2 #include <linux/bpf_verifier.h>
4 #include <linux/list.h>
5 #include <linux/netdevice.h>
6 #include <linux/printk.h>
7 #include <linux/rtnetlink.h>
9 /* protected by RTNL */
10 static LIST_HEAD(bpf_prog_offload_devs);
12 int bpf_prog_offload_init(struct bpf_prog *prog, union bpf_attr *attr)
14 struct net *net = current->nsproxy->net_ns;
15 struct bpf_dev_offload *offload;
17 if (attr->prog_type != BPF_PROG_TYPE_SCHED_CLS &&
18 attr->prog_type != BPF_PROG_TYPE_XDP)
24 offload = kzalloc(sizeof(*offload), GFP_USER);
29 init_waitqueue_head(&offload->verifier_done);
32 offload->netdev = __dev_get_by_index(net, attr->prog_ifindex);
33 if (!offload->netdev) {
39 prog->aux->offload = offload;
40 list_add_tail(&offload->offloads, &bpf_prog_offload_devs);
46 static int __bpf_offload_ndo(struct bpf_prog *prog, enum bpf_netdev_command cmd,
47 struct netdev_bpf *data)
49 struct net_device *netdev = prog->aux->offload->netdev;
55 if (!netdev->netdev_ops->ndo_bpf)
60 return netdev->netdev_ops->ndo_bpf(netdev, data);
63 int bpf_prog_offload_verifier_prep(struct bpf_verifier_env *env)
65 struct netdev_bpf data = {};
68 data.verifier.prog = env->prog;
71 err = __bpf_offload_ndo(env->prog, BPF_OFFLOAD_VERIFIER_PREP, &data);
75 env->dev_ops = data.verifier.ops;
77 env->prog->aux->offload->dev_state = true;
78 env->prog->aux->offload->verifier_running = true;
84 static void __bpf_prog_offload_destroy(struct bpf_prog *prog)
86 struct bpf_dev_offload *offload = prog->aux->offload;
87 struct netdev_bpf data = {};
89 /* Caution - if netdev is destroyed before the program, this function
90 * will be called twice.
93 data.offload.prog = prog;
95 if (offload->verifier_running)
96 wait_event(offload->verifier_done, !offload->verifier_running);
98 if (offload->dev_state)
99 WARN_ON(__bpf_offload_ndo(prog, BPF_OFFLOAD_DESTROY, &data));
101 offload->dev_state = false;
102 list_del_init(&offload->offloads);
103 offload->netdev = NULL;
106 void bpf_prog_offload_destroy(struct bpf_prog *prog)
108 struct bpf_dev_offload *offload = prog->aux->offload;
110 offload->verifier_running = false;
111 wake_up(&offload->verifier_done);
114 __bpf_prog_offload_destroy(prog);
120 static int bpf_prog_offload_translate(struct bpf_prog *prog)
122 struct bpf_dev_offload *offload = prog->aux->offload;
123 struct netdev_bpf data = {};
126 data.offload.prog = prog;
128 offload->verifier_running = false;
129 wake_up(&offload->verifier_done);
132 ret = __bpf_offload_ndo(prog, BPF_OFFLOAD_TRANSLATE, &data);
138 static unsigned int bpf_prog_warn_on_exec(const void *ctx,
139 const struct bpf_insn *insn)
141 WARN(1, "attempt to execute device eBPF program on the host!");
145 int bpf_prog_offload_compile(struct bpf_prog *prog)
147 prog->bpf_func = bpf_prog_warn_on_exec;
149 return bpf_prog_offload_translate(prog);
152 const struct bpf_prog_ops bpf_offload_prog_ops = {
155 static int bpf_offload_notification(struct notifier_block *notifier,
156 ulong event, void *ptr)
158 struct net_device *netdev = netdev_notifier_info_to_dev(ptr);
159 struct bpf_dev_offload *offload, *tmp;
164 case NETDEV_UNREGISTER:
165 /* ignore namespace changes */
166 if (netdev->reg_state != NETREG_UNREGISTERING)
169 list_for_each_entry_safe(offload, tmp, &bpf_prog_offload_devs,
171 if (offload->netdev == netdev)
172 __bpf_prog_offload_destroy(offload->prog);
181 static struct notifier_block bpf_offload_notifier = {
182 .notifier_call = bpf_offload_notification,
185 static int __init bpf_offload_init(void)
187 register_netdevice_notifier(&bpf_offload_notifier);
191 subsys_initcall(bpf_offload_init);