Home Explore Help
Sign In
OpenWrt
/
openwrt
mirror of https://github.com/openwrt/openwrt.git
2
0
Fork 0
Files Issues 0 Wiki
Branch: master
Branches Tags
openwrt
/
target
/
linux
/
loongarch64
/
patches-6.12
/
003-v6.17-loongArch-BPF-Add-dynamic-code-modification-support.patch

003-v6.17-loongArch-BPF-Add-dynamic-code-modification-support.patch 6.6 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240 
  1. From 9fbd18cf4c69f512f7de3ab73235078f3e32ecec Mon Sep 17 00:00:00 2001
    2. 

  2. From: Chenghao Duan <[email protected]>
    3. 

  3. Date: Tue, 5 Aug 2025 19:00:18 +0800
    4. 

  4. Subject: [PATCH 03/12] LoongArch: BPF: Add dynamic code modification support
    5. 

  5. 

  6. This commit adds support for BPF dynamic code modification on the
    7. 

  7. LoongArch architecture:
    8. 

  8. 1. Add bpf_arch_text_copy() for instruction block copying.
    9. 

  9. 2. Add bpf_arch_text_poke() for runtime instruction patching.
    10. 

  10. 3. Add bpf_arch_text_invalidate() for code invalidation.
    11. 

  11. 

  12. On LoongArch, since symbol addresses in the direct mapping region can't
    13. 

  13. be reached via relative jump instructions from the paged mapping region,
    14. 

  14. we use the move_imm+jirl instruction pair as absolute jump instructions.
    15. 

  15. These require 2-5 instructions, so we reserve 5 NOP instructions in the
    16. 

  16. program as placeholders for function jumps.
    17. 

  17. 

  18. The larch_insn_text_copy() function is solely used for BPF. And the use
    19. 

  19. of larch_insn_text_copy() requires PAGE_SIZE alignment. Currently, only
    20. 

  20. the size of the BPF trampoline is page-aligned.
    21. 

  21. 

  22. Co-developed-by: George Guo <[email protected]>
    23. 

  23. Signed-off-by: George Guo <[email protected]>
    24. 

  24. Signed-off-by: Chenghao Duan <[email protected]>
    25. 

  25. Signed-off-by: Huacai Chen <[email protected]>
    26. 

  26. ---
    27. 

  27.  arch/loongarch/include/asm/inst.h |   1 +
    28. 

  28.  arch/loongarch/kernel/inst.c      |  46 +++++++++++++
    29. 

  29.  arch/loongarch/net/bpf_jit.c      | 105 +++++++++++++++++++++++++++++-
    30. 

  30.  3 files changed, 151 insertions(+), 1 deletion(-)
    31. 

  31. 

  32. --- a/arch/loongarch/include/asm/inst.h
    33. 

  33. +++ b/arch/loongarch/include/asm/inst.h
    34. 

  34. @@ -502,6 +502,7 @@ void arch_simulate_insn(union loongarch_
    35. 

  35.  int larch_insn_read(void *addr, u32 *insnp);
    36. 

  36.  int larch_insn_write(void *addr, u32 insn);
    37. 

  37.  int larch_insn_patch_text(void *addr, u32 insn);
    38. 

  38. +int larch_insn_text_copy(void *dst, void *src, size_t len);
    39. 

  39.  
    40. 

  40.  u32 larch_insn_gen_nop(void);
    41. 

  41.  u32 larch_insn_gen_b(unsigned long pc, unsigned long dest);
    42. 

  42. --- a/arch/loongarch/kernel/inst.c
    43. 

  43. +++ b/arch/loongarch/kernel/inst.c
    44. 

  44. @@ -4,6 +4,8 @@
    45. 

  45.   */
    46. 

  46.  #include <linux/sizes.h>
    47. 

  47.  #include <linux/uaccess.h>
    48. 

  48. +#include <linux/set_memory.h>
    49. 

  49. +#include <linux/stop_machine.h>
    50. 

  50.  
    51. 

  51.  #include <asm/cacheflush.h>
    52. 

  52.  #include <asm/inst.h>
    53. 

  53. @@ -229,6 +231,50 @@ int larch_insn_patch_text(void *addr, u3
    54. 

  54.  
    55. 

  55.  	return ret;
    56. 

  56.  }
    57. 

  57. +
    58. 

  58. +struct insn_copy {
    59. 

  59. +	void *dst;
    60. 

  60. +	void *src;
    61. 

  61. +	size_t len;
    62. 

  62. +	unsigned int cpu;
    63. 

  63. +};
    64. 

  64. +
    65. 

  65. +static int text_copy_cb(void *data)
    66. 

  66. +{
    67. 

  67. +	int ret = 0;
    68. 

  68. +	struct insn_copy *copy = data;
    69. 

  69. +
    70. 

  70. +	if (smp_processor_id() == copy->cpu) {
    71. 

  71. +		ret = copy_to_kernel_nofault(copy->dst, copy->src, copy->len);
    72. 

  72. +		if (ret)
    73. 

  73. +			pr_err("%s: operation failed\n", __func__);
    74. 

  74. +	}
    75. 

  75. +
    76. 

  76. +	flush_icache_range((unsigned long)copy->dst, (unsigned long)copy->dst + copy->len);
    77. 

  77. +
    78. 

  78. +	return ret;
    79. 

  79. +}
    80. 

  80. +
    81. 

  81. +int larch_insn_text_copy(void *dst, void *src, size_t len)
    82. 

  82. +{
    83. 

  83. +	int ret = 0;
    84. 

  84. +	size_t start, end;
    85. 

  85. +	struct insn_copy copy = {
    86. 

  86. +		.dst = dst,
    87. 

  87. +		.src = src,
    88. 

  88. +		.len = len,
    89. 

  89. +		.cpu = smp_processor_id(),
    90. 

  90. +	};
    91. 

  91. +
    92. 

  92. +	start = round_down((size_t)dst, PAGE_SIZE);
    93. 

  93. +	end   = round_up((size_t)dst + len, PAGE_SIZE);
    94. 

  94. +
    95. 

  95. +	set_memory_rw(start, (end - start) / PAGE_SIZE);
    96. 

  96. +	ret = stop_machine(text_copy_cb, &copy, cpu_online_mask);
    97. 

  97. +	set_memory_rox(start, (end - start) / PAGE_SIZE);
    98. 

  98. +
    99. 

  99. +	return ret;
    100. 

  100. +}
    101. 

  101.  
    102. 

  102.  u32 larch_insn_gen_nop(void)
    103. 

  103.  {
    104. 

  104. --- a/arch/loongarch/net/bpf_jit.c
    105. 

  105. +++ b/arch/loongarch/net/bpf_jit.c
    106. 

  106. @@ -4,8 +4,12 @@
    107. 

  107.   *
    108. 

  108.   * Copyright (C) 2022 Loongson Technology Corporation Limited
    109. 

  109.   */
    110. 

  110. +#include <linux/memory.h>
    111. 

  111.  #include "bpf_jit.h"
    112. 

  112.  
    113. 

  113. +#define LOONGARCH_LONG_JUMP_NINSNS 5
    114. 

  114. +#define LOONGARCH_LONG_JUMP_NBYTES (LOONGARCH_LONG_JUMP_NINSNS * 4)
    115. 

  115. +
    116. 

  116.  #define REG_TCC		LOONGARCH_GPR_A6
    117. 

  117.  #define TCC_SAVED	LOONGARCH_GPR_S5
    118. 

  118.  
    119. 

  119. @@ -88,7 +92,7 @@ static u8 tail_call_reg(struct jit_ctx *
    120. 

  120.   */
    121. 

  121.  static void build_prologue(struct jit_ctx *ctx)
    122. 

  122.  {
    123. 

  123. -	int stack_adjust = 0, store_offset, bpf_stack_adjust;
    124. 

  124. +	int i, stack_adjust = 0, store_offset, bpf_stack_adjust;
    125. 

  125.  
    126. 

  126.  	bpf_stack_adjust = round_up(ctx->prog->aux->stack_depth, 16);
    127. 

  127.  
    128. 

  128. @@ -98,6 +102,10 @@ static void build_prologue(struct jit_ct
    129. 

  129.  	stack_adjust = round_up(stack_adjust, 16);
    130. 

  130.  	stack_adjust += bpf_stack_adjust;
    131. 

  131.  
    132. 

  132. +	/* Reserve space for the move_imm + jirl instruction */
    133. 

  133. +	for (i = 0; i < LOONGARCH_LONG_JUMP_NINSNS; i++)
    134. 

  134. +		emit_insn(ctx, nop);
    135. 

  135. +
    136. 

  136.  	/*
    137. 

  137.  	 * First instruction initializes the tail call count (TCC).
    138. 

  138.  	 * On tail call we skip this instruction, and the TCC is
    139. 

  139. @@ -1202,6 +1210,101 @@ static int validate_ctx(struct jit_ctx *
    140. 

  140.  	return 0;
    141. 

  141.  }
    142. 

  142.  
    143. 

  143. +static int emit_jump_and_link(struct jit_ctx *ctx, u8 rd, u64 target)
    144. 

  144. +{
    145. 

  145. +	if (!target) {
    146. 

  146. +		pr_err("bpf_jit: jump target address is error\n");
    147. 

  147. +		return -EFAULT;
    148. 

  148. +	}
    149. 

  149. +
    150. 

  150. +	move_imm(ctx, LOONGARCH_GPR_T1, target, false);
    151. 

  151. +	emit_insn(ctx, jirl, rd, LOONGARCH_GPR_T1, 0);
    152. 

  152. +
    153. 

  153. +	return 0;
    154. 

  154. +}
    155. 

  155. +
    156. 

  156. +static int emit_jump_or_nops(void *target, void *ip, u32 *insns, bool is_call)
    157. 

  157. +{
    158. 

  158. +	int i;
    159. 

  159. +	struct jit_ctx ctx;
    160. 

  160. +
    161. 

  161. +	ctx.idx = 0;
    162. 

  162. +	ctx.image = (union loongarch_instruction *)insns;
    163. 

  163. +
    164. 

  164. +	if (!target) {
    165. 

  165. +		for (i = 0; i < LOONGARCH_LONG_JUMP_NINSNS; i++)
    166. 

  166. +			emit_insn((&ctx), nop);
    167. 

  167. +		return 0;
    168. 

  168. +	}
    169. 

  169. +
    170. 

  170. +	return emit_jump_and_link(&ctx, is_call ? LOONGARCH_GPR_T0 : LOONGARCH_GPR_ZERO, (u64)target);
    171. 

  171. +}
    172. 

  172. +
    173. 

  173. +void *bpf_arch_text_copy(void *dst, void *src, size_t len)
    174. 

  174. +{
    175. 

  175. +	int ret;
    176. 

  176. +
    177. 

  177. +	mutex_lock(&text_mutex);
    178. 

  178. +	ret = larch_insn_text_copy(dst, src, len);
    179. 

  179. +	mutex_unlock(&text_mutex);
    180. 

  180. +
    181. 

  181. +	return ret ? ERR_PTR(-EINVAL) : dst;
    182. 

  182. +}
    183. 

  183. +
    184. 

  184. +int bpf_arch_text_poke(void *ip, enum bpf_text_poke_type poke_type,
    185. 

  185. +		       void *old_addr, void *new_addr)
    186. 

  186. +{
    187. 

  187. +	int ret;
    188. 

  188. +	bool is_call = (poke_type == BPF_MOD_CALL);
    189. 

  189. +	u32 old_insns[LOONGARCH_LONG_JUMP_NINSNS] = {[0 ... 4] = INSN_NOP};
    190. 

  190. +	u32 new_insns[LOONGARCH_LONG_JUMP_NINSNS] = {[0 ... 4] = INSN_NOP};
    191. 

  191. +
    192. 

  192. +	if (!is_kernel_text((unsigned long)ip) &&
    193. 

  193. +		!is_bpf_text_address((unsigned long)ip))
    194. 

  194. +		return -ENOTSUPP;
    195. 

  195. +
    196. 

  196. +	ret = emit_jump_or_nops(old_addr, ip, old_insns, is_call);
    197. 

  197. +	if (ret)
    198. 

  198. +		return ret;
    199. 

  199. +
    200. 

  200. +	if (memcmp(ip, old_insns, LOONGARCH_LONG_JUMP_NBYTES))
    201. 

  201. +		return -EFAULT;
    202. 

  202. +
    203. 

  203. +	ret = emit_jump_or_nops(new_addr, ip, new_insns, is_call);
    204. 

  204. +	if (ret)
    205. 

  205. +		return ret;
    206. 

  206. +
    207. 

  207. +	mutex_lock(&text_mutex);
    208. 

  208. +	if (memcmp(ip, new_insns, LOONGARCH_LONG_JUMP_NBYTES))
    209. 

  209. +		ret = larch_insn_text_copy(ip, new_insns, LOONGARCH_LONG_JUMP_NBYTES);
    210. 

  210. +	mutex_unlock(&text_mutex);
    211. 

  211. +
    212. 

  212. +	return ret;
    213. 

  213. +}
    214. 

  214. +
    215. 

  215. +int bpf_arch_text_invalidate(void *dst, size_t len)
    216. 

  216. +{
    217. 

  217. +	int i;
    218. 

  218. +	int ret = 0;
    219. 

  219. +	u32 *inst;
    220. 

  220. +
    221. 

  221. +	inst = kvmalloc(len, GFP_KERNEL);
    222. 

  222. +	if (!inst)
    223. 

  223. +		return -ENOMEM;
    224. 

  224. +
    225. 

  225. +	for (i = 0; i < (len / sizeof(u32)); i++)
    226. 

  226. +		inst[i] = INSN_BREAK;
    227. 

  227. +
    228. 

  228. +	mutex_lock(&text_mutex);
    229. 

  229. +	if (larch_insn_text_copy(dst, inst, len))
    230. 

  230. +		ret = -EINVAL;
    231. 

  231. +	mutex_unlock(&text_mutex);
    232. 

  232. +
    233. 

  233. +	kvfree(inst);
    234. 

  234. +
    235. 

  235. +	return ret;
    236. 

  236. +}
    237. 

  237. +
    238. 

  238.  struct bpf_prog *bpf_int_jit_compile(struct bpf_prog *prog)
    239. 

  239.  {
    240. 

  240.  	bool tmp_blinded = false, extra_pass = false;
    241.