[PATCH RESEND v3 0/3] bpf/verifier: Expand the usage scenarios of bpf_kptr_xchg
From: Chengkaitao
Date: Mon Feb 02 2026 - 02:25:01 EST
From: Chengkaitao <chengkaitao@xxxxxxxxxx>
When using bpf_kptr_xchg, we triggered the following error:
31: (85) call bpf_kptr_xchg#194
function calls are not allowed while holding a lock
bpf_kptr_xchg can now be used in lock-held contexts, so we extended
its usage scope in [patch 1/2].
When writing test cases using bpf_kptr_xchg and bpf_rbtree_*, the
following approach must be followed:
bpf_spin_lock(&lock);
rb_n = bpf_rbtree_root(&root);
while (rb_n && can_loop) {
rb_n = bpf_rbtree_remove(&root, rb_n);
if (!rb_n)
goto fail;
tnode = container_of(rb_n, struct tree_node, node);
node_data = bpf_kptr_xchg(&tnode->node_data, NULL);
if (!node_data)
goto fail;
data = node_data->data;
/* use data to do something */
node_data = bpf_kptr_xchg(&tnode->node_data, node_data);
if (node_data)
goto fail;
bpf_rbtree_add(&root, rb_n, less);
if (lookup_key < tnode->key)
rb_n = bpf_rbtree_left(&root, rb_n);
else
rb_n = bpf_rbtree_right(&root, rb_n);
}
bpf_spin_unlock(&lock);
The above illustrates a lock-remove-read-add-unlock workflow, which
exhibits lower performance. To address this, we introduced support
for a streamlined lock-read-unlock operation in [patch 2/2].
Changes in v3:
- Fix compilation errors
Changes in v2:
- Allow using bpf_kptr_xchg even if the NON_OWN_REF flag is set
- Add test case
Link to V2:
https://lore.kernel.org/all/20260201031607.32940-1-pilgrimtao@xxxxxxxxx/
Link to V1:
https://lore.kernel.org/all/20260122081426.78472-1-pilgrimtao@xxxxxxxxx/
Chengkaitao (3):
bpf/verifier: allow calling bpf_kptr_xchg while holding a lock
bpf/verifier: allow using bpf_kptr_xchg even if the NON_OWN_REF flag
is set
selftests/bpf: Add supplementary tests for bpf_kptr_xchg
kernel/bpf/verifier.c | 7 +-
.../testing/selftests/bpf/prog_tests/rbtree.c | 6 +
tools/testing/selftests/bpf/progs/bpf_misc.h | 4 +
.../selftests/bpf/progs/rbtree_search_kptr.c | 164 ++++++++++++++++++
4 files changed, 179 insertions(+), 2 deletions(-)
create mode 100644 tools/testing/selftests/bpf/progs/rbtree_search_kptr.c
--
2.50.1 (Apple Git-155)