1. Patchew
  2. linux
  3. [RFC bpf-next 00/13] bpf: Introduce modular verifier
  4. View patch

[RFC bpf-next 10/13] bpf: verifier: Add indirection to kallsyms_lookup_name()

Daniel Xu posted 13 patches 10 months ago
[RFC bpf-next 10/13] bpf: verifier: Add indirection to kallsyms_lookup_name()
Posted by Daniel Xu 10 months ago 
kallsyms_lookup_name() cannot be exported from the kernel for policy
reasons, so add this layer of indirection to allow the verifier to still
do kfunc and global variable relocations.

Signed-off-by: Daniel Xu <dxu@dxuuu.xyz>
---
 include/linux/bpf.h   |  2 ++
 kernel/bpf/core.c     | 14 ++++++++++++++
 kernel/bpf/verifier.c | 13 +++++--------
 3 files changed, 21 insertions(+), 8 deletions(-)

diff --git a/include/linux/bpf.h b/include/linux/bpf.h
index 44133727820d..a5806a7b31d3 100644
--- a/include/linux/bpf.h
+++ b/include/linux/bpf.h
@@ -2797,6 +2797,8 @@ static inline int kfunc_desc_cmp_by_id_off(const void *a, const void *b)
 }
 const struct bpf_kfunc_desc *
 find_kfunc_desc(const struct bpf_prog *prog, u32 func_id, u16 offset);
+unsigned long bpf_lookup_type_addr(struct btf *btf, const struct btf_type *func,
+				   const char **name);
 int bpf_get_kfunc_addr(const struct bpf_prog *prog, u32 func_id,
 		       u16 btf_fd_idx, u8 **func_addr);
 
diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c
index e892e469061e..13301a668fe0 100644
--- a/kernel/bpf/core.c
+++ b/kernel/bpf/core.c
@@ -1639,6 +1639,20 @@ find_kfunc_desc(const struct bpf_prog *prog, u32 func_id, u16 offset)
 }
 EXPORT_SYMBOL_GPL(find_kfunc_desc);
 
+unsigned long bpf_lookup_type_addr(struct btf *btf, const struct btf_type *t,
+				   const char **name)
+{
+	unsigned long addr;
+
+	*name = btf_name_by_offset(btf, t->name_off);
+	addr = kallsyms_lookup_name(*name);
+	if (!addr)
+		return -ENOENT;
+
+	return addr;
+}
+EXPORT_SYMBOL_GPL(bpf_lookup_type_addr);
+
 int bpf_get_kfunc_addr(const struct bpf_prog *prog, u32 func_id,
 		       u16 btf_fd_idx, u8 **func_addr)
 {
diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
index 7e84df2abe41..080cc380e806 100644
--- a/kernel/bpf/verifier.c
+++ b/kernel/bpf/verifier.c
@@ -3131,11 +3131,9 @@ static int add_kfunc_call(struct bpf_verifier_env *env, u32 func_id, s16 offset)
 		return -EINVAL;
 	}
 
-	func_name = btf_name_by_offset(desc_btf, func->name_off);
-	addr = kallsyms_lookup_name(func_name);
-	if (!addr) {
-		verbose(env, "cannot find address for kernel function %s\n",
-			func_name);
+	addr = bpf_lookup_type_addr(desc_btf, func, &func_name);
+	if (addr < 0) {
+		verbose(env, "cannot find address for kernel function %s\n", func_name);
 		return -EINVAL;
 	}
 	specialize_kfunc(env, func_id, offset, &addr);
@@ -19707,9 +19705,8 @@ static int __check_pseudo_btf_id(struct bpf_verifier_env *env,
 		return -EINVAL;
 	}
 
-	sym_name = btf_name_by_offset(btf, t->name_off);
-	addr = kallsyms_lookup_name(sym_name);
-	if (!addr) {
+	addr = bpf_lookup_type_addr(btf, t, &sym_name);
+	if (addr < 0) {
 		verbose(env, "ldimm64 failed to find the address for kernel symbol '%s'.\n",
 			sym_name);
 		return -ENOENT;
-- 
2.47.1
Re: [RFC bpf-next 10/13] bpf: verifier: Add indirection to kallsyms_lookup_name()
Posted by Stanislav Fomichev 10 months ago 
On 04/08, Daniel Xu wrote:
> kallsyms_lookup_name() cannot be exported from the kernel for policy
> reasons, so add this layer of indirection to allow the verifier to still
> do kfunc and global variable relocations.
> 
> Signed-off-by: Daniel Xu <dxu@dxuuu.xyz>
> ---
>  include/linux/bpf.h   |  2 ++
>  kernel/bpf/core.c     | 14 ++++++++++++++
>  kernel/bpf/verifier.c | 13 +++++--------
>  3 files changed, 21 insertions(+), 8 deletions(-)
> 
> diff --git a/include/linux/bpf.h b/include/linux/bpf.h
> index 44133727820d..a5806a7b31d3 100644
> --- a/include/linux/bpf.h
> +++ b/include/linux/bpf.h
> @@ -2797,6 +2797,8 @@ static inline int kfunc_desc_cmp_by_id_off(const void *a, const void *b)
>  }
>  const struct bpf_kfunc_desc *
>  find_kfunc_desc(const struct bpf_prog *prog, u32 func_id, u16 offset);
> +unsigned long bpf_lookup_type_addr(struct btf *btf, const struct btf_type *func,
> +				   const char **name);
>  int bpf_get_kfunc_addr(const struct bpf_prog *prog, u32 func_id,
>  		       u16 btf_fd_idx, u8 **func_addr);
>  
> diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c
> index e892e469061e..13301a668fe0 100644
> --- a/kernel/bpf/core.c
> +++ b/kernel/bpf/core.c
> @@ -1639,6 +1639,20 @@ find_kfunc_desc(const struct bpf_prog *prog, u32 func_id, u16 offset)
>  }
>  EXPORT_SYMBOL_GPL(find_kfunc_desc);
>  
> +unsigned long bpf_lookup_type_addr(struct btf *btf, const struct btf_type *t,
> +				   const char **name)
> +{
> +	unsigned long addr;
> +
> +	*name = btf_name_by_offset(btf, t->name_off);
> +	addr = kallsyms_lookup_name(*name);
> +	if (!addr)
> +		return -ENOENT;
> +
> +	return addr;
> +}
> +EXPORT_SYMBOL_GPL(bpf_lookup_type_addr);

Let's namespecify all these new exports? EXPORT_SYMBOL_NS_GPL
Re: [RFC bpf-next 10/13] bpf: verifier: Add indirection to kallsyms_lookup_name()
Posted by Daniel Xu 10 months ago 
On Wed, Apr 09, 2025 at 07:25:14AM -0700, Stanislav Fomichev wrote:
> On 04/08, Daniel Xu wrote:
> > kallsyms_lookup_name() cannot be exported from the kernel for policy
> > reasons, so add this layer of indirection to allow the verifier to still
> > do kfunc and global variable relocations.
> > 
> > Signed-off-by: Daniel Xu <dxu@dxuuu.xyz>
> > ---
> >  include/linux/bpf.h   |  2 ++
> >  kernel/bpf/core.c     | 14 ++++++++++++++
> >  kernel/bpf/verifier.c | 13 +++++--------
> >  3 files changed, 21 insertions(+), 8 deletions(-)
> > 
> > diff --git a/include/linux/bpf.h b/include/linux/bpf.h
> > index 44133727820d..a5806a7b31d3 100644
> > --- a/include/linux/bpf.h
> > +++ b/include/linux/bpf.h
> > @@ -2797,6 +2797,8 @@ static inline int kfunc_desc_cmp_by_id_off(const void *a, const void *b)
> >  }
> >  const struct bpf_kfunc_desc *
> >  find_kfunc_desc(const struct bpf_prog *prog, u32 func_id, u16 offset);
> > +unsigned long bpf_lookup_type_addr(struct btf *btf, const struct btf_type *func,
> > +				   const char **name);
> >  int bpf_get_kfunc_addr(const struct bpf_prog *prog, u32 func_id,
> >  		       u16 btf_fd_idx, u8 **func_addr);
> >  
> > diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c
> > index e892e469061e..13301a668fe0 100644
> > --- a/kernel/bpf/core.c
> > +++ b/kernel/bpf/core.c
> > @@ -1639,6 +1639,20 @@ find_kfunc_desc(const struct bpf_prog *prog, u32 func_id, u16 offset)
> >  }
> >  EXPORT_SYMBOL_GPL(find_kfunc_desc);
> >  
> > +unsigned long bpf_lookup_type_addr(struct btf *btf, const struct btf_type *t,
> > +				   const char **name)
> > +{
> > +	unsigned long addr;
> > +
> > +	*name = btf_name_by_offset(btf, t->name_off);
> > +	addr = kallsyms_lookup_name(*name);
> > +	if (!addr)
> > +		return -ENOENT;
> > +
> > +	return addr;
> > +}
> > +EXPORT_SYMBOL_GPL(bpf_lookup_type_addr);
> 
> Let's namespecify all these new exports? EXPORT_SYMBOL_NS_GPL

Ah didn't know about this. Makes sense - will do.

Thanks,
Daniel

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.