1 /* Common BPF helpers to be used by all BPF programs loaded by Android */ 2 3 #include <linux/bpf.h> 4 #include <stdbool.h> 5 #include <stdint.h> 6 7 #include "bpf_map_def.h" 8 9 /****************************************************************************** 10 * WARNING: CHANGES TO THIS FILE OUTSIDE OF AOSP/MASTER ARE LIKELY TO BREAK * 11 * DEVICE COMPATIBILITY WITH MAINLINE MODULES SHIPPING EBPF CODE. * 12 * * 13 * THIS WILL LIKELY RESULT IN BRICKED DEVICES AT SOME ARBITRARY FUTURE TIME * 14 * * 15 * THAT GOES ESPECIALLY FOR THE 'SEC' 'LICENSE' AND 'CRITICAL' MACRO DEFINES * 16 * * 17 * We strongly suggest that if you need changes to bpfloader functionality * 18 * you get your changes reviewed and accepted into aosp/master. * 19 * * 20 ******************************************************************************/ 21 22 /* place things in different elf sections */ 23 #define SEC(NAME) __attribute__((section(NAME), used)) 24 25 /* Must be present in every program, example usage: 26 * LICENSE("GPL"); or LICENSE("Apache 2.0"); 27 * 28 * We also take this opportunity to embed a bunch of other useful values in 29 * the resulting .o (This is to enable some limited forward compatibility 30 * with mainline module shipped ebpf programs) 31 * 32 * The bpfloader_{min/max}_ver defines the [min, max) range of bpfloader 33 * versions that should load this .o file (bpfloaders outside of this range 34 * will simply ignore/skip this *entire* .o) 35 * The [inclusive,exclusive) matches what we do for kernel ver dependencies. 36 * 37 * The size_of_bpf_{map,prog}_def allow the bpfloader to load programs where 38 * these structures have been extended with additional fields (they will of 39 * course simply be ignored then). 40 * 41 * If missing, bpfloader_{min/max}_ver default to 0/0x10000 ie. [v0.0, v1.0), 42 * while size_of_bpf_{map/prog}_def default to 32/20 which are the v0.0 sizes. 43 */ 44 #define LICENSE(NAME) \ 45 unsigned int _bpfloader_min_ver SEC("bpfloader_min_ver") = DEFAULT_BPFLOADER_MIN_VER; \ 46 unsigned int _bpfloader_max_ver SEC("bpfloader_max_ver") = DEFAULT_BPFLOADER_MAX_VER; \ 47 size_t _size_of_bpf_map_def SEC("size_of_bpf_map_def") = sizeof(struct bpf_map_def); \ 48 size_t _size_of_bpf_prog_def SEC("size_of_bpf_prog_def") = sizeof(struct bpf_prog_def); \ 49 char _license[] SEC("license") = (NAME) 50 51 /* flag the resulting bpf .o file as critical to system functionality, 52 * loading all kernel version appropriate programs in it must succeed 53 * for bpfloader success 54 */ 55 #define CRITICAL(REASON) char _critical[] SEC("critical") = (REASON) 56 57 /* 58 * Helper functions called from eBPF programs written in C. These are 59 * implemented in the kernel sources. 60 */ 61 62 #define KVER_NONE 0 63 #define KVER(a, b, c) (((a) << 24) + ((b) << 16) + (c)) 64 #define KVER_INF 0xFFFFFFFFu 65 66 /* generic functions */ 67 68 /* 69 * Type-unsafe bpf map functions - avoid if possible. 70 * 71 * Using these it is possible to pass in keys/values of the wrong type/size, 72 * or, for 'bpf_map_lookup_elem_unsafe' receive into a pointer to the wrong type. 73 * You will not get a compile time failure, and for certain types of errors you 74 * might not even get a failure from the kernel's ebpf verifier during program load, 75 * instead stuff might just not work right at runtime. 76 * 77 * Instead please use: 78 * DEFINE_BPF_MAP(foo_map, TYPE, KeyType, ValueType, num_entries) 79 * where TYPE can be something like HASH or ARRAY, and num_entries is an integer. 80 * 81 * This defines the map (hence this should not be used in a header file included 82 * from multiple locations) and provides type safe accessors: 83 * ValueType * bpf_foo_map_lookup_elem(const KeyType *) 84 * int bpf_foo_map_update_elem(const KeyType *, const ValueType *, flags) 85 * int bpf_foo_map_delete_elem(const KeyType *) 86 * 87 * This will make sure that if you change the type of a map you'll get compile 88 * errors at any spots you forget to update with the new type. 89 * 90 * Note: these all take pointers to const map because from the C/eBPF point of view 91 * the map struct is really just a readonly map definition of the in kernel object. 92 * Runtime modification of the map defining struct is meaningless, since 93 * the contents is only ever used during bpf program loading & map creation 94 * by the bpf loader, and not by the eBPF program itself. 95 */ 96 static void* (*bpf_map_lookup_elem_unsafe)(const struct bpf_map_def* map, 97 const void* key) = (void*)BPF_FUNC_map_lookup_elem; 98 static int (*bpf_map_update_elem_unsafe)(const struct bpf_map_def* map, const void* key, 99 const void* value, unsigned long long flags) = (void*) 100 BPF_FUNC_map_update_elem; 101 static int (*bpf_map_delete_elem_unsafe)(const struct bpf_map_def* map, 102 const void* key) = (void*)BPF_FUNC_map_delete_elem; 103 104 /* type safe macro to declare a map and related accessor functions */ 105 #define DEFINE_BPF_MAP_UGM(the_map, TYPE, TypeOfKey, TypeOfValue, num_entries, usr, grp, md) \ 106 const struct bpf_map_def SEC("maps") the_map = { \ 107 .type = BPF_MAP_TYPE_##TYPE, \ 108 .key_size = sizeof(TypeOfKey), \ 109 .value_size = sizeof(TypeOfValue), \ 110 .max_entries = (num_entries), \ 111 .map_flags = 0, \ 112 .uid = (usr), \ 113 .gid = (grp), \ 114 .mode = (md), \ 115 .bpfloader_min_ver = DEFAULT_BPFLOADER_MIN_VER, \ 116 .bpfloader_max_ver = DEFAULT_BPFLOADER_MAX_VER, \ 117 .min_kver = KVER_NONE, \ 118 .max_kver = KVER_INF, \ 119 }; \ 120 \ 121 static inline __always_inline __unused TypeOfValue* bpf_##the_map##_lookup_elem( \ 122 const TypeOfKey* k) { \ 123 return bpf_map_lookup_elem_unsafe(&the_map, k); \ 124 }; \ 125 \ 126 static inline __always_inline __unused int bpf_##the_map##_update_elem( \ 127 const TypeOfKey* k, const TypeOfValue* v, unsigned long long flags) { \ 128 return bpf_map_update_elem_unsafe(&the_map, k, v, flags); \ 129 }; \ 130 \ 131 static inline __always_inline __unused int bpf_##the_map##_delete_elem(const TypeOfKey* k) { \ 132 return bpf_map_delete_elem_unsafe(&the_map, k); \ 133 }; 134 135 #define DEFINE_BPF_MAP(the_map, TYPE, TypeOfKey, TypeOfValue, num_entries) \ 136 DEFINE_BPF_MAP_UGM(the_map, TYPE, TypeOfKey, TypeOfValue, num_entries, AID_ROOT, AID_ROOT, 0600) 137 138 #define DEFINE_BPF_MAP_GWO(the_map, TYPE, TypeOfKey, TypeOfValue, num_entries, gid) \ 139 DEFINE_BPF_MAP_UGM(the_map, TYPE, TypeOfKey, TypeOfValue, num_entries, AID_ROOT, gid, 0620) 140 141 #define DEFINE_BPF_MAP_GRO(the_map, TYPE, TypeOfKey, TypeOfValue, num_entries, gid) \ 142 DEFINE_BPF_MAP_UGM(the_map, TYPE, TypeOfKey, TypeOfValue, num_entries, AID_ROOT, gid, 0640) 143 144 #define DEFINE_BPF_MAP_GRW(the_map, TYPE, TypeOfKey, TypeOfValue, num_entries, gid) \ 145 DEFINE_BPF_MAP_UGM(the_map, TYPE, TypeOfKey, TypeOfValue, num_entries, AID_ROOT, gid, 0660) 146 147 static int (*bpf_probe_read)(void* dst, int size, void* unsafe_ptr) = (void*) BPF_FUNC_probe_read; 148 static int (*bpf_probe_read_str)(void* dst, int size, void* unsafe_ptr) = (void*) BPF_FUNC_probe_read_str; 149 static unsigned long long (*bpf_ktime_get_ns)(void) = (void*) BPF_FUNC_ktime_get_ns; 150 static unsigned long long (*bpf_ktime_get_boot_ns)(void) = (void*)BPF_FUNC_ktime_get_boot_ns; 151 static int (*bpf_trace_printk)(const char* fmt, int fmt_size, ...) = (void*) BPF_FUNC_trace_printk; 152 static unsigned long long (*bpf_get_current_pid_tgid)(void) = (void*) BPF_FUNC_get_current_pid_tgid; 153 static unsigned long long (*bpf_get_current_uid_gid)(void) = (void*) BPF_FUNC_get_current_uid_gid; 154 static unsigned long long (*bpf_get_smp_processor_id)(void) = (void*) BPF_FUNC_get_smp_processor_id; 155 156 #define DEFINE_BPF_PROG_KVER_RANGE_OPT(SECTION_NAME, prog_uid, prog_gid, the_prog, min_kv, max_kv, \ 157 opt) \ 158 const struct bpf_prog_def SEC("progs") the_prog##_def = { \ 159 .uid = (prog_uid), \ 160 .gid = (prog_gid), \ 161 .min_kver = (min_kv), \ 162 .max_kver = (max_kv), \ 163 .optional = (opt), \ 164 .bpfloader_min_ver = DEFAULT_BPFLOADER_MIN_VER, \ 165 .bpfloader_max_ver = DEFAULT_BPFLOADER_MAX_VER, \ 166 }; \ 167 SEC(SECTION_NAME) \ 168 int the_prog 169 170 // Programs (here used in the sense of functions/sections) marked optional are allowed to fail 171 // to load (for example due to missing kernel patches). 172 // The bpfloader will just ignore these failures and continue processing the next section. 173 // 174 // A non-optional program (function/section) failing to load causes a failure and aborts 175 // processing of the entire .o, if the .o is additionally marked critical, this will result 176 // in the entire bpfloader process terminating with a failure and not setting the bpf.progs_loaded 177 // system property. This in turn results in waitForProgsLoaded() never finishing. 178 // 179 // ie. a non-optional program in a critical .o is mandatory for kernels matching the min/max kver. 180 181 // programs requiring a kernel version >= min_kv && < max_kv 182 #define DEFINE_BPF_PROG_KVER_RANGE(SECTION_NAME, prog_uid, prog_gid, the_prog, min_kv, max_kv) \ 183 DEFINE_BPF_PROG_KVER_RANGE_OPT(SECTION_NAME, prog_uid, prog_gid, the_prog, min_kv, max_kv, \ 184 false) 185 #define DEFINE_OPTIONAL_BPF_PROG_KVER_RANGE(SECTION_NAME, prog_uid, prog_gid, the_prog, min_kv, \ 186 max_kv) \ 187 DEFINE_BPF_PROG_KVER_RANGE_OPT(SECTION_NAME, prog_uid, prog_gid, the_prog, min_kv, max_kv, true) 188 189 // programs requiring a kernel version >= min_kv 190 #define DEFINE_BPF_PROG_KVER(SECTION_NAME, prog_uid, prog_gid, the_prog, min_kv) \ 191 DEFINE_BPF_PROG_KVER_RANGE_OPT(SECTION_NAME, prog_uid, prog_gid, the_prog, min_kv, KVER_INF, \ 192 false) 193 #define DEFINE_OPTIONAL_BPF_PROG_KVER(SECTION_NAME, prog_uid, prog_gid, the_prog, min_kv) \ 194 DEFINE_BPF_PROG_KVER_RANGE_OPT(SECTION_NAME, prog_uid, prog_gid, the_prog, min_kv, KVER_INF, \ 195 true) 196 197 // programs with no kernel version requirements 198 #define DEFINE_BPF_PROG(SECTION_NAME, prog_uid, prog_gid, the_prog) \ 199 DEFINE_BPF_PROG_KVER_RANGE_OPT(SECTION_NAME, prog_uid, prog_gid, the_prog, 0, KVER_INF, false) 200 #define DEFINE_OPTIONAL_BPF_PROG(SECTION_NAME, prog_uid, prog_gid, the_prog) \ 201 DEFINE_BPF_PROG_KVER_RANGE_OPT(SECTION_NAME, prog_uid, prog_gid, the_prog, 0, KVER_INF, true) 202