rbpf/src/lib.rs

*fae6e9adSlinfeng// SPDX-License-Identifier: (Apache-2.0 OR MIT)
*fae6e9adSlinfeng// Derived from uBPF <https://github.com/iovisor/ubpf>
*fae6e9adSlinfeng// Copyright 2016 6WIND S.A. <quentin.monnet@6wind.com>
*fae6e9adSlinfeng// Copyright 2023 Isovalent, Inc. <quentin@isovalent.com>
*fae6e9adSlinfeng
*fae6e9adSlinfeng//! Virtual machine and JIT compiler for eBPF programs.
*fae6e9adSlinfeng#![doc(
*fae6e9adSlinfeng    html_logo_url = "https://raw.githubusercontent.com/qmonnet/rbpf/main/misc/rbpf.png",
*fae6e9adSlinfeng    html_favicon_url = "https://raw.githubusercontent.com/qmonnet/rbpf/main/misc/rbpf.ico"
*fae6e9adSlinfeng)]
*fae6e9adSlinfeng#![warn(missing_docs)]
*fae6e9adSlinfeng// There are unused mut warnings due to unsafe code.
*fae6e9adSlinfeng#![allow(unused_mut)]
*fae6e9adSlinfeng// Allows old-style clippy
*fae6e9adSlinfeng#![allow(renamed_and_removed_lints)]
*fae6e9adSlinfeng#![cfg_attr(
*fae6e9adSlinfeng    clippy,
*fae6e9adSlinfeng    allow(
*fae6e9adSlinfeng        redundant_field_names,
*fae6e9adSlinfeng        single_match,
*fae6e9adSlinfeng        cast_lossless,
*fae6e9adSlinfeng        doc_markdown,
*fae6e9adSlinfeng        match_same_arms,
*fae6e9adSlinfeng        unreadable_literal
*fae6e9adSlinfeng    )
*fae6e9adSlinfeng)]
*fae6e9adSlinfeng// Configures the crate to be `no_std` when `std` feature is disabled.
*fae6e9adSlinfeng#![cfg_attr(not(feature = "std"), no_std)]
*fae6e9adSlinfengextern crate alloc;
*fae6e9adSlinfenguse alloc::{collections::BTreeMap, format, vec, vec::Vec};
*fae6e9adSlinfeng
*fae6e9adSlinfenguse byteorder::{ByteOrder, LittleEndian};
*fae6e9adSlinfeng
*fae6e9adSlinfengtype HashMap<K, V> = BTreeMap<K, V>;
*fae6e9adSlinfeng#[cfg(feature = "cranelift")]
*fae6e9adSlinfengtype HashSet<T> = alloc::collections::BTreeSet<T>;
*fae6e9adSlinfengmod asm_parser;
*fae6e9adSlinfengpub mod assembler;
*fae6e9adSlinfeng#[cfg(feature = "cranelift")]
*fae6e9adSlinfengmod cranelift;
*fae6e9adSlinfengpub mod disassembler;
*fae6e9adSlinfengpub mod ebpf;
*fae6e9adSlinfengpub mod helpers;
*fae6e9adSlinfengpub mod insn_builder;
*fae6e9adSlinfengmod interpreter;
*fae6e9adSlinfeng#[cfg(all(not(windows), feature = "std"))]
*fae6e9adSlinfengmod jit;
*fae6e9adSlinfeng#[cfg(not(feature = "std"))]
*fae6e9adSlinfengmod no_std_error;
*fae6e9adSlinfengmod stack;
*fae6e9adSlinfengmod verifier;
*fae6e9adSlinfeng
*fae6e9adSlinfeng#[cfg(feature = "std")]
*fae6e9adSlinfengpub use std::io::{Error, ErrorKind};
*fae6e9adSlinfeng
*fae6e9adSlinfeng/// In no_std we use a custom implementation of the error which acts as a
*fae6e9adSlinfeng/// replacement for the io Error.
*fae6e9adSlinfeng#[cfg(not(feature = "std"))]
*fae6e9adSlinfengpub use crate::no_std_error::{Error, ErrorKind};
*fae6e9adSlinfeng
*fae6e9adSlinfeng/// eBPF verification function that returns an error if the program does not meet its requirements.
*fae6e9adSlinfeng///
*fae6e9adSlinfeng/// Some examples of things the verifier may reject the program for:
*fae6e9adSlinfeng///
*fae6e9adSlinfeng///   - Program does not terminate.
*fae6e9adSlinfeng///   - Unknown instructions.
*fae6e9adSlinfeng///   - Bad formed instruction.
*fae6e9adSlinfeng///   - Unknown eBPF helper index.
*fae6e9adSlinfengpub type Verifier = fn(prog: &[u8]) -> Result<(), Error>;
*fae6e9adSlinfeng
*fae6e9adSlinfeng/// eBPF helper function.
*fae6e9adSlinfengpub type Helper = fn(u64, u64, u64, u64, u64) -> u64;
*fae6e9adSlinfeng
*fae6e9adSlinfeng// A metadata buffer with two offset indications. It can be used in one kind of eBPF VM to simulate
*fae6e9adSlinfeng// the use of a metadata buffer each time the program is executed, without the user having to
*fae6e9adSlinfeng// actually handle it. The offsets are used to tell the VM where in the buffer the pointers to
*fae6e9adSlinfeng// packet data start and end should be stored each time the program is run on a new packet.
*fae6e9adSlinfengstruct MetaBuff {
*fae6e9adSlinfeng    data_offset: usize,
*fae6e9adSlinfeng    data_end_offset: usize,
*fae6e9adSlinfeng    buffer: Vec<u8>,
*fae6e9adSlinfeng}
*fae6e9adSlinfeng
*fae6e9adSlinfeng/// A virtual machine to run eBPF program. This kind of VM is used for programs expecting to work
*fae6e9adSlinfeng/// on a metadata buffer containing pointers to packet data.
*fae6e9adSlinfeng///
*fae6e9adSlinfeng/// # Examples
*fae6e9adSlinfeng///
*fae6e9adSlinfeng/// ```
*fae6e9adSlinfeng/// let prog = &[
*fae6e9adSlinfeng///     0x79, 0x11, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, // Load mem from mbuff at offset 8 into R1.
*fae6e9adSlinfeng///     0x69, 0x10, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, // ldhx r1[2], r0
*fae6e9adSlinfeng///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng/// ];
*fae6e9adSlinfeng/// let mem = &mut [
*fae6e9adSlinfeng///     0xaa, 0xbb, 0x11, 0x22, 0xcc, 0xdd
*fae6e9adSlinfeng/// ];
*fae6e9adSlinfeng///
*fae6e9adSlinfeng/// // Just for the example we create our metadata buffer from scratch, and we store the pointers
*fae6e9adSlinfeng/// // to packet data start and end in it.
*fae6e9adSlinfeng/// let mut mbuff = [0u8; 32];
*fae6e9adSlinfeng/// unsafe {
*fae6e9adSlinfeng///     let mut data     = mbuff.as_ptr().offset(8)  as *mut u64;
*fae6e9adSlinfeng///     let mut data_end = mbuff.as_ptr().offset(24) as *mut u64;
*fae6e9adSlinfeng///     *data     = mem.as_ptr() as u64;
*fae6e9adSlinfeng///     *data_end = mem.as_ptr() as u64 + mem.len() as u64;
*fae6e9adSlinfeng/// }
*fae6e9adSlinfeng///
*fae6e9adSlinfeng/// // Instantiate a VM.
*fae6e9adSlinfeng/// let mut vm = rbpf::EbpfVmMbuff::new(Some(prog)).unwrap();
*fae6e9adSlinfeng///
*fae6e9adSlinfeng/// // Provide both a reference to the packet data, and to the metadata buffer.
*fae6e9adSlinfeng/// let res = vm.execute_program(mem, &mut mbuff).unwrap();
*fae6e9adSlinfeng/// assert_eq!(res, 0x2211);
*fae6e9adSlinfeng/// ```
*fae6e9adSlinfengpub struct EbpfVmMbuff<'a> {
*fae6e9adSlinfeng    prog: Option<&'a [u8]>,
*fae6e9adSlinfeng    verifier: Verifier,
*fae6e9adSlinfeng    #[cfg(all(not(windows), feature = "std"))]
*fae6e9adSlinfeng    jit: Option<jit::JitMemory<'a>>,
*fae6e9adSlinfeng    #[cfg(feature = "cranelift")]
*fae6e9adSlinfeng    cranelift_prog: Option<cranelift::CraneliftProgram>,
*fae6e9adSlinfeng    helpers: HashMap<u32, ebpf::Helper>,
*fae6e9adSlinfeng}
*fae6e9adSlinfeng
*fae6e9adSlinfengimpl<'a> EbpfVmMbuff<'a> {
*fae6e9adSlinfeng    /// Create a new virtual machine instance, and load an eBPF program into that instance.
*fae6e9adSlinfeng    /// When attempting to load the program, it passes through a simple verifier.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// let prog = &[
*fae6e9adSlinfeng    ///     0x79, 0x11, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, // Load mem from mbuff into R1.
*fae6e9adSlinfeng    ///     0x69, 0x10, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, // ldhx r1[2], r0
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Instantiate a VM.
*fae6e9adSlinfeng    /// let mut vm = rbpf::EbpfVmMbuff::new(Some(prog)).unwrap();
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    pub fn new(prog: Option<&'a [u8]>) -> Result<EbpfVmMbuff<'a>, Error> {
*fae6e9adSlinfeng        if let Some(prog) = prog {
*fae6e9adSlinfeng            verifier::check(prog)?;
*fae6e9adSlinfeng        }
*fae6e9adSlinfeng
*fae6e9adSlinfeng        Ok(EbpfVmMbuff {
*fae6e9adSlinfeng            prog,
*fae6e9adSlinfeng            verifier: verifier::check,
*fae6e9adSlinfeng            #[cfg(all(not(windows), feature = "std"))]
*fae6e9adSlinfeng            jit: None,
*fae6e9adSlinfeng            #[cfg(feature = "cranelift")]
*fae6e9adSlinfeng            cranelift_prog: None,
*fae6e9adSlinfeng            helpers: HashMap::new(),
*fae6e9adSlinfeng        })
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Load a new eBPF program into the virtual machine instance.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// let prog1 = &[
*fae6e9adSlinfeng    ///     0xb7, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r0, 0
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    /// let prog2 = &[
*fae6e9adSlinfeng    ///     0x79, 0x11, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, // Load mem from mbuff into R1.
*fae6e9adSlinfeng    ///     0x69, 0x10, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, // ldhx r1[2], r0
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Instantiate a VM.
*fae6e9adSlinfeng    /// let mut vm = rbpf::EbpfVmMbuff::new(Some(prog1)).unwrap();
*fae6e9adSlinfeng    /// vm.set_program(prog2).unwrap();
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    pub fn set_program(&mut self, prog: &'a [u8]) -> Result<(), Error> {
*fae6e9adSlinfeng        (self.verifier)(prog)?;
*fae6e9adSlinfeng        self.prog = Some(prog);
*fae6e9adSlinfeng        Ok(())
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Set a new verifier function. The function should return an `Error` if the program should be
*fae6e9adSlinfeng    /// rejected by the virtual machine. If a program has been loaded to the VM already, the
*fae6e9adSlinfeng    /// verifier is immediately run.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// use rbpf::{Error, ErrorKind};
*fae6e9adSlinfeng    /// use rbpf::ebpf;
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Define a simple verifier function.
*fae6e9adSlinfeng    /// fn verifier(prog: &[u8]) -> Result<(), Error> {
*fae6e9adSlinfeng    ///     let last_insn = ebpf::get_insn(prog, (prog.len() / ebpf::INSN_SIZE) - 1);
*fae6e9adSlinfeng    ///     if last_insn.opc != ebpf::EXIT {
*fae6e9adSlinfeng    ///         return Err(Error::new(ErrorKind::Other,
*fae6e9adSlinfeng    ///                    "[Verifier] Error: program does not end with “EXIT” instruction"));
*fae6e9adSlinfeng    ///     }
*fae6e9adSlinfeng    ///     Ok(())
*fae6e9adSlinfeng    /// }
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// let prog1 = &[
*fae6e9adSlinfeng    ///     0xb7, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r0, 0
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Instantiate a VM.
*fae6e9adSlinfeng    /// let mut vm = rbpf::EbpfVmMbuff::new(Some(prog1)).unwrap();
*fae6e9adSlinfeng    /// // Change the verifier.
*fae6e9adSlinfeng    /// vm.set_verifier(verifier).unwrap();
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    pub fn set_verifier(&mut self, verifier: Verifier) -> Result<(), Error> {
*fae6e9adSlinfeng        if let Some(prog) = self.prog {
*fae6e9adSlinfeng            verifier(prog)?;
*fae6e9adSlinfeng        }
*fae6e9adSlinfeng        self.verifier = verifier;
*fae6e9adSlinfeng        Ok(())
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Register a built-in or user-defined helper function in order to use it later from within
*fae6e9adSlinfeng    /// the eBPF program. The helper is registered into a hashmap, so the `key` can be any `u32`.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// If using JIT-compiled eBPF programs, be sure to register all helpers before compiling the
*fae6e9adSlinfeng    /// program. You should be able to change registered helpers after compiling, but not to add
*fae6e9adSlinfeng    /// new ones (i.e. with new keys).
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// use rbpf::helpers;
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // This program was compiled with clang, from a C program containing the following single
*fae6e9adSlinfeng    /// // instruction: `return bpf_trace_printk("foo %c %c %c\n", 10, 1, 2, 3);`
*fae6e9adSlinfeng    /// let prog = &[
*fae6e9adSlinfeng    ///     0x18, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // load 0 as u64 into r1 (That would be
*fae6e9adSlinfeng    ///     0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // replaced by tc by the address of
*fae6e9adSlinfeng    ///                                                     // the format string, in the .map
*fae6e9adSlinfeng    ///                                                     // section of the ELF file).
*fae6e9adSlinfeng    ///     0xb7, 0x02, 0x00, 0x00, 0x0a, 0x00, 0x00, 0x00, // mov r2, 10
*fae6e9adSlinfeng    ///     0xb7, 0x03, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, // mov r3, 1
*fae6e9adSlinfeng    ///     0xb7, 0x04, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, // mov r4, 2
*fae6e9adSlinfeng    ///     0xb7, 0x05, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00, // mov r5, 3
*fae6e9adSlinfeng    ///     0x85, 0x00, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, // call helper with key 6
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Instantiate a VM.
*fae6e9adSlinfeng    /// let mut vm = rbpf::EbpfVmMbuff::new(Some(prog)).unwrap();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Register a helper.
*fae6e9adSlinfeng    /// // On running the program this helper will print the content of registers r3, r4 and r5 to
*fae6e9adSlinfeng    /// // standard output.
*fae6e9adSlinfeng    /// # #[cfg(feature = "std")]
*fae6e9adSlinfeng    /// vm.register_helper(6, helpers::bpf_trace_printf).unwrap();
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    pub fn register_helper(&mut self, key: u32, function: Helper) -> Result<(), Error> {
*fae6e9adSlinfeng        self.helpers.insert(key, function);
*fae6e9adSlinfeng        Ok(())
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Execute the program loaded, with the given packet data and metadata buffer.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// If the program is made to be compatible with Linux kernel, it is expected to load the
*fae6e9adSlinfeng    /// address of the beginning and of the end of the memory area used for packet data from the
*fae6e9adSlinfeng    /// metadata buffer, at some appointed offsets. It is up to the user to ensure that these
*fae6e9adSlinfeng    /// pointers are correctly stored in the buffer.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// let prog = &[
*fae6e9adSlinfeng    ///     0x79, 0x11, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, // Load mem from mbuff into R1.
*fae6e9adSlinfeng    ///     0x69, 0x10, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, // ldhx r1[2], r0
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    /// let mem = &mut [
*fae6e9adSlinfeng    ///     0xaa, 0xbb, 0x11, 0x22, 0xcc, 0xdd
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Just for the example we create our metadata buffer from scratch, and we store the
*fae6e9adSlinfeng    /// // pointers to packet data start and end in it.
*fae6e9adSlinfeng    /// let mut mbuff = [0u8; 32];
*fae6e9adSlinfeng    /// unsafe {
*fae6e9adSlinfeng    ///     let mut data     = mbuff.as_ptr().offset(8)  as *mut u64;
*fae6e9adSlinfeng    ///     let mut data_end = mbuff.as_ptr().offset(24) as *mut u64;
*fae6e9adSlinfeng    ///     *data     = mem.as_ptr() as u64;
*fae6e9adSlinfeng    ///     *data_end = mem.as_ptr() as u64 + mem.len() as u64;
*fae6e9adSlinfeng    /// }
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Instantiate a VM.
*fae6e9adSlinfeng    /// let mut vm = rbpf::EbpfVmMbuff::new(Some(prog)).unwrap();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Provide both a reference to the packet data, and to the metadata buffer.
*fae6e9adSlinfeng    /// let res = vm.execute_program(mem, &mut mbuff).unwrap();
*fae6e9adSlinfeng    /// assert_eq!(res, 0x2211);
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    pub fn execute_program(&self, mem: &[u8], mbuff: &[u8]) -> Result<u64, Error> {
*fae6e9adSlinfeng        interpreter::execute_program(self.prog, mem, mbuff, &self.helpers)
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// JIT-compile the loaded program. No argument required for this.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// If using helper functions, be sure to register them into the VM before calling this
*fae6e9adSlinfeng    /// function.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// let prog = &[
*fae6e9adSlinfeng    ///     0x79, 0x11, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, // Load mem from mbuff into R1.
*fae6e9adSlinfeng    ///     0x69, 0x10, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, // ldhx r1[2], r0
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Instantiate a VM.
*fae6e9adSlinfeng    /// let mut vm = rbpf::EbpfVmMbuff::new(Some(prog)).unwrap();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// vm.jit_compile();
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    #[cfg(all(not(windows), feature = "std"))]
*fae6e9adSlinfeng    pub fn jit_compile(&mut self) -> Result<(), Error> {
*fae6e9adSlinfeng        let prog = match self.prog {
*fae6e9adSlinfeng            Some(prog) => prog,
*fae6e9adSlinfeng            None => Err(Error::new(
*fae6e9adSlinfeng                ErrorKind::Other,
*fae6e9adSlinfeng                "Error: No program set, call prog_set() to load one",
*fae6e9adSlinfeng            ))?,
*fae6e9adSlinfeng        };
*fae6e9adSlinfeng        self.jit = Some(jit::JitMemory::new(prog, &self.helpers, true, false)?);
*fae6e9adSlinfeng        Ok(())
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Execute the previously JIT-compiled program, with the given packet data and metadata
*fae6e9adSlinfeng    /// buffer, in a manner very similar to `execute_program()`.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// If the program is made to be compatible with Linux kernel, it is expected to load the
*fae6e9adSlinfeng    /// address of the beginning and of the end of the memory area used for packet data from the
*fae6e9adSlinfeng    /// metadata buffer, at some appointed offsets. It is up to the user to ensure that these
*fae6e9adSlinfeng    /// pointers are correctly stored in the buffer.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Safety
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// **WARNING:** JIT-compiled assembly code is not safe, in particular there is no runtime
*fae6e9adSlinfeng    /// check for memory access; so if the eBPF program attempts erroneous accesses, this may end
*fae6e9adSlinfeng    /// very bad (program may segfault). It may be wise to check that the program works with the
*fae6e9adSlinfeng    /// interpreter before running the JIT-compiled version of it.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// For this reason the function should be called from within an `unsafe` bloc.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// let prog = &[
*fae6e9adSlinfeng    ///     0x79, 0x11, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, // Load mem from mbuff into r1.
*fae6e9adSlinfeng    ///     0x69, 0x10, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, // ldhx r1[2], r0
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    /// let mem = &mut [
*fae6e9adSlinfeng    ///     0xaa, 0xbb, 0x11, 0x22, 0xcc, 0xdd
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Just for the example we create our metadata buffer from scratch, and we store the
*fae6e9adSlinfeng    /// // pointers to packet data start and end in it.
*fae6e9adSlinfeng    /// let mut mbuff = [0u8; 32];
*fae6e9adSlinfeng    /// unsafe {
*fae6e9adSlinfeng    ///     let mut data     = mbuff.as_ptr().offset(8)  as *mut u64;
*fae6e9adSlinfeng    ///     let mut data_end = mbuff.as_ptr().offset(24) as *mut u64;
*fae6e9adSlinfeng    ///     *data     = mem.as_ptr() as u64;
*fae6e9adSlinfeng    ///     *data_end = mem.as_ptr() as u64 + mem.len() as u64;
*fae6e9adSlinfeng    /// }
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Instantiate a VM.
*fae6e9adSlinfeng    /// let mut vm = rbpf::EbpfVmMbuff::new(Some(prog)).unwrap();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # #[cfg(all(not(windows), feature = "std"))]
*fae6e9adSlinfeng    /// vm.jit_compile();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Provide both a reference to the packet data, and to the metadata buffer.
*fae6e9adSlinfeng    /// # #[cfg(all(not(windows), feature = "std"))]
*fae6e9adSlinfeng    /// unsafe {
*fae6e9adSlinfeng    ///     let res = vm.execute_program_jit(mem, &mut mbuff).unwrap();
*fae6e9adSlinfeng    ///     assert_eq!(res, 0x2211);
*fae6e9adSlinfeng    /// }
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    #[cfg(all(not(windows), feature = "std"))]
*fae6e9adSlinfeng    pub unsafe fn execute_program_jit(
*fae6e9adSlinfeng        &self,
*fae6e9adSlinfeng        mem: &mut [u8],
*fae6e9adSlinfeng        mbuff: &'a mut [u8],
*fae6e9adSlinfeng    ) -> Result<u64, Error> {
*fae6e9adSlinfeng        // If packet data is empty, do not send the address of an empty slice; send a null pointer
*fae6e9adSlinfeng        //  as first argument instead, as this is uBPF's behavior (empty packet should not happen
*fae6e9adSlinfeng        //  in the kernel; anyway the verifier would prevent the use of uninitialized registers).
*fae6e9adSlinfeng        //  See `mul_loop` test.
*fae6e9adSlinfeng        let mem_ptr = match mem.len() {
*fae6e9adSlinfeng            0 => std::ptr::null_mut(),
*fae6e9adSlinfeng            _ => mem.as_ptr() as *mut u8,
*fae6e9adSlinfeng        };
*fae6e9adSlinfeng        // The last two arguments are not used in this function. They would be used if there was a
*fae6e9adSlinfeng        // need to indicate to the JIT at which offset in the mbuff mem_ptr and mem_ptr + mem.len()
*fae6e9adSlinfeng        // should be stored; this is what happens with struct EbpfVmFixedMbuff.
*fae6e9adSlinfeng        match &self.jit {
*fae6e9adSlinfeng            Some(jit) => Ok(jit.get_prog()(
*fae6e9adSlinfeng                mbuff.as_ptr() as *mut u8,
*fae6e9adSlinfeng                mbuff.len(),
*fae6e9adSlinfeng                mem_ptr,
*fae6e9adSlinfeng                mem.len(),
*fae6e9adSlinfeng                0,
*fae6e9adSlinfeng                0,
*fae6e9adSlinfeng            )),
*fae6e9adSlinfeng            None => Err(Error::new(
*fae6e9adSlinfeng                ErrorKind::Other,
*fae6e9adSlinfeng                "Error: program has not been JIT-compiled",
*fae6e9adSlinfeng            )),
*fae6e9adSlinfeng        }
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Compile the loaded program using the Cranelift JIT.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// If using helper functions, be sure to register them into the VM before calling this
*fae6e9adSlinfeng    /// function.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// let prog = &[
*fae6e9adSlinfeng    ///     0x79, 0x11, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, // Load mem from mbuff into R1.
*fae6e9adSlinfeng    ///     0x69, 0x10, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, // ldhx r1[2], r0
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Instantiate a VM.
*fae6e9adSlinfeng    /// let mut vm = rbpf::EbpfVmMbuff::new(Some(prog)).unwrap();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// vm.cranelift_compile();
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    #[cfg(feature = "cranelift")]
*fae6e9adSlinfeng    pub fn cranelift_compile(&mut self) -> Result<(), Error> {
*fae6e9adSlinfeng        use crate::cranelift::CraneliftCompiler;
*fae6e9adSlinfeng
*fae6e9adSlinfeng        let prog = match self.prog {
*fae6e9adSlinfeng            Some(prog) => prog,
*fae6e9adSlinfeng            None => Err(Error::new(
*fae6e9adSlinfeng                ErrorKind::Other,
*fae6e9adSlinfeng                "Error: No program set, call prog_set() to load one",
*fae6e9adSlinfeng            ))?,
*fae6e9adSlinfeng        };
*fae6e9adSlinfeng
*fae6e9adSlinfeng        let mut compiler = CraneliftCompiler::new(self.helpers.clone());
*fae6e9adSlinfeng        let program = compiler.compile_function(prog)?;
*fae6e9adSlinfeng
*fae6e9adSlinfeng        self.cranelift_prog = Some(program);
*fae6e9adSlinfeng        Ok(())
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Execute the previously compiled program, with the given packet data and metadata
*fae6e9adSlinfeng    /// buffer, in a manner very similar to `execute_program()`.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// If the program is made to be compatible with Linux kernel, it is expected to load the
*fae6e9adSlinfeng    /// address of the beginning and of the end of the memory area used for packet data from the
*fae6e9adSlinfeng    /// metadata buffer, at some appointed offsets. It is up to the user to ensure that these
*fae6e9adSlinfeng    /// pointers are correctly stored in the buffer.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// let prog = &[
*fae6e9adSlinfeng    ///     0x79, 0x11, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, // Load mem from mbuff into r1.
*fae6e9adSlinfeng    ///     0x69, 0x10, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, // ldhx r1[2], r0
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    /// let mem = &mut [
*fae6e9adSlinfeng    ///     0xaa, 0xbb, 0x11, 0x22, 0xcc, 0xdd
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Just for the example we create our metadata buffer from scratch, and we store the
*fae6e9adSlinfeng    /// // pointers to packet data start and end in it.
*fae6e9adSlinfeng    /// let mut mbuff = [0u8; 32];
*fae6e9adSlinfeng    /// unsafe {
*fae6e9adSlinfeng    ///     let mut data     = mbuff.as_ptr().offset(8)  as *mut u64;
*fae6e9adSlinfeng    ///     let mut data_end = mbuff.as_ptr().offset(24) as *mut u64;
*fae6e9adSlinfeng    ///     *data     = mem.as_ptr() as u64;
*fae6e9adSlinfeng    ///     *data_end = mem.as_ptr() as u64 + mem.len() as u64;
*fae6e9adSlinfeng    /// }
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Instantiate a VM.
*fae6e9adSlinfeng    /// let mut vm = rbpf::EbpfVmMbuff::new(Some(prog)).unwrap();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// vm.cranelift_compile();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Provide both a reference to the packet data, and to the metadata buffer.
*fae6e9adSlinfeng    /// let res = vm.execute_program_cranelift(mem, &mut mbuff).unwrap();
*fae6e9adSlinfeng    /// assert_eq!(res, 0x2211);
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    #[cfg(feature = "cranelift")]
*fae6e9adSlinfeng    pub fn execute_program_cranelift(
*fae6e9adSlinfeng        &self,
*fae6e9adSlinfeng        mem: &mut [u8],
*fae6e9adSlinfeng        mbuff: &'a mut [u8],
*fae6e9adSlinfeng    ) -> Result<u64, Error> {
*fae6e9adSlinfeng        // If packet data is empty, do not send the address of an empty slice; send a null pointer
*fae6e9adSlinfeng        //  as first argument instead, as this is uBPF's behavior (empty packet should not happen
*fae6e9adSlinfeng        //  in the kernel; anyway the verifier would prevent the use of uninitialized registers).
*fae6e9adSlinfeng        //  See `mul_loop` test.
*fae6e9adSlinfeng        let mem_ptr = match mem.len() {
*fae6e9adSlinfeng            0 => core::ptr::null_mut(),
*fae6e9adSlinfeng            _ => mem.as_ptr() as *mut u8,
*fae6e9adSlinfeng        };
*fae6e9adSlinfeng
*fae6e9adSlinfeng        // The last two arguments are not used in this function. They would be used if there was a
*fae6e9adSlinfeng        // need to indicate to the JIT at which offset in the mbuff mem_ptr and mem_ptr + mem.len()
*fae6e9adSlinfeng        // should be stored; this is what happens with struct EbpfVmFixedMbuff.
*fae6e9adSlinfeng        match &self.cranelift_prog {
*fae6e9adSlinfeng            Some(prog) => {
*fae6e9adSlinfeng                Ok(prog.execute(mem_ptr, mem.len(), mbuff.as_ptr() as *mut u8, mbuff.len()))
*fae6e9adSlinfeng            }
*fae6e9adSlinfeng            None => Err(Error::new(
*fae6e9adSlinfeng                ErrorKind::Other,
*fae6e9adSlinfeng                "Error: program has not been compiled with cranelift",
*fae6e9adSlinfeng            )),
*fae6e9adSlinfeng        }
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng}
*fae6e9adSlinfeng
*fae6e9adSlinfeng/// A virtual machine to run eBPF program. This kind of VM is used for programs expecting to work
*fae6e9adSlinfeng/// on a metadata buffer containing pointers to packet data, but it internally handles the buffer
*fae6e9adSlinfeng/// so as to save the effort to manually handle the metadata buffer for the user.
*fae6e9adSlinfeng///
*fae6e9adSlinfeng/// This struct implements a static internal buffer that is passed to the program. The user has to
*fae6e9adSlinfeng/// indicate the offset values at which the eBPF program expects to find the start and the end of
*fae6e9adSlinfeng/// packet data in the buffer. On calling the `execute_program()` or `execute_program_jit()` functions, the
*fae6e9adSlinfeng/// struct automatically updates the addresses in this static buffer, at the appointed offsets, for
*fae6e9adSlinfeng/// the start and the end of the packet data the program is called upon.
*fae6e9adSlinfeng///
*fae6e9adSlinfeng/// # Examples
*fae6e9adSlinfeng///
*fae6e9adSlinfeng/// This was compiled with clang from the following program, in C:
*fae6e9adSlinfeng///
*fae6e9adSlinfeng/// ```c
*fae6e9adSlinfeng/// #include <linux/bpf.h>
*fae6e9adSlinfeng/// #include "path/to/linux/samples/bpf/bpf_helpers.h"
*fae6e9adSlinfeng///
*fae6e9adSlinfeng/// SEC(".classifier")
*fae6e9adSlinfeng/// int classifier(struct __sk_buff *skb)
*fae6e9adSlinfeng/// {
*fae6e9adSlinfeng///   void *data = (void *)(long)skb->data;
*fae6e9adSlinfeng///   void *data_end = (void *)(long)skb->data_end;
*fae6e9adSlinfeng///
*fae6e9adSlinfeng///   // Check program is long enough.
*fae6e9adSlinfeng///   if (data + 5 > data_end)
*fae6e9adSlinfeng///     return 0;
*fae6e9adSlinfeng///
*fae6e9adSlinfeng///   return *((char *)data + 5);
*fae6e9adSlinfeng/// }
*fae6e9adSlinfeng/// ```
*fae6e9adSlinfeng///
*fae6e9adSlinfeng/// Some small modifications have been brought to have it work, see comments.
*fae6e9adSlinfeng///
*fae6e9adSlinfeng/// ```
*fae6e9adSlinfeng/// let prog = &[
*fae6e9adSlinfeng///     0xb7, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r0, 0
*fae6e9adSlinfeng///     // Here opcode 0x61 had to be replace by 0x79 so as to load a 8-bytes long address.
*fae6e9adSlinfeng///     // Also, offset 0x4c had to be replace with e.g. 0x40 so as to prevent the two pointers
*fae6e9adSlinfeng///     // from overlapping in the buffer.
*fae6e9adSlinfeng///     0x79, 0x12, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, // load pointer to mem from r1[0x40] to r2
*fae6e9adSlinfeng///     0x07, 0x02, 0x00, 0x00, 0x05, 0x00, 0x00, 0x00, // add r2, 5
*fae6e9adSlinfeng///     // Here opcode 0x61 had to be replace by 0x79 so as to load a 8-bytes long address.
*fae6e9adSlinfeng///     0x79, 0x11, 0x50, 0x00, 0x00, 0x00, 0x00, 0x00, // load ptr to mem_end from r1[0x50] to r1
*fae6e9adSlinfeng///     0x2d, 0x12, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, // if r2 > r1 skip 3 instructions
*fae6e9adSlinfeng///     0x71, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // load r2 (= *(mem + 5)) into r0
*fae6e9adSlinfeng///     0x67, 0x00, 0x00, 0x00, 0x38, 0x00, 0x00, 0x00, // r0 >>= 56
*fae6e9adSlinfeng///     0xc7, 0x00, 0x00, 0x00, 0x38, 0x00, 0x00, 0x00, // r0 <<= 56 (arsh) extend byte sign to u64
*fae6e9adSlinfeng///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng/// ];
*fae6e9adSlinfeng/// let mem1 = &mut [
*fae6e9adSlinfeng///     0xaa, 0xbb, 0x11, 0x22, 0xcc, 0xdd
*fae6e9adSlinfeng/// ];
*fae6e9adSlinfeng/// let mem2 = &mut [
*fae6e9adSlinfeng///     0xaa, 0xbb, 0x11, 0x22, 0xcc, 0x27
*fae6e9adSlinfeng/// ];
*fae6e9adSlinfeng///
*fae6e9adSlinfeng/// // Instantiate a VM. Note that we provide the start and end offsets for mem pointers.
*fae6e9adSlinfeng/// let mut vm = rbpf::EbpfVmFixedMbuff::new(Some(prog), 0x40, 0x50).unwrap();
*fae6e9adSlinfeng///
*fae6e9adSlinfeng/// // Provide only a reference to the packet data. We do not manage the metadata buffer.
*fae6e9adSlinfeng/// let res = vm.execute_program(mem1).unwrap();
*fae6e9adSlinfeng/// assert_eq!(res, 0xffffffffffffffdd);
*fae6e9adSlinfeng///
*fae6e9adSlinfeng/// let res = vm.execute_program(mem2).unwrap();
*fae6e9adSlinfeng/// assert_eq!(res, 0x27);
*fae6e9adSlinfeng/// ```
*fae6e9adSlinfengpub struct EbpfVmFixedMbuff<'a> {
*fae6e9adSlinfeng    parent: EbpfVmMbuff<'a>,
*fae6e9adSlinfeng    mbuff: MetaBuff,
*fae6e9adSlinfeng}
*fae6e9adSlinfeng
*fae6e9adSlinfengimpl<'a> EbpfVmFixedMbuff<'a> {
*fae6e9adSlinfeng    /// Create a new virtual machine instance, and load an eBPF program into that instance.
*fae6e9adSlinfeng    /// When attempting to load the program, it passes through a simple verifier.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// let prog = &[
*fae6e9adSlinfeng    ///     0xb7, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r0, 0
*fae6e9adSlinfeng    ///     0x79, 0x12, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, // load mem from r1[0x40] to r2
*fae6e9adSlinfeng    ///     0x07, 0x02, 0x00, 0x00, 0x05, 0x00, 0x00, 0x00, // add r2, 5
*fae6e9adSlinfeng    ///     0x79, 0x11, 0x50, 0x00, 0x00, 0x00, 0x00, 0x00, // load mem_end from r1[0x50] to r1
*fae6e9adSlinfeng    ///     0x2d, 0x12, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, // if r2 > r1 skip 3 instructions
*fae6e9adSlinfeng    ///     0x71, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // load r2 (= *(mem + 5)) into r0
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Instantiate a VM. Note that we provide the start and end offsets for mem pointers.
*fae6e9adSlinfeng    /// let mut vm = rbpf::EbpfVmFixedMbuff::new(Some(prog), 0x40, 0x50).unwrap();
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    pub fn new(
*fae6e9adSlinfeng        prog: Option<&'a [u8]>,
*fae6e9adSlinfeng        data_offset: usize,
*fae6e9adSlinfeng        data_end_offset: usize,
*fae6e9adSlinfeng    ) -> Result<EbpfVmFixedMbuff<'a>, Error> {
*fae6e9adSlinfeng        let parent = EbpfVmMbuff::new(prog)?;
*fae6e9adSlinfeng        let get_buff_len = |x: usize, y: usize| if x >= y { x + 8 } else { y + 8 };
*fae6e9adSlinfeng        let buffer = vec![0u8; get_buff_len(data_offset, data_end_offset)];
*fae6e9adSlinfeng        let mbuff = MetaBuff {
*fae6e9adSlinfeng            data_offset,
*fae6e9adSlinfeng            data_end_offset,
*fae6e9adSlinfeng            buffer,
*fae6e9adSlinfeng        };
*fae6e9adSlinfeng        Ok(EbpfVmFixedMbuff { parent, mbuff })
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Load a new eBPF program into the virtual machine instance.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// At the same time, load new offsets for storing pointers to start and end of packet data in
*fae6e9adSlinfeng    /// the internal metadata buffer.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// let prog1 = &[
*fae6e9adSlinfeng    ///     0xb7, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r0, 0
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    /// let prog2 = &[
*fae6e9adSlinfeng    ///     0xb7, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r0, 0
*fae6e9adSlinfeng    ///     0x79, 0x12, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, // load mem from r1[0x40] to r2
*fae6e9adSlinfeng    ///     0x07, 0x02, 0x00, 0x00, 0x05, 0x00, 0x00, 0x00, // add r2, 5
*fae6e9adSlinfeng    ///     0x79, 0x11, 0x50, 0x00, 0x00, 0x00, 0x00, 0x00, // load mem_end from r1[0x50] to r1
*fae6e9adSlinfeng    ///     0x2d, 0x12, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, // if r2 > r1 skip 3 instructions
*fae6e9adSlinfeng    ///     0x71, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // load r2 (= *(mem + 5)) into r0
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// let mem = &mut [
*fae6e9adSlinfeng    ///     0xaa, 0xbb, 0x11, 0x22, 0xcc, 0x27,
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// let mut vm = rbpf::EbpfVmFixedMbuff::new(Some(prog1), 0, 0).unwrap();
*fae6e9adSlinfeng    /// vm.set_program(prog2, 0x40, 0x50);
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// let res = vm.execute_program(mem).unwrap();
*fae6e9adSlinfeng    /// assert_eq!(res, 0x27);
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    pub fn set_program(
*fae6e9adSlinfeng        &mut self,
*fae6e9adSlinfeng        prog: &'a [u8],
*fae6e9adSlinfeng        data_offset: usize,
*fae6e9adSlinfeng        data_end_offset: usize,
*fae6e9adSlinfeng    ) -> Result<(), Error> {
*fae6e9adSlinfeng        let get_buff_len = |x: usize, y: usize| if x >= y { x + 8 } else { y + 8 };
*fae6e9adSlinfeng        let buffer = vec![0u8; get_buff_len(data_offset, data_end_offset)];
*fae6e9adSlinfeng        self.mbuff.buffer = buffer;
*fae6e9adSlinfeng        self.mbuff.data_offset = data_offset;
*fae6e9adSlinfeng        self.mbuff.data_end_offset = data_end_offset;
*fae6e9adSlinfeng        self.parent.set_program(prog)?;
*fae6e9adSlinfeng        Ok(())
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Set a new verifier function. The function should return an `Error` if the program should be
*fae6e9adSlinfeng    /// rejected by the virtual machine. If a program has been loaded to the VM already, the
*fae6e9adSlinfeng    /// verifier is immediately run.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// use rbpf::{Error, ErrorKind};
*fae6e9adSlinfeng    /// use rbpf::ebpf;
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Define a simple verifier function.
*fae6e9adSlinfeng    /// fn verifier(prog: &[u8]) -> Result<(), Error> {
*fae6e9adSlinfeng    ///     let last_insn = ebpf::get_insn(prog, (prog.len() / ebpf::INSN_SIZE) - 1);
*fae6e9adSlinfeng    ///     if last_insn.opc != ebpf::EXIT {
*fae6e9adSlinfeng    ///         return Err(Error::new(ErrorKind::Other,
*fae6e9adSlinfeng    ///                    "[Verifier] Error: program does not end with “EXIT” instruction"));
*fae6e9adSlinfeng    ///     }
*fae6e9adSlinfeng    ///     Ok(())
*fae6e9adSlinfeng    /// }
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// let prog1 = &[
*fae6e9adSlinfeng    ///     0xb7, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r0, 0
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Instantiate a VM.
*fae6e9adSlinfeng    /// let mut vm = rbpf::EbpfVmMbuff::new(Some(prog1)).unwrap();
*fae6e9adSlinfeng    /// // Change the verifier.
*fae6e9adSlinfeng    /// vm.set_verifier(verifier).unwrap();
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    pub fn set_verifier(&mut self, verifier: Verifier) -> Result<(), Error> {
*fae6e9adSlinfeng        self.parent.set_verifier(verifier)
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Register a built-in or user-defined helper function in order to use it later from within
*fae6e9adSlinfeng    /// the eBPF program. The helper is registered into a hashmap, so the `key` can be any `u32`.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// If using JIT-compiled eBPF programs, be sure to register all helpers before compiling the
*fae6e9adSlinfeng    /// program. You should be able to change registered helpers after compiling, but not to add
*fae6e9adSlinfeng    /// new ones (i.e. with new keys).
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// #[cfg(feature = "std")] {
*fae6e9adSlinfeng    ///     use rbpf::helpers;
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    ///     // This program was compiled with clang, from a C program containing the following single
*fae6e9adSlinfeng    ///     // instruction: `return bpf_trace_printk("foo %c %c %c\n", 10, 1, 2, 3);`
*fae6e9adSlinfeng    ///     let prog = &[
*fae6e9adSlinfeng    ///         0xb7, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r0, 0
*fae6e9adSlinfeng    ///         0x79, 0x12, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, // load mem from r1[0x40] to r2
*fae6e9adSlinfeng    ///         0x07, 0x02, 0x00, 0x00, 0x05, 0x00, 0x00, 0x00, // add r2, 5
*fae6e9adSlinfeng    ///         0x79, 0x11, 0x50, 0x00, 0x00, 0x00, 0x00, 0x00, // load mem_end from r1[0x50] to r1
*fae6e9adSlinfeng    ///         0x2d, 0x12, 0x06, 0x00, 0x00, 0x00, 0x00, 0x00, // if r2 > r1 skip 6 instructions
*fae6e9adSlinfeng    ///         0x71, 0x21, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // load r2 (= *(mem + 5)) into r1
*fae6e9adSlinfeng    ///         0xb7, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r2, 0
*fae6e9adSlinfeng    ///         0xb7, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r3, 0
*fae6e9adSlinfeng    ///         0xb7, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r4, 0
*fae6e9adSlinfeng    ///         0xb7, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r5, 0
*fae6e9adSlinfeng    ///         0x85, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, // call helper with key 1
*fae6e9adSlinfeng    ///         0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    ///     ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    ///     let mem = &mut [
*fae6e9adSlinfeng    ///         0xaa, 0xbb, 0x11, 0x22, 0xcc, 0x09,
*fae6e9adSlinfeng    ///     ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    ///     // Instantiate a VM.
*fae6e9adSlinfeng    ///     let mut vm = rbpf::EbpfVmFixedMbuff::new(Some(prog), 0x40, 0x50).unwrap();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    ///     // Register a helper. This helper will store the result of the square root of r1 into r0.
*fae6e9adSlinfeng    ///     vm.register_helper(1, helpers::sqrti);
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    ///     let res = vm.execute_program(mem).unwrap();
*fae6e9adSlinfeng    ///     assert_eq!(res, 3);
*fae6e9adSlinfeng    /// }
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    pub fn register_helper(
*fae6e9adSlinfeng        &mut self,
*fae6e9adSlinfeng        key: u32,
*fae6e9adSlinfeng        function: fn(u64, u64, u64, u64, u64) -> u64,
*fae6e9adSlinfeng    ) -> Result<(), Error> {
*fae6e9adSlinfeng        self.parent.register_helper(key, function)
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Execute the program loaded, with the given packet data.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// If the program is made to be compatible with Linux kernel, it is expected to load the
*fae6e9adSlinfeng    /// address of the beginning and of the end of the memory area used for packet data from some
*fae6e9adSlinfeng    /// metadata buffer, which in the case of this VM is handled internally. The offsets at which
*fae6e9adSlinfeng    /// the addresses should be placed should have be set at the creation of the VM.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// let prog = &[
*fae6e9adSlinfeng    ///     0xb7, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r0, 0
*fae6e9adSlinfeng    ///     0x79, 0x12, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, // load mem from r1[0x40] to r2
*fae6e9adSlinfeng    ///     0x07, 0x02, 0x00, 0x00, 0x05, 0x00, 0x00, 0x00, // add r2, 5
*fae6e9adSlinfeng    ///     0x79, 0x11, 0x50, 0x00, 0x00, 0x00, 0x00, 0x00, // load mem_end from r1[0x50] to r1
*fae6e9adSlinfeng    ///     0x2d, 0x12, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, // if r2 > r1 skip 3 instructions
*fae6e9adSlinfeng    ///     0x71, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // load r2 (= *(mem + 5)) into r0
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    /// let mem = &mut [
*fae6e9adSlinfeng    ///     0xaa, 0xbb, 0x11, 0x22, 0xcc, 0xdd
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Instantiate a VM. Note that we provide the start and end offsets for mem pointers.
*fae6e9adSlinfeng    /// let mut vm = rbpf::EbpfVmFixedMbuff::new(Some(prog), 0x40, 0x50).unwrap();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Provide only a reference to the packet data. We do not manage the metadata buffer.
*fae6e9adSlinfeng    /// let res = vm.execute_program(mem).unwrap();
*fae6e9adSlinfeng    /// assert_eq!(res, 0xdd);
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    pub fn execute_program(&mut self, mem: &'a mut [u8]) -> Result<u64, Error> {
*fae6e9adSlinfeng        let l = self.mbuff.buffer.len();
*fae6e9adSlinfeng        // Can this ever happen? Probably not, should be ensured at mbuff creation.
*fae6e9adSlinfeng        if self.mbuff.data_offset + 8 > l || self.mbuff.data_end_offset + 8 > l {
*fae6e9adSlinfeng            Err(Error::new(ErrorKind::Other, format!("Error: buffer too small ({:?}), cannot use data_offset {:?} and data_end_offset {:?}",
*fae6e9adSlinfeng            l, self.mbuff.data_offset, self.mbuff.data_end_offset)))?;
*fae6e9adSlinfeng        }
*fae6e9adSlinfeng        LittleEndian::write_u64(
*fae6e9adSlinfeng            &mut self.mbuff.buffer[(self.mbuff.data_offset)..],
*fae6e9adSlinfeng            mem.as_ptr() as u64,
*fae6e9adSlinfeng        );
*fae6e9adSlinfeng        LittleEndian::write_u64(
*fae6e9adSlinfeng            &mut self.mbuff.buffer[(self.mbuff.data_end_offset)..],
*fae6e9adSlinfeng            mem.as_ptr() as u64 + mem.len() as u64,
*fae6e9adSlinfeng        );
*fae6e9adSlinfeng        self.parent.execute_program(mem, &self.mbuff.buffer)
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// JIT-compile the loaded program. No argument required for this.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// If using helper functions, be sure to register them into the VM before calling this
*fae6e9adSlinfeng    /// function.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// let prog = &[
*fae6e9adSlinfeng    ///     0xb7, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r0, 0
*fae6e9adSlinfeng    ///     0x79, 0x12, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, // load mem from r1[0x40] to r2
*fae6e9adSlinfeng    ///     0x07, 0x02, 0x00, 0x00, 0x05, 0x00, 0x00, 0x00, // add r2, 5
*fae6e9adSlinfeng    ///     0x79, 0x11, 0x50, 0x00, 0x00, 0x00, 0x00, 0x00, // load mem_end from r1[0x50] to r1
*fae6e9adSlinfeng    ///     0x2d, 0x12, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, // if r2 > r1 skip 3 instructions
*fae6e9adSlinfeng    ///     0x71, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // load r2 (= *(mem + 5)) into r0
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Instantiate a VM. Note that we provide the start and end offsets for mem pointers.
*fae6e9adSlinfeng    /// let mut vm = rbpf::EbpfVmFixedMbuff::new(Some(prog), 0x40, 0x50).unwrap();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// vm.jit_compile();
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    #[cfg(all(not(windows), feature = "std"))]
*fae6e9adSlinfeng    pub fn jit_compile(&mut self) -> Result<(), Error> {
*fae6e9adSlinfeng        let prog = match self.parent.prog {
*fae6e9adSlinfeng            Some(prog) => prog,
*fae6e9adSlinfeng            None => Err(Error::new(
*fae6e9adSlinfeng                ErrorKind::Other,
*fae6e9adSlinfeng                "Error: No program set, call prog_set() to load one",
*fae6e9adSlinfeng            ))?,
*fae6e9adSlinfeng        };
*fae6e9adSlinfeng        self.parent.jit = Some(jit::JitMemory::new(prog, &self.parent.helpers, true, true)?);
*fae6e9adSlinfeng        Ok(())
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Execute the previously JIT-compiled program, with the given packet data, in a manner very
*fae6e9adSlinfeng    /// similar to `execute_program()`.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// If the program is made to be compatible with Linux kernel, it is expected to load the
*fae6e9adSlinfeng    /// address of the beginning and of the end of the memory area used for packet data from some
*fae6e9adSlinfeng    /// metadata buffer, which in the case of this VM is handled internally. The offsets at which
*fae6e9adSlinfeng    /// the addresses should be placed should have be set at the creation of the VM.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Safety
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// **WARNING:** JIT-compiled assembly code is not safe, in particular there is no runtime
*fae6e9adSlinfeng    /// check for memory access; so if the eBPF program attempts erroneous accesses, this may end
*fae6e9adSlinfeng    /// very bad (program may segfault). It may be wise to check that the program works with the
*fae6e9adSlinfeng    /// interpreter before running the JIT-compiled version of it.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// For this reason the function should be called from within an `unsafe` bloc.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// let prog = &[
*fae6e9adSlinfeng    ///     0xb7, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r0, 0
*fae6e9adSlinfeng    ///     0x79, 0x12, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, // load mem from r1[0x40] to r2
*fae6e9adSlinfeng    ///     0x07, 0x02, 0x00, 0x00, 0x05, 0x00, 0x00, 0x00, // add r2, 5
*fae6e9adSlinfeng    ///     0x79, 0x11, 0x50, 0x00, 0x00, 0x00, 0x00, 0x00, // load mem_end from r1[0x50] to r1
*fae6e9adSlinfeng    ///     0x2d, 0x12, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, // if r2 > r1 skip 3 instructions
*fae6e9adSlinfeng    ///     0x71, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // load r2 (= *(mem + 5)) into r0
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    /// let mem = &mut [
*fae6e9adSlinfeng    ///     0xaa, 0xbb, 0x11, 0x22, 0xcc, 0xdd
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Instantiate a VM. Note that we provide the start and end offsets for mem pointers.
*fae6e9adSlinfeng    /// let mut vm = rbpf::EbpfVmFixedMbuff::new(Some(prog), 0x40, 0x50).unwrap();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # #[cfg(all(not(windows), feature = "std"))]
*fae6e9adSlinfeng    /// vm.jit_compile();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Provide only a reference to the packet data. We do not manage the metadata buffer.
*fae6e9adSlinfeng    /// # #[cfg(all(not(windows), feature = "std"))]
*fae6e9adSlinfeng    /// unsafe {
*fae6e9adSlinfeng    ///     let res = vm.execute_program_jit(mem).unwrap();
*fae6e9adSlinfeng    ///     assert_eq!(res, 0xdd);
*fae6e9adSlinfeng    /// }
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    // This struct redefines the `execute_program_jit()` function, in order to pass the offsets
*fae6e9adSlinfeng    // associated with the fixed mbuff.
*fae6e9adSlinfeng    #[cfg(all(not(windows), feature = "std"))]
*fae6e9adSlinfeng    pub unsafe fn execute_program_jit(&mut self, mem: &'a mut [u8]) -> Result<u64, Error> {
*fae6e9adSlinfeng        // If packet data is empty, do not send the address of an empty slice; send a null pointer
*fae6e9adSlinfeng        //  as first argument instead, as this is uBPF's behavior (empty packet should not happen
*fae6e9adSlinfeng        //  in the kernel; anyway the verifier would prevent the use of uninitialized registers).
*fae6e9adSlinfeng        //  See `mul_loop` test.
*fae6e9adSlinfeng        let mem_ptr = match mem.len() {
*fae6e9adSlinfeng            0 => core::ptr::null_mut(),
*fae6e9adSlinfeng            _ => mem.as_ptr() as *mut u8,
*fae6e9adSlinfeng        };
*fae6e9adSlinfeng
*fae6e9adSlinfeng        match &self.parent.jit {
*fae6e9adSlinfeng            Some(jit) => Ok(jit.get_prog()(
*fae6e9adSlinfeng                self.mbuff.buffer.as_ptr() as *mut u8,
*fae6e9adSlinfeng                self.mbuff.buffer.len(),
*fae6e9adSlinfeng                mem_ptr,
*fae6e9adSlinfeng                mem.len(),
*fae6e9adSlinfeng                self.mbuff.data_offset,
*fae6e9adSlinfeng                self.mbuff.data_end_offset,
*fae6e9adSlinfeng            )),
*fae6e9adSlinfeng            None => Err(Error::new(
*fae6e9adSlinfeng                ErrorKind::Other,
*fae6e9adSlinfeng                "Error: program has not been JIT-compiled",
*fae6e9adSlinfeng            )),
*fae6e9adSlinfeng        }
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Compile the loaded program using the Cranelift JIT.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// If using helper functions, be sure to register them into the VM before calling this
*fae6e9adSlinfeng    /// function.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// let prog = &[
*fae6e9adSlinfeng    ///     0xb7, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r0, 0
*fae6e9adSlinfeng    ///     0x79, 0x12, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, // load mem from r1[0x40] to r2
*fae6e9adSlinfeng    ///     0x07, 0x02, 0x00, 0x00, 0x05, 0x00, 0x00, 0x00, // add r2, 5
*fae6e9adSlinfeng    ///     0x79, 0x11, 0x50, 0x00, 0x00, 0x00, 0x00, 0x00, // load mem_end from r1[0x50] to r1
*fae6e9adSlinfeng    ///     0x2d, 0x12, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, // if r2 > r1 skip 3 instructions
*fae6e9adSlinfeng    ///     0x71, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // load r2 (= *(mem + 5)) into r0
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Instantiate a VM. Note that we provide the start and end offsets for mem pointers.
*fae6e9adSlinfeng    /// let mut vm = rbpf::EbpfVmFixedMbuff::new(Some(prog), 0x40, 0x50).unwrap();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// vm.cranelift_compile();
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    #[cfg(feature = "cranelift")]
*fae6e9adSlinfeng    pub fn cranelift_compile(&mut self) -> Result<(), Error> {
*fae6e9adSlinfeng        use crate::cranelift::CraneliftCompiler;
*fae6e9adSlinfeng
*fae6e9adSlinfeng        let prog = match self.parent.prog {
*fae6e9adSlinfeng            Some(prog) => prog,
*fae6e9adSlinfeng            None => Err(Error::new(
*fae6e9adSlinfeng                ErrorKind::Other,
*fae6e9adSlinfeng                "Error: No program set, call prog_set() to load one",
*fae6e9adSlinfeng            ))?,
*fae6e9adSlinfeng        };
*fae6e9adSlinfeng
*fae6e9adSlinfeng        let mut compiler = CraneliftCompiler::new(self.parent.helpers.clone());
*fae6e9adSlinfeng        let program = compiler.compile_function(prog)?;
*fae6e9adSlinfeng
*fae6e9adSlinfeng        self.parent.cranelift_prog = Some(program);
*fae6e9adSlinfeng        Ok(())
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Execute the previously compiled program, with the given packet data and metadata
*fae6e9adSlinfeng    /// buffer, in a manner very similar to `execute_program()`.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// If the program is made to be compatible with Linux kernel, it is expected to load the
*fae6e9adSlinfeng    /// address of the beginning and of the end of the memory area used for packet data from some
*fae6e9adSlinfeng    /// metadata buffer, which in the case of this VM is handled internally. The offsets at which
*fae6e9adSlinfeng    /// the addresses should be placed should have be set at the creation of the VM.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// let prog = &[
*fae6e9adSlinfeng    ///     0xb7, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r0, 0
*fae6e9adSlinfeng    ///     0x79, 0x12, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, // load mem from r1[0x40] to r2
*fae6e9adSlinfeng    ///     0x07, 0x02, 0x00, 0x00, 0x05, 0x00, 0x00, 0x00, // add r2, 5
*fae6e9adSlinfeng    ///     0x79, 0x11, 0x50, 0x00, 0x00, 0x00, 0x00, 0x00, // load mem_end from r1[0x50] to r1
*fae6e9adSlinfeng    ///     0x2d, 0x12, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, // if r2 > r1 skip 3 instructions
*fae6e9adSlinfeng    ///     0x71, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // load r2 (= *(mem + 5)) into r0
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    /// let mem = &mut [
*fae6e9adSlinfeng    ///     0xaa, 0xbb, 0x11, 0x22, 0xcc, 0xdd
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Instantiate a VM. Note that we provide the start and end offsets for mem pointers.
*fae6e9adSlinfeng    /// let mut vm = rbpf::EbpfVmFixedMbuff::new(Some(prog), 0x40, 0x50).unwrap();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// vm.cranelift_compile();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Provide only a reference to the packet data. We do not manage the metadata buffer.
*fae6e9adSlinfeng    /// let res = vm.execute_program_cranelift(mem).unwrap();
*fae6e9adSlinfeng    /// assert_eq!(res, 0xdd);
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    #[cfg(feature = "cranelift")]
*fae6e9adSlinfeng    pub fn execute_program_cranelift(&mut self, mem: &'a mut [u8]) -> Result<u64, Error> {
*fae6e9adSlinfeng        // If packet data is empty, do not send the address of an empty slice; send a null pointer
*fae6e9adSlinfeng        //  as first argument instead, as this is uBPF's behavior (empty packet should not happen
*fae6e9adSlinfeng        //  in the kernel; anyway the verifier would prevent the use of uninitialized registers).
*fae6e9adSlinfeng        //  See `mul_loop` test.
*fae6e9adSlinfeng        let mem_ptr = match mem.len() {
*fae6e9adSlinfeng            0 => core::ptr::null_mut(),
*fae6e9adSlinfeng            _ => mem.as_ptr() as *mut u8,
*fae6e9adSlinfeng        };
*fae6e9adSlinfeng
*fae6e9adSlinfeng        let l = self.mbuff.buffer.len();
*fae6e9adSlinfeng        // Can this ever happen? Probably not, should be ensured at mbuff creation.
*fae6e9adSlinfeng        if self.mbuff.data_offset + 8 > l || self.mbuff.data_end_offset + 8 > l {
*fae6e9adSlinfeng            Err(Error::new(ErrorKind::Other, format!("Error: buffer too small ({:?}), cannot use data_offset {:?} and data_end_offset {:?}",
*fae6e9adSlinfeng            l, self.mbuff.data_offset, self.mbuff.data_end_offset)))?;
*fae6e9adSlinfeng        }
*fae6e9adSlinfeng        LittleEndian::write_u64(
*fae6e9adSlinfeng            &mut self.mbuff.buffer[(self.mbuff.data_offset)..],
*fae6e9adSlinfeng            mem.as_ptr() as u64,
*fae6e9adSlinfeng        );
*fae6e9adSlinfeng        LittleEndian::write_u64(
*fae6e9adSlinfeng            &mut self.mbuff.buffer[(self.mbuff.data_end_offset)..],
*fae6e9adSlinfeng            mem.as_ptr() as u64 + mem.len() as u64,
*fae6e9adSlinfeng        );
*fae6e9adSlinfeng
*fae6e9adSlinfeng        match &self.parent.cranelift_prog {
*fae6e9adSlinfeng            Some(prog) => Ok(prog.execute(
*fae6e9adSlinfeng                mem_ptr,
*fae6e9adSlinfeng                mem.len(),
*fae6e9adSlinfeng                self.mbuff.buffer.as_ptr() as *mut u8,
*fae6e9adSlinfeng                self.mbuff.buffer.len(),
*fae6e9adSlinfeng            )),
*fae6e9adSlinfeng            None => Err(Error::new(
*fae6e9adSlinfeng                ErrorKind::Other,
*fae6e9adSlinfeng                "Error: program has not been compiled with cranelift",
*fae6e9adSlinfeng            )),
*fae6e9adSlinfeng        }
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng}
*fae6e9adSlinfeng
*fae6e9adSlinfeng/// A virtual machine to run eBPF program. This kind of VM is used for programs expecting to work
*fae6e9adSlinfeng/// directly on the memory area representing packet data.
*fae6e9adSlinfeng///
*fae6e9adSlinfeng/// # Examples
*fae6e9adSlinfeng///
*fae6e9adSlinfeng/// ```
*fae6e9adSlinfeng/// let prog = &[
*fae6e9adSlinfeng///     0x71, 0x11, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, // ldxb r1[0x04], r1
*fae6e9adSlinfeng///     0x07, 0x01, 0x00, 0x00, 0x00, 0x22, 0x00, 0x00, // add r1, 0x22
*fae6e9adSlinfeng///     0xbf, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r0, r1
*fae6e9adSlinfeng///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng/// ];
*fae6e9adSlinfeng/// let mem = &mut [
*fae6e9adSlinfeng///     0xaa, 0xbb, 0x11, 0x22, 0xcc, 0xdd
*fae6e9adSlinfeng/// ];
*fae6e9adSlinfeng///
*fae6e9adSlinfeng/// // Instantiate a VM.
*fae6e9adSlinfeng/// let vm = rbpf::EbpfVmRaw::new(Some(prog)).unwrap();
*fae6e9adSlinfeng///
*fae6e9adSlinfeng/// // Provide only a reference to the packet data.
*fae6e9adSlinfeng/// let res = vm.execute_program(mem).unwrap();
*fae6e9adSlinfeng/// assert_eq!(res, 0x22cc);
*fae6e9adSlinfeng/// ```
*fae6e9adSlinfengpub struct EbpfVmRaw<'a> {
*fae6e9adSlinfeng    parent: EbpfVmMbuff<'a>,
*fae6e9adSlinfeng}
*fae6e9adSlinfeng
*fae6e9adSlinfengimpl<'a> EbpfVmRaw<'a> {
*fae6e9adSlinfeng    /// Create a new virtual machine instance, and load an eBPF program into that instance.
*fae6e9adSlinfeng    /// When attempting to load the program, it passes through a simple verifier.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// let prog = &[
*fae6e9adSlinfeng    ///     0x71, 0x11, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, // ldxb r1[0x04], r1
*fae6e9adSlinfeng    ///     0x07, 0x01, 0x00, 0x00, 0x00, 0x22, 0x00, 0x00, // add r1, 0x22
*fae6e9adSlinfeng    ///     0xbf, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r0, r1
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Instantiate a VM.
*fae6e9adSlinfeng    /// let vm = rbpf::EbpfVmRaw::new(Some(prog)).unwrap();
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    pub fn new(prog: Option<&'a [u8]>) -> Result<EbpfVmRaw<'a>, Error> {
*fae6e9adSlinfeng        let parent = EbpfVmMbuff::new(prog)?;
*fae6e9adSlinfeng        Ok(EbpfVmRaw { parent })
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Load a new eBPF program into the virtual machine instance.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// let prog1 = &[
*fae6e9adSlinfeng    ///     0xb7, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r0, 0
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    /// let prog2 = &[
*fae6e9adSlinfeng    ///     0x71, 0x11, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, // ldxb r1[0x04], r1
*fae6e9adSlinfeng    ///     0x07, 0x01, 0x00, 0x00, 0x00, 0x22, 0x00, 0x00, // add r1, 0x22
*fae6e9adSlinfeng    ///     0xbf, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r0, r1
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// let mem = &mut [
*fae6e9adSlinfeng    ///     0xaa, 0xbb, 0x11, 0x22, 0xcc, 0x27,
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// let mut vm = rbpf::EbpfVmRaw::new(Some(prog1)).unwrap();
*fae6e9adSlinfeng    /// vm.set_program(prog2);
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// let res = vm.execute_program(mem).unwrap();
*fae6e9adSlinfeng    /// assert_eq!(res, 0x22cc);
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    pub fn set_program(&mut self, prog: &'a [u8]) -> Result<(), Error> {
*fae6e9adSlinfeng        self.parent.set_program(prog)?;
*fae6e9adSlinfeng        Ok(())
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Set a new verifier function. The function should return an `Error` if the program should be
*fae6e9adSlinfeng    /// rejected by the virtual machine. If a program has been loaded to the VM already, the
*fae6e9adSlinfeng    /// verifier is immediately run.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// use rbpf::{Error, ErrorKind};
*fae6e9adSlinfeng    /// use rbpf::ebpf;
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Define a simple verifier function.
*fae6e9adSlinfeng    /// fn verifier(prog: &[u8]) -> Result<(), Error> {
*fae6e9adSlinfeng    ///     let last_insn = ebpf::get_insn(prog, (prog.len() / ebpf::INSN_SIZE) - 1);
*fae6e9adSlinfeng    ///     if last_insn.opc != ebpf::EXIT {
*fae6e9adSlinfeng    ///         return Err(Error::new(ErrorKind::Other,
*fae6e9adSlinfeng    ///                    "[Verifier] Error: program does not end with “EXIT” instruction"));
*fae6e9adSlinfeng    ///     }
*fae6e9adSlinfeng    ///     Ok(())
*fae6e9adSlinfeng    /// }
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// let prog1 = &[
*fae6e9adSlinfeng    ///     0xb7, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r0, 0
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Instantiate a VM.
*fae6e9adSlinfeng    /// let mut vm = rbpf::EbpfVmMbuff::new(Some(prog1)).unwrap();
*fae6e9adSlinfeng    /// // Change the verifier.
*fae6e9adSlinfeng    /// vm.set_verifier(verifier).unwrap();
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    pub fn set_verifier(&mut self, verifier: Verifier) -> Result<(), Error> {
*fae6e9adSlinfeng        self.parent.set_verifier(verifier)
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Register a built-in or user-defined helper function in order to use it later from within
*fae6e9adSlinfeng    /// the eBPF program. The helper is registered into a hashmap, so the `key` can be any `u32`.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// If using JIT-compiled eBPF programs, be sure to register all helpers before compiling the
*fae6e9adSlinfeng    /// program. You should be able to change registered helpers after compiling, but not to add
*fae6e9adSlinfeng    /// new ones (i.e. with new keys).
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// #[cfg(feature = "std")] {
*fae6e9adSlinfeng    ///     use rbpf::helpers;
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    ///     let prog = &[
*fae6e9adSlinfeng    ///         0x79, 0x11, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // ldxdw r1, r1[0x00]
*fae6e9adSlinfeng    ///         0xb7, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r2, 0
*fae6e9adSlinfeng    ///         0xb7, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r3, 0
*fae6e9adSlinfeng    ///         0xb7, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r4, 0
*fae6e9adSlinfeng    ///         0xb7, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r5, 0
*fae6e9adSlinfeng    ///         0x85, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, // call helper with key 1
*fae6e9adSlinfeng    ///         0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    ///     ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    ///     let mem = &mut [
*fae6e9adSlinfeng    ///         0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
*fae6e9adSlinfeng    ///     ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    ///     // Instantiate a VM.
*fae6e9adSlinfeng    ///     let mut vm = rbpf::EbpfVmRaw::new(Some(prog)).unwrap();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    ///     // Register a helper. This helper will store the result of the square root of r1 into r0.
*fae6e9adSlinfeng    ///     vm.register_helper(1, helpers::sqrti);
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    ///     let res = vm.execute_program(mem).unwrap();
*fae6e9adSlinfeng    ///     assert_eq!(res, 0x10000000);
*fae6e9adSlinfeng    /// }
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    pub fn register_helper(
*fae6e9adSlinfeng        &mut self,
*fae6e9adSlinfeng        key: u32,
*fae6e9adSlinfeng        function: fn(u64, u64, u64, u64, u64) -> u64,
*fae6e9adSlinfeng    ) -> Result<(), Error> {
*fae6e9adSlinfeng        self.parent.register_helper(key, function)
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Register a set of built-in or user-defined helper functions in order to use them later from
*fae6e9adSlinfeng    /// within the eBPF program. The helpers are registered into a hashmap, so the `key` can be any
*fae6e9adSlinfeng    /// `u32`.
*fae6e9adSlinfeng    #[allow(clippy::type_complexity)]
*fae6e9adSlinfeng    pub fn register_helper_set(
*fae6e9adSlinfeng        &mut self,
*fae6e9adSlinfeng        helpers: &HashMap<u32, fn(u64, u64, u64, u64, u64) -> u64>,
*fae6e9adSlinfeng    ) -> Result<(), Error> {
*fae6e9adSlinfeng        for (key, function) in helpers {
*fae6e9adSlinfeng            self.parent.register_helper(*key, *function)?;
*fae6e9adSlinfeng        }
*fae6e9adSlinfeng        Ok(())
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Execute the program loaded, with the given packet data.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// let prog = &[
*fae6e9adSlinfeng    ///     0x71, 0x11, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, // ldxb r1[0x04], r1
*fae6e9adSlinfeng    ///     0x07, 0x01, 0x00, 0x00, 0x00, 0x22, 0x00, 0x00, // add r1, 0x22
*fae6e9adSlinfeng    ///     0xbf, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r0, r1
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// let mem = &mut [
*fae6e9adSlinfeng    ///     0xaa, 0xbb, 0x11, 0x22, 0xcc, 0x27
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// let mut vm = rbpf::EbpfVmRaw::new(Some(prog)).unwrap();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// let res = vm.execute_program(mem).unwrap();
*fae6e9adSlinfeng    /// assert_eq!(res, 0x22cc);
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    pub fn execute_program(&self, mem: &'a mut [u8]) -> Result<u64, Error> {
*fae6e9adSlinfeng        self.parent.execute_program(mem, &[])
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// JIT-compile the loaded program. No argument required for this.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// If using helper functions, be sure to register them into the VM before calling this
*fae6e9adSlinfeng    /// function.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// let prog = &[
*fae6e9adSlinfeng    ///     0x71, 0x11, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, // ldxb r1[0x04], r1
*fae6e9adSlinfeng    ///     0x07, 0x01, 0x00, 0x00, 0x00, 0x22, 0x00, 0x00, // add r1, 0x22
*fae6e9adSlinfeng    ///     0xbf, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r0, r1
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// let mut vm = rbpf::EbpfVmRaw::new(Some(prog)).unwrap();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// vm.jit_compile();
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    #[cfg(all(not(windows), feature = "std"))]
*fae6e9adSlinfeng    pub fn jit_compile(&mut self) -> Result<(), Error> {
*fae6e9adSlinfeng        let prog = match self.parent.prog {
*fae6e9adSlinfeng            Some(prog) => prog,
*fae6e9adSlinfeng            None => Err(Error::new(
*fae6e9adSlinfeng                ErrorKind::Other,
*fae6e9adSlinfeng                "Error: No program set, call prog_set() to load one",
*fae6e9adSlinfeng            ))?,
*fae6e9adSlinfeng        };
*fae6e9adSlinfeng        self.parent.jit = Some(jit::JitMemory::new(
*fae6e9adSlinfeng            prog,
*fae6e9adSlinfeng            &self.parent.helpers,
*fae6e9adSlinfeng            false,
*fae6e9adSlinfeng            false,
*fae6e9adSlinfeng        )?);
*fae6e9adSlinfeng        Ok(())
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Execute the previously JIT-compiled program, with the given packet data, in a manner very
*fae6e9adSlinfeng    /// similar to `execute_program()`.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Safety
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// **WARNING:** JIT-compiled assembly code is not safe, in particular there is no runtime
*fae6e9adSlinfeng    /// check for memory access; so if the eBPF program attempts erroneous accesses, this may end
*fae6e9adSlinfeng    /// very bad (program may segfault). It may be wise to check that the program works with the
*fae6e9adSlinfeng    /// interpreter before running the JIT-compiled version of it.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// For this reason the function should be called from within an `unsafe` bloc.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// let prog = &[
*fae6e9adSlinfeng    ///     0x71, 0x11, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, // ldxb r1[0x04], r1
*fae6e9adSlinfeng    ///     0x07, 0x01, 0x00, 0x00, 0x00, 0x22, 0x00, 0x00, // add r1, 0x22
*fae6e9adSlinfeng    ///     0xbf, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r0, r1
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// let mem = &mut [
*fae6e9adSlinfeng    ///     0xaa, 0xbb, 0x11, 0x22, 0xcc, 0x27
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// let mut vm = rbpf::EbpfVmRaw::new(Some(prog)).unwrap();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # #[cfg(all(not(windows), feature = "std"))]
*fae6e9adSlinfeng    /// vm.jit_compile();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # #[cfg(all(not(windows), feature = "std"))]
*fae6e9adSlinfeng    /// unsafe {
*fae6e9adSlinfeng    ///     let res = vm.execute_program_jit(mem).unwrap();
*fae6e9adSlinfeng    ///     assert_eq!(res, 0x22cc);
*fae6e9adSlinfeng    /// }
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    #[cfg(all(not(windows), feature = "std"))]
*fae6e9adSlinfeng    pub unsafe fn execute_program_jit(&self, mem: &'a mut [u8]) -> Result<u64, Error> {
*fae6e9adSlinfeng        let mut mbuff = vec![];
*fae6e9adSlinfeng        self.parent.execute_program_jit(mem, &mut mbuff)
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Compile the loaded program using the Cranelift JIT.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// If using helper functions, be sure to register them into the VM before calling this
*fae6e9adSlinfeng    /// function.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// let prog = &[
*fae6e9adSlinfeng    ///     0x71, 0x11, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, // ldxb r1[0x04], r1
*fae6e9adSlinfeng    ///     0x07, 0x01, 0x00, 0x00, 0x00, 0x22, 0x00, 0x00, // add r1, 0x22
*fae6e9adSlinfeng    ///     0xbf, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r0, r1
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// let mut vm = rbpf::EbpfVmRaw::new(Some(prog)).unwrap();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// vm.cranelift_compile();
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    #[cfg(feature = "cranelift")]
*fae6e9adSlinfeng    pub fn cranelift_compile(&mut self) -> Result<(), Error> {
*fae6e9adSlinfeng        use crate::cranelift::CraneliftCompiler;
*fae6e9adSlinfeng
*fae6e9adSlinfeng        let prog = match self.parent.prog {
*fae6e9adSlinfeng            Some(prog) => prog,
*fae6e9adSlinfeng            None => Err(Error::new(
*fae6e9adSlinfeng                ErrorKind::Other,
*fae6e9adSlinfeng                "Error: No program set, call prog_set() to load one",
*fae6e9adSlinfeng            ))?,
*fae6e9adSlinfeng        };
*fae6e9adSlinfeng
*fae6e9adSlinfeng        let mut compiler = CraneliftCompiler::new(self.parent.helpers.clone());
*fae6e9adSlinfeng        let program = compiler.compile_function(prog)?;
*fae6e9adSlinfeng
*fae6e9adSlinfeng        self.parent.cranelift_prog = Some(program);
*fae6e9adSlinfeng        Ok(())
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Execute the previously compiled program, with the given packet data, in a manner very
*fae6e9adSlinfeng    /// similar to `execute_program()`.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// let prog = &[
*fae6e9adSlinfeng    ///     0x71, 0x11, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, // ldxb r1[0x04], r1
*fae6e9adSlinfeng    ///     0x07, 0x01, 0x00, 0x00, 0x00, 0x22, 0x00, 0x00, // add r1, 0x22
*fae6e9adSlinfeng    ///     0xbf, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r0, r1
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// let mem = &mut [
*fae6e9adSlinfeng    ///     0xaa, 0xbb, 0x11, 0x22, 0xcc, 0x27
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// let mut vm = rbpf::EbpfVmRaw::new(Some(prog)).unwrap();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// vm.cranelift_compile();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// let res = vm.execute_program_cranelift(mem).unwrap();
*fae6e9adSlinfeng    /// assert_eq!(res, 0x22cc);
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    #[cfg(feature = "cranelift")]
*fae6e9adSlinfeng    pub fn execute_program_cranelift(&self, mem: &'a mut [u8]) -> Result<u64, Error> {
*fae6e9adSlinfeng        let mut mbuff = vec![];
*fae6e9adSlinfeng        self.parent.execute_program_cranelift(mem, &mut mbuff)
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng}
*fae6e9adSlinfeng
*fae6e9adSlinfeng/// A virtual machine to run eBPF program. This kind of VM is used for programs that do not work
*fae6e9adSlinfeng/// with any memory area—no metadata buffer, no packet data either.
*fae6e9adSlinfeng///
*fae6e9adSlinfeng/// # Examples
*fae6e9adSlinfeng///
*fae6e9adSlinfeng/// ```
*fae6e9adSlinfeng/// let prog = &[
*fae6e9adSlinfeng///     0xb7, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r0, 0
*fae6e9adSlinfeng///     0xb7, 0x01, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, // mov r1, 1
*fae6e9adSlinfeng///     0xb7, 0x02, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, // mov r2, 2
*fae6e9adSlinfeng///     0xb7, 0x03, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00, // mov r3, 3
*fae6e9adSlinfeng///     0xb7, 0x04, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00, // mov r4, 4
*fae6e9adSlinfeng///     0xb7, 0x05, 0x00, 0x00, 0x05, 0x00, 0x00, 0x00, // mov r5, 5
*fae6e9adSlinfeng///     0xb7, 0x06, 0x00, 0x00, 0x06, 0x00, 0x00, 0x00, // mov r6, 6
*fae6e9adSlinfeng///     0xb7, 0x07, 0x00, 0x00, 0x07, 0x00, 0x00, 0x00, // mov r7, 7
*fae6e9adSlinfeng///     0xb7, 0x08, 0x00, 0x00, 0x08, 0x00, 0x00, 0x00, // mov r8, 8
*fae6e9adSlinfeng///     0x4f, 0x50, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // or r0, r5
*fae6e9adSlinfeng///     0x47, 0x00, 0x00, 0x00, 0xa0, 0x00, 0x00, 0x00, // or r0, 0xa0
*fae6e9adSlinfeng///     0x57, 0x00, 0x00, 0x00, 0xa3, 0x00, 0x00, 0x00, // and r0, 0xa3
*fae6e9adSlinfeng///     0xb7, 0x09, 0x00, 0x00, 0x91, 0x00, 0x00, 0x00, // mov r9, 0x91
*fae6e9adSlinfeng///     0x5f, 0x90, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // and r0, r9
*fae6e9adSlinfeng///     0x67, 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, // lsh r0, 32
*fae6e9adSlinfeng///     0x67, 0x00, 0x00, 0x00, 0x16, 0x00, 0x00, 0x00, // lsh r0, 22
*fae6e9adSlinfeng///     0x6f, 0x80, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // lsh r0, r8
*fae6e9adSlinfeng///     0x77, 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x00, // rsh r0, 32
*fae6e9adSlinfeng///     0x77, 0x00, 0x00, 0x00, 0x13, 0x00, 0x00, 0x00, // rsh r0, 19
*fae6e9adSlinfeng///     0x7f, 0x70, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // rsh r0, r7
*fae6e9adSlinfeng///     0xa7, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00, // xor r0, 0x03
*fae6e9adSlinfeng///     0xaf, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // xor r0, r2
*fae6e9adSlinfeng///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng/// ];
*fae6e9adSlinfeng///
*fae6e9adSlinfeng/// // Instantiate a VM.
*fae6e9adSlinfeng/// let vm = rbpf::EbpfVmNoData::new(Some(prog)).unwrap();
*fae6e9adSlinfeng///
*fae6e9adSlinfeng/// // Provide only a reference to the packet data.
*fae6e9adSlinfeng/// let res = vm.execute_program().unwrap();
*fae6e9adSlinfeng/// assert_eq!(res, 0x11);
*fae6e9adSlinfeng/// ```
*fae6e9adSlinfengpub struct EbpfVmNoData<'a> {
*fae6e9adSlinfeng    parent: EbpfVmRaw<'a>,
*fae6e9adSlinfeng}
*fae6e9adSlinfeng
*fae6e9adSlinfengimpl<'a> EbpfVmNoData<'a> {
*fae6e9adSlinfeng    /// Create a new virtual machine instance, and load an eBPF program into that instance.
*fae6e9adSlinfeng    /// When attempting to load the program, it passes through a simple verifier.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// let prog = &[
*fae6e9adSlinfeng    ///     0xb7, 0x00, 0x00, 0x00, 0x11, 0x22, 0x00, 0x00, // mov r0, 0x2211
*fae6e9adSlinfeng    ///     0xdc, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00, // be16 r0
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Instantiate a VM.
*fae6e9adSlinfeng    /// let vm = rbpf::EbpfVmNoData::new(Some(prog));
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    pub fn new(prog: Option<&'a [u8]>) -> Result<EbpfVmNoData<'a>, Error> {
*fae6e9adSlinfeng        let parent = EbpfVmRaw::new(prog)?;
*fae6e9adSlinfeng        Ok(EbpfVmNoData { parent })
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Load a new eBPF program into the virtual machine instance.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// let prog1 = &[
*fae6e9adSlinfeng    ///     0xb7, 0x00, 0x00, 0x00, 0x11, 0x22, 0x00, 0x00, // mov r0, 0x2211
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    /// let prog2 = &[
*fae6e9adSlinfeng    ///     0xb7, 0x00, 0x00, 0x00, 0x11, 0x22, 0x00, 0x00, // mov r0, 0x2211
*fae6e9adSlinfeng    ///     0xdc, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00, // be16 r0
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// let mut vm = rbpf::EbpfVmNoData::new(Some(prog1)).unwrap();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// let res = vm.execute_program().unwrap();
*fae6e9adSlinfeng    /// assert_eq!(res, 0x2211);
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// vm.set_program(prog2);
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// let res = vm.execute_program().unwrap();
*fae6e9adSlinfeng    /// assert_eq!(res, 0x1122);
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    pub fn set_program(&mut self, prog: &'a [u8]) -> Result<(), Error> {
*fae6e9adSlinfeng        self.parent.set_program(prog)?;
*fae6e9adSlinfeng        Ok(())
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Set a new verifier function. The function should return an `Error` if the program should be
*fae6e9adSlinfeng    /// rejected by the virtual machine. If a program has been loaded to the VM already, the
*fae6e9adSlinfeng    /// verifier is immediately run.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// use rbpf::{Error, ErrorKind};
*fae6e9adSlinfeng    /// use rbpf::ebpf;
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Define a simple verifier function.
*fae6e9adSlinfeng    /// fn verifier(prog: &[u8]) -> Result<(), Error> {
*fae6e9adSlinfeng    ///     let last_insn = ebpf::get_insn(prog, (prog.len() / ebpf::INSN_SIZE) - 1);
*fae6e9adSlinfeng    ///     if last_insn.opc != ebpf::EXIT {
*fae6e9adSlinfeng    ///         return Err(Error::new(ErrorKind::Other,
*fae6e9adSlinfeng    ///                    "[Verifier] Error: program does not end with “EXIT” instruction"));
*fae6e9adSlinfeng    ///     }
*fae6e9adSlinfeng    ///     Ok(())
*fae6e9adSlinfeng    /// }
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// let prog1 = &[
*fae6e9adSlinfeng    ///     0xb7, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r0, 0
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // Instantiate a VM.
*fae6e9adSlinfeng    /// let mut vm = rbpf::EbpfVmMbuff::new(Some(prog1)).unwrap();
*fae6e9adSlinfeng    /// // Change the verifier.
*fae6e9adSlinfeng    /// vm.set_verifier(verifier).unwrap();
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    pub fn set_verifier(&mut self, verifier: Verifier) -> Result<(), Error> {
*fae6e9adSlinfeng        self.parent.set_verifier(verifier)
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Register a built-in or user-defined helper function in order to use it later from within
*fae6e9adSlinfeng    /// the eBPF program. The helper is registered into a hashmap, so the `key` can be any `u32`.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// If using JIT-compiled eBPF programs, be sure to register all helpers before compiling the
*fae6e9adSlinfeng    /// program. You should be able to change registered helpers after compiling, but not to add
*fae6e9adSlinfeng    /// new ones (i.e. with new keys).
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// #[cfg(feature = "std")] {
*fae6e9adSlinfeng    ///     use rbpf::helpers;
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    ///     let prog = &[
*fae6e9adSlinfeng    ///         0xb7, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, // mov r1, 0x010000000
*fae6e9adSlinfeng    ///         0xb7, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r2, 0
*fae6e9adSlinfeng    ///         0xb7, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r3, 0
*fae6e9adSlinfeng    ///         0xb7, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r4, 0
*fae6e9adSlinfeng    ///         0xb7, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, // mov r5, 0
*fae6e9adSlinfeng    ///         0x85, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, // call helper with key 1
*fae6e9adSlinfeng    ///         0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    ///     ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    ///     let mut vm = rbpf::EbpfVmNoData::new(Some(prog)).unwrap();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    ///     // Register a helper. This helper will store the result of the square root of r1 into r0.
*fae6e9adSlinfeng    ///     vm.register_helper(1, helpers::sqrti).unwrap();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    ///     let res = vm.execute_program().unwrap();
*fae6e9adSlinfeng    ///     assert_eq!(res, 0x1000);
*fae6e9adSlinfeng    /// }
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    pub fn register_helper(
*fae6e9adSlinfeng        &mut self,
*fae6e9adSlinfeng        key: u32,
*fae6e9adSlinfeng        function: fn(u64, u64, u64, u64, u64) -> u64,
*fae6e9adSlinfeng    ) -> Result<(), Error> {
*fae6e9adSlinfeng        self.parent.register_helper(key, function)
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// JIT-compile the loaded program. No argument required for this.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// If using helper functions, be sure to register them into the VM before calling this
*fae6e9adSlinfeng    /// function.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// let prog = &[
*fae6e9adSlinfeng    ///     0xb7, 0x00, 0x00, 0x00, 0x11, 0x22, 0x00, 0x00, // mov r0, 0x2211
*fae6e9adSlinfeng    ///     0xdc, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00, // be16 r0
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// let mut vm = rbpf::EbpfVmNoData::new(Some(prog)).unwrap();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// vm.jit_compile();
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    #[cfg(all(not(windows), feature = "std"))]
*fae6e9adSlinfeng    pub fn jit_compile(&mut self) -> Result<(), Error> {
*fae6e9adSlinfeng        self.parent.jit_compile()
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Execute the program loaded, without providing pointers to any memory area whatsoever.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// let prog = &[
*fae6e9adSlinfeng    ///     0xb7, 0x00, 0x00, 0x00, 0x11, 0x22, 0x00, 0x00, // mov r0, 0x2211
*fae6e9adSlinfeng    ///     0xdc, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00, // be16 r0
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// let vm = rbpf::EbpfVmNoData::new(Some(prog)).unwrap();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// // For this kind of VM, the `execute_program()` function needs no argument.
*fae6e9adSlinfeng    /// let res = vm.execute_program().unwrap();
*fae6e9adSlinfeng    /// assert_eq!(res, 0x1122);
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    pub fn execute_program(&self) -> Result<u64, Error> {
*fae6e9adSlinfeng        self.parent.execute_program(&mut [])
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Execute the previously JIT-compiled program, without providing pointers to any memory area
*fae6e9adSlinfeng    /// whatsoever, in a manner very similar to `execute_program()`.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Safety
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// **WARNING:** JIT-compiled assembly code is not safe, in particular there is no runtime
*fae6e9adSlinfeng    /// check for memory access; so if the eBPF program attempts erroneous accesses, this may end
*fae6e9adSlinfeng    /// very bad (program may segfault). It may be wise to check that the program works with the
*fae6e9adSlinfeng    /// interpreter before running the JIT-compiled version of it.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// For this reason the function should be called from within an `unsafe` bloc.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// let prog = &[
*fae6e9adSlinfeng    ///     0xb7, 0x00, 0x00, 0x00, 0x11, 0x22, 0x00, 0x00, // mov r0, 0x2211
*fae6e9adSlinfeng    ///     0xdc, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00, // be16 r0
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// let mut vm = rbpf::EbpfVmNoData::new(Some(prog)).unwrap();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # #[cfg(all(not(windows), feature = "std"))]
*fae6e9adSlinfeng    /// vm.jit_compile();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # #[cfg(all(not(windows), feature = "std"))]
*fae6e9adSlinfeng    /// unsafe {
*fae6e9adSlinfeng    ///     let res = vm.execute_program_jit().unwrap();
*fae6e9adSlinfeng    ///     assert_eq!(res, 0x1122);
*fae6e9adSlinfeng    /// }
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    #[cfg(all(not(windows), feature = "std"))]
*fae6e9adSlinfeng    pub unsafe fn execute_program_jit(&self) -> Result<u64, Error> {
*fae6e9adSlinfeng        self.parent.execute_program_jit(&mut [])
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Compile the loaded program using the Cranelift JIT.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// If using helper functions, be sure to register them into the VM before calling this
*fae6e9adSlinfeng    /// function.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// let prog = &[
*fae6e9adSlinfeng    ///     0xb7, 0x00, 0x00, 0x00, 0x11, 0x22, 0x00, 0x00, // mov r0, 0x2211
*fae6e9adSlinfeng    ///     0xdc, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00, // be16 r0
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// let mut vm = rbpf::EbpfVmNoData::new(Some(prog)).unwrap();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// vm.cranelift_compile();
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    #[cfg(feature = "cranelift")]
*fae6e9adSlinfeng    pub fn cranelift_compile(&mut self) -> Result<(), Error> {
*fae6e9adSlinfeng        self.parent.cranelift_compile()
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Execute the previously JIT-compiled program, without providing pointers to any memory area
*fae6e9adSlinfeng    /// whatsoever, in a manner very similar to `execute_program()`.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// # Examples
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    /// let prog = &[
*fae6e9adSlinfeng    ///     0xb7, 0x00, 0x00, 0x00, 0x11, 0x22, 0x00, 0x00, // mov r0, 0x2211
*fae6e9adSlinfeng    ///     0xdc, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00, // be16 r0
*fae6e9adSlinfeng    ///     0x95, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00  // exit
*fae6e9adSlinfeng    /// ];
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// let mut vm = rbpf::EbpfVmNoData::new(Some(prog)).unwrap();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// vm.cranelift_compile();
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// let res = vm.execute_program_cranelift().unwrap();
*fae6e9adSlinfeng    /// assert_eq!(res, 0x1122);
*fae6e9adSlinfeng    /// ```
*fae6e9adSlinfeng    #[cfg(feature = "cranelift")]
*fae6e9adSlinfeng    pub fn execute_program_cranelift(&self) -> Result<u64, Error> {
*fae6e9adSlinfeng        self.parent.execute_program_cranelift(&mut [])
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng}
*fae6e9adSlinfeng
*fae6e9adSlinfeng/// EbpfVm with Owned data
*fae6e9adSlinfengpub struct EbpfVmRawOwned {
*fae6e9adSlinfeng    parent: EbpfVmRaw<'static>,
*fae6e9adSlinfeng    data_len: usize,
*fae6e9adSlinfeng    data_cap: usize,
*fae6e9adSlinfeng}
*fae6e9adSlinfeng
*fae6e9adSlinfengimpl EbpfVmRawOwned {
*fae6e9adSlinfeng    /// Create a new virtual machine instance, and load an eBPF program into that instance.
*fae6e9adSlinfeng    /// When attempting to load the program, it passes through a simple verifier.
*fae6e9adSlinfeng    pub fn new(prog: Option<Vec<u8>>) -> Result<EbpfVmRawOwned, Error> {
*fae6e9adSlinfeng        let (prog, data_len, data_cap) = match prog {
*fae6e9adSlinfeng            Some(prog) => {
*fae6e9adSlinfeng                let data_len = prog.len();
*fae6e9adSlinfeng                let data_cap = prog.capacity();
*fae6e9adSlinfeng                let slice = prog.leak();
*fae6e9adSlinfeng                let slice = unsafe { core::slice::from_raw_parts(slice.as_ptr(), data_len) };
*fae6e9adSlinfeng                (Some(slice), data_len, data_cap)
*fae6e9adSlinfeng            }
*fae6e9adSlinfeng            None => (None, 0, 0),
*fae6e9adSlinfeng        };
*fae6e9adSlinfeng        let parent = EbpfVmRaw::new(prog)?;
*fae6e9adSlinfeng        Ok(Self {
*fae6e9adSlinfeng            parent,
*fae6e9adSlinfeng            data_len,
*fae6e9adSlinfeng            data_cap,
*fae6e9adSlinfeng        })
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng    /// Load a new eBPF program into the virtual machine instance
*fae6e9adSlinfeng    pub fn set_program(&mut self, prog: Vec<u8>) -> Result<(), Error> {
*fae6e9adSlinfeng        self.data_len = prog.len();
*fae6e9adSlinfeng        self.data_cap = prog.capacity();
*fae6e9adSlinfeng        let slice = prog.leak();
*fae6e9adSlinfeng        self.parent.set_program(slice)?;
*fae6e9adSlinfeng        Ok(())
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Set a new verifier function. The function should return an Error if the program should be rejected by the virtual machine.
*fae6e9adSlinfeng    /// If a program has been loaded to the VM already, the verifier is immediately run.
*fae6e9adSlinfeng    pub fn set_verifier(&mut self, verifier: Verifier) -> Result<(), Error> {
*fae6e9adSlinfeng        self.parent.set_verifier(verifier)
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Register a built-in or user-defined helper function in order to use it later from within the eBPF program.
*fae6e9adSlinfeng    /// The helper is registered into a hashmap, so the key can be any u32.
*fae6e9adSlinfeng    /// If using JIT-compiled eBPF programs, be sure to register all helpers before compiling the program.
*fae6e9adSlinfeng    /// You should be able to change registered helpers after compiling, but not to add new ones (i. e. with new keys).
*fae6e9adSlinfeng    pub fn register_helper(
*fae6e9adSlinfeng        &mut self,
*fae6e9adSlinfeng        key: u32,
*fae6e9adSlinfeng        function: fn(u64, u64, u64, u64, u64) -> u64,
*fae6e9adSlinfeng    ) -> Result<(), Error> {
*fae6e9adSlinfeng        self.parent.register_helper(key, function)
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Register a set of built-in or user-defined helper functions in order to use them later from
*fae6e9adSlinfeng    /// within the eBPF program. The helpers are registered into a hashmap, so the `key` can be any
*fae6e9adSlinfeng    /// `u32`.
*fae6e9adSlinfeng    #[allow(clippy::type_complexity)]
*fae6e9adSlinfeng    pub fn register_helper_set(
*fae6e9adSlinfeng        &mut self,
*fae6e9adSlinfeng        helpers: &HashMap<u32, fn(u64, u64, u64, u64, u64) -> u64>,
*fae6e9adSlinfeng    ) -> Result<(), Error> {
*fae6e9adSlinfeng        for (key, function) in helpers {
*fae6e9adSlinfeng            self.parent.register_helper(*key, *function)?;
*fae6e9adSlinfeng        }
*fae6e9adSlinfeng        Ok(())
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng
*fae6e9adSlinfeng    /// Execute the previously JIT-compiled program, with the given packet data, in a manner very similar to execute_program().
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// Safety
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// **WARNING:** JIT-compiled assembly code is not safe, in particular there is no runtime check for memory access;
*fae6e9adSlinfeng    /// so if the eBPF program attempts erroneous accesses, this may end very bad (program may segfault).
*fae6e9adSlinfeng    /// It may be wise to check that the program works with the interpreter before running the JIT-compiled version of it.
*fae6e9adSlinfeng    ///
*fae6e9adSlinfeng    /// For this reason the function should be called from within an unsafe bloc.
*fae6e9adSlinfeng    pub fn execute_program(&self, mem: &mut [u8]) -> Result<u64, Error> {
*fae6e9adSlinfeng        self.parent.execute_program(mem)
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng}
*fae6e9adSlinfeng
*fae6e9adSlinfengimpl Drop for EbpfVmRawOwned {
*fae6e9adSlinfeng    fn drop(&mut self) {
*fae6e9adSlinfeng        match self.parent.parent.prog {
*fae6e9adSlinfeng            Some(prog) => unsafe {
*fae6e9adSlinfeng                let ptr = prog.as_ptr();
*fae6e9adSlinfeng                let _prog = Vec::from_raw_parts(ptr as *mut u8, self.data_len, self.data_cap);
*fae6e9adSlinfeng            },
*fae6e9adSlinfeng            None => {}
*fae6e9adSlinfeng        };
*fae6e9adSlinfeng    }
*fae6e9adSlinfeng}