This patchset is very much similar to Yonghong's patchset on adding __user tagging [1], where a "user" btf_type_tag was introduced to describe __user memory pointers. Similar approach can be applied on __percpu pointers. The __percpu attribute in kernel is used to identify pointers that point to memory allocated in percpu region. Normally, accessing __percpu memory requires using special functions like per_cpu_ptr() etc. Directly accessing __percpu pointer is meaningless. Currently vmlinux BTF does not have a way to differentiate a __percpu pointer from a regular pointer. So BPF programs are allowed to load __percpu memory directly, which is an incorrect behavior. With the previous work that encodes __user information in BTF, a nice framework has been set up to allow us to encode __percpu information in BTF and let the verifier to reject programs that try to directly access percpu pointer. Previously, there is a PTR_TO_PERCPU_BTF_ID reg type which is used to represent those percpu static variables in the kernel. Pahole is able to collect variables that are stored in ".data..percpu" section in the kernel image and emit BTF information for those variables. The bpf_per_cpu_ptr() and bpf_this_cpu_ptr() helper functions were added to access these variables. Now with __percpu information, we can tag those __percpu fields in a struct (such as cgroup->rstat_cpu) and allow the pair of bpf percpu helpers to access them as well. In addition to adding __percpu tagging, this patchset also fixes a harmless bug in the previous patch that introduced __user. Patch 01/04 is for that. Patch 02/04 adds the new attribute "percpu". Patch 03/04 adds MEM_PERCPU tag for PTR_TO_BTF_ID and replaces PTR_TO_PERCPU_BTF_ID with (BTF_ID | MEM_PERCPU). Patch 04/04 refactors the btf_tag test a bit and adds tests for percpu tag. Like [1], the minimal requirements for btf_type_tag is clang (>= clang14) and pahole (>= 1.23). [1] https://lore.kernel.org/bpf/20211220015110.3rqxk5qwub3pa2gh@xxxxxxxxxxxxxxxxxxxxxxxxxxxx/t/ Hao Luo (4): bpf: Fix checking PTR_TO_BTF_ID in check_mem_access compiler_types: define __percpu as __attribute__((btf_type_tag("percpu"))) bpf: Reject programs that try to load __percpu memory. selftests/bpf: Add a test for btf_type_tag "percpu" include/linux/bpf.h | 11 +- include/linux/compiler_types.h | 7 +- kernel/bpf/btf.c | 8 +- kernel/bpf/verifier.c | 27 +-- .../selftests/bpf/bpf_testmod/bpf_testmod.c | 17 ++ .../selftests/bpf/prog_tests/btf_tag.c | 164 ++++++++++++++---- .../selftests/bpf/progs/btf_type_tag_percpu.c | 66 +++++++ 7 files changed, 256 insertions(+), 44 deletions(-) create mode 100644 tools/testing/selftests/bpf/progs/btf_type_tag_percpu.c -- 2.35.1.616.g0bdcbb4464-goog