diff options
Diffstat (limited to 'kernel')
| -rw-r--r-- | kernel/bpf/core.c | 30 | ||||
| -rw-r--r-- | kernel/seccomp.c | 10 |
2 files changed, 19 insertions, 21 deletions
diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c index 188ac5ba3900..7f0dbcbb34af 100644 --- a/kernel/bpf/core.c +++ b/kernel/bpf/core.c | |||
| @@ -73,15 +73,13 @@ noinline u64 __bpf_call_base(u64 r1, u64 r2, u64 r3, u64 r4, u64 r5) | |||
| 73 | } | 73 | } |
| 74 | 74 | ||
| 75 | /** | 75 | /** |
| 76 | * __sk_run_filter - run a filter on a given context | 76 | * __bpf_prog_run - run eBPF program on a given context |
| 77 | * @ctx: buffer to run the filter on | 77 | * @ctx: is the data we are operating on |
| 78 | * @insn: filter to apply | 78 | * @insn: is the array of eBPF instructions |
| 79 | * | 79 | * |
| 80 | * Decode and apply filter instructions to the skb->data. Return length to | 80 | * Decode and execute eBPF instructions. |
| 81 | * keep, 0 for none. @ctx is the data we are operating on, @insn is the | ||
| 82 | * array of filter instructions. | ||
| 83 | */ | 81 | */ |
| 84 | static unsigned int __sk_run_filter(void *ctx, const struct bpf_insn *insn) | 82 | static unsigned int __bpf_prog_run(void *ctx, const struct bpf_insn *insn) |
| 85 | { | 83 | { |
| 86 | u64 stack[MAX_BPF_STACK / sizeof(u64)]; | 84 | u64 stack[MAX_BPF_STACK / sizeof(u64)]; |
| 87 | u64 regs[MAX_BPF_REG], tmp; | 85 | u64 regs[MAX_BPF_REG], tmp; |
| @@ -508,29 +506,29 @@ load_byte: | |||
| 508 | return 0; | 506 | return 0; |
| 509 | } | 507 | } |
| 510 | 508 | ||
| 511 | void __weak bpf_int_jit_compile(struct sk_filter *prog) | 509 | void __weak bpf_int_jit_compile(struct bpf_prog *prog) |
| 512 | { | 510 | { |
| 513 | } | 511 | } |
| 514 | 512 | ||
| 515 | /** | 513 | /** |
| 516 | * sk_filter_select_runtime - select execution runtime for BPF program | 514 | * bpf_prog_select_runtime - select execution runtime for BPF program |
| 517 | * @fp: sk_filter populated with internal BPF program | 515 | * @fp: bpf_prog populated with internal BPF program |
| 518 | * | 516 | * |
| 519 | * try to JIT internal BPF program, if JIT is not available select interpreter | 517 | * try to JIT internal BPF program, if JIT is not available select interpreter |
| 520 | * BPF program will be executed via SK_RUN_FILTER() macro | 518 | * BPF program will be executed via BPF_PROG_RUN() macro |
| 521 | */ | 519 | */ |
| 522 | void sk_filter_select_runtime(struct sk_filter *fp) | 520 | void bpf_prog_select_runtime(struct bpf_prog *fp) |
| 523 | { | 521 | { |
| 524 | fp->bpf_func = (void *) __sk_run_filter; | 522 | fp->bpf_func = (void *) __bpf_prog_run; |
| 525 | 523 | ||
| 526 | /* Probe if internal BPF can be JITed */ | 524 | /* Probe if internal BPF can be JITed */ |
| 527 | bpf_int_jit_compile(fp); | 525 | bpf_int_jit_compile(fp); |
| 528 | } | 526 | } |
| 529 | EXPORT_SYMBOL_GPL(sk_filter_select_runtime); | 527 | EXPORT_SYMBOL_GPL(bpf_prog_select_runtime); |
| 530 | 528 | ||
| 531 | /* free internal BPF program */ | 529 | /* free internal BPF program */ |
| 532 | void sk_filter_free(struct sk_filter *fp) | 530 | void bpf_prog_free(struct bpf_prog *fp) |
| 533 | { | 531 | { |
| 534 | bpf_jit_free(fp); | 532 | bpf_jit_free(fp); |
| 535 | } | 533 | } |
| 536 | EXPORT_SYMBOL_GPL(sk_filter_free); | 534 | EXPORT_SYMBOL_GPL(bpf_prog_free); |
diff --git a/kernel/seccomp.c b/kernel/seccomp.c index 33a3a97e2b58..2f3fa2cc2eac 100644 --- a/kernel/seccomp.c +++ b/kernel/seccomp.c | |||
| @@ -54,7 +54,7 @@ | |||
| 54 | struct seccomp_filter { | 54 | struct seccomp_filter { |
| 55 | atomic_t usage; | 55 | atomic_t usage; |
| 56 | struct seccomp_filter *prev; | 56 | struct seccomp_filter *prev; |
| 57 | struct sk_filter *prog; | 57 | struct bpf_prog *prog; |
| 58 | }; | 58 | }; |
| 59 | 59 | ||
| 60 | /* Limit any path through the tree to 256KB worth of instructions. */ | 60 | /* Limit any path through the tree to 256KB worth of instructions. */ |
| @@ -187,7 +187,7 @@ static u32 seccomp_run_filters(int syscall) | |||
| 187 | * value always takes priority (ignoring the DATA). | 187 | * value always takes priority (ignoring the DATA). |
| 188 | */ | 188 | */ |
| 189 | for (f = current->seccomp.filter; f; f = f->prev) { | 189 | for (f = current->seccomp.filter; f; f = f->prev) { |
| 190 | u32 cur_ret = SK_RUN_FILTER(f->prog, (void *)&sd); | 190 | u32 cur_ret = BPF_PROG_RUN(f->prog, (void *)&sd); |
| 191 | 191 | ||
| 192 | if ((cur_ret & SECCOMP_RET_ACTION) < (ret & SECCOMP_RET_ACTION)) | 192 | if ((cur_ret & SECCOMP_RET_ACTION) < (ret & SECCOMP_RET_ACTION)) |
| 193 | ret = cur_ret; | 193 | ret = cur_ret; |
| @@ -260,7 +260,7 @@ static long seccomp_attach_filter(struct sock_fprog *fprog) | |||
| 260 | if (!filter) | 260 | if (!filter) |
| 261 | goto free_prog; | 261 | goto free_prog; |
| 262 | 262 | ||
| 263 | filter->prog = kzalloc(sk_filter_size(new_len), | 263 | filter->prog = kzalloc(bpf_prog_size(new_len), |
| 264 | GFP_KERNEL|__GFP_NOWARN); | 264 | GFP_KERNEL|__GFP_NOWARN); |
| 265 | if (!filter->prog) | 265 | if (!filter->prog) |
| 266 | goto free_filter; | 266 | goto free_filter; |
| @@ -273,7 +273,7 @@ static long seccomp_attach_filter(struct sock_fprog *fprog) | |||
| 273 | atomic_set(&filter->usage, 1); | 273 | atomic_set(&filter->usage, 1); |
| 274 | filter->prog->len = new_len; | 274 | filter->prog->len = new_len; |
| 275 | 275 | ||
| 276 | sk_filter_select_runtime(filter->prog); | 276 | bpf_prog_select_runtime(filter->prog); |
| 277 | 277 | ||
| 278 | /* | 278 | /* |
| 279 | * If there is an existing filter, make it the prev and don't drop its | 279 | * If there is an existing filter, make it the prev and don't drop its |
| @@ -337,7 +337,7 @@ void put_seccomp_filter(struct task_struct *tsk) | |||
| 337 | while (orig && atomic_dec_and_test(&orig->usage)) { | 337 | while (orig && atomic_dec_and_test(&orig->usage)) { |
| 338 | struct seccomp_filter *freeme = orig; | 338 | struct seccomp_filter *freeme = orig; |
| 339 | orig = orig->prev; | 339 | orig = orig->prev; |
| 340 | sk_filter_free(freeme->prog); | 340 | bpf_prog_free(freeme->prog); |
| 341 | kfree(freeme); | 341 | kfree(freeme); |
| 342 | } | 342 | } |
| 343 | } | 343 | } |