Assembly within! BPF tail calls on x86 and ARM
In this post, we discussed the implementation of BPF tails calls on ARM64 architecture. We started by explaining what a BPF tail call is and how it works in general. Then, we dived into the details of the BPF JIT compiler for ARM64, specifically focusing on the prologue and epilogue code that gets emitted when compiling BPF programs. We discovered that there was an issue with mixing BPF tail calls and function calls on ARM64, which could potentially allow users to create program chains longer than the MAX_TAIL_CALL_CNT limit. To fix this problem, we made a small tweak to the BPF JIT compiler code by adding a check for whether the current BPF program is the main one or not before initializing the tail call count register. Finally, we tested our changes using GDB and observed how a BPF program calls into a BPF function, and from there tail calls to another BPF program. The feature will be enabled in the upcoming Linux 6.0 release.
Company
Cloudflare
Date published
Oct. 10, 2022
Author(s)
Jakub Sitnicki
Word count
5162
Hacker News points
5
Language
English