From patchwork Fri May 10 12:28:20 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vadim Fedorenko X-Patchwork-Id: 13661548 X-Patchwork-Delegate: bpf@iogearbox.net Received: from mx0a-00082601.pphosted.com (mx0a-00082601.pphosted.com [67.231.145.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CB35A2C853 for ; Fri, 10 May 2024 12:28:47 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=67.231.145.42 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715344129; cv=none; b=TaPbe8FV5FnByAWmz7HwOdlJ67IgbJfPTRBy5U2nzWGc/SImj/oMI+yg6wLOL2t7MInczeDpLgzMIZA02LEKFEDxfPm9aCplN9BFPmOkPeAbMKTv35TZC5kojVvU/H1P7wD1VnHMkSoVtDdKQprgenNv1noO+f+3KoeD8qJQwl8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715344129; c=relaxed/simple; bh=xx7n+bPkoW5+4rcSAK/H2P8Ebg8192JxiEdBvY6jD34=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=n5GMyvyJbwonoGWaOzhgovt29wiLyfJJxdSAbz8czbzUZwVug9J4CIY4KlAyDNSREVUyr84VeE1O42VQum2OzfE6nHXaTGSD2X7zF447tnorAS7PO8f9JpGQSJQ9OzZV94+dGco+lqcnZgVqfBCuvbqCjrnRd4QDuZ/BiVrLheA= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=meta.com; spf=pass smtp.mailfrom=meta.com; dkim=pass (2048-bit key) header.d=meta.com header.i=@meta.com header.b=i+T2wioN; arc=none smtp.client-ip=67.231.145.42 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=meta.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=meta.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=meta.com header.i=@meta.com header.b="i+T2wioN" Received: from pps.filterd (m0109333.ppops.net [127.0.0.1]) by mx0a-00082601.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 44A0PsSJ003550; Fri, 10 May 2024 05:28:37 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=meta.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=s2048-2021-q4; bh=90g+jyj9c5+rSNBF3TWYN3tmGM5ndi6rUhYFl7rY/zw=; b=i+T2wioNE6KYQ2MIqHoIVvnPn9ZKEjOEvSQ8J3D1QcJz8aoAC2hr5phMfrUAOHuyhr2l +pkRkbAiymLKay+lZ25z1sQTGaQe/qz2VUeq35mXDEwHcF441/MslAkEeZ6zIfRHJamM W+bODE0MjdzBUPQsx0XefdBTYhLLoWHxhFRXldsRDwD8PXmhk+rgl6TI7aWfk5i/IrVf bqF+PLG8eq33/5/uYPriDezYu9CcCcALA4wOuMM5D3KIfqp2W0Xx6KoS7fpU3UpZaNAV mOSej4N2M2oCOIHwCZpDq2gS1/NIRmt5BtalTbmagXJEDJwLjrZRzKkGbs1Bnv8gunUE 7A== Received: from maileast.thefacebook.com ([163.114.130.16]) by mx0a-00082601.pphosted.com (PPS) with ESMTPS id 3y16pwb1t2-6 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT); Fri, 10 May 2024 05:28:36 -0700 Received: from devvm4158.cln0.facebook.com (2620:10d:c0a8:1b::30) by mail.thefacebook.com (2620:10d:c0a8:82::b) with Microsoft SMTP Server id 15.1.2507.35; Fri, 10 May 2024 12:28:33 +0000 From: Vadim Fedorenko To: Vadim Fedorenko , Martin KaFai Lau , Andrii Nakryiko , "Alexei Starovoitov" , Mykola Lysenko , Jakub Kicinski CC: Vadim Fedorenko , Subject: [PATCH bpf-next v2 1/4] bpf: verifier: make kfuncs args nullalble Date: Fri, 10 May 2024 05:28:20 -0700 Message-ID: <20240510122823.1530682-2-vadfed@meta.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240510122823.1530682-1-vadfed@meta.com> References: <20240510122823.1530682-1-vadfed@meta.com> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Proofpoint-GUID: t9l0ohjQLltjDid8DtfEPmP8seB3cUUI X-Proofpoint-ORIG-GUID: t9l0ohjQLltjDid8DtfEPmP8seB3cUUI X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1039,Hydra:6.0.650,FMLib:17.11.176.26 definitions=2024-05-10_08,2024-05-10_02,2023-05-22_02 X-Patchwork-Delegate: bpf@iogearbox.net Some arguments to kfuncs might be NULL in some cases. But currently it's not possible to pass NULL to any BTF structures because the check for the suffix is located after all type checks. Move it to earlier place to allow nullable args. Signed-off-by: Vadim Fedorenko Acked-by: Eduard Zingerman --- kernel/bpf/verifier.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c index 9e3aba08984e..ed67aed3c284 100644 --- a/kernel/bpf/verifier.c +++ b/kernel/bpf/verifier.c @@ -11179,6 +11179,9 @@ get_kfunc_ptr_arg_type(struct bpf_verifier_env *env, if (btf_is_prog_ctx_type(&env->log, meta->btf, t, resolve_prog_type(env->prog), argno)) return KF_ARG_PTR_TO_CTX; + if (is_kfunc_arg_nullable(meta->btf, &args[argno]) && register_is_null(reg)) + return KF_ARG_PTR_TO_NULL; + if (is_kfunc_arg_alloc_obj(meta->btf, &args[argno])) return KF_ARG_PTR_TO_ALLOC_BTF_ID; @@ -11224,9 +11227,6 @@ get_kfunc_ptr_arg_type(struct bpf_verifier_env *env, if (is_kfunc_arg_callback(env, meta->btf, &args[argno])) return KF_ARG_PTR_TO_CALLBACK; - if (is_kfunc_arg_nullable(meta->btf, &args[argno]) && register_is_null(reg)) - return KF_ARG_PTR_TO_NULL; - if (argno + 1 < nargs && (is_kfunc_arg_mem_size(meta->btf, &args[argno + 1], ®s[regno + 1]) || is_kfunc_arg_const_mem_size(meta->btf, &args[argno + 1], ®s[regno + 1]))) From patchwork Fri May 10 12:28:21 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vadim Fedorenko X-Patchwork-Id: 13661549 X-Patchwork-Delegate: bpf@iogearbox.net Received: from mx0b-00082601.pphosted.com (mx0b-00082601.pphosted.com [67.231.153.30]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id E24115F870 for ; Fri, 10 May 2024 12:28:47 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=67.231.153.30 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715344129; cv=none; b=sCOXXVNIsmgIIMbQXsbIZiQYoegJbIiqs7yYKxBspLPbr7dPtqzBMG3+VM56OKVKlyKqCJnmocKx+D2RQoB/Sl4W1qljvOLN46qHtg5Vd7M2/6A3C609w1f/JIjkPo/Bz8H5XYWPh+gzIPBSYnBeENFCG8gTtC0bPXOjJ/K54lc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715344129; c=relaxed/simple; bh=JGCqVzldKsu5q5rOeaTaLkFAcuBIPGmlnnArLlciAvM=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=DrsFsxK3s74VlmB6iJUr80zC3FgGCs3MeI17YadXGtea7Ip90ghW6IrCdh4peLAyT3lyjz668+NZRatgnuY0A4yKH66BjYeAvOQlKoRNeJVAQyO5HoalQoYorH7OXEIkv3jrCJONxSzvMJym8+ruUNnhXy4nIA1NJeLOFLap0U8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=meta.com; spf=pass smtp.mailfrom=meta.com; dkim=pass (2048-bit key) header.d=meta.com header.i=@meta.com header.b=Euov8o4p; arc=none smtp.client-ip=67.231.153.30 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=meta.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=meta.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=meta.com header.i=@meta.com header.b="Euov8o4p" Received: from pps.filterd (m0148460.ppops.net [127.0.0.1]) by mx0a-00082601.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 44A0QAPP021039; Fri, 10 May 2024 05:28:37 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=meta.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=s2048-2021-q4; bh=42iYzeR3dY17wXBYiPFxQ7skv0KWt2TGz/fj6a748nM=; b=Euov8o4pbSsZ+eT9xpIBlLQp14Y4KNMlQz30ge/zgCMPDi3HImMRInoUMVhUOOLsc0A3 8h2QGH3e6Q0tCBS0LF7GukgfDoqnuqbbP+CFk0hT0OIMfOpqrb0OLQ5LqBEyzPW1XiPT xFshz/VByWPSIWrP9sA6AlBiIageKcEFFSyCt4i+tsMzhDeDZUl3L2aqHikELzNeBwbz 14FdGIrqMfVgw77sPVXoczhPpztHSkqMHtQcovGzEwy2DXnC6NiGZHigNlxNsX51hQtM 35H3nvxhdWIrzAZ/kSjbnkjZBlZXGjXxz+Q9a/jtVIAyWE9BAbsFot5n31zcsORkOw9W GQ== Received: from maileast.thefacebook.com ([163.114.130.16]) by mx0a-00082601.pphosted.com (PPS) with ESMTPS id 3y16pxayxy-14 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT); Fri, 10 May 2024 05:28:36 -0700 Received: from devvm4158.cln0.facebook.com (2620:10d:c0a8:1b::30) by mail.thefacebook.com (2620:10d:c0a8:82::b) with Microsoft SMTP Server id 15.1.2507.35; Fri, 10 May 2024 12:28:33 +0000 From: Vadim Fedorenko To: Vadim Fedorenko , Martin KaFai Lau , Andrii Nakryiko , "Alexei Starovoitov" , Mykola Lysenko , Jakub Kicinski CC: Vadim Fedorenko , Subject: [PATCH bpf-next v2 2/4] bpf: crypto: make state and IV dynptr nullable Date: Fri, 10 May 2024 05:28:21 -0700 Message-ID: <20240510122823.1530682-3-vadfed@meta.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240510122823.1530682-1-vadfed@meta.com> References: <20240510122823.1530682-1-vadfed@meta.com> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Proofpoint-GUID: P1xsVddEfrQ2YwRARG7CKjOBs3ldt8pr X-Proofpoint-ORIG-GUID: P1xsVddEfrQ2YwRARG7CKjOBs3ldt8pr X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1039,Hydra:6.0.650,FMLib:17.11.176.26 definitions=2024-05-10_08,2024-05-10_02,2023-05-22_02 X-Patchwork-Delegate: bpf@iogearbox.net Some ciphers do not require state and IV buffer, but with current implementation 0-sized dynptr is always needed. With adjustment to verifier we can provide NULL instead of 0-sized dynptr. Make crypto kfuncs ready for this. Signed-off-by: Vadim Fedorenko Acked-by: Eduard Zingerman --- kernel/bpf/crypto.c | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/kernel/bpf/crypto.c b/kernel/bpf/crypto.c index 2bee4af91e38..ca25ed32e1cb 100644 --- a/kernel/bpf/crypto.c +++ b/kernel/bpf/crypto.c @@ -275,7 +275,7 @@ static int bpf_crypto_crypt(const struct bpf_crypto_ctx *ctx, if (__bpf_dynptr_is_rdonly(dst)) return -EINVAL; - siv_len = __bpf_dynptr_size(siv); + siv_len = siv ? __bpf_dynptr_size(siv) : 0; src_len = __bpf_dynptr_size(src); dst_len = __bpf_dynptr_size(dst); if (!src_len || !dst_len) @@ -303,36 +303,36 @@ static int bpf_crypto_crypt(const struct bpf_crypto_ctx *ctx, /** * bpf_crypto_decrypt() - Decrypt buffer using configured context and IV provided. - * @ctx: The crypto context being used. The ctx must be a trusted pointer. - * @src: bpf_dynptr to the encrypted data. Must be a trusted pointer. - * @dst: bpf_dynptr to the buffer where to store the result. Must be a trusted pointer. - * @siv: bpf_dynptr to IV data and state data to be used by decryptor. + * @ctx: The crypto context being used. The ctx must be a trusted pointer. + * @src: bpf_dynptr to the encrypted data. Must be a trusted pointer. + * @dst: bpf_dynptr to buffer where to store the result. Must be a trusted pointer. + * @siv__nullable: bpf_dynptr to IV data and state data to be used by decryptor. May be NULL. * * Decrypts provided buffer using IV data and the crypto context. Crypto context must be configured. */ __bpf_kfunc int bpf_crypto_decrypt(struct bpf_crypto_ctx *ctx, const struct bpf_dynptr_kern *src, const struct bpf_dynptr_kern *dst, - const struct bpf_dynptr_kern *siv) + const struct bpf_dynptr_kern *siv__nullable) { - return bpf_crypto_crypt(ctx, src, dst, siv, true); + return bpf_crypto_crypt(ctx, src, dst, siv__nullable, true); } /** * bpf_crypto_encrypt() - Encrypt buffer using configured context and IV provided. - * @ctx: The crypto context being used. The ctx must be a trusted pointer. - * @src: bpf_dynptr to the plain data. Must be a trusted pointer. - * @dst: bpf_dynptr to buffer where to store the result. Must be a trusted pointer. - * @siv: bpf_dynptr to IV data and state data to be used by decryptor. + * @ctx: The crypto context being used. The ctx must be a trusted pointer. + * @src: bpf_dynptr to the plain data. Must be a trusted pointer. + * @dst: bpf_dynptr to buffer where to store the result. Must be a trusted pointer. + * @siv__nullable: bpf_dynptr to IV data and state data to be used by decryptor. May be NULL. * * Encrypts provided buffer using IV data and the crypto context. Crypto context must be configured. */ __bpf_kfunc int bpf_crypto_encrypt(struct bpf_crypto_ctx *ctx, const struct bpf_dynptr_kern *src, const struct bpf_dynptr_kern *dst, - const struct bpf_dynptr_kern *siv) + const struct bpf_dynptr_kern *siv__nullable) { - return bpf_crypto_crypt(ctx, src, dst, siv, false); + return bpf_crypto_crypt(ctx, src, dst, siv__nullable, false); } __bpf_kfunc_end_defs(); From patchwork Fri May 10 12:28:22 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Vadim Fedorenko X-Patchwork-Id: 13661550 X-Patchwork-Delegate: bpf@iogearbox.net Received: from mx0a-00082601.pphosted.com (mx0a-00082601.pphosted.com [67.231.145.42]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6F2B112AAE9 for ; Fri, 10 May 2024 12:28:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=67.231.145.42 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715344129; cv=none; b=drCR4RjpbHKdIqRRoY1QkGDPMnnHuJtoYf9rE6bb+gUZaKYldMZAUedz9g3EnQsjtlu4i5E8F7SqsUZIJOWP9G9z3snGfIgJhlmTFJuMgIndQVzDYHPHk1dpS/CN/3W+Ix95BJLWUKIieePvFxlR2l7g2jbkMrZy5ZiCKLOBMBo= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715344129; c=relaxed/simple; bh=Yy8YXC7+UhJNQZDZpXzDLDAOS3PhQf3C5GCrM5+0eMw=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=PB4dktAIiRpSArxiwlukQK2qikT1RYjB3c6DQTemPD09v/0Y49IUiiKuc/E/IfrNJqrmkzNuuhg4JVIGiX1cw5p9ltHu7wvLySwmWLDAdQOF7L8O8Ltudibef3ViNS815+A2lkoP19qFwATdlbLCZSStmw4263VgFNiBUibefdU= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=meta.com; spf=pass smtp.mailfrom=meta.com; dkim=pass (2048-bit key) header.d=meta.com header.i=@meta.com header.b=FfnNpJkP; arc=none smtp.client-ip=67.231.145.42 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=meta.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=meta.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=meta.com header.i=@meta.com header.b="FfnNpJkP" Received: from pps.filterd (m0109333.ppops.net [127.0.0.1]) by mx0a-00082601.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 44A0PsSK003550; Fri, 10 May 2024 05:28:37 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=meta.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-transfer-encoding : content-type; s=s2048-2021-q4; bh=Jv0P5knC923RSnpeJNxI1Sq+V4H3QW9Kcv6Lt++3eNw=; b=FfnNpJkPOHLQl4g3HqeYI5+8fQZGaG7TOF5RHoOENvaHWK6FrG09PZp/DgM9ydwO0eF2 S0SYpxtTk+xPZ9VD5UVsBiH6yfagZRPu1Wij62zWJaElOlO3HtCjpJU9NdOvzlAbliqc B3NgpTn7eNukjK8v7+We6sngMNKbF4ZG6ktOcF8KcSu6xdkPLSHQkROOaWGcIeaYUsO+ 0NKDij0Wz9HHuzP2s8f4IQlsi1d2CWEBEwCf7blaEDyWVy/OvAHMG8Ak3ftdETs9U4Kb XimmRgG+8gyNfFrq65IczegHCiok3vgF7nl7DYv/adoubKObkY1TqpUWghy9Q3kmAgK9 DA== Received: from maileast.thefacebook.com ([163.114.130.16]) by mx0a-00082601.pphosted.com (PPS) with ESMTPS id 3y16pwb1t2-7 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT); Fri, 10 May 2024 05:28:37 -0700 Received: from devvm4158.cln0.facebook.com (2620:10d:c0a8:1b::30) by mail.thefacebook.com (2620:10d:c0a8:82::b) with Microsoft SMTP Server id 15.1.2507.35; Fri, 10 May 2024 12:28:35 +0000 From: Vadim Fedorenko To: Vadim Fedorenko , Martin KaFai Lau , Andrii Nakryiko , "Alexei Starovoitov" , Mykola Lysenko , Jakub Kicinski CC: Vadim Fedorenko , Subject: [PATCH bpf-next v2 3/4] selftests: bpf: crypto: use NULL instead of 0-sized dynptr Date: Fri, 10 May 2024 05:28:22 -0700 Message-ID: <20240510122823.1530682-4-vadfed@meta.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240510122823.1530682-1-vadfed@meta.com> References: <20240510122823.1530682-1-vadfed@meta.com> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Proofpoint-GUID: 3H4JkrzcygbumH7j6yQE1UomCSdr0VYa X-Proofpoint-ORIG-GUID: 3H4JkrzcygbumH7j6yQE1UomCSdr0VYa X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1039,Hydra:6.0.650,FMLib:17.11.176.26 definitions=2024-05-10_08,2024-05-10_02,2023-05-22_02 X-Patchwork-Delegate: bpf@iogearbox.net Adjust selftests to use nullable option for state and IV arg. Signed-off-by: Vadim Fedorenko Acked-by: Eduard Zingerman --- .../testing/selftests/bpf/progs/crypto_sanity.c | 16 ++++------------ 1 file changed, 4 insertions(+), 12 deletions(-) diff --git a/tools/testing/selftests/bpf/progs/crypto_sanity.c b/tools/testing/selftests/bpf/progs/crypto_sanity.c index 1be0a3fa5efd..645be6cddf36 100644 --- a/tools/testing/selftests/bpf/progs/crypto_sanity.c +++ b/tools/testing/selftests/bpf/progs/crypto_sanity.c @@ -89,7 +89,7 @@ int decrypt_sanity(struct __sk_buff *skb) { struct __crypto_ctx_value *v; struct bpf_crypto_ctx *ctx; - struct bpf_dynptr psrc, pdst, iv; + struct bpf_dynptr psrc, pdst; int err; err = skb_dynptr_validate(skb, &psrc); @@ -114,12 +114,8 @@ int decrypt_sanity(struct __sk_buff *skb) * production code, a percpu map should be used to store the result. */ bpf_dynptr_from_mem(dst, sizeof(dst), 0, &pdst); - /* iv dynptr has to be initialized with 0 size, but proper memory region - * has to be provided anyway - */ - bpf_dynptr_from_mem(dst, 0, 0, &iv); - status = bpf_crypto_decrypt(ctx, &psrc, &pdst, &iv); + status = bpf_crypto_decrypt(ctx, &psrc, &pdst, NULL); return TC_ACT_SHOT; } @@ -129,7 +125,7 @@ int encrypt_sanity(struct __sk_buff *skb) { struct __crypto_ctx_value *v; struct bpf_crypto_ctx *ctx; - struct bpf_dynptr psrc, pdst, iv; + struct bpf_dynptr psrc, pdst; int err; status = 0; @@ -156,12 +152,8 @@ int encrypt_sanity(struct __sk_buff *skb) * production code, a percpu map should be used to store the result. */ bpf_dynptr_from_mem(dst, sizeof(dst), 0, &pdst); - /* iv dynptr has to be initialized with 0 size, but proper memory region - * has to be provided anyway - */ - bpf_dynptr_from_mem(dst, 0, 0, &iv); - status = bpf_crypto_encrypt(ctx, &psrc, &pdst, &iv); + status = bpf_crypto_encrypt(ctx, &psrc, &pdst, NULL); return TC_ACT_SHOT; } From patchwork Fri May 10 12:28:23 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Vadim Fedorenko X-Patchwork-Id: 13661551 X-Patchwork-Delegate: bpf@iogearbox.net Received: from mx0b-00082601.pphosted.com (mx0b-00082601.pphosted.com [67.231.153.30]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 71B0D12B177 for ; Fri, 10 May 2024 12:28:48 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=67.231.153.30 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715344130; cv=none; b=rOFSTWMpoIfXTwi9RdBvTOanMDeYtO2CAC7hYu8+oiiUg6NYX6ohVdknZ7Bylsp7TVoQ3r1E2UzlFmi8N1hpF6eVnf/AjUMguBytZq37lRLE7viLH2mMgnYedpCtQ2RxMYysNKtRRJqzh4oWoejWyKpmAEqJX/d+BPK8SaODrcE= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1715344130; c=relaxed/simple; bh=xkUA+ZdoaRrxiJJpJG9Gxwc0ZruKOevYi79DYLrp5Ec=; h=From:To:CC:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=hLuqQKhZ+Czym1Pfs8Vb4VsY7Kz6qv/vU+YvkGcgOIkaI64OW90awk4DPYYe4RPVrnJyxoPKGDtW2WpW37YGkb+jYxJVBRkgudAPAl/Ym0FmcYDISIcF9tnuqf+DuisGoXj0kdbTzT19fsb3bR9Onp/v/VmqhqbG4P4GrzD2mdc= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=meta.com; spf=pass smtp.mailfrom=meta.com; dkim=pass (2048-bit key) header.d=meta.com header.i=@meta.com header.b=Ko8jKlIu; arc=none smtp.client-ip=67.231.153.30 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=meta.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=meta.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=meta.com header.i=@meta.com header.b="Ko8jKlIu" Received: from pps.filterd (m0148460.ppops.net [127.0.0.1]) by mx0a-00082601.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 44A0QAPQ021039; Fri, 10 May 2024 05:28:37 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=meta.com; h=from : to : cc : subject : date : message-id : in-reply-to : references : mime-version : content-type : content-transfer-encoding; s=s2048-2021-q4; bh=RAtc41c5KP/0D5YtkuiplfaJKKlNf+QL4ZD3+asfYjU=; b=Ko8jKlIuXrfjUN/AmVdPC280gntyTv+hz8ba0UEgYqKbjGhhRtchgI9bPrWc66fPfTu7 e6eoNWUZhJvQv9pirx5zbXHLdTS8H7gq4rrg0tNQLhbYiuMrJVUV72WhKCD3KgXs11yy Qm5sJRWelJJnQ2boPUlbpLtrUYDyHAxXnYTEHLWZtNzj4MGoPySw1prXWA4S6aNUJGpK 3USlHZfsNQTBq1cr2wHfRDdQO9cjORpm8v1p4TXrny6/Yh3RbgvXRsqndCfyHvxrpxFe KvxXD/iN8Gc1078g4J+H/onpElARgF4KYdiZWq5BlAj1OmvUlK3lZzKzznvrOMtNxZD1 PQ== Received: from maileast.thefacebook.com ([163.114.130.16]) by mx0a-00082601.pphosted.com (PPS) with ESMTPS id 3y16pxayxy-15 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128 verify=NOT); Fri, 10 May 2024 05:28:37 -0700 Received: from devvm4158.cln0.facebook.com (2620:10d:c0a8:1b::30) by mail.thefacebook.com (2620:10d:c0a8:82::b) with Microsoft SMTP Server id 15.1.2507.35; Fri, 10 May 2024 12:28:36 +0000 From: Vadim Fedorenko To: Vadim Fedorenko , Martin KaFai Lau , Andrii Nakryiko , "Alexei Starovoitov" , Mykola Lysenko , Jakub Kicinski CC: Vadim Fedorenko , Subject: [PATCH bpf-next v2 4/4] selftests: bpf: crypto: adjust bench to use nullable IV Date: Fri, 10 May 2024 05:28:23 -0700 Message-ID: <20240510122823.1530682-5-vadfed@meta.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20240510122823.1530682-1-vadfed@meta.com> References: <20240510122823.1530682-1-vadfed@meta.com> Precedence: bulk X-Mailing-List: bpf@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-Proofpoint-GUID: ml4AACuYV3RqB_kwJHNa_fj4xlzXsIc_ X-Proofpoint-ORIG-GUID: ml4AACuYV3RqB_kwJHNa_fj4xlzXsIc_ X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1039,Hydra:6.0.650,FMLib:17.11.176.26 definitions=2024-05-10_08,2024-05-10_02,2023-05-22_02 X-Patchwork-Delegate: bpf@iogearbox.net The bench shows some improvements, around 4% faster on decrypt. Before: Benchmark 'crypto-decrypt' started. Iter 0 (325.719us): hits 5.105M/s ( 5.105M/prod), drops 0.000M/s, total operations 5.105M/s Iter 1 (-17.295us): hits 5.224M/s ( 5.224M/prod), drops 0.000M/s, total operations 5.224M/s Iter 2 ( 5.504us): hits 4.630M/s ( 4.630M/prod), drops 0.000M/s, total operations 4.630M/s Iter 3 ( 9.239us): hits 5.148M/s ( 5.148M/prod), drops 0.000M/s, total operations 5.148M/s Iter 4 ( 37.885us): hits 5.198M/s ( 5.198M/prod), drops 0.000M/s, total operations 5.198M/s Iter 5 (-53.282us): hits 5.167M/s ( 5.167M/prod), drops 0.000M/s, total operations 5.167M/s Iter 6 (-17.809us): hits 5.186M/s ( 5.186M/prod), drops 0.000M/s, total operations 5.186M/s Summary: hits 5.092 ± 0.228M/s ( 5.092M/prod), drops 0.000 ±0.000M/s, total operations 5.092 ± 0.228M/s After: Benchmark 'crypto-decrypt' started. Iter 0 (268.912us): hits 5.312M/s ( 5.312M/prod), drops 0.000M/s, total operations 5.312M/s Iter 1 (124.869us): hits 5.354M/s ( 5.354M/prod), drops 0.000M/s, total operations 5.354M/s Iter 2 (-36.801us): hits 5.334M/s ( 5.334M/prod), drops 0.000M/s, total operations 5.334M/s Iter 3 (254.628us): hits 5.334M/s ( 5.334M/prod), drops 0.000M/s, total operations 5.334M/s Iter 4 (-77.691us): hits 5.275M/s ( 5.275M/prod), drops 0.000M/s, total operations 5.275M/s Iter 5 (-164.510us): hits 5.313M/s ( 5.313M/prod), drops 0.000M/s, total operations 5.313M/s Iter 6 (-81.376us): hits 5.346M/s ( 5.346M/prod), drops 0.000M/s, total operations 5.346M/s Summary: hits 5.326 ± 0.029M/s ( 5.326M/prod), drops 0.000 ±0.000M/s, total operations 5.326 ± 0.029M/s Signed-off-by: Vadim Fedorenko Acked-by: Eduard Zingerman --- tools/testing/selftests/bpf/progs/crypto_bench.c | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/tools/testing/selftests/bpf/progs/crypto_bench.c b/tools/testing/selftests/bpf/progs/crypto_bench.c index e61fe0882293..4ac956b26240 100644 --- a/tools/testing/selftests/bpf/progs/crypto_bench.c +++ b/tools/testing/selftests/bpf/progs/crypto_bench.c @@ -57,7 +57,7 @@ int crypto_encrypt(struct __sk_buff *skb) { struct __crypto_ctx_value *v; struct bpf_crypto_ctx *ctx; - struct bpf_dynptr psrc, pdst, iv; + struct bpf_dynptr psrc, pdst; v = crypto_ctx_value_lookup(); if (!v) { @@ -73,9 +73,8 @@ int crypto_encrypt(struct __sk_buff *skb) bpf_dynptr_from_skb(skb, 0, &psrc); bpf_dynptr_from_mem(dst, len, 0, &pdst); - bpf_dynptr_from_mem(dst, 0, 0, &iv); - status = bpf_crypto_encrypt(ctx, &psrc, &pdst, &iv); + status = bpf_crypto_encrypt(ctx, &psrc, &pdst, NULL); __sync_add_and_fetch(&hits, 1); return 0; @@ -84,7 +83,7 @@ int crypto_encrypt(struct __sk_buff *skb) SEC("tc") int crypto_decrypt(struct __sk_buff *skb) { - struct bpf_dynptr psrc, pdst, iv; + struct bpf_dynptr psrc, pdst; struct __crypto_ctx_value *v; struct bpf_crypto_ctx *ctx; @@ -98,9 +97,8 @@ int crypto_decrypt(struct __sk_buff *skb) bpf_dynptr_from_skb(skb, 0, &psrc); bpf_dynptr_from_mem(dst, len, 0, &pdst); - bpf_dynptr_from_mem(dst, 0, 0, &iv); - status = bpf_crypto_decrypt(ctx, &psrc, &pdst, &iv); + status = bpf_crypto_decrypt(ctx, &psrc, &pdst, NULL); __sync_add_and_fetch(&hits, 1); return 0;