[bpf-next v2] bpf: drop deprecated bpf_jit_enable == 2
Tonghao Zhang
tong at infragraf.org
Fri Jan 6 23:05:22 AEDT 2023
> On Jan 6, 2023, at 1:53 AM, Christophe Leroy <christophe.leroy at csgroup.eu> wrote:
>
>
>
> Le 05/01/2023 à 04:06, tong at infragraf.org <mailto:tong at infragraf.org> a écrit :
>> From: Tonghao Zhang <tong at infragraf.org>
>>
>> The x86_64 can't dump the valid insn in this way. A test BPF prog
>> which include subprog:
>>
>> $ llvm-objdump -d subprog.o
>> Disassembly of section .text:
>> 0000000000000000 <subprog>:
>> 0: 18 01 00 00 73 75 62 70 00 00 00 00 72 6f 67 00 r1 = 29114459903653235 ll
>> 2: 7b 1a f8 ff 00 00 00 00 *(u64 *)(r10 - 8) = r1
>> 3: bf a1 00 00 00 00 00 00 r1 = r10
>> 4: 07 01 00 00 f8 ff ff ff r1 += -8
>> 5: b7 02 00 00 08 00 00 00 r2 = 8
>> 6: 85 00 00 00 06 00 00 00 call 6
>> 7: 95 00 00 00 00 00 00 00 exit
>> Disassembly of section raw_tp/sys_enter:
>> 0000000000000000 <entry>:
>> 0: 85 10 00 00 ff ff ff ff call -1
>> 1: b7 00 00 00 00 00 00 00 r0 = 0
>> 2: 95 00 00 00 00 00 00 00 exit
>>
>> kernel print message:
>> [ 580.775387] flen=8 proglen=51 pass=3 image=ffffffffa000c20c from=kprobe-load pid=1643
>> [ 580.777236] JIT code: 00000000: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc
>> [ 580.779037] JIT code: 00000010: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc
>> [ 580.780767] JIT code: 00000020: cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc cc
>> [ 580.782568] JIT code: 00000030: cc cc cc
>>
>> $ bpf_jit_disasm
>> 51 bytes emitted from JIT compiler (pass:3, flen:8)
>> ffffffffa000c20c + <x>:
>> 0: int3
>> 1: int3
>> 2: int3
>> 3: int3
>> 4: int3
>> 5: int3
>> ...
>>
>> Until bpf_jit_binary_pack_finalize is invoked, we copy rw_header to header
>> and then image/insn is valid. BTW, we can use the "bpftool prog dump" JITed instructions.
>
> NACK.
>
> Because the feature is buggy on x86_64, you remove it for all
> architectures ?
>
> On powerpc bpf_jit_enable == 2 works and is very usefull.
>
> Last time I tried to use bpftool on powerpc/32 it didn't work. I don't
> remember the details, I think it was an issue with endianess. Maybe it
> is fixed now, but it needs to be verified.
I think bpftool may dump the jited insn too.
> So please, before removing a working and usefull feature, make sure
> there is an alternative available to it for all architectures in all
> configurations.
>
> Also, I don't think bpftool is usable to dump kernel BPF selftests.
Why bpftool does’t work for you ? I think this is a core function for bpf. If you can dump the jited insn using bpf_jit_enable == 2, you should
dump the inns tool, while in selftest case.
Alexei any thoughts?
> That's vital when a selftest fails if you want to have a chance to
> understand why it fails.
> Thanks
> Christophe
>
>>
>> Signed-off-by: Tonghao Zhang <tong at infragraf.org>
>> Suggested-by: Alexei Starovoitov <ast at kernel.org>
>> Cc: Alexei Starovoitov <ast at kernel.org>
>> Cc: Daniel Borkmann <daniel at iogearbox.net>
>> Cc: Andrii Nakryiko <andrii at kernel.org>
>> Cc: Martin KaFai Lau <martin.lau at linux.dev>
>> Cc: Song Liu <song at kernel.org>
>> Cc: Yonghong Song <yhs at fb.com>
>> Cc: John Fastabend <john.fastabend at gmail.com>
>> Cc: KP Singh <kpsingh at kernel.org>
>> Cc: Stanislav Fomichev <sdf at google.com>
>> Cc: Hao Luo <haoluo at google.com>
>> Cc: Jiri Olsa <jolsa at kernel.org>
>> Cc: Hou Tao <houtao1 at huawei.com>
>> ---
>> Documentation/admin-guide/sysctl/net.rst | 1 +
>> Documentation/networking/filter.rst | 98 +------
>> arch/arm/net/bpf_jit_32.c | 4 -
>> arch/arm64/net/bpf_jit_comp.c | 4 -
>> arch/loongarch/net/bpf_jit.c | 4 -
>> arch/mips/net/bpf_jit_comp.c | 3 -
>> arch/powerpc/net/bpf_jit_comp.c | 11 -
>> arch/riscv/net/bpf_jit_core.c | 3 -
>> arch/s390/net/bpf_jit_comp.c | 4 -
>> arch/sparc/net/bpf_jit_comp_32.c | 3 -
>> arch/sparc/net/bpf_jit_comp_64.c | 13 -
>> arch/x86/net/bpf_jit_comp.c | 3 -
>> arch/x86/net/bpf_jit_comp32.c | 3 -
>> net/core/sysctl_net_core.c | 12 +-
>> tools/bpf/.gitignore | 1 -
>> tools/bpf/Makefile | 10 +-
>> tools/bpf/bpf_jit_disasm.c | 332 -----------------------
>> 17 files changed, 9 insertions(+), 500 deletions(-)
>> delete mode 100644 tools/bpf/bpf_jit_disasm.c
>>
>> diff --git a/Documentation/admin-guide/sysctl/net.rst b/Documentation/admin-guide/sysctl/net.rst
>> index 6394f5dc2303..82ca05ca6ed0 100644
>> --- a/Documentation/admin-guide/sysctl/net.rst
>> +++ b/Documentation/admin-guide/sysctl/net.rst
>> @@ -88,6 +88,7 @@ Values:
>> - 0 - disable the JIT (default value)
>> - 1 - enable the JIT
>> - 2 - enable the JIT and ask the compiler to emit traces on kernel log.
>> + (deprecated since v6.3, use ``bpftool prog dump jited id <id>`` instead)
>>
>> bpf_jit_harden
>> --------------
>> diff --git a/Documentation/networking/filter.rst b/Documentation/networking/filter.rst
>> index f69da5074860..5f51c050e88f 100644
>> --- a/Documentation/networking/filter.rst
>> +++ b/Documentation/networking/filter.rst
>> @@ -520,102 +520,8 @@ been previously enabled by root::
>>
>> echo 1 > /proc/sys/net/core/bpf_jit_enable
>>
>> -For JIT developers, doing audits etc, each compile run can output the generated
>> -opcode image into the kernel log via::
>> -
>> - echo 2 > /proc/sys/net/core/bpf_jit_enable
>> -
>> -Example output from dmesg::
>> -
>> - [ 3389.935842] flen=6 proglen=70 pass=3 image=ffffffffa0069c8f
>> - [ 3389.935847] JIT code: 00000000: 55 48 89 e5 48 83 ec 60 48 89 5d f8 44 8b 4f 68
>> - [ 3389.935849] JIT code: 00000010: 44 2b 4f 6c 4c 8b 87 d8 00 00 00 be 0c 00 00 00
>> - [ 3389.935850] JIT code: 00000020: e8 1d 94 ff e0 3d 00 08 00 00 75 16 be 17 00 00
>> - [ 3389.935851] JIT code: 00000030: 00 e8 28 94 ff e0 83 f8 01 75 07 b8 ff ff 00 00
>> - [ 3389.935852] JIT code: 00000040: eb 02 31 c0 c9 c3
>> -
>> -When CONFIG_BPF_JIT_ALWAYS_ON is enabled, bpf_jit_enable is permanently set to 1 and
>> -setting any other value than that will return in failure. This is even the case for
>> -setting bpf_jit_enable to 2, since dumping the final JIT image into the kernel log
>> -is discouraged and introspection through bpftool (under tools/bpf/bpftool/) is the
>> -generally recommended approach instead.
>> -
>> -In the kernel source tree under tools/bpf/, there's bpf_jit_disasm for
>> -generating disassembly out of the kernel log's hexdump::
>> -
>> - # ./bpf_jit_disasm
>> - 70 bytes emitted from JIT compiler (pass:3, flen:6)
>> - ffffffffa0069c8f + <x>:
>> - 0: push %rbp
>> - 1: mov %rsp,%rbp
>> - 4: sub $0x60,%rsp
>> - 8: mov %rbx,-0x8(%rbp)
>> - c: mov 0x68(%rdi),%r9d
>> - 10: sub 0x6c(%rdi),%r9d
>> - 14: mov 0xd8(%rdi),%r8
>> - 1b: mov $0xc,%esi
>> - 20: callq 0xffffffffe0ff9442
>> - 25: cmp $0x800,%eax
>> - 2a: jne 0x0000000000000042
>> - 2c: mov $0x17,%esi
>> - 31: callq 0xffffffffe0ff945e
>> - 36: cmp $0x1,%eax
>> - 39: jne 0x0000000000000042
>> - 3b: mov $0xffff,%eax
>> - 40: jmp 0x0000000000000044
>> - 42: xor %eax,%eax
>> - 44: leaveq
>> - 45: retq
>> -
>> - Issuing option `-o` will "annotate" opcodes to resulting assembler
>> - instructions, which can be very useful for JIT developers:
>> -
>> - # ./bpf_jit_disasm -o
>> - 70 bytes emitted from JIT compiler (pass:3, flen:6)
>> - ffffffffa0069c8f + <x>:
>> - 0: push %rbp
>> - 55
>> - 1: mov %rsp,%rbp
>> - 48 89 e5
>> - 4: sub $0x60,%rsp
>> - 48 83 ec 60
>> - 8: mov %rbx,-0x8(%rbp)
>> - 48 89 5d f8
>> - c: mov 0x68(%rdi),%r9d
>> - 44 8b 4f 68
>> - 10: sub 0x6c(%rdi),%r9d
>> - 44 2b 4f 6c
>> - 14: mov 0xd8(%rdi),%r8
>> - 4c 8b 87 d8 00 00 00
>> - 1b: mov $0xc,%esi
>> - be 0c 00 00 00
>> - 20: callq 0xffffffffe0ff9442
>> - e8 1d 94 ff e0
>> - 25: cmp $0x800,%eax
>> - 3d 00 08 00 00
>> - 2a: jne 0x0000000000000042
>> - 75 16
>> - 2c: mov $0x17,%esi
>> - be 17 00 00 00
>> - 31: callq 0xffffffffe0ff945e
>> - e8 28 94 ff e0
>> - 36: cmp $0x1,%eax
>> - 83 f8 01
>> - 39: jne 0x0000000000000042
>> - 75 07
>> - 3b: mov $0xffff,%eax
>> - b8 ff ff 00 00
>> - 40: jmp 0x0000000000000044
>> - eb 02
>> - 42: xor %eax,%eax
>> - 31 c0
>> - 44: leaveq
>> - c9
>> - 45: retq
>> - c3
>> -
>> -For BPF JIT developers, bpf_jit_disasm, bpf_asm and bpf_dbg provides a useful
>> -toolchain for developing and testing the kernel's JIT compiler.
>> +For JIT developers, doing audits etc, should use `bpftool prog dump` to
>> +veiw the JIT generated opcode image.
>>
>> BPF kernel internals
>> --------------------
>> diff --git a/arch/arm/net/bpf_jit_32.c b/arch/arm/net/bpf_jit_32.c
>> index 6a1c9fca5260..39301d59b537 100644
>> --- a/arch/arm/net/bpf_jit_32.c
>> +++ b/arch/arm/net/bpf_jit_32.c
>> @@ -1999,10 +1999,6 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *prog)
>> }
>> flush_icache_range((u32)header, (u32)(ctx.target + ctx.idx));
>>
>> - if (bpf_jit_enable > 1)
>> - /* there are 2 passes here */
>> - bpf_jit_dump(prog->len, image_size, 2, ctx.target);
>> -
>> bpf_jit_binary_lock_ro(header);
>> prog->bpf_func = (void *)ctx.target;
>> prog->jited = 1;
>> diff --git a/arch/arm64/net/bpf_jit_comp.c b/arch/arm64/net/bpf_jit_comp.c
>> index 62f805f427b7..59c35b4d77b7 100644
>> --- a/arch/arm64/net/bpf_jit_comp.c
>> +++ b/arch/arm64/net/bpf_jit_comp.c
>> @@ -1567,10 +1567,6 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *prog)
>> goto out_off;
>> }
>>
>> - /* And we're done. */
>> - if (bpf_jit_enable > 1)
>> - bpf_jit_dump(prog->len, prog_size, 2, ctx.image);
>> -
>> bpf_flush_icache(header, ctx.image + ctx.idx);
>>
>> if (!prog->is_func || extra_pass) {
>> diff --git a/arch/loongarch/net/bpf_jit.c b/arch/loongarch/net/bpf_jit.c
>> index bdcd0c7719a9..ea37f52faa6e 100644
>> --- a/arch/loongarch/net/bpf_jit.c
>> +++ b/arch/loongarch/net/bpf_jit.c
>> @@ -1123,10 +1123,6 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *prog)
>> goto out_offset;
>> }
>>
>> - /* And we're done */
>> - if (bpf_jit_enable > 1)
>> - bpf_jit_dump(prog->len, image_size, 2, ctx.image);
>> -
>> /* Update the icache */
>> flush_icache_range((unsigned long)header, (unsigned long)(ctx.image + ctx.idx));
>>
>> diff --git a/arch/mips/net/bpf_jit_comp.c b/arch/mips/net/bpf_jit_comp.c
>> index b17130d510d4..ccbb7c231cb0 100644
>> --- a/arch/mips/net/bpf_jit_comp.c
>> +++ b/arch/mips/net/bpf_jit_comp.c
>> @@ -1012,9 +1012,6 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *prog)
>> flush_icache_range((unsigned long)header,
>> (unsigned long)&ctx.target[ctx.jit_index]);
>>
>> - if (bpf_jit_enable > 1)
>> - bpf_jit_dump(prog->len, image_size, 2, ctx.target);
>> -
>> prog->bpf_func = (void *)ctx.target;
>> prog->jited = 1;
>> prog->jited_len = image_size;
>> diff --git a/arch/powerpc/net/bpf_jit_comp.c b/arch/powerpc/net/bpf_jit_comp.c
>> index 43e634126514..f0f7d8ff2022 100644
>> --- a/arch/powerpc/net/bpf_jit_comp.c
>> +++ b/arch/powerpc/net/bpf_jit_comp.c
>> @@ -262,20 +262,9 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *fp)
>> goto out_addrs;
>> }
>> bpf_jit_build_epilogue(code_base, &cgctx);
>> -
>> - if (bpf_jit_enable > 1)
>> - pr_info("Pass %d: shrink = %d, seen = 0x%x\n", pass,
>> - proglen - (cgctx.idx * 4), cgctx.seen);
>> }
>>
>> skip_codegen_passes:
>> - if (bpf_jit_enable > 1)
>> - /*
>> - * Note that we output the base address of the code_base
>> - * rather than image, since opcodes are in code_base.
>> - */
>> - bpf_jit_dump(flen, proglen, pass, code_base);
>> -
>> #ifdef CONFIG_PPC64_ELF_ABI_V1
>> /* Function descriptor nastiness: Address + TOC */
>> ((u64 *)image)[0] = (u64)code_base;
>> diff --git a/arch/riscv/net/bpf_jit_core.c b/arch/riscv/net/bpf_jit_core.c
>> index 737baf8715da..ff168c50d46a 100644
>> --- a/arch/riscv/net/bpf_jit_core.c
>> +++ b/arch/riscv/net/bpf_jit_core.c
>> @@ -151,9 +151,6 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *prog)
>> }
>> bpf_jit_build_epilogue(ctx);
>>
>> - if (bpf_jit_enable > 1)
>> - bpf_jit_dump(prog->len, prog_size, pass, ctx->insns);
>> -
>> prog->bpf_func = (void *)ctx->insns;
>> prog->jited = 1;
>> prog->jited_len = prog_size;
>> diff --git a/arch/s390/net/bpf_jit_comp.c b/arch/s390/net/bpf_jit_comp.c
>> index af35052d06ed..13d996e27602 100644
>> --- a/arch/s390/net/bpf_jit_comp.c
>> +++ b/arch/s390/net/bpf_jit_comp.c
>> @@ -1831,10 +1831,6 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *fp)
>> fp = orig_fp;
>> goto free_addrs;
>> }
>> - if (bpf_jit_enable > 1) {
>> - bpf_jit_dump(fp->len, jit.size, pass, jit.prg_buf);
>> - print_fn_code(jit.prg_buf, jit.size_prg);
>> - }
>> if (!fp->is_func || extra_pass) {
>> bpf_jit_binary_lock_ro(header);
>> } else {
>> diff --git a/arch/sparc/net/bpf_jit_comp_32.c b/arch/sparc/net/bpf_jit_comp_32.c
>> index a74e5004c6c8..08de0ed84831 100644
>> --- a/arch/sparc/net/bpf_jit_comp_32.c
>> +++ b/arch/sparc/net/bpf_jit_comp_32.c
>> @@ -743,9 +743,6 @@ cond_branch: f_offset = addrs[i + filter[i].jf];
>> oldproglen = proglen;
>> }
>>
>> - if (bpf_jit_enable > 1)
>> - bpf_jit_dump(flen, proglen, pass + 1, image);
>> -
>> if (image) {
>> fp->bpf_func = (void *)image;
>> fp->jited = 1;
>> diff --git a/arch/sparc/net/bpf_jit_comp_64.c b/arch/sparc/net/bpf_jit_comp_64.c
>> index fa0759bfe498..14c9e5ce4100 100644
>> --- a/arch/sparc/net/bpf_jit_comp_64.c
>> +++ b/arch/sparc/net/bpf_jit_comp_64.c
>> @@ -1549,16 +1549,6 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *prog)
>> }
>> build_epilogue(&ctx);
>>
>> - if (bpf_jit_enable > 1)
>> - pr_info("Pass %d: size = %u, seen = [%c%c%c%c%c%c]\n", pass,
>> - ctx.idx * 4,
>> - ctx.tmp_1_used ? '1' : ' ',
>> - ctx.tmp_2_used ? '2' : ' ',
>> - ctx.tmp_3_used ? '3' : ' ',
>> - ctx.saw_frame_pointer ? 'F' : ' ',
>> - ctx.saw_call ? 'C' : ' ',
>> - ctx.saw_tail_call ? 'T' : ' ');
>> -
>> if (ctx.idx * 4 == prev_image_size)
>> break;
>> prev_image_size = ctx.idx * 4;
>> @@ -1596,9 +1586,6 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *prog)
>> goto out_off;
>> }
>>
>> - if (bpf_jit_enable > 1)
>> - bpf_jit_dump(prog->len, image_size, pass, ctx.image);
>> -
>> bpf_flush_icache(header, (u8 *)header + header->size);
>>
>> if (!prog->is_func || extra_pass) {
>> diff --git a/arch/x86/net/bpf_jit_comp.c b/arch/x86/net/bpf_jit_comp.c
>> index e3e2b57e4e13..197ff8651a56 100644
>> --- a/arch/x86/net/bpf_jit_comp.c
>> +++ b/arch/x86/net/bpf_jit_comp.c
>> @@ -2551,9 +2551,6 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *prog)
>> cond_resched();
>> }
>>
>> - if (bpf_jit_enable > 1)
>> - bpf_jit_dump(prog->len, proglen, pass + 1, image);
>> -
>> if (image) {
>> if (!prog->is_func || extra_pass) {
>> /*
>> diff --git a/arch/x86/net/bpf_jit_comp32.c b/arch/x86/net/bpf_jit_comp32.c
>> index 429a89c5468b..ca53f20aca73 100644
>> --- a/arch/x86/net/bpf_jit_comp32.c
>> +++ b/arch/x86/net/bpf_jit_comp32.c
>> @@ -2597,9 +2597,6 @@ struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *prog)
>> cond_resched();
>> }
>>
>> - if (bpf_jit_enable > 1)
>> - bpf_jit_dump(prog->len, proglen, pass + 1, image);
>> -
>> if (image) {
>> bpf_jit_binary_lock_ro(header);
>> prog->bpf_func = (void *)image;
>> diff --git a/net/core/sysctl_net_core.c b/net/core/sysctl_net_core.c
>> index 5b1ce656baa1..562ace48e1c9 100644
>> --- a/net/core/sysctl_net_core.c
>> +++ b/net/core/sysctl_net_core.c
>> @@ -276,14 +276,10 @@ static int proc_dointvec_minmax_bpf_enable(struct ctl_table *table, int write,
>> tmp.data = &jit_enable;
>> ret = proc_dointvec_minmax(&tmp, write, buffer, lenp, ppos);
>> if (write && !ret) {
>> - if (jit_enable < 2 ||
>> - (jit_enable == 2 && bpf_dump_raw_ok(current_cred()))) {
>> - *(int *)table->data = jit_enable;
>> - if (jit_enable == 2)
>> - pr_warn("bpf_jit_enable = 2 was set! NEVER use this in production, only for JIT debugging!\n");
>> - } else {
>> - ret = -EPERM;
>> - }
>> + *(int *)table->data = jit_enable;
>> +
>> + if (jit_enable == 2)
>> + pr_warn_once("bpf_jit_enable == 2 was deprecated! Use bpftool prog dump instead.\n");
>> }
>>
>> if (write && ret && min == max)
>> diff --git a/tools/bpf/.gitignore b/tools/bpf/.gitignore
>> index cf53342175e7..5c70cfb9092e 100644
>> --- a/tools/bpf/.gitignore
>> +++ b/tools/bpf/.gitignore
>> @@ -4,4 +4,3 @@ feature
>> bpf_asm
>> bpf_dbg
>> bpf_exp.yacc.*
>> -bpf_jit_disasm
>> diff --git a/tools/bpf/Makefile b/tools/bpf/Makefile
>> index 243b79f2b451..9264d7b0edf6 100644
>> --- a/tools/bpf/Makefile
>> +++ b/tools/bpf/Makefile
>> @@ -74,14 +74,10 @@ $(OUTPUT)%.yacc.o: $(OUTPUT)%.yacc.c
>> $(OUTPUT)%.lex.o: $(OUTPUT)%.lex.c
>> $(QUIET_CC)$(CC) $(CFLAGS) -c -o $@ $<
>>
>> -PROGS = $(OUTPUT)bpf_jit_disasm $(OUTPUT)bpf_dbg $(OUTPUT)bpf_asm
>> +PROGS = $(OUTPUT)bpf_dbg $(OUTPUT)bpf_asm
>>
>> all: $(PROGS) bpftool runqslower
>>
>> -$(OUTPUT)bpf_jit_disasm: CFLAGS += -DPACKAGE='bpf_jit_disasm'
>> -$(OUTPUT)bpf_jit_disasm: $(OUTPUT)bpf_jit_disasm.o
>> - $(QUIET_LINK)$(CC) $(CFLAGS) -o $@ $^ -lopcodes -lbfd -ldl
>> -
>> $(OUTPUT)bpf_dbg: $(OUTPUT)bpf_dbg.o
>> $(QUIET_LINK)$(CC) $(CFLAGS) -o $@ $^ -lreadline
>>
>> @@ -94,16 +90,14 @@ $(OUTPUT)bpf_exp.lex.o: $(OUTPUT)bpf_exp.lex.c
>>
>> clean: bpftool_clean runqslower_clean resolve_btfids_clean
>> $(call QUIET_CLEAN, bpf-progs)
>> - $(Q)$(RM) -r -- $(OUTPUT)*.o $(OUTPUT)bpf_jit_disasm $(OUTPUT)bpf_dbg \
>> + $(Q)$(RM) -r -- $(OUTPUT)*.o $(OUTPUT)bpf_dbg \
>> $(OUTPUT)bpf_asm $(OUTPUT)bpf_exp.yacc.* $(OUTPUT)bpf_exp.lex.*
>> $(call QUIET_CLEAN, core-gen)
>> $(Q)$(RM) -- $(OUTPUT)FEATURE-DUMP.bpf
>> $(Q)$(RM) -r -- $(OUTPUT)feature
>>
>> install: $(PROGS) bpftool_install
>> - $(call QUIET_INSTALL, bpf_jit_disasm)
>> $(Q)$(INSTALL) -m 0755 -d $(DESTDIR)$(prefix)/bin
>> - $(Q)$(INSTALL) $(OUTPUT)bpf_jit_disasm $(DESTDIR)$(prefix)/bin/bpf_jit_disasm
>> $(call QUIET_INSTALL, bpf_dbg)
>> $(Q)$(INSTALL) $(OUTPUT)bpf_dbg $(DESTDIR)$(prefix)/bin/bpf_dbg
>> $(call QUIET_INSTALL, bpf_asm)
>> diff --git a/tools/bpf/bpf_jit_disasm.c b/tools/bpf/bpf_jit_disasm.c
>> deleted file mode 100644
>> index a90a5d110f92..000000000000
>> --- a/tools/bpf/bpf_jit_disasm.c
>> +++ /dev/null
>> @@ -1,332 +0,0 @@
>> -// SPDX-License-Identifier: GPL-2.0-only
>> -/*
>> - * Minimal BPF JIT image disassembler
>> - *
>> - * Disassembles BPF JIT compiler emitted opcodes back to asm insn's for
>> - * debugging or verification purposes.
>> - *
>> - * To get the disassembly of the JIT code, do the following:
>> - *
>> - * 1) `echo 2 > /proc/sys/net/core/bpf_jit_enable`
>> - * 2) Load a BPF filter (e.g. `tcpdump -p -n -s 0 -i eth1 host 192.168.20.0/24`)
>> - * 3) Run e.g. `bpf_jit_disasm -o` to read out the last JIT code
>> - *
>> - * Copyright 2013 Daniel Borkmann <borkmann at redhat.com>
>> - */
>> -
>> -#include <stdint.h>
>> -#include <stdio.h>
>> -#include <stdlib.h>
>> -#include <assert.h>
>> -#include <unistd.h>
>> -#include <string.h>
>> -#include <bfd.h>
>> -#include <dis-asm.h>
>> -#include <regex.h>
>> -#include <fcntl.h>
>> -#include <sys/klog.h>
>> -#include <sys/types.h>
>> -#include <sys/stat.h>
>> -#include <limits.h>
>> -#include <tools/dis-asm-compat.h>
>> -
>> -#define CMD_ACTION_SIZE_BUFFER 10
>> -#define CMD_ACTION_READ_ALL 3
>> -
>> -static void get_exec_path(char *tpath, size_t size)
>> -{
>> - char *path;
>> - ssize_t len;
>> -
>> - snprintf(tpath, size, "/proc/%d/exe", (int) getpid());
>> - tpath[size - 1] = 0;
>> -
>> - path = strdup(tpath);
>> - assert(path);
>> -
>> - len = readlink(path, tpath, size);
>> - tpath[len] = 0;
>> -
>> - free(path);
>> -}
>> -
>> -static void get_asm_insns(uint8_t *image, size_t len, int opcodes)
>> -{
>> - int count, i, pc = 0;
>> - char tpath[PATH_MAX];
>> - struct disassemble_info info;
>> - disassembler_ftype disassemble;
>> - bfd *bfdf;
>> -
>> - memset(tpath, 0, sizeof(tpath));
>> - get_exec_path(tpath, sizeof(tpath));
>> -
>> - bfdf = bfd_openr(tpath, NULL);
>> - assert(bfdf);
>> - assert(bfd_check_format(bfdf, bfd_object));
>> -
>> - init_disassemble_info_compat(&info, stdout,
>> - (fprintf_ftype) fprintf,
>> - fprintf_styled);
>> - info.arch = bfd_get_arch(bfdf);
>> - info.mach = bfd_get_mach(bfdf);
>> - info.buffer = image;
>> - info.buffer_length = len;
>> -
>> - disassemble_init_for_target(&info);
>> -
>> -#ifdef DISASM_FOUR_ARGS_SIGNATURE
>> - disassemble = disassembler(info.arch,
>> - bfd_big_endian(bfdf),
>> - info.mach,
>> - bfdf);
>> -#else
>> - disassemble = disassembler(bfdf);
>> -#endif
>> - assert(disassemble);
>> -
>> - do {
>> - printf("%4x:\t", pc);
>> -
>> - count = disassemble(pc, &info);
>> -
>> - if (opcodes) {
>> - printf("\n\t");
>> - for (i = 0; i < count; ++i)
>> - printf("%02x ", (uint8_t) image[pc + i]);
>> - }
>> - printf("\n");
>> -
>> - pc += count;
>> - } while(count > 0 && pc < len);
>> -
>> - bfd_close(bfdf);
>> -}
>> -
>> -static char *get_klog_buff(unsigned int *klen)
>> -{
>> - int ret, len;
>> - char *buff;
>> -
>> - len = klogctl(CMD_ACTION_SIZE_BUFFER, NULL, 0);
>> - if (len < 0)
>> - return NULL;
>> -
>> - buff = malloc(len);
>> - if (!buff)
>> - return NULL;
>> -
>> - ret = klogctl(CMD_ACTION_READ_ALL, buff, len);
>> - if (ret < 0) {
>> - free(buff);
>> - return NULL;
>> - }
>> -
>> - *klen = ret;
>> - return buff;
>> -}
>> -
>> -static char *get_flog_buff(const char *file, unsigned int *klen)
>> -{
>> - int fd, ret, len;
>> - struct stat fi;
>> - char *buff;
>> -
>> - fd = open(file, O_RDONLY);
>> - if (fd < 0)
>> - return NULL;
>> -
>> - ret = fstat(fd, &fi);
>> - if (ret < 0 || !S_ISREG(fi.st_mode))
>> - goto out;
>> -
>> - len = fi.st_size + 1;
>> - buff = malloc(len);
>> - if (!buff)
>> - goto out;
>> -
>> - memset(buff, 0, len);
>> - ret = read(fd, buff, len - 1);
>> - if (ret <= 0)
>> - goto out_free;
>> -
>> - close(fd);
>> - *klen = ret;
>> - return buff;
>> -out_free:
>> - free(buff);
>> -out:
>> - close(fd);
>> - return NULL;
>> -}
>> -
>> -static char *get_log_buff(const char *file, unsigned int *klen)
>> -{
>> - return file ? get_flog_buff(file, klen) : get_klog_buff(klen);
>> -}
>> -
>> -static void put_log_buff(char *buff)
>> -{
>> - free(buff);
>> -}
>> -
>> -static uint8_t *get_last_jit_image(char *haystack, size_t hlen,
>> - unsigned int *ilen)
>> -{
>> - char *ptr, *pptr, *tmp;
>> - off_t off = 0;
>> - unsigned int proglen;
>> - int ret, flen, pass, ulen = 0;
>> - regmatch_t pmatch[1];
>> - unsigned long base;
>> - regex_t regex;
>> - uint8_t *image;
>> -
>> - if (hlen == 0)
>> - return NULL;
>> -
>> - ret = regcomp(®ex, "flen=[[:alnum:]]+ proglen=[[:digit:]]+ "
>> - "pass=[[:digit:]]+ image=[[:xdigit:]]+", REG_EXTENDED);
>> - assert(ret == 0);
>> -
>> - ptr = haystack;
>> - memset(pmatch, 0, sizeof(pmatch));
>> -
>> - while (1) {
>> - ret = regexec(®ex, ptr, 1, pmatch, 0);
>> - if (ret == 0) {
>> - ptr += pmatch[0].rm_eo;
>> - off += pmatch[0].rm_eo;
>> - assert(off < hlen);
>> - } else
>> - break;
>> - }
>> -
>> - ptr = haystack + off - (pmatch[0].rm_eo - pmatch[0].rm_so);
>> - ret = sscanf(ptr, "flen=%d proglen=%u pass=%d image=%lx",
>> - &flen, &proglen, &pass, &base);
>> - if (ret != 4) {
>> - regfree(®ex);
>> - return NULL;
>> - }
>> - if (proglen > 1000000) {
>> - printf("proglen of %d too big, stopping\n", proglen);
>> - return NULL;
>> - }
>> -
>> - image = malloc(proglen);
>> - if (!image) {
>> - printf("Out of memory\n");
>> - return NULL;
>> - }
>> - memset(image, 0, proglen);
>> -
>> - tmp = ptr = haystack + off;
>> - while ((ptr = strtok(tmp, "\n")) != NULL && ulen < proglen) {
>> - tmp = NULL;
>> - if (!strstr(ptr, "JIT code"))
>> - continue;
>> - pptr = ptr;
>> - while ((ptr = strstr(pptr, ":")))
>> - pptr = ptr + 1;
>> - ptr = pptr;
>> - do {
>> - image[ulen++] = (uint8_t) strtoul(pptr, &pptr, 16);
>> - if (ptr == pptr) {
>> - ulen--;
>> - break;
>> - }
>> - if (ulen >= proglen)
>> - break;
>> - ptr = pptr;
>> - } while (1);
>> - }
>> -
>> - assert(ulen == proglen);
>> - printf("%u bytes emitted from JIT compiler (pass:%d, flen:%d)\n",
>> - proglen, pass, flen);
>> - printf("%lx + <x>:\n", base);
>> -
>> - regfree(®ex);
>> - *ilen = ulen;
>> - return image;
>> -}
>> -
>> -static void usage(void)
>> -{
>> - printf("Usage: bpf_jit_disasm [...]\n");
>> - printf(" -o Also display related opcodes (default: off).\n");
>> - printf(" -O <file> Write binary image of code to file, don't disassemble to stdout.\n");
>> - printf(" -f <file> Read last image dump from file or stdin (default: klog).\n");
>> - printf(" -h Display this help.\n");
>> -}
>> -
>> -int main(int argc, char **argv)
>> -{
>> - unsigned int len, klen, opt, opcodes = 0;
>> - char *kbuff, *file = NULL;
>> - char *ofile = NULL;
>> - int ofd;
>> - ssize_t nr;
>> - uint8_t *pos;
>> - uint8_t *image = NULL;
>> -
>> - while ((opt = getopt(argc, argv, "of:O:")) != -1) {
>> - switch (opt) {
>> - case 'o':
>> - opcodes = 1;
>> - break;
>> - case 'O':
>> - ofile = optarg;
>> - break;
>> - case 'f':
>> - file = optarg;
>> - break;
>> - default:
>> - usage();
>> - return -1;
>> - }
>> - }
>> -
>> - bfd_init();
>> -
>> - kbuff = get_log_buff(file, &klen);
>> - if (!kbuff) {
>> - fprintf(stderr, "Could not retrieve log buffer!\n");
>> - return -1;
>> - }
>> -
>> - image = get_last_jit_image(kbuff, klen, &len);
>> - if (!image) {
>> - fprintf(stderr, "No JIT image found!\n");
>> - goto done;
>> - }
>> - if (!ofile) {
>> - get_asm_insns(image, len, opcodes);
>> - goto done;
>> - }
>> -
>> - ofd = open(ofile, O_WRONLY | O_CREAT | O_TRUNC, DEFFILEMODE);
>> - if (ofd < 0) {
>> - fprintf(stderr, "Could not open file %s for writing: ", ofile);
>> - perror(NULL);
>> - goto done;
>> - }
>> - pos = image;
>> - do {
>> - nr = write(ofd, pos, len);
>> - if (nr < 0) {
>> - fprintf(stderr, "Could not write data to %s: ", ofile);
>> - perror(NULL);
>> - goto done;
>> - }
>> - len -= nr;
>> - pos += nr;
>> - } while (len);
>> - close(ofd);
>> -
>> -done:
>> - put_log_buff(kbuff);
>> - free(image);
>> - return 0;
>> -}
>> --
>> 2.27.0
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ozlabs.org/pipermail/linuxppc-dev/attachments/20230106/bffd023d/attachment-0001.htm>
More information about the Linuxppc-dev
mailing list