[Question] Failed to load ebpf program with BTF-defined map

[wuzongyo]

Hi,

I wrote a simple tc-bpf program like that:

    #include <linux/bpf.h>
    #include <linux/pkt_cls.h>
    #include <linx/types.h>
    #include <bpf/bpf_helpers.h>

    struct {
        __uint(type, BPF_MAP_TYPE_HASH);
        __uint(max_entries, 1);
        __type(key, int);
        __type(value, int);
    } hmap SEC(".maps");

    SEC("classifier")
    int _classifier(struct __sk_buff *skb)
    {
        int key = 0;
        int *val;

        val = bpf_map_lookup_elem(&hmap, &key);
        if (!val)
            return TC_ACT_OK;
        return TC_ACT_OK;
    }

    char __license[] SEC("license") = "GPL";

Then I tried to use tc to load the program:
    
    tc qdisc add dev eth0 clsact
    tc filter add dev eth0 egress bpf da obj test_bpf.o

But the program loading failed with error messages:

    Prog section 'classifier' rejected: Permission denied (13)!
    - Type:          3
    - Instructions:  9 (0 over limit
    - License:       GPL

    Verifier analysis:

    Error fetching program/map!
    Unable to load program

I tried to replace the map definition with the following code and the program is loaded successfully!

    struct bpf_map_def SEC("maps") hmap = {
        .type = BPF_MAP_TYPE_HASH,
        .key_size = sizeof(int),
        .value_size = sizeof(int),
        .max_entries = 1,
    };

With bpftrace, I can find that the errno -EACCES is returned by function do_check(). But I am still confused what's wrong with it.

Linux Version: 5.17.0-rc3+ with CONFIG_DEBUG_INFO_BTF=y
TC Version: 5.14.0

Any suggestion will be appreciated!

Thanks