replace() operation is resolving race between auto-detachment and bpf_prog update in the same fashion as it's done for bpf_link detachment, except in this case update has no way of succeeding because of target cgroup marked as dying. So in this case error is returned. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200330030001.2312810-3-andriin@fb.com","include/linux/bpf-cgroup.h | 12 +++++++; include/uapi/linux/bpf.h | 12 +++++++; kernel/bpf/cgroup.c | 80 ++++++++++++++++++++++++++++++++++++++++++++++; kernel/bpf/syscall.c | 55 +++++++++++++++++++++++++++++++; kernel/cgroup/cgroup.c | 27 ++++++++++++++++; 5 files changed, 186 insertions(+)","The commit implements a new operation to replace an active bpf program linked to a cgroup, ensuring synchronization and failure handling.","bpf_prog,cgroup_link,LINK_UPDATE","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"af6eea57437a830293eab56246b6025cc7d46ee7","af6eea57437a830293eab56246b6025cc7d46ee7","Andrii Nakryiko","andriin@fb.com","1585537198","Alexei Starovoitov","ast@kernel.org","1585614959","1e8b1591022c708bc884dae2fd6b5489b9d4804d","e5ffcc9191ca72ddf1c999a80ae9165705ac4790","bpf: Implement bpf_link-based cgroup BPF program attachment Implement new sub-command to attach cgroup BPF programs and return FD-based bpf_link back on success. bpf_link, once attached to cgroup, cannot be replaced, except by owner having its FD. Cgroup bpf_link supports only BPF_F_ALLOW_MULTI semantics. Both link-based and prog-based BPF_F_ALLOW_MULTI attachments can be freely intermixed. To prevent bpf_cgroup_link from keeping cgroup alive past the point when no BPF program can be executed, implement auto-detachment of link. When cgroup_bpf_release() is called, all attached bpf_links are forced to release cgroup refcounts, but they leave bpf_link otherwise active and allocated, as well as still owning underlying bpf_prog. This is because user-space might still have FDs open and active, so bpf_link as a user-referenced object can't be freed yet. Once last active FD is closed, bpf_link will be freed and underlying bpf_prog refcount will be dropped. But cgroup refcount won't be touched, because cgroup is released already. The inherent race between bpf_cgroup_link release (from closing last FD) and cgroup_bpf_release() is resolved by both operations taking cgroup_mutex. So the only additional check required is when bpf_cgroup_link attempts to detach itself from cgroup. At that time we need to check whether there is still cgroup associated with that link. And if not, exit with success, because bpf_cgroup_link was already successfully detached. Signed-off-by: Andrii Nakryiko Signed-off-by: Alexei Starovoitov Acked-by: Roman Gushchin Link: https://lore.kernel.org/bpf/20200330030001.2312810-2-andriin@fb.com","include/linux/bpf-cgroup.h | 29 +++-; include/linux/bpf.h | 10 +-; include/uapi/linux/bpf.h | 10 +-; kernel/bpf/cgroup.c | 315 +++++++++++++++++++++++++++++++----------; kernel/bpf/syscall.c | 64 +++++++--; kernel/cgroup/cgroup.c | 14 +-; tools/include/uapi/linux/bpf.h | 10 +-; 7 files changed, 354 insertions(+), 98 deletions(-)","Implement bpf_link-based cgroup BPF program attachment with automatic detachment and file descriptor management.","bpf_link,cgroup,detachment","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The syscall interface. It changes the system calls through which user-space programs interact with eBPF.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"e5ffcc9191ca72ddf1c999a80ae9165705ac4790","e5ffcc9191ca72ddf1c999a80ae9165705ac4790","Alexei Starovoitov","ast@kernel.org","1585604656","Alexei Starovoitov","ast@kernel.org","1585606300","891b4fa11cdd0212fe9f094af6d6a1e70cc679f9","4edf16b72c57bb0faad5da143f812384df0c43f6 41f70fe0649dddf02046315dc566e06da5a2dc91","Merge branch 'subreg-bounds' John Fastabend says: ==================== This series adds ALU32 signed and unsigned min/max bounds. The origins of this work is to fix do_refine_retval_range() which before this series clamps the return value bounds to [0, max]. However, this is not correct because its possible these functions may return negative errors so the correct bound is [*MIN, max]. Where *MIN is the signed and unsigned min values U64_MIN and S64_MIN. And 'max' here is the max positive value returned by this routine. Patch 1 changes the do_refine_retval_range() to return the correct bounds but this breaks existing programs that were depending on the old incorrect bound. To repair these old programs we add ALU32 bounds to properly track the return values from these helpers. The ALU32 bounds are needed because clang realizes these helepers return 'int' type and will use jmp32 ops with the return value. With current state of things this does little to help 64bit bounds and with patch 1 applied will cause many programs to fail verifier pass. See patch 5 for trace details on how this happens. Patch 2 does the ALU32 addition it adds the new bounds and populates them through the verifier. Design note, initially a var32 was added but as pointed out by Alexei and Edward it is not strictly needed so it was removed here. This worked out nicely. Patch 3 notes that the refine return value can now also bound the 32-bit subregister allowing better bouinds tracking in these cases. Patches 4 adds a C test case to test_progs which will cause the verifier to fail if new 32bit and do_refine_retval_range() is incorrect. Patches 5 and 6 fix test cases that broke after refining the return values from helpers. I attempted to be explicit about each failure and why we need the change. See patches for details. Patch 7 adds some bounds check tests to ensure bounds checking when mixing alu32, alu64 and jmp32 ops together. Thanks to Alexei, Edward, and Daniel for initial feedback it helped clean this up a lot. v2: - rebased to bpf-next - fixed tnum equals optimization for combining 32->64bits - updated patch to fix verifier test correctly - updated refine_retval_range to set both s32_*_value and s*_value we need both to get better bounds tracking ==================== Signed-off-by: Alexei Starovoitov ","","This commit merges a branch enhancing ALU32 bounds tracking to correct retval range handling.","ALU32,bounds,verifier","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"41f70fe0649dddf02046315dc566e06da5a2dc91","41f70fe0649dddf02046315dc566e06da5a2dc91","John Fastabend","john.fastabend@gmail.com","1585604301","Alexei Starovoitov","ast@kernel.org","1585605631","891b4fa11cdd0212fe9f094af6d6a1e70cc679f9","32f13a5add87caf11e9dd262372b4a2b79c57aa5","bpf: Test_verifier, add alu32 bounds tracking tests Its possible to have divergent ALU32 and ALU64 bounds when using JMP32 instructins and ALU64 arithmatic operations. Sometimes the clang will even generate this code. Because the case is a bit tricky lets add a specific test for it. Here is pseudocode asm version to illustrate the idea, 1 r0 = 0xffffffff00000001; 2 if w0 > 1 goto %l[fail]; 3 r0 += 1 5 if w0 > 2 goto %l[fail] 6 exit The intent here is the verifier will fail the load if the 32bit bounds are not tracked correctly through ALU64 op. Similarly we can check the 64bit bounds are correctly zero extended after ALU32 ops. 1 r0 = 0xffffffff00000001; 2 w0 += 1 2 if r0 > 3 goto %l[fail]; 6 exit The above will fail if we do not correctly zero extend 64bit bounds after 32bit op. Signed-off-by: John Fastabend Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/158560430155.10843.514209255758200922.stgit@john-Precision-5820-Tower","tools/testing/selftests/bpf/verifier/bounds.c | 39 +++++++++++++++++++++++++++; 1 file changed, 39 insertions(+)","The commit adds tests for alu32 and alu64 bounds tracking verification in the BPF verifier.","alu32,bounds,verifier","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"32f13a5add87caf11e9dd262372b4a2b79c57aa5","32f13a5add87caf11e9dd262372b4a2b79c57aa5","John Fastabend","john.fastabend@gmail.com","1585604281","Alexei Starovoitov","ast@kernel.org","1585605630","d8870787d8c8eaa35b92abdf0a43a85d60eea292","9ac26e9973bac5716a2a542e32f380c84db2b88c","bpf: Test_verifier, #65 error message updates for trunc of boundary-cross After changes to add update_reg_bounds after ALU ops and 32-bit bounds tracking truncation of boundary crossing range will fail earlier and with a different error message. Now the test error trace is the following 11: (17) r1 -= 2147483584 12: R0_w=map_value(id=0,off=0,ks=8,vs=8,imm=0) R1_w=invP(id=0,smin_value=-2147483584,smax_value=63) R10=fp0 fp-8_w=mmmmmmmm 12: (17) r1 -= 2147483584 13: R0_w=map_value(id=0,off=0,ks=8,vs=8,imm=0) R1_w=invP(id=0, umin_value=18446744069414584448,umax_value=18446744071562068095, var_off=(0xffffffff00000000; 0xffffffff)) R10=fp0 fp-8_w=mmmmmmmm 13: (77) r1 >>= 8 14: R0_w=map_value(id=0,off=0,ks=8,vs=8,imm=0) R1_w=invP(id=0, umin_value=72057594021150720,umax_value=72057594029539328, var_off=(0xffffffff000000; 0xffffff), s32_min_value=-16777216,s32_max_value=-1, u32_min_value=-16777216) R10=fp0 fp-8_w=mmmmmmmm 14: (0f) r0 += r1 value 72057594021150720 makes map_value pointer be out of bounds Because we have 'umin_value == umax_value' instead of previously where 'umin_value != umax_value' we can now fail earlier noting that pointer addition is out of bounds. Signed-off-by: John Fastabend Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/158560428103.10843.6316594510312781186.stgit@john-Precision-5820-Tower","tools/testing/selftests/bpf/verifier/bounds.c | 12 ++++--------; 1 file changed, 4 insertions(+), 8 deletions(-)","Update verifier error messages for boundary-crossing in bpf tests after ALU operations change.","verifier,error,updates","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"9ac26e9973bac5716a2a542e32f380c84db2b88c","9ac26e9973bac5716a2a542e32f380c84db2b88c","John Fastabend","john.fastabend@gmail.com","1585604260","Alexei Starovoitov","ast@kernel.org","1585605630","2f45f35e8709afdd5c379b0b6ee49bcb310bf3ef","d2db08c7a14e0b5eed6132baf258b80622e041a9","bpf: Test_verifier, bpf_get_stack return value add <0 With current ALU32 subreg handling and retval refine fix from last patches we see an expected failure in test_verifier. With verbose verifier state being printed at each step for clarity we have the following relavent lines [I omit register states that are not necessarily useful to see failure cause], #101/p bpf_get_stack return R0 within range FAIL Failed to load prog 'Success'! [..] 14: (85) call bpf_get_stack#67 R0_w=map_value(id=0,off=0,ks=8,vs=48,imm=0) R3_w=inv48 15: R0=inv(id=0,smax_value=48,var32_off=(0x0; 0xffffffff)) 15: (b7) r1 = 0 16: R0=inv(id=0,smax_value=48,var32_off=(0x0; 0xffffffff)) R1_w=inv0 16: (bf) r8 = r0 17: R0=inv(id=0,smax_value=48,var32_off=(0x0; 0xffffffff)) R1_w=inv0 R8_w=inv(id=0,smax_value=48,var32_off=(0x0; 0xffffffff)) 17: (67) r8 <<= 32 18: R0=inv(id=0,smax_value=48,var32_off=(0x0; 0xffffffff)) R1_w=inv0 R8_w=inv(id=0,smax_value=9223372032559808512, umax_value=18446744069414584320, var_off=(0x0; 0xffffffff00000000), s32_min_value=0, s32_max_value=0, u32_max_value=0, var32_off=(0x0; 0x0)) 18: (c7) r8 s>>= 32 19 R0=inv(id=0,smax_value=48,var32_off=(0x0; 0xffffffff)) R1_w=inv0 R8_w=inv(id=0,smin_value=-2147483648, smax_value=2147483647, var32_off=(0x0; 0xffffffff)) 19: (cd) if r1 s< r8 goto pc+16 R0=inv(id=0,smax_value=48,var32_off=(0x0; 0xffffffff)) R1_w=inv0 R8_w=inv(id=0,smin_value=-2147483648, smax_value=0, var32_off=(0x0; 0xffffffff)) 20: R0=inv(id=0,smax_value=48,var32_off=(0x0; 0xffffffff)) R1_w=inv0 R8_w=inv(id=0,smin_value=-2147483648, smax_value=0, R9=inv48 20: (1f) r9 -= r8 21: (bf) r2 = r7 22: R2_w=map_value(id=0,off=0,ks=8,vs=48,imm=0) 22: (0f) r2 += r8 value -2147483648 makes map_value pointer be out of bounds After call bpf_get_stack() on line 14 and some moves we have at line 16 an r8 bound with max_value 48 but an unknown min value. This is to be expected bpf_get_stack call can only return a max of the input size but is free to return any negative error in the 32-bit register space. The C helper is returning an int so will use lower 32-bits. Lines 17 and 18 clear the top 32 bits with a left/right shift but use ARSH so we still have worst case min bound before line 19 of -2147483648. At this point the signed check 'r1 s< r8' meant to protect the addition on line 22 where dst reg is a map_value pointer may very well return true with a large negative number. Then the final line 22 will detect this as an invalid operation and fail the program. What we want to do is proceed only if r8 is positive non-error. So change 'r1 s< r8' to 'r1 s> r8' so that we jump if r8 is negative. Next we will throw an error because we access past the end of the map value. The map value size is 48 and sizeof(struct test_val) is 48 so we walk off the end of the map value on the second call to get bpf_get_stack(). Fix this by changing sizeof(struct test_val) to 24 by using 'sizeof(struct test_val) / 2'. After this everything passes as expected. Signed-off-by: John Fastabend Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/158560426019.10843.3285429543232025187.stgit@john-Precision-5820-Tower","tools/testing/selftests/bpf/verifier/bpf_get_stack.c | 8 ++++----; 1 file changed, 4 insertions(+), 4 deletions(-)","Fixes an error check and adjusts stack structure to resolve test_verifier issues in bpf_get_stack.","bpf_get_stack,test_verifier,error","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"d2db08c7a14e0b5eed6132baf258b80622e041a9","d2db08c7a14e0b5eed6132baf258b80622e041a9","John Fastabend","john.fastabend@gmail.com","1585604239","Alexei Starovoitov","ast@kernel.org","1585605630","53dcba117b24937e8c4795bfee2f348b7f946d1d","fa123ac022e425becce11f1a6c7ee4d283f75a90","bpf: Test_progs, add test to catch retval refine error handling Before this series the verifier would clamp return bounds of bpf_get_stack() to [0, X] and this led the verifier to believe that a JMP_JSLT 0 would be false and so would prune that path. The result is anything hidden behind that JSLT would be unverified. Add a test to catch this case by hiding an goto pc-1 behind the check which will cause an infinite loop if not rejected. Signed-off-by: John Fastabend Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/158560423908.10843.11783152347709008373.stgit@john-Precision-5820-Tower",".../selftests/bpf/prog_tests/get_stack_raw_tp.c | 5 +++++; .../selftests/bpf/progs/test_get_stack_rawtp_err.c | 26 ++++++++++++++++++++++; 2 files changed, 31 insertions(+)","This commit adds a test to the BPF test suite to detect errors in handling return value refinement for bpf_get_stack().","bpf verifier test","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"fa123ac022e425becce11f1a6c7ee4d283f75a90","fa123ac022e425becce11f1a6c7ee4d283f75a90","John Fastabend","john.fastabend@gmail.com","1585604219","Alexei Starovoitov","ast@kernel.org","1585605630","60ef9edb0194ededb767393fdc2c9278d5569dd0","3f50f132d8400e129fc9eb68b5020167ef80a244","bpf: Verifier, refine 32bit bound in do_refine_retval_range Further refine return values range in do_refine_retval_range by noting these are int return types (We will assume here that int is a 32-bit type). Two reasons to pull this out of original patch. First it makes the original fix impossible to backport. And second I've not seen this as being problematic in practice unlike the other case. Fixes: 849fa50662fbc (""bpf/verifier: refine retval R0 state for bpf_get_stack helper"") Signed-off-by: John Fastabend Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/158560421952.10843.12496354931526965046.stgit@john-Precision-5820-Tower","kernel/bpf/verifier.c | 1 +; 1 file changed, 1 insertion(+)","The commit refines the return value range management for int types in the eBPF verifier's function do_refine_retval_range.","verifier, refine, int","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"3f50f132d8400e129fc9eb68b5020167ef80a244","3f50f132d8400e129fc9eb68b5020167ef80a244","John Fastabend","john.fastabend@gmail.com","1585604199","Alexei Starovoitov","ast@kernel.org","1585605593","2ba6c7166c8b5d90ff4601af6b7b78600fc64db8","100605035e151c187360670c1776fb684808f145","bpf: Verifier, do explicit ALU32 bounds tracking It is not possible for the current verifier to track ALU32 and JMP ops correctly. This can result in the verifier aborting with errors even though the program should be verifiable. BPF codes that hit this can work around it by changin int variables to 64-bit types, marking variables volatile, etc. But this is all very ugly so it would be better to avoid these tricks. But, the main reason to address this now is do_refine_retval_range() was assuming return values could not be negative. Once we fixed this code that was previously working will no longer work. See do_refine_retval_range() patch for details. And we don't want to suddenly cause programs that used to work to fail. The simplest example code snippet that illustrates the problem is likely this, 53: w8 = w0 // r8 <- [0, S32_MAX], // w8 <- [-S32_MIN, X] 54: w8 64-bit 2. MOV ALU64 - copy 64-bit -> 32-bit 3. op ALU32 - zext 32-bit -> 64-bit 4. op ALU64 - n/a 5. jmp ALU32 - 64-bit: var32_off | upper_32_bits(var64_off) 6. jmp ALU64 - 32-bit: (>> (<< var64_off)) Details for each case, For ""MOV ALU32"" BPF arch zero extends so we simply copy the bounds from 32-bit into 64-bit ensuring we truncate var_off and 64-bit bounds correctly. See zext_32_to_64. For ""MOV ALU64"" copy all bounds including 32-bit into new register. If the src register had 32-bit bounds the dst register will as well. For ""op ALU32"" zero extend 32-bit into 64-bit the same as move, see zext_32_to_64. For ""op ALU64"" calculate both 32-bit and 64-bit bounds no merging is done here. Except we have a special case. When RSH or ARSH is done we can't simply ignore shifting bits from 64-bit reg into the 32-bit subreg. So currently just push bounds from 64-bit into 32-bit. This will be correct in the sense that they will represent a valid state of the register. However we could lose some accuracy if an ARSH is following a jmp32 operation. We can handle this special case in a follow up series. For ""jmp ALU32"" mark 64-bit reg unknown and recalculate 64-bit bounds from tnum by setting var_off to ((<<(>>var_off)) | var32_off). We special case if 64-bit bounds has zero'd upper 32bits at which point we can simply copy 32-bit bounds into 64-bit register. This catches a common compiler trick where upper 32-bits are zeroed and then 32-bit ops are used followed by a 64-bit compare or 64-bit op on a pointer. See __reg_combine_64_into_32(). For ""jmp ALU64"" cast the bounds of the 64bit to their 32-bit counterpart. For example s32_min_value = (s32)reg->smin_value. For tnum use only the lower 32bits via, (>>(< Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/158560419880.10843.11448220440809118343.stgit@john-Precision-5820-Tower","include/linux/bpf_verifier.h | 4 +; include/linux/limits.h | 1 +; include/linux/tnum.h | 12 +; kernel/bpf/tnum.c | 15 +; kernel/bpf/verifier.c | 1118 +++++++++++++++++++++++++++++++-----------; 5 files changed, 869 insertions(+), 281 deletions(-)","This commit improves the BPF verifier by implementing explicit 32-bit bounds tracking for accurate verification of ALU32 and JMP operations.","verifier, ALU32, bounds","A bug fix. It primarily resolves a bug or issue in the code.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"100605035e151c187360670c1776fb684808f145","100605035e151c187360670c1776fb684808f145","John Fastabend","john.fastabend@gmail.com","1585604179","Alexei Starovoitov","ast@kernel.org","1585604655","4eb6b1f50c282169df30b0eed5988ed36db73a73","4edf16b72c57bb0faad5da143f812384df0c43f6","bpf: Verifier, do_refine_retval_range may clamp umin to 0 incorrectly do_refine_retval_range() is called to refine return values from specified helpers, probe_read_str and get_stack at the moment, the reasoning is because both have a max value as part of their input arguments and because the helper ensure the return value will not be larger than this we can set smax values of the return register, r0. However, the return value is a signed integer so setting umax is incorrect It leads to further confusion when the do_refine_retval_range() then calls, __reg_deduce_bounds() which will see a umax value as meaning the value is unsigned and then assuming it is unsigned set the smin = umin which in this case results in 'smin = 0' and an 'smax = X' where X is the input argument from the helper call. Here are the comments from _reg_deduce_bounds() on why this would be safe to do. /* Learn sign from unsigned bounds. Signed bounds cross the sign * boundary, so we must be careful. */ if ((s64)reg->umax_value >= 0) { /* Positive. We can't learn anything from the smin, but smax * is positive, hence safe. */ reg->smin_value = reg->umin_value; reg->smax_value = reg->umax_value = min_t(u64, reg->smax_value, reg->umax_value); But now we incorrectly have a return value with type int with the signed bounds (0,X). Suppose the return value is negative, which is possible the we have the verifier and reality out of sync. Among other things this may result in any error handling code being falsely detected as dead-code and removed. For instance the example below shows using bpf_probe_read_str() causes the error path to be identified as dead code and removed. >From the 'llvm-object -S' dump, r2 = 100 call 45 if r0 s< 0 goto +4 r4 = *(u32 *)(r7 + 0) But from dump xlate (b7) r2 = 100 (85) call bpf_probe_read_compat_str#-96768 (61) r4 = *(u32 *)(r7 +0) <-- dropped if goto Due to verifier state after call being R0=inv(id=0,umax_value=100,var_off=(0x0; 0x7f)) To fix omit setting the umax value because its not safe. The only actual bounds we know is the smax. This results in the correct bounds (SMIN, X) where X is the max length from the helper. After this the new verifier state looks like the following after call 45. R0=inv(id=0,smax_value=100) Then xlated version no longer removed dead code giving the expected result, (b7) r2 = 100 (85) call bpf_probe_read_compat_str#-96768 (c5) if r0 s< 0x0 goto pc+4 (61) r4 = *(u32 *)(r7 +0) Note, bpf_probe_read_* calls are root only so we wont hit this case with non-root bpf users. v3: comment had some documentation about meta set to null case which is not relevant here and confusing to include in the comment. v2 note: In original version we set msize_smax_value from check_func_arg() and propagated this into smax of retval. The logic was smax is the bound on the retval we set and because the type in the helper is ARG_CONST_SIZE we know that the reg is a positive tnum_const() so umax=smax. Alexei pointed out though this is a bit odd to read because the register in check_func_arg() has a C type of u32 and the umax bound would be the normally relavent bound here. Pulling in extra knowledge about future checks makes reading the code a bit tricky. Further having a signed meta data that can only ever be positive is also a bit odd. So dropped the msize_smax_value metadata and made it a u64 msize_max_value to indicate its unsigned. And additionally save bound from umax value in check_arg_funcs which is the same as smax due to as noted above tnumx_cont and negative check but reads better. By my analysis nothing functionally changes in v2 but it does get easier to read so that is win. Fixes: 849fa50662fbc (""bpf/verifier: refine retval R0 state for bpf_get_stack helper"") Signed-off-by: John Fastabend Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/158560417900.10843.14351995140624628941.stgit@john-Precision-5820-Tower","kernel/bpf/verifier.c | 19 +++++++++++--------; 1 file changed, 11 insertions(+), 8 deletions(-)","This commit fixes incorrect handling of signed return values in the eBPF verifier to prevent dead code removal.","verifier,signed,bounds","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"4edf16b72c57bb0faad5da143f812384df0c43f6","4edf16b72c57bb0faad5da143f812384df0c43f6","KP Singh","kpsingh@google.com","1585600859","Daniel Borkmann","daniel@iogearbox.net","1585601843","ee2e63b9471143ed78dca3db4b7bed72d2f33028","c58b1558a7474fea6c914f061fab9121f10e38bb","bpf, lsm: Make BPF_LSM depend on BPF_EVENTS LSM and tracing programs share their helpers with bpf_tracing_func_proto which is only defined (in bpf_trace.c) when BPF_EVENTS is enabled. Instead of adding __weak symbol, make BPF_LSM depend on BPF_EVENTS so that both tracing and LSM programs can actually share helpers. Fixes: fc611f47f218 (""bpf: Introduce BPF_PROG_TYPE_LSM"") Reported-by: Randy Dunlap Signed-off-by: KP Singh Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200330204059.13024-1-kpsingh@chromium.org","init/Kconfig | 1 +; 1 file changed, 1 insertion(+)","This commit makes BPF_LSM dependent on BPF_EVENTS to ensure shared helpers between LSM and tracing programs.","BPF_LSM,BPF_EVENTS,helpers","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['LSM type related programs. It relates to eBPF programs used with Linux Security Modules (LSMs) for security enhancements.', 'Tracepoints related type programs. It modifies programs that attach to tracepoints for low-level kernel event tracing.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"c58b1558a7474fea6c914f061fab9121f10e38bb","c58b1558a7474fea6c914f061fab9121f10e38bb","Alexei Starovoitov","ast@kernel.org","1585600390","Alexei Starovoitov","ast@kernel.org","1585601105","456adfdac636ec33ba90ffd849e32ef67771c2e4","b49e42a2dffd8d0202ddba98aa5ec23849cf5c3d 8a02a1703633e2f954a6d96c12a8375b07309621","Merge branch 'bpf_sk_assign' Joe Stringer says: ==================== Introduce a new helper that allows assigning a previously-found socket to the skb as the packet is received towards the stack, to cause the stack to guide the packet towards that socket subject to local routing configuration. The intention is to support TProxy use cases more directly from eBPF programs attached at TC ingress, to simplify and streamline Linux stack configuration in scale environments with Cilium. Normally in ip{,6}_rcv_core(), the skb will be orphaned, dropping any existing socket reference associated with the skb. Existing tproxy implementations in netfilter get around this restriction by running the tproxy logic after ip_rcv_core() in the PREROUTING table. However, this is not an option for TC-based logic (including eBPF programs attached at TC ingress). This series introduces the BPF helper bpf_sk_assign() to associate the socket with the skb on the ingress path as the packet is passed up the stack. The initial patch in the series simply takes a reference on the socket to ensure safety, but later patches relax this for listen sockets. To ensure delivery to the relevant socket, we still consult the routing table, for full examples of how to configure see the tests in patch #5; the simplest form of the route would look like this: $ ip route add local default dev lo This series is laid out as follows: * Patch 1 extends the eBPF API to add sk_assign() and defines a new socket free function to allow the later paths to understand when the socket associated with the skb should be kept through receive. * Patches 2-3 optimize the receive path to avoid taking a reference on listener sockets during receive. * Patches 4-5 extends the selftests with examples of the new functionality and validation of correct behaviour. Changes since v4: * Fix build with CONFIG_INET disabled * Rebase Changes since v3: * Use sock_gen_put() directly instead of sock_edemux() from sock_pfree() * Commit message wording fixups * Add acks from Martin, Lorenz * Rebase Changes since v2: * Add selftests for UDP socket redirection * Drop the early demux optimization patch (defer for more testing) * Fix check for orphaning after TC act return * Tidy up the tests to clean up properly and be less noisy. Changes since v1: * Replace the metadata_dst approach with using the skb->destructor to determine whether the socket has been prefetched. This is much simpler. * Avoid taking a reference on listener sockets during receive * Restrict assigning sockets across namespaces * Restrict assigning SO_REUSEPORT sockets * Fix cookie usage for socket dst check * Rebase the tests against test_progs infrastructure * Tidy up commit messages ==================== Signed-off-by: Alexei Starovoitov ","","This commit merges a new BPF helper to support TProxy use cases in eBPF programs at TC ingress for socket assignments.","BPF,TC,TProxy","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', 'tc related type programs. It affects programs managing traffic control (tc) for queuing or prioritizing network traffic.', ""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"8a02a1703633e2f954a6d96c12a8375b07309621","8a02a1703633e2f954a6d96c12a8375b07309621","Joe Stringer","joe@wand.net.nz","1585522422","Alexei Starovoitov","ast@kernel.org","1585601105","456adfdac636ec33ba90ffd849e32ef67771c2e4","2d7824ffd25ce041db952d713567d54314cb7c29","selftests: bpf: Extend sk_assign tests for UDP Add support for testing UDP sk_assign to the existing tests. Signed-off-by: Joe Stringer Signed-off-by: Alexei Starovoitov Acked-by: Lorenz Bauer Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200329225342.16317-6-joe@wand.net.nz","tools/testing/selftests/bpf/prog_tests/sk_assign.c | 47 ++++++++++++---; tools/testing/selftests/bpf/progs/test_sk_assign.c | 69 ++++++++++++++++++++--; 2 files changed, 105 insertions(+), 11 deletions(-)","This commit adds UDP support to the eBPF sk_assign test cases.","UDP, sk_assign, selftests","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"2d7824ffd25ce041db952d713567d54314cb7c29","2d7824ffd25ce041db952d713567d54314cb7c29","Lorenz Bauer","lmb@cloudflare.com","1585522421","Alexei Starovoitov","ast@kernel.org","1585601105","b4174abd7a7e99a44e12942bb6027fd1b206b8fd","7ae215d23c12a939005f35d1848ca55b6109b9c0","selftests: bpf: Add test for sk_assign Attach a tc direct-action classifier to lo in a fresh network namespace, and rewrite all connection attempts to localhost:4321 to localhost:1234 (for port tests) and connections to unreachable IPv4/IPv6 IPs to the local socket (for address tests). Includes implementations for both TCP and UDP. Keep in mind that both client to server and server to client traffic passes the classifier. Signed-off-by: Lorenz Bauer Signed-off-by: Joe Stringer Signed-off-by: Alexei Starovoitov Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200329225342.16317-5-joe@wand.net.nz Co-authored-by: Joe Stringer ","tools/testing/selftests/bpf/prog_tests/sk_assign.c | 276 +++++++++++++++++++++; tools/testing/selftests/bpf/progs/test_sk_assign.c | 143 +++++++++++; 2 files changed, 419 insertions(+)","The commit introduces a selftest for the sk_assign feature, manipulating network traffic through a tc classifier in a network namespace.","selftests, sk_assign, classifier","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['tc related type programs. It affects programs managing traffic control (tc) for queuing or prioritizing network traffic.', 'Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"7ae215d23c12a939005f35d1848ca55b6109b9c0","7ae215d23c12a939005f35d1848ca55b6109b9c0","Joe Stringer","joe@wand.net.nz","1585522420","Alexei Starovoitov","ast@kernel.org","1585601105","bc88bf441433f5bf7a3d66610adb5d1ad1707390","71489e21d720a09388b565d60ef87ae993c10528","bpf: Don't refcount LISTEN sockets in sk_assign() Avoid taking a reference on listen sockets by checking the socket type in the sk_assign and in the corresponding skb_steal_sock() code in the the transport layer, and by ensuring that the prefetch free (sock_pfree) function uses the same logic to check whether the socket is refcounted. Suggested-by: Martin KaFai Lau Signed-off-by: Joe Stringer Signed-off-by: Alexei Starovoitov Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200329225342.16317-4-joe@wand.net.nz","include/net/sock.h | 25 +++++++++++++++++--------; net/core/filter.c | 6 +++---; net/core/sock.c | 3 ++-; 3 files changed, 22 insertions(+), 12 deletions(-)","The commit avoids refcounting on LISTEN sockets in sk_assign by adapting logic in sk_assign() and skb_steal_sock().","refcount LISTEN sockets","A bug fix. It primarily resolves a bug or issue in the code.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime."", ""It's not related to any above because it's other type of use cases or BPF programs related to the BPF subsystem but not listed here.""]" +"71489e21d720a09388b565d60ef87ae993c10528","71489e21d720a09388b565d60ef87ae993c10528","Joe Stringer","joe@wand.net.nz","1585522419","Alexei Starovoitov","ast@kernel.org","1585601104","0ebc9f8445150e0cf11c71c628ba69f7ae50da15","cf7fbe660f2dbd738ab58aea8e9b0ca6ad232449","net: Track socket refcounts in skb_steal_sock() Refactor the UDP/TCP handlers slightly to allow skb_steal_sock() to make the determination of whether the socket is reference counted in the case where it is prefetched by earlier logic such as early_demux. Signed-off-by: Joe Stringer Signed-off-by: Alexei Starovoitov Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200329225342.16317-3-joe@wand.net.nz","include/net/inet6_hashtables.h | 3 +--; include/net/inet_hashtables.h | 3 +--; include/net/sock.h | 10 +++++++++-; net/ipv4/udp.c | 6 ++++--; net/ipv6/udp.c | 9 ++++++---; 5 files changed, 21 insertions(+), 10 deletions(-)","Refactor skb_steal_sock to manage socket reference counts for prefetched sockets in UDP/TCP handlers.","socket,refcount,UDP","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"cf7fbe660f2dbd738ab58aea8e9b0ca6ad232449","cf7fbe660f2dbd738ab58aea8e9b0ca6ad232449","Joe Stringer","joe@wand.net.nz","1585522418","Alexei Starovoitov","ast@kernel.org","1585601104","57b9db0835dacc52bcd96bea8b072af239e13ae2","b49e42a2dffd8d0202ddba98aa5ec23849cf5c3d","bpf: Add socket assign support Add support for TPROXY via a new bpf helper, bpf_sk_assign(). This helper requires the BPF program to discover the socket via a call to bpf_sk*_lookup_*(), then pass this socket to the new helper. The helper takes its own reference to the socket in addition to any existing reference that may or may not currently be obtained for the duration of BPF processing. For the destination socket to receive the traffic, the traffic must be routed towards that socket via local route. The simplest example route is below, but in practice you may want to route traffic more narrowly (eg by CIDR): $ ip route add local default dev lo This patch avoids trying to introduce an extra bit into the skb->sk, as that would require more invasive changes to all code interacting with the socket to ensure that the bit is handled correctly, such as all error-handling cases along the path from the helper in BPF through to the orphan path in the input. Instead, we opt to use the destructor variable to switch on the prefetch of the socket. Signed-off-by: Joe Stringer Signed-off-by: Alexei Starovoitov Acked-by: Martin KaFai Lau Link: https://lore.kernel.org/bpf/20200329225342.16317-2-joe@wand.net.nz","include/net/sock.h | 11 +++++++++++; include/uapi/linux/bpf.h | 25 ++++++++++++++++++++++++-; net/core/filter.c | 31 +++++++++++++++++++++++++++++++; net/core/sock.c | 11 +++++++++++; net/ipv4/ip_input.c | 3 ++-; net/ipv6/ip6_input.c | 3 ++-; net/sched/act_bpf.c | 3 +++; tools/include/uapi/linux/bpf.h | 25 ++++++++++++++++++++++++-; 8 files changed, 108 insertions(+), 4 deletions(-)","The commit adds a new eBPF helper, bpf_sk_assign(), to support socket assignment for TPROXY use cases.","socket, TPROXY, bpf_sk_assign","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"b49e42a2dffd8d0202ddba98aa5ec23849cf5c3d","b49e42a2dffd8d0202ddba98aa5ec23849cf5c3d","Daniel Borkmann","daniel@iogearbox.net","1585600734","Daniel Borkmann","daniel@iogearbox.net","1585600802","cd744d283a58283b2d608592f50db2179f929ad8","f50b49a0bfcaf53e6394a873b588bc4cca2aab78","bpf, doc: Add John as official reviewer to BPF subsystem We've added John Fastabend to our weekly BPF patch review rotation over last months now where he provided excellent and timely feedback on BPF patches. Therefore, add him to the BPF core reviewer team to the MAINTAINERS file to reflect that. Signed-off-by: Daniel Borkmann Acked-by: Alexei Starovoitov Acked-by: John Fastabend Link: https://lore.kernel.org/bpf/0e9a74933b3f21f4c5b5a3bc7f8e900b39805639.1585556231.git.daniel@iogearbox.net","MAINTAINERS | 1 +; 1 file changed, 1 insertion(+)","John Fastabend is added as an official reviewer in the BPF subsystem MAINTAINERS file.","BPF, reviewer, MAINTAINERS","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","It's not related to any above. E.g. It affects a logic component in eBPF that is not listed here and not related to other events.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"f50b49a0bfcaf53e6394a873b588bc4cca2aab78","f50b49a0bfcaf53e6394a873b588bc4cca2aab78","KP Singh","kpsingh@google.com","1585579366","Alexei Starovoitov","ast@kernel.org","1585600082","20d9df623fc83ec508db1cfe8586cf961061a262","0fc31b10cfb7e5158bafb9d30839fbc9241c40c4","bpf: btf: Fix arg verification in btf_ctx_access() The bounds checking for the arguments accessed in the BPF program breaks when the expected_attach_type is not BPF_TRACE_FEXIT, BPF_LSM_MAC or BPF_MODIFY_RETURN resulting in no check being done for the default case (the programs which do not receive the return value of the attached function in its arguments) when the index of the argument being accessed is equal to the number of arguments (nr_args). This was a result of a misplaced ""else if"" block introduced by the Commit 6ba43b761c41 (""bpf: Attachment verification for BPF_MODIFY_RETURN"") Fixes: 6ba43b761c41 (""bpf: Attachment verification for BPF_MODIFY_RETURN"") Reported-by: Jann Horn Signed-off-by: KP Singh Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200330144246.338-1-kpsingh@chromium.org","kernel/bpf/btf.c | 24 +++++++++++++++++-------; 1 file changed, 17 insertions(+), 7 deletions(-)","The commit fixes argument verification issues in btf_ctx_access for BPF programs not receiving return values.","arg verification, btf_ctx_access, BPF","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","BPF Type Format (BTF) Logic. E.g. It affects BTF which is used for CO-RE (Compile Once Run Everywhere) capabilities or changes how BPF programs interact with the verifier using BTF.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"0fc31b10cfb7e5158bafb9d30839fbc9241c40c4","0fc31b10cfb7e5158bafb9d30839fbc9241c40c4","Jann Horn","jannh@google.com","1585584204","Alexei Starovoitov","ast@kernel.org","1585594432","63fa1cc54f7facfd7258bf235990169d858148b3","604dca5e3af1db98bd123b7bfc02b017af99e3a0","bpf: Simplify reg_set_min_max_inv handling reg_set_min_max_inv() contains exactly the same logic as reg_set_min_max(), just flipped around. While this makes sense in a cBPF verifier (where ALU operations are not symmetric), it does not make sense for eBPF. Replace reg_set_min_max_inv() with a helper that flips the opcode around, then lets reg_set_min_max() do the complicated work. Signed-off-by: Jann Horn Signed-off-by: Daniel Borkmann Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200330160324.15259-4-daniel@iogearbox.net","kernel/bpf/verifier.c | 108 ++++++++++----------------------------------------; 1 file changed, 22 insertions(+), 86 deletions(-)","The commit refactors eBPF verifier code to remove redundancy by using a helper function.","simplify, verifier, refactor","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"604dca5e3af1db98bd123b7bfc02b017af99e3a0","604dca5e3af1db98bd123b7bfc02b017af99e3a0","Jann Horn","jannh@google.com","1585584203","Alexei Starovoitov","ast@kernel.org","1585594432","1724820184cecbbbe7dba844bb9c22be48d1fd04","f2d67fec0b43edce8c416101cdc52e71145b5fef","bpf: Fix tnum constraints for 32-bit comparisons The BPF verifier tried to track values based on 32-bit comparisons by (ab)using the tnum state via 581738a681b6 (""bpf: Provide better register bounds after jmp32 instructions""). The idea is that after a check like this: if ((u32)r0 > 3) exit We can't meaningfully constrain the arithmetic-range-based tracking, but we can update the tnum state to (value=0,mask=0xffff'ffff'0000'0003). However, the implementation from 581738a681b6 didn't compute the tnum constraint based on the fixed operand, but instead derives it from the arithmetic-range-based tracking. This means that after the following sequence of operations: if (r0 >= 0x1'0000'0001) exit if ((u32)r0 > 7) exit The verifier assumed that the lower half of r0 is in the range (0, 0) and apply the tnum constraint (value=0,mask=0xffff'ffff'0000'0000) thus causing the overall tnum to be (value=0,mask=0x1'0000'0000), which was incorrect. Provide a fixed implementation. Fixes: 581738a681b6 (""bpf: Provide better register bounds after jmp32 instructions"") Signed-off-by: Jann Horn Signed-off-by: Daniel Borkmann Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200330160324.15259-3-daniel@iogearbox.net","kernel/bpf/verifier.c | 108 +++++++++++++++++++++++++++++++++-----------------; 1 file changed, 72 insertions(+), 36 deletions(-)","This commit fixes incorrect tnum constraint computation in the BPF verifier for 32-bit comparison operations.","fix tnum constraints","A bug fix. It primarily resolves a bug or issue in the code.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"f2d67fec0b43edce8c416101cdc52e71145b5fef","f2d67fec0b43edce8c416101cdc52e71145b5fef","Daniel Borkmann","daniel@iogearbox.net","1585584202","Alexei Starovoitov","ast@kernel.org","1585594432","59af74a19547ee4a6e62d1918a3dbb5a7810927f","641cd7b06c911c5935c34f24850ea18690649917","bpf: Undo incorrect __reg_bound_offset32 handling Anatoly has been fuzzing with kBdysch harness and reported a hang in one of the outcomes: 0: (b7) r0 = 808464432 1: (7f) r0 >>= r0 2: (14) w0 -= 808464432 3: (07) r0 += 808464432 4: (b7) r1 = 808464432 5: (de) if w1 s<= w0 goto pc+0 R0_w=invP(id=0,umin_value=808464432,umax_value=5103431727,var_off=(0x30303020;0x10000001f)) R1_w=invP808464432 R10=fp0 6: (07) r0 += -2144337872 7: (14) w0 -= -1607454672 8: (25) if r0 > 0x30303030 goto pc+0 R0_w=invP(id=0,umin_value=271581184,umax_value=271581311,var_off=(0x10300000;0x7f)) R1_w=invP808464432 R10=fp0 9: (76) if w0 s>= 0x303030 goto pc+2 12: (95) exit from 8 to 9: safe from 5 to 6: R0_w=invP(id=0,umin_value=808464432,umax_value=5103431727,var_off=(0x30303020;0x10000001f)) R1_w=invP808464432 R10=fp0 6: (07) r0 += -2144337872 7: (14) w0 -= -1607454672 8: (25) if r0 > 0x30303030 goto pc+0 R0_w=invP(id=0,umin_value=271581184,umax_value=271581311,var_off=(0x10300000;0x7f)) R1_w=invP808464432 R10=fp0 9: safe from 8 to 9: safe verification time 589 usec stack depth 0 processed 17 insns (limit 1000000) [...] The underlying program was xlated as follows: # bpftool p d x i 9 0: (b7) r0 = 808464432 1: (7f) r0 >>= r0 2: (14) w0 -= 808464432 3: (07) r0 += 808464432 4: (b7) r1 = 808464432 5: (de) if w1 s<= w0 goto pc+0 6: (07) r0 += -2144337872 7: (14) w0 -= -1607454672 8: (25) if r0 > 0x30303030 goto pc+0 9: (76) if w0 s>= 0x303030 goto pc+2 10: (05) goto pc-1 11: (05) goto pc-1 12: (95) exit The verifier rewrote original instructions it recognized as dead code with 'goto pc-1', but reality differs from verifier simulation in that we're actually able to trigger a hang due to hitting the 'goto pc-1' instructions. Taking different examples to make the issue more obvious: in this example we're probing bounds on a completely unknown scalar variable in r1: [...] 5: R0_w=inv1 R1_w=inv(id=0) R10=fp0 5: (18) r2 = 0x4000000000 7: R0_w=inv1 R1_w=inv(id=0) R2_w=inv274877906944 R10=fp0 7: (18) r3 = 0x2000000000 9: R0_w=inv1 R1_w=inv(id=0) R2_w=inv274877906944 R3_w=inv137438953472 R10=fp0 9: (18) r4 = 0x400 11: R0_w=inv1 R1_w=inv(id=0) R2_w=inv274877906944 R3_w=inv137438953472 R4_w=inv1024 R10=fp0 11: (18) r5 = 0x200 13: R0_w=inv1 R1_w=inv(id=0) R2_w=inv274877906944 R3_w=inv137438953472 R4_w=inv1024 R5_w=inv512 R10=fp0 13: (2d) if r1 > r2 goto pc+4 R0_w=inv1 R1_w=inv(id=0,umax_value=274877906944,var_off=(0x0; 0x7fffffffff)) R2_w=inv274877906944 R3_w=inv137438953472 R4_w=inv1024 R5_w=inv512 R10=fp0 14: R0_w=inv1 R1_w=inv(id=0,umax_value=274877906944,var_off=(0x0; 0x7fffffffff)) R2_w=inv274877906944 R3_w=inv137438953472 R4_w=inv1024 R5_w=inv512 R10=fp0 14: (ad) if r1 < r3 goto pc+3 R0_w=inv1 R1_w=inv(id=0,umin_value=137438953472,umax_value=274877906944,var_off=(0x0; 0x7fffffffff)) R2_w=inv274877906944 R3_w=inv137438953472 R4_w=inv1024 R5_w=inv512 R10=fp0 15: R0=inv1 R1=inv(id=0,umin_value=137438953472,umax_value=274877906944,var_off=(0x0; 0x7fffffffff)) R2=inv274877906944 R3=inv137438953472 R4=inv1024 R5=inv512 R10=fp0 15: (2e) if w1 > w4 goto pc+2 R0=inv1 R1=inv(id=0,umin_value=137438953472,umax_value=274877906944,var_off=(0x0; 0x7f00000000)) R2=inv274877906944 R3=inv137438953472 R4=inv1024 R5=inv512 R10=fp0 16: R0=inv1 R1=inv(id=0,umin_value=137438953472,umax_value=274877906944,var_off=(0x0; 0x7f00000000)) R2=inv274877906944 R3=inv137438953472 R4=inv1024 R5=inv512 R10=fp0 16: (ae) if w1 < w5 goto pc+1 R0=inv1 R1=inv(id=0,umin_value=137438953472,umax_value=274877906944,var_off=(0x0; 0x7f00000000)) R2=inv274877906944 R3=inv137438953472 R4=inv1024 R5=inv512 R10=fp0 [...] We're first probing lower/upper bounds via jmp64, later we do a similar check via jmp32 and examine the resulting var_off there. After fall-through in insn 14, we get the following bounded r1 with 0x7fffffffff unknown marked bits in the variable section. Thus, after knowing r1 <= 0x4000000000 and r1 >= 0x2000000000: max: 0b100000000000000000000000000000000000000 / 0x4000000000 var: 0b111111111111111111111111111111111111111 / 0x7fffffffff min: 0b010000000000000000000000000000000000000 / 0x2000000000 Now, in insn 15 and 16, we perform a similar probe with lower/upper bounds in jmp32. Thus, after knowing r1 <= 0x4000000000 and r1 >= 0x2000000000 and w1 <= 0x400 and w1 >= 0x200: max: 0b100000000000000000000000000000000000000 / 0x4000000000 var: 0b111111100000000000000000000000000000000 / 0x7f00000000 min: 0b010000000000000000000000000000000000000 / 0x2000000000 The lower/upper bounds haven't changed since they have high bits set in u64 space and the jmp32 tests can only refine bounds in the low bits. However, for the var part the expectation would have been 0x7f000007ff or something less precise up to 0x7fffffffff. A outcome of 0x7f00000000 is not correct since it would contradict the earlier probed bounds where we know that the result should have been in [0x200,0x400] in u32 space. Therefore, tests with such info will lead to wrong verifier assumptions later on like falsely predicting conditional jumps to be always taken, etc. The issue here is that __reg_bound_offset32()'s implementation from commit 581738a681b6 (""bpf: Provide better register bounds after jmp32 instructions"") makes an incorrect range assumption: static void __reg_bound_offset32(struct bpf_reg_state *reg) { u64 mask = 0xffffFFFF; struct tnum range = tnum_range(reg->umin_value & mask, reg->umax_value & mask); struct tnum lo32 = tnum_cast(reg->var_off, 4); struct tnum hi32 = tnum_lshift(tnum_rshift(reg->var_off, 32), 32); reg->var_off = tnum_or(hi32, tnum_intersect(lo32, range)); } In the above walk-through example, __reg_bound_offset32() as-is chose a range after masking with 0xffffffff of [0x0,0x0] since umin:0x2000000000 and umax:0x4000000000 and therefore the lo32 part was clamped to 0x0 as well. However, in the umin:0x2000000000 and umax:0x4000000000 range above we'd end up with an actual possible interval of [0x0,0xffffffff] for u32 space instead. In case of the original reproducer, the situation looked as follows at insn 5 for r0: [...] 5: R0_w=invP(id=0,umin_value=808464432,umax_value=5103431727,var_off=(0x0; 0x1ffffffff)) R1_w=invP808464432 R10=fp0 0x30303030 0x13030302f 5: (de) if w1 s<= w0 goto pc+0 R0_w=invP(id=0,umin_value=808464432,umax_value=5103431727,var_off=(0x30303020; 0x10000001f)) R1_w=invP808464432 R10=fp0 0x30303030 0x13030302f [...] After the fall-through, we similarly forced the var_off result into the wrong range [0x30303030,0x3030302f] suggesting later on that fixed bits must only be of 0x30303020 with 0x10000001f unknowns whereas such assumption can only be made when both bounds in hi32 range match. Originally, I was thinking to fix this by moving reg into a temp reg and use proper coerce_reg_to_size() helper on the temp reg where we can then based on that define the range tnum for later intersection: static void __reg_bound_offset32(struct bpf_reg_state *reg) { struct bpf_reg_state tmp = *reg; struct tnum lo32, hi32, range; coerce_reg_to_size(&tmp, 4); range = tnum_range(tmp.umin_value, tmp.umax_value); lo32 = tnum_cast(reg->var_off, 4); hi32 = tnum_lshift(tnum_rshift(reg->var_off, 32), 32); reg->var_off = tnum_or(hi32, tnum_intersect(lo32, range)); } In the case of the concrete example, this gives us a more conservative unknown section. Thus, after knowing r1 <= 0x4000000000 and r1 >= 0x2000000000 and w1 <= 0x400 and w1 >= 0x200: max: 0b100000000000000000000000000000000000000 / 0x4000000000 var: 0b111111111111111111111111111111111111111 / 0x7fffffffff min: 0b010000000000000000000000000000000000000 / 0x2000000000 However, above new __reg_bound_offset32() has no effect on refining the knowledge of the register contents. Meaning, if the bounds in hi32 range mismatch we'll get the identity function given the range reg spans [0x0,0xffffffff] and we cast var_off into lo32 only to later on binary or it again with the hi32. Likewise, if the bounds in hi32 range match, then we mask both bounds with 0xffffffff, use the resulting umin/umax for the range to later intersect the lo32 with it. However, _prior_ called __reg_bound_offset() did already such intersection on the full reg and we therefore would only repeat the same operation on the lo32 part twice. Given this has no effect and the original commit had false assumptions, this patch reverts the code entirely which is also more straight forward for stable trees: apparently 581738a681b6 got auto-selected by Sasha's ML system and misclassified as a fix, so it got sucked into v5.4 where it should never have landed. A revert is low-risk also from a user PoV since it requires a recent kernel and llc to opt-into -mcpu=v3 BPF CPU to generate jmp32 instructions. A proper bounds refinement would need a significantly more complex approach which is currently being worked, but no stable material [0]. Hence revert is best option for stable. After the revert, the original reported program gets rejected as follows: 1: (7f) r0 >>= r0 2: (14) w0 -= 808464432 3: (07) r0 += 808464432 4: (b7) r1 = 808464432 5: (de) if w1 s<= w0 goto pc+0 R0_w=invP(id=0,umin_value=808464432,umax_value=5103431727,var_off=(0x0; 0x1ffffffff)) R1_w=invP808464432 R10=fp0 6: (07) r0 += -2144337872 7: (14) w0 -= -1607454672 8: (25) if r0 > 0x30303030 goto pc+0 R0_w=invP(id=0,umax_value=808464432,var_off=(0x0; 0x3fffffff)) R1_w=invP808464432 R10=fp0 9: (76) if w0 s>= 0x303030 goto pc+2 R0=invP(id=0,umax_value=3158063,var_off=(0x0; 0x3fffff)) R1=invP808464432 R10=fp0 10: (30) r0 = *(u8 *)skb[808464432] BPF_LD_[ABS|IND] uses reserved fields processed 11 insns (limit 1000000) [...] [0] https://lore.kernel.org/bpf/158507130343.15666.8018068546764556975.stgit@john-Precision-5820-Tower/T/ Fixes: 581738a681b6 (""bpf: Provide better register bounds after jmp32 instructions"") Reported-by: Anatoly Trosinenko Signed-off-by: Daniel Borkmann Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/20200330160324.15259-2-daniel@iogearbox.net","kernel/bpf/verifier.c | 19 -------------------; 1 file changed, 19 deletions(-)","The commit reverts changes in the eBPF verifier to address a bug causing incorrect instruction handling and resulting in a hang.","verifier, revert, hang","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The eBPF verifier. This component ensures that eBPF programs are safe to run within the kernel.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"16deaef205b6da832f88a98770c55c8b85aaadfa","16deaef205b6da832f88a98770c55c8b85aaadfa","Yunsheng Lin","linyunsheng@huawei.com","1585379395","David S. Miller","davem@davemloft.net","1585591073","3990608f44582e9b479939c2c8fc622e51cc74ec","cf673ed0e057a2dd68d930c6d7e30d53c70c5789","net: hns3: drop the WQ_MEM_RECLAIM flag when allocating WQ The WQ in hns3 driver is allocated with WQ_MEM_RECLAIM flag in order to guarantee forward progress, which may cause hns3' WQ_MEM_RECLAIM WQ flushing infiniband' !WQ_MEM_RECLAIM WQ warning: [11246.200168] hns3 0000:bd:00.1: Reset done, hclge driver initialization finished. [11246.209979] hns3 0000:bd:00.1 eth7: net open [11246.227608] ------------[ cut here ]------------ [11246.237370] workqueue: WQ_MEM_RECLAIM hclge:hclge_service_task [hclge] is flushing !WQ_MEM_RECLAIM infiniband:0x0 [11246.237391] WARNING: CPU: 50 PID: 2279 at ./kernel/workqueue.c:2605 check_flush_dependency+0xcc/0x140 [11246.260412] Modules linked in: hclgevf hns_roce_hw_v2 rdma_test(O) hns3 xt_CHECKSUM iptable_mangle xt_conntrack ipt_REJECT nf_reject_ipv4 ebtable_filter ebtables ip6table_filter ip6_tables iptable_filter bpfilter vfio_iommu_type1 vfio_pci vfio_virqfd vfio ib_isert iscsi_target_mod ib_ipoib ib_umad rpcrdma ib_iser libiscsi scsi_transport_iscsi aes_ce_blk crypto_simd cryptd aes_ce_cipher sunrpc nls_iso8859_1 crct10dif_ce ghash_ce sha2_ce sha256_arm64 sha1_ce joydev input_leds hid_generic usbkbd usbmouse sbsa_gwdt usbhid usb_storage hid ses hclge hisi_zip hisi_hpre hisi_sec2 hnae3 hisi_qm ahci hisi_trng_v2 evbug uacce rng_core gpio_dwapb autofs4 hisi_sas_v3_hw megaraid_sas hisi_sas_main libsas scsi_transport_sas [last unloaded: hns_roce_hw_v2] [11246.325742] CPU: 50 PID: 2279 Comm: kworker/50:0 Kdump: loaded Tainted: G O 5.4.0-rc4+ #1 [11246.335181] Hardware name: Huawei TaiShan 200 (Model 2280)/BC82AMDD, BIOS 2280-V2 CS V3.B140.01 12/18/2019 [11246.344802] Workqueue: hclge hclge_service_task [hclge] [11246.350007] pstate: 60c00009 (nZCv daif +PAN +UAO) [11246.354779] pc : check_flush_dependency+0xcc/0x140 [11246.359549] lr : check_flush_dependency+0xcc/0x140 [11246.364317] sp : ffff800268a73990 [11246.367618] x29: ffff800268a73990 x28: 0000000000000001 [11246.372907] x27: ffffcbe4f5868000 x26: ffffcbe4f5541000 [11246.378196] x25: 00000000000000b8 x24: ffff002fdd0ff868 [11246.383483] x23: ffff002fdd0ff800 x22: ffff2027401ba600 [11246.388770] x21: 0000000000000000 x20: ffff002fdd0ff800 [11246.394059] x19: ffff202719293b00 x18: ffffcbe4f5541948 [11246.399347] x17: 000000006f8ad8dd x16: 0000000000000002 [11246.404634] x15: ffff8002e8a734f7 x14: 6c66207369205d65 [11246.409922] x13: 676c63685b206b73 x12: 61745f6563697672 [11246.415208] x11: 65735f65676c6368 x10: 3a65676c6368204d [11246.420494] x9 : 49414c4345525f4d x8 : 6e6162696e69666e [11246.425782] x7 : 69204d49414c4345 x6 : ffffcbe4f5765145 [11246.431068] x5 : 0000000000000000 x4 : 0000000000000000 [11246.436355] x3 : 0000000000000030 x2 : 00000000ffffffff [11246.441642] x1 : 3349eb1ac5310100 x0 : 0000000000000000 [11246.446928] Call trace: [11246.449363] check_flush_dependency+0xcc/0x140 [11246.453785] flush_workqueue+0x110/0x410 [11246.457691] ib_cache_cleanup_one+0x54/0x468 [11246.461943] __ib_unregister_device+0x70/0xa8 [11246.466279] ib_unregister_device+0x2c/0x40 [11246.470455] hns_roce_exit+0x34/0x198 [hns_roce_hw_v2] [11246.475571] __hns_roce_hw_v2_uninit_instance.isra.56+0x3c/0x58 [hns_roce_hw_v2] [11246.482934] hns_roce_hw_v2_reset_notify+0xd8/0x210 [hns_roce_hw_v2] [11246.489261] hclge_notify_roce_client+0x84/0xe0 [hclge] [11246.494464] hclge_reset_rebuild+0x60/0x730 [hclge] [11246.499320] hclge_reset_service_task+0x400/0x5a0 [hclge] [11246.504695] hclge_service_task+0x54/0x698 [hclge] [11246.509464] process_one_work+0x15c/0x458 [11246.513454] worker_thread+0x144/0x520 [11246.517186] kthread+0xfc/0x128 [11246.520314] ret_from_fork+0x10/0x18 [11246.523873] ---[ end trace eb980723699c2585 ]--- [11246.528710] hns3 0000:bd:00.2: Func clear success after reset. [11246.528747] hns3 0000:bd:00.0: Func clear success after reset. [11246.907710] hns3 0000:bd:00.1 eth7: link up According to [1] and [2]: There seems to be no specific guidance about how to handling the forward progress guarantee of network device's WQ yet, and other network device's WQ seem to be marked with WQ_MEM_RECLAIM without a clear reason. So this patch removes the WQ_MEM_RECLAIM flag when allocating WQ to aviod the above warning. 1. https://www.spinics.net/lists/netdev/msg631646.html 2. https://www.spinics.net/lists/netdev/msg632097.html Fixes: 0ea68902256e (""net: hns3: allocate WQ with WQ_MEM_RECLAIM flag"") Signed-off-by: Yunsheng Lin Signed-off-by: Huazhong Tan Signed-off-by: David S. Miller ","drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c | 2 +-; drivers/net/ethernet/hisilicon/hns3/hns3vf/hclgevf_main.c | 2 +-; 2 files changed, 2 insertions(+), 2 deletions(-)","The commit fixes a warning in the hns3 driver by removing the WQ_MEM_RECLAIM flag when allocating WQ.","WQ,WQ_MEM_RECLAIM,hns3","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"3db81afd99494a33f1c3839103f0429c8f30cb9d","3db81afd99494a33f1c3839103f0429c8f30cb9d","Sven Schnelle","svens@linux.ibm.com","1583843612","Kees Cook","keescook@chromium.org","1585541451","80d7b3bba65c0cc8489ef315764e04cb3b5b849c","51891498f2da78ee64dfad88fa53c9e85fb50abf","seccomp: Add missing compat_ioctl for notify Executing the seccomp_bpf testsuite under a 64-bit kernel with 32-bit userland (both s390 and x86) doesn't work because there's no compat_ioctl handler defined. Add the handler. Signed-off-by: Sven Schnelle Fixes: 6a21cc50f0c7 (""seccomp: add a return code to trap to userspace"") Cc: stable@vger.kernel.org Link: https://lore.kernel.org/r/20200310123332.42255-1-svens@linux.ibm.com Signed-off-by: Kees Cook ","kernel/seccomp.c | 1 +; 1 file changed, 1 insertion(+)","The commit addresses a missing compat_ioctl handler for seccomp notify on 64-bit kernels with 32-bit userland.","seccomp compat_ioctl notify","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"641cd7b06c911c5935c34f24850ea18690649917","641cd7b06c911c5935c34f24850ea18690649917","Daniel Borkmann","daniel@iogearbox.net","1585524955","Daniel Borkmann","daniel@iogearbox.net","1585525158","f1c6e1e37b2fdd564c5742ab3145aa0b3e75feda","e5fb60ee4c958b92686830ecfaf5e60bbd139130 4dece7f3b9258e812795443b4bf64ff9454a0411","Merge branch 'bpf-lsm' KP Singh says: ==================== ** Motivation Google does analysis of rich runtime security data to detect and thwart threats in real-time. Currently, this is done in custom kernel modules but we would like to replace this with something that's upstream and useful to others. The current kernel infrastructure for providing telemetry (Audit, Perf etc.) is disjoint from access enforcement (i.e. LSMs). Augmenting the information provided by audit requires kernel changes to audit, its policy language and user-space components. Furthermore, building a MAC policy based on the newly added telemetry data requires changes to various LSMs and their respective policy languages. This patchset allows BPF programs to be attached to LSM hooks This facilitates a unified and dynamic (not requiring re-compilation of the kernel) audit and MAC policy. ** Why an LSM? Linux Security Modules target security behaviours rather than the kernel's API. For example, it's easy to miss out a newly added system call for executing processes (eg. execve, execveat etc.) but the LSM framework ensures that all process executions trigger the relevant hooks irrespective of how the process was executed. Allowing users to implement LSM hooks at runtime also benefits the LSM eco-system by enabling a quick feedback loop from the security community about the kind of behaviours that the LSM Framework should be targeting. ** How does it work? The patchset introduces a new eBPF (https://docs.cilium.io/en/v1.6/bpf/) program type BPF_PROG_TYPE_LSM which can only be attached to LSM hooks. Loading and attachment of BPF programs requires CAP_SYS_ADMIN. The new LSM registers nop functions (bpf_lsm_) as LSM hook callbacks. Their purpose is to provide a definite point where BPF programs can be attached as BPF_TRAMP_MODIFY_RETURN trampoline programs for hooks that return an int, and BPF_TRAMP_FEXIT trampoline programs for void LSM hooks. Audit logs can be written using a format chosen by the eBPF program to the perf events buffer or to global eBPF variables or maps and can be further processed in user-space. ** BTF Based Design The current design uses BTF: * https://facebookmicrosites.github.io/bpf/blog/2018/11/14/btf-enhancement.html * https://lwn.net/Articles/803258 which allows verifiable read-only structure accesses by field names rather than fixed offsets. This allows accessing the hook parameters using a dynamically created context which provides a certain degree of ABI stability: // Only declare the structure and fields intended to be used // in the program struct vm_area_struct { unsigned long vm_start; } __attribute__((preserve_access_index)); // Declare the eBPF program mprotect_audit which attaches to // to the file_mprotect LSM hook and accepts three arguments. SEC(""lsm/file_mprotect"") int BPF_PROG(mprotect_audit, struct vm_area_struct *vma, unsigned long reqprot, unsigned long prot, int ret) { unsigned long vm_start = vma->vm_start; return 0; } By relocating field offsets, BTF makes a large portion of kernel data structures readily accessible across kernel versions without requiring a large corpus of BPF helper functions and requiring recompilation with every kernel version. The BTF type information is also used by the BPF verifier to validate memory accesses within the BPF program and also prevents arbitrary writes to the kernel memory. The limitations of BTF compatibility are described in BPF Co-Re (http://vger.kernel.org/bpfconf2019_talks/bpf-core.pdf, i.e. field renames, #defines and changes to the signature of LSM hooks). This design imposes that the MAC policy (eBPF programs) be updated when the inspected kernel structures change outside of BTF compatibility guarantees. In practice, this is only required when a structure field used by a current policy is removed (or renamed) or when the used LSM hooks change. We expect the maintenance cost of these changes to be acceptable as compared to the design presented in the RFC. (https://lore.kernel.org/bpf/20190910115527.5235-1-kpsingh@chromium.org/). ** Usage Examples A simple example and some documentation is included in the patchset. In order to better illustrate the capabilities of the framework some more advanced prototype (not-ready for review) code has also been published separately: * Logging execution events (including environment variables and arguments) https://github.com/sinkap/linux-krsi/blob/patch/v1/examples/samples/bpf/lsm_audit_env.c * Detecting deletion of running executables: https://github.com/sinkap/linux-krsi/blob/patch/v1/examples/samples/bpf/lsm_detect_exec_unlink.c * Detection of writes to /proc//mem: https://github.com/sinkap/linux-krsi/blob/patch/v1/examples/samples/bpf/lsm_audit_env.c We have updated Google's internal telemetry infrastructure and have started deploying this LSM on our Linux Workstations. This gives us more confidence in the real-world applications of such a system. ** Changelog: - v8 -> v9: https://lore.kernel.org/bpf/20200327192854.31150-1-kpsingh@chromium.org/ * Fixed a selftest crash when CONFIG_LSM doesn't have ""bpf"". * Added James' Ack. * Rebase. - v7 -> v8: https://lore.kernel.org/bpf/20200326142823.26277-1-kpsingh@chromium.org/ * Removed CAP_MAC_ADMIN check from bpf_lsm_verify_prog. LSMs can add it in their own bpf_prog hook. This can be revisited as a separate patch. * Added Andrii and James' Ack/Review tags. * Fixed an indentation issue and missing newlines in selftest error a cases. * Updated a comment as suggested by Alexei. * Updated the documentation to use the newer libbpf API and some other fixes. * Rebase - v6 -> v7: https://lore.kernel.org/bpf/20200325152629.6904-1-kpsingh@chromium.org/ * Removed __weak from the LSM attachment nops per Kees' suggestion. Will send a separate patch (if needed) to update the noinline definition in include/linux/compiler_attributes.h. * waitpid to wait specifically for the forked child in selftests. * Comment format fixes in security/... as suggested by Casey. * Added Acks from Kees and Andrii and Casey's Reviewed-by: tags to the respective patches. * Rebase - v5 -> v6: https://lore.kernel.org/bpf/20200323164415.12943-1-kpsingh@chromium.org/ * Updated LSM_HOOK macro to define a default value and cleaned up the BPF LSM hook declarations. * Added Yonghong's Acks and Kees' Reviewed-by tags. * Simplification of the selftest code. * Rebase and fixes suggested by Andrii and Yonghong and some other minor fixes noticed in internal review. - v4 -> v5: https://lore.kernel.org/bpf/20200220175250.10795-1-kpsingh@chromium.org/ * Removed static keys and special casing of BPF calls from the LSM framework. * Initialized the BPF callbacks (nops) as proper LSM hooks. * Updated to using the newly introduced BPF_TRAMP_MODIFY_RETURN trampolines in https://lkml.org/lkml/2020/3/4/877 * Addressed Andrii's feedback and rebased. - v3 -> v4: * Moved away from allocating a separate security_hook_heads and adding a new special case for arch_prepare_bpf_trampoline to using BPF fexit trampolines called from the right place in the LSM hook and toggled by static keys based on the discussion in: https://lore.kernel.org/bpf/CAG48ez25mW+_oCxgCtbiGMX07g_ph79UOJa07h=o_6B6+Q-u5g@mail.gmail.com/ * Since the code does not deal with security_hook_heads anymore, it goes from ""being a BPF LSM"" to ""BPF program attachment to LSM hooks"". * Added a new test case which ensures that the BPF programs' return value is reflected by the LSM hook. - v2 -> v3 does not change the overall design and has some minor fixes: * LSM_ORDER_LAST is introduced to represent the behaviour of the BPF LSM * Fixed the inadvertent clobbering of the LSM Hook error codes * Added GPL license requirement to the commit log * The lsm_hook_idx is now the more conventional 0-based index * Some changes were split into a separate patch (""Load btf_vmlinux only once per object"") https://lore.kernel.org/bpf/20200117212825.11755-1-kpsingh@chromium.org/ * Addressed Andrii's feedback on the BTF implementation * Documentation update for using generated vmlinux.h to simplify programs * Rebase - Changes since v1: https://lore.kernel.org/bpf/20191220154208.15895-1-kpsingh@chromium.org * Eliminate the requirement to maintain LSM hooks separately in security/bpf/hooks.h Use BPF trampolines to dynamically allocate security hooks * Drop the use of securityfs as bpftool provides the required introspection capabilities. Update the tests to use the bpf_skeleton and global variables * Use O_CLOEXEC anonymous fds to represent BPF attachment in line with the other BPF programs with the possibility to use bpf program pinning in the future to provide ""permanent attachment"". * Drop the logic based on prog names for handling re-attachment. * Drop bpf_lsm_event_output from this series and send it as a separate patch. ==================== Signed-off-by: Daniel Borkmann ","","This commit merges a branch for integrating eBPF program support with Linux Security Modules for dynamic security and audit enhancements.","LSM,eBPF,audit","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","['LSM type related programs. It relates to eBPF programs used with Linux Security Modules (LSMs) for security enhancements.']" +"4dece7f3b9258e812795443b4bf64ff9454a0411","4dece7f3b9258e812795443b4bf64ff9454a0411","KP Singh","kpsingh@google.com","1585442636","Daniel Borkmann","daniel@iogearbox.net","1585524912","f1c6e1e37b2fdd564c5742ab3145aa0b3e75feda","03e54f100d5756f8403fffd60aed8e883ea864c0","bpf: lsm: Add Documentation Document how eBPF programs (BPF_PROG_TYPE_LSM) can be loaded and attached (BPF_LSM_MAC) to the LSM hooks. Signed-off-by: KP Singh Signed-off-by: Daniel Borkmann Reviewed-by: Brendan Jackman Reviewed-by: Florent Revest Reviewed-by: Thomas Garnier Reviewed-by: James Morris Link: https://lore.kernel.org/bpf/20200329004356.27286-9-kpsingh@chromium.org","Documentation/bpf/bpf_lsm.rst | 142 ++++++++++++++++++++++++++++++++++++++++++; Documentation/bpf/index.rst | 1 +; 2 files changed, 143 insertions(+)","This commit adds documentation for usage of eBPF programs with LSM hooks.","documentation,eBPF,LSM","A documentation change or typo fix. It only involves changes to documentation files or fixes a typographical error.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['LSM type related programs. It relates to eBPF programs used with Linux Security Modules (LSMs) for security enhancements.']" +"03e54f100d5756f8403fffd60aed8e883ea864c0","03e54f100d5756f8403fffd60aed8e883ea864c0","KP Singh","kpsingh@google.com","1585442635","Daniel Borkmann","daniel@iogearbox.net","1585524911","2f0420f59340c4135cdbad9893de20dd66f24666","1e092a0318292637cde832868016f37e942eed24","bpf: lsm: Add selftests for BPF_PROG_TYPE_LSM * Load/attach a BPF program that hooks to file_mprotect (int) and bprm_committed_creds (void). * Perform an action that triggers the hook. * Verify if the audit event was received using the shared global variables for the process executed. * Verify if the mprotect returns a -EPERM. Signed-off-by: KP Singh Signed-off-by: Daniel Borkmann Reviewed-by: Brendan Jackman Reviewed-by: Florent Revest Reviewed-by: Thomas Garnier Reviewed-by: James Morris Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200329004356.27286-8-kpsingh@chromium.org","tools/testing/selftests/bpf/config | 2 +; tools/testing/selftests/bpf/prog_tests/test_lsm.c | 86 +++++++++++++++++++++++; tools/testing/selftests/bpf/progs/lsm.c | 48 +++++++++++++; 3 files changed, 136 insertions(+)","Add self-tests for BPF LSM hooks to verify file mprotect and credential handling.","selftests, BPF_PROG_TYPE_LSM, hooks","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['LSM type related programs. It relates to eBPF programs used with Linux Security Modules (LSMs) for security enhancements.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"1e092a0318292637cde832868016f37e942eed24","1e092a0318292637cde832868016f37e942eed24","KP Singh","kpsingh@google.com","1585442634","Daniel Borkmann","daniel@iogearbox.net","1585524911","a1ba54bb8ab6571011f6f834e2516dee145c2221","520b7aa00d8cd8e411ecc09f63a2acd90feb6d29","tools/libbpf: Add support for BPF_PROG_TYPE_LSM Since BPF_PROG_TYPE_LSM uses the same attaching mechanism as BPF_PROG_TYPE_TRACING, the common logic is refactored into a static function bpf_program__attach_btf_id. A new API call bpf_program__attach_lsm is still added to avoid userspace conflicts if this ever changes in the future. Signed-off-by: KP Singh Signed-off-by: Daniel Borkmann Reviewed-by: Brendan Jackman Reviewed-by: Florent Revest Reviewed-by: James Morris Acked-by: Yonghong Song Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200329004356.27286-7-kpsingh@chromium.org","tools/lib/bpf/bpf.c | 3 ++-; tools/lib/bpf/libbpf.c | 39 +++++++++++++++++++++++++++++++++++----; tools/lib/bpf/libbpf.h | 4 ++++; tools/lib/bpf/libbpf.map | 3 +++; 4 files changed, 44 insertions(+), 5 deletions(-)","The commit refactors common logic for attaching LSM and tracing programs in libbpf and introduces a new API call for LSM attachment.","BPF_PROG_TYPE_LSM, libbpf, attaching","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['LSM type related programs. It relates to eBPF programs used with Linux Security Modules (LSMs) for security enhancements.']" +"520b7aa00d8cd8e411ecc09f63a2acd90feb6d29","520b7aa00d8cd8e411ecc09f63a2acd90feb6d29","KP Singh","kpsingh@google.com","1585442633","Daniel Borkmann","daniel@iogearbox.net","1585524840","226910e9b7b3b6778dbe962e611b4c6059601b7b","9e4e01dfd3254c7f04f24b7c6b29596bc12332f3","bpf: lsm: Initialize the BPF LSM hooks * The hooks are initialized using the definitions in include/linux/lsm_hook_defs.h. * The LSM can be enabled / disabled with CONFIG_BPF_LSM. Signed-off-by: KP Singh Signed-off-by: Daniel Borkmann Reviewed-by: Brendan Jackman Reviewed-by: Florent Revest Acked-by: Kees Cook Acked-by: James Morris Link: https://lore.kernel.org/bpf/20200329004356.27286-6-kpsingh@chromium.org","security/Kconfig | 10 +++++-----; security/Makefile | 2 ++; security/bpf/Makefile | 5 +++++; security/bpf/hooks.c | 26 ++++++++++++++++++++++++++; 4 files changed, 38 insertions(+), 5 deletions(-)","The commit initializes BPF LSM hooks to enable integration of BPF with Linux Security Modules.","BPF,LSM,initialize","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['LSM type related programs. It relates to eBPF programs used with Linux Security Modules (LSMs) for security enhancements.']" +"9e4e01dfd3254c7f04f24b7c6b29596bc12332f3","9e4e01dfd3254c7f04f24b7c6b29596bc12332f3","KP Singh","kpsingh@google.com","1585442632","Daniel Borkmann","daniel@iogearbox.net","1585524840","5c98d39252c414dd308b372c07c0bd6bec4944ac","9d3fdea789c8fab51381c2d609932fabe94c0517","bpf: lsm: Implement attach, detach and execution JITed BPF programs are dynamically attached to the LSM hooks using BPF trampolines. The trampoline prologue generates code to handle conversion of the signature of the hook to the appropriate BPF context. The allocated trampoline programs are attached to the nop functions initialized as LSM hooks. BPF_PROG_TYPE_LSM programs must have a GPL compatible license and and need CAP_SYS_ADMIN (required for loading eBPF programs). Upon attachment: * A BPF fexit trampoline is used for LSM hooks with a void return type. * A BPF fmod_ret trampoline is used for LSM hooks which return an int. The attached programs can override the return value of the bpf LSM hook to indicate a MAC Policy decision. Signed-off-by: KP Singh Signed-off-by: Daniel Borkmann Reviewed-by: Brendan Jackman Reviewed-by: Florent Revest Acked-by: Andrii Nakryiko Acked-by: James Morris Link: https://lore.kernel.org/bpf/20200329004356.27286-5-kpsingh@chromium.org","include/linux/bpf_lsm.h | 11 ++++++++++; kernel/bpf/bpf_lsm.c | 23 ++++++++++++++++++++; kernel/bpf/btf.c | 16 +++++++++++++-; kernel/bpf/syscall.c | 57 +++++++++++++++++++++++++++++++++----------------; kernel/bpf/trampoline.c | 17 +++++++++++----; kernel/bpf/verifier.c | 19 +++++++++++++----; 6 files changed, 116 insertions(+), 27 deletions(-)","The commit implements dynamic attachment and execution of JITed BPF programs at LSM hooks via BPF trampolines.","LSM,trampolines,attach","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['LSM type related programs. It relates to eBPF programs used with Linux Security Modules (LSMs) for security enhancements.']" +"9d3fdea789c8fab51381c2d609932fabe94c0517","9d3fdea789c8fab51381c2d609932fabe94c0517","KP Singh","kpsingh@google.com","1585442631","Daniel Borkmann","daniel@iogearbox.net","1585524840","49b02df49c0af7a9952eec5bc3b504ed9441375b","98e828a0650f348be85728c69875260cf78069e6","bpf: lsm: Provide attachment points for BPF LSM programs When CONFIG_BPF_LSM is enabled, nop functions, bpf_lsm_, are generated for each LSM hook. These functions are initialized as LSM hooks in a subsequent patch. Signed-off-by: KP Singh Signed-off-by: Daniel Borkmann Reviewed-by: Brendan Jackman Reviewed-by: Florent Revest Reviewed-by: Kees Cook Acked-by: Yonghong Song Acked-by: James Morris Link: https://lore.kernel.org/bpf/20200329004356.27286-4-kpsingh@chromium.org","include/linux/bpf_lsm.h | 22 ++++++++++++++++++++++; kernel/bpf/bpf_lsm.c | 14 ++++++++++++++; 2 files changed, 36 insertions(+)","Provide attachment points for BPF LSM programs by generating nop functions for each LSM hook when CONFIG_BPF_LSM is enabled.","BPF,LSM,attachment","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['LSM type related programs. It relates to eBPF programs used with Linux Security Modules (LSMs) for security enhancements.']" +"98e828a0650f348be85728c69875260cf78069e6","98e828a0650f348be85728c69875260cf78069e6","KP Singh","kpsingh@google.com","1585442630","Daniel Borkmann","daniel@iogearbox.net","1585524840","fbac6bde4fc2450ccd4432346afc15770252865d","fc611f47f2188ade2b48ff6902d5cce8baac0c58","security: Refactor declaration of LSM hooks The information about the different types of LSM hooks is scattered in two locations i.e. union security_list_options and struct security_hook_heads. Rather than duplicating this information even further for BPF_PROG_TYPE_LSM, define all the hooks with the LSM_HOOK macro in lsm_hook_defs.h which is then used to generate all the data structures required by the LSM framework. The LSM hooks are defined as: LSM_HOOK(, , , args...) with acccessible in security.c as: LSM_RET_DEFAULT() Signed-off-by: KP Singh Signed-off-by: Daniel Borkmann Reviewed-by: Brendan Jackman Reviewed-by: Florent Revest Reviewed-by: Kees Cook Reviewed-by: Casey Schaufler Acked-by: James Morris Link: https://lore.kernel.org/bpf/20200329004356.27286-3-kpsingh@chromium.org","include/linux/lsm_hook_defs.h | 381 +++++++++++++++++++++++++; include/linux/lsm_hooks.h | 628 +-----------------------------------------; security/security.c | 41 ++-; 3 files changed, 423 insertions(+), 627 deletions(-)","Refactor LSM hook declarations to consolidate definitions and improve maintainability within the security framework.","LSM, hooks, refactor","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['LSM type related programs. It relates to eBPF programs used with Linux Security Modules (LSMs) for security enhancements.']" +"fc611f47f2188ade2b48ff6902d5cce8baac0c58","fc611f47f2188ade2b48ff6902d5cce8baac0c58","KP Singh","kpsingh@google.com","1585442629","Daniel Borkmann","daniel@iogearbox.net","1585524840","fa4363e15a618c0f4357d846f9b0b4cd20c6433c","e5fb60ee4c958b92686830ecfaf5e60bbd139130","bpf: Introduce BPF_PROG_TYPE_LSM Introduce types and configs for bpf programs that can be attached to LSM hooks. The programs can be enabled by the config option CONFIG_BPF_LSM. Signed-off-by: KP Singh Signed-off-by: Daniel Borkmann Reviewed-by: Brendan Jackman Reviewed-by: Florent Revest Reviewed-by: Thomas Garnier Acked-by: Yonghong Song Acked-by: Andrii Nakryiko Acked-by: James Morris Link: https://lore.kernel.org/bpf/20200329004356.27286-2-kpsingh@chromium.org","MAINTAINERS | 1 +; include/linux/bpf.h | 3 +++; include/linux/bpf_types.h | 4 ++++; include/uapi/linux/bpf.h | 2 ++; init/Kconfig | 12 ++++++++++++; kernel/bpf/Makefile | 1 +; kernel/bpf/bpf_lsm.c | 17 +++++++++++++++++; kernel/trace/bpf_trace.c | 12 ++++++------; tools/include/uapi/linux/bpf.h | 2 ++; tools/lib/bpf/libbpf_probes.c | 1 +; 10 files changed, 49 insertions(+), 6 deletions(-)","This commit introduces support for BPF programs to attach to LSM hooks enabled by CONFIG_BPF_LSM.","BPF LSM CONFIG","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['LSM type related programs. It relates to eBPF programs used with Linux Security Modules (LSMs) for security enhancements.']" +"e5fb60ee4c958b92686830ecfaf5e60bbd139130","e5fb60ee4c958b92686830ecfaf5e60bbd139130","Toke Høiland-Jørgensen","toke@redhat.com","1585488173","Daniel Borkmann","daniel@iogearbox.net","1585523855","d347b0b3979feee72d5b4a87edd55fb03a1fc0e8","e2842be53d4f31962a9992eab39391cdf637fa2e","selftests: Add test for overriding global data value before load This adds a test to exercise the new bpf_map__set_initial_value() function. The test simply overrides the global data section with all zeroes, and checks that the new value makes it into the kernel map on load. Signed-off-by: Toke Høiland-Jørgensen Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200329132253.232541-2-toke@redhat.com",".../selftests/bpf/prog_tests/global_data_init.c | 61 ++++++++++++++++++++++; .../testing/selftests/bpf/progs/test_global_data.c | 2 +-; 2 files changed, 62 insertions(+), 1 deletion(-)","This commit adds a selftest for the bpf_map__set_initial_value function to verify global data initialization in kernel maps.","selftests,bpf_map,global","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"e2842be53d4f31962a9992eab39391cdf637fa2e","e2842be53d4f31962a9992eab39391cdf637fa2e","Toke Høiland-Jørgensen","toke@redhat.com","1585488172","Daniel Borkmann","daniel@iogearbox.net","1585523825","9c448a2ad2a0e7dc392015e97a0fbd247dd6a7b6","5a95cbb80ef8d8f2db29ab10777cd4742e6fc8ec","libbpf: Add setter for initial value for internal maps For internal maps (most notably the maps backing global variables), libbpf uses an internal mmaped area to store the data after opening the object. This data is subsequently copied into the kernel map when the object is loaded. This adds a function to set a new value for that data, which can be used to before it is loaded into the kernel. This is especially relevant for RODATA maps, since those are frozen on load. Signed-off-by: Toke Høiland-Jørgensen Signed-off-by: Daniel Borkmann Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20200329132253.232541-1-toke@redhat.com","tools/lib/bpf/libbpf.c | 11 +++++++++++; tools/lib/bpf/libbpf.h | 2 ++; tools/lib/bpf/libbpf.map | 1 +; 3 files changed, 14 insertions(+)","Added a function to set initial values for internal maps in libbpf for eBPF object loading.","libbpf,internal maps,RODATA","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Maps Logic. E.g. It changes how eBPF maps are created accessed or managed by both user-space and kernel-space.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"5a95cbb80ef8d8f2db29ab10777cd4742e6fc8ec","5a95cbb80ef8d8f2db29ab10777cd4742e6fc8ec","Daniel Borkmann","daniel@iogearbox.net","1585511942","Daniel Borkmann","daniel@iogearbox.net","1585523810","26d05f20892a2d22c715366fa8d48aa6e4e78181","ae661deca7b9f3fa7d1eda99aedbdd12155ade40","bpf, net: Fix build issue when net ns not configured Fix a redefinition of 'net_gen_cookie' error that was overlooked when net ns is not configured. Fixes: f318903c0bf4 (""bpf: Add netns cookie and enable it for bpf cgroup hooks"") Reported-by: kbuild test robot Signed-off-by: Daniel Borkmann ","include/net/net_namespace.h | 9 ++-------; 1 file changed, 2 insertions(+), 7 deletions(-)","Fix for a build error due to redefinition in 'net_gen_cookie' when network namespace is not configured.","build, net, redefinition","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","It's not related to any above. It affects an implementation component not listed but does related to the BPF subsystem.","Control Plane interface Logic. E.g. It modifies the interface through which user-space programs control or interact with eBPF in the kernel.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"e595dd94515ed6bc5ba38fce0f9598db8c0ee9a9","e595dd94515ed6bc5ba38fce0f9598db8c0ee9a9","Linus Torvalds","torvalds@linux-foundation.org","1585446915","Linus Torvalds","torvalds@linux-foundation.org","1585446915","8da7b1a6cde522d8e441befa8006a92393377ef4","906c40438bb669b253d0daeaf5f37a9f78a81b41 a0ba26f37ea04e025a793ef5e5ac809221728ecb","Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net Pull networking fixes from David Miller: 1) Fix memory leak in vti6, from Torsten Hilbrich. 2) Fix double free in xfrm_policy_timer, from YueHaibing. 3) NL80211_ATTR_CHANNEL_WIDTH attribute is put with wrong type, from Johannes Berg. 4) Wrong allocation failure check in qlcnic driver, from Xu Wang. 5) Get ks8851-ml IO operations right, for real this time, from Marek Vasut. * git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net: (22 commits) r8169: fix PHY driver check on platforms w/o module softdeps net: ks8851-ml: Fix IO operations, again mlxsw: spectrum_mr: Fix list iteration in error path qlcnic: Fix bad kzalloc null test mac80211: set IEEE80211_TX_CTRL_PORT_CTRL_PROTO for nl80211 TX mac80211: mark station unauthorized before key removal mac80211: Check port authorization in the ieee80211_tx_dequeue() case cfg80211: Do not warn on same channel at the end of CSA mac80211: drop data frames without key on encrypted links ieee80211: fix HE SPR size calculation nl80211: fix NL80211_ATTR_CHANNEL_WIDTH attribute type xfrm: policy: Fix doulbe free in xfrm_policy_timer bpf: Explicitly memset some bpf info structures declared on the stack bpf: Explicitly memset the bpf_attr structure bpf: Sanitize the bpf_struct_ops tcp-cc name vti6: Fix memory leak of skb if input policy check fails esp: remove the skb from the chain when it's enqueued in cryptd_wq ipv6: xfrm6_tunnel.c: Use built-in RCU list checking xfrm: add the missing verify_sec_ctx_len check in xfrm_add_acquire xfrm: fix uctx len check in verify_sec_ctx_len ...","","This commit merges networking fixes from a separate branch into the main kernel, involving various subsystems and component changes.","merge,networking,fixed","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"ae661deca7b9f3fa7d1eda99aedbdd12155ade40","ae661deca7b9f3fa7d1eda99aedbdd12155ade40","Alexei Starovoitov","ast@kernel.org","1585430681","Alexei Starovoitov","ast@kernel.org","1585436080","f903dfcf56b495dbd39b348872a191e3a8812c83","e9ff9d52540a53ce8c9eff5bf8b66467fe81eb2b 87854a0b57b34c52e172109b1d3949fc639b6474","Merge branch 'ifla_xdp_expected_fd' Toke Høiland-Jørgensen says: ==================== This series adds support for atomically replacing the XDP program loaded on an interface. This is achieved by means of a new netlink attribute that can specify the expected previous program to replace on the interface. If set, the kernel will compare this ""expected fd"" attribute with the program currently loaded on the interface, and reject the operation if it does not match. With this primitive, userspace applications can avoid stepping on each other's toes when simultaneously updating the loaded XDP program. Changelog: v4: - Switch back to passing FD instead of ID (Andrii) - Rename flag to XDP_FLAGS_REPLACE (for consistency with other similar uses) v3: - Pass existing ID instead of FD (Jakub) - Use opts struct for new libbpf function (Andrii) v2: - Fix checkpatch nits and add .strict_start_type to netlink policy (Jakub) ==================== Signed-off-by: Alexei Starovoitov ","","This commit merges support for atomic XDP program replacement on interfaces with expected previous program verification using netlink.","XDP program,netlink,atomic replacement","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"87854a0b57b34c52e172109b1d3949fc639b6474","87854a0b57b34c52e172109b1d3949fc639b6474","Toke Høiland-Jørgensen","toke@redhat.com","1585157009","Alexei Starovoitov","ast@kernel.org","1585430681","f903dfcf56b495dbd39b348872a191e3a8812c83","bd5ca3ef93cd8fb7e913f15eeb78e67a0d802274","selftests/bpf: Add tests for attaching XDP programs This adds tests for the various replacement operations using IFLA_XDP_EXPECTED_FD. Signed-off-by: Toke Høiland-Jørgensen Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/158515700967.92963.15098921624731968356.stgit@toke.dk",".../testing/selftests/bpf/prog_tests/xdp_attach.c | 62 ++++++++++++++++++++++; 1 file changed, 62 insertions(+)","This commit introduces tests for attaching XDP programs using IFLA_XDP_EXPECTED_FD.","selftests,XDP,programs","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"bd5ca3ef93cd8fb7e913f15eeb78e67a0d802274","bd5ca3ef93cd8fb7e913f15eeb78e67a0d802274","Toke Høiland-Jørgensen","toke@redhat.com","1585157008","Alexei Starovoitov","ast@kernel.org","1585430681","20b66080e37c4e8fb4686963675ef38f6ef9c10d","50a3e678b58ae9535f9e536f2889649b624943c3","libbpf: Add function to set link XDP fd while specifying old program This adds a new function to set the XDP fd while specifying the FD of the program to replace, using the newly added IFLA_XDP_EXPECTED_FD netlink parameter. The new function uses the opts struct mechanism to be extendable in the future. Signed-off-by: Toke Høiland-Jørgensen Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/158515700857.92963.7052131201257841700.stgit@toke.dk","tools/lib/bpf/libbpf.h | 8 ++++++++; tools/lib/bpf/libbpf.map | 1 +; tools/lib/bpf/netlink.c | 34 +++++++++++++++++++++++++++++++++-; 3 files changed, 42 insertions(+), 1 deletion(-)","This commit introduces a libbpf function to set XDP fd using an old program's FD with a netlink parameter.","libbpf,XDP,netlink","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"50a3e678b58ae9535f9e536f2889649b624943c3","50a3e678b58ae9535f9e536f2889649b624943c3","Toke Høiland-Jørgensen","toke@redhat.com","1585157007","Alexei Starovoitov","ast@kernel.org","1585430681","5373ba10df24b2692613cd44238024c2ded7b6df","92234c8f15c8d96ad7e52afdc5994cba6be68eb9","tools: Add EXPECTED_FD-related definitions in if_link.h This adds the IFLA_XDP_EXPECTED_FD netlink attribute definition and the XDP_FLAGS_REPLACE flag to if_link.h in tools/include. Signed-off-by: Toke Høiland-Jørgensen Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/158515700747.92963.8615391897417388586.stgit@toke.dk","tools/include/uapi/linux/if_link.h | 4 +++-; 1 file changed, 3 insertions(+), 1 deletion(-)","This commit adds definitions for IFLA_XDP_EXPECTED_FD and XDP_FLAGS_REPLACE in if_link.h.","EXPECTED_FD,XDP_FLAGS_REPLACE,if_link","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"92234c8f15c8d96ad7e52afdc5994cba6be68eb9","92234c8f15c8d96ad7e52afdc5994cba6be68eb9","Toke Høiland-Jørgensen","toke@redhat.com","1585157006","Alexei Starovoitov","ast@kernel.org","1585430681","7c90ed94c5f54397d15f2c475732b416deda33a5","e9ff9d52540a53ce8c9eff5bf8b66467fe81eb2b","xdp: Support specifying expected existing program when attaching XDP While it is currently possible for userspace to specify that an existing XDP program should not be replaced when attaching to an interface, there is no mechanism to safely replace a specific XDP program with another. This patch adds a new netlink attribute, IFLA_XDP_EXPECTED_FD, which can be set along with IFLA_XDP_FD. If set, the kernel will check that the program currently loaded on the interface matches the expected one, and fail the operation if it does not. This corresponds to a 'cmpxchg' memory operation. Setting the new attribute with a negative value means that no program is expected to be attached, which corresponds to setting the UPDATE_IF_NOEXIST flag. A new companion flag, XDP_FLAGS_REPLACE, is also added to explicitly request checking of the EXPECTED_FD attribute. This is needed for userspace to discover whether the kernel supports the new attribute. Signed-off-by: Toke Høiland-Jørgensen Signed-off-by: Alexei Starovoitov Reviewed-by: Jakub Kicinski Link: https://lore.kernel.org/bpf/158515700640.92963.3551295145441017022.stgit@toke.dk","include/linux/netdevice.h | 2 +-; include/uapi/linux/if_link.h | 4 +++-; net/core/dev.c | 26 +++++++++++++++++++++-----; net/core/rtnetlink.c | 14 ++++++++++++++; 4 files changed, 39 insertions(+), 7 deletions(-)","This commit adds support for checking an existing XDP program before replacing it on a network interface.","XDP,netlink,attribute","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['XDP related type programs. It relates to programs handling high-performance packet processing through the XDP framework.']" +"e9ff9d52540a53ce8c9eff5bf8b66467fe81eb2b","e9ff9d52540a53ce8c9eff5bf8b66467fe81eb2b","Jean-Philippe Menil","jpmenil@gmail.com","1585342033","Daniel Borkmann","daniel@iogearbox.net","1585415598","4d1180ad9c48217810d79502e5563101c3c27530","291cfe365bd3d5002a9c49e9fca8f30136eebc28","bpf: Fix build warning regarding missing prototypes Fix build warnings when building net/bpf/test_run.o with W=1 due to missing prototype for bpf_fentry_test{1..6}. Instead of declaring prototypes, turn off warnings with __diag_{push,ignore,pop} as pointed out by Alexei. Signed-off-by: Jean-Philippe Menil Signed-off-by: Daniel Borkmann Link: https://lore.kernel.org/bpf/20200327204713.28050-1-jpmenil@gmail.com","net/bpf/test_run.c | 4 ++++; 1 file changed, 4 insertions(+)","Fix a build warning for missing prototypes in bpf_fentry_test functions by suppressing warnings in net/bpf/test_run.c.","build,warning,prototypes","A cleanup or refactoring in the code. It involves changes to improve code readability maintainability or structure without changing its functionality.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","The general utilities Logic. E.g. It modifies the tools scripts or code used for building testing config or debugging eBPF.","[""I'm not sure about the use cases or events of the commit. The relationship between It and specific use cases or events is unclear.""]" +"291cfe365bd3d5002a9c49e9fca8f30136eebc28","291cfe365bd3d5002a9c49e9fca8f30136eebc28","Fletcher Dunn","fletcherd@valvesoftware.com","1585279447","Daniel Borkmann","daniel@iogearbox.net","1585411976","1470d902a48b8056ab3006894c8865e724322e0b","2cf69d3fa50e15fd628c512a7d34ad759ac476cb","libbpf, xsk: Init all ring members in xsk_umem__create and xsk_socket__create Fix a sharp edge in xsk_umem__create and xsk_socket__create. Almost all of the members of the ring buffer structs are initialized, but the ""cached_xxx"" variables are not all initialized. The caller is required to zero them. This is needlessly dangerous. The results if you don't do it can be very bad. For example, they can cause xsk_prod_nb_free and xsk_cons_nb_avail to return values greater than the size of the queue. xsk_ring_cons__peek can return an index that does not refer to an item that has been queued. I have confirmed that without this change, my program misbehaves unless I memset the ring buffers to zero before calling the function. Afterwards, my program works without (or with) the memset. Signed-off-by: Fletcher Dunn Signed-off-by: Daniel Borkmann Acked-by: Magnus Karlsson Link: https://lore.kernel.org/bpf/85f12913cde94b19bfcb598344701c38@valvesoftware.com","tools/lib/bpf/xsk.c | 16 ++++++++++++++--; 1 file changed, 14 insertions(+), 2 deletions(-)","The commit initializes uninitialized ring members in xsk_umem__create and xsk_socket__create to prevent potential issues.","libbpf,xsk,initialization","A bug fix. It primarily resolves a bug or issue in the code.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The libbpf library. It affects the library that simplifies interaction with eBPF from user-space applications.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"23599ada0e9173e92d3cc26254b1e18e542c469d","23599ada0e9173e92d3cc26254b1e18e542c469d","Daniel Borkmann","daniel@iogearbox.net","1585324736","Alexei Starovoitov","ast@kernel.org","1585363239","32f01659caf64cb51f6e92cb178eb2dde502a906","834ebca8456c5f7a03d3351227b7c59318ccab62","bpf: Add selftest cases for ctx_or_null argument type Add various tests to make sure the verifier keeps catching them: # ./test_verifier [...] #230/p pass ctx or null check, 1: ctx OK #231/p pass ctx or null check, 2: null OK #232/p pass ctx or null check, 3: 1 OK #233/p pass ctx or null check, 4: ctx - const OK #234/p pass ctx or null check, 5: null (connect) OK #235/p pass ctx or null check, 6: null (bind) OK #236/p pass ctx or null check, 7: ctx (bind) OK #237/p pass ctx or null check, 8: null (bind) OK [...] Summary: 1595 PASSED, 0 SKIPPED, 0 FAILED Signed-off-by: Daniel Borkmann Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/c74758d07b1b678036465ef7f068a49e9efd3548.1585323121.git.daniel@iogearbox.net","tools/testing/selftests/bpf/verifier/ctx.c | 105 +++++++++++++++++++++++++++++; 1 file changed, 105 insertions(+)","The commit introduces self-test cases for verifying 'ctx_or_null' argument type handling in the eBPF verifier.","selftests,verifier,ctxnull","A test case or test infrastructure change. It adds or modifies test cases test scripts or testing infrastructure.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The test cases and makefiles. It adds or modifies test cases or makefile scripts used for testing or building eBPF programs.","A eBPF Instruction Logic. E.g. It changes how eBPF instructions are interpreted validated or executed by the eBPF virtual machine in the kernel.","[""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"834ebca8456c5f7a03d3351227b7c59318ccab62","834ebca8456c5f7a03d3351227b7c59318ccab62","Daniel Borkmann","daniel@iogearbox.net","1585324735","Alexei Starovoitov","ast@kernel.org","1585363239","369b4a75db2a488006a5a1d8c6cb72ef1d973fd6","0f09abd105da6c37713d2b253730a86cb45e127a","bpf: Enable retrival of pid/tgid/comm from bpf cgroup hooks We already have the bpf_get_current_uid_gid() helper enabled, and given we now have perf event RB output available for connect(), sendmsg(), recvmsg() and bind-related hooks, add a trivial change to enable bpf_get_current_pid_tgid() and bpf_get_current_comm() as well. Signed-off-by: Daniel Borkmann Signed-off-by: Alexei Starovoitov Acked-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/18744744ed93c06343be8b41edcfd858706f39d7.1585323121.git.daniel@iogearbox.net","net/core/filter.c | 8 ++++++++; 1 file changed, 8 insertions(+)","The commit enables retrieval of pid, tgid, and comm in eBPF cgroup hooks for perf events.","pid tgid comm","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"0f09abd105da6c37713d2b253730a86cb45e127a","0f09abd105da6c37713d2b253730a86cb45e127a","Daniel Borkmann","daniel@iogearbox.net","1585324734","Alexei Starovoitov","ast@kernel.org","1585363239","53099c731ea40e72c37abb521564cd08fc6c68e6","5a52ae4e32a61ad06ef67f0b3123adbdbac4fb83","bpf: Enable bpf cgroup hooks to retrieve cgroup v2 and ancestor id Enable the bpf_get_current_cgroup_id() helper for connect(), sendmsg(), recvmsg() and bind-related hooks in order to retrieve the cgroup v2 context which can then be used as part of the key for BPF map lookups, for example. Given these hooks operate in process context 'current' is always valid and pointing to the app that is performing mentioned syscalls if it's subject to a v2 cgroup. Also with same motivation of commit 7723628101aa (""bpf: Introduce bpf_skb_ancestor_cgroup_id helper"") enable retrieval of ancestor from current so the cgroup id can be used for policy lookups which can then forbid connect() / bind(), for example. Signed-off-by: Daniel Borkmann Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/d2a7ef42530ad299e3cbb245e6c12374b72145ef.1585323121.git.daniel@iogearbox.net","include/linux/bpf.h | 1 +; include/uapi/linux/bpf.h | 21 ++++++++++++++++++++-; kernel/bpf/core.c | 1 +; kernel/bpf/helpers.c | 18 ++++++++++++++++++; net/core/filter.c | 12 ++++++++++++; tools/include/uapi/linux/bpf.h | 21 ++++++++++++++++++++-; 6 files changed, 72 insertions(+), 2 deletions(-)","This commit enables retrieval of cgroup v2 and ancestor IDs using BPF hooks for syscalls like connect and bind.","BPF,cgroup,hooks","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"5a52ae4e32a61ad06ef67f0b3123adbdbac4fb83","5a52ae4e32a61ad06ef67f0b3123adbdbac4fb83","Daniel Borkmann","daniel@iogearbox.net","1585324733","Alexei Starovoitov","ast@kernel.org","1585363238","b6f8be3cebc0fc9da54c1494b9d4d05e554eac14","f318903c0bf42448b4c884732df2bbb0ef7a2284","bpf: Allow to retrieve cgroup v1 classid from v2 hooks Today, Kubernetes is still operating on cgroups v1, however, it is possible to retrieve the task's classid based on 'current' out of connect(), sendmsg(), recvmsg() and bind-related hooks for orchestrators which attach to the root cgroup v2 hook in a mixed env like in case of Cilium, for example, in order to then correlate certain pod traffic and use it as part of the key for BPF map lookups. Signed-off-by: Daniel Borkmann Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/555e1c69db7376c0947007b4951c260e1074efc3.1585323121.git.daniel@iogearbox.net","include/net/cls_cgroup.h | 7 ++++++-; net/core/filter.c | 21 +++++++++++++++++++++; 2 files changed, 27 insertions(+), 1 deletion(-)","This commit enables retrieving cgroup v1 classid from cgroup v2 hooks for orchestrating traffic correlation in mixed environments.","cgroup classid hooks","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).', 'Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"f318903c0bf42448b4c884732df2bbb0ef7a2284","f318903c0bf42448b4c884732df2bbb0ef7a2284","Daniel Borkmann","daniel@iogearbox.net","1585324732","Alexei Starovoitov","ast@kernel.org","1585363238","a643156f123378f28b06d7902789384b20d27cf7","fcf752ea8c9493acc33280e72112ea6108a0d104","bpf: Add netns cookie and enable it for bpf cgroup hooks In Cilium we're mainly using BPF cgroup hooks today in order to implement kube-proxy free Kubernetes service translation for ClusterIP, NodePort (*), ExternalIP, and LoadBalancer as well as HostPort mapping [0] for all traffic between Cilium managed nodes. While this works in its current shape and avoids packet-level NAT for inter Cilium managed node traffic, there is one major limitation we're facing today, that is, lack of netns awareness. In Kubernetes, the concept of Pods (which hold one or multiple containers) has been built around network namespaces, so while we can use the global scope of attaching to root BPF cgroup hooks also to our advantage (e.g. for exposing NodePort ports on loopback addresses), we also have the need to differentiate between initial network namespaces and non-initial one. For example, ExternalIP services mandate that non-local service IPs are not to be translated from the host (initial) network namespace as one example. Right now, we have an ugly work-around in place where non-local service IPs for ExternalIP services are not xlated from connect() and friends BPF hooks but instead via less efficient packet-level NAT on the veth tc ingress hook for Pod traffic. On top of determining whether we're in initial or non-initial network namespace we also have a need for a socket-cookie like mechanism for network namespaces scope. Socket cookies have the nice property that they can be combined as part of the key structure e.g. for BPF LRU maps without having to worry that the cookie could be recycled. We are planning to use this for our sessionAffinity implementation for services. Therefore, add a new bpf_get_netns_cookie() helper which would resolve both use cases at once: bpf_get_netns_cookie(NULL) would provide the cookie for the initial network namespace while passing the context instead of NULL would provide the cookie from the application's network namespace. We're using a hole, so no size increase; the assignment happens only once. Therefore this allows for a comparison on initial namespace as well as regular cookie usage as we have today with socket cookies. We could later on enable this helper for other program types as well as we would see need. (*) Both externalTrafficPolicy={Local|Cluster} types [0] https://github.com/cilium/cilium/blob/master/bpf/bpf_sock.c Signed-off-by: Daniel Borkmann Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/c47d2346982693a9cf9da0e12690453aded4c788.1585323121.git.daniel@iogearbox.net","include/linux/bpf.h | 1 +; include/net/net_namespace.h | 10 ++++++++++; include/uapi/linux/bpf.h | 16 +++++++++++++++-; kernel/bpf/verifier.c | 16 ++++++++++------; net/core/filter.c | 37 +++++++++++++++++++++++++++++++++++++; net/core/net_namespace.c | 15 +++++++++++++++; tools/include/uapi/linux/bpf.h | 16 +++++++++++++++-; 7 files changed, 103 insertions(+), 8 deletions(-)","This commit introduces netns cookie support for BPF cgroup hooks to improve namespace handling in Cilium's Kubernetes integration.","netns,cookie,BPF","A new feature. It adds a new capability or feature that was not previously present.","Complex. Affects more than 100 lines or across 5 or more files. Involves significant changes such as adding new subsystems or refactoring core components requiring deep system knowledge.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['cgroup type related programs. It affects programs managing resource limits or network behavior via control groups (cgroups).']" +"fcf752ea8c9493acc33280e72112ea6108a0d104","fcf752ea8c9493acc33280e72112ea6108a0d104","Daniel Borkmann","daniel@iogearbox.net","1585324731","Alexei Starovoitov","ast@kernel.org","1585363238","e6ca715778403e990f3182e370e00e4d6dbed469","0e53d9e5e82056555020c47ee0c7a087147be084","bpf: Enable perf event rb output for bpf cgroup progs Currently, connect(), sendmsg(), recvmsg() and bind-related hooks are all lacking perf event rb output in order to push notifications or monitoring events up to user space. Back in commit a5a3a828cd00 (""bpf: add perf event notificaton support for sock_ops""), I've worked with Sowmini to enable them for sock_ops where the context part is not used (as opposed to skbs for example where the packet data can be appended). Make the bpf_sockopt_event_output() helper generic and enable it for mentioned hooks. Signed-off-by: Daniel Borkmann Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/69c39daf87e076b31e52473c902e9bfd37559124.1585323121.git.daniel@iogearbox.net","net/core/filter.c | 14 +++++++++-----; 1 file changed, 9 insertions(+), 5 deletions(-)","The commit enhances BPF cgroup programs by enabling perf event ring buffer output for connect and sendmsg hooks.","perf,routing,output","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The implementation happens in other subsystem and is related to eBPF events. e.g. probes perf events tracepoints network scheduler HID LSM etc. Note it's still related to how eBPF programs interact with these events.","eBPF events related Logic. E.g. It changes how events like XDP socket tc or tracing events like tracepoint profile k/uprobe or others like HID schedule LSM attached or affect eBPF programs.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.', ""It's not related to any above because it improves the overall eBPF infrastructure. It enhances core infrastructure components like the verifier btf or runtime.""]" +"0e53d9e5e82056555020c47ee0c7a087147be084","0e53d9e5e82056555020c47ee0c7a087147be084","Daniel Borkmann","daniel@iogearbox.net","1585324730","Alexei Starovoitov","ast@kernel.org","1585363238","4b73d6302c76cbcb11e9e2dc429af19f8ae33b74","f54a5bba120398e4d404e9553e6b92e6822eade0","bpf: Enable retrieval of socket cookie for bind/post-bind hook We currently make heavy use of the socket cookie in BPF's connect(), sendmsg() and recvmsg() hooks for load-balancing decisions. However, it is currently not enabled/implemented in BPF {post-}bind hooks where it can later be used in combination for correlation in the tc egress path, for example. Signed-off-by: Daniel Borkmann Signed-off-by: Alexei Starovoitov Link: https://lore.kernel.org/bpf/e9d71f310715332f12d238cc650c1edc5be55119.1585323121.git.daniel@iogearbox.net","net/core/filter.c | 14 ++++++++++++++; 1 file changed, 14 insertions(+)","Enables socket cookie retrieval for BPF in bind and post-bind hooks for better correlation with tc egress.","socket,cookie,bind","A new feature. It adds a new capability or feature that was not previously present.","Simple. Affects 1-20 lines or across 1-2 files. Typically involves minor bug fixes or small refactoring tasks. requiring minimal configuration or understanding of the system.","The helper and kfuncs. It modifies or adds helpers and kernel functions that eBPF programs can call.","Runtime features Logic. E.g. It modifies how runtime features such as helpers kfuncs interact with kernel component or the runtime configurations.","['Socket related type programs. It relates to programs that process socket-level events such as filtering or manipulating socket traffic.']" +"a0ba26f37ea04e025a793ef5e5ac809221728ecb","a0ba26f37ea04e025a793ef5e5ac809221728ecb","David S. Miller","davem@davemloft.net","1585351131","David S. Miller","davem@davemloft.net","1585351131","6c8d969bfb7ccb4d46ab9b6e79aa36c2e2945486","2e8c339b4946490a922a21aa8cd869c6cfad2023 5c6f25887963f15492b604dd25cb149c501bbabf","Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf Daniel Borkmann says: ==================== pull-request: bpf 2020-03-27 The following pull-request contains BPF updates for your *net* tree. We've added 3 non-merge commits during the last 4 day(s) which contain a total of 4 files changed, 25 insertions(+), 20 deletions(-). The main changes are: 1) Explicitly memset the bpf_attr structure on bpf() syscall to avoid having to rely on compiler to do so. Issues have been noticed on some compilers with padding and other oddities where the request was then unexpectedly rejected, from Greg Kroah-Hartman. 2) Sanitize the bpf_struct_ops TCP congestion control name in order to avoid problematic characters such as whitespaces, from Martin KaFai Lau. ==================== Signed-off-by: David S. Miller ","","This commit merges BPF updates to the net tree with memset and naming sanitization improvements.","merge,BPF,net","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"e00dd941ff9fa6ed920da5ead95d2598170fe4ea","e00dd941ff9fa6ed920da5ead95d2598170fe4ea","David S. Miller","davem@davemloft.net","1585346215","David S. Miller","davem@davemloft.net","1585346215","08abcd738b1db515debad3cd3559c3451beca21e","8262e6f9b1034ede34548a04dec4c302d92c9497 4c59406ed00379c8663f8663d82b2537467ce9d7","Merge branch 'master' of git://git.kernel.org/pub/scm/linux/kernel/git/klassert/ipsec Steffen Klassert says: ==================== pull request (net): ipsec 2020-03-27 1) Handle NETDEV_UNREGISTER for xfrm device to handle asynchronous unregister events cleanly. From Raed Salem. 2) Fix vti6 tunnel inter address family TX through bpf_redirect(). From Nicolas Dichtel. 3) Fix lenght check in verify_sec_ctx_len() to avoid a slab-out-of-bounds. From Xin Long. 4) Add a missing verify_sec_ctx_len check in xfrm_add_acquire to avoid a possible out-of-bounds to access. From Xin Long. 5) Use built-in RCU list checking of hlist_for_each_entry_rcu to silence false lockdep warning in __xfrm6_tunnel_spi_lookup when CONFIG_PROVE_RCU_LIST is enabled. From Madhuparna Bhowmik. 6) Fix a panic on esp offload when crypto is done asynchronously. From Xin Long. 7) Fix a skb memory leak in an error path of vti6_rcv. From Torsten Hilbrich. 8) Fix a race that can lead to a doulbe free in xfrm_policy_timer. From Xin Long. ==================== Signed-off-by: David S. Miller ","","The merge commit incorporates multiple fixes and improvements from the ipsec branch into the master branch.","merge,ipsec,fixes","It's like a merge commit. It merges changes from another branch or repository.","Merge-like. The commit merges multiple branches or contains changes that affect various features or components. making it broader than a typical feature or bug fix.","It's like a merge commit. It includes significant changes across multiple components of the system.","It's likely a merge commit. E.g. It involves changes across multiple logic components or is related to merging branches.","[""It's likely a merge commit. It involves changes across multiple use cases or events.""]" +"96aaab686505c449e24d76e76507290dcc30e008","96aaab686505c449e24d76e76507290dcc30e008","Namhyung Kim","namhyung@kernel.org","1585140328","Arnaldo Carvalho de Melo","acme@redhat.com","1585316351","5ae11be96bfc7fd31550aed9ba75555ceb494900","26567ed79d13ec54b2c5661ce8a07fd149a23a9b","perf/core: Add PERF_RECORD_CGROUP event To support cgroup tracking, add CGROUP event to save a link between cgroup path and id number. This is needed since cgroups can go away when userspace tries to read the cgroup info (from the id) later. The attr.cgroup bit was also added to enable cgroup tracking from userspace. This event will be generated when a new cgroup becomes active. Userspace might need to synthesize those events for existing cgroups. Committer testing: From the resulting kernel, using /sys/kernel/btf/vmlinux: $ pahole perf_event_attr | grep -w cgroup -B5 -A1 __u64 write_backward:1; /* 40:27 8 */ __u64 namespaces:1; /* 40:28 8 */ __u64 ksymbol:1; /* 40:29 8 */ __u64 bpf_event:1; /* 40:30 8 */ __u64 aux_output:1; /* 40:31 8 */ __u64 cgroup:1; /* 40:32 8 */ __u64 __reserved_1:31; /* 40:33 8 */ $ Reported-by: kbuild test robot Signed-off-by: Namhyung Kim Tested-by: Arnaldo Carvalho de Melo Acked-by: Peter Zijlstra (Intel) Acked-by: Tejun Heo [staticize perf_event_cgroup function] Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Jiri Olsa Cc: Johannes Weiner Cc: Mark Rutland Cc: Zefan Li Link: http://lore.kernel.org/lkml/20200325124536.2800725-2-namhyung@kernel.org Signed-off-by: Arnaldo Carvalho de Melo ","include/uapi/linux/perf_event.h | 13 ++++-; kernel/events/core.c | 111 ++++++++++++++++++++++++++++++++++++++++; 2 files changed, 123 insertions(+), 1 deletion(-)","Add PERF_RECORD_CGROUP event for cgroup tracking in perf to link cgroup paths and IDs.","PERF_RECORD_CGROUP,cgroup,tracking","A new feature. It adds a new capability or feature that was not previously present.","Moderate. Affects 21-100 lines or across a few files (up to 3-4). Involves adding or modifying features or making structural changes that require some system knowledge.","It's not related to any above. It affects an implementation component is totally unrelated to the BPF subsystem. It's not related to any above because it totally not related to the BPF subsystem. It's a rare case wrong data and need removed.","It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.","[""It's not related to any above because it totally not related to the BPF subsystem. The affected componenet and message has no interaction with BPF subsystem at all. It's a rare case wrong data and need removed.""]" +"26567ed79d13ec54b2c5661ce8a07fd149a23a9b","26567ed79d13ec54b2c5661ce8a07fd149a23a9b","Hagen Paul Pfeifer","hagen@jauu.net","1580837829","Arnaldo Carvalho de Melo","acme@redhat.com","1585316327","786cda16b9c9dc1101db527e6a67a14477d7e71b","26cec7480e7edaa9dead4912055078b98c1d192e","perf script: Introduce --deltatime option For some kind of analysis a deltatime output is more human friendly and reduce the cognitive load for further analysis. The following output demonstrate the new option ""deltatime"": calculate the time difference in relation to the previous event. $ perf script --deltatime test 2525 [001] 0.000000: sdt_libev:ev_add: (5635e72a5ebd) test 2525 [001] 0.000091: sdt_libev:epoll_wait_enter: (5635e72a76a9) test 2525 [001] 1.000051: sdt_libev:epoll_wait_return: (5635e72a772e) arg1=1 test 2525 [001] 0.000685: sdt_libev:ev_add: (5635e72a5ebd) test 2525 [001] 0.000048: sdt_libev:epoll_wait_enter: (5635e72a76a9) test 2525 [001] 1.000104: sdt_libev:epoll_wait_return: (5635e72a772e) arg1=1 test 2525 [001] 0.003895: sdt_libev:epoll_wait_enter: (5635e72a76a9) test 2525 [001] 0.996034: sdt_libev:epoll_wait_return: (5635e72a772e) arg1=1 test 2525 [001] 0.000058: sdt_libev:epoll_wait_enter: (5635e72a76a9) test 2525 [001] 1.000004: sdt_libev:epoll_wait_return: (5635e72a772e) arg1=1 test 2525 [001] 0.000064: sdt_libev:epoll_wait_enter: (5635e72a76a9) test 2525 [001] 0.999934: sdt_libev:epoll_wait_return: (5635e72a772e) arg1=1 test 2525 [001] 0.000056: sdt_libev:epoll_wait_enter: (5635e72a76a9) test 2525 [001] 0.999930: sdt_libev:epoll_wait_return: (5635e72a772e) arg1=1 Committer testing: So go from default output to --reltime and then this new --deltatime, to contrast the various timestamp presentation modes for a random perf.data file I had laying around: [root@five ~]# perf script --reltime | head perf 442394 [000] 0.000000: 16 cycles: ffffffff9706e544 native_write_msr+0x4 (/usr/lib/debug/lib/modules/5.5.10-200.fc31.x86_64/vmlinux) perf 442394 [000] 0.000002: 16 cycles: ffffffff9706e544 native_write_msr+0x4 (/usr/lib/debug/lib/modules/5.5.10-200.fc31.x86_64/vmlinux) perf 442394 [000] 0.000004: 16 cycles: ffffffff9706e544 native_write_msr+0x4 (/usr/lib/debug/lib/modules/5.5.10-200.fc31.x86_64/vmlinux) perf 442394 [000] 0.000006: 128 cycles: ffffffff972415a1 perf_event_update_userpage+0x1 (/usr/lib/debug/lib/modules/5.5.10-200.fc31.x86_64/vmlinux) perf 442394 [000] 0.000009: 2597 cycles: ffffffff97463785 cap_task_setscheduler+0x5 (/usr/lib/debug/lib/modules/5.5.10-200.fc31.x86_64/vmlinux) perf 442394 [001] 0.000036: 16 cycles: ffffffff9706e544 native_write_msr+0x4 (/usr/lib/debug/lib/modules/5.5.10-200.fc31.x86_64/vmlinux) perf 442394 [001] 0.000038: 16 cycles: ffffffff9706e544 native_write_msr+0x4 (/usr/lib/debug/lib/modules/5.5.10-200.fc31.x86_64/vmlinux) perf 442394 [001] 0.000040: 16 cycles: ffffffff9706e544 native_write_msr+0x4 (/usr/lib/debug/lib/modules/5.5.10-200.fc31.x86_64/vmlinux) perf 442394 [001] 0.000041: 224 cycles: ffffffff9700a53a perf_ibs_handle_irq+0x1da (/usr/lib/debug/lib/modules/5.5.10-200.fc31.x86_64/vmlinux) perf 442394 [001] 0.000044: 4439 cycles: ffffffff97120d85 put_prev_entity+0x45 (/usr/lib/debug/lib/modules/5.5.10-200.fc31.x86_64/vmlinux) [root@five ~]# perf script --deltatime | head perf 442394 [000] 0.000000: 16 cycles: ffffffff9706e544 native_write_msr+0x4 (/usr/lib/debug/lib/modules/5.5.10-200.fc31.x86_64/vmlinux) perf 442394 [000] 0.000002: 16 cycles: ffffffff9706e544 native_write_msr+0x4 (/usr/lib/debug/lib/modules/5.5.10-200.fc31.x86_64/vmlinux) perf 442394 [000] 0.000001: 16 cycles: ffffffff9706e544 native_write_msr+0x4 (/usr/lib/debug/lib/modules/5.5.10-200.fc31.x86_64/vmlinux) perf 442394 [000] 0.000001: 128 cycles: ffffffff972415a1 perf_event_update_userpage+0x1 (/usr/lib/debug/lib/modules/5.5.10-200.fc31.x86_64/vmlinux) perf 442394 [000] 0.000002: 2597 cycles: ffffffff97463785 cap_task_setscheduler+0x5 (/usr/lib/debug/lib/modules/5.5.10-200.fc31.x86_64/vmlinux) perf 442394 [001] 0.000027: 16 cycles: ffffffff9706e544 native_write_msr+0x4 (/usr/lib/debug/lib/modules/5.5.10-200.fc31.x86_64/vmlinux) perf 442394 [001] 0.000002: 16 cycles: ffffffff9706e544 native_write_msr+0x4 (/usr/lib/debug/lib/modules/5.5.10-200.fc31.x86_64/vmlinux) perf 442394 [001] 0.000001: 16 cycles: ffffffff9706e544 native_write_msr+0x4 (/usr/lib/debug/lib/modules/5.5.10-200.fc31.x86_64/vmlinux) perf 442394 [001] 0.000001: 224 cycles: ffffffff9700a53a perf_ibs_handle_irq+0x1da (/usr/lib/debug/lib/modules/5.5.10-200.fc31.x86_64/vmlinux) perf 442394 [001] 0.000002: 4439 cycles: ffffffff97120d85 put_prev_entity+0x45 (/usr/lib/debug/lib/modules/5.5.10-200.fc31.x86_64/vmlinux) [root@five ~]# perf script | head perf 442394 [000] 7600.157861: 16 cycles: ffffffff9706e544 native_write_msr+0x4 (/usr/lib/debug/lib/modules/5.5.10-200.fc31.x86_64/vmlinux) perf 442394 [000] 7600.157864: 16 cycles: ffffffff9706e544 native_write_msr+0x4 (/usr/lib/debug/lib/modules/5.5.10-200.fc31.x86_64/vmlinux) perf 442394 [000] 7600.157866: 16 cycles: ffffffff9706e544 native_write_msr+0x4 (/usr/lib/debug/lib/modules/5.5.10-200.fc31.x86_64/vmlinux) perf 442394 [000] 7600.157867: 128 cycles: ffffffff972415a1 perf_event_update_userpage+0x1 (/usr/lib/debug/lib/modules/5.5.10-200.fc31.x86_64/vmlinux) perf 442394 [000] 7600.157870: 2597 cycles: ffffffff97463785 cap_task_setscheduler+0x5 (/usr/lib/debug/lib/modules/5.5.10-200.fc31.x86_64/vmlinux) perf 442394 [001] 7600.157897: 16 cycles: ffffffff9706e544 native_write_msr+0x4 (/usr/lib/debug/lib/modules/5.5.10-200.fc31.x86_64/vmlinux) perf 442394 [001] 7600.157900: 16 cycles: ffffffff9706e544 native_write_msr+0x4 (/usr/lib/debug/lib/modules/5.5.10-200.fc31.x86_64/vmlinux) perf 442394 [001] 7600.157901: 16 cycles: ffffffff9706e544 native_write_msr+0x4 (/usr/lib/debug/lib/modules/5.5.10-200.fc31.x86_64/vmlinux) perf 442394 [001] 7600.157903: 224 cycles: ffffffff9700a53a perf_ibs_handle_irq+0x1da (/usr/lib/debug/lib/modules/5.5.10-200.fc31.x86_64/vmlinux) perf 442394 [001] 7600.157906: 4439 cycles: ffffffff97120d85 put_prev_entity+0x45 (/usr/lib/debug/lib/modules/5.5.10-200.fc31.x86_64/vmlinux) [root@five ~]# Andi suggested we better implement it as a new field, i.e. -F deltatime, like: [root@five ~]# perf script -F deltatime Invalid field requested. Usage: perf script [] or: perf script [] record