From patchwork Mon Oct 9 17:30:08 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Jakub Kicinski X-Patchwork-Id: 823378 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Authentication-Results: ozlabs.org; spf=none (mailfrom) smtp.mailfrom=vger.kernel.org (client-ip=209.132.180.67; helo=vger.kernel.org; envelope-from=netdev-owner@vger.kernel.org; receiver=) Authentication-Results: ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=netronome-com.20150623.gappssmtp.com header.i=@netronome-com.20150623.gappssmtp.com header.b="xTVVEg/A"; dkim-atps=neutral Received: from vger.kernel.org (vger.kernel.org [209.132.180.67]) by ozlabs.org (Postfix) with ESMTP id 3y9nMD5hBzz9tXx for ; Tue, 10 Oct 2017 04:30:32 +1100 (AEDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1754971AbdJIRab (ORCPT ); Mon, 9 Oct 2017 13:30:31 -0400 Received: from mail-pf0-f180.google.com ([209.85.192.180]:54855 "EHLO mail-pf0-f180.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751952AbdJIRa2 (ORCPT ); Mon, 9 Oct 2017 13:30:28 -0400 Received: by mail-pf0-f180.google.com with SMTP id m28so9506233pfi.11 for ; Mon, 09 Oct 2017 10:30:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netronome-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id; bh=PES1gudTCIHyaY/ty9TgHzUkDOrBAfCFEWg9MRTXmbQ=; b=xTVVEg/Ap/9v+DAYz7zp0R7vkOPGu31yhNRUvWjSj3qTE2CNuhan2n9mIl4lZK4Cb5 hGZRNrfQCyKRRGFw7hqJxhT+Kq9VAkMs4I/txe8VqXW8Jqzc8Uq5Flz8HbHCjXxrNPP/ uPaWvlHTy7RtePZgMLoSw83pj92poRto/6BfOaRUvEAl5uL5ZFV8Tx9P5SIjrQpb0P3p Rzr09AhSg+LJ4apeXeg3G4ucFZHZjYpIL/Bg3hW4M1+shabB7dx7EtgNOYyggx0riMVG pUft9Xl3/fwGEwrxzWO4nF3rofDxXhLllhGva402+xm9lLhZQKv6QHZN6RkvjSvVLp76 Oqdg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id; bh=PES1gudTCIHyaY/ty9TgHzUkDOrBAfCFEWg9MRTXmbQ=; b=tbXCU/IEtSz0L4lxyGwj1WaW9xWGZpVgdfuFaleId9eGMr25gSUvGiaVSHBVsFeh2E vaxVl/eBskjlWBOmPTWqHNrGk2KNJ6Bn+XgBFzyzwLJ8A158oSrEGHgdBn+sCvY8Eygh XFSniGF4h8DP0PnxsRgquJ7vmm8T+K6JmYVqmpoCfPhkFDP8e2FGBg5fRX4wf3use4KJ GWJXnnBfG0ppLZg8JkMyALlqLXyU8EIH485r9ycXGt14qnZpDGnNm9UtaIneiDHkAZAh Zqkhx73yNDs/JNFPBB67Y9+mOUMDeQY3edppNqYDp2t8kfvcm432X9kljFyYRvVxLV3a FyZg== X-Gm-Message-State: AMCzsaV4gLd46kjgYwtj7ZoqQXe2W+bgqFE9LaRipxeOhhOVnKOpioxW a+dY3GukV7hPxfENV2AR68eWH//6 X-Google-Smtp-Source: AOwi7QCMYnqv+UsMOWZK1rqBKvWepUe/UmaB8EVDVEvdIT/pqYuqsJ7nWJfBfmM7lXj3SRKmv5XpIg== X-Received: by 10.98.35.75 with SMTP id j72mr10526094pfj.82.1507570226361; Mon, 09 Oct 2017 10:30:26 -0700 (PDT) Received: from jkicinski-Precision-T1700.netronome.com ([75.53.12.129]) by smtp.gmail.com with ESMTPSA id c185sm17342537pfb.57.2017.10.09.10.30.25 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 09 Oct 2017 10:30:25 -0700 (PDT) From: Jakub Kicinski To: netdev@vger.kernel.org Cc: oss-drivers@netronome.com, alexei.starovoitov@gmail.com, daniel@iogearbox.net, Jakub Kicinski Subject: [PATCH net-next v2 0/7] bpf: get rid of global verifier state and reuse instruction printer Date: Mon, 9 Oct 2017 10:30:08 -0700 Message-Id: <20171009173015.23520-1-jakub.kicinski@netronome.com> X-Mailer: git-send-email 2.14.1 Sender: netdev-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: netdev@vger.kernel.org Hi! This set started off as simple extraction of eBPF verifier's instruction printer into a separate file but evolved into removal of global state. The purpose of moving instruction printing code is to be able to reuse it from the bpftool. As far as the global verifier lock goes, this set removes the global variables relating to the log buffer, makes the one-time init done by bpf_get_skb_set_tunnel_proto() not depend on any external locking, and performs verifier log writeback as data is produced removing the need for allocating a potentially large temporary buffer. The final step of actually removing the verifier lock is left to someone more competent and self-confident :) Note that struct bpf_verifier_env is just 40B under two pages now, we should probably switch to vzalloc() when it's expanded again... v2: - add a selftest; - use env buffer and flush on every print (Alexei); - handle kernel log allocation failures (Daniel); - put the env log members into a struct (Daniel). Jakub Kicinski (7): selftests/bpf: add a test for verifier logs bpf: encapsulate verifier log state into a structure bpf: move global verifier log into verifier environment bpf: move instruction printing into a separate file tools: bpftool: use the kernel's instruction printer bpf: don't rely on the verifier lock for metadata_dst allocation bpf: write back the verifier log buffer as it gets filled include/linux/bpf_verifier.h | 17 + include/net/dst_metadata.h | 1 + kernel/bpf/Makefile | 1 + kernel/bpf/disasm.c | 214 +++++++ kernel/bpf/disasm.h | 32 ++ kernel/bpf/verifier.c | 693 +++++++++-------------- net/core/dst.c | 16 + net/core/filter.c | 16 +- tools/bpf/bpftool/Documentation/bpftool-prog.rst | 11 +- tools/bpf/bpftool/Makefile | 7 +- tools/bpf/bpftool/main.h | 10 +- tools/bpf/bpftool/prog.c | 44 +- tools/testing/selftests/bpf/Makefile | 2 +- tools/testing/selftests/bpf/test_verifier_log.c | 171 ++++++ 14 files changed, 776 insertions(+), 459 deletions(-) create mode 100644 kernel/bpf/disasm.c create mode 100644 kernel/bpf/disasm.h create mode 100644 tools/testing/selftests/bpf/test_verifier_log.c