28#include <ubpf_config.h>
38#if !defined(UBPF_MAX_INSTS)
39#define UBPF_MAX_INSTS 65536
45#if !defined(UBPF_MAX_CALL_DEPTH)
46#define UBPF_MAX_CALL_DEPTH 8
52#if !defined(UBPF_EBPF_STACK_SIZE)
53#define UBPF_EBPF_STACK_SIZE (UBPF_MAX_CALL_DEPTH * 512)
64#if !defined(UBPF_EBPF_LOCAL_FUNCTION_STACK_SIZE)
65#define UBPF_EBPF_LOCAL_FUNCTION_STACK_SIZE 256
71#if !defined(UBPF_MAX_EXT_FUNCS)
72#define UBPF_MAX_EXT_FUNCS 64
75#define UBPF_EBPF_NONVOLATILE_SIZE (sizeof(uint64_t) * 5)
98 typedef uint64_t (*
ubpf_jit_ex_fn)(
void* mem,
size_t mem_len, uint8_t* stack,
size_t stack_len);
224 uint64_t, uint64_t, uint64_t, uint64_t, uint64_t,
unsigned int index,
void* cookie);
300 ubpf_load(
struct ubpf_vm* vm,
const void* code, uint32_t code_len,
char** errmsg);
322#if defined(UBPF_HAS_ELF_H)
344 ubpf_load_elf(
struct ubpf_vm* vm,
const void* elf,
size_t elf_len,
char** errmsg);
369 ubpf_load_elf_ex(
struct ubpf_vm* vm,
const void* elf,
size_t elf_len,
const char* main_section_name,
char** errmsg);
390 ubpf_exec(
const struct ubpf_vm* vm,
void* mem,
size_t mem_len, uint64_t* bpf_return_value);
394 const struct ubpf_vm* vm,
397 uint64_t* bpf_return_value,
451 ubpf_copy_jit(
struct ubpf_vm* vm,
void* buffer,
size_t size,
char** errmsg);
469 ubpf_translate(
struct ubpf_vm* vm, uint8_t* buffer,
size_t* size,
char** errmsg);
549 const char* symbol_name,
550 uint64_t symbol_offset,
551 uint64_t symbol_size);
664 const uint64_t registers[16],
665 const uint8_t* stack_start,
667 uint64_t register_mask,
668 const uint8_t* stack_mask_start);
int ubpf_set_unwind_function_index(struct ubpf_vm *vm, unsigned int idx)
Instruct the uBPF runtime to apply unwind-on-success semantics to a helper function....
bool ubpf_toggle_constant_blinding(struct ubpf_vm *vm, bool enable)
Enable / disable constant blinding in the JIT compiler. Constant blinding is a security hardening tec...
bool ubpf_toggle_readonly_bytecode(struct ubpf_vm *vm, bool enable)
Enable or disable read-only bytecode storage.
int(* stack_usage_calculator_t)(const struct ubpf_vm *vm, uint16_t pc, void *cookie)
The type of a stack usage calculator callback function.
Definition ubpf.h:256
int ubpf_exec(const struct ubpf_vm *vm, void *mem, size_t mem_len, uint64_t *bpf_return_value)
Execute a BPF program in the VM using the interpreter.
int ubpf_register_external_dispatcher(struct ubpf_vm *vm, external_function_dispatcher_t dispatcher, external_function_validate_t validater)
Register a function that dispatches to external helpers The immediate field of a CALL instruction is ...
ubpf_jit_ex_fn ubpf_compile_ex(struct ubpf_vm *vm, char **errmsg, enum JitMode jit_mode)
Compile a BPF program in the VM to native code.
int ubpf_register_data_bounds_check(struct ubpf_vm *vm, void *user_context, ubpf_bounds_check bounds_check)
Set a bounds check function for the VM.
uint64_t(* ubpf_jit_ex_fn)(void *mem, size_t mem_len, uint8_t *stack, size_t stack_len)
Opaque type for a uBPF JIT compiled function with external stack.
Definition ubpf.h:98
int ubpf_set_pointer_secret(struct ubpf_vm *vm, uint64_t secret)
Optional secret to improve ROP protection.
int ubpf_register(struct ubpf_vm *vm, unsigned int index, const char *name, external_function_t fn)
Register an external function. The immediate field of a CALL instruction is an index into an array of...
bool ubpf_toggle_undefined_behavior_check(struct ubpf_vm *vm, bool enable)
Enable or disable undefined behavior checks. Undefined behavior includes reading from uninitialized m...
JitMode
Enum to describe JIT mode.
Definition ubpf.h:118
@ BasicJitMode
Definition ubpf.h:120
@ ExtendedJitMode
Definition ubpf.h:119
external_function_t as_external_function_t(void *f)
Cast an external function to external_function_t.
struct ubpf_vm * ubpf_create(void)
Create a new uBPF VM.
uint64_t(* ubpf_jit_fn)(void *mem, size_t mem_len)
Opaque type for a uBPF JIT compiled function.
Definition ubpf.h:92
bool(* ubpf_bounds_check)(void *context, uint64_t addr, uint64_t size)
Function that is called by the VM to check if a memory access is within bounds.
Definition ubpf.h:572
ubpf_jit_fn ubpf_compile(struct ubpf_vm *vm, char **errmsg)
Compile a BPF program in the VM to native code.
int ubpf_register_data_relocation(struct ubpf_vm *vm, void *user_context, ubpf_data_relocation relocation)
Set a relocation function for the VM.
int ubpf_exec_ex(const struct ubpf_vm *vm, void *mem, size_t mem_len, uint64_t *bpf_return_value, uint8_t *stack, size_t stack_len)
uint64_t(* ubpf_data_relocation)(void *user_context, const uint8_t *data, uint64_t data_size, const char *symbol_name, uint64_t symbol_offset, uint64_t symbol_size)
Data relocation function that is called by the VM when it encounters a R_BPF_64_64 relocation in the ...
Definition ubpf.h:545
bool ubpf_toggle_bounds_check(struct ubpf_vm *vm, bool enable)
Enable / disable bounds_check. Bounds check is enabled by default, but it may be too restrictive.
int ubpf_load(struct ubpf_vm *vm, const void *code, uint32_t code_len, char **errmsg)
Load code into a VM. This must be done before calling ubpf_exec or ubpf_compile and after registering...
bool(* external_function_validate_t)(unsigned int index, const struct ubpf_vm *vm)
The type of an external helper validation function.
Definition ubpf.h:229
int ubpf_set_jit_code_size(struct ubpf_vm *vm, size_t code_size)
Set a size for the buffer allocated to machine code generated during JIT compilation....
uint64_t(* external_function_t)(uint64_t p0, uint64_t p1, uint64_t p2, uint64_t p3, uint64_t p4)
The type of an external helper function.
Definition ubpf.h:188
ubpf_jit_fn ubpf_copy_jit(struct ubpf_vm *vm, void *buffer, size_t size, char **errmsg)
Copy the JIT'd program code to the given buffer.
uint64_t * ubpf_get_registers(const struct ubpf_vm *vm)
Retrieve the storage location for the BPF registers in the VM.
uint64_t(* external_function_dispatcher_t)(uint64_t, uint64_t, uint64_t, uint64_t, uint64_t, unsigned int index, void *cookie)
The type of an external helper dispatcher function.
Definition ubpf.h:223
int ubpf_register_stack_usage_calculator(struct ubpf_vm *vm, stack_usage_calculator_t calculator, void *cookie)
Register a function that will be called during eBPF program validation to determine stack usage for a...
int ubpf_register_debug_fn(struct ubpf_vm *vm, void *context, ubpf_debug_fn debug_function)
Add option to invoke a debug function before each instruction. Note: This only applies to the interpr...
int ubpf_translate(struct ubpf_vm *vm, uint8_t *buffer, size_t *size, char **errmsg)
Translate the eBPF byte code to machine code.
int ubpf_set_instruction_limit(struct ubpf_vm *vm, uint32_t limit, uint32_t *previous_limit)
Set the instruction limit for the VM. This is the maximum number of instructions that a program may e...
void ubpf_destroy(struct ubpf_vm *vm)
Free a uBPF VM.
void ubpf_set_error_print(struct ubpf_vm *vm, int(*error_printf)(FILE *stream, const char *format,...))
Set the function to be invoked if the program hits a fatal error.
void ubpf_unload_code(struct ubpf_vm *vm)
Unload code from a VM.
void ubpf_set_registers(struct ubpf_vm *vm, uint64_t *regs)
Override the storage location for the BPF registers in the VM.
void(* ubpf_debug_fn)(void *context, int program_counter, const uint64_t registers[16], const uint8_t *stack_start, size_t stack_length, uint64_t register_mask, const uint8_t *stack_mask_start)
A function to invoke before each instruction.
Definition ubpf.h:661
int ubpf_translate_ex(struct ubpf_vm *vm, uint8_t *buffer, size_t *size, char **errmsg, enum JitMode jit_mode)
Translate the eBPF byte code to machine code.
