kernel/bpf/helpers.c

   1 /* Copyright (c) 2011-2014 PLUMgrid, http://plumgrid.com
   2  *
   3  * This program is free software; you can redistribute it and/or
   4  * modify it under the terms of version 2 of the GNU General Public
   5  * License as published by the Free Software Foundation.
   6  *
   7  * This program is distributed in the hope that it will be useful, but
   8  * WITHOUT ANY WARRANTY; without even the implied warranty of
   9  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  10  * General Public License for more details.
  11  */
  12 #include <linux/bpf.h>
  13 #include <linux/rcupdate.h>
  14 #include <linux/random.h>
  15 #include <linux/smp.h>
  16 #include <linux/topology.h>
  17 #include <linux/ktime.h>
  18 #include <linux/sched.h>
  19 #include <linux/uidgid.h>
  20 #include <linux/filter.h>
  21
  22 /* If kernel subsystem is allowing eBPF programs to call this function,
  23  * inside its own verifier_ops->get_func_proto() callback it should return
  24  * bpf_map_lookup_elem_proto, so that verifier can properly check the arguments
  25  *
  26  * Different map implementations will rely on rcu in map methods
  27  * lookup/update/delete, therefore eBPF programs must run under rcu lock
  28  * if program is allowed to access maps, so check rcu_read_lock_held in
  29  * all three functions.
  30  */
  31 BPF_CALL_2(bpf_map_lookup_elem, struct bpf_map *, map, void *, key)
  32 {
  33         WARN_ON_ONCE(!rcu_read_lock_held());
  34         return (unsigned long) map->ops->map_lookup_elem(map, key);
  35 }
  36
  37 const struct bpf_func_proto bpf_map_lookup_elem_proto = {
  38         .func           = bpf_map_lookup_elem,
  39         .gpl_only       = false,
  40         .pkt_access     = true,
  41         .ret_type       = RET_PTR_TO_MAP_VALUE_OR_NULL,
  42         .arg1_type      = ARG_CONST_MAP_PTR,
  43         .arg2_type      = ARG_PTR_TO_MAP_KEY,
  44 };
  45
  46 BPF_CALL_4(bpf_map_update_elem, struct bpf_map *, map, void *, key,
  47            void *, value, u64, flags)
  48 {
  49         WARN_ON_ONCE(!rcu_read_lock_held());
  50         return map->ops->map_update_elem(map, key, value, flags);
  51 }
  52
  53 const struct bpf_func_proto bpf_map_update_elem_proto = {
  54         .func           = bpf_map_update_elem,
  55         .gpl_only       = false,
  56         .pkt_access     = true,
  57         .ret_type       = RET_INTEGER,
  58         .arg1_type      = ARG_CONST_MAP_PTR,
  59         .arg2_type      = ARG_PTR_TO_MAP_KEY,
  60         .arg3_type      = ARG_PTR_TO_MAP_VALUE,
  61         .arg4_type      = ARG_ANYTHING,
  62 };
  63
  64 BPF_CALL_2(bpf_map_delete_elem, struct bpf_map *, map, void *, key)
  65 {
  66         WARN_ON_ONCE(!rcu_read_lock_held());
  67         return map->ops->map_delete_elem(map, key);
  68 }
  69
  70 const struct bpf_func_proto bpf_map_delete_elem_proto = {
  71         .func           = bpf_map_delete_elem,
  72         .gpl_only       = false,
  73         .pkt_access     = true,
  74         .ret_type       = RET_INTEGER,
  75         .arg1_type      = ARG_CONST_MAP_PTR,
  76         .arg2_type      = ARG_PTR_TO_MAP_KEY,
  77 };
  78
  79 BPF_CALL_3(bpf_map_push_elem, struct bpf_map *, map, void *, value, u64, flags)
  80 {
  81         return map->ops->map_push_elem(map, value, flags);
  82 }
  83
  84 const struct bpf_func_proto bpf_map_push_elem_proto = {
  85         .func           = bpf_map_push_elem,
  86         .gpl_only       = false,
  87         .pkt_access     = true,
  88         .ret_type       = RET_INTEGER,
  89         .arg1_type      = ARG_CONST_MAP_PTR,
  90         .arg2_type      = ARG_PTR_TO_MAP_VALUE,
  91         .arg3_type      = ARG_ANYTHING,
  92 };
  93
  94 BPF_CALL_2(bpf_map_pop_elem, struct bpf_map *, map, void *, value)
  95 {
  96         return map->ops->map_pop_elem(map, value);
  97 }
  98
  99 const struct bpf_func_proto bpf_map_pop_elem_proto = {
 100         .func           = bpf_map_pop_elem,
 101         .gpl_only       = false,
 102         .pkt_access     = true,
 103         .ret_type       = RET_INTEGER,
 104         .arg1_type      = ARG_CONST_MAP_PTR,
 105         .arg2_type      = ARG_PTR_TO_UNINIT_MAP_VALUE,
 106 };
 107
 108 BPF_CALL_2(bpf_map_peek_elem, struct bpf_map *, map, void *, value)
 109 {
 110         return map->ops->map_peek_elem(map, value);
 111 }
 112
 113 const struct bpf_func_proto bpf_map_peek_elem_proto = {
 114         .func           = bpf_map_pop_elem,
 115         .gpl_only       = false,
 116         .pkt_access     = true,
 117         .ret_type       = RET_INTEGER,
 118         .arg1_type      = ARG_CONST_MAP_PTR,
 119         .arg2_type      = ARG_PTR_TO_UNINIT_MAP_VALUE,
 120 };
 121
 122 const struct bpf_func_proto bpf_get_prandom_u32_proto = {
 123         .func           = bpf_user_rnd_u32,
 124         .gpl_only       = false,
 125         .ret_type       = RET_INTEGER,
 126 };
 127
 128 BPF_CALL_0(bpf_get_smp_processor_id)
 129 {
 130         return smp_processor_id();
 131 }
 132
 133 const struct bpf_func_proto bpf_get_smp_processor_id_proto = {
 134         .func           = bpf_get_smp_processor_id,
 135         .gpl_only       = false,
 136         .ret_type       = RET_INTEGER,
 137 };
 138
 139 BPF_CALL_0(bpf_get_numa_node_id)
 140 {
 141         return numa_node_id();
 142 }
 143
 144 const struct bpf_func_proto bpf_get_numa_node_id_proto = {
 145         .func           = bpf_get_numa_node_id,
 146         .gpl_only       = false,
 147         .ret_type       = RET_INTEGER,
 148 };
 149
 150 BPF_CALL_0(bpf_ktime_get_ns)
 151 {
 152         /* NMI safe access to clock monotonic */
 153         return ktime_get_mono_fast_ns();
 154 }
 155
 156 const struct bpf_func_proto bpf_ktime_get_ns_proto = {
 157         .func           = bpf_ktime_get_ns,
 158         .gpl_only       = true,
 159         .ret_type       = RET_INTEGER,
 160 };
 161
 162 BPF_CALL_0(bpf_get_current_pid_tgid)
 163 {
 164         struct task_struct *task = current;
 165
 166         if (unlikely(!task))
 167                 return -EINVAL;
 168
 169         return (u64) task->tgid << 32 | task->pid;
 170 }
 171
 172 const struct bpf_func_proto bpf_get_current_pid_tgid_proto = {
 173         .func           = bpf_get_current_pid_tgid,
 174         .gpl_only       = false,
 175         .ret_type       = RET_INTEGER,
 176 };
 177
 178 BPF_CALL_0(bpf_get_current_uid_gid)
 179 {
 180         struct task_struct *task = current;
 181         kuid_t uid;
 182         kgid_t gid;
 183
 184         if (unlikely(!task))
 185                 return -EINVAL;
 186
 187         current_uid_gid(&uid, &gid);
 188         return (u64) from_kgid(&init_user_ns, gid) << 32 |
 189                      from_kuid(&init_user_ns, uid);
 190 }
 191
 192 const struct bpf_func_proto bpf_get_current_uid_gid_proto = {
 193         .func           = bpf_get_current_uid_gid,
 194         .gpl_only       = false,
 195         .ret_type       = RET_INTEGER,
 196 };
 197
 198 BPF_CALL_2(bpf_get_current_comm, char *, buf, u32, size)
 199 {
 200         struct task_struct *task = current;
 201
 202         if (unlikely(!task))
 203                 goto err_clear;
 204
 205         strncpy(buf, task->comm, size);
 206
 207         /* Verifier guarantees that size > 0. For task->comm exceeding
 208          * size, guarantee that buf is %NUL-terminated. Unconditionally
 209          * done here to save the size test.
 210          */
 211         buf[size - 1] = 0;
 212         return 0;
 213 err_clear:
 214         memset(buf, 0, size);
 215         return -EINVAL;
 216 }
 217
 218 const struct bpf_func_proto bpf_get_current_comm_proto = {
 219         .func           = bpf_get_current_comm,
 220         .gpl_only       = false,
 221         .ret_type       = RET_INTEGER,
 222         .arg1_type      = ARG_PTR_TO_UNINIT_MEM,
 223         .arg2_type      = ARG_CONST_SIZE,
 224 };
 225
 226 #ifdef CONFIG_CGROUPS
 227 BPF_CALL_0(bpf_get_current_cgroup_id)
 228 {
 229         struct cgroup *cgrp = task_dfl_cgroup(current);
 230
 231         return cgrp->kn->id.id;
 232 }
 233
 234 const struct bpf_func_proto bpf_get_current_cgroup_id_proto = {
 235         .func           = bpf_get_current_cgroup_id,
 236         .gpl_only       = false,
 237         .ret_type       = RET_INTEGER,
 238 };
 239
 240 #ifdef CONFIG_CGROUP_BPF
 241 DECLARE_PER_CPU(struct bpf_cgroup_storage*,
 242                 bpf_cgroup_storage[MAX_BPF_CGROUP_STORAGE_TYPE]);
 243
 244 BPF_CALL_2(bpf_get_local_storage, struct bpf_map *, map, u64, flags)
 245 {
 246         /* flags argument is not used now,
 247          * but provides an ability to extend the API.
 248          * verifier checks that its value is correct.
 249          */
 250         enum bpf_cgroup_storage_type stype = cgroup_storage_type(map);
 251         struct bpf_cgroup_storage *storage;
 252         void *ptr;
 253
 254         storage = this_cpu_read(bpf_cgroup_storage[stype]);
 255
 256         if (stype == BPF_CGROUP_STORAGE_SHARED)
 257                 ptr = &READ_ONCE(storage->buf)->data[0];
 258         else
 259                 ptr = this_cpu_ptr(storage->percpu_buf);
 260
 261         return (unsigned long)ptr;
 262 }
 263
 264 const struct bpf_func_proto bpf_get_local_storage_proto = {
 265         .func           = bpf_get_local_storage,
 266         .gpl_only       = false,
 267         .ret_type       = RET_PTR_TO_MAP_VALUE,
 268         .arg1_type      = ARG_CONST_MAP_PTR,
 269         .arg2_type      = ARG_ANYTHING,
 270 };
 271 #endif
 272 #endif