github.com/google/syzkaller@v0.0.0-20251211124644-a066d2bc4b02/sys/linux/bpf_prog.txt (about) 1 # Copyright 2023 syzkaller project authors. All rights reserved. 2 # Use of this source code is governed by Apache 2 LICENSE that can be found in the LICENSE file. 3 4 include <uapi/linux/bpf.h> 5 include <uapi/linux/bpf_common.h> 6 7 define BPF_LINE_INFO_SIZE sizeof(struct bpf_line_info) 8 define BPF_FUNC_INFO_SIZE sizeof(struct bpf_func_info) 9 define BPF_CORE_RELO_SIZE sizeof(struct bpf_core_relo) 10 11 type bpf_prog_t[TYPE, ATTACH_TYPE, BTF_ID, PROG_FD] { 12 type TYPE 13 ninsn bytesize8[insns, int32] 14 insns ptr64[in, bpf_instructions] 15 license ptr64[in, string[bpf_licenses]] 16 loglev int32 17 logsize len[log, int32] 18 log ptr64[out, array[int8], opt] 19 kern_version flags[bpf_kern_version, int32] 20 flags flags[bpf_prog_load_flags, int32] 21 prog_name array[const[0, int8], BPF_OBJ_NAME_LEN] 22 prog_ifindex ifindex[opt] 23 expected_attach_type ATTACH_TYPE 24 btf_fd fd_btf[opt] 25 func_info_rec_size const[BPF_FUNC_INFO_SIZE, int32] 26 func_info ptr64[in, bpf_func_info, opt] 27 func_info_cnt len[func_info, int32] 28 line_info_rec_size const[BPF_LINE_INFO_SIZE, int32] 29 line_info ptr64[in, bpf_line_info, opt] 30 line_info_cnt len[line_info, int32] 31 attach_btf_id BTF_ID 32 attach_prog_fd PROG_FD 33 core_relo_cnt len[core_relos, int32] 34 fd_array ptr64[in, array[fd_bpf_map], opt] 35 core_relos ptr64[in, array[bpf_core_relo], opt] 36 core_relo_rec_size const[BPF_CORE_RELO_SIZE, int32] 37 log_true_size int32 38 prog_token_fd fd_bpf_token (if[value[flags] & BPF_F_TOKEN_FD != 0]) 39 pad const[0, int32] (if[value[flags] & BPF_F_TOKEN_FD == 0]) 40 } [packed] 41 42 # These flags should match the mappings in bpf_prog_load_check_attach and attach_type_to_prog_type upstream. 43 cgroup_sock_attach_types = BPF_CGROUP_INET_SOCK_CREATE, BPF_CGROUP_INET_SOCK_RELEASE, BPF_CGROUP_INET4_POST_BIND, BPF_CGROUP_INET6_POST_BIND 44 cgroup_sock_addr_attach_types = BPF_CGROUP_INET4_BIND, BPF_CGROUP_INET6_BIND, BPF_CGROUP_INET4_CONNECT, BPF_CGROUP_INET6_CONNECT, BPF_CGROUP_UNIX_CONNECT, BPF_CGROUP_INET4_GETPEERNAME, BPF_CGROUP_INET6_GETPEERNAME, BPF_CGROUP_UNIX_GETPEERNAME, BPF_CGROUP_INET4_GETSOCKNAME, BPF_CGROUP_INET6_GETSOCKNAME, BPF_CGROUP_UNIX_GETSOCKNAME, BPF_CGROUP_UDP4_SENDMSG, BPF_CGROUP_UDP6_SENDMSG, BPF_CGROUP_UNIX_SENDMSG, BPF_CGROUP_UDP4_RECVMSG, BPF_CGROUP_UDP6_RECVMSG, BPF_CGROUP_UNIX_RECVMSG 45 cgroup_skb_attach_types = BPF_CGROUP_INET_INGRESS, BPF_CGROUP_INET_EGRESS 46 cgroup_sockopt_attach_types = BPF_CGROUP_SETSOCKOPT, BPF_CGROUP_GETSOCKOPT 47 sk_lookup_attach_types = BPF_SK_LOOKUP 48 sk_reuseport_attach_types = BPF_SK_REUSEPORT_SELECT, BPF_SK_REUSEPORT_SELECT_OR_MIGRATE 49 netfilter_attach_types = BPF_NETFILTER 50 sock_ops_attach_types = BPF_CGROUP_SOCK_OPS 51 cgroup_device_attach_types = BPF_CGROUP_DEVICE 52 sk_msg_attach_types = BPF_SK_MSG_VERDICT 53 sk_skb_attach_types = BPF_SK_SKB_STREAM_PARSER, BPF_SK_SKB_STREAM_VERDICT, BPF_SK_SKB_VERDICT 54 lirc_mode2_attach_types = BPF_LIRC_MODE2 55 flow_dissector_attach_types = BPF_FLOW_DISSECTOR 56 cgroup_sysctl_attach_types = BPF_CGROUP_SYSCTL 57 tracing_attach_types = BPF_TRACE_ITER, BPF_TRACE_RAW_TP, BPF_TRACE_FENTRY, BPF_TRACE_FEXIT, BPF_MODIFY_RETURN 58 lsm_attach_types = BPF_LSM_MAC, BPF_LSM_CGROUP 59 xdp_attach_types = BPF_XDP 60 sched_cls_attach_types = BPF_TCX_INGRESS, BPF_TCX_EGRESS, BPF_NETKIT_PRIMARY, BPF_NETKIT_PEER 61 62 bpf_prog_attach_types [ 63 cgroup_sock flags[cgroup_sock_attach_types, int32] (if[value[bpf_prog_t:type] == BPF_PROG_TYPE_CGROUP_SOCK]) 64 cgroup_sock_addr flags[cgroup_sock_addr_attach_types, int32] (if[value[bpf_prog_t:type] == BPF_PROG_TYPE_CGROUP_SOCK_ADDR]) 65 cgroup_skb flags[cgroup_skb_attach_types, int32] (if[value[bpf_prog_t:type] == BPF_PROG_TYPE_CGROUP_SKB]) 66 cgroup_sockopt flags[cgroup_sockopt_attach_types, int32] (if[value[bpf_prog_t:type] == BPF_PROG_TYPE_CGROUP_SOCKOPT]) 67 sk_lookup flags[sk_lookup_attach_types, int32] (if[value[bpf_prog_t:type] == BPF_PROG_TYPE_SK_LOOKUP]) 68 sk_reuseport flags[sk_reuseport_attach_types, int32] (if[value[bpf_prog_t:type] == BPF_PROG_TYPE_SK_REUSEPORT]) 69 netfilter flags[netfilter_attach_types, int32] (if[value[bpf_prog_t:type] == BPF_PROG_TYPE_NETFILTER]) 70 sock_ops flags[sock_ops_attach_types, int32] (if[value[bpf_prog_t:type] == BPF_PROG_TYPE_SOCK_OPS]) 71 cgroup_device flags[cgroup_device_attach_types, int32] (if[value[bpf_prog_t:type] == BPF_PROG_TYPE_CGROUP_DEVICE]) 72 sk_msg flags[sk_msg_attach_types, int32] (if[value[bpf_prog_t:type] == BPF_PROG_TYPE_SK_MSG]) 73 sk_skb flags[sk_skb_attach_types, int32] (if[value[bpf_prog_t:type] == BPF_PROG_TYPE_SK_SKB]) 74 lirc_mode2 flags[lirc_mode2_attach_types, int32] (if[value[bpf_prog_t:type] == BPF_PROG_TYPE_LIRC_MODE2]) 75 flow_dissector flags[flow_dissector_attach_types, int32] (if[value[bpf_prog_t:type] == BPF_PROG_TYPE_FLOW_DISSECTOR]) 76 cgroup_sysctl flags[cgroup_sysctl_attach_types, int32] (if[value[bpf_prog_t:type] == BPF_PROG_TYPE_CGROUP_SYSCTL]) 77 tracing flags[tracing_attach_types, int32] (if[value[bpf_prog_t:type] == BPF_PROG_TYPE_TRACING]) 78 lsm flags[lsm_attach_types, int32] (if[value[bpf_prog_t:type] == BPF_PROG_TYPE_LSM]) 79 xdp flags[xdp_attach_types, int32] (if[value[bpf_prog_t:type] == BPF_PROG_TYPE_XDP]) 80 sched_cls flags[sched_cls_attach_types, int32] (if[value[bpf_prog_t:type] == BPF_PROG_TYPE_SCHED_CLS]) 81 fallback flags[bpf_attach_types, int32] 82 ] 83 84 type bpf_prog bpf_prog_t[flags[bpf_prog_type, int32], bpf_prog_attach_types, bpf_btf_id[opt], fd_bpf_prog[opt]] 85 86 bpf_licenses = "GPL", "syzkaller" 87 bpf_kern_version = 0x40f00, 0x41000, 0x41100 88 89 bpf_func_info { 90 # This is instruction index, so should not be too large. 91 insn_off int32[0:10] 92 type_id btf_type_id 93 } 94 95 bpf_line_info { 96 # This is instruction index, so should not be too large. 97 insn_off int32[0:5] 98 file_name_off btf_opt_name_off 99 line_off int32 100 line_col int32 101 } 102 103 bpf_core_relo { 104 # This is instruction index, so should not be too large. 105 insn_off int32[0:5] 106 type_id btf_type_id 107 access_str_off btf_opt_name_off 108 kind flags[bpf_core_relo_kind, int32] 109 } 110 111 bpf_instructions [ 112 raw array[bpf_insn] 113 framed bpf_framed_program 114 ringbuf bpf_program_ringbuf 115 ] [varlen] 116 117 bpf_framed_program { 118 initr0 bpf_insn_init_r0 119 body array[bpf_insn] 120 exit bpf_insn_exit 121 } [packed] 122 123 bpf_program_ringbuf { 124 initr0 bpf_insn_init_r0 125 reserve bpf_insn_ringbuf_reserve 126 null_check bpf_insn_null_check[BPF_REG_9] 127 body array[bpf_insn] 128 free bpf_insn_ringbuf_free 129 exit bpf_insn_exit 130 } [packed] 131 132 bpf_insn [ 133 generic bpf_insn_generic 134 ldst bpf_insn_ldst 135 alu bpf_insn_alu 136 jmp bpf_insn_jmp 137 call bpf_insn_call_helper 138 func bpf_insn_call_func 139 kfunc bpf_insn_call_kfunc 140 exit bpf_insn_exit 141 initr0 bpf_insn_init_r0 142 map_fd bpf_insn_map_fd 143 map_idx bpf_insn_map_idx 144 map_val bpf_insn_map_value 145 map_idx_val bpf_insn_map_idx_value 146 btf_id bpf_insn_btf_id 147 cb_func bpf_insn_cb_func 148 printk bpf_insn_trace_printk 149 snprintf bpf_insn_snprintf 150 tail_call bpf_insn_tail_call 151 ringbuf_query bpf_insn_ringbuf_query 152 ringbuf_output bpf_insn_ringbuf_output 153 ] [varlen] 154 155 bpf_insn_generic { 156 code int8 157 dst int8:4 158 src int8:4 159 off int16 160 imm int32 161 } 162 163 type bpf_insn_ldst_t[CLASS, SZ, MODE, DST, SRC, OFF, IMM] { 164 code_class int8:3[CLASS] 165 code_size int8:2[SZ] 166 code_mode int8:3[MODE] 167 dst DST 168 src SRC 169 off OFF 170 imm IMM 171 } 172 173 type bpf_insn_ldst bpf_insn_ldst_t[bpf_ldst_insn, bpf_ldst_size, bpf_ldst_mode, flags[bpf_reg, int8:4], flags[bpf_reg, int8:4], flags[bpf_insn_offsets, int16], flags[bpf_insn_immediates, int32]] 174 type bpf_insn_st64_reg[SRC, DST, OFF] bpf_insn_ldst_t[BPF_STX, BPF_DW0, BPF_MEM0, const[DST, int8:4], const[SRC, int8:4], const[OFF, int16], const[0, int32]] 175 176 bpf_ldst_insn = BPF_LD, BPF_LDX, BPF_ST, BPF_STX 177 bpf_ldst_size = BPF_W0, BPF_H0, BPF_B0, BPF_DW0 178 bpf_ldst_mode = BPF_IMM0, BPF_ABS0, BPF_IND0, BPF_MEM0, BPF_XADD0, BPF_MEMSX0 179 180 define BPF_W0 BPF_W >> 3 181 define BPF_H0 BPF_H >> 3 182 define BPF_B0 BPF_B >> 3 183 define BPF_DW0 BPF_DW >> 3 184 185 define BPF_IMM0 BPF_IMM >> 5 186 define BPF_ABS0 BPF_ABS >> 5 187 define BPF_IND0 BPF_IND >> 5 188 define BPF_MEM0 BPF_MEM >> 5 189 define BPF_XADD0 BPF_XADD >> 5 190 define BPF_MEMSX0 BPF_MEMSX >> 5 191 192 type bpf_insn_alu_t[CLASS, SOURCE, OP, DST, SRC, OFF, IMM] { 193 code_class int8:3[CLASS] 194 code_s int8:1[SOURCE] 195 code_op int8:4[OP] 196 dst DST 197 src SRC 198 off OFF 199 imm IMM 200 } 201 202 type bpf_insn_alu bpf_insn_alu_t[bpf_alu_insn, bpf_alu_source, bpf_alu_op, flags[bpf_reg, int8:4], flags[bpf_reg, int8:4], flags[bpf_insn_offsets, int16], flags[bpf_insn_immediates, int32]] 203 type bpf_insn_mov_imm[DST, IMM] bpf_insn_alu_t[BPF_ALU64, BPF_K0, BPF_MOV0, const[DST, int8:4], const[0, int8:4], const[0, int16], const[IMM, int32]] 204 type bpf_insn_mov_imm_any[DST] bpf_insn_alu_t[BPF_ALU64, BPF_K0, BPF_MOV0, const[DST, int8:4], const[0, int8:4], const[0, int16], int32] 205 type bpf_insn_mov_imm_flag[DST, FLAG] bpf_insn_alu_t[BPF_ALU64, BPF_K0, BPF_MOV0, const[DST, int8:4], const[0, int8:4], const[0, int16], flags[FLAG, int32]] 206 type bpf_insn_mov_reg[SRC, DST] bpf_insn_alu_t[BPF_ALU64, BPF_X0, BPF_MOV0, const[DST, int8:4], const[SRC, int8:4], const[0, int16], const[0, int32]] 207 type bpf_insn_op_imm[DST, OP, IMM] bpf_insn_alu_t[BPF_ALU64, BPF_K0, OP, const[DST, int8:4], const[0, int8:4], const[0, int16], const[IMM, int32]] 208 209 bpf_alu_source = BPF_K0, BPF_X0 210 bpf_alu_insn = BPF_ALU, BPF_ALU64 211 bpf_alu_op = BPF_ADD0, BPF_SUB0, BPF_MUL0, BPF_DIV0, BPF_OR0, BPF_AND0, BPF_LSH0, BPF_RSH0, BPF_NEG0, BPF_MOD0, BPF_XOR0, BPF_MOV0, BPF_ARSH0, BPF_END0 212 213 define BPF_ADD0 BPF_ADD >> 4 214 define BPF_SUB0 BPF_SUB >> 4 215 define BPF_MUL0 BPF_MUL >> 4 216 define BPF_DIV0 BPF_DIV >> 4 217 define BPF_OR0 BPF_OR >> 4 218 define BPF_AND0 BPF_AND >> 4 219 define BPF_LSH0 BPF_LSH >> 4 220 define BPF_RSH0 BPF_RSH >> 4 221 define BPF_NEG0 BPF_NEG >> 4 222 define BPF_MOD0 BPF_MOD >> 4 223 define BPF_XOR0 BPF_XOR >> 4 224 define BPF_MOV0 BPF_MOV >> 4 225 define BPF_ARSH0 BPF_ARSH >> 4 226 define BPF_END0 BPF_END >> 4 227 228 define BPF_K0 BPF_K >> 3 229 define BPF_X0 BPF_X >> 3 230 231 bpf_insn_jmp { 232 code_class const[BPF_JMP, int8:3] 233 code_s int8:1 234 code_op flags[bpf_jmp_op, int8:4] 235 dst flags[bpf_reg, int8:4] 236 src flags[bpf_reg, int8:4] 237 off flags[bpf_insn_offsets, int16] 238 imm flags[bpf_insn_immediates, int32] 239 } 240 241 # Equivalent to: if reg != 0 goto +1; 242 type bpf_insn_not_null_jmp[REG] { 243 code_class const[BPF_JMP, int8:3] 244 code_s const[BPF_K0, int8:1] 245 code_op const[BPF_JNE0, int8:4] 246 dst const[REG, int8:4] 247 src const[0, int8:4] 248 off const[1, int16] 249 imm const[0, int32] 250 } 251 252 bpf_jmp_op = BPF_JA0, BPF_JEQ0, BPF_JGT0, BPF_JGE0, BPF_JSET0, BPF_JNE0, BPF_JSGT0, BPF_JSGE0, BPF_CALL0, BPF_EXIT0, BPF_JLT0, BPF_JLE0, BPF_JSLT0, BPF_JSLE0 253 254 define BPF_JA0 BPF_JA >> 4 255 define BPF_JEQ0 BPF_JEQ >> 4 256 define BPF_JGT0 BPF_JGT >> 4 257 define BPF_JGE0 BPF_JGE >> 4 258 define BPF_JSET0 BPF_JSET >> 4 259 define BPF_JNE0 BPF_JNE >> 4 260 define BPF_JSGT0 BPF_JSGT >> 4 261 define BPF_JSGE0 BPF_JSGE >> 4 262 define BPF_CALL0 BPF_CALL >> 4 263 define BPF_EXIT0 BPF_EXIT >> 4 264 define BPF_JLT0 BPF_JLT >> 4 265 define BPF_JLE0 BPF_JLE >> 4 266 define BPF_JSLT0 BPF_JSLT >> 4 267 define BPF_JSLE0 BPF_JSLE >> 4 268 269 type bpf_insn_call_helper_t[FUNC] { 270 code const[bpf_call_code, int8] 271 regs const[0, int8] 272 off const[0, int16] 273 func FUNC 274 } 275 276 type bpf_insn_call_helper bpf_insn_call_helper_t[int32[0:__BPF_FUNC_MAX_ID]] 277 278 bpf_insn_call_func { 279 code const[bpf_call_code, int8] 280 dst const[0, int8:4] 281 src const[BPF_PSEUDO_CALL, int8:4] 282 off const[0, int16] 283 # NEED: to limit the call offset to the program size, we'd need support for path expressions inside ranges of values. 284 func int32[-8:8] 285 } 286 287 bpf_insn_call_kfunc { 288 code const[bpf_call_code, int8] 289 dst const[0, int8:4] 290 src const[BPF_PSEUDO_KFUNC_CALL, int8:4] 291 off const[0, int16] 292 kfunc btf_type_id 293 } 294 295 define bpf_call_code BPF_JMP | BPF_CALL 296 297 bpf_insn_exit { 298 code const[bpf_exit_code, int8] 299 regs const[0, int8] 300 off const[0, int16] 301 imm const[0, int32] 302 } 303 304 define bpf_exit_code BPF_JMP | BPF_EXIT 305 306 bpf_insn_init_r0 { 307 code const[bpf_insn_load_imm_dw, int8] 308 dst const[BPF_REG_0, int8:4] 309 src const[0, int8:4] 310 off const[0, int16] 311 imm int32 312 code2 const[0, int8] 313 regs2 const[0, int8] 314 off2 const[0, int16] 315 imm2 int32 316 } 317 318 type bpf_insn_mov_imm64[DST, IMM1, IMM2] { 319 code const[bpf_insn_load_imm_dw, int8] 320 dst const[DST, int8:4] 321 src const[0, int8:4] 322 off const[0, int16] 323 imm const[IMM1, int32] 324 code2 const[0, int8] 325 regs2 const[0, int8] 326 off2 const[0, int16] 327 imm2 const[IMM2, int32] 328 } 329 330 type bpf_insn_map_fd_t[DST, MAP_FD] { 331 code const[bpf_insn_load_imm_dw, int8] 332 dst DST 333 src const[BPF_PSEUDO_MAP_FD, int8:4] 334 off const[0, int16] 335 imm MAP_FD 336 code2 const[0, int8] 337 regs2 const[0, int8] 338 off2 const[0, int16] 339 imm2 const[0, int32] 340 } 341 342 type bpf_insn_map_fd bpf_insn_map_fd_t[flags[bpf_reg, int8:4], fd_bpf_map] 343 type bpf_insn_tail_call_map_fd[DST] bpf_insn_map_fd_t[const[DST, int8:4], tail_call_map] 344 type bpf_insn_ringbuf_fd[DST] bpf_insn_map_fd_t[const[DST, int8:4], ringbuf_map_fd] 345 346 bpf_insn_map_idx { 347 code const[bpf_insn_load_imm_dw, int8] 348 dst flags[bpf_reg, int8:4] 349 src const[BPF_PSEUDO_MAP_IDX, int8:4] 350 off const[0, int16] 351 imm map_fd_id 352 code2 const[0, int8] 353 regs2 const[0, int8] 354 off2 const[0, int16] 355 imm2 const[0, int32] 356 } 357 358 type bpf_insn_map_value_t[DST, MAP_FD, VALUE_OFFSET] { 359 code const[bpf_insn_load_imm_dw, int8] 360 dst DST 361 src const[BPF_PSEUDO_MAP_VALUE, int8:4] 362 off const[0, int16] 363 imm MAP_FD 364 code2 const[0, int8] 365 regs2 const[0, int8] 366 off2 const[0, int16] 367 imm2 VALUE_OFFSET 368 } 369 370 type bpf_insn_map_value bpf_insn_map_value_t[flags[bpf_reg, int8:4], fd_bpf_map, int32] 371 type bpf_insn_const_str[DST] bpf_insn_map_value_t[const[DST, int8:4], bpf_frozen_const_str, const[0, int32]] 372 373 bpf_insn_map_idx_value { 374 code const[bpf_insn_load_imm_dw, int8] 375 dst flags[bpf_reg, int8:4] 376 src const[BPF_PSEUDO_MAP_IDX_VALUE, int8:4] 377 off const[0, int16] 378 imm map_fd_id 379 code2 const[0, int8] 380 regs2 const[0, int8] 381 off2 const[0, int16] 382 imm2 int32 383 } 384 385 bpf_insn_cb_func { 386 code const[bpf_insn_load_imm_dw, int8] 387 dst flags[bpf_reg, int8:4] 388 src const[BPF_PSEUDO_FUNC, int8:4] 389 off const[0, int16] 390 # NEED: to limit the call offset to the program size, we'd need support for path expressions inside ranges of values. 391 imm int32[-8:8] 392 code2 const[0, int8] 393 regs2 const[0, int8] 394 off2 const[0, int16] 395 imm2 const[0, int32] 396 } 397 398 bpf_insn_btf_id { 399 code const[bpf_insn_load_imm_dw, int8] 400 dst flags[bpf_reg, int8:4] 401 src const[BPF_PSEUDO_BTF_ID, int8:4] 402 off const[0, int16] 403 imm btf_type_id 404 code2 const[0, int8] 405 regs2 const[0, int8] 406 off2 const[0, int16] 407 imm2 const[0, int32] 408 } 409 410 define bpf_insn_load_imm_dw BPF_LD | BPF_DW | BPF_IMM 411 412 # Slightly prune state space, these values frequently must be 0. 413 bpf_insn_offsets = 0, 1, 2, 4, 6, 8, 12, 16, 24, 32, 48, 64, 80, 128, 256, -1, -2, -4, -8, -12, -16, -32, -64 414 bpf_insn_immediates = 0, 1, 4, 8, 16, -1, -4, -16 415 bpf_reg = BPF_REG_0, BPF_REG_1, BPF_REG_2, BPF_REG_3, BPF_REG_4, BPF_REG_5, BPF_REG_6, BPF_REG_7, BPF_REG_8, BPF_REG_9, BPF_REG_10, __MAX_BPF_REG 416 417 # Equivalent to: 418 # if reg != 0 goto +1; 419 # exit; 420 # This is useful to check null pointers. We exit if the pointer is null and 421 # continue the normal flow otherwise. 422 type bpf_insn_null_check[REG] { 423 cond_jump bpf_insn_not_null_jmp[REG] 424 exit bpf_insn_exit 425 } 426 427 # Format specifiers for bpf_trace_printk, encoded as a zero-terminated string 428 # of 7 characters. For example, field 'p' corresponds to "%p ". 429 type bpf_insn_mov_printk_str_hex[DST] [ 430 p bpf_insn_mov_imm64[DST, 0x25702020, 0x20202000] 431 d bpf_insn_mov_imm64[DST, 0x25642020, 0x20202000] 432 i bpf_insn_mov_imm64[DST, 0x25692020, 0x20202000] 433 u bpf_insn_mov_imm64[DST, 0x25752020, 0x20202000] 434 x bpf_insn_mov_imm64[DST, 0x25782020, 0x20202000] 435 ld bpf_insn_mov_imm64[DST, 0x256c6420, 0x20202000] 436 li bpf_insn_mov_imm64[DST, 0x256c6920, 0x20202000] 437 lu bpf_insn_mov_imm64[DST, 0x256c7520, 0x20202000] 438 lx bpf_insn_mov_imm64[DST, 0x256c7820, 0x20202000] 439 lld bpf_insn_mov_imm64[DST, 0x256c6c64, 0x20202000] 440 lli bpf_insn_mov_imm64[DST, 0x256c6c69, 0x20202000] 441 llu bpf_insn_mov_imm64[DST, 0x256c6c75, 0x20202000] 442 llx bpf_insn_mov_imm64[DST, 0x256c6c78, 0x20202000] 443 s bpf_insn_mov_imm64[DST, 0x25732020, 0x20202000] 444 ] 445 446 # (18) r1 = "%d " 447 # (7b) *(u64 *)(r10 -8) = r1 448 # (bf) r1 = r10 449 # (07) r1 += -8 450 # (b7) r2 = 8 451 # (b7) r3 = X 452 # (85) call bpf_trace_printk#-108352 453 bpf_insn_trace_printk { 454 insn1 bpf_insn_mov_printk_str_hex[BPF_REG_1] 455 insn2 bpf_insn_st64_reg[BPF_REG_1, BPF_REG_10, -8] 456 insn3 bpf_insn_mov_reg[BPF_REG_10, BPF_REG_1] 457 insn4 bpf_insn_op_imm[BPF_REG_1, BPF_ADD0, -8] 458 insn5 bpf_insn_mov_imm[BPF_REG_2, 8] 459 insn6 bpf_insn_mov_imm_any[BPF_REG_3] 460 insn7 bpf_insn_call_helper_t[const[BPF_FUNC_trace_printk, int32]] 461 } 462 463 # (b7) r8 = 0 464 # (7b) *(u64 *)(r10 -8) = r8 465 # (b7) r8 = X 466 # (7b) *(u64 *)(r10 -16) = r8 467 # (bf) r1 = r10 468 # (07) r1 += -8 469 # (bf) r4 = r10 470 # (07) r4 += -16 471 # (b7) r2 = 8 472 # (18) r3 = map[id:31][0]+0 473 # (b7) r5 = 8 474 # (85) call bpf_snprintf#168880 475 bpf_insn_snprintf { 476 insn1 bpf_insn_mov_imm[BPF_REG_8, 0] 477 insn2 bpf_insn_st64_reg[BPF_REG_8, BPF_REG_10, -8] 478 insn3 bpf_insn_mov_imm_any[BPF_REG_8] 479 insn4 bpf_insn_st64_reg[BPF_REG_8, BPF_REG_10, -16] 480 insn5 bpf_insn_mov_reg[BPF_REG_10, BPF_REG_1] 481 insn6 bpf_insn_op_imm[BPF_REG_1, BPF_ADD0, -8] 482 insn7 bpf_insn_mov_reg[BPF_REG_10, BPF_REG_4] 483 insn8 bpf_insn_op_imm[BPF_REG_4, BPF_ADD0, -16] 484 insn9 bpf_insn_mov_imm[BPF_REG_2, 8] 485 insn10 bpf_insn_const_str[BPF_REG_3] 486 insn11 bpf_insn_mov_imm[BPF_REG_5, 8] 487 insn12 bpf_insn_call_helper_t[const[BPF_FUNC_snprintf, int32]] 488 } 489 490 # (18) r2 = map[id:10] 491 # (b7) r3 = 2 492 # (85) call bpf_tail_call#12 493 # (b7) r0 = 0 494 bpf_insn_tail_call { 495 insn1 bpf_insn_tail_call_map_fd[BPF_REG_2] 496 insn2 bpf_insn_mov_imm[BPF_REG_3, 0] 497 insn3 bpf_insn_call_helper_t[const[BPF_FUNC_tail_call, int32]] 498 insn4 bpf_insn_mov_imm[BPF_REG_0, 0] 499 } 500 501 # (18) r1 = map[id:16] 502 # (b7) r2 = 8 503 # (b7) r3 = 0 504 # (85) call bpf_ringbuf_reserve#320112 505 # (bf) r9 = r0 506 bpf_insn_ringbuf_reserve { 507 insn1 bpf_insn_ringbuf_fd[BPF_REG_1] 508 insn2 bpf_insn_mov_imm[BPF_REG_2, 20] 509 insn3 bpf_insn_mov_imm[BPF_REG_3, 0] 510 insn4 bpf_insn_call_helper_t[const[BPF_FUNC_ringbuf_reserve, int32]] 511 insn5 bpf_insn_mov_reg[BPF_REG_0, BPF_REG_9] 512 } 513 514 # (bf) r1 = r9 515 # (b7) r2 = BPF_RB_X 516 # (85) call bpf_ringbuf_{submit,discard}#322192 517 # (bf) r0 = 0 518 bpf_insn_ringbuf_free { 519 insn1 bpf_insn_mov_reg[BPF_REG_9, BPF_REG_1] 520 insn2 bpf_insn_mov_imm_flag[BPF_REG_2, bpf_ringbuf_wakeup_flags] 521 insn3 bpf_insn_call_helper_t[flags[bpf_helpers_ringbuf_free, int32]] 522 insn4 bpf_insn_mov_imm[BPF_REG_0, 0] 523 } 524 525 bpf_helpers_ringbuf_free = BPF_FUNC_ringbuf_submit, BPF_FUNC_ringbuf_discard 526 527 # (18) r1 = map[id:16] 528 # (b7) r2 = 0 529 # (85) call bpf_ringbuf_query#322192 530 bpf_insn_ringbuf_query { 531 insn1 bpf_insn_tail_call_map_fd[BPF_REG_1] 532 insn2 bpf_insn_mov_imm[BPF_REG_2, 0] 533 insn3 bpf_insn_call_helper_t[const[BPF_FUNC_ringbuf_query, int32]] 534 } 535 536 # (18) r1 = map[id:16] 537 # (b7) r8 = X 538 # (7b) *(u64 *)(r10 -8) = r8 539 # (bf) r2 = r10 540 # (07) r2 += -8 541 # (b7) r3 = 8 542 # (b7) r4 = BPF_RB_X 543 # (85) call bpf_ringbuf_output#322192 544 bpf_insn_ringbuf_output { 545 insn1 bpf_insn_tail_call_map_fd[BPF_REG_1] 546 insn2 bpf_insn_mov_imm_any[BPF_REG_8] 547 insn3 bpf_insn_st64_reg[BPF_REG_8, BPF_REG_10, -8] 548 insn4 bpf_insn_mov_reg[BPF_REG_10, BPF_REG_2] 549 insn5 bpf_insn_op_imm[BPF_REG_2, BPF_ADD0, -8] 550 insn6 bpf_insn_mov_imm[BPF_REG_3, 8] 551 insn7 bpf_insn_mov_imm_flag[BPF_REG_4, bpf_ringbuf_wakeup_flags] 552 insn8 bpf_insn_call_helper_t[const[BPF_FUNC_ringbuf_output, int32]] 553 } 554 555 define MAX_BPF_REG __MAX_BPF_REG 556 557 bpf_ringbuf_wakeup_flags = 0, BPF_RB_NO_WAKEUP, BPF_RB_FORCE_WAKEUP