From patchwork Wed Nov 21 13:17:32 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 151684 Delivered-To: patch@linaro.org Received: by 2002:a2e:299d:0:0:0:0:0 with SMTP id p29-v6csp1915195ljp; Wed, 21 Nov 2018 05:18:04 -0800 (PST) X-Google-Smtp-Source: AFSGD/WHD16lOMJrXaCdGmEuATMYayRfy6NWCgmN8hZYeO49LzL8GzxE6LL40p7vh3qoLodonL5V X-Received: by 2002:a17:902:b60a:: with SMTP id b10mr6371655pls.303.1542806284225; Wed, 21 Nov 2018 05:18:04 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1542806284; cv=none; d=google.com; s=arc-20160816; b=zJVB69XEXQLZudbB8u0I3wPk+dkdU9lXCjwxX1C0qiEtLQIYxQ3/0VaxDZ+0k4CmqR TK3lAGOsnkJACpL6EjrrbTbloNrtfYslzpib6UAimxrY2gd7yaxjjHqtvLucWo9h/EmU oP9bWTWxQsPpTIZa7lt0XoCXAmB4TW3oUF3gdhlS+gKRJTEloSpdkopW2999SSx8oKTg SjSdkZ1XGRPrjoOQV5xbKp0tpMLwF8TgddCGTd5JMkgYyKkuSK+StSFOZ3DKfVbLbzBt GHIJbCnAEys8gbcbOMS9pi120sc+O+xKcalI4xDUegt2OXJUsAQTf/ZZdsO8g64H/RoU MgOQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=AeOSRD17eI7lqQdKuzheZHr/lUeJ/wz4KokMFARTc+Y=; b=lhbZaNlREO72mMXf8ORZKYJAmItfePA9xoexnSQc91OPRh8g3fQA7ewPKNCRjgVyWO 7tsC//BGK8Qp7VGE08n8KJdkC0eTdq15cg8mvhkeO23COx7qXGgkxwhlaVT7sZFF+TG9 CNGzx4uJg5S6v82qGI5jp9H5Vgo8U/npGbc/ZvJiQ1uKe/EGzdfmooEP5OKpnsgMMfeQ xT9vVEURmTS3zswIhlOQRXu6oXHstWHqX8pqxYh+EdtW0WBufKOKDQBlpuHWdjU3hirj 3QruQLljY8vSwAv0dUPNfNBjS4mTYiVBnLf154ULhpWES+X6QTZSZDZyMo+8waLXgEyl s5xw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Ygh+2Lj5; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i2si46057035pgl.153.2018.11.21.05.17.54; Wed, 21 Nov 2018 05:18:04 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Ygh+2Lj5; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730958AbeKUXwH (ORCPT + 32 others); Wed, 21 Nov 2018 18:52:07 -0500 Received: from mail-ed1-f66.google.com ([209.85.208.66]:38512 "EHLO mail-ed1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1729128AbeKUXwF (ORCPT ); Wed, 21 Nov 2018 18:52:05 -0500 Received: by mail-ed1-f66.google.com with SMTP id h50so4855046ede.5 for ; Wed, 21 Nov 2018 05:17:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=AeOSRD17eI7lqQdKuzheZHr/lUeJ/wz4KokMFARTc+Y=; b=Ygh+2Lj5cEMg6oVN64CQcyFRQTdy0Md0J7EJggMJPoZO82mhFGh7Ps9P8enMqjisOH RBOrTlLg9N1r6t8KCP4czn0GWxphAenXXmY7T9ObCj5awEAdy7kIpypzhq21TotWc9mp NRCRN8pCMcOTDd0FPPr7ptyG7iFNuY2NX9MZc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=AeOSRD17eI7lqQdKuzheZHr/lUeJ/wz4KokMFARTc+Y=; b=iw/1IacLxIPYT0YJWFdsQDBr92VHRzPS/ptah6kowbWJImS9ecm1xGLTGTNFSMraqR ccxl8by/zCMjmgDVDpxpQh7CZPgATW2LkqHcjjn41WRD3vHPxGr+Ma9w4vfKl1rFkg3p Bx9B+0WJOPxr0kbCFpJu4kLB/EclQyKzn5W35sGnvsbdRsy8vJ8EAsBbcVBNKE1t7JnZ rV5nbHLCYD4DrEck+PEYYuVWfW6Pq4HS2Tztm26B+BD6ZBCNf6B3Qi5KyVKXO7/2SSMI EzxpOqjtnLztVNz54YqgtuLEN9DIxTIV0kvvONqUm71MpzMqBs/UWqG7K9q7HRIZFe7o gduw== X-Gm-Message-State: AGRZ1gJmzn2/kHPwEMpcYz0RW6dfxJYFIw/PG4zQ3W0PGw7MJ1Bcnqqi bQJF4F46IX2xFMQ81kS9rg1h8A== X-Received: by 2002:a17:906:4684:: with SMTP id a4-v6mr5210489ejr.24.1542806263663; Wed, 21 Nov 2018 05:17:43 -0800 (PST) Received: from mba13.wifi.ns.nl (dhcp-077-251-017-237.chello.nl. [77.251.17.237]) by smtp.gmail.com with ESMTPSA id f4sm11501597edb.21.2018.11.21.05.17.42 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 21 Nov 2018 05:17:42 -0800 (PST) From: Ard Biesheuvel To: linux-arm-kernel@lists.infradead.org Cc: Ard Biesheuvel , Daniel Borkmann , Alexei Starovoitov , Rick Edgecombe , Eric Dumazet , Jann Horn , Kees Cook , Jessica Yu , Arnd Bergmann , Catalin Marinas , Will Deacon , Mark Rutland , "David S. Miller" , linux-kernel@vger.kernel.org, netdev@vger.kernel.org Subject: [PATCH v2 1/2] bpf: add __weak hook for allocating executable memory Date: Wed, 21 Nov 2018 14:17:32 +0100 Message-Id: <20181121131733.14910-2-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20181121131733.14910-1-ard.biesheuvel@linaro.org> References: <20181121131733.14910-1-ard.biesheuvel@linaro.org> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org By default, BPF uses module_alloc() to allocate executable memory, but this is not necessary on all arches and potentially undesirable on some of them. So break out the module_alloc() and module_memfree() calls into __weak functions to allow them to be overridden in arch code. Signed-off-by: Ard Biesheuvel --- kernel/bpf/core.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) -- 2.17.1 diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c index 1a796e0799ec..f28d8a5eb6b8 100644 --- a/kernel/bpf/core.c +++ b/kernel/bpf/core.c @@ -609,6 +609,16 @@ static void bpf_jit_uncharge_modmem(u32 pages) atomic_long_sub(pages, &bpf_jit_current); } +void *__weak bpf_jit_alloc_exec(unsigned long size) +{ + return module_alloc(size); +} + +void __weak bpf_jit_free_exec(const void *addr) +{ + return module_memfree(size); +} + struct bpf_binary_header * bpf_jit_binary_alloc(unsigned int proglen, u8 **image_ptr, unsigned int alignment, @@ -626,7 +636,7 @@ bpf_jit_binary_alloc(unsigned int proglen, u8 **image_ptr, if (bpf_jit_charge_modmem(pages)) return NULL; - hdr = module_alloc(size); + hdr = bpf_jit_alloc_exec(size); if (!hdr) { bpf_jit_uncharge_modmem(pages); return NULL; @@ -650,7 +660,7 @@ void bpf_jit_binary_free(struct bpf_binary_header *hdr) { u32 pages = hdr->pages; - module_memfree(hdr); + bpf_jit_free_exec(hdr); bpf_jit_uncharge_modmem(pages); } From patchwork Wed Nov 21 13:17:33 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ard Biesheuvel X-Patchwork-Id: 151685 Delivered-To: patch@linaro.org Received: by 2002:a2e:299d:0:0:0:0:0 with SMTP id p29-v6csp1915429ljp; Wed, 21 Nov 2018 05:18:14 -0800 (PST) X-Google-Smtp-Source: AFSGD/Wt5S78YwDKi7eo4LHIwZnsrC7+nswZmC77FFh5+1bQ/NEsE15/l72DodnjH2bb9gdlNV4I X-Received: by 2002:a17:902:64c1:: with SMTP id y1mr6720247pli.64.1542806294430; Wed, 21 Nov 2018 05:18:14 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1542806294; cv=none; d=google.com; s=arc-20160816; b=v9YnDlcVqhPnoaL8npHCmpdtECNUp12UzFBeOLvhFgjTWzPmqbZN1ibDF10bpM/HML 0bfHPXt5XDHKXgnjQ6bciK239q0/kbQoAqP+hdCpwvS5ahxmo1ikVtKWpXTdhIWhtktr WCU9nvwB+tU3mj4dXPYVciyBdb2U9Ay+xv9ELWd759thAYrAPxzm7oq6BuVpjlXdcYCN qv0DncqZQHAtbQgelv6gmY+ob+rDYmDrXzP+rEbhQlIov/PC6wuLyNqCf6xv5DVv+rqQ bmUamKPRYgmRl9NuoVDlsOR2cDEKkydnGUFdxVKUzD/ZQ+HjmcjDyW9T9IjwhvKxDfaj nVbA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature; bh=MYs0Qup+kKVUQb/IfUObkJlJ+Fjala9xEnkQB4UC89I=; b=WVp368lHWyAySyuRnMhi83hZx9sqhmfeiSK4+7ppYb/HFf76uBzhN32VPO8Wv1uzpf 02+i5hB46mURUT9/JUNro4CQH0fiiR34mxA2ZA2NFjVv0EFDSU6CZ3Q88aKWigrEPf3K qxAk4Hja3CyM1WqvyzfGAcII0+6birmTslRnQLwu5DrLv74L8CZ2nNG8PPkwaHxM/VmD 2VuJG7vh389E2+i0dh/ZZSwJkjQDtkVILLRq0bWes6lh3FcdTVKx+MyoKzO4ZjCtG55Q y+lUkRE/AVSOiyJClaDhtAadg1F8Umhagl2z14a61mSfLoedbJNAMwaLynAzuaYwr7U9 kDNg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="Kr8MbQ/F"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id i2si46057035pgl.153.2018.11.21.05.18.04; Wed, 21 Nov 2018 05:18:14 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="Kr8MbQ/F"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1730976AbeKUXwJ (ORCPT + 32 others); Wed, 21 Nov 2018 18:52:09 -0500 Received: from mail-ed1-f66.google.com ([209.85.208.66]:42977 "EHLO mail-ed1-f66.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1730934AbeKUXwH (ORCPT ); Wed, 21 Nov 2018 18:52:07 -0500 Received: by mail-ed1-f66.google.com with SMTP id j6so4843348edp.9 for ; Wed, 21 Nov 2018 05:17:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=MYs0Qup+kKVUQb/IfUObkJlJ+Fjala9xEnkQB4UC89I=; b=Kr8MbQ/F6Y/x9T5DEV283Q4otL3mpHVSySGp6QGGdlFneYPQCIcZ81V3nFFm5gbfvk /h4YrvBiNU8HxM5HNsH9vWbygI7GLzDiHMGg/3nM/a2a5sGZ1ewObuZ2xAGLvURd0qA0 Rap+LMykouLcOMjSe+5TJ43OAV43KpYfLl9gM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=MYs0Qup+kKVUQb/IfUObkJlJ+Fjala9xEnkQB4UC89I=; b=HWoRv2gfLWbDINoIAfNo534ayxup4tBAWsXIdFnxvWl9K+VjMWWVgXrmEDOs0QEr1s jIGT9OVi2AoTQyoohLRgzBuZM8A3+5wW29YTd7q9DGNpg042M5GmD325Fl7O9I9ckP82 X+pmnEezcobILIjvEfhrXX4M2wtJPYzL+/Sem9c+EI4Z0ga1vwFyimDL9YXYZRHVIymv qLVlT6B2niq3q94K1zXFrhRMW6ccrFz8d1ajyBQ3w8TlKq9I6WYtQ5eI8LK2PyLU24MZ 3M1e03DllM7+LzNMaEPYXVcCJXcOMlo9G1EeWuR4cN7SGSg1g2JVtpUvaiCFb9oV/kyd v27w== X-Gm-Message-State: AA+aEWaylZu4QqdgUJArYl/+POASGGsVOHaM8bInqdqJUiKRyhrMKka4 P3xxRQyqQek9s1ozs2O8U7AHmw== X-Received: by 2002:a50:8c21:: with SMTP id p30-v6mr5754586edp.34.1542806265016; Wed, 21 Nov 2018 05:17:45 -0800 (PST) Received: from mba13.wifi.ns.nl (dhcp-077-251-017-237.chello.nl. [77.251.17.237]) by smtp.gmail.com with ESMTPSA id f4sm11501597edb.21.2018.11.21.05.17.43 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 21 Nov 2018 05:17:44 -0800 (PST) From: Ard Biesheuvel To: linux-arm-kernel@lists.infradead.org Cc: Ard Biesheuvel , Daniel Borkmann , Alexei Starovoitov , Rick Edgecombe , Eric Dumazet , Jann Horn , Kees Cook , Jessica Yu , Arnd Bergmann , Catalin Marinas , Will Deacon , Mark Rutland , "David S. Miller" , linux-kernel@vger.kernel.org, netdev@vger.kernel.org Subject: [PATCH v2 2/2] arm64/bpf: don't allocate BPF JIT programs in module memory Date: Wed, 21 Nov 2018 14:17:33 +0100 Message-Id: <20181121131733.14910-3-ard.biesheuvel@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20181121131733.14910-1-ard.biesheuvel@linaro.org> References: <20181121131733.14910-1-ard.biesheuvel@linaro.org> Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The arm64 module region is a 128 MB region that is kept close to the core kernel, in order to ensure that relative branches are always in range. So using the same region for programs that do not have this restriction is wasteful, and preferably avoided. Now that the core BPF JIT code permits the alloc/free routines to be overridden, implement them by simple vmalloc_exec()/vfree() calls, which can be served from anywere. This also solves an issue under KASAN, where shadow memory is needlessly allocated for all BPF programs (which don't require KASAN shadow pages since they are not KASAN instrumented) Signed-off-by: Ard Biesheuvel --- arch/arm64/net/bpf_jit_comp.c | 10 ++++++++++ 1 file changed, 10 insertions(+) -- 2.17.1 diff --git a/arch/arm64/net/bpf_jit_comp.c b/arch/arm64/net/bpf_jit_comp.c index a6fdaea07c63..f91b7c157841 100644 --- a/arch/arm64/net/bpf_jit_comp.c +++ b/arch/arm64/net/bpf_jit_comp.c @@ -940,3 +940,13 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *prog) tmp : orig_prog); return prog; } + +void *bpf_jit_alloc_exec(unsigned long size) +{ + return vmalloc_exec(size); +} + +void bpf_jit_free_exec(const void *addr) +{ + return vfree(size); +}