From nobody Mon Feb  9 08:56:22 2026
Received: from mail-pl1-f196.google.com (mail-pl1-f196.google.com
 [209.85.214.196])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by smtp.subspace.kernel.org (Postfix) with ESMTPS id 095FA20B7ED
	for <linux-kernel@vger.kernel.org>; Sat, 24 Jan 2026 03:32:34 +0000 (UTC)
Authentication-Results: smtp.subspace.kernel.org;
 arc=none smtp.client-ip=209.85.214.196
ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116;
	t=1769225557; cv=none;
 b=NNNfXZKyZw+M5CYtx6UP0MA08L9aJ2y1/1/QKvjqkb6GTD2IwUhVVx+5MtJ8ML7JTfuEEKXxC7ZspIcdIIrxK4SkMgYHHM8+EadD8UEDGapiIGbZQcha4CB4V3BY7Lk0JZR3VdOO/S7Tc9lyi4/GVKKKcBJub5XHWjfRiLVgBEw=
ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org;
	s=arc-20240116; t=1769225557; c=relaxed/simple;
	bh=EjnGJ2RP/1JCMlZMGRd+YlmPnDkDXdlwIR1/R/iLIq0=;
	h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:
	 MIME-Version;
 b=X9AFzg96AVNykPyrrp2tQM3nSuD7OCplfZ63xSQ8wJdUblGbr6EIbsuM6kGYu+TFtxMsS6Az4moTwabh/x+1LV9IJVpOcv4xtfS7JT0xuKbNFHr8Iq1g89XDTvnkjCmgQubg9nyJAoV/A2iZdP/EzeNydc5jzUm1s/BnVxK0NHY=
ARC-Authentication-Results: i=1; smtp.subspace.kernel.org;
 dmarc=pass (p=none dis=none) header.from=gmail.com;
 spf=pass smtp.mailfrom=gmail.com;
 dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com
 header.b=d1823paZ; arc=none smtp.client-ip=209.85.214.196
Authentication-Results: smtp.subspace.kernel.org;
 dmarc=pass (p=none dis=none) header.from=gmail.com
Authentication-Results: smtp.subspace.kernel.org;
 spf=pass smtp.mailfrom=gmail.com
Authentication-Results: smtp.subspace.kernel.org;
	dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com
 header.b="d1823paZ"
Received: by mail-pl1-f196.google.com with SMTP id
 d9443c01a7336-2a7a94c6d4fso13476265ad.0
        for <linux-kernel@vger.kernel.org>;
 Fri, 23 Jan 2026 19:32:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1769225554; x=1769830354;
 darn=vger.kernel.org;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:from:to:cc:subject:date
         :message-id:reply-to;
        bh=1d8/vt9Be4w9qa2wV5mcrLfqVviutZM7Jiw2hF3kLB8=;
        b=d1823paZw4r9MzXNS6avly14JwvRFGvzDY3Ytv+15ec7wlm1ovNNzyxhH+pndekILI
         9wwLRbTSJLNQSOc4l2ah2K1dt5xKLFVRwer0GjDPJWMC0ecRk2SSGCoJxDn9HIelmZZw
         2/UkTeTtqIn82iOHEIczaE8BAqWt1tIBQBG652Cummr08BZJqtIj20j9/PL5r4N6o/AP
         PlCePVsTOzMELu+Cz/7YCXLhtaaj+5J+LC5sD7RXojTNoOnPrvS9cd13qB87fShvoObh
         F3F5V1W9emwyAe+ytnZbQ/QxijvAW5nEwwnehCwTsFlcV/Z1zUvnxdz3hkQ6c/PJXwZ1
         L8lg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1769225554; x=1769830354;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from
         :to:cc:subject:date:message-id:reply-to;
        bh=1d8/vt9Be4w9qa2wV5mcrLfqVviutZM7Jiw2hF3kLB8=;
        b=dhs3lnCLbP3Kjurh7pFP35xtb3LpqZTUQyVMKSkogTLznwovCw0T+QHTiUbGp77wWw
         WALxxBKwNCUPF0yBOhMdkmXu7CgUXEcV90vXA/bVCoQ8HDf1Xod+FLPmuSGZ/47z2X5l
         LnvEvHia/4CSyTXluyeNpCkvCMovJIqPfbWNfQKrXg4cxkH7gvVtKkQRVKWoVJA66so/
         TQeyOD1xHIeMuDLf33eXmiIK8DJVnu2eApmHEQ1yq4ny1nwl1+FXjP3gUUcpTTYdJ1M+
         7C2AmbNVuDAzhbb0qSbmVhiJdKEgcA9OJLQJy1SWr2Aiy3cIO94gSDx5YEvOwoG6s5nj
         PevQ==
X-Forwarded-Encrypted: i=1;
 AJvYcCWaGuaP9y3kwrvYu7z1ybl+AZmDY3vXRzRZ37unyM2BR/ljUr5h3/DmL553f0Gdis9348NZWadppyEkumk=@vger.kernel.org
X-Gm-Message-State: AOJu0Yw2B3/7qeozJVEwGxghPv6LOKSqDRrVYP+nch9APLQncqI2P3Oo
	a9HXz+AHYOJAVOaMC9yb0HM1CzNQfOFVwX0yGjVFbmBjqpvlqYgrCrf2
X-Gm-Gg: AZuq6aIWKbG3At7tIqphztPxkmvKBW2AxXwQTMRnxuHOY+DzYLxXvqPk/fJQFDlfe0/
	PTYRTiCtwcwtlYEKmprxKvsxqoBeBzx1DECi1N04kJw/aTE69rtFic/kq96/JnQSoG8piOzbDs/
	kGv/RStrR+rlDikcsnEJ5XiJO/12ybEm3V23i4DxssKZbzc+1tgEjUR8WTCVaZzl8Ws9vXknlOy
	AC8g8zCbQOfnA6ji+qQ1MrSF0yBHG77Woa8bOY86w02j69kKYnF7pdO7Zh4IqoH8ZrpaSGNuthj
	XqiBeBwyQVrO/Dc1jEtWrvPCFsex3KHGsHc0WcahJQKANxgB2baOA1OwdaFlv6jMSYI5eiQkGPa
	I+dGCIGn7O452vYJQoHUiEFmPk6SX/GBR751EiY0J4jIkNElVid+xKCpBPwNBKvnuOm33EgpQgL
	e88Sl4TML2
X-Received: by 2002:a17:902:e884:b0:2a7:80bf:3131 with SMTP id
 d9443c01a7336-2a7fe77b3fdmr47454115ad.58.1769225554264;
        Fri, 23 Jan 2026 19:32:34 -0800 (PST)
Received: from 7950hx ([103.173.155.241])
        by smtp.gmail.com with ESMTPSA id
 d9443c01a7336-2a802dcddb0sm32539805ad.38.2026.01.23.19.32.25
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 23 Jan 2026 19:32:33 -0800 (PST)
From: Menglong Dong <menglong8.dong@gmail.com>
X-Google-Original-From: Menglong Dong <dongml2@chinatelecom.cn>
To: andrii@kernel.org
Cc: ast@kernel.org,
	daniel@iogearbox.net,
	martin.lau@linux.dev,
	eddyz87@gmail.com,
	song@kernel.org,
	yonghong.song@linux.dev,
	john.fastabend@gmail.com,
	kpsingh@kernel.org,
	sdf@fomichev.me,
	haoluo@google.com,
	jolsa@kernel.org,
	davem@davemloft.net,
	dsahern@kernel.org,
	tglx@linutronix.de,
	mingo@redhat.com,
	jiang.biao@linux.dev,
	bp@alien8.de,
	dave.hansen@linux.intel.com,
	x86@kernel.org,
	hpa@zytor.com,
	bpf@vger.kernel.org,
	netdev@vger.kernel.org,
	linux-kernel@vger.kernel.org
Subject: [PATCH bpf-next v12 07/13] bpf,x86: add fsession support for x86_64
Date: Sat, 24 Jan 2026 11:31:13 +0800
Message-ID: <20260124033119.28682-8-dongml2@chinatelecom.cn>
X-Mailer: git-send-email 2.52.0
In-Reply-To: <20260124033119.28682-1-dongml2@chinatelecom.cn>
References: <20260124033119.28682-1-dongml2@chinatelecom.cn>
Precedence: bulk
X-Mailing-List: linux-kernel@vger.kernel.org
List-Id: <linux-kernel.vger.kernel.org>
List-Subscribe: <mailto:linux-kernel+subscribe@vger.kernel.org>
List-Unsubscribe: <mailto:linux-kernel+unsubscribe@vger.kernel.org>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="utf-8"

Add BPF_TRACE_FSESSION supporting to x86_64, including:

1. clear the return value in the stack before fentry to make the fentry
   of the fsession can only get 0 with bpf_get_func_ret().

2. clear all the session cookies' value in the stack.

2. store the index of the cookie to ctx[-1] before the calling to fsession

3. store the "is_return" flag to ctx[-1] before the calling to fexit of
   the fsession.

Signed-off-by: Menglong Dong <dongml2@chinatelecom.cn>
Co-developed-by: Leon Hwang <leon.hwang@linux.dev>
Signed-off-by: Leon Hwang <leon.hwang@linux.dev>
---
v10:
- use "|" for func_meta instead of "+"
- pass the "func_meta_off" to invoke_bpf() explicitly, instead of
  computing it with "stack_size + 8"
- pass the "cookie_off" to invoke_bpf() instead of computing the current
  cookie index with "func_meta"

v5:
- add the variable "func_meta"
- define cookie_off in a new line

v4:
- some adjustment to the 1st patch, such as we get the fsession prog from
  fentry and fexit hlist
- remove the supporting of skipping fexit with fentry return non-zero

v2:
- add session cookie support
- add the session stuff after return value, instead of before nr_args
---
 arch/x86/net/bpf_jit_comp.c | 52 ++++++++++++++++++++++++++++---------
 1 file changed, 40 insertions(+), 12 deletions(-)

diff --git a/arch/x86/net/bpf_jit_comp.c b/arch/x86/net/bpf_jit_comp.c
index 2f31331955b5..5a075e06cf45 100644
--- a/arch/x86/net/bpf_jit_comp.c
+++ b/arch/x86/net/bpf_jit_comp.c
@@ -3094,13 +3094,19 @@ static int emit_cond_near_jump(u8 **pprog, void *fu=
nc, void *ip, u8 jmp_cond)
=20
 static int invoke_bpf(const struct btf_func_model *m, u8 **pprog,
 		      struct bpf_tramp_links *tl, int stack_size,
-		      int run_ctx_off, bool save_ret,
-		      void *image, void *rw_image)
+		      int run_ctx_off, int func_meta_off, bool save_ret,
+		      void *image, void *rw_image, u64 func_meta,
+		      int cookie_off)
 {
-	int i;
+	int i, cur_cookie =3D (cookie_off - stack_size) / 8;
 	u8 *prog =3D *pprog;
=20
 	for (i =3D 0; i < tl->nr_links; i++) {
+		if (tl->links[i]->link.prog->call_session_cookie) {
+			emit_store_stack_imm64(&prog, BPF_REG_0, -func_meta_off,
+				func_meta | (cur_cookie << BPF_TRAMP_COOKIE_INDEX_SHIFT));
+			cur_cookie--;
+		}
 		if (invoke_bpf_prog(m, &prog, tl->links[i], stack_size,
 				    run_ctx_off, save_ret, image, rw_image))
 			return -EINVAL;
@@ -3218,12 +3224,14 @@ static int __arch_prepare_bpf_trampoline(struct bpf=
_tramp_image *im, void *rw_im
 					 void *func_addr)
 {
 	int i, ret, nr_regs =3D m->nr_args, stack_size =3D 0;
-	int regs_off, nregs_off, ip_off, run_ctx_off, arg_stack_off, rbx_off;
+	int regs_off, func_meta_off, ip_off, run_ctx_off, arg_stack_off, rbx_off;
 	struct bpf_tramp_links *fentry =3D &tlinks[BPF_TRAMP_FENTRY];
 	struct bpf_tramp_links *fexit =3D &tlinks[BPF_TRAMP_FEXIT];
 	struct bpf_tramp_links *fmod_ret =3D &tlinks[BPF_TRAMP_MODIFY_RETURN];
 	void *orig_call =3D func_addr;
+	int cookie_off, cookie_cnt;
 	u8 **branches =3D NULL;
+	u64 func_meta;
 	u8 *prog;
 	bool save_ret;
=20
@@ -3259,7 +3267,7 @@ static int __arch_prepare_bpf_trampoline(struct bpf_t=
ramp_image *im, void *rw_im
 	 *                 [ ...             ]
 	 * RBP - regs_off  [ reg_arg1        ]  program's ctx pointer
 	 *
-	 * RBP - nregs_off [ regs count	     ]  always
+	 * RBP - func_meta_off [ regs count, etc ]  always
 	 *
 	 * RBP - ip_off    [ traced function ]  BPF_TRAMP_F_IP_ARG flag
 	 *
@@ -3282,15 +3290,20 @@ static int __arch_prepare_bpf_trampoline(struct bpf=
_tramp_image *im, void *rw_im
 	stack_size +=3D nr_regs * 8;
 	regs_off =3D stack_size;
=20
-	/* regs count  */
+	/* function matedata, such as regs count  */
 	stack_size +=3D 8;
-	nregs_off =3D stack_size;
+	func_meta_off =3D stack_size;
=20
 	if (flags & BPF_TRAMP_F_IP_ARG)
 		stack_size +=3D 8; /* room for IP address argument */
=20
 	ip_off =3D stack_size;
=20
+	cookie_cnt =3D bpf_fsession_cookie_cnt(tlinks);
+	/* room for session cookies */
+	stack_size +=3D cookie_cnt * 8;
+	cookie_off =3D stack_size;
+
 	stack_size +=3D 8;
 	rbx_off =3D stack_size;
=20
@@ -3358,8 +3371,9 @@ static int __arch_prepare_bpf_trampoline(struct bpf_t=
ramp_image *im, void *rw_im
 	/* mov QWORD PTR [rbp - rbx_off], rbx */
 	emit_stx(&prog, BPF_DW, BPF_REG_FP, BPF_REG_6, -rbx_off);
=20
+	func_meta =3D nr_regs;
 	/* Store number of argument registers of the traced function */
-	emit_store_stack_imm64(&prog, BPF_REG_0, -nregs_off, nr_regs);
+	emit_store_stack_imm64(&prog, BPF_REG_0, -func_meta_off, func_meta);
=20
 	if (flags & BPF_TRAMP_F_IP_ARG) {
 		/* Store IP address of the traced function */
@@ -3378,9 +3392,18 @@ static int __arch_prepare_bpf_trampoline(struct bpf_=
tramp_image *im, void *rw_im
 		}
 	}
=20
+	if (bpf_fsession_cnt(tlinks)) {
+		/* clear all the session cookies' value */
+		for (int i =3D 0; i < cookie_cnt; i++)
+			emit_store_stack_imm64(&prog, BPF_REG_0, -cookie_off + 8 * i, 0);
+		/* clear the return value to make sure fentry always get 0 */
+		emit_store_stack_imm64(&prog, BPF_REG_0, -8, 0);
+	}
+
 	if (fentry->nr_links) {
-		if (invoke_bpf(m, &prog, fentry, regs_off, run_ctx_off,
-			       flags & BPF_TRAMP_F_RET_FENTRY_RET, image, rw_image))
+		if (invoke_bpf(m, &prog, fentry, regs_off, run_ctx_off, func_meta_off,
+			       flags & BPF_TRAMP_F_RET_FENTRY_RET, image, rw_image,
+			       func_meta, cookie_off))
 			return -EINVAL;
 	}
=20
@@ -3440,9 +3463,14 @@ static int __arch_prepare_bpf_trampoline(struct bpf_=
tramp_image *im, void *rw_im
 		}
 	}
=20
+	/* set the "is_return" flag for fsession */
+	func_meta |=3D (1ULL << BPF_TRAMP_IS_RETURN_SHIFT);
+	if (bpf_fsession_cnt(tlinks))
+		emit_store_stack_imm64(&prog, BPF_REG_0, -func_meta_off, func_meta);
+
 	if (fexit->nr_links) {
-		if (invoke_bpf(m, &prog, fexit, regs_off, run_ctx_off,
-			       false, image, rw_image)) {
+		if (invoke_bpf(m, &prog, fexit, regs_off, run_ctx_off, func_meta_off,
+			       false, image, rw_image, func_meta, cookie_off)) {
 			ret =3D -EINVAL;
 			goto cleanup;
 		}
--=20
2.52.0