This commit adds a new BPF specific structure attribte
__attribute__((preserve_static_offset)) and a pass to deal with it.
This attribute may be attached to a struct or union declaration, where
it notifies the compiler that this structure is a "context" structure.
The following limitations apply to context structures:
- runtime environment might patch access to the fields of this type by updating the field offset;
BPF verifier limits access patterns allowed for certain data types. E.g. struct __sk_buff and struct bpf_sock_ops. For these types only LD/ST <reg> <static-offset> memory loads and stores are allowed.
This is so because offsets of the fields of these structures do not match real offsets in the running kernel. During BPF program load/verification loads and stores to the fields of these types are rewritten so that offsets match real offsets. For this rewrite to happen static offsets have to be encoded in the instructions.
See kernel/bpf/verifier.c:convert_ctx_access function in the Linux kernel source tree for details.
- runtime environment might disallow access to the field of the type through modified pointers.
During BPF program verification a tag PTR_TO_CTX is tracked for register values. In case if register with such tag is modified BPF programs are not allowed to read or write memory using register. See kernel/bpf/verifier.c:check_mem_access function in the Linux kernel source tree for details.
Access to the structure fields is translated to IR as a sequence:
- (load (getelementptr %ptr %offset)) or
- (store (getelementptr %ptr %offset))
During instruction selection phase such sequences are translated as a
single load instruction with embedded offset, e.g. LDW %ptr, %offset,
which matches access pattern necessary for the restricted
set of types described above (when %offset is static).
Multiple optimizer passes might separate these instructions, this
- SimplifyCFGPass (sinking)
- InstCombine (sinking)
- GVN (hoisting)
The preserve_static_offset attribute marks structures for which the
following transformations happen:
- at the early IR processing stage:
- (load (getelementptr ...)) replaced by call to intrinsic llvm.bpf.getelementptr.and.load;
- (store (getelementptr ...)) replaced by call to intrinsic llvm.bpf.getelementptr.and.store;
- at the late IR processing stage this modification is undone.
Such handling prevents various optimizer passes from generating
sequences of instructions that would be rejected by BPF verifier.
The attribute((preserve_static_offset)) has a priority over
attribute((preserve_access_index)). When preserve_access_index
attribute is present preserve access index transformations are not
This addresses the issue reported by the following thread: