Received: by 2002:a89:288:0:b0:1f7:eeee:6653 with SMTP id j8csp218345lqh; Mon, 6 May 2024 17:27:32 -0700 (PDT) X-Forwarded-Encrypted: i=3; AJvYcCWBYcYY38j7GEji++a2XwiLPAT8qNZDdB0IAY3BpsLErG6GgLdrYsj8k9cR4HYtWlIC/78IsDnTfH8U1xpF7snUCrFrbZkMk3l6NGTKHg== X-Google-Smtp-Source: AGHT+IEpvOKvW5yBf1RUmcP2sv2MfTu0O08lhVNkxgMLpo4QT12n6ugpqF5mwnpT51Pjl0GEPf3t X-Received: by 2002:a05:6830:1e72:b0:6f0:45ad:24b2 with SMTP id m18-20020a0568301e7200b006f045ad24b2mr5720787otr.4.1715041652416; Mon, 06 May 2024 17:27:32 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1715041652; cv=pass; d=google.com; s=arc-20160816; b=I97YnJwRzmq8eYDcyh7Y2arpP852Hxi1Dge6P9YF/MBqFUxG42zeslc6ZatbHDkX5F VgGnVGNT/jnp80SCDn3untXE0DBTc5UBTX6sY3TyNekogVj80IGxxUg4j7BDT7N5G1+f 4SX1C59i00pJOjrUCdw1jOrYJLtdNEVi9h+PN8ARNCOtIoYH8AbeDEott5DCTbRHqIWN pgmEidR8H4f8B/P28VQaoty3pkkMaBatR94CzAw7RGf4JLAFuVmUUOhq3fO+2BQQ4jQa PdhQ1v3x8JM91vHGth1wcjP5CAGQZwA0VyfXYJ4gzAEDmuQ/yyTVp3zIyL1LvS8ce0h7 chnQ== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:list-unsubscribe:list-subscribe :list-id:precedence:dkim-signature; bh=9vmtqOjRdDWAeYSRYS6X1pfJX7nQFvEEJNEhNJnhAZM=; fh=NKIiDpWW4r6Vx/aaenBk2eY+tPc8znqocDC0E0daArs=; b=E60M+u8q91ruGBcE1mBsBjC9AxfWWzeIZ/ySBmz5zCkgcYuPU1GACd+JuSdgayWUeL QJyjRuogx0VQpkVTHnaxhXvisAjN1PkE/igd7u0slGDoE7cnaLn98S2wNvSuwR0r4r8n rAyxKEtZDwUGwrqERgML5c75ZO33osIzUnRR87sA6h3aNHi0Md0obMyXm336rY3dDQCl e9xfb5Gq38Q65I9Z37N5GnWEtAn+59PGswXygdwN2o3txu0EAz1c7O3U691eSQfU02Ym kKOVxtgFwKrUdfprH6nNf9aXYMaq7pjSxhLBUDMIIpw5i9cyw2k1RRJtEOd2Z0SriFJB viMw==; dara=google.com ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=Cfj0lzen; arc=pass (i=1 spf=pass spfdomain=gmail.com dkim=pass dkdomain=gmail.com dmarc=pass fromdomain=gmail.com); spf=pass (google.com: domain of linux-kernel+bounces-170521-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-170521-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from sv.mirrors.kernel.org (sv.mirrors.kernel.org. [2604:1380:45e3:2400::1]) by mx.google.com with ESMTPS id b17-20020a056a000cd100b006f47e96a3f8si2892277pfv.176.2024.05.06.17.27.32 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 06 May 2024 17:27:32 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel+bounces-170521-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) client-ip=2604:1380:45e3:2400::1; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=Cfj0lzen; arc=pass (i=1 spf=pass spfdomain=gmail.com dkim=pass dkdomain=gmail.com dmarc=pass fromdomain=gmail.com); spf=pass (google.com: domain of linux-kernel+bounces-170521-linux.lists.archive=gmail.com@vger.kernel.org designates 2604:1380:45e3:2400::1 as permitted sender) smtp.mailfrom="linux-kernel+bounces-170521-linux.lists.archive=gmail.com@vger.kernel.org"; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from smtp.subspace.kernel.org (wormhole.subspace.kernel.org [52.25.139.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by sv.mirrors.kernel.org (Postfix) with ESMTPS id A4CB9284D38 for ; Tue, 7 May 2024 00:27:09 +0000 (UTC) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by smtp.subspace.kernel.org (Postfix) with ESMTP id 11518818; Tue, 7 May 2024 00:26:54 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="Cfj0lzen" Received: from mail-wm1-f47.google.com (mail-wm1-f47.google.com [209.85.128.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6F51828F1; Tue, 7 May 2024 00:26:51 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.47 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715041613; cv=none; b=LJVGWh44ztqGOH6MjxgZt+wKQHwOM9yZYYAaVsttCfBgl1PtGSQx+DoLfubRsU7Art7JurMwKgimMUlRBJ8/zFz0ZI0L3KnCIAC/QTN/eTzNnnRDilFMr78SQtpjKbY2Xys0GozuDYJaUiy2MibeJiKRWCBWL5wEngd29qt63S4= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715041613; c=relaxed/simple; bh=4NauqpMm0tV7vKEFnZFk1JYhRBUi68Bv+sS/I2VSX58=; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject: To:Cc:Content-Type; b=Hd/SHZcXQFYHIrID8sZC4q7PmdgB8vuV+w6nY5BmZPfSkXtxmN8jCzu4790ZvlkOGQ7n95dqMo8FLab9QEDGJJCLrPtyI0Hp2Db7qVFuBQ3xvZtAY/8ZJGVl0D/7yZOpgMVxhOWiO2Qs8wwwNU5RVy/znxyFydgfZCU47h26FTM= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=Cfj0lzen; arc=none smtp.client-ip=209.85.128.47 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Received: by mail-wm1-f47.google.com with SMTP id 5b1f17b1804b1-41b79450f78so17151665e9.2; Mon, 06 May 2024 17:26:51 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1715041610; x=1715646410; darn=vger.kernel.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=9vmtqOjRdDWAeYSRYS6X1pfJX7nQFvEEJNEhNJnhAZM=; b=Cfj0lzenSqmNM59YRPZ0FJqN9Iw/a+RK9SY70TXXlymuVk9gbOQThFuixEPxWrr52S Tg/NEfjx77P5yCBFjTFFy/hYg8UVakJ5MiPh62Zq0sGArjLnRVCTMyxOYwWhsxsynCZ/ XmQoPjsB5aaKsH1iUjf7XK/EnBTmjzN7uNN3wgh5uwjIc/ENpdLhowHFS6mnWaaK3JXa NSfEBXE9QJ1lQddxC2XnlGrRJ2SUp6qUuDVqEztkNGD/w7R1YINx4mEdxeTggsgaTG2o IzJrWkDXBXiDeBApi0bD3XXO9TJqx3m9UaCZsVrLnPDqaNYJ5nsiDF+eUN3Jm4t9Eox6 rVXw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1715041610; x=1715646410; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=9vmtqOjRdDWAeYSRYS6X1pfJX7nQFvEEJNEhNJnhAZM=; b=UcuDnuvfm65/JxtRlSDLx31Q784iobThykrrrG/EBeKTuY96bkvlv8UVa40dUD+jIK vMhso5zE8hV5mOpR/xkEBTeYKi4ptRH76/+uaizcY6GrgFStEBbnpij8pTQjOCVRcX4P GmBYpngfu5JawQU20akG8ZxZC2GVC/YTIvc4g+6+P7TlbvTyujrrqL7JF2JemLGyTWj3 DLc2FiwI7vcsIH12Z5k7mfAhOdmeXXNHFJMyXtduaR+7I4l9VDmDFjA8+ij4R1qiWGue 8lhbqxnlOpWzUIMveDmnN262y5HZHzyU403Rfnht+K6A1REVGNDmw2o3ER8pfAAKB7Xy wdxg== X-Forwarded-Encrypted: i=1; AJvYcCUySgI0aKaeWRdccClEixayn2EjtPR2CmX1Xg3KSBue0W6UMCtwwQFW3m+OGnrspSE2onEZ4f6DcEfmPkCce1jfDpoY8r2DpBkYOwvVppFWgK7iJL8w1MRBBLvn7r65xK6/ X-Gm-Message-State: AOJu0Yz/1iWiJ2pmc97uGgsiMrHLI2Y8peTemlvss5RatHC84ief2qbJ ZcFb7w/HyMpFemUP2gtSQwgXjWvLlbgvU/cMj0gf/47HOmmJztbqgKG8eAU8eG7jeZPSdDOTvQa ezjDFk5HVx7YAxbOruFwJjci7F+I= X-Received: by 2002:a05:6000:1379:b0:34a:7a97:caa1 with SMTP id q25-20020a056000137900b0034a7a97caa1mr11885263wrz.2.1715041609631; Mon, 06 May 2024 17:26:49 -0700 (PDT) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 References: <20240422-sleepable_array_progs-v1-1-7c46ccbaa6e2@kernel.org> <7344022a-6f59-7cbf-ee45-6b7d59114be6@iogearbox.net> <35nbgxc7hqyef3iobfvhbftxtbxb3dfz574gbba4kwvbo6os4v@sya7ul5i6mmd> In-Reply-To: From: Alexei Starovoitov Date: Mon, 6 May 2024 17:26:38 -0700 Message-ID: Subject: Re: [PATCH] bpf: verifier: allow arrays of progs to be used in sleepable context To: Benjamin Tissoires Cc: Daniel Borkmann , Alexei Starovoitov , John Fastabend , Andrii Nakryiko , Martin KaFai Lau , Eduard Zingerman , Song Liu , Yonghong Song , KP Singh , Stanislav Fomichev , Hao Luo , Jiri Olsa , bpf , LKML Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Tue, Apr 30, 2024 at 3:03=E2=80=AFAM Benjamin Tissoires wrote: > > > Right now, what I am doing is (in simplified pseudo code): > - in a bpf program, the user calls hid_bpf_attach_prog(hid_device, progra= m_fd) > where program fd is a tracing program on a never executed function > but this allows to know the type of program to run > - the kernel stores that program into a dedicated prog array bpf_map > pre-loaded at boot time > - when a event comes in, the kernel walks through the list of attached > programs, calls __hid_bpf_tail_call() and there is a tracing program > attached to it that just do the bpf_tail_call. > > This works and is simple enough from the user point of view, but is > rather inefficient and clunky from the kernel point of view IMO. > > The freplace mechnism would definitely work if I had a tracing-like > function to call, where I need to run the program any time the function > gets called. But given that I want per-device filtering, I'm not sure > how I could make this work. But given that I need to enable or not the > bpf_program, I'm not sure how I could make it work from the kernel point > of view. > > I tried using a simple bpf_prog_run() (which is exactly what I need in > the end) but I couldn't really convince the bpf verifier that the > provided context is a struct hid_bpf_ctx kernel pointer, and it felt not > quite right. > > So after seeing how the bpf_wq worked internally, and how simple it is > now to call a bpf program from the kernel as a simple function call, I > played around with allowing kfunc to declare async callback functions. > > I have a working prototype (probably not fully functional for all of the > cases), but I would like to know if you think it would be interesting to > have 3 new suffixes: > - "__async" for declaring an static bpf program that can be stored in > the kernel and which would be non sleepable > - "__s_async" same as before, but for sleepable operations > - "__aux" (or "__prog_aux") for that extra parameter to > bpf_wq_set_callback_impl() which contains the struct bpf_prog*. Sorry for the delay. I've been traveling. I don't quite understand how these suffixes will work. You mean arguments of kfuncs to tell kfunc that an argument is a pointer to async callback? Sort-of generalization of is_async_callback_calling_kfunc() ? I cannot connect the dots. Feels dangerous to open up bpf prog calling to arbitrary kfuncs. wq/timer/others are calling progs with: callback_fn((u64)(long)map, (u64)(long)key, (u64)(long)value, 0, 0)= ; I feel we'll struggle to code review kfuncs that do such things. Plus all prog life time management concerns. wq/timer do careful bpf_prog_put/get dance. > (I still don't have the __aux yet FWIW) > > The way I'm doing it is looking at the btf information to fetch the > signature of the parameters of the callback, this way we can declare any > callback without having to teach the verifier of is arguments (5 max). > > Is this something you would be comfortable with or is there a simpler > mechanism already in place to call the bpf programs from the kernel > without the ctx limitations? "ctx limitations" you mean 5 args? Have you looked at struct_ops ? It can have any number of args. Maybe declare struct_ops in hid and let user space provide struct_ops progs= ? > I can also easily switch the bpf_wq specific cases in the verifier with > those suffixes. There are still one or two wq specifics I haven't > implemented through __s_async, but that would still makes things more > generic. > > Cheers, > Benjamin