linux/tools
Alexei Starovoitov 317460317a bpf: Introduce bpf_arena.
Introduce bpf_arena, which is a sparse shared memory region between the bpf
program and user space.

Use cases:
1. User space mmap-s bpf_arena and uses it as a traditional mmap-ed
   anonymous region, like memcached or any key/value storage. The bpf
   program implements an in-kernel accelerator. XDP prog can search for
   a key in bpf_arena and return a value without going to user space.
2. The bpf program builds arbitrary data structures in bpf_arena (hash
   tables, rb-trees, sparse arrays), while user space consumes it.
3. bpf_arena is a "heap" of memory from the bpf program's point of view.
   The user space may mmap it, but bpf program will not convert pointers
   to user base at run-time to improve bpf program speed.

Initially, the kernel vm_area and user vma are not populated. User space
can fault in pages within the range. While servicing a page fault,
bpf_arena logic will insert a new page into the kernel and user vmas. The
bpf program can allocate pages from that region via
bpf_arena_alloc_pages(). This kernel function will insert pages into the
kernel vm_area. The subsequent fault-in from user space will populate that
page into the user vma. The BPF_F_SEGV_ON_FAULT flag at arena creation time
can be used to prevent fault-in from user space. In such a case, if a page
is not allocated by the bpf program and not present in the kernel vm_area,
the user process will segfault. This is useful for use cases 2 and 3 above.

bpf_arena_alloc_pages() is similar to user space mmap(). It allocates pages
either at a specific address within the arena or allocates a range with the
maple tree. bpf_arena_free_pages() is analogous to munmap(), which frees
pages and removes the range from the kernel vm_area and from user process
vmas.

bpf_arena can be used as a bpf program "heap" of up to 4GB. The speed of
bpf program is more important than ease of sharing with user space. This is
use case 3. In such a case, the BPF_F_NO_USER_CONV flag is recommended.
It will tell the verifier to treat the rX = bpf_arena_cast_user(rY)
instruction as a 32-bit move wX = wY, which will improve bpf prog
performance. Otherwise, bpf_arena_cast_user is translated by JIT to
conditionally add the upper 32 bits of user vm_start (if the pointer is not
NULL) to arena pointers before they are stored into memory. This way, user
space sees them as valid 64-bit pointers.

Diff https://github.com/llvm/llvm-project/pull/84410 enables LLVM BPF
backend generate the bpf_addr_space_cast() instruction to cast pointers
between address_space(1) which is reserved for bpf_arena pointers and
default address space zero. All arena pointers in a bpf program written in
C language are tagged as __attribute__((address_space(1))). Hence, clang
provides helpful diagnostics when pointers cross address space. Libbpf and
the kernel support only address_space == 1. All other address space
identifiers are reserved.

rX = bpf_addr_space_cast(rY, /* dst_as */ 1, /* src_as */ 0) tells the
verifier that rX->type = PTR_TO_ARENA. Any further operations on
PTR_TO_ARENA register have to be in the 32-bit domain. The verifier will
mark load/store through PTR_TO_ARENA with PROBE_MEM32. JIT will generate
them as kern_vm_start + 32bit_addr memory accesses. The behavior is similar
to copy_from_kernel_nofault() except that no address checks are necessary.
The address is guaranteed to be in the 4GB range. If the page is not
present, the destination register is zeroed on read, and the operation is
ignored on write.

rX = bpf_addr_space_cast(rY, 0, 1) tells the verifier that rX->type =
unknown scalar. If arena->map_flags has BPF_F_NO_USER_CONV set, then the
verifier converts such cast instructions to mov32. Otherwise, JIT will emit
native code equivalent to:
rX = (u32)rY;
if (rY)
  rX |= clear_lo32_bits(arena->user_vm_start); /* replace hi32 bits in rX */

After such conversion, the pointer becomes a valid user pointer within
bpf_arena range. The user process can access data structures created in
bpf_arena without any additional computations. For example, a linked list
built by a bpf program can be walked natively by user space.

Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Reviewed-by: Barret Rhoden <brho@google.com>
Link: https://lore.kernel.org/bpf/20240308010812.89848-2-alexei.starovoitov@gmail.com
2024-03-11 15:37:23 -07:00
..
accounting
arch work around gcc bugs with 'asm goto' with outputs 2024-02-09 15:57:48 -08:00
bootconfig
bpf bpftool: rename is_internal_mmapable_map into is_mmapable_map 2024-03-07 14:58:48 -08:00
build perf cs-etm: Bump minimum OpenCSD version to ensure a bugfix is present 2023-11-27 10:21:27 -03:00
certs
cgroup samples: introduce new samples subdir for cgroup 2023-12-10 16:51:54 -08:00
counter tools/counter: Remove unneeded semicolon 2023-12-20 11:43:31 -05:00
crypto crypto: tcrypt - add script tcrypt_speed_compare.py 2023-12-29 11:25:55 +08:00
debugging
edid
firewire
firmware
gpio
hv hv/hv_kvp_daemon: Some small fixes for handling NM keyfiles 2023-11-10 23:27:46 +00:00
iio iio: add modifiers for A and B ultraviolet light 2023-12-04 13:57:24 +00:00
include bpf: Introduce bpf_arena. 2024-03-11 15:37:23 -07:00
kvm/kvm_stat
laptop
leds
lib libbpf: Allow specifying 64-bit integers in map BTF. 2024-03-07 14:58:48 -08:00
memory-model
mm tools/mm: update the usage output to be more organized 2023-10-18 14:34:19 -07:00
net/ynl Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-02-29 14:24:56 -08:00
objtool Address a GCC-14 warning: there's no real bug, but indeed the calloc order doesn't match 2024-01-08 18:31:27 -08:00
pci
pcmcia
perf perf evlist: Fix evlist__new_default() for > 1 core PMU 2024-01-30 11:40:28 -03:00
power tools cpupower bench: Override CFLAGS assignments 2024-01-21 16:57:51 -07:00
rcu
scripts tools/build: Fix -s detection code in tools/scripts/Makefile.include 2023-10-18 15:29:47 -07:00
spi
testing selftests/bpf: Add fexit and kretprobe triggering benchmarks 2024-03-11 17:00:00 +01:00
thermal tools/thermal/tmon: Fix compilation warning for wrong format 2024-01-02 09:33:19 +01:00
time
tracing tools/rtla: Exit with EXIT_SUCCESS when help is invoked 2024-02-12 10:59:09 +01:00
usb
verification tools/rv: Fix curr_reactor uninitialized variable 2024-02-12 09:58:36 +01:00
virtio tools/virtio: Add dma sync api for virtio test 2023-10-16 05:32:23 -04:00
wmi
workqueue
Makefile