From nobody Mon Feb  9 14:32:37 2026
Received: from mail-pl1-f196.google.com (mail-pl1-f196.google.com
 [209.85.214.196])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 15E41376BDC
	for <linux-kernel@vger.kernel.org>; Thu, 15 Jan 2026 11:24:09 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.214.196
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1768476250; cv=none;
 b=W89pQs1fj9acoXMpJVusoC4j1KeBGQ2GaCCrtGnOwsM2e+PdaR7ruWFDMUuEE5EjTxISrGQj/JQlfjDkcxyjVpHzCq7KPx3xrNHdJN3IYOJRwoj4L3HkWt58QD39A5xwa+vRI6jEsri666mufUn6xIdpSVbSo6A3kQQN9aAaE10=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1768476250; c=relaxed/simple;
	bh=Itcaf26Y45P0JIbP0zCWsMUMv9fsLICqg21TFcfGwGM=;
	h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version;
 b=OE1KZbjyBa1MuTm2g91F0motkqlsxjiKcJbHKxxK+W6qtK90wzSE6LJNMNKTG+hdh1JupmFKAkt/W9R7hGAwOSTV679M1jRNj9TyZmKaZkPIp+zIbal/qdTLwcW1cGUoMMZ5SCwHOsSUvcfGPf5Ad8czSbkUT4frKhbgZlEU/+Q=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=none dis=none) header.from=gmail.com;
 spf=pass smtp.mailfrom=gmail.com;
 dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com
 header.b=YarNjgYy; arc=none smtp.client-ip=209.85.214.196
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=none dis=none) header.from=gmail.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=gmail.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com
 header.b="YarNjgYy"
Received: by mail-pl1-f196.google.com with SMTP id
 d9443c01a7336-2a0a33d0585so5471835ad.1
        for <linux-kernel@vger.kernel.org>;
 Thu, 15 Jan 2026 03:24:09 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1768476248; x=1769081048;
 darn=vger.kernel.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:from:to:cc:subject:date
         :message-id:reply-to;
        bh=rqPghPT79kN2ifffYdZv2FAk43D0a28aw/1itsDYUg8=;
        b=YarNjgYy9gYoOzf/Gy7bXnIz6UNgCYHbsXX0Nhgp9kDcCwFLHpBQFBQy8v/I2XlDjS
         AtbPJvoQKkYXaVvxd/toQslKS7XorFJVkfKcLqYU1m20evWYwZMvZfmLIwKp55LlD4Ub
         yrdoUubicx+HhM2ltUE9oTraThQDf4xu6e/UBL2oU6KOSj391e6O2dlHRh/Dpa96caB8
         gDuBNd4ZxFk35OzCXhTgAP0weEjElVT4FiL+bWapUW97pI1JctvFpPQZXkxQgprfwnL5
         Z5umWvypJ65pUZXGtD36DWy9FACkl5IRAgRhJCms70JIUCRGOwSrL108qBr9pwAmXgFv
         X0rA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1768476248; x=1769081048;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
         :to:cc:subject:date:message-id:reply-to;
        bh=rqPghPT79kN2ifffYdZv2FAk43D0a28aw/1itsDYUg8=;
        b=nL5XGlDvsVw0rwmB6t4o5bnUIKAUG3Acz5oV/T1zF5AFaGM6dGXm5bKa+XWmkyfoLP
         c+0G6Xgmu1URjNUZH5mtY/E+faJhGhf0K2i5y+p4JP7+2zEPdPjeJ5t7ZZaxqGv3/+qV
         ydOsphKLWud2+a5/aOqiEhJygSNiSnUsYEAx6NZuYrFiZBSYF9mAw5blEKXGpDT7XMCb
         k9hNZntMVdV0VJlxO+WavKWm0oPWyU8jHH4IiDfJzKPVhy3qJrnuNbmZ9WGqTKbAzD4y
         B2RIJrxHZnAN+FpnJGc6X8MdFVDd/nfRp8Oux/dhmE2ffQ+TiftU8lwl8xeyJcaZ2omD
         Cyiw==
X-Forwarded-Encrypted: i=1;
 AJvYcCWMcbVi9J3d7YQobYMSjfKHXDRA8CWutBnP4wdVU7UzmvkRoR/8I9RDfp01hPYW+Xa4bmzVeBCUOLXWX90=@vger.kernel.org
X-Gm-Message-State: AOJu0YyZ1tzSx+qIQgFkiBuv8moprRc5PioslnLKW6MPyFIg/WRhEKw0
	Ez976+vYLjTQLoLulo4v7ZIUazL8BxW99V6t7ynRsBgr5cfCSFfJXfPF
X-Gm-Gg: AY/fxX4Dj5xH12T52nQzP5LCEDgdJNkwWgcTzqdEwYu+zF/LZGdb1TSyO4P5deazlGd
	pskfDx6YCuFcX9r7NCG+8TNmK80XFGx9xkmBSzRhl+uIUmDNznzvosq6jK82zCgUyytODUgOrDi
	NPIdAXX8vmTlRDEm0T7m+4ImdjMK9I3qVAToYrxrSJkV4hbzCKb9xEMZQcD18REZ81B7M8cnS7M
	DyFuIqmwPpib/0/Brt7LGfN8/6cDT1A8WVzkW8gFm9MBP2gUBHhE6HfllVTB+yKuvLEYtohmjZt
	tF3XNtaQMxvHOv+JCZCiRBvgPwGLwnyYSYPbznzHLsVFbhH1DaRonyOitWKkNyMxc1F95sGudWP
	GSbK9oPRPqHLDcfu/3sfTofPYediINop2MHKq9UHk8k2QTW7x5l/LfFR8oOzpFDaFHTcu3NF6mH
	36l+s0368=
X-Received: by 2002:a17:903:283:b0:29e:e925:1abf with SMTP id
 d9443c01a7336-2a599e4f274mr56245905ad.43.1768476248463;
        Thu, 15 Jan 2026 03:24:08 -0800 (PST)
Received: from 7940hx ([160.187.0.149])
        by smtp.gmail.com with ESMTPSA id
 d9443c01a7336-2a3e3ba03f9sm248523225ad.0.2026.01.15.03.23.59
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 15 Jan 2026 03:24:08 -0800 (PST)
From: Menglong Dong <menglong8.dong@gmail.com>
X-Google-Original-From: Menglong Dong <dongml2@chinatelecom.cn>
To: ast@kernel.org,
	andrii@kernel.org
Cc: daniel@iogearbox.net,
	martin.lau@linux.dev,
	eddyz87@gmail.com,
	song@kernel.org,
	yonghong.song@linux.dev,
	john.fastabend@gmail.com,
	kpsingh@kernel.org,
	sdf@fomichev.me,
	haoluo@google.com,
	jolsa@kernel.org,
	davem@davemloft.net,
	dsahern@kernel.org,
	tglx@linutronix.de,
	mingo@redhat.com,
	jiang.biao@linux.dev,
	bp@alien8.de,
	dave.hansen@linux.intel.com,
	x86@kernel.org,
	hpa@zytor.com,
	bpf@vger.kernel.org,
	netdev@vger.kernel.org,
	linux-kernel@vger.kernel.org
Subject: [PATCH bpf-next v10 07/12] bpf,x86: add fsession support for x86_64
Date: Thu, 15 Jan 2026 19:22:41 +0800
Message-ID: <20260115112246.221082-8-dongml2@chinatelecom.cn>
X-Mailer: git-send-email 2.52.0
In-Reply-To: <20260115112246.221082-1-dongml2@chinatelecom.cn>
References: <20260115112246.221082-1-dongml2@chinatelecom.cn>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Add BPF_TRACE_FSESSION supporting to x86_64, including:

1. clear the return value in the stack before fentry to make the fentry
   of the fsession can only get 0 with bpf_get_func_ret().

2. clear all the session cookies' value in the stack.

2. store the index of the cookie to ctx[-1] before the calling to fsession

3. store the "is_return" flag to ctx[-1] before the calling to fexit of
   the fsession.

Signed-off-by: Menglong Dong <dongml2@chinatelecom.cn>
Co-developed-by: Leon Hwang <leon.hwang@linux.dev>
Signed-off-by: Leon Hwang <leon.hwang@linux.dev>
---
v10:
- use "|" for func_meta instead of "+"
- pass the "func_meta_off" to invoke_bpf() explicitly, instead of
  computing it with "stack_size + 8"
- pass the "cookie_off" to invoke_bpf() instead of computing the current
  cookie index with "func_meta"

v5:
- add the variable "func_meta"
- define cookie_off in a new line

v4:
- some adjustment to the 1st patch, such as we get the fsession prog from
  fentry and fexit hlist
- remove the supporting of skipping fexit with fentry return non-zero

v2:
- add session cookie support
- add the session stuff after return value, instead of before nr_args
---
 arch/x86/net/bpf_jit_comp.c | 52 ++++++++++++++++++++++++++++---------
 1 file changed, 40 insertions(+), 12 deletions(-)

diff --git a/arch/x86/net/bpf_jit_comp.c b/arch/x86/net/bpf_jit_comp.c
index 2f31331955b5..16720f2be16c 100644
--- a/arch/x86/net/bpf_jit_comp.c
+++ b/arch/x86/net/bpf_jit_comp.c
@@ -3094,13 +3094,19 @@ static int emit_cond_near_jump(u8 **pprog, void *fu=
nc, void *ip, u8 jmp_cond)
=20
 static int invoke_bpf(const struct btf_func_model *m, u8 **pprog,
 		      struct bpf_tramp_links *tl, int stack_size,
-		      int run_ctx_off, bool save_ret,
-		      void *image, void *rw_image)
+		      int run_ctx_off, int func_meta_off, bool save_ret,
+		      void *image, void *rw_image, u64 func_meta,
+		      int cookie_off)
 {
-	int i;
+	int i, cur_cookie =3D (cookie_off - stack_size) / 8;
 	u8 *prog =3D *pprog;
=20
 	for (i =3D 0; i < tl->nr_links; i++) {
+		if (tl->links[i]->link.prog->call_session_cookie) {
+			emit_store_stack_imm64(&prog, BPF_REG_0, -func_meta_off,
+					       func_meta | (cur_cookie << BPF_TRAMP_SHIFT_COOKIE));
+			cur_cookie--;
+		}
 		if (invoke_bpf_prog(m, &prog, tl->links[i], stack_size,
 				    run_ctx_off, save_ret, image, rw_image))
 			return -EINVAL;
@@ -3218,12 +3224,14 @@ static int __arch_prepare_bpf_trampoline(struct bpf=
_tramp_image *im, void *rw_im
 					 void *func_addr)
 {
 	int i, ret, nr_regs =3D m->nr_args, stack_size =3D 0;
-	int regs_off, nregs_off, ip_off, run_ctx_off, arg_stack_off, rbx_off;
+	int regs_off, func_meta_off, ip_off, run_ctx_off, arg_stack_off, rbx_off;
 	struct bpf_tramp_links *fentry =3D &tlinks[BPF_TRAMP_FENTRY];
 	struct bpf_tramp_links *fexit =3D &tlinks[BPF_TRAMP_FEXIT];
 	struct bpf_tramp_links *fmod_ret =3D &tlinks[BPF_TRAMP_MODIFY_RETURN];
 	void *orig_call =3D func_addr;
+	int cookie_off, cookie_cnt;
 	u8 **branches =3D NULL;
+	u64 func_meta;
 	u8 *prog;
 	bool save_ret;
=20
@@ -3259,7 +3267,7 @@ static int __arch_prepare_bpf_trampoline(struct bpf_t=
ramp_image *im, void *rw_im
 	 *                 [ ...             ]
 	 * RBP - regs_off  [ reg_arg1        ]  program's ctx pointer
 	 *
-	 * RBP - nregs_off [ regs count	     ]  always
+	 * RBP - func_meta_off [ regs count, etc ]  always
 	 *
 	 * RBP - ip_off    [ traced function ]  BPF_TRAMP_F_IP_ARG flag
 	 *
@@ -3282,15 +3290,20 @@ static int __arch_prepare_bpf_trampoline(struct bpf=
_tramp_image *im, void *rw_im
 	stack_size +=3D nr_regs * 8;
 	regs_off =3D stack_size;
=20
-	/* regs count  */
+	/* function matedata, such as regs count  */
 	stack_size +=3D 8;
-	nregs_off =3D stack_size;
+	func_meta_off =3D stack_size;
=20
 	if (flags & BPF_TRAMP_F_IP_ARG)
 		stack_size +=3D 8; /* room for IP address argument */
=20
 	ip_off =3D stack_size;
=20
+	cookie_cnt =3D bpf_fsession_cookie_cnt(tlinks);
+	/* room for session cookies */
+	stack_size +=3D cookie_cnt * 8;
+	cookie_off =3D stack_size;
+
 	stack_size +=3D 8;
 	rbx_off =3D stack_size;
=20
@@ -3358,8 +3371,9 @@ static int __arch_prepare_bpf_trampoline(struct bpf_t=
ramp_image *im, void *rw_im
 	/* mov QWORD PTR [rbp - rbx_off], rbx */
 	emit_stx(&prog, BPF_DW, BPF_REG_FP, BPF_REG_6, -rbx_off);
=20
+	func_meta =3D nr_regs;
 	/* Store number of argument registers of the traced function */
-	emit_store_stack_imm64(&prog, BPF_REG_0, -nregs_off, nr_regs);
+	emit_store_stack_imm64(&prog, BPF_REG_0, -func_meta_off, func_meta);
=20
 	if (flags & BPF_TRAMP_F_IP_ARG) {
 		/* Store IP address of the traced function */
@@ -3378,9 +3392,18 @@ static int __arch_prepare_bpf_trampoline(struct bpf_=
tramp_image *im, void *rw_im
 		}
 	}
=20
+	if (bpf_fsession_cnt(tlinks)) {
+		/* clear all the session cookies' value */
+		for (int i =3D 0; i < cookie_cnt; i++)
+			emit_store_stack_imm64(&prog, BPF_REG_0, -cookie_off + 8 * i, 0);
+		/* clear the return value to make sure fentry always get 0 */
+		emit_store_stack_imm64(&prog, BPF_REG_0, -8, 0);
+	}
+
 	if (fentry->nr_links) {
-		if (invoke_bpf(m, &prog, fentry, regs_off, run_ctx_off,
-			       flags & BPF_TRAMP_F_RET_FENTRY_RET, image, rw_image))
+		if (invoke_bpf(m, &prog, fentry, regs_off, run_ctx_off, func_meta_off,
+			       flags & BPF_TRAMP_F_RET_FENTRY_RET, image, rw_image,
+			       func_meta, cookie_off))
 			return -EINVAL;
 	}
=20
@@ -3440,9 +3463,14 @@ static int __arch_prepare_bpf_trampoline(struct bpf_=
tramp_image *im, void *rw_im
 		}
 	}
=20
+	/* set the "is_return" flag for fsession */
+	func_meta |=3D (1ULL << BPF_TRAMP_SHIFT_IS_RETURN);
+	if (bpf_fsession_cnt(tlinks))
+		emit_store_stack_imm64(&prog, BPF_REG_0, -func_meta_off, func_meta);
+
 	if (fexit->nr_links) {
-		if (invoke_bpf(m, &prog, fexit, regs_off, run_ctx_off,
-			       false, image, rw_image)) {
+		if (invoke_bpf(m, &prog, fexit, regs_off, run_ctx_off, func_meta_off,
+			       false, image, rw_image, func_meta, cookie_off)) {
 			ret =3D -EINVAL;
 			goto cleanup;
 		}
--=20
2.52.0