From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id D0D8E45656;
	Fri, 19 Jul 2024 19:13:27 +0200 (CEST)
Received: from mails.dpdk.org (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 9AB1B40EF1;
	Fri, 19 Jul 2024 19:13:27 +0200 (CEST)
Received: from mail-pf1-f179.google.com (mail-pf1-f179.google.com
 [209.85.210.179])
 by mails.dpdk.org (Postfix) with ESMTP id 5051540EF1
 for <dev@dpdk.org>; Fri, 19 Jul 2024 19:13:26 +0200 (CEST)
Received: by mail-pf1-f179.google.com with SMTP id
 d2e1a72fcca58-70b3c0a00f2so787729b3a.3
 for <dev@dpdk.org>; Fri, 19 Jul 2024 10:13:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=networkplumber-org.20230601.gappssmtp.com; s=20230601; t=1721409205;
 x=1722014005; darn=dpdk.org; 
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:subject:cc:to:from:date:from:to:cc:subject:date
 :message-id:reply-to;
 bh=v/yzLv4KYpC/A1M3FDQ5LAUy+Tkd57M9Ss/gnKmcYoA=;
 b=pqx+lLoM62RxjYEm80QAoX/vgxZD31aRJs5zFbwOPwp5pf1aak5lYyGvWjLRhMeyRg
 +xrdMiYr8jvwEoT2eNvk9HFhm0b7QsXBTbCrEzmso27DSrAN3IkSmF3PWx1U6SiInLCv
 bZUd3VGtSur0gAIFkmkzNFcoXWxctymeBlv7nVNRxm6accUuahssoyTEDAyHNVajaiJK
 /Cy8ugEE4gYoM0uJ9SWxHl8qCnff0JvfISPP0IzjzOzq1952lKoqjOhJ5OgfpSj05r5W
 vlsA+xhdAHRJnz1tUREY6pSUiOndg0Mr+iRv7QqLppFjn038pHPzze8nzVIhoK3hfB4h
 THhA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20230601; t=1721409205; x=1722014005;
 h=content-transfer-encoding:mime-version:references:in-reply-to
 :message-id:subject:cc:to:from:date:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=v/yzLv4KYpC/A1M3FDQ5LAUy+Tkd57M9Ss/gnKmcYoA=;
 b=F9PuOrKKgASgiDivmrpoU+atU14kWVe21J/KHQOlN+Hjc72eKnjZG7WfjLfNZruRke
 cIdBTP7+gHqCSbSRZ1HgrtohRSRZEEX/SKlVJh/TAJhiGqX2BcnS/73arIv+c9DE+K20
 nRGbyrCYaJZHgD7MoWCJrsz8agPEmSs/q1yXa0ol3Q756JoqqJWHhAhpVrkQCeMZ9gDm
 CbuvHuMvqWeUcSgqqhfsr1snU3ep3SeNQ7LAXdlIjr4ISfERbBhjo0yV9qrMf27uG0xY
 0sryzCg8Flyy3CR0WRe/OBHQjbRVzSSusgLEU5X/af26N45lD/Ee2+A0mQruGkSOmhE2
 SqUg==
X-Forwarded-Encrypted: i=1;
 AJvYcCXD4a/pW+aCIPR/8kBArYkMio7pnJSbuuBHYZsaJzj6FwqHySwYAFfin8x1k2q8CHfH7GaWtEX0gT3ro84=
X-Gm-Message-State: AOJu0YztWQbKi+DpYHBKrADsvXUK7PuwA8UWDP1csr0RBeVm04grvC9x
 f400MmeLFlHLRIDdex+G6W2tdN9hIlVLp+AleG8Yp8sMTWjjcMiZ0ibZpL4uUyA=
X-Google-Smtp-Source: AGHT+IEC9JAOMhuR8KkP4clYD5y6FNSj7ODLXar22tvldSa8k5DXvvRD3FLS6qLC20jSavNatX9Www==
X-Received: by 2002:a05:6a00:218f:b0:70b:10fe:10a9 with SMTP id
 d2e1a72fcca58-70d0864acf1mr759558b3a.29.1721409205335; 
 Fri, 19 Jul 2024 10:13:25 -0700 (PDT)
Received: from hermes.local (204-195-96-226.wavecable.com. [204.195.96.226])
 by smtp.gmail.com with ESMTPSA id
 d2e1a72fcca58-70cff491057sm1421008b3a.8.2024.07.19.10.13.24
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Fri, 19 Jul 2024 10:13:25 -0700 (PDT)
Date: Fri, 19 Jul 2024 10:13:23 -0700
From: Stephen Hemminger <stephen@networkplumber.org>
To: Konstantin Ananyev <konstantin.ananyev@huawei.com>
Cc: Konstantin Ananyev <konstantin.v.ananyev@yandex.ru>, "dev@dpdk.org"
 <dev@dpdk.org>
Subject: Re: BPF standardization
Message-ID: <20240719101323.5e880752@hermes.local>
In-Reply-To: <956072b13b7b45fe8ce676989580f3e0@huawei.com>
References: <20240530162326.02218863@hermes.local>
 <956072b13b7b45fe8ce676989580f3e0@huawei.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

On Fri, 19 Jul 2024 09:12:58 +0000
Konstantin Ananyev <konstantin.ananyev@huawei.com> wrote:

> bpf_convert_filter() uses standard approach with XOR-ing itself:
> xor r0, r0, r0
> to reset some register values.
> Unfortunately linux verifier seems way too strict here and
> doesn't allow access to register with undefined value.
> It generates error log like that for this op:
> Failed to verify program: Permission denied (13)
> LOG: func#0 @0
> 0: R1=ctx(id=0,off=0,imm=0) R10=fp0
> 0: (af) r0 ^= r0
> R0 !read_ok
> processed 1 insns (limit 1000000) max_states_per_insn 0 total_states 0 peak_states 0 mark_read 0
> 
> To overcome that, simply replace XOR with itself to explicit
> mov32 r0, #0x0
> 
> Signed-off-by: Konstantin Ananyev <konstantin.ananyev@huawei.com>
> ---
>  lib/bpf/bpf_convert.c | 7 +++++--
>  1 file changed, 5 insertions(+), 2 deletions(-)
> 
> diff --git a/lib/bpf/bpf_convert.c b/lib/bpf/bpf_convert.c
> index d7ff2b4325..eceaa19c76 100644
> --- a/lib/bpf/bpf_convert.c
> +++ b/lib/bpf/bpf_convert.c
> @@ -267,8 +267,11 @@ static int bpf_convert_filter(const struct bpf_insn *prog, size_t len,
>  		/* Classic BPF expects A and X to be reset first. These need
>  		 * to be guaranteed to be the first two instructions.
>  		 */
> -		*new_insn++ = EBPF_ALU64_REG(BPF_XOR, BPF_REG_A, BPF_REG_A);
> -		*new_insn++ = EBPF_ALU64_REG(BPF_XOR, BPF_REG_X, BPF_REG_X);
> +		//*new_insn++ = EBPF_ALU64_REG(BPF_XOR, BPF_REG_A, BPF_REG_A);
> +		//*new_insn++ = EBPF_ALU64_REG(BPF_XOR, BPF_REG_X, BPF_REG_X);
> +
> +		*new_insn++ = BPF_MOV32_IMM(BPF_REG_A, 0);
> +		*new_insn++ = BPF_MOV32_IMM(BPF_REG_X, 0);
>  
>  		/* All programs must keep CTX in callee saved BPF_REG_CTX.
>  		 * In eBPF case it's done by the compiler, here we need to

This was taken from how kernel converts cBPF and the prologue it generates.
Surprising that verifier gags?

see net/core/filter.c
	/* Classic BPF related prologue emission. */
	if (new_prog) {
		/* Classic BPF expects A and X to be reset first. These need
		 * to be guaranteed to be the first two instructions.
		 */
		*new_insn++ = BPF_ALU32_REG(BPF_XOR, BPF_REG_A, BPF_REG_A);
		*new_insn++ = BPF_ALU32_REG(BPF_XOR, BPF_REG_X, BPF_REG_X);

		/* All programs must keep CTX in callee saved BPF_REG_CTX.
		 * In eBPF case it's done by the compiler, here we need to
		 * do this ourself. Initial CTX is present in BPF_REG_ARG1.
		 */
		*new_insn++ = BPF_MOV64_REG(BPF_REG_CTX, BPF_REG_ARG1);
		if (*seen_ld_abs) {
			/* For packet access in classic BPF, cache skb->data
			 * in callee-saved BPF R8 and skb->len - skb->data_len
			 * (headlen) in BPF R9. Since classic BPF is read-only
			 * on CTX, we only need to cache it once.
			 */
			*new_insn++ = BPF_LDX_MEM(BPF_FIELD_SIZEOF(struct sk_buff, data),
						  BPF_REG_D, BPF_REG_CTX,
						  offsetof(struct sk_buff, data));
			*new_insn++ = BPF_LDX_MEM(BPF_W, BPF_REG_H, BPF_REG_CTX,
						  offsetof(struct sk_buff, len));
			*new_insn++ = BPF_LDX_MEM(BPF_W, BPF_REG_TMP, BPF_REG_CTX,
						  offsetof(struct sk_buff, data_len));
			*new_insn++ = BPF_ALU32_REG(BPF_SUB, BPF_REG_H, BPF_REG_TMP);
		}