Skip to content

Commit 4188817

Browse files
borkmannborkmann
committed
Merge branch 'bpf-jit-overridable-alloc'
Ard Biesheuvel says: ==================== On arm64, modules are allocated from a 128 MB window which is close to the core kernel, so that relative direct branches are guaranteed to be in range (except in some KASLR configurations). Also, module_alloc() is in charge of allocating KASAN shadow memory when running with KASAN enabled. This means that the way BPF reuses module_alloc()/module_memfree() is undesirable on arm64 (and potentially other architectures as well), and so this series refactors BPF's use of those functions to permit architectures to change this behavior. Patch #1 breaks out the module_alloc() and module_memfree() calls into __weak functions so they can be overridden. Patch #2 implements the new alloc/free overrides for arm64 Changes since v3: - drop 'const' modifier for free() hook void* argument - move the dedicated BPF region to before the module region, putting it within 4GB of the module and kernel regions on non-KASLR kernels Changes since v2: - properly build time and runtime tested this time (log after the diffstat) - create a dedicated 128 MB region at the top of the vmalloc space for BPF programs, ensuring that the programs will be in branching range of each other (which we currently rely upon) but at an arbitrary distance from the kernel and modules (which we don't care about) Changes since v1: - Drop misguided attempt to 'fix' and refactor the free path. Instead, just add another __weak wrapper for the invocation of module_memfree() ==================== Cc: Daniel Borkmann <daniel@iogearbox.net> Cc: Alexei Starovoitov <ast@kernel.org> Cc: Rick Edgecombe <rick.p.edgecombe@intel.com> Cc: Eric Dumazet <eric.dumazet@gmail.com> Cc: Jann Horn <jannh@google.com> Cc: Kees Cook <keescook@chromium.org> Cc: Jessica Yu <jeyu@kernel.org> Cc: Arnd Bergmann <arnd@arndb.de> Cc: Catalin Marinas <catalin.marinas@arm.com> Cc: Will Deacon <will.deacon@arm.com> Cc: Mark Rutland <mark.rutland@arm.com> Cc: "David S. Miller" <davem@davemloft.net> Cc: linux-arm-kernel@lists.infradead.org Cc: linux-kernel@vger.kernel.org Cc: netdev@vger.kernel.org Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
2 parents 2a95471 + 91fc957 commit 4188817

File tree

3 files changed

+29
-3
lines changed

3 files changed

+29
-3
lines changed

arch/arm64/include/asm/memory.h

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -62,8 +62,11 @@
6262
#define PAGE_OFFSET (UL(0xffffffffffffffff) - \
6363
(UL(1) << (VA_BITS - 1)) + 1)
6464
#define KIMAGE_VADDR (MODULES_END)
65+
#define BPF_JIT_REGION_START (VA_START + KASAN_SHADOW_SIZE)
66+
#define BPF_JIT_REGION_SIZE (SZ_128M)
67+
#define BPF_JIT_REGION_END (BPF_JIT_REGION_START + BPF_JIT_REGION_SIZE)
6568
#define MODULES_END (MODULES_VADDR + MODULES_VSIZE)
66-
#define MODULES_VADDR (VA_START + KASAN_SHADOW_SIZE)
69+
#define MODULES_VADDR (BPF_JIT_REGION_END)
6770
#define MODULES_VSIZE (SZ_128M)
6871
#define VMEMMAP_START (PAGE_OFFSET - VMEMMAP_SIZE)
6972
#define PCI_IO_END (VMEMMAP_START - SZ_2M)

arch/arm64/net/bpf_jit_comp.c

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -943,3 +943,16 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *prog)
943943
tmp : orig_prog);
944944
return prog;
945945
}
946+
947+
void *bpf_jit_alloc_exec(unsigned long size)
948+
{
949+
return __vmalloc_node_range(size, PAGE_SIZE, BPF_JIT_REGION_START,
950+
BPF_JIT_REGION_END, GFP_KERNEL,
951+
PAGE_KERNEL_EXEC, 0, NUMA_NO_NODE,
952+
__builtin_return_address(0));
953+
}
954+
955+
void bpf_jit_free_exec(void *addr)
956+
{
957+
return vfree(addr);
958+
}

kernel/bpf/core.c

Lines changed: 12 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -623,6 +623,16 @@ static void bpf_jit_uncharge_modmem(u32 pages)
623623
atomic_long_sub(pages, &bpf_jit_current);
624624
}
625625

626+
void *__weak bpf_jit_alloc_exec(unsigned long size)
627+
{
628+
return module_alloc(size);
629+
}
630+
631+
void __weak bpf_jit_free_exec(void *addr)
632+
{
633+
module_memfree(addr);
634+
}
635+
626636
struct bpf_binary_header *
627637
bpf_jit_binary_alloc(unsigned int proglen, u8 **image_ptr,
628638
unsigned int alignment,
@@ -640,7 +650,7 @@ bpf_jit_binary_alloc(unsigned int proglen, u8 **image_ptr,
640650

641651
if (bpf_jit_charge_modmem(pages))
642652
return NULL;
643-
hdr = module_alloc(size);
653+
hdr = bpf_jit_alloc_exec(size);
644654
if (!hdr) {
645655
bpf_jit_uncharge_modmem(pages);
646656
return NULL;
@@ -664,7 +674,7 @@ void bpf_jit_binary_free(struct bpf_binary_header *hdr)
664674
{
665675
u32 pages = hdr->pages;
666676

667-
module_memfree(hdr);
677+
bpf_jit_free_exec(hdr);
668678
bpf_jit_uncharge_modmem(pages);
669679
}
670680

0 commit comments

Comments
 (0)