Commit graph

59 commits

Author SHA1 Message Date
Maciej Żenczykowski
4181713963 bpfloader: support 'shared' maps and per-map/program selinux context
allow bpf .o files to specify desired selinux context

Bug: 218408035
Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I9d7449e477c371053a34191a2a9a935ba927d4b3
2022-06-21 02:23:09 -07:00
Maciej Żenczykowski
32c0b8f46e add support for 'netd_readonly'
For use by:
- maps netd should have read but not write access to
  (needed due to netd being root with DAC_OVERRIDE,
   and thus not obeying standard unix permissions)
- programs that netd should have access to but
  not netutils_wrappers (which due to being able to
  run iptables, needs access to xt_bpf programs)

Bug: 218408035
Test: booted on cuttlefish
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I72b106692a25077ff54252fd93db81f46b52125d
2022-06-17 18:08:00 -07:00
Maciej Żenczykowski
7acf938127 bpfloader: add support for netd_shared and net_private subdirs
Bug: 218408035
Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I613b84342fba7b425fb10af157fe0a6a731b71cb
2022-05-12 08:47:55 +00:00
Alix
8849bb13b3 Deleted clang property in Android.bp files
Deleted deprecated clang property in Android.bp files using bpmodify.

Bug: 208980553
Test: treehugger
Change-Id: I16cdce37bc6b38a2957c04835abe116ce6f8b663
2022-04-25 21:02:57 +00:00
Maciej Żenczykowski
2a36ce48b0 move net_shared bpf programs into net_shared subdirectory
(no selinux consequences to this in and of itself,
 though required for follow up selinux changes)

Test: TreeHugger, manual
Bug: 218408035
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Id5ef7f3b119743ef26b062068756c4e0f754e694
2022-04-21 06:45:25 -07:00
Stephane Lee
16c9360b1f Add socket filter to allowed programs for vendor and remove tracepoint
This also fixes a permissions issue if a non-root user is set. The read
permissions should be set before the file is set as non-root to ensure
that the permissions can be set without error.

Bump the BPF loader version.

Bug: 203462310
Test: Ensure that vendor skfilter bpf programs can load
Change-Id: Ib6b9a64d8652ff464c9d4d734bb8ae351673b6ce
2022-03-11 00:43:06 +00:00
Steven Moreland
0f10f3fd9f bpfloader: also load from /vendor/etc/bpf/
Allow vendors to use bpf programs, but limit to tracepoints
for now (other types of programs, for instance skfilter, aren't
safe to expose, because the kernel gives us limited ways to
control which resources can have BPF programs attached, and
some shared resources only support a single BPF program at an
attach point).

Bug: 140330870
Bug: 162057235
Test: install bpf program to /vendor/etc/bpf/ and use it.
Test: atest libbpf_load_test
Change-Id: I6c876fe52739c38db73689ffd784167e7d35d58a
2022-02-09 00:59:37 +00:00
Steven Moreland
a48639e39a bpfloader: use kernel logs
Boots early. logd no workie!

Bug: 210919187
Test: see bpfloader logs
Change-Id: Ib5669cb64684dfa18307ae5784349df3548d66d8
2022-02-08 00:33:43 +00:00
Maciej Żenczykowski
102f93a5da Merge "bpfloader: load map BTF via btfloader" 2022-01-25 02:31:59 +00:00
Connor O'Brien
35425e5a88 bpfloader: load map BTF via btfloader
btfloader uses upstream libbpf & libelf to parse the BTF sections of a
bpf .o file, load BTF information into the kernel, and identify the
BTF type ids corresponding to each map's keys and values.

Extend bpfloader to run btfloader on any .o file with a .BTF
section. We pass btfloader socket and pipe fds, which it will use to
send back a BTF fd and the key & value type ids, respectively.

To ensure a btfloader bug can't block bpfloader indefinitely, wait for
btfloader to run with a short timeout and use nonblocking socket &
pipe for communication.

Finally, add a check to BpfLoadTest to verify that map BTF is loaded
as expected.

Test: build & boot; existing programs load successfully
Test: libbpf_load_test
Signed-off-by: Connor O'Brien <connoro@google.com>
Change-Id: I7bac83a08c2dc452bdb9030f1e74781116c1dd5c
2022-01-24 21:24:26 +00:00
Ken Chen
6d69784cdc Allow bpfloader to handle 'net_shared' subdirectory
netd.c is moved from netd to tethering mainline module.

Bump BpfLoader to v0.9

Bug: 202086915
Test: cd system/netd; atest
Test: atest TrafficStatsTest NetworkUsageStatsTest
Change-Id: I0b8ba90bbbe4e16d979c4a40d6fdbbaac0d14d27
2022-01-19 04:18:53 +00:00
Ken Chen
fb045621be Rename bpf_map_utils to bpf_headers
Use a generic name so that it can contain more bpf related headers.

Bug: 202086915
Test: build
Change-Id: I36d93cbc77723464df84023752915e1e79e623df
2021-12-21 15:36:25 +08:00
Connor O'Brien
474eb0baa0 Rename libbpf to libbpf_bcc
This is to prevent a name collision with "upstream"
libbpf (external/libbpf) which is built using the same name.

Bug: 203823368
Test: build cuttlefish
Test: m libbpf_load_test
Signed-off-by: Connor O'Brien <connoro@google.com>
Change-Id: I9bb798a9b5d832511bed471f01575bba14a1a9d3
2021-12-16 13:16:05 -08:00
Ken Chen
b1d4888ec2 [NETD-BPF#14] Move BPF map definition and utils to frameworks/libs/net/
Move BPF map definition and utilities to a common place that easy to be
referenced from both mainline module and platform code.

Bug: 202086915
Test: m; flash; boot
Test: cd system/netd/ && atest
Test: cd packages/modules/Connectivity && atest
Test: m gpuservice_unittest libtimeinstate_test bpf_module_test
      CtsAppOpsTestCases libbpf_load_test VtsBootconfigTest
      vts_test_binary_bpf_module bpf_benchmark libbpf_load_test
      libbpf_android_test
Change-Id: Ib15cf78c2da97bff835fb406c866676eec77c013
2021-12-04 03:42:55 +00:00
Maciej Żenczykowski
e49e0c60cd document how to debug bpfloader failures
Test: N/A
Bug: 204131517
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Ia6a8ca026f3ab403443e130dceb2aca0ce0f2343
2021-11-19 01:18:12 +00:00
Maciej Żenczykowski
fa03239a81 bpfloader.rc: set /proc/sys/kernel/unprivileged_bpf_disabled to 0
Needed to not have to carry
  https://android-review.googlesource.com/c/kernel/common/+/1886896
for 5.16-rc1+ kernels

We set this before the bpfloader even executes so it will always be
ready before anyone has a chance to use it.

Test: TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I418a534d6550c5b57286e261e6988d2debdf237f
2021-11-11 01:53:39 +00:00
Evgenii Stepanov
d27ae792e1 Enable Async MTE in bpfloader.
This change enables Async mode ARM MTE in the bpfloader process on compatible
hardware and has no effect otherwise.

Bug: 181603044
Test: atest under system/bpf
Change-Id: I6340055fea1f97fcc781b418e2465a7961ecedf4
2021-05-24 15:35:31 -07:00
Maciej Żenczykowski
265d1310ec grant bpfloader NET_ADMIN capability
This is required for it to be able to create DEVMAP/DEVMAP_HASH maps.

See kernel source code in kernel/bpf/devmap.c:
  static struct bpf_map *dev_map_alloc(union bpf_attr *attr) {
    ...
    if (!capable(CAP_NET_ADMIN)) return ERR_PTR(-EPERM);

Test: atest, TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I4f3012209186ff0e4bde8807b9032de056367132
2021-03-03 03:28:22 +00:00
Bob Badour
dcbf8ca070 [LSC] Add LOCAL_LICENSE_KINDS to system/bpf
Added SPDX-license-identifier-Apache-2.0 to:
  Android.bp
  bpfloader/Android.bp
  libbpf_android/Android.bp
  progs/Android.bp

Bug: 68860345
Bug: 151177513
Bug: 151953481

Test: m all

Exempt-From-Owner-Approval: janitorial work
Change-Id: Ia881b61da1755797085916aab5325375c82ed76e
2021-02-05 01:28:19 -08:00
Maciej Żenczykowski
d8a4578f30 put tethering bpf maps & programs in /sys/fs/bpf/tethering/...
This makes it harder for system and mainline bpf programs to
conflict with each other, thus enabling easier mainline module
updates.

Test: builds and boots, atest, TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Ic1b69bb1ddc4a10bd4861dadbd6b97e2520c532d
2021-01-20 05:17:14 +00:00
Maciej Żenczykowski
f7a0a39d05 bpf is required for all devices running Android S
Test: builds, atest, TreeHugger
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Ie3f1146f71f75b982ffc4cd4176c5624efb6a63e
2021-01-20 01:14:31 +00:00
Maciej Żenczykowski
ef6689652c 4.9 kernels must support eBPF (as of Android S)
so there is no longer a need to look at any properties
or api levels.

Test: builds, atest, TreeHugger
Bug: 167500195
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Ia5479db807f5444e48251dff45fd42fff610d5ca
2021-01-14 03:27:47 +00:00
Hungming Chen
4b8e982fae Load BPF programs from system and mainline folder
Test: flash and boot successfully
Change-Id: Ia1a713024686c36e34f7cf525a284abc00fe56e2
2020-09-17 11:38:53 +08:00
Maciej Żenczykowski
07b874481f bpfloader: sleep 20 seconds on failure
(should make it easier to observe logs via adb)

Test: atest, TreeHugger
Bug: 150040815
Bug: 160546011
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I20d6ede4ddf516a91c707aa08cf3a92aed39b03b
2020-07-15 01:44:12 -07:00
Maciej Żenczykowski
2a775a423a Revert "start bpfloader asynchronously"
This reverts commit 838b81de8f.

Test: build, atest, TreeHugger
Bug: 150040815
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I7447ef782bab90208046a4e5698301ab0e08da56
2020-06-23 21:07:30 -07:00
Maciej Żenczykowski
838b81de8f start bpfloader asynchronously
(probably a loss for reliability, but possibly a win for device boot time)

Test: build, atest, TreeHugger
Bug: 150040815
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Id62009a9f888ce2092b8a1e7aef24ae4224109d5
2020-06-23 21:06:19 -07:00
Maciej Żenczykowski
6bd207e96b launch bpfloader earlier, and reboot the device on bpfloader failure
should eliminate netd crash loops due to boottime bpfloader failure

Test: built and booted on cuttlefish, atest of various net tests
Bug: 150040815
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: If11d491d78958ff18290e826011d2593f58d217d
2020-06-22 08:29:08 +00:00
Maciej Żenczykowski
89515d979a Warn loudly and do not set bpf.progs_loaded property on critical bpf load failure.
Reasoning: critical load failures for netd bpf programs will just result
in unpredictable behaviour later on.  For example netd/systemserver
crash loops.

Test: builds
Bug: 150040815
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Iefa01e60cd0a9a223e96411726a199bfb4857a5a
2020-06-15 08:01:50 +00:00
Maciej Żenczykowski
567dc56b57 only set 'bpf.progs_loaded' property on eBPF capable devices...
... which also means waitForProgsLoaded() has to be a no-op on pre-bpf devices.

This is more consistent: it's weird to have bpf.progs_loaded set on a 4.4 device.

Test: builds, atest
Bug: 150040815
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Iddabcf56c187ea518dd2e4d8db451b2f6902aa8e
2020-06-13 22:41:48 -07:00
Maciej Żenczykowski
cd994cd637 Remove bpfloader dependency on netd's ebpf programs.
This is backwards.  netd should require them,
and they should require bpfloader, not the other way round.

Test: build, atest, ls -lZ /sys/fs/bpf /system/etc/bpf still shows all maps/progs
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Iecd95cb69eaad97979af163e63489309826546f6
2020-02-19 10:31:54 -08:00
Connor O'Brien
8fa2949910 bpfloader: add dependency on time_in_state.o
Include time_in_state.o in device builds, causing time in state
programs & maps to be loaded.

Bug: 138317993
Test: make bpfloader; check that time_in_state.o is built
Change-Id: I4849bda645d7a02e3f889068987a79ce3f78d138
Signed-off-by: Connor O'Brien <connoro@google.com>
2020-02-18 16:08:28 -08:00
Maciej Żenczykowski
669f7388df grant bpfloader CAP_CHOWN
so that it can change the uid/gid of pinned bpf progs and maps

Test: build, atest
Bug: 149434314
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Id23f9caaddf620d4e99d970523f0a9768826e0d7
2020-02-13 13:08:40 -08:00
Maciej Żenczykowski
c3a640db94 introduce isBpfSupported() helper
Test: build, atest
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I9e2a7e049746ad193eea01e7c9d6786d27728c72
2020-02-11 15:05:27 -08:00
Maciej Żenczykowski
51b71237cc bpfloader - add dependency on offload.o
Test: builds, atest, /system/etc/bpf/offload.o exists
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I043369f5e0ae4315dc8db0cf70dc8806e4997fe4
2020-02-05 03:57:57 -08:00
Maciej Żenczykowski
a391148649 Set /proc/sys/net/core/bpf_jit_{enable,kallsyms} to 1
bpf_jit_enable = 1 is mostly a no-op since on most future
devices it will be force enabled by BPF_JIT_ALWAYS_ON

It is required for Pixel 3 & co Linux 4.9 based devices, which
can only do JIT for some ebpf programs (and thus can't enable
BPF_JIT_ALWAYS_ON without some netd programs refusing to load)

We also set bpf_jit_kallsyms = 1 because it makes debugging
failures easier, but it is incompatible with bpf_jit_harden != 0.

We don't bother setting bpf_jit_harden because we both want
bpf_jit_kallsyms to work, and because the only entity allowed
to load ebpf programs is the bpfloader and it only loads trusted
(verified file system signed) prebuilt bpf programs.

Test: built and booted, verified settings
Bug: 140377409
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I9b401ee7b01a2042da87ff48d548b11e0cf78efa
2020-01-30 06:23:08 +00:00
Maciej Żenczykowski
e1deaecda4 bpfloader - bump memlock rlimit to 1GiB
Test: build, atest
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I5a1728fe29e510c06978a0c7c5cc90af3e9ea46d
2020-01-27 22:28:40 -08:00
Maciej Żenczykowski
3c057e6b7b Revert "Grant IPC_LOCK capability to bpfloader"
This reverts commit 77494d2b70.

This doesn't apparently work...

Kernel doesn't actually test capabilities, just blindly charges
against user's memlock limit:

//kernel/bpf/syscall.c:

static int bpf_charge_memlock(struct user_struct *user, u32 pages) {
  unsigned long memlock_limit = rlimit(RLIMIT_MEMLOCK) >> PAGE_SHIFT;

  if (atomic_long_add_return(pages, &user->locked_vm) > memlock_limit) {
    atomic_long_sub(pages, &user->locked_vm);
    return -EPERM;
  }
  return 0;
}

Test: N/A, revert
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Icf6d6e8a36e4b9f3771a5ce80e25ef3644ff4e83
2020-01-27 15:33:15 +00:00
Maciej Żenczykowski
77494d2b70 Grant IPC_LOCK capability to bpfloader
(instead of explicit memlock limit)

This reduces chance for memory allocation failures.

Any bpfloader failure is a critical boot time failure
(since without eBPF initializing properly netd will crash and
device will enter crash loop).

Test: builds, atest
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I5ed0118d63c53100e7431324914bf22e9870abfe
2020-01-27 01:08:03 -08:00
Maciej Żenczykowski
480c70ac14 bpfloader - remove dead code
Test: builds, atest
Bug: 146787904
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Iea667cf4adaccdfd8fbffae8960cbe243ae77d70
2019-12-30 04:12:36 -08:00
Treehugger Robot
4389649d8a Merge "bpfloader: Try to load even if bpf.progs_loaded is set" 2019-06-13 20:55:07 +00:00
Joel Fernandes
2d8176917f bpfloader: Increase rlimit to 64MB
The rlimit was recently set to 8MB for bpfloader in
Change Id Ib97d1d304f4ea9a6215afed76e1c1e28f1415221

This could be causing intermittent failures to create maps, let us
increase it to 64MB for bpfloader.

Bug: 134558982

Change-Id: Iabb2e6c7d9ea3843ae28f2c465756e5aacdf1904
Signed-off-by: Joel Fernandes <joelaf@google.com>
2019-06-13 20:38:18 +00:00
Joel Fernandes
2409604601 bpfloader: Try to load even if bpf.progs_loaded is set
Currently the bpfloader does not try to load programs if
bpf.progs_loaded is set. However there is no harm in trying to reload
programs because the loader is designed to reuse previously created maps
and programs if they were created. On the other hand, not trying to load
if property is set is harmful since the property prevents retries. So
prevent this from happening.

Bug: 134558982
Change-Id: I61dfb8827ca37c9a1ff4e0912ca96f06a36c37d6
Signed-off-by: Joel Fernandes <joelaf@google.com>
2019-06-13 14:44:02 -04:00
Chenbo Feng
b20d28df6a Skip bpf object loading on unsupported devices
The bpfloader should not try to load bpf objects on unsupported devices
since devices with 4.4 kernel can have bpf maps but not bpf pogram
support. Creating bpf maps on those devices would mislead the framework
code to use an unsupported code path and crash system server.

Bug: 130687855
Test: cuttlefish boot test for 4.4 kernel.
Change-Id: I43ffc01e1099ee3effaa6ba30aa78080d5bec72f
2019-04-17 21:40:39 +00:00
Chenbo Feng
ee121646cf Set bpfloader MEMLOCK rlimit to at least 8MB
Since bpfloader is only used to create the bpf maps and load bpf
programs on android devices. It is okay to set the MEMLOCK rlimit of
bpfloader to the proper size needed by bpf maps regardless of the global
device values. It helps partner to adopt the bpf feature without
changing the device configuration.

Bug: 119279144
Bug: 129246448
Test: remove device specific rlimit and build and verify bpf maps
created.

Change-Id: Ib97d1d304f4ea9a6215afed76e1c1e28f1415221
2019-04-09 12:04:33 -07:00
Maciej Żenczykowski
7a3a5ba1ad bpfloader depends on clatd.o
Test: builds
Bug: 65674744
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I5c48acc6aed81c38650564d2fb42e6e816b4b726
2019-03-26 18:11:01 -07:00
Lorenzo Colitti
ac600729b8 Remove bpfloader dependency on netd.
This was necessary when the netd BPF program lived in system/bpf,
but it's no longer necessary.

Test: m
Bug: 65674744
Change-Id: I1fcf7e41276341b1258adf9d3795e81b6139f84f
2019-03-26 13:52:15 +09:00
Connor O'Brien
c551a76f45 Remove time_in_state.o from build
The data collected by this program currently has no consumers, so
there's no need to load it or include it in the bpfloader build yet.

Test: make bpfloader
Change-Id: I206d94e3da34dc3b81bdbfdd4a00b05cfb624f48
Signed-off-by: Connor O'Brien <connoro@google.com>
2019-03-22 16:19:25 -07:00
Connor O'Brien
c8885ccf3f Add time_in_state.o to build
bpfloader now has CAP_SYS_ADMIN, which allows it to load programs like
time_in_state.o that use eBPF's tracepoint support.

Test: make bpfloader
Test: ls /sys/fs/bpf/ shows time_in_state progs and maps are created
Bug: 112334572
Bug: 78498733
Change-Id: Iedff50381c9ee2b3bdfc6c01b2e2ccaeaf0917d5
Signed-off-by: Connor O'Brien <connoro@google.com>
2019-01-23 12:09:19 -08:00
Joel Fernandes
d3ec871017 Set bpf.progs_loaded property when programs finish loading
The property bpf.progs_loaded will be used by services expecting BPF
programs to be loaded and wait before they are loaded.

Bug: 112334572

Change-Id: I19daa0caa84e2659e8790f0dd551d95ab824e13b
Signed-off-by: Joel Fernandes <joelaf@google.com>
2019-01-11 09:02:11 -05:00
Joel Fernandes
6e1341ef20 bpfloader: Make it an init service
With this, bpfloader does not need to be started by netd and will load
at boot time.

Bug: 112334572
Change-Id: Iad777ed0a5bb5995dbf2fc176a220292a4c5e41f
Signed-off-by: Joel Fernandes <joelaf@google.com>
2019-01-07 20:17:42 -05:00