Re: [PATCH RFC bpf-next v2 02/10] bpf/helpers: introduce sleepable timers

From: Kui-Feng Lee
Date: Fri Feb 16 2024 - 11:58:49 EST

Next message: Alex Deucher: "Re: [PATCH 1/3] drm/radeon: Use RMW accessors for changing LNKCTL2"
Previous message: David Lechner: "Re: [PATCH v3 5/5] iio: adc: ad7192: Add AD7194 support"
In reply to: Toke Høiland-Jørgensen: "Re: [PATCH RFC bpf-next v2 02/10] bpf/helpers: introduce sleepable timers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2/14/24 09:18, Benjamin Tissoires wrote:

+static void bpf_timer_work_cb(struct work_struct *work)
+{
+ struct bpf_hrtimer *t = container_of(work, struct bpf_hrtimer, work);
+ struct bpf_map *map = t->map;
+ void *value = t->value;
+ bpf_callback_t callback_fn;
+ void *key;
+ u32 idx;
+
+ BTF_TYPE_EMIT(struct bpf_timer);
+
+ rcu_read_lock();
+ callback_fn = rcu_dereference(t->sleepable_cb_fn);
+ rcu_read_unlock();
+ if (!callback_fn)
+ return;
+
+ /* FIXME: do we need any locking? */
+ if (map->map_type == BPF_MAP_TYPE_ARRAY) {
+ struct bpf_array *array = container_of(map, struct bpf_array, map);
+
+ /* compute the key */
+ idx = ((char *)value - array->value) / array->elem_size;
+ key = &idx;
+ } else { /* hash or lru */
+ key = value - round_up(map->key_size, 8);
+ }
+
+ /* FIXME: this crashes the system with
+ * BUG: kernel NULL pointer dereference, address: 000000000000000b
+ */
+ /* callback_fn((u64)(long)map, (u64)(long)key, (u64)(long)value, 0, 0); */
+ /* The verifier checked that return value is zero. */
+}
+
static DEFINE_PER_CPU(struct bpf_hrtimer *, hrtimer_running);
static enum hrtimer_restart bpf_timer_cb(struct hrtimer *hrtimer)
{
struct bpf_hrtimer *t = container_of(hrtimer, struct bpf_hrtimer, timer);
+ bpf_callback_t callback_fn, sleepable_cb_fn;
struct bpf_map *map = t->map;
void *value = t->value;
- bpf_callback_t callback_fn;
void *key;
u32 idx;
BTF_TYPE_EMIT(struct bpf_timer);
+ sleepable_cb_fn = rcu_dereference_check(t->sleepable_cb_fn, rcu_read_lock_bh_held());
+ if (sleepable_cb_fn) {
+ schedule_work(&t->work);

It seems nothing to stop the timer from being free here, right?

You should have a way to make sure the timer & programs here is
still alive when the work is running. For example, it can be flags
to indicate the work is scheduled to prevent the timer from releasing,
and indicate the timer should be free when returning from the callback.

+ goto out;
+ }
+
callback_fn = rcu_dereference_check(t->callback_fn, rcu_read_lock_bh_held());
if (!callback_fn)

Next message: Alex Deucher: "Re: [PATCH 1/3] drm/radeon: Use RMW accessors for changing LNKCTL2"
Previous message: David Lechner: "Re: [PATCH v3 5/5] iio: adc: ad7192: Add AD7194 support"
In reply to: Toke Høiland-Jørgensen: "Re: [PATCH RFC bpf-next v2 02/10] bpf/helpers: introduce sleepable timers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]