• Sandipan Das's avatar
    bpf: get kernel symbol addresses via syscall · dbecd738
    Sandipan Das authored
    This adds new two new fields to struct bpf_prog_info. For
    multi-function programs, these fields can be used to pass
    a list of kernel symbol addresses for all functions in a
    given program to userspace using the bpf system call with
    the BPF_OBJ_GET_INFO_BY_FD command.
    
    When bpf_jit_kallsyms is enabled, we can get the address
    of the corresponding kernel symbol for a callee function
    and resolve the symbol's name. The address is determined
    by adding the value of the call instruction's imm field
    to __bpf_call_base. This offset gets assigned to the imm
    field by the verifier.
    
    For some architectures, such as powerpc64, the imm field
    is not large enough to hold this offset.
    
    We resolve this by:
    
    [1] Assigning the subprog id to the imm field of a call
        instruction in the verifier instead of the offset of
        the callee's symbol's address from __bpf_call_base.
    
    [2] Determining the address of a callee's corresponding
        symbol by using the imm field as an index for the
        list of kernel symbol addresses now available from
        the program info.
    Suggested-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
    Signed-off-by: default avatarSandipan Das <sandipan@linux.vnet.ibm.com>
    Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
    dbecd738
bpf.h 92.9 KB