[mirror_ubuntu-bionic-kernel.git] / kernel / bpf / offload.c

#include <linux/bpf.h>
#include <linux/bpf_verifier.h>
#include <linux/bug.h>
#include <linux/list.h>
#include <linux/netdevice.h>
#include <linux/printk.h>
#include <linux/rtnetlink.h>

/* protected by RTNL */
static LIST_HEAD(bpf_prog_offload_devs);

int bpf_prog_offload_init(struct bpf_prog *prog, union bpf_attr *attr)
{
	struct net *net = current->nsproxy->net_ns;
	struct bpf_dev_offload *offload;

	if (!capable(CAP_SYS_ADMIN))
		return -EPERM;

	if (attr->prog_flags)
		return -EINVAL;

	offload = kzalloc(sizeof(*offload), GFP_USER);
	if (!offload)
		return -ENOMEM;

	offload->prog = prog;
	init_waitqueue_head(&offload->verifier_done);

	rtnl_lock();
	offload->netdev = __dev_get_by_index(net, attr->prog_target_ifindex);
	if (!offload->netdev) {
		rtnl_unlock();
		kfree(offload);
		return -EINVAL;
	}

	prog->aux->offload = offload;
	list_add_tail(&offload->offloads, &bpf_prog_offload_devs);
	rtnl_unlock();

	return 0;
}

static int __bpf_offload_ndo(struct bpf_prog *prog, enum bpf_netdev_command cmd,
			     struct netdev_bpf *data)
{
	struct net_device *netdev = prog->aux->offload->netdev;

	ASSERT_RTNL();

	if (!netdev)
		return -ENODEV;
	if (!netdev->netdev_ops->ndo_bpf)
		return -EOPNOTSUPP;

	data->command = cmd;

	return netdev->netdev_ops->ndo_bpf(netdev, data);
}

int bpf_prog_offload_verifier_prep(struct bpf_verifier_env *env)
{
	struct netdev_bpf data = {};
	int err;

	data.verifier.prog = env->prog;

	rtnl_lock();
	err = __bpf_offload_ndo(env->prog, BPF_OFFLOAD_VERIFIER_PREP, &data);
	if (err)
		goto exit_unlock;

	env->dev_ops = data.verifier.ops;

	env->prog->aux->offload->dev_state = true;
	env->prog->aux->offload->verifier_running = true;
exit_unlock:
	rtnl_unlock();
	return err;
}

static void __bpf_prog_offload_destroy(struct bpf_prog *prog)
{
	struct bpf_dev_offload *offload = prog->aux->offload;
	struct netdev_bpf data = {};

	data.offload.prog = prog;

	if (offload->verifier_running)
		wait_event(offload->verifier_done, !offload->verifier_running);

	if (offload->dev_state)
		WARN_ON(__bpf_offload_ndo(prog, BPF_OFFLOAD_DESTROY, &data));

	offload->dev_state = false;
	list_del_init(&offload->offloads);
	offload->netdev = NULL;
}

void bpf_prog_offload_destroy(struct bpf_prog *prog)
{
	struct bpf_dev_offload *offload = prog->aux->offload;

	offload->verifier_running = false;
	wake_up(&offload->verifier_done);

	rtnl_lock();
	__bpf_prog_offload_destroy(prog);
	rtnl_unlock();

	kfree(offload);
}

static int bpf_prog_offload_translate(struct bpf_prog *prog)
{
	struct bpf_dev_offload *offload = prog->aux->offload;
	struct netdev_bpf data = {};
	int ret;

	data.offload.prog = prog;

	offload->verifier_running = false;
	wake_up(&offload->verifier_done);

	rtnl_lock();
	ret = __bpf_offload_ndo(prog, BPF_OFFLOAD_TRANSLATE, &data);
	rtnl_unlock();

	return ret;
}

static unsigned int bpf_prog_warn_on_exec(const void *ctx,
					  const struct bpf_insn *insn)
{
	WARN(1, "attempt to execute device eBPF program on the host!");
	return 0;
}

int bpf_prog_offload_compile(struct bpf_prog *prog)
{
	prog->bpf_func = bpf_prog_warn_on_exec;

	return bpf_prog_offload_translate(prog);
}

u32 bpf_prog_offload_ifindex(struct bpf_prog *prog)
{
	struct bpf_dev_offload *offload = prog->aux->offload;
	u32 ifindex;

	rtnl_lock();
	ifindex = offload->netdev ? offload->netdev->ifindex : 0;
	rtnl_unlock();

	return ifindex;
}

const struct bpf_prog_ops bpf_offload_prog_ops = {
};

static int bpf_offload_notification(struct notifier_block *notifier,
				    ulong event, void *ptr)
{
	struct net_device *netdev = netdev_notifier_info_to_dev(ptr);
	struct bpf_dev_offload *offload, *tmp;

	ASSERT_RTNL();

	switch (event) {
	case NETDEV_UNREGISTER:
		list_for_each_entry_safe(offload, tmp, &bpf_prog_offload_devs,
					 offloads) {
			if (offload->netdev == netdev)
				__bpf_prog_offload_destroy(offload->prog);
		}
		break;
	default:
		break;
	}
	return NOTIFY_OK;
}

static struct notifier_block bpf_offload_notifier = {
	.notifier_call = bpf_offload_notification,
};

static int __init bpf_offload_init(void)
{
	register_netdevice_notifier(&bpf_offload_notifier);
	return 0;
}

subsys_initcall(bpf_offload_init);
Commit	Line	Data
ab3f0063 JK	1	#include <linux/bpf.h>
	2	#include <linux/bpf_verifier.h>
	3	#include <linux/bug.h>
	4	#include <linux/list.h>
	5	#include <linux/netdevice.h>
	6	#include <linux/printk.h>
	7	#include <linux/rtnetlink.h>
	8
	9	/* protected by RTNL */
	10	static LIST_HEAD(bpf_prog_offload_devs);
	11
	12	int bpf_prog_offload_init(struct bpf_prog prog, union bpf_attr attr)
	13	{
	14	struct net *net = current->nsproxy->net_ns;
	15	struct bpf_dev_offload *offload;
	16
	17	if (!capable(CAP_SYS_ADMIN))
	18	return -EPERM;
	19
	20	if (attr->prog_flags)
	21	return -EINVAL;
	22
	23	offload = kzalloc(sizeof(*offload), GFP_USER);
	24	if (!offload)
	25	return -ENOMEM;
	26
	27	offload->prog = prog;
	28	init_waitqueue_head(&offload->verifier_done);
	29
	30	rtnl_lock();
	31	offload->netdev = __dev_get_by_index(net, attr->prog_target_ifindex);
	32	if (!offload->netdev) {
	33	rtnl_unlock();
	34	kfree(offload);
	35	return -EINVAL;
	36	}
	37
	38	prog->aux->offload = offload;
	39	list_add_tail(&offload->offloads, &bpf_prog_offload_devs);
	40	rtnl_unlock();
	41
	42	return 0;
	43	}
	44
	45	static int __bpf_offload_ndo(struct bpf_prog *prog, enum bpf_netdev_command cmd,
	46	struct netdev_bpf *data)
	47	{
	48	struct net_device *netdev = prog->aux->offload->netdev;
	49
	50	ASSERT_RTNL();
	51
	52	if (!netdev)
	53	return -ENODEV;
	54	if (!netdev->netdev_ops->ndo_bpf)
	55	return -EOPNOTSUPP;
	56
	57	data->command = cmd;
	58
	59	return netdev->netdev_ops->ndo_bpf(netdev, data);
	60	}
	61
	62	int bpf_prog_offload_verifier_prep(struct bpf_verifier_env *env)
	63	{
	64	struct netdev_bpf data = {};
65	int err;
66
67	data.verifier.prog = env->prog;
68
69	rtnl_lock();
70	err = __bpf_offload_ndo(env->prog, BPF_OFFLOAD_VERIFIER_PREP, &data);
71	if (err)
72	goto exit_unlock;
73
74	env->dev_ops = data.verifier.ops;
75
76	env->prog->aux->offload->dev_state = true;
77	env->prog->aux->offload->verifier_running = true;
78	exit_unlock:
79	rtnl_unlock();
80	return err;
81	}
82
83	static void __bpf_prog_offload_destroy(struct bpf_prog *prog)
84	{
85	struct bpf_dev_offload *offload = prog->aux->offload;
86	struct netdev_bpf data = {};
87
88	data.offload.prog = prog;
89
90	if (offload->verifier_running)
91	wait_event(offload->verifier_done, !offload->verifier_running);
92
93	if (offload->dev_state)
94	WARN_ON(__bpf_offload_ndo(prog, BPF_OFFLOAD_DESTROY, &data));
95
96	offload->dev_state = false;
97	list_del_init(&offload->offloads);
98	offload->netdev = NULL;
99	}
100
101	void bpf_prog_offload_destroy(struct bpf_prog *prog)
102	{
103	struct bpf_dev_offload *offload = prog->aux->offload;
104
105	offload->verifier_running = false;
106	wake_up(&offload->verifier_done);
107
108	rtnl_lock();
109	__bpf_prog_offload_destroy(prog);
110	rtnl_unlock();
111
112	kfree(offload);
113	}
114
115	static int bpf_prog_offload_translate(struct bpf_prog *prog)
116	{
117	struct bpf_dev_offload *offload = prog->aux->offload;
118	struct netdev_bpf data = {};
119	int ret;
120
121	data.offload.prog = prog;
122
123	offload->verifier_running = false;
124	wake_up(&offload->verifier_done);
125
126	rtnl_lock();
127	ret = __bpf_offload_ndo(prog, BPF_OFFLOAD_TRANSLATE, &data);
128	rtnl_unlock();
129
130	return ret;
131	}
132
133	static unsigned int bpf_prog_warn_on_exec(const void *ctx,
134	const struct bpf_insn *insn)
135	{
136	WARN(1, "attempt to execute device eBPF program on the host!");
137	return 0;
138	}
139
140	int bpf_prog_offload_compile(struct bpf_prog *prog)
141	{
142	prog->bpf_func = bpf_prog_warn_on_exec;
143
144	return bpf_prog_offload_translate(prog);
145	}
146
bd601b6a JK	147	u32 bpf_prog_offload_ifindex(struct bpf_prog *prog)
	148	{
	149	struct bpf_dev_offload *offload = prog->aux->offload;
	150	u32 ifindex;
	151
	152	rtnl_lock();
	153	ifindex = offload->netdev ? offload->netdev->ifindex : 0;
	154	rtnl_unlock();
	155
	156	return ifindex;
	157	}
	158
ab3f0063 JK	159	const struct bpf_prog_ops bpf_offload_prog_ops = {
	160	};
	161
	162	static int bpf_offload_notification(struct notifier_block *notifier,
	163	ulong event, void *ptr)
	164	{
	165	struct net_device *netdev = netdev_notifier_info_to_dev(ptr);
	166	struct bpf_dev_offload offload, tmp;
	167
	168	ASSERT_RTNL();
	169
	170	switch (event) {
	171	case NETDEV_UNREGISTER:
	172	list_for_each_entry_safe(offload, tmp, &bpf_prog_offload_devs,
	173	offloads) {
	174	if (offload->netdev == netdev)
	175	__bpf_prog_offload_destroy(offload->prog);
	176	}
	177	break;
	178	default:
	179	break;
	180	}
	181	return NOTIFY_OK;
	182	}
	183
	184	static struct notifier_block bpf_offload_notifier = {
	185	.notifier_call = bpf_offload_notification,
	186	};
	187
	188	static int __init bpf_offload_init(void)
	189	{
	190	register_netdevice_notifier(&bpf_offload_notifier);
	191	return 0;
	192	}
	193
	194	subsys_initcall(bpf_offload_init);