Commit | Line | Data |
---|---|---|
69b693f0 MKL |
1 | /* SPDX-License-Identifier: GPL-2.0 */ |
2 | /* Copyright (c) 2018 Facebook */ | |
3 | ||
4 | #include <uapi/linux/btf.h> | |
5 | #include <uapi/linux/types.h> | |
b00b8dae | 6 | #include <linux/seq_file.h> |
69b693f0 MKL |
7 | #include <linux/compiler.h> |
8 | #include <linux/errno.h> | |
9 | #include <linux/slab.h> | |
f56a653c MKL |
10 | #include <linux/anon_inodes.h> |
11 | #include <linux/file.h> | |
69b693f0 MKL |
12 | #include <linux/uaccess.h> |
13 | #include <linux/kernel.h> | |
78958fca | 14 | #include <linux/idr.h> |
f80442a4 | 15 | #include <linux/sort.h> |
69b693f0 MKL |
16 | #include <linux/bpf_verifier.h> |
17 | #include <linux/btf.h> | |
18 | ||
19 | /* BTF (BPF Type Format) is the meta data format which describes | |
20 | * the data types of BPF program/map. Hence, it basically focus | |
21 | * on the C programming language which the modern BPF is primary | |
22 | * using. | |
23 | * | |
24 | * ELF Section: | |
25 | * ~~~~~~~~~~~ | |
26 | * The BTF data is stored under the ".BTF" ELF section | |
27 | * | |
28 | * struct btf_type: | |
29 | * ~~~~~~~~~~~~~~~ | |
30 | * Each 'struct btf_type' object describes a C data type. | |
31 | * Depending on the type it is describing, a 'struct btf_type' | |
32 | * object may be followed by more data. F.e. | |
33 | * To describe an array, 'struct btf_type' is followed by | |
34 | * 'struct btf_array'. | |
35 | * | |
36 | * 'struct btf_type' and any extra data following it are | |
37 | * 4 bytes aligned. | |
38 | * | |
39 | * Type section: | |
40 | * ~~~~~~~~~~~~~ | |
41 | * The BTF type section contains a list of 'struct btf_type' objects. | |
42 | * Each one describes a C type. Recall from the above section | |
43 | * that a 'struct btf_type' object could be immediately followed by extra | |
44 | * data in order to desribe some particular C types. | |
45 | * | |
46 | * type_id: | |
47 | * ~~~~~~~ | |
48 | * Each btf_type object is identified by a type_id. The type_id | |
49 | * is implicitly implied by the location of the btf_type object in | |
50 | * the BTF type section. The first one has type_id 1. The second | |
51 | * one has type_id 2...etc. Hence, an earlier btf_type has | |
52 | * a smaller type_id. | |
53 | * | |
54 | * A btf_type object may refer to another btf_type object by using | |
55 | * type_id (i.e. the "type" in the "struct btf_type"). | |
56 | * | |
57 | * NOTE that we cannot assume any reference-order. | |
58 | * A btf_type object can refer to an earlier btf_type object | |
59 | * but it can also refer to a later btf_type object. | |
60 | * | |
61 | * For example, to describe "const void *". A btf_type | |
62 | * object describing "const" may refer to another btf_type | |
63 | * object describing "void *". This type-reference is done | |
64 | * by specifying type_id: | |
65 | * | |
66 | * [1] CONST (anon) type_id=2 | |
67 | * [2] PTR (anon) type_id=0 | |
68 | * | |
69 | * The above is the btf_verifier debug log: | |
70 | * - Each line started with "[?]" is a btf_type object | |
71 | * - [?] is the type_id of the btf_type object. | |
72 | * - CONST/PTR is the BTF_KIND_XXX | |
73 | * - "(anon)" is the name of the type. It just | |
74 | * happens that CONST and PTR has no name. | |
75 | * - type_id=XXX is the 'u32 type' in btf_type | |
76 | * | |
77 | * NOTE: "void" has type_id 0 | |
78 | * | |
79 | * String section: | |
80 | * ~~~~~~~~~~~~~~ | |
81 | * The BTF string section contains the names used by the type section. | |
82 | * Each string is referred by an "offset" from the beginning of the | |
83 | * string section. | |
84 | * | |
85 | * Each string is '\0' terminated. | |
86 | * | |
87 | * The first character in the string section must be '\0' | |
88 | * which is used to mean 'anonymous'. Some btf_type may not | |
89 | * have a name. | |
90 | */ | |
91 | ||
92 | /* BTF verification: | |
93 | * | |
94 | * To verify BTF data, two passes are needed. | |
95 | * | |
96 | * Pass #1 | |
97 | * ~~~~~~~ | |
98 | * The first pass is to collect all btf_type objects to | |
99 | * an array: "btf->types". | |
100 | * | |
101 | * Depending on the C type that a btf_type is describing, | |
102 | * a btf_type may be followed by extra data. We don't know | |
103 | * how many btf_type is there, and more importantly we don't | |
104 | * know where each btf_type is located in the type section. | |
105 | * | |
106 | * Without knowing the location of each type_id, most verifications | |
107 | * cannot be done. e.g. an earlier btf_type may refer to a later | |
108 | * btf_type (recall the "const void *" above), so we cannot | |
109 | * check this type-reference in the first pass. | |
110 | * | |
111 | * In the first pass, it still does some verifications (e.g. | |
112 | * checking the name is a valid offset to the string section). | |
eb3f595d MKL |
113 | * |
114 | * Pass #2 | |
115 | * ~~~~~~~ | |
116 | * The main focus is to resolve a btf_type that is referring | |
117 | * to another type. | |
118 | * | |
119 | * We have to ensure the referring type: | |
120 | * 1) does exist in the BTF (i.e. in btf->types[]) | |
121 | * 2) does not cause a loop: | |
122 | * struct A { | |
123 | * struct B b; | |
124 | * }; | |
125 | * | |
126 | * struct B { | |
127 | * struct A a; | |
128 | * }; | |
129 | * | |
130 | * btf_type_needs_resolve() decides if a btf_type needs | |
131 | * to be resolved. | |
132 | * | |
133 | * The needs_resolve type implements the "resolve()" ops which | |
134 | * essentially does a DFS and detects backedge. | |
135 | * | |
136 | * During resolve (or DFS), different C types have different | |
137 | * "RESOLVED" conditions. | |
138 | * | |
139 | * When resolving a BTF_KIND_STRUCT, we need to resolve all its | |
140 | * members because a member is always referring to another | |
141 | * type. A struct's member can be treated as "RESOLVED" if | |
142 | * it is referring to a BTF_KIND_PTR. Otherwise, the | |
143 | * following valid C struct would be rejected: | |
144 | * | |
145 | * struct A { | |
146 | * int m; | |
147 | * struct A *a; | |
148 | * }; | |
149 | * | |
150 | * When resolving a BTF_KIND_PTR, it needs to keep resolving if | |
151 | * it is referring to another BTF_KIND_PTR. Otherwise, we cannot | |
152 | * detect a pointer loop, e.g.: | |
153 | * BTF_KIND_CONST -> BTF_KIND_PTR -> BTF_KIND_CONST -> BTF_KIND_PTR + | |
154 | * ^ | | |
155 | * +-----------------------------------------+ | |
156 | * | |
69b693f0 MKL |
157 | */ |
158 | ||
159 | #define BITS_PER_U64 (sizeof(u64) * BITS_PER_BYTE) | |
160 | #define BITS_PER_BYTE_MASK (BITS_PER_BYTE - 1) | |
161 | #define BITS_PER_BYTE_MASKED(bits) ((bits) & BITS_PER_BYTE_MASK) | |
162 | #define BITS_ROUNDDOWN_BYTES(bits) ((bits) >> 3) | |
163 | #define BITS_ROUNDUP_BYTES(bits) \ | |
164 | (BITS_ROUNDDOWN_BYTES(bits) + !!BITS_PER_BYTE_MASKED(bits)) | |
165 | ||
166 | /* 16MB for 64k structs and each has 16 members and | |
167 | * a few MB spaces for the string section. | |
168 | * The hard limit is S32_MAX. | |
169 | */ | |
170 | #define BTF_MAX_SIZE (16 * 1024 * 1024) | |
171 | /* 64k. We can raise it later. The hard limit is S32_MAX. */ | |
172 | #define BTF_MAX_NR_TYPES 65535 | |
173 | ||
174 | #define for_each_member(i, struct_type, member) \ | |
175 | for (i = 0, member = btf_type_member(struct_type); \ | |
176 | i < btf_type_vlen(struct_type); \ | |
177 | i++, member++) | |
178 | ||
eb3f595d MKL |
179 | #define for_each_member_from(i, from, struct_type, member) \ |
180 | for (i = from, member = btf_type_member(struct_type) + from; \ | |
181 | i < btf_type_vlen(struct_type); \ | |
182 | i++, member++) | |
183 | ||
78958fca MKL |
184 | static DEFINE_IDR(btf_idr); |
185 | static DEFINE_SPINLOCK(btf_idr_lock); | |
186 | ||
69b693f0 | 187 | struct btf { |
f80442a4 | 188 | void *data; |
69b693f0 | 189 | struct btf_type **types; |
eb3f595d MKL |
190 | u32 *resolved_ids; |
191 | u32 *resolved_sizes; | |
69b693f0 MKL |
192 | const char *strings; |
193 | void *nohdr_data; | |
f80442a4 | 194 | struct btf_header hdr; |
69b693f0 MKL |
195 | u32 nr_types; |
196 | u32 types_size; | |
197 | u32 data_size; | |
f56a653c | 198 | refcount_t refcnt; |
78958fca MKL |
199 | u32 id; |
200 | struct rcu_head rcu; | |
69b693f0 MKL |
201 | }; |
202 | ||
eb3f595d MKL |
203 | enum verifier_phase { |
204 | CHECK_META, | |
205 | CHECK_TYPE, | |
206 | }; | |
207 | ||
208 | struct resolve_vertex { | |
209 | const struct btf_type *t; | |
210 | u32 type_id; | |
211 | u16 next_member; | |
212 | }; | |
213 | ||
214 | enum visit_state { | |
215 | NOT_VISITED, | |
216 | VISITED, | |
217 | RESOLVED, | |
218 | }; | |
219 | ||
220 | enum resolve_mode { | |
221 | RESOLVE_TBD, /* To Be Determined */ | |
222 | RESOLVE_PTR, /* Resolving for Pointer */ | |
223 | RESOLVE_STRUCT_OR_ARRAY, /* Resolving for struct/union | |
224 | * or array | |
225 | */ | |
226 | }; | |
227 | ||
228 | #define MAX_RESOLVE_DEPTH 32 | |
229 | ||
f80442a4 MKL |
230 | struct btf_sec_info { |
231 | u32 off; | |
232 | u32 len; | |
233 | }; | |
234 | ||
69b693f0 MKL |
235 | struct btf_verifier_env { |
236 | struct btf *btf; | |
eb3f595d MKL |
237 | u8 *visit_states; |
238 | struct resolve_vertex stack[MAX_RESOLVE_DEPTH]; | |
69b693f0 MKL |
239 | struct bpf_verifier_log log; |
240 | u32 log_type_id; | |
eb3f595d MKL |
241 | u32 top_stack; |
242 | enum verifier_phase phase; | |
243 | enum resolve_mode resolve_mode; | |
69b693f0 MKL |
244 | }; |
245 | ||
246 | static const char * const btf_kind_str[NR_BTF_KINDS] = { | |
247 | [BTF_KIND_UNKN] = "UNKNOWN", | |
248 | [BTF_KIND_INT] = "INT", | |
249 | [BTF_KIND_PTR] = "PTR", | |
250 | [BTF_KIND_ARRAY] = "ARRAY", | |
251 | [BTF_KIND_STRUCT] = "STRUCT", | |
252 | [BTF_KIND_UNION] = "UNION", | |
253 | [BTF_KIND_ENUM] = "ENUM", | |
254 | [BTF_KIND_FWD] = "FWD", | |
255 | [BTF_KIND_TYPEDEF] = "TYPEDEF", | |
256 | [BTF_KIND_VOLATILE] = "VOLATILE", | |
257 | [BTF_KIND_CONST] = "CONST", | |
258 | [BTF_KIND_RESTRICT] = "RESTRICT", | |
259 | }; | |
260 | ||
261 | struct btf_kind_operations { | |
262 | s32 (*check_meta)(struct btf_verifier_env *env, | |
263 | const struct btf_type *t, | |
264 | u32 meta_left); | |
eb3f595d MKL |
265 | int (*resolve)(struct btf_verifier_env *env, |
266 | const struct resolve_vertex *v); | |
179cde8c MKL |
267 | int (*check_member)(struct btf_verifier_env *env, |
268 | const struct btf_type *struct_type, | |
269 | const struct btf_member *member, | |
270 | const struct btf_type *member_type); | |
69b693f0 MKL |
271 | void (*log_details)(struct btf_verifier_env *env, |
272 | const struct btf_type *t); | |
b00b8dae MKL |
273 | void (*seq_show)(const struct btf *btf, const struct btf_type *t, |
274 | u32 type_id, void *data, u8 bits_offsets, | |
275 | struct seq_file *m); | |
69b693f0 MKL |
276 | }; |
277 | ||
278 | static const struct btf_kind_operations * const kind_ops[NR_BTF_KINDS]; | |
279 | static struct btf_type btf_void; | |
280 | ||
eb3f595d MKL |
281 | static bool btf_type_is_modifier(const struct btf_type *t) |
282 | { | |
283 | /* Some of them is not strictly a C modifier | |
284 | * but they are grouped into the same bucket | |
285 | * for BTF concern: | |
286 | * A type (t) that refers to another | |
287 | * type through t->type AND its size cannot | |
288 | * be determined without following the t->type. | |
289 | * | |
290 | * ptr does not fall into this bucket | |
291 | * because its size is always sizeof(void *). | |
292 | */ | |
293 | switch (BTF_INFO_KIND(t->info)) { | |
294 | case BTF_KIND_TYPEDEF: | |
295 | case BTF_KIND_VOLATILE: | |
296 | case BTF_KIND_CONST: | |
297 | case BTF_KIND_RESTRICT: | |
298 | return true; | |
299 | } | |
300 | ||
301 | return false; | |
302 | } | |
303 | ||
304 | static bool btf_type_is_void(const struct btf_type *t) | |
305 | { | |
306 | /* void => no type and size info. | |
307 | * Hence, FWD is also treated as void. | |
308 | */ | |
309 | return t == &btf_void || BTF_INFO_KIND(t->info) == BTF_KIND_FWD; | |
310 | } | |
311 | ||
312 | static bool btf_type_is_void_or_null(const struct btf_type *t) | |
313 | { | |
314 | return !t || btf_type_is_void(t); | |
315 | } | |
316 | ||
317 | /* union is only a special case of struct: | |
318 | * all its offsetof(member) == 0 | |
319 | */ | |
320 | static bool btf_type_is_struct(const struct btf_type *t) | |
321 | { | |
322 | u8 kind = BTF_INFO_KIND(t->info); | |
323 | ||
324 | return kind == BTF_KIND_STRUCT || kind == BTF_KIND_UNION; | |
325 | } | |
326 | ||
327 | static bool btf_type_is_array(const struct btf_type *t) | |
328 | { | |
329 | return BTF_INFO_KIND(t->info) == BTF_KIND_ARRAY; | |
330 | } | |
331 | ||
332 | static bool btf_type_is_ptr(const struct btf_type *t) | |
333 | { | |
334 | return BTF_INFO_KIND(t->info) == BTF_KIND_PTR; | |
335 | } | |
336 | ||
337 | static bool btf_type_is_int(const struct btf_type *t) | |
338 | { | |
339 | return BTF_INFO_KIND(t->info) == BTF_KIND_INT; | |
340 | } | |
341 | ||
342 | /* What types need to be resolved? | |
343 | * | |
344 | * btf_type_is_modifier() is an obvious one. | |
345 | * | |
346 | * btf_type_is_struct() because its member refers to | |
347 | * another type (through member->type). | |
348 | ||
349 | * btf_type_is_array() because its element (array->type) | |
350 | * refers to another type. Array can be thought of a | |
351 | * special case of struct while array just has the same | |
352 | * member-type repeated by array->nelems of times. | |
353 | */ | |
354 | static bool btf_type_needs_resolve(const struct btf_type *t) | |
355 | { | |
356 | return btf_type_is_modifier(t) || | |
357 | btf_type_is_ptr(t) || | |
358 | btf_type_is_struct(t) || | |
359 | btf_type_is_array(t); | |
360 | } | |
361 | ||
362 | /* t->size can be used */ | |
363 | static bool btf_type_has_size(const struct btf_type *t) | |
364 | { | |
365 | switch (BTF_INFO_KIND(t->info)) { | |
366 | case BTF_KIND_INT: | |
367 | case BTF_KIND_STRUCT: | |
368 | case BTF_KIND_UNION: | |
369 | case BTF_KIND_ENUM: | |
370 | return true; | |
371 | } | |
372 | ||
373 | return false; | |
374 | } | |
375 | ||
69b693f0 MKL |
376 | static const char *btf_int_encoding_str(u8 encoding) |
377 | { | |
378 | if (encoding == 0) | |
379 | return "(none)"; | |
380 | else if (encoding == BTF_INT_SIGNED) | |
381 | return "SIGNED"; | |
382 | else if (encoding == BTF_INT_CHAR) | |
383 | return "CHAR"; | |
384 | else if (encoding == BTF_INT_BOOL) | |
385 | return "BOOL"; | |
386 | else if (encoding == BTF_INT_VARARGS) | |
387 | return "VARARGS"; | |
388 | else | |
389 | return "UNKN"; | |
390 | } | |
391 | ||
392 | static u16 btf_type_vlen(const struct btf_type *t) | |
393 | { | |
394 | return BTF_INFO_VLEN(t->info); | |
395 | } | |
396 | ||
397 | static u32 btf_type_int(const struct btf_type *t) | |
398 | { | |
399 | return *(u32 *)(t + 1); | |
400 | } | |
401 | ||
402 | static const struct btf_array *btf_type_array(const struct btf_type *t) | |
403 | { | |
404 | return (const struct btf_array *)(t + 1); | |
405 | } | |
406 | ||
407 | static const struct btf_member *btf_type_member(const struct btf_type *t) | |
408 | { | |
409 | return (const struct btf_member *)(t + 1); | |
410 | } | |
411 | ||
412 | static const struct btf_enum *btf_type_enum(const struct btf_type *t) | |
413 | { | |
414 | return (const struct btf_enum *)(t + 1); | |
415 | } | |
416 | ||
417 | static const struct btf_kind_operations *btf_type_ops(const struct btf_type *t) | |
418 | { | |
419 | return kind_ops[BTF_INFO_KIND(t->info)]; | |
420 | } | |
421 | ||
422 | static bool btf_name_offset_valid(const struct btf *btf, u32 offset) | |
423 | { | |
424 | return !BTF_STR_TBL_ELF_ID(offset) && | |
f80442a4 | 425 | BTF_STR_OFFSET(offset) < btf->hdr.str_len; |
69b693f0 MKL |
426 | } |
427 | ||
428 | static const char *btf_name_by_offset(const struct btf *btf, u32 offset) | |
429 | { | |
430 | if (!BTF_STR_OFFSET(offset)) | |
431 | return "(anon)"; | |
f80442a4 | 432 | else if (BTF_STR_OFFSET(offset) < btf->hdr.str_len) |
69b693f0 MKL |
433 | return &btf->strings[BTF_STR_OFFSET(offset)]; |
434 | else | |
435 | return "(invalid-name-offset)"; | |
436 | } | |
437 | ||
eb3f595d MKL |
438 | static const struct btf_type *btf_type_by_id(const struct btf *btf, u32 type_id) |
439 | { | |
440 | if (type_id > btf->nr_types) | |
441 | return NULL; | |
442 | ||
443 | return btf->types[type_id]; | |
444 | } | |
445 | ||
4ef5f574 MKL |
446 | /* |
447 | * Regular int is not a bit field and it must be either | |
448 | * u8/u16/u32/u64. | |
449 | */ | |
450 | static bool btf_type_int_is_regular(const struct btf_type *t) | |
451 | { | |
452 | u16 nr_bits, nr_bytes; | |
453 | u32 int_data; | |
454 | ||
455 | int_data = btf_type_int(t); | |
456 | nr_bits = BTF_INT_BITS(int_data); | |
457 | nr_bytes = BITS_ROUNDUP_BYTES(nr_bits); | |
458 | if (BITS_PER_BYTE_MASKED(nr_bits) || | |
459 | BTF_INT_OFFSET(int_data) || | |
460 | (nr_bytes != sizeof(u8) && nr_bytes != sizeof(u16) && | |
461 | nr_bytes != sizeof(u32) && nr_bytes != sizeof(u64))) { | |
462 | return false; | |
463 | } | |
464 | ||
465 | return true; | |
466 | } | |
467 | ||
69b693f0 MKL |
468 | __printf(2, 3) static void __btf_verifier_log(struct bpf_verifier_log *log, |
469 | const char *fmt, ...) | |
470 | { | |
471 | va_list args; | |
472 | ||
473 | va_start(args, fmt); | |
474 | bpf_verifier_vlog(log, fmt, args); | |
475 | va_end(args); | |
476 | } | |
477 | ||
478 | __printf(2, 3) static void btf_verifier_log(struct btf_verifier_env *env, | |
479 | const char *fmt, ...) | |
480 | { | |
481 | struct bpf_verifier_log *log = &env->log; | |
482 | va_list args; | |
483 | ||
484 | if (!bpf_verifier_log_needed(log)) | |
485 | return; | |
486 | ||
487 | va_start(args, fmt); | |
488 | bpf_verifier_vlog(log, fmt, args); | |
489 | va_end(args); | |
490 | } | |
491 | ||
492 | __printf(4, 5) static void __btf_verifier_log_type(struct btf_verifier_env *env, | |
493 | const struct btf_type *t, | |
494 | bool log_details, | |
495 | const char *fmt, ...) | |
496 | { | |
497 | struct bpf_verifier_log *log = &env->log; | |
498 | u8 kind = BTF_INFO_KIND(t->info); | |
499 | struct btf *btf = env->btf; | |
500 | va_list args; | |
501 | ||
502 | if (!bpf_verifier_log_needed(log)) | |
503 | return; | |
504 | ||
505 | __btf_verifier_log(log, "[%u] %s %s%s", | |
506 | env->log_type_id, | |
507 | btf_kind_str[kind], | |
fbcf93eb | 508 | btf_name_by_offset(btf, t->name_off), |
69b693f0 MKL |
509 | log_details ? " " : ""); |
510 | ||
511 | if (log_details) | |
512 | btf_type_ops(t)->log_details(env, t); | |
513 | ||
514 | if (fmt && *fmt) { | |
515 | __btf_verifier_log(log, " "); | |
516 | va_start(args, fmt); | |
517 | bpf_verifier_vlog(log, fmt, args); | |
518 | va_end(args); | |
519 | } | |
520 | ||
521 | __btf_verifier_log(log, "\n"); | |
522 | } | |
523 | ||
524 | #define btf_verifier_log_type(env, t, ...) \ | |
525 | __btf_verifier_log_type((env), (t), true, __VA_ARGS__) | |
526 | #define btf_verifier_log_basic(env, t, ...) \ | |
527 | __btf_verifier_log_type((env), (t), false, __VA_ARGS__) | |
528 | ||
529 | __printf(4, 5) | |
530 | static void btf_verifier_log_member(struct btf_verifier_env *env, | |
531 | const struct btf_type *struct_type, | |
532 | const struct btf_member *member, | |
533 | const char *fmt, ...) | |
534 | { | |
535 | struct bpf_verifier_log *log = &env->log; | |
536 | struct btf *btf = env->btf; | |
537 | va_list args; | |
538 | ||
539 | if (!bpf_verifier_log_needed(log)) | |
540 | return; | |
541 | ||
eb3f595d MKL |
542 | /* The CHECK_META phase already did a btf dump. |
543 | * | |
544 | * If member is logged again, it must hit an error in | |
545 | * parsing this member. It is useful to print out which | |
546 | * struct this member belongs to. | |
547 | */ | |
548 | if (env->phase != CHECK_META) | |
549 | btf_verifier_log_type(env, struct_type, NULL); | |
550 | ||
69b693f0 | 551 | __btf_verifier_log(log, "\t%s type_id=%u bits_offset=%u", |
fbcf93eb | 552 | btf_name_by_offset(btf, member->name_off), |
69b693f0 MKL |
553 | member->type, member->offset); |
554 | ||
555 | if (fmt && *fmt) { | |
556 | __btf_verifier_log(log, " "); | |
557 | va_start(args, fmt); | |
558 | bpf_verifier_vlog(log, fmt, args); | |
559 | va_end(args); | |
560 | } | |
561 | ||
562 | __btf_verifier_log(log, "\n"); | |
563 | } | |
564 | ||
f80442a4 MKL |
565 | static void btf_verifier_log_hdr(struct btf_verifier_env *env, |
566 | u32 btf_data_size) | |
69b693f0 MKL |
567 | { |
568 | struct bpf_verifier_log *log = &env->log; | |
569 | const struct btf *btf = env->btf; | |
570 | const struct btf_header *hdr; | |
571 | ||
572 | if (!bpf_verifier_log_needed(log)) | |
573 | return; | |
574 | ||
f80442a4 | 575 | hdr = &btf->hdr; |
69b693f0 MKL |
576 | __btf_verifier_log(log, "magic: 0x%x\n", hdr->magic); |
577 | __btf_verifier_log(log, "version: %u\n", hdr->version); | |
578 | __btf_verifier_log(log, "flags: 0x%x\n", hdr->flags); | |
f80442a4 | 579 | __btf_verifier_log(log, "hdr_len: %u\n", hdr->hdr_len); |
69b693f0 | 580 | __btf_verifier_log(log, "type_off: %u\n", hdr->type_off); |
f80442a4 | 581 | __btf_verifier_log(log, "type_len: %u\n", hdr->type_len); |
69b693f0 MKL |
582 | __btf_verifier_log(log, "str_off: %u\n", hdr->str_off); |
583 | __btf_verifier_log(log, "str_len: %u\n", hdr->str_len); | |
f80442a4 | 584 | __btf_verifier_log(log, "btf_total_size: %u\n", btf_data_size); |
69b693f0 MKL |
585 | } |
586 | ||
587 | static int btf_add_type(struct btf_verifier_env *env, struct btf_type *t) | |
588 | { | |
589 | struct btf *btf = env->btf; | |
590 | ||
591 | /* < 2 because +1 for btf_void which is always in btf->types[0]. | |
592 | * btf_void is not accounted in btf->nr_types because btf_void | |
593 | * does not come from the BTF file. | |
594 | */ | |
595 | if (btf->types_size - btf->nr_types < 2) { | |
596 | /* Expand 'types' array */ | |
597 | ||
598 | struct btf_type **new_types; | |
599 | u32 expand_by, new_size; | |
600 | ||
601 | if (btf->types_size == BTF_MAX_NR_TYPES) { | |
602 | btf_verifier_log(env, "Exceeded max num of types"); | |
603 | return -E2BIG; | |
604 | } | |
605 | ||
606 | expand_by = max_t(u32, btf->types_size >> 2, 16); | |
607 | new_size = min_t(u32, BTF_MAX_NR_TYPES, | |
608 | btf->types_size + expand_by); | |
609 | ||
610 | new_types = kvzalloc(new_size * sizeof(*new_types), | |
611 | GFP_KERNEL | __GFP_NOWARN); | |
612 | if (!new_types) | |
613 | return -ENOMEM; | |
614 | ||
615 | if (btf->nr_types == 0) | |
616 | new_types[0] = &btf_void; | |
617 | else | |
618 | memcpy(new_types, btf->types, | |
619 | sizeof(*btf->types) * (btf->nr_types + 1)); | |
620 | ||
621 | kvfree(btf->types); | |
622 | btf->types = new_types; | |
623 | btf->types_size = new_size; | |
624 | } | |
625 | ||
626 | btf->types[++(btf->nr_types)] = t; | |
627 | ||
628 | return 0; | |
629 | } | |
630 | ||
78958fca MKL |
631 | static int btf_alloc_id(struct btf *btf) |
632 | { | |
633 | int id; | |
634 | ||
635 | idr_preload(GFP_KERNEL); | |
636 | spin_lock_bh(&btf_idr_lock); | |
637 | id = idr_alloc_cyclic(&btf_idr, btf, 1, INT_MAX, GFP_ATOMIC); | |
638 | if (id > 0) | |
639 | btf->id = id; | |
640 | spin_unlock_bh(&btf_idr_lock); | |
641 | idr_preload_end(); | |
642 | ||
643 | if (WARN_ON_ONCE(!id)) | |
644 | return -ENOSPC; | |
645 | ||
646 | return id > 0 ? 0 : id; | |
647 | } | |
648 | ||
649 | static void btf_free_id(struct btf *btf) | |
650 | { | |
651 | unsigned long flags; | |
652 | ||
653 | /* | |
654 | * In map-in-map, calling map_delete_elem() on outer | |
655 | * map will call bpf_map_put on the inner map. | |
656 | * It will then eventually call btf_free_id() | |
657 | * on the inner map. Some of the map_delete_elem() | |
658 | * implementation may have irq disabled, so | |
659 | * we need to use the _irqsave() version instead | |
660 | * of the _bh() version. | |
661 | */ | |
662 | spin_lock_irqsave(&btf_idr_lock, flags); | |
663 | idr_remove(&btf_idr, btf->id); | |
664 | spin_unlock_irqrestore(&btf_idr_lock, flags); | |
665 | } | |
666 | ||
69b693f0 MKL |
667 | static void btf_free(struct btf *btf) |
668 | { | |
669 | kvfree(btf->types); | |
eb3f595d MKL |
670 | kvfree(btf->resolved_sizes); |
671 | kvfree(btf->resolved_ids); | |
69b693f0 MKL |
672 | kvfree(btf->data); |
673 | kfree(btf); | |
674 | } | |
675 | ||
78958fca | 676 | static void btf_free_rcu(struct rcu_head *rcu) |
f56a653c | 677 | { |
78958fca MKL |
678 | struct btf *btf = container_of(rcu, struct btf, rcu); |
679 | ||
680 | btf_free(btf); | |
f56a653c MKL |
681 | } |
682 | ||
683 | void btf_put(struct btf *btf) | |
684 | { | |
78958fca MKL |
685 | if (btf && refcount_dec_and_test(&btf->refcnt)) { |
686 | btf_free_id(btf); | |
687 | call_rcu(&btf->rcu, btf_free_rcu); | |
688 | } | |
f56a653c MKL |
689 | } |
690 | ||
eb3f595d MKL |
691 | static int env_resolve_init(struct btf_verifier_env *env) |
692 | { | |
693 | struct btf *btf = env->btf; | |
694 | u32 nr_types = btf->nr_types; | |
695 | u32 *resolved_sizes = NULL; | |
696 | u32 *resolved_ids = NULL; | |
697 | u8 *visit_states = NULL; | |
698 | ||
699 | /* +1 for btf_void */ | |
700 | resolved_sizes = kvzalloc((nr_types + 1) * sizeof(*resolved_sizes), | |
701 | GFP_KERNEL | __GFP_NOWARN); | |
702 | if (!resolved_sizes) | |
703 | goto nomem; | |
704 | ||
705 | resolved_ids = kvzalloc((nr_types + 1) * sizeof(*resolved_ids), | |
706 | GFP_KERNEL | __GFP_NOWARN); | |
707 | if (!resolved_ids) | |
708 | goto nomem; | |
709 | ||
710 | visit_states = kvzalloc((nr_types + 1) * sizeof(*visit_states), | |
711 | GFP_KERNEL | __GFP_NOWARN); | |
712 | if (!visit_states) | |
713 | goto nomem; | |
714 | ||
715 | btf->resolved_sizes = resolved_sizes; | |
716 | btf->resolved_ids = resolved_ids; | |
717 | env->visit_states = visit_states; | |
718 | ||
719 | return 0; | |
720 | ||
721 | nomem: | |
722 | kvfree(resolved_sizes); | |
723 | kvfree(resolved_ids); | |
724 | kvfree(visit_states); | |
725 | return -ENOMEM; | |
726 | } | |
727 | ||
69b693f0 MKL |
728 | static void btf_verifier_env_free(struct btf_verifier_env *env) |
729 | { | |
eb3f595d | 730 | kvfree(env->visit_states); |
69b693f0 MKL |
731 | kfree(env); |
732 | } | |
733 | ||
eb3f595d MKL |
734 | static bool env_type_is_resolve_sink(const struct btf_verifier_env *env, |
735 | const struct btf_type *next_type) | |
736 | { | |
737 | switch (env->resolve_mode) { | |
738 | case RESOLVE_TBD: | |
739 | /* int, enum or void is a sink */ | |
740 | return !btf_type_needs_resolve(next_type); | |
741 | case RESOLVE_PTR: | |
742 | /* int, enum, void, struct or array is a sink for ptr */ | |
743 | return !btf_type_is_modifier(next_type) && | |
744 | !btf_type_is_ptr(next_type); | |
745 | case RESOLVE_STRUCT_OR_ARRAY: | |
746 | /* int, enum, void or ptr is a sink for struct and array */ | |
747 | return !btf_type_is_modifier(next_type) && | |
748 | !btf_type_is_array(next_type) && | |
749 | !btf_type_is_struct(next_type); | |
750 | default: | |
751 | BUG_ON(1); | |
752 | } | |
753 | } | |
754 | ||
755 | static bool env_type_is_resolved(const struct btf_verifier_env *env, | |
756 | u32 type_id) | |
757 | { | |
758 | return env->visit_states[type_id] == RESOLVED; | |
759 | } | |
760 | ||
761 | static int env_stack_push(struct btf_verifier_env *env, | |
762 | const struct btf_type *t, u32 type_id) | |
763 | { | |
764 | struct resolve_vertex *v; | |
765 | ||
766 | if (env->top_stack == MAX_RESOLVE_DEPTH) | |
767 | return -E2BIG; | |
768 | ||
769 | if (env->visit_states[type_id] != NOT_VISITED) | |
770 | return -EEXIST; | |
771 | ||
772 | env->visit_states[type_id] = VISITED; | |
773 | ||
774 | v = &env->stack[env->top_stack++]; | |
775 | v->t = t; | |
776 | v->type_id = type_id; | |
777 | v->next_member = 0; | |
778 | ||
779 | if (env->resolve_mode == RESOLVE_TBD) { | |
780 | if (btf_type_is_ptr(t)) | |
781 | env->resolve_mode = RESOLVE_PTR; | |
782 | else if (btf_type_is_struct(t) || btf_type_is_array(t)) | |
783 | env->resolve_mode = RESOLVE_STRUCT_OR_ARRAY; | |
784 | } | |
785 | ||
786 | return 0; | |
787 | } | |
788 | ||
789 | static void env_stack_set_next_member(struct btf_verifier_env *env, | |
790 | u16 next_member) | |
791 | { | |
792 | env->stack[env->top_stack - 1].next_member = next_member; | |
793 | } | |
794 | ||
795 | static void env_stack_pop_resolved(struct btf_verifier_env *env, | |
796 | u32 resolved_type_id, | |
797 | u32 resolved_size) | |
798 | { | |
799 | u32 type_id = env->stack[--(env->top_stack)].type_id; | |
800 | struct btf *btf = env->btf; | |
801 | ||
802 | btf->resolved_sizes[type_id] = resolved_size; | |
803 | btf->resolved_ids[type_id] = resolved_type_id; | |
804 | env->visit_states[type_id] = RESOLVED; | |
805 | } | |
806 | ||
807 | static const struct resolve_vertex *env_stack_peak(struct btf_verifier_env *env) | |
808 | { | |
809 | return env->top_stack ? &env->stack[env->top_stack - 1] : NULL; | |
810 | } | |
811 | ||
812 | /* The input param "type_id" must point to a needs_resolve type */ | |
813 | static const struct btf_type *btf_type_id_resolve(const struct btf *btf, | |
814 | u32 *type_id) | |
815 | { | |
816 | *type_id = btf->resolved_ids[*type_id]; | |
817 | return btf_type_by_id(btf, *type_id); | |
818 | } | |
819 | ||
820 | const struct btf_type *btf_type_id_size(const struct btf *btf, | |
821 | u32 *type_id, u32 *ret_size) | |
822 | { | |
823 | const struct btf_type *size_type; | |
824 | u32 size_type_id = *type_id; | |
825 | u32 size = 0; | |
826 | ||
827 | size_type = btf_type_by_id(btf, size_type_id); | |
828 | if (btf_type_is_void_or_null(size_type)) | |
829 | return NULL; | |
830 | ||
831 | if (btf_type_has_size(size_type)) { | |
832 | size = size_type->size; | |
833 | } else if (btf_type_is_array(size_type)) { | |
834 | size = btf->resolved_sizes[size_type_id]; | |
835 | } else if (btf_type_is_ptr(size_type)) { | |
836 | size = sizeof(void *); | |
837 | } else { | |
838 | if (WARN_ON_ONCE(!btf_type_is_modifier(size_type))) | |
839 | return NULL; | |
840 | ||
841 | size = btf->resolved_sizes[size_type_id]; | |
842 | size_type_id = btf->resolved_ids[size_type_id]; | |
843 | size_type = btf_type_by_id(btf, size_type_id); | |
844 | if (btf_type_is_void(size_type)) | |
845 | return NULL; | |
846 | } | |
847 | ||
848 | *type_id = size_type_id; | |
849 | if (ret_size) | |
850 | *ret_size = size; | |
851 | ||
852 | return size_type; | |
853 | } | |
854 | ||
179cde8c MKL |
855 | static int btf_df_check_member(struct btf_verifier_env *env, |
856 | const struct btf_type *struct_type, | |
857 | const struct btf_member *member, | |
858 | const struct btf_type *member_type) | |
859 | { | |
860 | btf_verifier_log_basic(env, struct_type, | |
861 | "Unsupported check_member"); | |
862 | return -EINVAL; | |
863 | } | |
864 | ||
eb3f595d MKL |
865 | static int btf_df_resolve(struct btf_verifier_env *env, |
866 | const struct resolve_vertex *v) | |
867 | { | |
868 | btf_verifier_log_basic(env, v->t, "Unsupported resolve"); | |
869 | return -EINVAL; | |
870 | } | |
871 | ||
b00b8dae MKL |
872 | static void btf_df_seq_show(const struct btf *btf, const struct btf_type *t, |
873 | u32 type_id, void *data, u8 bits_offsets, | |
874 | struct seq_file *m) | |
875 | { | |
876 | seq_printf(m, "<unsupported kind:%u>", BTF_INFO_KIND(t->info)); | |
877 | } | |
878 | ||
179cde8c MKL |
879 | static int btf_int_check_member(struct btf_verifier_env *env, |
880 | const struct btf_type *struct_type, | |
881 | const struct btf_member *member, | |
882 | const struct btf_type *member_type) | |
883 | { | |
884 | u32 int_data = btf_type_int(member_type); | |
885 | u32 struct_bits_off = member->offset; | |
886 | u32 struct_size = struct_type->size; | |
887 | u32 nr_copy_bits; | |
888 | u32 bytes_offset; | |
889 | ||
890 | if (U32_MAX - struct_bits_off < BTF_INT_OFFSET(int_data)) { | |
891 | btf_verifier_log_member(env, struct_type, member, | |
892 | "bits_offset exceeds U32_MAX"); | |
893 | return -EINVAL; | |
894 | } | |
895 | ||
896 | struct_bits_off += BTF_INT_OFFSET(int_data); | |
897 | bytes_offset = BITS_ROUNDDOWN_BYTES(struct_bits_off); | |
898 | nr_copy_bits = BTF_INT_BITS(int_data) + | |
899 | BITS_PER_BYTE_MASKED(struct_bits_off); | |
900 | ||
901 | if (nr_copy_bits > BITS_PER_U64) { | |
902 | btf_verifier_log_member(env, struct_type, member, | |
903 | "nr_copy_bits exceeds 64"); | |
904 | return -EINVAL; | |
905 | } | |
906 | ||
907 | if (struct_size < bytes_offset || | |
908 | struct_size - bytes_offset < BITS_ROUNDUP_BYTES(nr_copy_bits)) { | |
909 | btf_verifier_log_member(env, struct_type, member, | |
910 | "Member exceeds struct_size"); | |
911 | return -EINVAL; | |
912 | } | |
913 | ||
914 | return 0; | |
915 | } | |
916 | ||
69b693f0 MKL |
917 | static s32 btf_int_check_meta(struct btf_verifier_env *env, |
918 | const struct btf_type *t, | |
919 | u32 meta_left) | |
920 | { | |
921 | u32 int_data, nr_bits, meta_needed = sizeof(int_data); | |
922 | u16 encoding; | |
923 | ||
924 | if (meta_left < meta_needed) { | |
925 | btf_verifier_log_basic(env, t, | |
926 | "meta_left:%u meta_needed:%u", | |
927 | meta_left, meta_needed); | |
928 | return -EINVAL; | |
929 | } | |
930 | ||
931 | if (btf_type_vlen(t)) { | |
932 | btf_verifier_log_type(env, t, "vlen != 0"); | |
933 | return -EINVAL; | |
934 | } | |
935 | ||
936 | int_data = btf_type_int(t); | |
937 | nr_bits = BTF_INT_BITS(int_data) + BTF_INT_OFFSET(int_data); | |
938 | ||
939 | if (nr_bits > BITS_PER_U64) { | |
940 | btf_verifier_log_type(env, t, "nr_bits exceeds %zu", | |
941 | BITS_PER_U64); | |
942 | return -EINVAL; | |
943 | } | |
944 | ||
945 | if (BITS_ROUNDUP_BYTES(nr_bits) > t->size) { | |
946 | btf_verifier_log_type(env, t, "nr_bits exceeds type_size"); | |
947 | return -EINVAL; | |
948 | } | |
949 | ||
950 | encoding = BTF_INT_ENCODING(int_data); | |
951 | if (encoding && | |
952 | encoding != BTF_INT_SIGNED && | |
953 | encoding != BTF_INT_CHAR && | |
954 | encoding != BTF_INT_BOOL && | |
955 | encoding != BTF_INT_VARARGS) { | |
956 | btf_verifier_log_type(env, t, "Unsupported encoding"); | |
957 | return -ENOTSUPP; | |
958 | } | |
959 | ||
960 | btf_verifier_log_type(env, t, NULL); | |
961 | ||
962 | return meta_needed; | |
963 | } | |
964 | ||
965 | static void btf_int_log(struct btf_verifier_env *env, | |
966 | const struct btf_type *t) | |
967 | { | |
968 | int int_data = btf_type_int(t); | |
969 | ||
970 | btf_verifier_log(env, | |
971 | "size=%u bits_offset=%u nr_bits=%u encoding=%s", | |
972 | t->size, BTF_INT_OFFSET(int_data), | |
973 | BTF_INT_BITS(int_data), | |
974 | btf_int_encoding_str(BTF_INT_ENCODING(int_data))); | |
975 | } | |
976 | ||
b00b8dae MKL |
977 | static void btf_int_bits_seq_show(const struct btf *btf, |
978 | const struct btf_type *t, | |
979 | void *data, u8 bits_offset, | |
980 | struct seq_file *m) | |
981 | { | |
982 | u32 int_data = btf_type_int(t); | |
983 | u16 nr_bits = BTF_INT_BITS(int_data); | |
984 | u16 total_bits_offset; | |
985 | u16 nr_copy_bytes; | |
986 | u16 nr_copy_bits; | |
987 | u8 nr_upper_bits; | |
988 | union { | |
989 | u64 u64_num; | |
990 | u8 u8_nums[8]; | |
991 | } print_num; | |
992 | ||
993 | total_bits_offset = bits_offset + BTF_INT_OFFSET(int_data); | |
994 | data += BITS_ROUNDDOWN_BYTES(total_bits_offset); | |
995 | bits_offset = BITS_PER_BYTE_MASKED(total_bits_offset); | |
996 | nr_copy_bits = nr_bits + bits_offset; | |
997 | nr_copy_bytes = BITS_ROUNDUP_BYTES(nr_copy_bits); | |
998 | ||
999 | print_num.u64_num = 0; | |
1000 | memcpy(&print_num.u64_num, data, nr_copy_bytes); | |
1001 | ||
1002 | /* Ditch the higher order bits */ | |
1003 | nr_upper_bits = BITS_PER_BYTE_MASKED(nr_copy_bits); | |
1004 | if (nr_upper_bits) { | |
1005 | /* We need to mask out some bits of the upper byte. */ | |
1006 | u8 mask = (1 << nr_upper_bits) - 1; | |
1007 | ||
1008 | print_num.u8_nums[nr_copy_bytes - 1] &= mask; | |
1009 | } | |
1010 | ||
1011 | print_num.u64_num >>= bits_offset; | |
1012 | ||
1013 | seq_printf(m, "0x%llx", print_num.u64_num); | |
1014 | } | |
1015 | ||
1016 | static void btf_int_seq_show(const struct btf *btf, const struct btf_type *t, | |
1017 | u32 type_id, void *data, u8 bits_offset, | |
1018 | struct seq_file *m) | |
1019 | { | |
1020 | u32 int_data = btf_type_int(t); | |
1021 | u8 encoding = BTF_INT_ENCODING(int_data); | |
1022 | bool sign = encoding & BTF_INT_SIGNED; | |
1023 | u32 nr_bits = BTF_INT_BITS(int_data); | |
1024 | ||
1025 | if (bits_offset || BTF_INT_OFFSET(int_data) || | |
1026 | BITS_PER_BYTE_MASKED(nr_bits)) { | |
1027 | btf_int_bits_seq_show(btf, t, data, bits_offset, m); | |
1028 | return; | |
1029 | } | |
1030 | ||
1031 | switch (nr_bits) { | |
1032 | case 64: | |
1033 | if (sign) | |
1034 | seq_printf(m, "%lld", *(s64 *)data); | |
1035 | else | |
1036 | seq_printf(m, "%llu", *(u64 *)data); | |
1037 | break; | |
1038 | case 32: | |
1039 | if (sign) | |
1040 | seq_printf(m, "%d", *(s32 *)data); | |
1041 | else | |
1042 | seq_printf(m, "%u", *(u32 *)data); | |
1043 | break; | |
1044 | case 16: | |
1045 | if (sign) | |
1046 | seq_printf(m, "%d", *(s16 *)data); | |
1047 | else | |
1048 | seq_printf(m, "%u", *(u16 *)data); | |
1049 | break; | |
1050 | case 8: | |
1051 | if (sign) | |
1052 | seq_printf(m, "%d", *(s8 *)data); | |
1053 | else | |
1054 | seq_printf(m, "%u", *(u8 *)data); | |
1055 | break; | |
1056 | default: | |
1057 | btf_int_bits_seq_show(btf, t, data, bits_offset, m); | |
1058 | } | |
1059 | } | |
1060 | ||
69b693f0 MKL |
1061 | static const struct btf_kind_operations int_ops = { |
1062 | .check_meta = btf_int_check_meta, | |
eb3f595d | 1063 | .resolve = btf_df_resolve, |
179cde8c | 1064 | .check_member = btf_int_check_member, |
69b693f0 | 1065 | .log_details = btf_int_log, |
b00b8dae | 1066 | .seq_show = btf_int_seq_show, |
69b693f0 MKL |
1067 | }; |
1068 | ||
179cde8c MKL |
1069 | static int btf_modifier_check_member(struct btf_verifier_env *env, |
1070 | const struct btf_type *struct_type, | |
1071 | const struct btf_member *member, | |
1072 | const struct btf_type *member_type) | |
1073 | { | |
1074 | const struct btf_type *resolved_type; | |
1075 | u32 resolved_type_id = member->type; | |
1076 | struct btf_member resolved_member; | |
1077 | struct btf *btf = env->btf; | |
1078 | ||
1079 | resolved_type = btf_type_id_size(btf, &resolved_type_id, NULL); | |
1080 | if (!resolved_type) { | |
1081 | btf_verifier_log_member(env, struct_type, member, | |
1082 | "Invalid member"); | |
1083 | return -EINVAL; | |
1084 | } | |
1085 | ||
1086 | resolved_member = *member; | |
1087 | resolved_member.type = resolved_type_id; | |
1088 | ||
1089 | return btf_type_ops(resolved_type)->check_member(env, struct_type, | |
1090 | &resolved_member, | |
1091 | resolved_type); | |
1092 | } | |
1093 | ||
1094 | static int btf_ptr_check_member(struct btf_verifier_env *env, | |
1095 | const struct btf_type *struct_type, | |
1096 | const struct btf_member *member, | |
1097 | const struct btf_type *member_type) | |
1098 | { | |
1099 | u32 struct_size, struct_bits_off, bytes_offset; | |
1100 | ||
1101 | struct_size = struct_type->size; | |
1102 | struct_bits_off = member->offset; | |
1103 | bytes_offset = BITS_ROUNDDOWN_BYTES(struct_bits_off); | |
1104 | ||
1105 | if (BITS_PER_BYTE_MASKED(struct_bits_off)) { | |
1106 | btf_verifier_log_member(env, struct_type, member, | |
1107 | "Member is not byte aligned"); | |
1108 | return -EINVAL; | |
1109 | } | |
1110 | ||
1111 | if (struct_size - bytes_offset < sizeof(void *)) { | |
1112 | btf_verifier_log_member(env, struct_type, member, | |
1113 | "Member exceeds struct_size"); | |
1114 | return -EINVAL; | |
1115 | } | |
1116 | ||
1117 | return 0; | |
1118 | } | |
1119 | ||
69b693f0 MKL |
1120 | static int btf_ref_type_check_meta(struct btf_verifier_env *env, |
1121 | const struct btf_type *t, | |
1122 | u32 meta_left) | |
1123 | { | |
1124 | if (btf_type_vlen(t)) { | |
1125 | btf_verifier_log_type(env, t, "vlen != 0"); | |
1126 | return -EINVAL; | |
1127 | } | |
1128 | ||
1129 | if (BTF_TYPE_PARENT(t->type)) { | |
1130 | btf_verifier_log_type(env, t, "Invalid type_id"); | |
1131 | return -EINVAL; | |
1132 | } | |
1133 | ||
1134 | btf_verifier_log_type(env, t, NULL); | |
1135 | ||
1136 | return 0; | |
1137 | } | |
1138 | ||
eb3f595d MKL |
1139 | static int btf_modifier_resolve(struct btf_verifier_env *env, |
1140 | const struct resolve_vertex *v) | |
1141 | { | |
1142 | const struct btf_type *t = v->t; | |
1143 | const struct btf_type *next_type; | |
1144 | u32 next_type_id = t->type; | |
1145 | struct btf *btf = env->btf; | |
1146 | u32 next_type_size = 0; | |
1147 | ||
1148 | next_type = btf_type_by_id(btf, next_type_id); | |
1149 | if (!next_type) { | |
1150 | btf_verifier_log_type(env, v->t, "Invalid type_id"); | |
1151 | return -EINVAL; | |
1152 | } | |
1153 | ||
1154 | /* "typedef void new_void", "const void"...etc */ | |
1155 | if (btf_type_is_void(next_type)) | |
1156 | goto resolved; | |
1157 | ||
1158 | if (!env_type_is_resolve_sink(env, next_type) && | |
1159 | !env_type_is_resolved(env, next_type_id)) | |
1160 | return env_stack_push(env, next_type, next_type_id); | |
1161 | ||
1162 | /* Figure out the resolved next_type_id with size. | |
1163 | * They will be stored in the current modifier's | |
1164 | * resolved_ids and resolved_sizes such that it can | |
1165 | * save us a few type-following when we use it later (e.g. in | |
1166 | * pretty print). | |
1167 | */ | |
1168 | if (!btf_type_id_size(btf, &next_type_id, &next_type_size) && | |
1169 | !btf_type_is_void(btf_type_id_resolve(btf, &next_type_id))) { | |
1170 | btf_verifier_log_type(env, v->t, "Invalid type_id"); | |
1171 | return -EINVAL; | |
1172 | } | |
1173 | ||
1174 | resolved: | |
1175 | env_stack_pop_resolved(env, next_type_id, next_type_size); | |
1176 | ||
1177 | return 0; | |
1178 | } | |
1179 | ||
1180 | static int btf_ptr_resolve(struct btf_verifier_env *env, | |
1181 | const struct resolve_vertex *v) | |
1182 | { | |
1183 | const struct btf_type *next_type; | |
1184 | const struct btf_type *t = v->t; | |
1185 | u32 next_type_id = t->type; | |
1186 | struct btf *btf = env->btf; | |
1187 | u32 next_type_size = 0; | |
1188 | ||
1189 | next_type = btf_type_by_id(btf, next_type_id); | |
1190 | if (!next_type) { | |
1191 | btf_verifier_log_type(env, v->t, "Invalid type_id"); | |
1192 | return -EINVAL; | |
1193 | } | |
1194 | ||
1195 | /* "void *" */ | |
1196 | if (btf_type_is_void(next_type)) | |
1197 | goto resolved; | |
1198 | ||
1199 | if (!env_type_is_resolve_sink(env, next_type) && | |
1200 | !env_type_is_resolved(env, next_type_id)) | |
1201 | return env_stack_push(env, next_type, next_type_id); | |
1202 | ||
1203 | /* If the modifier was RESOLVED during RESOLVE_STRUCT_OR_ARRAY, | |
1204 | * the modifier may have stopped resolving when it was resolved | |
1205 | * to a ptr (last-resolved-ptr). | |
1206 | * | |
1207 | * We now need to continue from the last-resolved-ptr to | |
1208 | * ensure the last-resolved-ptr will not referring back to | |
1209 | * the currenct ptr (t). | |
1210 | */ | |
1211 | if (btf_type_is_modifier(next_type)) { | |
1212 | const struct btf_type *resolved_type; | |
1213 | u32 resolved_type_id; | |
1214 | ||
1215 | resolved_type_id = next_type_id; | |
1216 | resolved_type = btf_type_id_resolve(btf, &resolved_type_id); | |
1217 | ||
1218 | if (btf_type_is_ptr(resolved_type) && | |
1219 | !env_type_is_resolve_sink(env, resolved_type) && | |
1220 | !env_type_is_resolved(env, resolved_type_id)) | |
1221 | return env_stack_push(env, resolved_type, | |
1222 | resolved_type_id); | |
1223 | } | |
1224 | ||
1225 | if (!btf_type_id_size(btf, &next_type_id, &next_type_size) && | |
1226 | !btf_type_is_void(btf_type_id_resolve(btf, &next_type_id))) { | |
1227 | btf_verifier_log_type(env, v->t, "Invalid type_id"); | |
1228 | return -EINVAL; | |
1229 | } | |
1230 | ||
1231 | resolved: | |
1232 | env_stack_pop_resolved(env, next_type_id, 0); | |
1233 | ||
1234 | return 0; | |
1235 | } | |
1236 | ||
b00b8dae MKL |
1237 | static void btf_modifier_seq_show(const struct btf *btf, |
1238 | const struct btf_type *t, | |
1239 | u32 type_id, void *data, | |
1240 | u8 bits_offset, struct seq_file *m) | |
1241 | { | |
1242 | t = btf_type_id_resolve(btf, &type_id); | |
1243 | ||
1244 | btf_type_ops(t)->seq_show(btf, t, type_id, data, bits_offset, m); | |
1245 | } | |
1246 | ||
1247 | static void btf_ptr_seq_show(const struct btf *btf, const struct btf_type *t, | |
1248 | u32 type_id, void *data, u8 bits_offset, | |
1249 | struct seq_file *m) | |
1250 | { | |
1251 | /* It is a hashed value */ | |
1252 | seq_printf(m, "%p", *(void **)data); | |
1253 | } | |
1254 | ||
69b693f0 MKL |
1255 | static void btf_ref_type_log(struct btf_verifier_env *env, |
1256 | const struct btf_type *t) | |
1257 | { | |
1258 | btf_verifier_log(env, "type_id=%u", t->type); | |
1259 | } | |
1260 | ||
1261 | static struct btf_kind_operations modifier_ops = { | |
1262 | .check_meta = btf_ref_type_check_meta, | |
eb3f595d | 1263 | .resolve = btf_modifier_resolve, |
179cde8c | 1264 | .check_member = btf_modifier_check_member, |
69b693f0 | 1265 | .log_details = btf_ref_type_log, |
b00b8dae | 1266 | .seq_show = btf_modifier_seq_show, |
69b693f0 MKL |
1267 | }; |
1268 | ||
1269 | static struct btf_kind_operations ptr_ops = { | |
1270 | .check_meta = btf_ref_type_check_meta, | |
eb3f595d | 1271 | .resolve = btf_ptr_resolve, |
179cde8c | 1272 | .check_member = btf_ptr_check_member, |
69b693f0 | 1273 | .log_details = btf_ref_type_log, |
b00b8dae | 1274 | .seq_show = btf_ptr_seq_show, |
69b693f0 MKL |
1275 | }; |
1276 | ||
1277 | static struct btf_kind_operations fwd_ops = { | |
1278 | .check_meta = btf_ref_type_check_meta, | |
eb3f595d | 1279 | .resolve = btf_df_resolve, |
179cde8c | 1280 | .check_member = btf_df_check_member, |
69b693f0 | 1281 | .log_details = btf_ref_type_log, |
b00b8dae | 1282 | .seq_show = btf_df_seq_show, |
69b693f0 MKL |
1283 | }; |
1284 | ||
179cde8c MKL |
1285 | static int btf_array_check_member(struct btf_verifier_env *env, |
1286 | const struct btf_type *struct_type, | |
1287 | const struct btf_member *member, | |
1288 | const struct btf_type *member_type) | |
1289 | { | |
1290 | u32 struct_bits_off = member->offset; | |
1291 | u32 struct_size, bytes_offset; | |
1292 | u32 array_type_id, array_size; | |
1293 | struct btf *btf = env->btf; | |
1294 | ||
1295 | if (BITS_PER_BYTE_MASKED(struct_bits_off)) { | |
1296 | btf_verifier_log_member(env, struct_type, member, | |
1297 | "Member is not byte aligned"); | |
1298 | return -EINVAL; | |
1299 | } | |
1300 | ||
1301 | array_type_id = member->type; | |
1302 | btf_type_id_size(btf, &array_type_id, &array_size); | |
1303 | struct_size = struct_type->size; | |
1304 | bytes_offset = BITS_ROUNDDOWN_BYTES(struct_bits_off); | |
1305 | if (struct_size - bytes_offset < array_size) { | |
1306 | btf_verifier_log_member(env, struct_type, member, | |
1307 | "Member exceeds struct_size"); | |
1308 | return -EINVAL; | |
1309 | } | |
1310 | ||
1311 | return 0; | |
1312 | } | |
1313 | ||
69b693f0 MKL |
1314 | static s32 btf_array_check_meta(struct btf_verifier_env *env, |
1315 | const struct btf_type *t, | |
1316 | u32 meta_left) | |
1317 | { | |
1318 | const struct btf_array *array = btf_type_array(t); | |
1319 | u32 meta_needed = sizeof(*array); | |
1320 | ||
1321 | if (meta_left < meta_needed) { | |
1322 | btf_verifier_log_basic(env, t, | |
1323 | "meta_left:%u meta_needed:%u", | |
1324 | meta_left, meta_needed); | |
1325 | return -EINVAL; | |
1326 | } | |
1327 | ||
1328 | if (btf_type_vlen(t)) { | |
1329 | btf_verifier_log_type(env, t, "vlen != 0"); | |
1330 | return -EINVAL; | |
1331 | } | |
1332 | ||
4ef5f574 MKL |
1333 | /* Array elem type and index type cannot be in type void, |
1334 | * so !array->type and !array->index_type are not allowed. | |
69b693f0 MKL |
1335 | */ |
1336 | if (!array->type || BTF_TYPE_PARENT(array->type)) { | |
4ef5f574 MKL |
1337 | btf_verifier_log_type(env, t, "Invalid elem"); |
1338 | return -EINVAL; | |
1339 | } | |
1340 | ||
1341 | if (!array->index_type || BTF_TYPE_PARENT(array->index_type)) { | |
1342 | btf_verifier_log_type(env, t, "Invalid index"); | |
69b693f0 MKL |
1343 | return -EINVAL; |
1344 | } | |
1345 | ||
1346 | btf_verifier_log_type(env, t, NULL); | |
1347 | ||
1348 | return meta_needed; | |
1349 | } | |
1350 | ||
eb3f595d MKL |
1351 | static int btf_array_resolve(struct btf_verifier_env *env, |
1352 | const struct resolve_vertex *v) | |
1353 | { | |
1354 | const struct btf_array *array = btf_type_array(v->t); | |
4ef5f574 MKL |
1355 | const struct btf_type *elem_type, *index_type; |
1356 | u32 elem_type_id, index_type_id; | |
eb3f595d MKL |
1357 | struct btf *btf = env->btf; |
1358 | u32 elem_size; | |
1359 | ||
4ef5f574 MKL |
1360 | /* Check array->index_type */ |
1361 | index_type_id = array->index_type; | |
1362 | index_type = btf_type_by_id(btf, index_type_id); | |
1363 | if (btf_type_is_void_or_null(index_type)) { | |
1364 | btf_verifier_log_type(env, v->t, "Invalid index"); | |
1365 | return -EINVAL; | |
1366 | } | |
1367 | ||
1368 | if (!env_type_is_resolve_sink(env, index_type) && | |
1369 | !env_type_is_resolved(env, index_type_id)) | |
1370 | return env_stack_push(env, index_type, index_type_id); | |
1371 | ||
1372 | index_type = btf_type_id_size(btf, &index_type_id, NULL); | |
1373 | if (!index_type || !btf_type_is_int(index_type) || | |
1374 | !btf_type_int_is_regular(index_type)) { | |
1375 | btf_verifier_log_type(env, v->t, "Invalid index"); | |
1376 | return -EINVAL; | |
1377 | } | |
1378 | ||
1379 | /* Check array->type */ | |
1380 | elem_type_id = array->type; | |
eb3f595d MKL |
1381 | elem_type = btf_type_by_id(btf, elem_type_id); |
1382 | if (btf_type_is_void_or_null(elem_type)) { | |
1383 | btf_verifier_log_type(env, v->t, | |
1384 | "Invalid elem"); | |
1385 | return -EINVAL; | |
1386 | } | |
1387 | ||
1388 | if (!env_type_is_resolve_sink(env, elem_type) && | |
1389 | !env_type_is_resolved(env, elem_type_id)) | |
1390 | return env_stack_push(env, elem_type, elem_type_id); | |
1391 | ||
1392 | elem_type = btf_type_id_size(btf, &elem_type_id, &elem_size); | |
1393 | if (!elem_type) { | |
1394 | btf_verifier_log_type(env, v->t, "Invalid elem"); | |
1395 | return -EINVAL; | |
1396 | } | |
1397 | ||
4ef5f574 MKL |
1398 | if (btf_type_is_int(elem_type) && !btf_type_int_is_regular(elem_type)) { |
1399 | btf_verifier_log_type(env, v->t, "Invalid array of int"); | |
1400 | return -EINVAL; | |
eb3f595d MKL |
1401 | } |
1402 | ||
1403 | if (array->nelems && elem_size > U32_MAX / array->nelems) { | |
1404 | btf_verifier_log_type(env, v->t, | |
1405 | "Array size overflows U32_MAX"); | |
1406 | return -EINVAL; | |
1407 | } | |
1408 | ||
1409 | env_stack_pop_resolved(env, elem_type_id, elem_size * array->nelems); | |
1410 | ||
1411 | return 0; | |
1412 | } | |
1413 | ||
69b693f0 MKL |
1414 | static void btf_array_log(struct btf_verifier_env *env, |
1415 | const struct btf_type *t) | |
1416 | { | |
1417 | const struct btf_array *array = btf_type_array(t); | |
1418 | ||
1419 | btf_verifier_log(env, "type_id=%u index_type_id=%u nr_elems=%u", | |
1420 | array->type, array->index_type, array->nelems); | |
1421 | } | |
1422 | ||
b00b8dae MKL |
1423 | static void btf_array_seq_show(const struct btf *btf, const struct btf_type *t, |
1424 | u32 type_id, void *data, u8 bits_offset, | |
1425 | struct seq_file *m) | |
1426 | { | |
1427 | const struct btf_array *array = btf_type_array(t); | |
1428 | const struct btf_kind_operations *elem_ops; | |
1429 | const struct btf_type *elem_type; | |
1430 | u32 i, elem_size, elem_type_id; | |
1431 | ||
1432 | elem_type_id = array->type; | |
1433 | elem_type = btf_type_id_size(btf, &elem_type_id, &elem_size); | |
1434 | elem_ops = btf_type_ops(elem_type); | |
1435 | seq_puts(m, "["); | |
1436 | for (i = 0; i < array->nelems; i++) { | |
1437 | if (i) | |
1438 | seq_puts(m, ","); | |
1439 | ||
1440 | elem_ops->seq_show(btf, elem_type, elem_type_id, data, | |
1441 | bits_offset, m); | |
1442 | data += elem_size; | |
1443 | } | |
1444 | seq_puts(m, "]"); | |
1445 | } | |
1446 | ||
69b693f0 MKL |
1447 | static struct btf_kind_operations array_ops = { |
1448 | .check_meta = btf_array_check_meta, | |
eb3f595d | 1449 | .resolve = btf_array_resolve, |
179cde8c | 1450 | .check_member = btf_array_check_member, |
69b693f0 | 1451 | .log_details = btf_array_log, |
b00b8dae | 1452 | .seq_show = btf_array_seq_show, |
69b693f0 MKL |
1453 | }; |
1454 | ||
179cde8c MKL |
1455 | static int btf_struct_check_member(struct btf_verifier_env *env, |
1456 | const struct btf_type *struct_type, | |
1457 | const struct btf_member *member, | |
1458 | const struct btf_type *member_type) | |
1459 | { | |
1460 | u32 struct_bits_off = member->offset; | |
1461 | u32 struct_size, bytes_offset; | |
1462 | ||
1463 | if (BITS_PER_BYTE_MASKED(struct_bits_off)) { | |
1464 | btf_verifier_log_member(env, struct_type, member, | |
1465 | "Member is not byte aligned"); | |
1466 | return -EINVAL; | |
1467 | } | |
1468 | ||
1469 | struct_size = struct_type->size; | |
1470 | bytes_offset = BITS_ROUNDDOWN_BYTES(struct_bits_off); | |
1471 | if (struct_size - bytes_offset < member_type->size) { | |
1472 | btf_verifier_log_member(env, struct_type, member, | |
1473 | "Member exceeds struct_size"); | |
1474 | return -EINVAL; | |
1475 | } | |
1476 | ||
1477 | return 0; | |
1478 | } | |
1479 | ||
69b693f0 MKL |
1480 | static s32 btf_struct_check_meta(struct btf_verifier_env *env, |
1481 | const struct btf_type *t, | |
1482 | u32 meta_left) | |
1483 | { | |
1484 | bool is_union = BTF_INFO_KIND(t->info) == BTF_KIND_UNION; | |
1485 | const struct btf_member *member; | |
1486 | struct btf *btf = env->btf; | |
1487 | u32 struct_size = t->size; | |
1488 | u32 meta_needed; | |
1489 | u16 i; | |
1490 | ||
1491 | meta_needed = btf_type_vlen(t) * sizeof(*member); | |
1492 | if (meta_left < meta_needed) { | |
1493 | btf_verifier_log_basic(env, t, | |
1494 | "meta_left:%u meta_needed:%u", | |
1495 | meta_left, meta_needed); | |
1496 | return -EINVAL; | |
1497 | } | |
1498 | ||
1499 | btf_verifier_log_type(env, t, NULL); | |
1500 | ||
1501 | for_each_member(i, t, member) { | |
fbcf93eb | 1502 | if (!btf_name_offset_valid(btf, member->name_off)) { |
69b693f0 MKL |
1503 | btf_verifier_log_member(env, t, member, |
1504 | "Invalid member name_offset:%u", | |
fbcf93eb | 1505 | member->name_off); |
69b693f0 MKL |
1506 | return -EINVAL; |
1507 | } | |
1508 | ||
1509 | /* A member cannot be in type void */ | |
1510 | if (!member->type || BTF_TYPE_PARENT(member->type)) { | |
1511 | btf_verifier_log_member(env, t, member, | |
1512 | "Invalid type_id"); | |
1513 | return -EINVAL; | |
1514 | } | |
1515 | ||
1516 | if (is_union && member->offset) { | |
1517 | btf_verifier_log_member(env, t, member, | |
1518 | "Invalid member bits_offset"); | |
1519 | return -EINVAL; | |
1520 | } | |
1521 | ||
1522 | if (BITS_ROUNDUP_BYTES(member->offset) > struct_size) { | |
1523 | btf_verifier_log_member(env, t, member, | |
1524 | "Memmber bits_offset exceeds its struct size"); | |
1525 | return -EINVAL; | |
1526 | } | |
1527 | ||
1528 | btf_verifier_log_member(env, t, member, NULL); | |
1529 | } | |
1530 | ||
1531 | return meta_needed; | |
1532 | } | |
1533 | ||
eb3f595d MKL |
1534 | static int btf_struct_resolve(struct btf_verifier_env *env, |
1535 | const struct resolve_vertex *v) | |
1536 | { | |
1537 | const struct btf_member *member; | |
179cde8c | 1538 | int err; |
eb3f595d MKL |
1539 | u16 i; |
1540 | ||
1541 | /* Before continue resolving the next_member, | |
1542 | * ensure the last member is indeed resolved to a | |
1543 | * type with size info. | |
1544 | */ | |
1545 | if (v->next_member) { | |
179cde8c | 1546 | const struct btf_type *last_member_type; |
eb3f595d MKL |
1547 | const struct btf_member *last_member; |
1548 | u16 last_member_type_id; | |
1549 | ||
1550 | last_member = btf_type_member(v->t) + v->next_member - 1; | |
1551 | last_member_type_id = last_member->type; | |
1552 | if (WARN_ON_ONCE(!env_type_is_resolved(env, | |
1553 | last_member_type_id))) | |
1554 | return -EINVAL; | |
179cde8c MKL |
1555 | |
1556 | last_member_type = btf_type_by_id(env->btf, | |
1557 | last_member_type_id); | |
1558 | err = btf_type_ops(last_member_type)->check_member(env, v->t, | |
1559 | last_member, | |
1560 | last_member_type); | |
1561 | if (err) | |
1562 | return err; | |
eb3f595d MKL |
1563 | } |
1564 | ||
1565 | for_each_member_from(i, v->next_member, v->t, member) { | |
1566 | u32 member_type_id = member->type; | |
1567 | const struct btf_type *member_type = btf_type_by_id(env->btf, | |
1568 | member_type_id); | |
1569 | ||
1570 | if (btf_type_is_void_or_null(member_type)) { | |
1571 | btf_verifier_log_member(env, v->t, member, | |
1572 | "Invalid member"); | |
1573 | return -EINVAL; | |
1574 | } | |
1575 | ||
1576 | if (!env_type_is_resolve_sink(env, member_type) && | |
1577 | !env_type_is_resolved(env, member_type_id)) { | |
1578 | env_stack_set_next_member(env, i + 1); | |
1579 | return env_stack_push(env, member_type, member_type_id); | |
1580 | } | |
179cde8c MKL |
1581 | |
1582 | err = btf_type_ops(member_type)->check_member(env, v->t, | |
1583 | member, | |
1584 | member_type); | |
1585 | if (err) | |
1586 | return err; | |
eb3f595d MKL |
1587 | } |
1588 | ||
1589 | env_stack_pop_resolved(env, 0, 0); | |
1590 | ||
1591 | return 0; | |
1592 | } | |
1593 | ||
69b693f0 MKL |
1594 | static void btf_struct_log(struct btf_verifier_env *env, |
1595 | const struct btf_type *t) | |
1596 | { | |
1597 | btf_verifier_log(env, "size=%u vlen=%u", t->size, btf_type_vlen(t)); | |
1598 | } | |
1599 | ||
b00b8dae MKL |
1600 | static void btf_struct_seq_show(const struct btf *btf, const struct btf_type *t, |
1601 | u32 type_id, void *data, u8 bits_offset, | |
1602 | struct seq_file *m) | |
1603 | { | |
1604 | const char *seq = BTF_INFO_KIND(t->info) == BTF_KIND_UNION ? "|" : ","; | |
1605 | const struct btf_member *member; | |
1606 | u32 i; | |
1607 | ||
1608 | seq_puts(m, "{"); | |
1609 | for_each_member(i, t, member) { | |
1610 | const struct btf_type *member_type = btf_type_by_id(btf, | |
1611 | member->type); | |
1612 | u32 member_offset = member->offset; | |
1613 | u32 bytes_offset = BITS_ROUNDDOWN_BYTES(member_offset); | |
1614 | u8 bits8_offset = BITS_PER_BYTE_MASKED(member_offset); | |
1615 | const struct btf_kind_operations *ops; | |
1616 | ||
1617 | if (i) | |
1618 | seq_puts(m, seq); | |
1619 | ||
1620 | ops = btf_type_ops(member_type); | |
1621 | ops->seq_show(btf, member_type, member->type, | |
1622 | data + bytes_offset, bits8_offset, m); | |
1623 | } | |
1624 | seq_puts(m, "}"); | |
1625 | } | |
1626 | ||
69b693f0 MKL |
1627 | static struct btf_kind_operations struct_ops = { |
1628 | .check_meta = btf_struct_check_meta, | |
eb3f595d | 1629 | .resolve = btf_struct_resolve, |
179cde8c | 1630 | .check_member = btf_struct_check_member, |
69b693f0 | 1631 | .log_details = btf_struct_log, |
b00b8dae | 1632 | .seq_show = btf_struct_seq_show, |
69b693f0 MKL |
1633 | }; |
1634 | ||
179cde8c MKL |
1635 | static int btf_enum_check_member(struct btf_verifier_env *env, |
1636 | const struct btf_type *struct_type, | |
1637 | const struct btf_member *member, | |
1638 | const struct btf_type *member_type) | |
1639 | { | |
1640 | u32 struct_bits_off = member->offset; | |
1641 | u32 struct_size, bytes_offset; | |
1642 | ||
1643 | if (BITS_PER_BYTE_MASKED(struct_bits_off)) { | |
1644 | btf_verifier_log_member(env, struct_type, member, | |
1645 | "Member is not byte aligned"); | |
1646 | return -EINVAL; | |
1647 | } | |
1648 | ||
1649 | struct_size = struct_type->size; | |
1650 | bytes_offset = BITS_ROUNDDOWN_BYTES(struct_bits_off); | |
1651 | if (struct_size - bytes_offset < sizeof(int)) { | |
1652 | btf_verifier_log_member(env, struct_type, member, | |
1653 | "Member exceeds struct_size"); | |
1654 | return -EINVAL; | |
1655 | } | |
1656 | ||
1657 | return 0; | |
1658 | } | |
1659 | ||
69b693f0 MKL |
1660 | static s32 btf_enum_check_meta(struct btf_verifier_env *env, |
1661 | const struct btf_type *t, | |
1662 | u32 meta_left) | |
1663 | { | |
1664 | const struct btf_enum *enums = btf_type_enum(t); | |
1665 | struct btf *btf = env->btf; | |
1666 | u16 i, nr_enums; | |
1667 | u32 meta_needed; | |
1668 | ||
1669 | nr_enums = btf_type_vlen(t); | |
1670 | meta_needed = nr_enums * sizeof(*enums); | |
1671 | ||
1672 | if (meta_left < meta_needed) { | |
1673 | btf_verifier_log_basic(env, t, | |
1674 | "meta_left:%u meta_needed:%u", | |
1675 | meta_left, meta_needed); | |
1676 | return -EINVAL; | |
1677 | } | |
1678 | ||
1679 | if (t->size != sizeof(int)) { | |
1680 | btf_verifier_log_type(env, t, "Expected size:%zu", | |
1681 | sizeof(int)); | |
1682 | return -EINVAL; | |
1683 | } | |
1684 | ||
1685 | btf_verifier_log_type(env, t, NULL); | |
1686 | ||
1687 | for (i = 0; i < nr_enums; i++) { | |
fbcf93eb | 1688 | if (!btf_name_offset_valid(btf, enums[i].name_off)) { |
69b693f0 | 1689 | btf_verifier_log(env, "\tInvalid name_offset:%u", |
fbcf93eb | 1690 | enums[i].name_off); |
69b693f0 MKL |
1691 | return -EINVAL; |
1692 | } | |
1693 | ||
1694 | btf_verifier_log(env, "\t%s val=%d\n", | |
fbcf93eb | 1695 | btf_name_by_offset(btf, enums[i].name_off), |
69b693f0 MKL |
1696 | enums[i].val); |
1697 | } | |
1698 | ||
1699 | return meta_needed; | |
1700 | } | |
1701 | ||
1702 | static void btf_enum_log(struct btf_verifier_env *env, | |
1703 | const struct btf_type *t) | |
1704 | { | |
1705 | btf_verifier_log(env, "size=%u vlen=%u", t->size, btf_type_vlen(t)); | |
1706 | } | |
1707 | ||
b00b8dae MKL |
1708 | static void btf_enum_seq_show(const struct btf *btf, const struct btf_type *t, |
1709 | u32 type_id, void *data, u8 bits_offset, | |
1710 | struct seq_file *m) | |
1711 | { | |
1712 | const struct btf_enum *enums = btf_type_enum(t); | |
1713 | u32 i, nr_enums = btf_type_vlen(t); | |
1714 | int v = *(int *)data; | |
1715 | ||
1716 | for (i = 0; i < nr_enums; i++) { | |
1717 | if (v == enums[i].val) { | |
1718 | seq_printf(m, "%s", | |
fbcf93eb | 1719 | btf_name_by_offset(btf, enums[i].name_off)); |
b00b8dae MKL |
1720 | return; |
1721 | } | |
1722 | } | |
1723 | ||
1724 | seq_printf(m, "%d", v); | |
1725 | } | |
1726 | ||
69b693f0 MKL |
1727 | static struct btf_kind_operations enum_ops = { |
1728 | .check_meta = btf_enum_check_meta, | |
eb3f595d | 1729 | .resolve = btf_df_resolve, |
179cde8c | 1730 | .check_member = btf_enum_check_member, |
69b693f0 | 1731 | .log_details = btf_enum_log, |
b00b8dae | 1732 | .seq_show = btf_enum_seq_show, |
69b693f0 MKL |
1733 | }; |
1734 | ||
1735 | static const struct btf_kind_operations * const kind_ops[NR_BTF_KINDS] = { | |
1736 | [BTF_KIND_INT] = &int_ops, | |
1737 | [BTF_KIND_PTR] = &ptr_ops, | |
1738 | [BTF_KIND_ARRAY] = &array_ops, | |
1739 | [BTF_KIND_STRUCT] = &struct_ops, | |
1740 | [BTF_KIND_UNION] = &struct_ops, | |
1741 | [BTF_KIND_ENUM] = &enum_ops, | |
1742 | [BTF_KIND_FWD] = &fwd_ops, | |
1743 | [BTF_KIND_TYPEDEF] = &modifier_ops, | |
1744 | [BTF_KIND_VOLATILE] = &modifier_ops, | |
1745 | [BTF_KIND_CONST] = &modifier_ops, | |
1746 | [BTF_KIND_RESTRICT] = &modifier_ops, | |
1747 | }; | |
1748 | ||
1749 | static s32 btf_check_meta(struct btf_verifier_env *env, | |
1750 | const struct btf_type *t, | |
1751 | u32 meta_left) | |
1752 | { | |
1753 | u32 saved_meta_left = meta_left; | |
1754 | s32 var_meta_size; | |
1755 | ||
1756 | if (meta_left < sizeof(*t)) { | |
1757 | btf_verifier_log(env, "[%u] meta_left:%u meta_needed:%zu", | |
1758 | env->log_type_id, meta_left, sizeof(*t)); | |
1759 | return -EINVAL; | |
1760 | } | |
1761 | meta_left -= sizeof(*t); | |
1762 | ||
1763 | if (BTF_INFO_KIND(t->info) > BTF_KIND_MAX || | |
1764 | BTF_INFO_KIND(t->info) == BTF_KIND_UNKN) { | |
1765 | btf_verifier_log(env, "[%u] Invalid kind:%u", | |
1766 | env->log_type_id, BTF_INFO_KIND(t->info)); | |
1767 | return -EINVAL; | |
1768 | } | |
1769 | ||
fbcf93eb | 1770 | if (!btf_name_offset_valid(env->btf, t->name_off)) { |
69b693f0 | 1771 | btf_verifier_log(env, "[%u] Invalid name_offset:%u", |
fbcf93eb | 1772 | env->log_type_id, t->name_off); |
69b693f0 MKL |
1773 | return -EINVAL; |
1774 | } | |
1775 | ||
1776 | var_meta_size = btf_type_ops(t)->check_meta(env, t, meta_left); | |
1777 | if (var_meta_size < 0) | |
1778 | return var_meta_size; | |
1779 | ||
1780 | meta_left -= var_meta_size; | |
1781 | ||
1782 | return saved_meta_left - meta_left; | |
1783 | } | |
1784 | ||
1785 | static int btf_check_all_metas(struct btf_verifier_env *env) | |
1786 | { | |
1787 | struct btf *btf = env->btf; | |
1788 | struct btf_header *hdr; | |
1789 | void *cur, *end; | |
1790 | ||
f80442a4 | 1791 | hdr = &btf->hdr; |
69b693f0 | 1792 | cur = btf->nohdr_data + hdr->type_off; |
f80442a4 | 1793 | end = btf->nohdr_data + hdr->type_len; |
69b693f0 MKL |
1794 | |
1795 | env->log_type_id = 1; | |
1796 | while (cur < end) { | |
1797 | struct btf_type *t = cur; | |
1798 | s32 meta_size; | |
1799 | ||
1800 | meta_size = btf_check_meta(env, t, end - cur); | |
1801 | if (meta_size < 0) | |
1802 | return meta_size; | |
1803 | ||
1804 | btf_add_type(env, t); | |
1805 | cur += meta_size; | |
1806 | env->log_type_id++; | |
1807 | } | |
1808 | ||
1809 | return 0; | |
1810 | } | |
1811 | ||
eb3f595d MKL |
1812 | static int btf_resolve(struct btf_verifier_env *env, |
1813 | const struct btf_type *t, u32 type_id) | |
1814 | { | |
1815 | const struct resolve_vertex *v; | |
1816 | int err = 0; | |
1817 | ||
1818 | env->resolve_mode = RESOLVE_TBD; | |
1819 | env_stack_push(env, t, type_id); | |
1820 | while (!err && (v = env_stack_peak(env))) { | |
1821 | env->log_type_id = v->type_id; | |
1822 | err = btf_type_ops(v->t)->resolve(env, v); | |
1823 | } | |
1824 | ||
1825 | env->log_type_id = type_id; | |
1826 | if (err == -E2BIG) | |
1827 | btf_verifier_log_type(env, t, | |
1828 | "Exceeded max resolving depth:%u", | |
1829 | MAX_RESOLVE_DEPTH); | |
1830 | else if (err == -EEXIST) | |
1831 | btf_verifier_log_type(env, t, "Loop detected"); | |
1832 | ||
1833 | return err; | |
1834 | } | |
1835 | ||
1836 | static bool btf_resolve_valid(struct btf_verifier_env *env, | |
1837 | const struct btf_type *t, | |
1838 | u32 type_id) | |
1839 | { | |
1840 | struct btf *btf = env->btf; | |
1841 | ||
1842 | if (!env_type_is_resolved(env, type_id)) | |
1843 | return false; | |
1844 | ||
1845 | if (btf_type_is_struct(t)) | |
1846 | return !btf->resolved_ids[type_id] && | |
1847 | !btf->resolved_sizes[type_id]; | |
1848 | ||
1849 | if (btf_type_is_modifier(t) || btf_type_is_ptr(t)) { | |
1850 | t = btf_type_id_resolve(btf, &type_id); | |
1851 | return t && !btf_type_is_modifier(t); | |
1852 | } | |
1853 | ||
1854 | if (btf_type_is_array(t)) { | |
1855 | const struct btf_array *array = btf_type_array(t); | |
1856 | const struct btf_type *elem_type; | |
1857 | u32 elem_type_id = array->type; | |
1858 | u32 elem_size; | |
1859 | ||
1860 | elem_type = btf_type_id_size(btf, &elem_type_id, &elem_size); | |
1861 | return elem_type && !btf_type_is_modifier(elem_type) && | |
1862 | (array->nelems * elem_size == | |
1863 | btf->resolved_sizes[type_id]); | |
1864 | } | |
1865 | ||
1866 | return false; | |
1867 | } | |
1868 | ||
1869 | static int btf_check_all_types(struct btf_verifier_env *env) | |
1870 | { | |
1871 | struct btf *btf = env->btf; | |
1872 | u32 type_id; | |
1873 | int err; | |
1874 | ||
1875 | err = env_resolve_init(env); | |
1876 | if (err) | |
1877 | return err; | |
1878 | ||
1879 | env->phase++; | |
1880 | for (type_id = 1; type_id <= btf->nr_types; type_id++) { | |
1881 | const struct btf_type *t = btf_type_by_id(btf, type_id); | |
1882 | ||
1883 | env->log_type_id = type_id; | |
1884 | if (btf_type_needs_resolve(t) && | |
1885 | !env_type_is_resolved(env, type_id)) { | |
1886 | err = btf_resolve(env, t, type_id); | |
1887 | if (err) | |
1888 | return err; | |
1889 | } | |
1890 | ||
1891 | if (btf_type_needs_resolve(t) && | |
1892 | !btf_resolve_valid(env, t, type_id)) { | |
1893 | btf_verifier_log_type(env, t, "Invalid resolve state"); | |
1894 | return -EINVAL; | |
1895 | } | |
1896 | } | |
1897 | ||
1898 | return 0; | |
1899 | } | |
1900 | ||
69b693f0 MKL |
1901 | static int btf_parse_type_sec(struct btf_verifier_env *env) |
1902 | { | |
f80442a4 | 1903 | const struct btf_header *hdr = &env->btf->hdr; |
eb3f595d MKL |
1904 | int err; |
1905 | ||
f80442a4 MKL |
1906 | /* Type section must align to 4 bytes */ |
1907 | if (hdr->type_off & (sizeof(u32) - 1)) { | |
1908 | btf_verifier_log(env, "Unaligned type_off"); | |
1909 | return -EINVAL; | |
1910 | } | |
1911 | ||
1912 | if (!hdr->type_len) { | |
1913 | btf_verifier_log(env, "No type found"); | |
1914 | return -EINVAL; | |
1915 | } | |
1916 | ||
eb3f595d MKL |
1917 | err = btf_check_all_metas(env); |
1918 | if (err) | |
1919 | return err; | |
1920 | ||
1921 | return btf_check_all_types(env); | |
69b693f0 MKL |
1922 | } |
1923 | ||
1924 | static int btf_parse_str_sec(struct btf_verifier_env *env) | |
1925 | { | |
1926 | const struct btf_header *hdr; | |
1927 | struct btf *btf = env->btf; | |
1928 | const char *start, *end; | |
1929 | ||
f80442a4 | 1930 | hdr = &btf->hdr; |
69b693f0 MKL |
1931 | start = btf->nohdr_data + hdr->str_off; |
1932 | end = start + hdr->str_len; | |
1933 | ||
f80442a4 MKL |
1934 | if (end != btf->data + btf->data_size) { |
1935 | btf_verifier_log(env, "String section is not at the end"); | |
1936 | return -EINVAL; | |
1937 | } | |
1938 | ||
69b693f0 MKL |
1939 | if (!hdr->str_len || hdr->str_len - 1 > BTF_MAX_NAME_OFFSET || |
1940 | start[0] || end[-1]) { | |
1941 | btf_verifier_log(env, "Invalid string section"); | |
1942 | return -EINVAL; | |
1943 | } | |
1944 | ||
1945 | btf->strings = start; | |
1946 | ||
1947 | return 0; | |
1948 | } | |
1949 | ||
f80442a4 MKL |
1950 | static const size_t btf_sec_info_offset[] = { |
1951 | offsetof(struct btf_header, type_off), | |
1952 | offsetof(struct btf_header, str_off), | |
1953 | }; | |
1954 | ||
1955 | static int btf_sec_info_cmp(const void *a, const void *b) | |
69b693f0 | 1956 | { |
f80442a4 MKL |
1957 | const struct btf_sec_info *x = a; |
1958 | const struct btf_sec_info *y = b; | |
1959 | ||
1960 | return (int)(x->off - y->off) ? : (int)(x->len - y->len); | |
1961 | } | |
1962 | ||
1963 | static int btf_check_sec_info(struct btf_verifier_env *env, | |
1964 | u32 btf_data_size) | |
1965 | { | |
1966 | const unsigned int nr_secs = ARRAY_SIZE(btf_sec_info_offset); | |
1967 | struct btf_sec_info secs[nr_secs]; | |
1968 | u32 total, expected_total, i; | |
69b693f0 | 1969 | const struct btf_header *hdr; |
f80442a4 MKL |
1970 | const struct btf *btf; |
1971 | ||
1972 | btf = env->btf; | |
1973 | hdr = &btf->hdr; | |
1974 | ||
1975 | /* Populate the secs from hdr */ | |
1976 | for (i = 0; i < nr_secs; i++) | |
1977 | secs[i] = *(struct btf_sec_info *)((void *)hdr + | |
1978 | btf_sec_info_offset[i]); | |
1979 | ||
1980 | sort(secs, nr_secs, sizeof(struct btf_sec_info), | |
1981 | btf_sec_info_cmp, NULL); | |
1982 | ||
1983 | /* Check for gaps and overlap among sections */ | |
1984 | total = 0; | |
1985 | expected_total = btf_data_size - hdr->hdr_len; | |
1986 | for (i = 0; i < nr_secs; i++) { | |
1987 | if (expected_total < secs[i].off) { | |
1988 | btf_verifier_log(env, "Invalid section offset"); | |
1989 | return -EINVAL; | |
1990 | } | |
1991 | if (total < secs[i].off) { | |
1992 | /* gap */ | |
1993 | btf_verifier_log(env, "Unsupported section found"); | |
1994 | return -EINVAL; | |
1995 | } | |
1996 | if (total > secs[i].off) { | |
1997 | btf_verifier_log(env, "Section overlap found"); | |
1998 | return -EINVAL; | |
1999 | } | |
2000 | if (expected_total - total < secs[i].len) { | |
2001 | btf_verifier_log(env, | |
2002 | "Total section length too long"); | |
2003 | return -EINVAL; | |
2004 | } | |
2005 | total += secs[i].len; | |
2006 | } | |
2007 | ||
2008 | /* There is data other than hdr and known sections */ | |
2009 | if (expected_total != total) { | |
2010 | btf_verifier_log(env, "Unsupported section found"); | |
2011 | return -EINVAL; | |
2012 | } | |
2013 | ||
2014 | return 0; | |
2015 | } | |
2016 | ||
2017 | static int btf_parse_hdr(struct btf_verifier_env *env, void __user *btf_data, | |
2018 | u32 btf_data_size) | |
2019 | { | |
2020 | const struct btf_header *hdr; | |
2021 | u32 hdr_len, hdr_copy; | |
2022 | /* | |
2023 | * Minimal part of the "struct btf_header" that | |
2024 | * contains the hdr_len. | |
2025 | */ | |
2026 | struct btf_min_header { | |
2027 | u16 magic; | |
2028 | u8 version; | |
2029 | u8 flags; | |
2030 | u32 hdr_len; | |
2031 | } __user *min_hdr; | |
2032 | struct btf *btf; | |
2033 | int err; | |
69b693f0 | 2034 | |
f80442a4 MKL |
2035 | btf = env->btf; |
2036 | min_hdr = btf_data; | |
2037 | ||
2038 | if (btf_data_size < sizeof(*min_hdr)) { | |
2039 | btf_verifier_log(env, "hdr_len not found"); | |
2040 | return -EINVAL; | |
2041 | } | |
2042 | ||
2043 | if (get_user(hdr_len, &min_hdr->hdr_len)) | |
2044 | return -EFAULT; | |
2045 | ||
2046 | if (btf_data_size < hdr_len) { | |
69b693f0 MKL |
2047 | btf_verifier_log(env, "btf_header not found"); |
2048 | return -EINVAL; | |
2049 | } | |
2050 | ||
f80442a4 MKL |
2051 | err = bpf_check_uarg_tail_zero(btf_data, sizeof(btf->hdr), hdr_len); |
2052 | if (err) { | |
2053 | if (err == -E2BIG) | |
2054 | btf_verifier_log(env, "Unsupported btf_header"); | |
2055 | return err; | |
2056 | } | |
2057 | ||
2058 | hdr_copy = min_t(u32, hdr_len, sizeof(btf->hdr)); | |
2059 | if (copy_from_user(&btf->hdr, btf_data, hdr_copy)) | |
2060 | return -EFAULT; | |
2061 | ||
2062 | hdr = &btf->hdr; | |
2063 | ||
2064 | btf_verifier_log_hdr(env, btf_data_size); | |
69b693f0 | 2065 | |
69b693f0 MKL |
2066 | if (hdr->magic != BTF_MAGIC) { |
2067 | btf_verifier_log(env, "Invalid magic"); | |
2068 | return -EINVAL; | |
2069 | } | |
2070 | ||
2071 | if (hdr->version != BTF_VERSION) { | |
2072 | btf_verifier_log(env, "Unsupported version"); | |
2073 | return -ENOTSUPP; | |
2074 | } | |
2075 | ||
2076 | if (hdr->flags) { | |
2077 | btf_verifier_log(env, "Unsupported flags"); | |
2078 | return -ENOTSUPP; | |
2079 | } | |
2080 | ||
f80442a4 | 2081 | if (btf_data_size == hdr->hdr_len) { |
69b693f0 MKL |
2082 | btf_verifier_log(env, "No data"); |
2083 | return -EINVAL; | |
2084 | } | |
2085 | ||
f80442a4 MKL |
2086 | err = btf_check_sec_info(env, btf_data_size); |
2087 | if (err) | |
2088 | return err; | |
69b693f0 MKL |
2089 | |
2090 | return 0; | |
2091 | } | |
2092 | ||
2093 | static struct btf *btf_parse(void __user *btf_data, u32 btf_data_size, | |
2094 | u32 log_level, char __user *log_ubuf, u32 log_size) | |
2095 | { | |
2096 | struct btf_verifier_env *env = NULL; | |
2097 | struct bpf_verifier_log *log; | |
2098 | struct btf *btf = NULL; | |
2099 | u8 *data; | |
2100 | int err; | |
2101 | ||
2102 | if (btf_data_size > BTF_MAX_SIZE) | |
2103 | return ERR_PTR(-E2BIG); | |
2104 | ||
2105 | env = kzalloc(sizeof(*env), GFP_KERNEL | __GFP_NOWARN); | |
2106 | if (!env) | |
2107 | return ERR_PTR(-ENOMEM); | |
2108 | ||
2109 | log = &env->log; | |
2110 | if (log_level || log_ubuf || log_size) { | |
2111 | /* user requested verbose verifier output | |
2112 | * and supplied buffer to store the verification trace | |
2113 | */ | |
2114 | log->level = log_level; | |
2115 | log->ubuf = log_ubuf; | |
2116 | log->len_total = log_size; | |
2117 | ||
2118 | /* log attributes have to be sane */ | |
2119 | if (log->len_total < 128 || log->len_total > UINT_MAX >> 8 || | |
2120 | !log->level || !log->ubuf) { | |
2121 | err = -EINVAL; | |
2122 | goto errout; | |
2123 | } | |
2124 | } | |
2125 | ||
2126 | btf = kzalloc(sizeof(*btf), GFP_KERNEL | __GFP_NOWARN); | |
2127 | if (!btf) { | |
2128 | err = -ENOMEM; | |
2129 | goto errout; | |
2130 | } | |
f80442a4 MKL |
2131 | env->btf = btf; |
2132 | ||
2133 | err = btf_parse_hdr(env, btf_data, btf_data_size); | |
2134 | if (err) | |
2135 | goto errout; | |
69b693f0 MKL |
2136 | |
2137 | data = kvmalloc(btf_data_size, GFP_KERNEL | __GFP_NOWARN); | |
2138 | if (!data) { | |
2139 | err = -ENOMEM; | |
2140 | goto errout; | |
2141 | } | |
2142 | ||
2143 | btf->data = data; | |
2144 | btf->data_size = btf_data_size; | |
f80442a4 | 2145 | btf->nohdr_data = btf->data + btf->hdr.hdr_len; |
69b693f0 MKL |
2146 | |
2147 | if (copy_from_user(data, btf_data, btf_data_size)) { | |
2148 | err = -EFAULT; | |
2149 | goto errout; | |
2150 | } | |
2151 | ||
69b693f0 MKL |
2152 | err = btf_parse_str_sec(env); |
2153 | if (err) | |
2154 | goto errout; | |
2155 | ||
2156 | err = btf_parse_type_sec(env); | |
2157 | if (err) | |
2158 | goto errout; | |
2159 | ||
f80442a4 | 2160 | if (log->level && bpf_verifier_log_full(log)) { |
69b693f0 MKL |
2161 | err = -ENOSPC; |
2162 | goto errout; | |
2163 | } | |
2164 | ||
f80442a4 MKL |
2165 | btf_verifier_env_free(env); |
2166 | refcount_set(&btf->refcnt, 1); | |
2167 | return btf; | |
69b693f0 MKL |
2168 | |
2169 | errout: | |
2170 | btf_verifier_env_free(env); | |
2171 | if (btf) | |
2172 | btf_free(btf); | |
2173 | return ERR_PTR(err); | |
2174 | } | |
b00b8dae MKL |
2175 | |
2176 | void btf_type_seq_show(const struct btf *btf, u32 type_id, void *obj, | |
2177 | struct seq_file *m) | |
2178 | { | |
2179 | const struct btf_type *t = btf_type_by_id(btf, type_id); | |
2180 | ||
2181 | btf_type_ops(t)->seq_show(btf, t, type_id, obj, 0, m); | |
2182 | } | |
f56a653c MKL |
2183 | |
2184 | static int btf_release(struct inode *inode, struct file *filp) | |
2185 | { | |
2186 | btf_put(filp->private_data); | |
2187 | return 0; | |
2188 | } | |
2189 | ||
60197cfb | 2190 | const struct file_operations btf_fops = { |
f56a653c MKL |
2191 | .release = btf_release, |
2192 | }; | |
2193 | ||
78958fca MKL |
2194 | static int __btf_new_fd(struct btf *btf) |
2195 | { | |
2196 | return anon_inode_getfd("btf", &btf_fops, btf, O_RDONLY | O_CLOEXEC); | |
2197 | } | |
2198 | ||
f56a653c MKL |
2199 | int btf_new_fd(const union bpf_attr *attr) |
2200 | { | |
2201 | struct btf *btf; | |
78958fca | 2202 | int ret; |
f56a653c MKL |
2203 | |
2204 | btf = btf_parse(u64_to_user_ptr(attr->btf), | |
2205 | attr->btf_size, attr->btf_log_level, | |
2206 | u64_to_user_ptr(attr->btf_log_buf), | |
2207 | attr->btf_log_size); | |
2208 | if (IS_ERR(btf)) | |
2209 | return PTR_ERR(btf); | |
2210 | ||
78958fca MKL |
2211 | ret = btf_alloc_id(btf); |
2212 | if (ret) { | |
2213 | btf_free(btf); | |
2214 | return ret; | |
2215 | } | |
2216 | ||
2217 | /* | |
2218 | * The BTF ID is published to the userspace. | |
2219 | * All BTF free must go through call_rcu() from | |
2220 | * now on (i.e. free by calling btf_put()). | |
2221 | */ | |
2222 | ||
2223 | ret = __btf_new_fd(btf); | |
2224 | if (ret < 0) | |
f56a653c MKL |
2225 | btf_put(btf); |
2226 | ||
78958fca | 2227 | return ret; |
f56a653c MKL |
2228 | } |
2229 | ||
2230 | struct btf *btf_get_by_fd(int fd) | |
2231 | { | |
2232 | struct btf *btf; | |
2233 | struct fd f; | |
2234 | ||
2235 | f = fdget(fd); | |
2236 | ||
2237 | if (!f.file) | |
2238 | return ERR_PTR(-EBADF); | |
2239 | ||
2240 | if (f.file->f_op != &btf_fops) { | |
2241 | fdput(f); | |
2242 | return ERR_PTR(-EINVAL); | |
2243 | } | |
2244 | ||
2245 | btf = f.file->private_data; | |
78958fca | 2246 | refcount_inc(&btf->refcnt); |
f56a653c MKL |
2247 | fdput(f); |
2248 | ||
2249 | return btf; | |
2250 | } | |
60197cfb MKL |
2251 | |
2252 | int btf_get_info_by_fd(const struct btf *btf, | |
2253 | const union bpf_attr *attr, | |
2254 | union bpf_attr __user *uattr) | |
2255 | { | |
62dab84c MKL |
2256 | struct bpf_btf_info __user *uinfo; |
2257 | struct bpf_btf_info info = {}; | |
2258 | u32 info_copy, btf_copy; | |
2259 | void __user *ubtf; | |
2260 | u32 uinfo_len; | |
60197cfb | 2261 | |
62dab84c MKL |
2262 | uinfo = u64_to_user_ptr(attr->info.info); |
2263 | uinfo_len = attr->info.info_len; | |
2264 | ||
2265 | info_copy = min_t(u32, uinfo_len, sizeof(info)); | |
2266 | if (copy_from_user(&info, uinfo, info_copy)) | |
2267 | return -EFAULT; | |
2268 | ||
2269 | info.id = btf->id; | |
2270 | ubtf = u64_to_user_ptr(info.btf); | |
2271 | btf_copy = min_t(u32, btf->data_size, info.btf_size); | |
2272 | if (copy_to_user(ubtf, btf->data, btf_copy)) | |
2273 | return -EFAULT; | |
2274 | info.btf_size = btf->data_size; | |
2275 | ||
2276 | if (copy_to_user(uinfo, &info, info_copy) || | |
2277 | put_user(info_copy, &uattr->info.info_len)) | |
60197cfb MKL |
2278 | return -EFAULT; |
2279 | ||
2280 | return 0; | |
2281 | } | |
78958fca MKL |
2282 | |
2283 | int btf_get_fd_by_id(u32 id) | |
2284 | { | |
2285 | struct btf *btf; | |
2286 | int fd; | |
2287 | ||
2288 | rcu_read_lock(); | |
2289 | btf = idr_find(&btf_idr, id); | |
2290 | if (!btf || !refcount_inc_not_zero(&btf->refcnt)) | |
2291 | btf = ERR_PTR(-ENOENT); | |
2292 | rcu_read_unlock(); | |
2293 | ||
2294 | if (IS_ERR(btf)) | |
2295 | return PTR_ERR(btf); | |
2296 | ||
2297 | fd = __btf_new_fd(btf); | |
2298 | if (fd < 0) | |
2299 | btf_put(btf); | |
2300 | ||
2301 | return fd; | |
2302 | } | |
2303 | ||
2304 | u32 btf_id(const struct btf *btf) | |
2305 | { | |
2306 | return btf->id; | |
2307 | } |