From nobody Wed Nov 27 00:20:53 2024 Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.13]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id A2DEC1FAF0D; Tue, 15 Oct 2024 14:54:30 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=192.198.163.13 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1729004072; cv=none; b=DTZ/3ttlI2pCzOidncDl1UQu4TmH8kdlLP/VCmvzneFykuMzKSzxxcO2WJFxAaygbGStqhuNCtHq6MRFY7lhO5Qf62gtMG7CV4PIrxPcY6YBesob2PW/VItOSveGYDeT0ejHBbTQoLFEBe8JfXBBe9qjmZF+tckxwjEFmyzy1wE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1729004072; c=relaxed/simple; bh=Y4hwFgZVCELg8Z9ytJWx2ZG0ukuxrmtzkdnTsGCw6Xw=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version; b=sveFPJXvr1zRy7mothUzWWhoCY3LSGPdb+lTiZzXPMwhfceGqWTNxhKXf64VbdVZsLh5RR6hTNYy70fu1ze1E+6XFchSrywfoN0O2CK7csQuZBBOSwfKwOzOTH/ZHdUOu2bCqdbUsaqvCfxI6YKmFyOQP0ETU+a2HmKh3O7Y03U= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com; spf=pass smtp.mailfrom=intel.com; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b=B/D6g6d6; arc=none smtp.client-ip=192.198.163.13 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=intel.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=intel.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=intel.com header.i=@intel.com header.b="B/D6g6d6" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1729004071; x=1760540071; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=Y4hwFgZVCELg8Z9ytJWx2ZG0ukuxrmtzkdnTsGCw6Xw=; b=B/D6g6d6X2RAgy3AiRUWCbdiu/6u6PXf8KfYbZUjHz+LNW7xvAbZxZCy 5gJJ9BFwVl6Qg6rXZCfb/oslK65aRw9Sc6T01atEARcZeK+6LvTHcfzRU B3lFXc8K5ImLzR1Hfc/gnjtA29ZXy0HT/WDMjN5CGzoQVnmRY/ihZfjPQ jRYUvGc1dLZw/AOH+XZhoOgg2MIjFQ9OpaWUWIsGf2ky/p5Iqm3Ahu+jW H5hgubN6nmV/D8EiyduBNU2GX+wQhjrg2cqs7KXUFud8sOK43e38T9DN6 BWAFywVG4QW9qvdIgL+U6givAxKXi71EJ77IoUljBWIiE1WG97dLKAhDM g==; X-CSE-ConnectionGUID: ZgWUUG4pRi2rzN463QTIUQ== X-CSE-MsgGUID: 5o9NpwoMR1+ld9orD4PYqw== X-IronPort-AV: E=McAfee;i="6700,10204,11225"; a="31277488" X-IronPort-AV: E=Sophos;i="6.11,205,1725346800"; d="scan'208";a="31277488" Received: from orviesa003.jf.intel.com ([10.64.159.143]) by fmvoesa107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Oct 2024 07:54:30 -0700 X-CSE-ConnectionGUID: 2eL9s6MZRmCq3cpCVvzO/w== X-CSE-MsgGUID: Q9TZ/jxiTLGXRwgfrn6YrQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.11,199,1725346800"; d="scan'208";a="82723079" Received: from newjersey.igk.intel.com ([10.102.20.203]) by orviesa003.jf.intel.com with ESMTP; 15 Oct 2024 07:54:26 -0700 From: Alexander Lobakin To: "David S. Miller" , Eric Dumazet , Jakub Kicinski , Paolo Abeni Cc: Alexander Lobakin , =?UTF-8?q?Toke=20H=C3=B8iland-J=C3=B8rgensen?= , Alexei Starovoitov , Daniel Borkmann , John Fastabend , Andrii Nakryiko , Stanislav Fomichev , Magnus Karlsson , nex.sw.ncis.osdt.itp.upstreaming@intel.com, bpf@vger.kernel.org, netdev@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH net-next v2 04/18] bpf, xdp: constify some bpf_prog * function arguments Date: Tue, 15 Oct 2024 16:53:36 +0200 Message-ID: <20241015145350.4077765-5-aleksander.lobakin@intel.com> X-Mailer: git-send-email 2.46.2 In-Reply-To: <20241015145350.4077765-1-aleksander.lobakin@intel.com> References: <20241015145350.4077765-1-aleksander.lobakin@intel.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" In lots of places, bpf_prog pointer is used only for tracing or other stuff that doesn't modify the structure itself. Same for net_device. Address at least some of them and add `const` attributes there. The object code didn't change, but that may prevent unwanted data modifications and also allow more helpers to have const arguments. Signed-off-by: Alexander Lobakin --- include/linux/bpf.h | 12 ++++++------ include/linux/filter.h | 9 +++++---- include/linux/netdevice.h | 6 +++--- include/linux/skbuff.h | 2 +- kernel/bpf/devmap.c | 8 ++++---- net/core/dev.c | 10 +++++----- net/core/filter.c | 29 ++++++++++++++++------------- net/core/skbuff.c | 2 +- 8 files changed, 41 insertions(+), 37 deletions(-) diff --git a/include/linux/bpf.h b/include/linux/bpf.h index 19d8ca8ac960..263515478984 100644 --- a/include/linux/bpf.h +++ b/include/linux/bpf.h @@ -2534,10 +2534,10 @@ int dev_map_enqueue(struct bpf_dtab_netdev *dst, st= ruct xdp_frame *xdpf, int dev_map_enqueue_multi(struct xdp_frame *xdpf, struct net_device *dev_r= x, struct bpf_map *map, bool exclude_ingress); int dev_map_generic_redirect(struct bpf_dtab_netdev *dst, struct sk_buff *= skb, - struct bpf_prog *xdp_prog); + const struct bpf_prog *xdp_prog); int dev_map_redirect_multi(struct net_device *dev, struct sk_buff *skb, - struct bpf_prog *xdp_prog, struct bpf_map *map, - bool exclude_ingress); + const struct bpf_prog *xdp_prog, + struct bpf_map *map, bool exclude_ingress); =20 void __cpu_map_flush(struct list_head *flush_list); int cpu_map_enqueue(struct bpf_cpu_map_entry *rcpu, struct xdp_frame *xdpf, @@ -2801,15 +2801,15 @@ struct sk_buff; =20 static inline int dev_map_generic_redirect(struct bpf_dtab_netdev *dst, struct sk_buff *skb, - struct bpf_prog *xdp_prog) + const struct bpf_prog *xdp_prog) { return 0; } =20 static inline int dev_map_redirect_multi(struct net_device *dev, struct sk_buff *skb, - struct bpf_prog *xdp_prog, struct bpf_map *map, - bool exclude_ingress) + const struct bpf_prog *xdp_prog, + struct bpf_map *map, bool exclude_ingress) { return 0; } diff --git a/include/linux/filter.h b/include/linux/filter.h index 7d7578a8eac1..ee067ab13272 100644 --- a/include/linux/filter.h +++ b/include/linux/filter.h @@ -1178,17 +1178,18 @@ static inline int xdp_ok_fwd_dev(const struct net_d= evice *fwd, * This does not appear to be a real limitation for existing software. */ int xdp_do_generic_redirect(struct net_device *dev, struct sk_buff *skb, - struct xdp_buff *xdp, struct bpf_prog *prog); + struct xdp_buff *xdp, const struct bpf_prog *prog); int xdp_do_redirect(struct net_device *dev, struct xdp_buff *xdp, - struct bpf_prog *prog); + const struct bpf_prog *prog); int xdp_do_redirect_frame(struct net_device *dev, struct xdp_buff *xdp, struct xdp_frame *xdpf, - struct bpf_prog *prog); + const struct bpf_prog *prog); void xdp_do_flush(void); =20 -void bpf_warn_invalid_xdp_action(struct net_device *dev, struct bpf_prog *= prog, u32 act); +void bpf_warn_invalid_xdp_action(const struct net_device *dev, + const struct bpf_prog *prog, u32 act); =20 #ifdef CONFIG_INET struct sock *bpf_run_sk_reuseport(struct sock_reuseport *reuse, struct soc= k *sk, diff --git a/include/linux/netdevice.h b/include/linux/netdevice.h index 8feaca12655e..72f53e7610ec 100644 --- a/include/linux/netdevice.h +++ b/include/linux/netdevice.h @@ -3932,9 +3932,9 @@ static inline void dev_consume_skb_any(struct sk_buff= *skb) } =20 u32 bpf_prog_run_generic_xdp(struct sk_buff *skb, struct xdp_buff *xdp, - struct bpf_prog *xdp_prog); -void generic_xdp_tx(struct sk_buff *skb, struct bpf_prog *xdp_prog); -int do_xdp_generic(struct bpf_prog *xdp_prog, struct sk_buff **pskb); + const struct bpf_prog *xdp_prog); +void generic_xdp_tx(struct sk_buff *skb, const struct bpf_prog *xdp_prog); +int do_xdp_generic(const struct bpf_prog *xdp_prog, struct sk_buff **pskb); int netif_rx(struct sk_buff *skb); int __netif_rx(struct sk_buff *skb); =20 diff --git a/include/linux/skbuff.h b/include/linux/skbuff.h index f187a2415fb8..c867df5b1051 100644 --- a/include/linux/skbuff.h +++ b/include/linux/skbuff.h @@ -3595,7 +3595,7 @@ static inline netmem_ref skb_frag_netmem(const skb_fr= ag_t *frag) int skb_pp_cow_data(struct page_pool *pool, struct sk_buff **pskb, unsigned int headroom); int skb_cow_data_for_xdp(struct page_pool *pool, struct sk_buff **pskb, - struct bpf_prog *prog); + const struct bpf_prog *prog); =20 /** * skb_frag_address - gets the address of the data contained in a paged fr= agment diff --git a/kernel/bpf/devmap.c b/kernel/bpf/devmap.c index 9e0e3b0a18e4..f634b87aa0fa 100644 --- a/kernel/bpf/devmap.c +++ b/kernel/bpf/devmap.c @@ -675,7 +675,7 @@ int dev_map_enqueue_multi(struct xdp_frame *xdpf, struc= t net_device *dev_rx, } =20 int dev_map_generic_redirect(struct bpf_dtab_netdev *dst, struct sk_buff *= skb, - struct bpf_prog *xdp_prog) + const struct bpf_prog *xdp_prog) { int err; =20 @@ -698,7 +698,7 @@ int dev_map_generic_redirect(struct bpf_dtab_netdev *ds= t, struct sk_buff *skb, =20 static int dev_map_redirect_clone(struct bpf_dtab_netdev *dst, struct sk_buff *skb, - struct bpf_prog *xdp_prog) + const struct bpf_prog *xdp_prog) { struct sk_buff *nskb; int err; @@ -717,8 +717,8 @@ static int dev_map_redirect_clone(struct bpf_dtab_netde= v *dst, } =20 int dev_map_redirect_multi(struct net_device *dev, struct sk_buff *skb, - struct bpf_prog *xdp_prog, struct bpf_map *map, - bool exclude_ingress) + const struct bpf_prog *xdp_prog, + struct bpf_map *map, bool exclude_ingress) { struct bpf_dtab *dtab =3D container_of(map, struct bpf_dtab, map); struct bpf_dtab_netdev *dst, *last_dst =3D NULL; diff --git a/net/core/dev.c b/net/core/dev.c index c682173a7642..b857abb5c0e9 100644 --- a/net/core/dev.c +++ b/net/core/dev.c @@ -4927,7 +4927,7 @@ static struct netdev_rx_queue *netif_get_rxqueue(stru= ct sk_buff *skb) } =20 u32 bpf_prog_run_generic_xdp(struct sk_buff *skb, struct xdp_buff *xdp, - struct bpf_prog *xdp_prog) + const struct bpf_prog *xdp_prog) { void *orig_data, *orig_data_end, *hard_start; struct netdev_rx_queue *rxqueue; @@ -5029,7 +5029,7 @@ u32 bpf_prog_run_generic_xdp(struct sk_buff *skb, str= uct xdp_buff *xdp, } =20 static int -netif_skb_check_for_xdp(struct sk_buff **pskb, struct bpf_prog *prog) +netif_skb_check_for_xdp(struct sk_buff **pskb, const struct bpf_prog *prog) { struct sk_buff *skb =3D *pskb; int err, hroom, troom; @@ -5053,7 +5053,7 @@ netif_skb_check_for_xdp(struct sk_buff **pskb, struct= bpf_prog *prog) =20 static u32 netif_receive_generic_xdp(struct sk_buff **pskb, struct xdp_buff *xdp, - struct bpf_prog *xdp_prog) + const struct bpf_prog *xdp_prog) { struct sk_buff *skb =3D *pskb; u32 mac_len, act =3D XDP_DROP; @@ -5106,7 +5106,7 @@ static u32 netif_receive_generic_xdp(struct sk_buff *= *pskb, * and DDOS attacks will be more effective. In-driver-XDP use dedicated TX * queues, so they do not have this starvation issue. */ -void generic_xdp_tx(struct sk_buff *skb, struct bpf_prog *xdp_prog) +void generic_xdp_tx(struct sk_buff *skb, const struct bpf_prog *xdp_prog) { struct net_device *dev =3D skb->dev; struct netdev_queue *txq; @@ -5131,7 +5131,7 @@ void generic_xdp_tx(struct sk_buff *skb, struct bpf_p= rog *xdp_prog) =20 static DEFINE_STATIC_KEY_FALSE(generic_xdp_needed_key); =20 -int do_xdp_generic(struct bpf_prog *xdp_prog, struct sk_buff **pskb) +int do_xdp_generic(const struct bpf_prog *xdp_prog, struct sk_buff **pskb) { struct bpf_net_context __bpf_net_ctx, *bpf_net_ctx; =20 diff --git a/net/core/filter.c b/net/core/filter.c index a88e6924c4c0..8dfa9493d2f3 100644 --- a/net/core/filter.c +++ b/net/core/filter.c @@ -4349,9 +4349,9 @@ u32 xdp_master_redirect(struct xdp_buff *xdp) EXPORT_SYMBOL_GPL(xdp_master_redirect); =20 static inline int __xdp_do_redirect_xsk(struct bpf_redirect_info *ri, - struct net_device *dev, + const struct net_device *dev, struct xdp_buff *xdp, - struct bpf_prog *xdp_prog) + const struct bpf_prog *xdp_prog) { enum bpf_map_type map_type =3D ri->map_type; void *fwd =3D ri->tgt_value; @@ -4372,10 +4372,10 @@ static inline int __xdp_do_redirect_xsk(struct bpf_= redirect_info *ri, return err; } =20 -static __always_inline int __xdp_do_redirect_frame(struct bpf_redirect_inf= o *ri, - struct net_device *dev, - struct xdp_frame *xdpf, - struct bpf_prog *xdp_prog) +static __always_inline int +__xdp_do_redirect_frame(struct bpf_redirect_info *ri, struct net_device *d= ev, + struct xdp_frame *xdpf, + const struct bpf_prog *xdp_prog) { enum bpf_map_type map_type =3D ri->map_type; void *fwd =3D ri->tgt_value; @@ -4444,7 +4444,7 @@ static __always_inline int __xdp_do_redirect_frame(st= ruct bpf_redirect_info *ri, } =20 int xdp_do_redirect(struct net_device *dev, struct xdp_buff *xdp, - struct bpf_prog *xdp_prog) + const struct bpf_prog *xdp_prog) { struct bpf_redirect_info *ri =3D bpf_net_ctx_get_ri(); enum bpf_map_type map_type =3D ri->map_type; @@ -4458,7 +4458,8 @@ int xdp_do_redirect(struct net_device *dev, struct xd= p_buff *xdp, EXPORT_SYMBOL_GPL(xdp_do_redirect); =20 int xdp_do_redirect_frame(struct net_device *dev, struct xdp_buff *xdp, - struct xdp_frame *xdpf, struct bpf_prog *xdp_prog) + struct xdp_frame *xdpf, + const struct bpf_prog *xdp_prog) { struct bpf_redirect_info *ri =3D bpf_net_ctx_get_ri(); enum bpf_map_type map_type =3D ri->map_type; @@ -4473,9 +4474,9 @@ EXPORT_SYMBOL_GPL(xdp_do_redirect_frame); static int xdp_do_generic_redirect_map(struct net_device *dev, struct sk_buff *skb, struct xdp_buff *xdp, - struct bpf_prog *xdp_prog, void *fwd, - enum bpf_map_type map_type, u32 map_id, - u32 flags) + const struct bpf_prog *xdp_prog, + void *fwd, enum bpf_map_type map_type, + u32 map_id, u32 flags) { struct bpf_redirect_info *ri =3D bpf_net_ctx_get_ri(); struct bpf_map *map; @@ -4529,7 +4530,8 @@ static int xdp_do_generic_redirect_map(struct net_dev= ice *dev, } =20 int xdp_do_generic_redirect(struct net_device *dev, struct sk_buff *skb, - struct xdp_buff *xdp, struct bpf_prog *xdp_prog) + struct xdp_buff *xdp, + const struct bpf_prog *xdp_prog) { struct bpf_redirect_info *ri =3D bpf_net_ctx_get_ri(); enum bpf_map_type map_type =3D ri->map_type; @@ -9088,7 +9090,8 @@ static bool xdp_is_valid_access(int off, int size, return __is_valid_xdp_access(off, size); } =20 -void bpf_warn_invalid_xdp_action(struct net_device *dev, struct bpf_prog *= prog, u32 act) +void bpf_warn_invalid_xdp_action(const struct net_device *dev, + const struct bpf_prog *prog, u32 act) { const u32 act_max =3D XDP_REDIRECT; =20 diff --git a/net/core/skbuff.c b/net/core/skbuff.c index 00afeb90c23a..224cfe8b4368 100644 --- a/net/core/skbuff.c +++ b/net/core/skbuff.c @@ -1009,7 +1009,7 @@ int skb_pp_cow_data(struct page_pool *pool, struct sk= _buff **pskb, EXPORT_SYMBOL(skb_pp_cow_data); =20 int skb_cow_data_for_xdp(struct page_pool *pool, struct sk_buff **pskb, - struct bpf_prog *prog) + const struct bpf_prog *prog) { if (!prog->aux->xdp_has_frags) return -EINVAL; --=20 2.46.2