On Fri, Mar 4, 2022 at 11:17 AM Hao Luo <haoluo@xxxxxxxxxx> wrote:
>
> This is similar to commit 7472d5a642c9 ("compiler_types: define __user as
> __attribute__((btf_type_tag("user")))"), where a type tag "user" was
> introduced to identify the pointers that point to user memory. With that
> change, the newest compile toolchain can encode __user information into
> vmlinux BTF, which can be used by the BPF verifier to enforce safe
> program behaviors.
>
> Similarly, we have __percpu attribute, which is mainly used to indicate
> memory is allocated in percpu region. The __percpu pointers in kernel
> are supposed to be used together with functions like per_cpu_ptr() and
> this_cpu_ptr(), which perform necessary calculation on the pointer's
> base address. Without the btf_type_tag introduced in this patch,
> __percpu pointers will be treated as regular memory pointers in vmlinux
> BTF and BPF programs are allowed to directly dereference them, generating
> incorrect behaviors. Now with "percpu" btf_type_tag, the BPF verifier is
> able to differentiate __percpu pointers from regular pointers and forbids
> unexpected behaviors like direct load.
>
> The following is an example similar to the one given in commit
> 7472d5a642c9:
>
> [$ ~] cat test.c
> #define __percpu __attribute__((btf_type_tag("percpu")))
> int foo(int __percpu *arg) {
> return *arg;
> }
> [$ ~] clang -O2 -g -c test.c
> [$ ~] pahole -JV test.o
> ...
> File test.o:
> [1] INT int size=4 nr_bits=32 encoding=SIGNED
> [2] TYPE_TAG percpu type_id=1
> [3] PTR (anon) type_id=2
> [4] FUNC_PROTO (anon) return=1 args=(3 arg)
> [5] FUNC foo type_id=4
> [$ ~]
>
> for the function argument "int __percpu *arg", its type is described as
> PTR -> TYPE_TAG(percpu) -> INT
> The kernel can use this information for bpf verification or other
> use cases.
>
> Like commit 7472d5a642c9, this feature requires clang (>= clang14) and
> pahole (>= 1.23).
>
> Cc: Yonghong Song <yhs@xxxxxx>
> Signed-off-by: Hao Luo <haoluo@xxxxxxxxxx>
> ---
> include/linux/compiler_types.h | 7 ++++++-
> 1 file changed, 6 insertions(+), 1 deletion(-)
>
> diff --git a/include/linux/compiler_types.h b/include/linux/compiler_types.h
> index 3f31ff400432..223abf43679a 100644
> --- a/include/linux/compiler_types.h
> +++ b/include/linux/compiler_types.h
> @@ -38,7 +38,12 @@ static inline void __chk_io_ptr(const volatile void __iomem *ptr) { }
> # define __user
> # endif
> # define __iomem
> -# define __percpu
> +# if defined(CONFIG_DEBUG_INFO_BTF) && defined(CONFIG_PAHOLE_HAS_BTF_TAG) && \
> + __has_attribute(btf_type_tag)
> +# define __percpu __attribute__((btf_type_tag("percpu")))
Maybe let's add
#if defined(CONFIG_DEBUG_INFO_BTF) &&
defined(CONFIG_PAHOLE_HAS_BTF_TAG) && __has_attribute(btf_type_tag)
#define BTF_TYPE_TAG(value) __attribute__((btf_type_tag(#value)))
#else
#define BTF_TYPE_TAG(value) /* nothing */
#endif
and use BTF_TYPE_TAG() macro unconditionally everywhere?
> +# else
> +# define __percpu
> +# endif
> # define __rcu
> # define __chk_user_ptr(x) (void)0
> # define __chk_io_ptr(x) (void)0
> --
> 2.35.1.616.g0bdcbb4464-goog
>
