bpf: Add verified_insns to bpf_prog_info and fdinfo

mainline inclusion from mainline-5.16-rc1 commit aba64c7d category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I5EUVD CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=aba64c7da98330141dcdadd5612f088043a83696 ------------------------------------------------- This stat is currently printed in the verifier log and not stored anywhere. To ease consumption of this data, add a field to bpf_prog_aux so it can be exposed via BPF_OBJ_GET_INFO_BY_FD and fdinfo. Signed-off-by: N Dave Marchevsky <davemarchevsky@fb.com> Signed-off-by: N Andrii Nakryiko <andrii@kernel.org> Acked-by: N John Fastabend <john.fastabend@gmail.com> Link: https://lore.kernel.org/bpf/20211020074818.1017682-2-davemarchevsky@fb.com (cherry picked from commit aba64c7d) Signed-off-by: N Wang Yufen <wangyufen@huawei.com>

bpf: Add verified_insns to bpf_prog_info and fdinfo
mainline inclusion from mainline-5.16-rc1 commit aba64c7d category: feature bugzilla: https://gitee.com/openeuler/kernel/issues/I5EUVD CVE: NA Reference: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=aba64c7da98330141dcdadd5612f088043a83696 ------------------------------------------------- This stat is currently printed in the verifier log and not stored anywhere. To ease consumption of this data, add a field to bpf_prog_aux so it can be exposed via BPF_OBJ_GET_INFO_BY_FD and fdinfo. Signed-off-by: N Dave Marchevsky <davemarchevsky@fb.com> Signed-off-by: N Andrii Nakryiko <andrii@kernel.org> Acked-by: N John Fastabend <john.fastabend@gmail.com> Link: https://lore.kernel.org/bpf/20211020074818.1017682-2-davemarchevsky@fb.com (cherry picked from commit aba64c7d) Signed-off-by: N Wang Yufen <wangyufen@huawei.com>
9a9a0067 · Dave Marchevsky · Zheng Zengkai · b87fc8a4 · 9a9a0067 · 9a9a0067
5 changed file
--- a/include/linux/bpf.h
+++ b/include/linux/bpf.h
@@ -915,6 +915,7 @@ struct bpf_prog_aux {
 	struct bpf_prog *prog;
 	struct user_struct *user;
 	u64 load_time; /* ns since boottime */
+	u32 verified_insns;
 	struct bpf_map *cgroup_storage[MAX_BPF_CGROUP_STORAGE_TYPE];
 	char name[BPF_OBJ_NAME_LEN];
 #ifdef CONFIG_SECURITY

--- a/include/uapi/linux/bpf.h
+++ b/include/uapi/linux/bpf.h
@@ -4714,6 +4714,7 @@ struct bpf_prog_info {
 	__u64 run_time_ns;
 	__u64 run_cnt;
 	__u64 recursion_misses;
+	__u32 verified_insns;
 } __attribute__((aligned(8)));
 struct bpf_map_info {

--- a/kernel/bpf/syscall.c
+++ b/kernel/bpf/syscall.c
@@ -1878,7 +1878,8 @@ static void bpf_prog_show_fdinfo(struct seq_file *m, struct file *filp)
 		   "prog_id:\t%u\n"
 		   "run_time_ns:\t%llu\n"
 		   "run_cnt:\t%llu\n"
-		   "recursion_misses:\t%llu\n",
+		   "recursion_misses:\t%llu\n"
+		   "verified_insns:\t%u\n",
 		   prog->type,
 		   prog->jited,
 		   prog_tag,
@@ -1886,7 +1887,8 @@ static void bpf_prog_show_fdinfo(struct seq_file *m, struct file *filp)
 		   prog->aux->id,
 		   stats.nsecs,
 		   stats.cnt,
-		   stats.misses);
+		   stats.misses,
+		   prog->aux->verified_insns);
 }
 #endif
@@ -3577,6 +3579,8 @@ static int bpf_prog_get_info_by_fd(struct file *file,
 	info.run_cnt = stats.cnt;
 	info.recursion_misses = stats.misses;
+	info.verified_insns = prog->aux->verified_insns;
 	if (!bpf_capable()) {
 		info.jited_prog_len = 0;
 		info.xlated_prog_len = 0;

--- a/kernel/bpf/verifier.c
+++ b/kernel/bpf/verifier.c
@@ -13518,6 +13518,7 @@ int bpf_check(struct bpf_prog **prog, union bpf_attr *attr, bpfptr_t uattr)
 	env->verification_time = ktime_get_ns() - start_time;
 	print_verification_stats(env);
+	env->prog->aux->verified_insns = env->insn_processed;
 	if (log->level && bpf_verifier_log_full(log))
 		ret = -ENOSPC;

--- a/tools/include/uapi/linux/bpf.h
+++ b/tools/include/uapi/linux/bpf.h
@@ -5423,6 +5423,7 @@ struct bpf_prog_info {
 	__u64 run_time_ns;
 	__u64 run_cnt;
 	__u64 recursion_misses;
+	__u32 verified_insns;
 } __attribute__((aligned(8)));
 struct bpf_map_info {