Re: [PATCH V2 2/2] kernel/bpf/verifier: Support module kfunc resolution via instruction offset

[Song Chen]

Hi,

On 5/12/26 11:56, Kaitao Cheng wrote:
> 在 2026/5/10 11:01, Song Chen 写道:
> > Use the instruction's 'off' field to indicate the source of a kfunc.
> > When libbpf resolves a kfunc, it sets insn->off to 0 for vmlinux
> > kfuncs or a non-zero module ID for module kfuncs.
> >
> > The verifier now checks insn->off to determine where to look up the
> > kfunc address: off == 0 searches in vmlinux, while off > 0 searches
> > in the corresponding module BTF. This enables proper resolution of
> > module kfuncs that may override vmlinux kfuncs with the same name.
> >
> > This works in conjunction with the libbpf change that prioritizes
> > module kfuncs during BTF resolution.
> >
> > Suggested-by: Alexei Starovoitov <alexei.starovoitov@xxxxxxxxx>
> > Signed-off-by: Song Chen <chensong_2000@xxxxxxx>
> >
> > ---
> > changelog:
> > v1 --- v2:
> > libbpf has already specified which module this kfunc belongs to as
> > ebpf code onwer's expectation, then verifier uses
> > find_kallsyms_symbol_value to search kfunc's addr.
> > ---
> >   kernel/bpf/verifier.c | 12 +++++++++++-
> >   1 file changed, 11 insertions(+), 1 deletion(-)
> >   mode change 100644 => 100755 kernel/bpf/verifier.c
>
> In general, the second and following parts of a multi-part patch should be
> sent as a reply to the first part so that they all thread together at the
> receiving end.  Tools like git and quilt have commands to mail out a set of
> patches with the proper threading.

you mean "git send-email 0001-*.patch 0002-*.patch 0003-*.patch", i 
didn't know that before, thanks so much.

> > diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
> > old mode 100644
> > new mode 100755
> > index 159b25f8269d..3b2e4552a3d4
> > --- a/kernel/bpf/verifier.c
> > +++ b/kernel/bpf/verifier.c
> > @@ -3303,6 +3303,7 @@ static struct btf *__find_kfunc_desc_btf(struct bpf_verifier_env *env,
> >   		 */
> >   		sort(tab->descs, tab->nr_descs, sizeof(tab->descs[0]),
> >   		     kfunc_btf_cmp_by_off, NULL);
> > +
>
> Unnecessary change.
>
> >   	} else {
> >   		btf = b->btf;
> >   	}
> > @@ -3498,7 +3499,16 @@ static int add_kfunc_call(struct bpf_verifier_env *env, u32 func_id, s16 offset)
> >   	if (err)
> >   		return err;
> >   
> > -	addr = kallsyms_lookup_name(kfunc.name);
> > +	if (offset) {
> > +		struct bpf_kfunc_btf kf_btf = { .offset = offset };
> > +		struct module *mod;
> > +		struct bpf_kfunc_btf *b;
> > +		b = bsearch(&kf_btf, btf_tab->descs, btf_tab->nr_descs,
> > +            sizeof(btf_tab->descs[0]), kfunc_btf_cmp_by_off);
>
> Tip: before submission, you can run scripts/checkpatch.pl to check for formatting issues.

Many thanks, i did checkpatch every time, but i probably forgot it this 
time, sorry about that. As the reviews' comments, looks like this patch 
has its shot, more attention will be paid on v3.

> > +		mod = b->module;
> > +		addr = find_kallsyms_symbol_value(mod, kfunc.name);
>
> struct bpf_kfunc_btf b, kf_btf = { .offset = offset };
>      ......
> addr = find_kallsyms_symbol_value(b->module, kfunc.name);

will do.

> > +	} else
> > +		addr = kallsyms_lookup_name(kfunc.name);
> >   	if (!addr) {
> >   		verbose(env, "cannot find address for kernel function %s\n", kfunc.name);
> >   		return -EINVAL;


best regards,

Song