bpf: Implement bpf iterator for map elements
The bpf iterator for map elements are implemented. The bpf program will receive four parameters: bpf_iter_meta *meta: the meta data bpf_map *map: the bpf_map whose elements are traversed void *key: the key of one element void *value: the value of the same element Here, meta and map pointers are always valid, and key has register type PTR_TO_RDONLY_BUF_OR_NULL and value has register type PTR_TO_RDWR_BUF_OR_NULL. The kernel will track the access range of key and value during verification time. Later, these values will be compared against the values in the actual map to ensure all accesses are within range. A new field iter_seq_info is added to bpf_map_ops which is used to add map type specific information, i.e., seq_ops, init/fini seq_file func and seq_file private data size. Subsequent patches will have actual implementation for bpf_map_ops->iter_seq_info. In user space, BPF_ITER_LINK_MAP_FD needs to be specified in prog attr->link_create.flags, which indicates that attr->link_create.target_fd is a map_fd. The reason for such an explicit flag is for possible future cases where one bpf iterator may allow more than one possible customization, e.g., pid and cgroup id for task_file. Current kernel internal implementation only allows the target to register at most one required bpf_iter_link_info. To support the above case, optional bpf_iter_link_info's are needed, the target can be extended to register such link infos, and user provided link_info needs to match one of target supported ones. Signed-off-by: Yonghong Song <yhs@fb.com> Signed-off-by: Alexei Starovoitov <ast@kernel.org> Link: https://lore.kernel.org/bpf/20200723184112.590360-1-yhs@fb.com
This commit is contained in:
parent
afbf21dce6
commit
a5cbe05a66
@ -107,6 +107,9 @@ struct bpf_map_ops {
|
||||
/* BTF name and id of struct allocated by map_alloc */
|
||||
const char * const map_btf_name;
|
||||
int *map_btf_id;
|
||||
|
||||
/* bpf_iter info used to open a seq_file */
|
||||
const struct bpf_iter_seq_info *iter_seq_info;
|
||||
};
|
||||
|
||||
struct bpf_map_memory {
|
||||
@ -1207,12 +1210,18 @@ int bpf_obj_get_user(const char __user *pathname, int flags);
|
||||
int __init bpf_iter_ ## target(args) { return 0; }
|
||||
|
||||
struct bpf_iter_aux_info {
|
||||
struct bpf_map *map;
|
||||
};
|
||||
|
||||
typedef int (*bpf_iter_check_target_t)(struct bpf_prog *prog,
|
||||
struct bpf_iter_aux_info *aux);
|
||||
|
||||
#define BPF_ITER_CTX_ARG_MAX 2
|
||||
struct bpf_iter_reg {
|
||||
const char *target;
|
||||
bpf_iter_check_target_t check_target;
|
||||
u32 ctx_arg_info_size;
|
||||
enum bpf_iter_link_info req_linfo;
|
||||
struct bpf_ctx_arg_aux ctx_arg_info[BPF_ITER_CTX_ARG_MAX];
|
||||
const struct bpf_iter_seq_info *seq_info;
|
||||
};
|
||||
@ -1223,6 +1232,13 @@ struct bpf_iter_meta {
|
||||
u64 seq_num;
|
||||
};
|
||||
|
||||
struct bpf_iter__bpf_map_elem {
|
||||
__bpf_md_ptr(struct bpf_iter_meta *, meta);
|
||||
__bpf_md_ptr(struct bpf_map *, map);
|
||||
__bpf_md_ptr(void *, key);
|
||||
__bpf_md_ptr(void *, value);
|
||||
};
|
||||
|
||||
int bpf_iter_reg_target(const struct bpf_iter_reg *reg_info);
|
||||
void bpf_iter_unreg_target(const struct bpf_iter_reg *reg_info);
|
||||
bool bpf_iter_prog_supported(struct bpf_prog *prog);
|
||||
|
@ -246,6 +246,13 @@ enum bpf_link_type {
|
||||
MAX_BPF_LINK_TYPE,
|
||||
};
|
||||
|
||||
enum bpf_iter_link_info {
|
||||
BPF_ITER_LINK_UNSPEC = 0,
|
||||
BPF_ITER_LINK_MAP_FD = 1,
|
||||
|
||||
MAX_BPF_ITER_LINK_INFO,
|
||||
};
|
||||
|
||||
/* cgroup-bpf attach flags used in BPF_PROG_ATTACH command
|
||||
*
|
||||
* NONE(default): No further bpf programs allowed in the subtree.
|
||||
|
@ -14,11 +14,13 @@ struct bpf_iter_target_info {
|
||||
|
||||
struct bpf_iter_link {
|
||||
struct bpf_link link;
|
||||
struct bpf_iter_aux_info aux;
|
||||
struct bpf_iter_target_info *tinfo;
|
||||
};
|
||||
|
||||
struct bpf_iter_priv_data {
|
||||
struct bpf_iter_target_info *tinfo;
|
||||
const struct bpf_iter_seq_info *seq_info;
|
||||
struct bpf_prog *prog;
|
||||
u64 session_id;
|
||||
u64 seq_num;
|
||||
@ -35,7 +37,8 @@ static DEFINE_MUTEX(link_mutex);
|
||||
/* incremented on every opened seq_file */
|
||||
static atomic64_t session_id;
|
||||
|
||||
static int prepare_seq_file(struct file *file, struct bpf_iter_link *link);
|
||||
static int prepare_seq_file(struct file *file, struct bpf_iter_link *link,
|
||||
const struct bpf_iter_seq_info *seq_info);
|
||||
|
||||
static void bpf_iter_inc_seq_num(struct seq_file *seq)
|
||||
{
|
||||
@ -199,11 +202,25 @@ done:
|
||||
return copied;
|
||||
}
|
||||
|
||||
static const struct bpf_iter_seq_info *
|
||||
__get_seq_info(struct bpf_iter_link *link)
|
||||
{
|
||||
const struct bpf_iter_seq_info *seq_info;
|
||||
|
||||
if (link->aux.map) {
|
||||
seq_info = link->aux.map->ops->iter_seq_info;
|
||||
if (seq_info)
|
||||
return seq_info;
|
||||
}
|
||||
|
||||
return link->tinfo->reg_info->seq_info;
|
||||
}
|
||||
|
||||
static int iter_open(struct inode *inode, struct file *file)
|
||||
{
|
||||
struct bpf_iter_link *link = inode->i_private;
|
||||
|
||||
return prepare_seq_file(file, link);
|
||||
return prepare_seq_file(file, link, __get_seq_info(link));
|
||||
}
|
||||
|
||||
static int iter_release(struct inode *inode, struct file *file)
|
||||
@ -218,8 +235,8 @@ static int iter_release(struct inode *inode, struct file *file)
|
||||
iter_priv = container_of(seq->private, struct bpf_iter_priv_data,
|
||||
target_private);
|
||||
|
||||
if (iter_priv->tinfo->reg_info->seq_info->fini_seq_private)
|
||||
iter_priv->tinfo->reg_info->seq_info->fini_seq_private(seq->private);
|
||||
if (iter_priv->seq_info->fini_seq_private)
|
||||
iter_priv->seq_info->fini_seq_private(seq->private);
|
||||
|
||||
bpf_prog_put(iter_priv->prog);
|
||||
seq->private = iter_priv;
|
||||
@ -318,6 +335,11 @@ bool bpf_iter_prog_supported(struct bpf_prog *prog)
|
||||
|
||||
static void bpf_iter_link_release(struct bpf_link *link)
|
||||
{
|
||||
struct bpf_iter_link *iter_link =
|
||||
container_of(link, struct bpf_iter_link, link);
|
||||
|
||||
if (iter_link->aux.map)
|
||||
bpf_map_put_with_uref(iter_link->aux.map);
|
||||
}
|
||||
|
||||
static void bpf_iter_link_dealloc(struct bpf_link *link)
|
||||
@ -370,14 +392,13 @@ int bpf_iter_link_attach(const union bpf_attr *attr, struct bpf_prog *prog)
|
||||
{
|
||||
struct bpf_link_primer link_primer;
|
||||
struct bpf_iter_target_info *tinfo;
|
||||
struct bpf_iter_aux_info aux = {};
|
||||
struct bpf_iter_link *link;
|
||||
u32 prog_btf_id, target_fd;
|
||||
bool existed = false;
|
||||
u32 prog_btf_id;
|
||||
struct bpf_map *map;
|
||||
int err;
|
||||
|
||||
if (attr->link_create.target_fd || attr->link_create.flags)
|
||||
return -EINVAL;
|
||||
|
||||
prog_btf_id = prog->aux->attach_btf_id;
|
||||
mutex_lock(&targets_mutex);
|
||||
list_for_each_entry(tinfo, &targets, list) {
|
||||
@ -390,6 +411,13 @@ int bpf_iter_link_attach(const union bpf_attr *attr, struct bpf_prog *prog)
|
||||
if (!existed)
|
||||
return -ENOENT;
|
||||
|
||||
/* Make sure user supplied flags are target expected. */
|
||||
target_fd = attr->link_create.target_fd;
|
||||
if (attr->link_create.flags != tinfo->reg_info->req_linfo)
|
||||
return -EINVAL;
|
||||
if (!attr->link_create.flags && target_fd)
|
||||
return -EINVAL;
|
||||
|
||||
link = kzalloc(sizeof(*link), GFP_USER | __GFP_NOWARN);
|
||||
if (!link)
|
||||
return -ENOMEM;
|
||||
@ -403,21 +431,45 @@ int bpf_iter_link_attach(const union bpf_attr *attr, struct bpf_prog *prog)
|
||||
return err;
|
||||
}
|
||||
|
||||
if (tinfo->reg_info->req_linfo == BPF_ITER_LINK_MAP_FD) {
|
||||
map = bpf_map_get_with_uref(target_fd);
|
||||
if (IS_ERR(map)) {
|
||||
err = PTR_ERR(map);
|
||||
goto cleanup_link;
|
||||
}
|
||||
|
||||
aux.map = map;
|
||||
err = tinfo->reg_info->check_target(prog, &aux);
|
||||
if (err) {
|
||||
bpf_map_put_with_uref(map);
|
||||
goto cleanup_link;
|
||||
}
|
||||
|
||||
link->aux.map = map;
|
||||
}
|
||||
|
||||
return bpf_link_settle(&link_primer);
|
||||
|
||||
cleanup_link:
|
||||
bpf_link_cleanup(&link_primer);
|
||||
return err;
|
||||
}
|
||||
|
||||
static void init_seq_meta(struct bpf_iter_priv_data *priv_data,
|
||||
struct bpf_iter_target_info *tinfo,
|
||||
const struct bpf_iter_seq_info *seq_info,
|
||||
struct bpf_prog *prog)
|
||||
{
|
||||
priv_data->tinfo = tinfo;
|
||||
priv_data->seq_info = seq_info;
|
||||
priv_data->prog = prog;
|
||||
priv_data->session_id = atomic64_inc_return(&session_id);
|
||||
priv_data->seq_num = 0;
|
||||
priv_data->done_stop = false;
|
||||
}
|
||||
|
||||
static int prepare_seq_file(struct file *file, struct bpf_iter_link *link)
|
||||
static int prepare_seq_file(struct file *file, struct bpf_iter_link *link,
|
||||
const struct bpf_iter_seq_info *seq_info)
|
||||
{
|
||||
struct bpf_iter_priv_data *priv_data;
|
||||
struct bpf_iter_target_info *tinfo;
|
||||
@ -433,21 +485,21 @@ static int prepare_seq_file(struct file *file, struct bpf_iter_link *link)
|
||||
|
||||
tinfo = link->tinfo;
|
||||
total_priv_dsize = offsetof(struct bpf_iter_priv_data, target_private) +
|
||||
tinfo->reg_info->seq_info->seq_priv_size;
|
||||
priv_data = __seq_open_private(file, tinfo->reg_info->seq_info->seq_ops,
|
||||
seq_info->seq_priv_size;
|
||||
priv_data = __seq_open_private(file, seq_info->seq_ops,
|
||||
total_priv_dsize);
|
||||
if (!priv_data) {
|
||||
err = -ENOMEM;
|
||||
goto release_prog;
|
||||
}
|
||||
|
||||
if (tinfo->reg_info->seq_info->init_seq_private) {
|
||||
err = tinfo->reg_info->seq_info->init_seq_private(priv_data->target_private, NULL);
|
||||
if (seq_info->init_seq_private) {
|
||||
err = seq_info->init_seq_private(priv_data->target_private, &link->aux);
|
||||
if (err)
|
||||
goto release_seq_file;
|
||||
}
|
||||
|
||||
init_seq_meta(priv_data, tinfo, prog);
|
||||
init_seq_meta(priv_data, tinfo, seq_info, prog);
|
||||
seq = file->private_data;
|
||||
seq->private = priv_data->target_private;
|
||||
|
||||
@ -463,6 +515,7 @@ release_prog:
|
||||
|
||||
int bpf_iter_new_fd(struct bpf_link *link)
|
||||
{
|
||||
struct bpf_iter_link *iter_link;
|
||||
struct file *file;
|
||||
unsigned int flags;
|
||||
int err, fd;
|
||||
@ -481,8 +534,8 @@ int bpf_iter_new_fd(struct bpf_link *link)
|
||||
goto free_fd;
|
||||
}
|
||||
|
||||
err = prepare_seq_file(file,
|
||||
container_of(link, struct bpf_iter_link, link));
|
||||
iter_link = container_of(link, struct bpf_iter_link, link);
|
||||
err = prepare_seq_file(file, iter_link, __get_seq_info(iter_link));
|
||||
if (err)
|
||||
goto free_file;
|
||||
|
||||
|
@ -98,10 +98,38 @@ static struct bpf_iter_reg bpf_map_reg_info = {
|
||||
.seq_info = &bpf_map_seq_info,
|
||||
};
|
||||
|
||||
static int bpf_iter_check_map(struct bpf_prog *prog,
|
||||
struct bpf_iter_aux_info *aux)
|
||||
{
|
||||
return -EINVAL;
|
||||
}
|
||||
|
||||
DEFINE_BPF_ITER_FUNC(bpf_map_elem, struct bpf_iter_meta *meta,
|
||||
struct bpf_map *map, void *key, void *value)
|
||||
|
||||
static const struct bpf_iter_reg bpf_map_elem_reg_info = {
|
||||
.target = "bpf_map_elem",
|
||||
.check_target = bpf_iter_check_map,
|
||||
.req_linfo = BPF_ITER_LINK_MAP_FD,
|
||||
.ctx_arg_info_size = 2,
|
||||
.ctx_arg_info = {
|
||||
{ offsetof(struct bpf_iter__bpf_map_elem, key),
|
||||
PTR_TO_RDONLY_BUF_OR_NULL },
|
||||
{ offsetof(struct bpf_iter__bpf_map_elem, value),
|
||||
PTR_TO_RDWR_BUF_OR_NULL },
|
||||
},
|
||||
};
|
||||
|
||||
static int __init bpf_map_iter_init(void)
|
||||
{
|
||||
int ret;
|
||||
|
||||
bpf_map_reg_info.ctx_arg_info[0].btf_id = *btf_bpf_map_id;
|
||||
return bpf_iter_reg_target(&bpf_map_reg_info);
|
||||
ret = bpf_iter_reg_target(&bpf_map_reg_info);
|
||||
if (ret)
|
||||
return ret;
|
||||
|
||||
return bpf_iter_reg_target(&bpf_map_elem_reg_info);
|
||||
}
|
||||
|
||||
late_initcall(bpf_map_iter_init);
|
||||
|
@ -246,6 +246,13 @@ enum bpf_link_type {
|
||||
MAX_BPF_LINK_TYPE,
|
||||
};
|
||||
|
||||
enum bpf_iter_link_info {
|
||||
BPF_ITER_LINK_UNSPEC = 0,
|
||||
BPF_ITER_LINK_MAP_FD = 1,
|
||||
|
||||
MAX_BPF_ITER_LINK_INFO,
|
||||
};
|
||||
|
||||
/* cgroup-bpf attach flags used in BPF_PROG_ATTACH command
|
||||
*
|
||||
* NONE(default): No further bpf programs allowed in the subtree.
|
||||
|
Loading…
Reference in New Issue
Block a user