On Fri, Feb 11, 2022 at 9:20 AM Toke Høiland-Jørgensen <toke@xxxxxxxxxx> wrote: > > Andrii Nakryiko <andrii.nakryiko@xxxxxxxxx> writes: > > > On Thu, Feb 10, 2022 at 2:01 AM Michal Suchánek <msuchanek@xxxxxxx> wrote: > >> > >> Hello, > >> > >> On Mon, Jan 31, 2022 at 09:36:44AM -0800, Yonghong Song wrote: > >> > > >> > > >> > On 1/27/22 7:10 AM, Shung-Hsi Yu wrote: > >> > > Hi, > >> > > > >> > > We recently run into module load failure related to split BTF on openSUSE > >> > > Tumbleweed[1], which I believe is something that may also happen on other > >> > > rolling distros. > >> > > > >> > > The error looks like the follow (though failure is not limited to ipheth) > >> > > > >> > > BPF:[103111] STRUCT BPF:size=152 vlen=2 BPF: BPF:Invalid name BPF: > >> > > > >> > > failed to validate module [ipheth] BTF: -22 > >> > > > >> > > The error comes down to trying to load BTF of *kernel modules from a > >> > > different build* than the runtime kernel (but the source is the same), where > >> > > the base BTF of the two build is different. > >> > > > >> > > While it may be too far stretched to call this a bug, solving this might > >> > > make BTF adoption easier. I'd natively think that we could further split > >> > > base BTF into two part to avoid this issue, where .BTF only contain exported > >> > > types, and the other (still residing in vmlinux) holds the unexported types. > >> > > >> > What is the exported types? The types used by export symbols? > >> > This for sure will increase btf handling complexity. > >> > >> And it will not actually help. > >> > >> We have modversion ABI which checks the checksum of the symbols that the > >> module imports and fails the load if the checksum for these symbols does > >> not match. It's not concerned with symbols not exported, it's not > >> concerned with symbols not used by the module. This is something that is > >> sustainable across kernel rebuilds with minor fixes/features and what > >> distributions watch for. > >> > >> Now with BTF the situation is vastly different. There are at least three > >> bugs: > >> > >> - The BTF check is global for all symbols, not for the symbols the > >> module uses. This is not sustainable. Given the BTF is supposed to > >> allow linking BPF programs that were built in completely different > >> environment with the kernel it is completely within the scope of BTF > >> to solve this problem, it's just neglected. > > > > You refer to BTF use in CO-RE with the latter. It's just one > > application of BTF and it doesn't follow that you can do the same with > > module BTF. It's not a neglect, it's a very big technical difficulty. > > > > Each module's BTFs are designed as logical extensions of vmlinux BTF. > > And each module BTF is independent and isolated from other modules > > extension of the same vmlinux BTF. The way that BTF format is > > designed, any tiny difference in vmlinux BTF effectively invalidates > > all modules' BTFs and they have to be rebuilt. > > > > Imagine that only one BTF type is added to vmlinux BTF. Last BTF type > > ID in vmlinux BTF is shifted from, say, 1000 to 1001. While previously > > every module's BTF type ID started with 1001, now they all have to > > start with 1002 and be shifted by 1. > > > > Now let's say that the order of two BTF types in vmlinux BTF is > > changed, say type 10 becomes type 20 and type 20 becomes type 10 (just > > because of slight difference in DWARF, for instance). Any type > > reference to 10 or 20 in any module BTF has to be renumbered now. > > > > Another one, let's say we add a new string to vmlinux BTF string > > section somewhere at the beginning, say "abc" at offset 100. Any > > string offset after 100 now has to be shifted *both* in vmlinux BTF > > and all module BTFs. And also any string reference in module BTFs have > > to be adjusted as well because now each module's BTF's logical string > > offset is starting at 4 logical bytes higher (due to "abc\0" being > > added and shifting everything right). > > > > As you can see, any tiny change in vmlinux BTF, no matter where, > > beginning, middle, or end, causes massive changes in type IDs and > > offsets everywhere. It's impractical to do any local adjustments, it's > > much simpler and more reliable to completely regenerate BTF > > completely. > > This seems incredibly brittle, though? IIUC this means that if you want > BTF in your modules you *must* have not only the kernel headers of the > kernel it's going to run on, but the full BTF information for the exact
