Skip to content

Enable module kfuncs to override vmlinux kfuncs#11995

Open
kernel-patches-daemon-bpf[bot] wants to merge 2 commits intobpf-next_basefrom
series/1087894=>bpf-next
Open

Enable module kfuncs to override vmlinux kfuncs#11995
kernel-patches-daemon-bpf[bot] wants to merge 2 commits intobpf-next_basefrom
series/1087894=>bpf-next

Conversation

@kernel-patches-daemon-bpf
Copy link
Copy Markdown

@kernel-patches-daemon-bpf kernel-patches-daemon-bpf Bot commented Apr 30, 2026

Pull request for series with
subject: Enable module kfuncs to override vmlinux kfuncs
version: 1
url: https://patchwork.kernel.org/project/netdevbpf/list/?series=1087894

@kernel-patches-daemon-bpf
Copy link
Copy Markdown
Author

kernel-patches-daemon-bpf Bot commented Apr 30, 2026

Upstream branch: 9f5b3ff
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1087894
version: 1

@kernel-patches-review-bot
Copy link
Copy Markdown

kernel-patches-review-bot Bot commented Apr 30, 2026 

commit 8fbf08ef1da5223cb14bd1012a0a1057e40cb6fd
Author: Song Chen <chensong_2000@126.com>

kernel/bpf/verifier: Support module kfunc resolution via instruction offset

Use the instruction's 'off' field to indicate the source of a kfunc.
When libbpf resolves a kfunc, it sets insn->off to 0 for vmlinux
kfuncs or a non-zero module ID for module kfuncs. The verifier now
checks insn->off to determine where to look up the kfunc address.

> diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c
> index 03f9e16c2abe..7e6a95e6821d 100644
> --- a/kernel/bpf/verifier.c
> +++ b/kernel/bpf/verifier.c
> @@ -2734,7 +2734,10 @@ int bpf_add_kfunc_call(struct bpf_verifier_env *env, u32 func_id, u16 offset)
>  	if (err)
>  		return err;
>
> -	addr = kallsyms_lookup_name(kfunc.name);
> +	if (offset)
> +		addr = module_kallsyms_lookup_name(kfunc.name);
> +	else
> +		addr = kallsyms_lookup_name(kfunc.name);
>  	if (!addr) {
>  		verbose(env, "cannot find address for kernel function %s\n", kfunc.name);
>  		return -EINVAL;

When offset is non-zero, module_kallsyms_lookup_name(kfunc.name) searches
all loaded modules and returns the first match. How does this handle the
case where multiple modules register kfuncs with the same name?

In the original discussion thread from January 2026, Alexei Starovoitov
asked: "but what about kfunc in module A with the same name as kfunc in
module B?" You acknowledged this concern and indicated it was in your plan
to address. However, the current implementation appears to rely on module
load order when multiple modules have identically-named kfuncs.

Reference: https://lore.kernel.org/all/CAADnVQLVQW-Mb_d+zT+aSpPOZ042erPVcSHVBx9PMGET+a754Q@mail.gmail.com/

Is there a mechanism to ensure the correct module's kfunc is selected when
names collide across different modules?

AI reviewed your patch. Please fix the bug or email reply why it's not a bug.
See: https://github.com/kernel-patches/vmtest/blob/master/ci/claude/README.md

In-Reply-To-Subject: kernel/bpf/verifier: Support module kfunc resolution via instruction offset
CI run summary: https://github.com/kernel-patches/bpf/actions/runs/25150033548

@kernel-patches-daemon-bpf
Copy link
Copy Markdown
Author

kernel-patches-daemon-bpf Bot commented Apr 30, 2026

Forwarding comment 4350146673 via email
In-Reply-To: 20260430054714.38980-1-chensong_2000@126.com
Patch: https://patchwork.kernel.org/project/netdevbpf/patch/20260430054714.38980-1-chensong_2000@126.com/

@kernel-patches-daemon-bpf
Copy link
Copy Markdown
Author

kernel-patches-daemon-bpf Bot commented Apr 30, 2026

Upstream branch: 2ca6723
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1087894
version: 1

@kernel-patches-daemon-bpf
Copy link
Copy Markdown
Author

kernel-patches-daemon-bpf Bot commented Apr 30, 2026

Upstream branch: 2ca6723
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1087894
version: 1

Song Chen added 2 commits May 2, 2026 09:03
tools/lib/bpf/libbpf: Prioritize module kfuncs over vmlinux kfuncs
115f092 
Change the kfunc resolution order in find_ksym_btf_id() to search
module BTFs before vmlinux BTF. This allows kernel modules to override
vmlinux kfuncs with the same name, enabling a form of live-patching
for kfuncs.

Previously, vmlinux kfuncs were always preferred, making it impossible
for modules to provide enhanced or fixed versions of existing kfuncs.
With this change, modules can now override kernel kfuncs, while
programs that don't use module BTFs remain unaffected.

Suggested-by: Alexei Starovoitov <alexei.starovoitov@gmail.com>
Signed-off-by: Song Chen <chensong_2000@126.com>
kernel/bpf/verifier: Support module kfunc resolution via instruction …
a6a9980 
…offset

Use the instruction's 'off' field to indicate the source of a kfunc.
When libbpf resolves a kfunc, it sets insn->off to 0 for vmlinux
kfuncs or a non-zero module ID for module kfuncs.

The verifier now checks insn->off to determine where to look up the
kfunc address: off == 0 searches in vmlinux, while off > 0 searches
in the corresponding module BTF. This enables proper resolution of
module kfuncs that may override vmlinux kfuncs with the same name.

This works in conjunction with the libbpf change that prioritizes
module kfuncs during BTF resolution.

Suggested-by: Alexei Starovoitov <alexei.starovoitov@gmail.com>
Signed-off-by: Song Chen <chensong_2000@126.com>
@kernel-patches-daemon-bpf
Copy link
Copy Markdown
Author

kernel-patches-daemon-bpf Bot commented May 2, 2026

Upstream branch: 2ca6723
series: https://patchwork.kernel.org/project/netdevbpf/list/?series=1087894
version: 1

@kernel-patches-daemon-bpf kernel-patches-daemon-bpf Bot force-pushed the series/1087894=>bpf-next branch from 57abfe9 to a6a9980 Compare May 2, 2026 16:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

bpf-next new V1-ci-pass V1

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants