385bbf7b11
The current codebase makes use of the zero-length array language extension to the C90 standard, but the preferred mechanism to declare variable-length types such as these ones is a flexible array member[1][2], introduced in C99: struct foo { int stuff; struct boo array[]; }; By making use of the mechanism above, we will get a compiler warning in case the flexible array does not occur last in the structure, which will help us prevent some kind of undefined behavior bugs from being inadvertently introduced[3] to the codebase from now on. Also, notice that, dynamic memory allocations won't be affected by this change: "Flexible array members have incomplete type, and so the sizeof operator may not be applied. As a quirk of the original implementation of zero-length arrays, sizeof evaluates to zero."[1] sizeof(flexible-array-member) triggers a warning because flexible array members have incomplete type[1]. There are some instances of code in which the sizeof operator is being incorrectly/erroneously applied to zero-length arrays and the result is zero. Such instances may be hiding some bugs. So, this work (flexible-array member conversions) will also help to get completely rid of those sorts of issues. This issue was found with the help of Coccinelle. [1] https://gcc.gnu.org/onlinedocs/gcc/Zero-Length.html [2] https://github.com/KSPP/linux/issues/21 [3] commit 76497732932f ("cxgb3/l2t: Fix undefined behaviour") Signed-off-by: Gustavo A. R. Silva <gustavoars@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Acked-by: Yonghong Song <yhs@fb.com> Link: https://lore.kernel.org/bpf/20200507185057.GA13981@embeddedor
290 lines
6.8 KiB
C
290 lines
6.8 KiB
C
// SPDX-License-Identifier: GPL-2.0
|
|
/*
|
|
* queue_stack_maps.c: BPF queue and stack maps
|
|
*
|
|
* Copyright (c) 2018 Politecnico di Torino
|
|
*/
|
|
#include <linux/bpf.h>
|
|
#include <linux/list.h>
|
|
#include <linux/slab.h>
|
|
#include <linux/capability.h>
|
|
#include "percpu_freelist.h"
|
|
|
|
#define QUEUE_STACK_CREATE_FLAG_MASK \
|
|
(BPF_F_NUMA_NODE | BPF_F_ACCESS_MASK)
|
|
|
|
struct bpf_queue_stack {
|
|
struct bpf_map map;
|
|
raw_spinlock_t lock;
|
|
u32 head, tail;
|
|
u32 size; /* max_entries + 1 */
|
|
|
|
char elements[] __aligned(8);
|
|
};
|
|
|
|
static struct bpf_queue_stack *bpf_queue_stack(struct bpf_map *map)
|
|
{
|
|
return container_of(map, struct bpf_queue_stack, map);
|
|
}
|
|
|
|
static bool queue_stack_map_is_empty(struct bpf_queue_stack *qs)
|
|
{
|
|
return qs->head == qs->tail;
|
|
}
|
|
|
|
static bool queue_stack_map_is_full(struct bpf_queue_stack *qs)
|
|
{
|
|
u32 head = qs->head + 1;
|
|
|
|
if (unlikely(head >= qs->size))
|
|
head = 0;
|
|
|
|
return head == qs->tail;
|
|
}
|
|
|
|
/* Called from syscall */
|
|
static int queue_stack_map_alloc_check(union bpf_attr *attr)
|
|
{
|
|
if (!capable(CAP_SYS_ADMIN))
|
|
return -EPERM;
|
|
|
|
/* check sanity of attributes */
|
|
if (attr->max_entries == 0 || attr->key_size != 0 ||
|
|
attr->value_size == 0 ||
|
|
attr->map_flags & ~QUEUE_STACK_CREATE_FLAG_MASK ||
|
|
!bpf_map_flags_access_ok(attr->map_flags))
|
|
return -EINVAL;
|
|
|
|
if (attr->value_size > KMALLOC_MAX_SIZE)
|
|
/* if value_size is bigger, the user space won't be able to
|
|
* access the elements.
|
|
*/
|
|
return -E2BIG;
|
|
|
|
return 0;
|
|
}
|
|
|
|
static struct bpf_map *queue_stack_map_alloc(union bpf_attr *attr)
|
|
{
|
|
int ret, numa_node = bpf_map_attr_numa_node(attr);
|
|
struct bpf_map_memory mem = {0};
|
|
struct bpf_queue_stack *qs;
|
|
u64 size, queue_size, cost;
|
|
|
|
size = (u64) attr->max_entries + 1;
|
|
cost = queue_size = sizeof(*qs) + size * attr->value_size;
|
|
|
|
ret = bpf_map_charge_init(&mem, cost);
|
|
if (ret < 0)
|
|
return ERR_PTR(ret);
|
|
|
|
qs = bpf_map_area_alloc(queue_size, numa_node);
|
|
if (!qs) {
|
|
bpf_map_charge_finish(&mem);
|
|
return ERR_PTR(-ENOMEM);
|
|
}
|
|
|
|
memset(qs, 0, sizeof(*qs));
|
|
|
|
bpf_map_init_from_attr(&qs->map, attr);
|
|
|
|
bpf_map_charge_move(&qs->map.memory, &mem);
|
|
qs->size = size;
|
|
|
|
raw_spin_lock_init(&qs->lock);
|
|
|
|
return &qs->map;
|
|
}
|
|
|
|
/* Called when map->refcnt goes to zero, either from workqueue or from syscall */
|
|
static void queue_stack_map_free(struct bpf_map *map)
|
|
{
|
|
struct bpf_queue_stack *qs = bpf_queue_stack(map);
|
|
|
|
/* at this point bpf_prog->aux->refcnt == 0 and this map->refcnt == 0,
|
|
* so the programs (can be more than one that used this map) were
|
|
* disconnected from events. Wait for outstanding critical sections in
|
|
* these programs to complete
|
|
*/
|
|
synchronize_rcu();
|
|
|
|
bpf_map_area_free(qs);
|
|
}
|
|
|
|
static int __queue_map_get(struct bpf_map *map, void *value, bool delete)
|
|
{
|
|
struct bpf_queue_stack *qs = bpf_queue_stack(map);
|
|
unsigned long flags;
|
|
int err = 0;
|
|
void *ptr;
|
|
|
|
raw_spin_lock_irqsave(&qs->lock, flags);
|
|
|
|
if (queue_stack_map_is_empty(qs)) {
|
|
memset(value, 0, qs->map.value_size);
|
|
err = -ENOENT;
|
|
goto out;
|
|
}
|
|
|
|
ptr = &qs->elements[qs->tail * qs->map.value_size];
|
|
memcpy(value, ptr, qs->map.value_size);
|
|
|
|
if (delete) {
|
|
if (unlikely(++qs->tail >= qs->size))
|
|
qs->tail = 0;
|
|
}
|
|
|
|
out:
|
|
raw_spin_unlock_irqrestore(&qs->lock, flags);
|
|
return err;
|
|
}
|
|
|
|
|
|
static int __stack_map_get(struct bpf_map *map, void *value, bool delete)
|
|
{
|
|
struct bpf_queue_stack *qs = bpf_queue_stack(map);
|
|
unsigned long flags;
|
|
int err = 0;
|
|
void *ptr;
|
|
u32 index;
|
|
|
|
raw_spin_lock_irqsave(&qs->lock, flags);
|
|
|
|
if (queue_stack_map_is_empty(qs)) {
|
|
memset(value, 0, qs->map.value_size);
|
|
err = -ENOENT;
|
|
goto out;
|
|
}
|
|
|
|
index = qs->head - 1;
|
|
if (unlikely(index >= qs->size))
|
|
index = qs->size - 1;
|
|
|
|
ptr = &qs->elements[index * qs->map.value_size];
|
|
memcpy(value, ptr, qs->map.value_size);
|
|
|
|
if (delete)
|
|
qs->head = index;
|
|
|
|
out:
|
|
raw_spin_unlock_irqrestore(&qs->lock, flags);
|
|
return err;
|
|
}
|
|
|
|
/* Called from syscall or from eBPF program */
|
|
static int queue_map_peek_elem(struct bpf_map *map, void *value)
|
|
{
|
|
return __queue_map_get(map, value, false);
|
|
}
|
|
|
|
/* Called from syscall or from eBPF program */
|
|
static int stack_map_peek_elem(struct bpf_map *map, void *value)
|
|
{
|
|
return __stack_map_get(map, value, false);
|
|
}
|
|
|
|
/* Called from syscall or from eBPF program */
|
|
static int queue_map_pop_elem(struct bpf_map *map, void *value)
|
|
{
|
|
return __queue_map_get(map, value, true);
|
|
}
|
|
|
|
/* Called from syscall or from eBPF program */
|
|
static int stack_map_pop_elem(struct bpf_map *map, void *value)
|
|
{
|
|
return __stack_map_get(map, value, true);
|
|
}
|
|
|
|
/* Called from syscall or from eBPF program */
|
|
static int queue_stack_map_push_elem(struct bpf_map *map, void *value,
|
|
u64 flags)
|
|
{
|
|
struct bpf_queue_stack *qs = bpf_queue_stack(map);
|
|
unsigned long irq_flags;
|
|
int err = 0;
|
|
void *dst;
|
|
|
|
/* BPF_EXIST is used to force making room for a new element in case the
|
|
* map is full
|
|
*/
|
|
bool replace = (flags & BPF_EXIST);
|
|
|
|
/* Check supported flags for queue and stack maps */
|
|
if (flags & BPF_NOEXIST || flags > BPF_EXIST)
|
|
return -EINVAL;
|
|
|
|
raw_spin_lock_irqsave(&qs->lock, irq_flags);
|
|
|
|
if (queue_stack_map_is_full(qs)) {
|
|
if (!replace) {
|
|
err = -E2BIG;
|
|
goto out;
|
|
}
|
|
/* advance tail pointer to overwrite oldest element */
|
|
if (unlikely(++qs->tail >= qs->size))
|
|
qs->tail = 0;
|
|
}
|
|
|
|
dst = &qs->elements[qs->head * qs->map.value_size];
|
|
memcpy(dst, value, qs->map.value_size);
|
|
|
|
if (unlikely(++qs->head >= qs->size))
|
|
qs->head = 0;
|
|
|
|
out:
|
|
raw_spin_unlock_irqrestore(&qs->lock, irq_flags);
|
|
return err;
|
|
}
|
|
|
|
/* Called from syscall or from eBPF program */
|
|
static void *queue_stack_map_lookup_elem(struct bpf_map *map, void *key)
|
|
{
|
|
return NULL;
|
|
}
|
|
|
|
/* Called from syscall or from eBPF program */
|
|
static int queue_stack_map_update_elem(struct bpf_map *map, void *key,
|
|
void *value, u64 flags)
|
|
{
|
|
return -EINVAL;
|
|
}
|
|
|
|
/* Called from syscall or from eBPF program */
|
|
static int queue_stack_map_delete_elem(struct bpf_map *map, void *key)
|
|
{
|
|
return -EINVAL;
|
|
}
|
|
|
|
/* Called from syscall */
|
|
static int queue_stack_map_get_next_key(struct bpf_map *map, void *key,
|
|
void *next_key)
|
|
{
|
|
return -EINVAL;
|
|
}
|
|
|
|
const struct bpf_map_ops queue_map_ops = {
|
|
.map_alloc_check = queue_stack_map_alloc_check,
|
|
.map_alloc = queue_stack_map_alloc,
|
|
.map_free = queue_stack_map_free,
|
|
.map_lookup_elem = queue_stack_map_lookup_elem,
|
|
.map_update_elem = queue_stack_map_update_elem,
|
|
.map_delete_elem = queue_stack_map_delete_elem,
|
|
.map_push_elem = queue_stack_map_push_elem,
|
|
.map_pop_elem = queue_map_pop_elem,
|
|
.map_peek_elem = queue_map_peek_elem,
|
|
.map_get_next_key = queue_stack_map_get_next_key,
|
|
};
|
|
|
|
const struct bpf_map_ops stack_map_ops = {
|
|
.map_alloc_check = queue_stack_map_alloc_check,
|
|
.map_alloc = queue_stack_map_alloc,
|
|
.map_free = queue_stack_map_free,
|
|
.map_lookup_elem = queue_stack_map_lookup_elem,
|
|
.map_update_elem = queue_stack_map_update_elem,
|
|
.map_delete_elem = queue_stack_map_delete_elem,
|
|
.map_push_elem = queue_stack_map_push_elem,
|
|
.map_pop_elem = stack_map_pop_elem,
|
|
.map_peek_elem = stack_map_peek_elem,
|
|
.map_get_next_key = queue_stack_map_get_next_key,
|
|
};
|