From 77fb079dedee5c8c2fc0c2e3781769b5978ce4fe Mon Sep 17 00:00:00 2001 From: Paul Chaignon Date: Mon, 6 Nov 2023 20:21:56 +0100 Subject: sys/linux: describe call to BPF helper bpf_ringbuf_reserve Describe a full call to bpf_ringbuf_reserve, using the map type created in the previous commit. The test corresponds to this simple line: u64 *e; e = bpf_ringbuf_reserve(&rb, sizeof(*e), 0); [...] return e; The pointer returned by bpf_ringbuf_reserve is kept in R9. The goal is to keep it around so we can use it in other instructions later; several other helpers take a pointer to ringbuf data as argument. There's of course a risk that some instruction in between will clobber R9, but I don't know another way. R9 is at least safe for calls (only R1--R5 get clobbered). We expect the program loading to fail with EINVAL because we never release the reference to the ringbuf data. The verifier will therefore reject the program with: 0: R1=ctx(off=0,imm=0) R10=fp0 0: (18) r0 = 0x0 ; R0_w=0 2: (18) r1 = 0xffff984e4b55da00 ; R1_w=map_ptr(off=0,ks=0,vs=0,imm=0) 4: (b7) r2 = 20 ; R2_w=20 5: (b7) r3 = 0 ; R3_w=0 6: (85) call bpf_ringbuf_reserve#131 ; R0_w=ringbuf_mem_or_null(id=2,ref_obj_id=2,off=0,imm=0) refs=2 7: (bf) r9 = r0 ; R0_w=ringbuf_mem_or_null(id=2,ref_obj_id=2,off=0,imm=0) R9_w=ringbuf_mem_or_null(id=2,ref_obj_id=2,off=0,imm=0) refs=2 8: (95) exit Unreleased reference id=2 alloc_insn=6 Signed-off-by: Paul Chaignon --- sys/linux/bpf.txt.const | 1 + 1 file changed, 1 insertion(+) (limited to 'sys/linux/bpf.txt.const') diff --git a/sys/linux/bpf.txt.const b/sys/linux/bpf.txt.const index 4e55324c0..8091b3944 100644 --- a/sys/linux/bpf.txt.const +++ b/sys/linux/bpf.txt.const @@ -66,6 +66,7 @@ BPF_EXIST = 2 BPF_EXIT0 = 9 BPF_FLOW_DISSECTOR = 17 BPF_FUNC_INFO_SIZE = 8 +BPF_FUNC_ringbuf_reserve = 131 BPF_FUNC_snprintf = 165 BPF_FUNC_tail_call = 12 BPF_FUNC_trace_printk = 6 -- cgit mrf-deployment