On 23/11/2023 18:00, Zachary Leaf wrote:
Hi,
Here's v6.
The bpf syscall is updated to propagate user pointers as capabilities in the pure-capability kernel-user ABI (PCuABI). It also includes an approach to support the existing aarch64 ABI (compat64).
One complication here is from the fact this syscall supports many multiplexed sub-commands, some of which are themselves multiplexed with a number of further nested/multiplexed options.
Another complication is that the existing syscall uses a trick of storing user pointers as u64 to avoid needing a compat handler for 32-bit systems. To retain compatibility with the aarch64 ABI and add Morello support, special compat64 conversion and handling is implemented.
Inbound (userspace->kernel) conversion between compat64/native struct layouts is handled upfront on entry to the syscall (with the exception of bpf_xyz_info structs - see patch 8). This minimises changes to sub-command handlers. Some sub-commands require conversion back out to userspace and that by necessity is handled where it occurs.
Patch 1 is not essential to this series but it's a nice debug feature to have and works[1]. It enables BPF_PROG_TYPE_TRACEPOINT which many eBPF kselftests use.
Patches 5,6,8 implement the core compat64 handling. Each commit compiles cleanly but relevant parts will be broken inbetween.
Patch 9 fixes the CHECK_ATTR macro to also check configs passed in via compat64.
Patch 11 finally enables capabilities in the kernel.
Patches 12,13 handles uaccess that occurs in two eBPF helper functions.
The rest are setup/helper functions.
Testing wise, see associated LTP changes below as posted to LTP mailing list[2]. The eBPF LTP tests are fairly minimal and test only a small part of the changes here. There's a new test to test CHECK_ATTR from patch 9.
The kernel kselftests contain many more extensive eBPF tests. They can be built fairly easily natively on aarch64 which is useful for testing compat64. More work needs to be done here though to: a) enable out-of-tree cross-compilation for purecap as well as x86->aarch64 b) replace ptr_to_u64() with casts to uintptr_t in tests c) general libbpf/bpftool enablement and fixes since many tests rely on this d) CONFIG_DEBUG_INFO_BTF required for many tests but this requires the build system to have a recent version of pahole tool
Next steps once we have the core kernel support would be porting libbpf and bpftool for purecap plus work on enabling kselftests as above.
Kernel branch available at: https://git.morello-project.org/zdleaf/linux/-/tree/morello/bpf_v6
Associated LTP test/changes at: https://git.morello-project.org/zdleaf/morello-linux-test-project/-/tree/mor...
Thanks,
Zach
[1] [PATCH v3 0/5] Restore syscall tracing on Morello https://op-lists.linaro.org/archives/list/linux-morello@op-lists.linaro.org/... [2] [PATCH v2 0/3] add eBPF support https://op-lists.linaro.org/archives/list/linux-morello-ltp@op-lists.linaro....
v6:
- Re-work BPF_LINK_CREATE memcpy in convert_compat_bpf_attr()
v5:
- Simplify BPF_LINK_CREATE handling in bpf/syscall.c:convert_compat_bpf_attr()
- Add missing bpf_compat_ptr_field()
- Re-work/fix check_attr() to catch missing enum bpf_cmd values
[...]
[0] [RFC PATCH 0/9] update bpf syscall for PCuABI/compat64 https://op-lists.linaro.org/archives/list/linux-morello@op-lists.linaro.org/... [1] [PATCH 00/10] update bpf syscall for PCuABI/compat64 https://op-lists.linaro.org/archives/list/linux-morello@op-lists.linaro.org/... [2] [PATCH v2 00/12] update bpf syscall for PCuABI/compat64 https://op-lists.linaro.org/archives/list/linux-morello@op-lists.linaro.org/... [3] [PATCH v3 00/12] update bpf syscall for PCuABI/compat64 https://op-lists.linaro.org/archives/list/linux-morello@op-lists.linaro.org/... [4] [PATCH v4 00/12] update bpf syscall for PCuABI/compat64 https://op-lists.linaro.org/archives/list/linux-morello@op-lists.linaro.org/... [5] [PATCH v5 00/12] update bpf syscall for PCuABI/compat64 https://op-lists.linaro.org/archives/list/linux-morello@op-lists.linaro.org/...
Zachary Leaf (13): arm64: morello: enable syscall tracing arch: rename 32bit_compat to compat32 arch: add compat helpers specific to 64-bit stddef: introduce copy_field helper bpf: compat64: add handler and convert bpf_attr in bpf: compat64: bpf_attr convert out bpf/btf: move zero check into btf.c bpf: compat64: handle bpf_{btf,prog,link}_info bpf: compat64: support CHECK_ATTR macro bpf: copy_{to,from}_user_with_ptr helpers bpf: use user pointer types in uAPI structs bpf: use addr for bpf_copy_from_user_with_task bpf: use addr for bpf_copy_from_user
These are now in next (along with the corresponding patches in LTP), thanks and well done!
Kevin
.../morello_transitional_pcuabi_defconfig | 2 +- arch/arm64/include/asm/compat.h | 11 +- arch/arm64/include/asm/ftrace.h | 2 +- arch/arm64/include/asm/mmu_context.h | 2 +- arch/arm64/include/asm/syscall.h | 6 +- arch/arm64/kernel/fpsimd.c | 6 +- arch/arm64/kernel/hw_breakpoint.c | 2 +- arch/arm64/kernel/perf_regs.c | 2 +- arch/arm64/kernel/pointer_auth.c | 6 +- arch/arm64/kernel/process.c | 16 +- arch/arm64/kernel/ptrace.c | 10 +- arch/arm64/kernel/signal.c | 2 +- arch/arm64/kernel/syscall.c | 2 +- arch/mips/include/asm/compat.h | 2 +- arch/parisc/include/asm/compat.h | 2 +- arch/powerpc/include/asm/compat.h | 2 +- arch/s390/include/asm/compat.h | 2 +- arch/sparc/include/asm/compat.h | 4 +- arch/x86/include/asm/compat.h | 2 +- drivers/gpu/drm/amd/amdkfd/kfd_chardev.c | 2 +- drivers/gpu/drm/amd/amdkfd/kfd_process.c | 2 +- drivers/input/input.c | 2 +- drivers/media/rc/bpf-lirc.c | 6 +- fs/ext4/dir.c | 2 +- fs/nfs/dir.c | 2 +- include/linux/bpf.h | 19 + include/linux/bpf_compat.h | 415 +++++++++ include/linux/bpfptr.h | 28 +- include/linux/compat.h | 16 +- include/linux/stddef.h | 3 + include/uapi/linux/bpf.h | 94 +- kernel/bpf/bpf_iter.c | 2 +- kernel/bpf/btf.c | 104 ++- kernel/bpf/cgroup.c | 9 +- kernel/bpf/hashtab.c | 12 +- kernel/bpf/helpers.c | 9 +- kernel/bpf/net_namespace.c | 6 +- kernel/bpf/offload.c | 2 +- kernel/bpf/syscall.c | 842 ++++++++++++++---- kernel/bpf/verifier.c | 20 +- kernel/time/time.c | 2 +- kernel/trace/bpf_trace.c | 6 +- mm/util.c | 2 +- net/bpf/bpf_dummy_struct_ops.c | 8 +- net/bpf/test_run.c | 31 +- net/core/sock_map.c | 6 +- 46 files changed, 1393 insertions(+), 342 deletions(-) create mode 100644 include/linux/bpf_compat.h
-- 2.34.1
linux-morello mailing list -- linux-morello@op-lists.linaro.org To unsubscribe send an email to linux-morello-leave@op-lists.linaro.org