| Message ID | 20210719151753.399227-1-hengqi.chen@gmail.com (mailing list archive) |
|---|---|
| State | Superseded |
| Delegated to: | BPF |
| Headers | show |
| Series | [bpf-next,v2] bpf: expose bpf_d_path helper to vfs_* and security_* functions | expand |
| Context | Check | Description |
|---|---|---|
| netdev/cover_letter | success | Link |
| netdev/fixes_present | success | Link |
| netdev/patch_count | success | Link |
| netdev/tree_selection | success | Clearly marked for bpf-next |
| netdev/subject_prefix | success | Link |
| netdev/cc_maintainers | warning | 6 maintainers not CCed: netdev@vger.kernel.org kpsingh@kernel.org mingo@redhat.com kafai@fb.com rostedt@goodmis.org songliubraving@fb.com |
| netdev/source_inline | success | Was 0 now: 0 |
| netdev/verify_signedoff | success | Link |
| netdev/module_param | success | Was 0 now: 0 |
| netdev/build_32bit | success | Errors and warnings before: 7 this patch: 7 |
| netdev/kdoc | success | Errors and warnings before: 0 this patch: 0 |
| netdev/verify_fixes | success | Link |
| netdev/checkpatch | success | total: 0 errors, 0 warnings, 0 checks, 64 lines checked |
| netdev/build_allmodconfig_warn | success | Errors and warnings before: 6 this patch: 6 |
| netdev/header_inline | success | Link |
On Mon, Jul 19, 2021 at 8:18 AM Hengqi Chen <hengqi.chen@gmail.com> wrote: > > Add vfs_* and security_* to bpf_d_path allowlist, so that we can use > bpf_d_path helper to extract full file path from these functions' > `struct path *` and `struct file *` arguments. This will help tools > like IOVisor's filetop[2]/filelife to get full file path. > > Changes since v1: [1] > - Alexei and Yonghong suggested that bpf_d_path helper could also > apply to vfs_* and security_file_* kernel functions. Added them. > > [1] https://lore.kernel.org/bpf/20210712162424.2034006-1-hengqi.chen@gmail.com/ > [2] https://github.com/iovisor/bcc/issues/3527 > > Signed-off-by: Hengqi Chen <hengqi.chen@gmail.com> > --- > kernel/trace/bpf_trace.c | 50 ++++++++++++++++++++++++++++++++++++++-- > 1 file changed, 48 insertions(+), 2 deletions(-) > > diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c > index 08906007306d..c784f3c7143f 100644 > --- a/kernel/trace/bpf_trace.c > +++ b/kernel/trace/bpf_trace.c > @@ -850,16 +850,62 @@ BPF_CALL_3(bpf_d_path, struct path *, path, char *, buf, u32, sz) > BTF_SET_START(btf_allowlist_d_path) > #ifdef CONFIG_SECURITY > BTF_ID(func, security_file_permission) > -BTF_ID(func, security_inode_getattr) > BTF_ID(func, security_file_open) > +BTF_ID(func, security_file_ioctl) > +BTF_ID(func, security_file_free) > +BTF_ID(func, security_file_alloc) > +BTF_ID(func, security_file_lock) > +BTF_ID(func, security_file_fcntl) > +BTF_ID(func, security_file_set_fowner) > +BTF_ID(func, security_file_receive) > +BTF_ID(func, security_inode_getattr) > #endif > #ifdef CONFIG_SECURITY_PATH > BTF_ID(func, security_path_truncate) > +BTF_ID(func, security_path_notify) > +BTF_ID(func, security_path_unlink) > +BTF_ID(func, security_path_mkdir) > +BTF_ID(func, security_path_rmdir) > +BTF_ID(func, security_path_mknod) > +BTF_ID(func, security_path_symlink) > +BTF_ID(func, security_path_link) > +BTF_ID(func, security_path_rename) > +BTF_ID(func, security_path_chmod) > +BTF_ID(func, security_path_chown) > +BTF_ID(func, security_path_chroot) > #endif > BTF_ID(func, vfs_truncate) > BTF_ID(func, vfs_fallocate) > -BTF_ID(func, dentry_open) > BTF_ID(func, vfs_getattr) > +BTF_ID(func, vfs_fadvise) > +BTF_ID(func, vfs_fchmod) > +BTF_ID(func, vfs_fchown) > +BTF_ID(func, vfs_open) > +BTF_ID(func, vfs_setpos) > +BTF_ID(func, vfs_llseek) > +BTF_ID(func, vfs_read) > +BTF_ID(func, vfs_write) > +BTF_ID(func, vfs_iocb_iter_read) > +BTF_ID(func, vfs_iter_read) > +BTF_ID(func, vfs_readv) > +BTF_ID(func, vfs_iocb_iter_write) > +BTF_ID(func, vfs_iter_write) > +BTF_ID(func, vfs_writev) > +BTF_ID(func, vfs_copy_file_range) > +BTF_ID(func, vfs_getattr_nosec) > +BTF_ID(func, vfs_ioctl) > +BTF_ID(func, vfs_fsync_range) > +BTF_ID(func, vfs_fsync) > +BTF_ID(func, vfs_utimes) > +BTF_ID(func, vfs_statfs) > +BTF_ID(func, vfs_dedupe_file_range_one) > +BTF_ID(func, vfs_dedupe_file_range) > +BTF_ID(func, vfs_clone_file_range) > +BTF_ID(func, vfs_cancel_lock) > +BTF_ID(func, vfs_test_lock) > +BTF_ID(func, vfs_setlease) > +BTF_ID(func, vfs_lock_file) > +BTF_ID(func, dentry_open) > BTF_ID(func, filp_close) > BTF_SET_END(btf_allowlist_d_path) > Before we lend this expanded list of allowed functions, I think we should address an issue that comes up from time to time with .BTF_ids. Sometimes the referenced function can be changed from global to static and get inlined by the compiler, and thus disappears from BTF altogether. This will result in kernel build failure causing a lot of confusion, because the change might be done by people unfamiliar with the BTF_ID() stuff and not even aware of it. This came up a few times before and it's frustrating for everyone involved. Before we proceed with extending the list further, let's teach resolve_btfids to warn on such missing function (so that we are at least aware) but otherwise ignore it (probably leaving ID as zero, but let's also confirm that all the users of BTF_ID() stuff handle those zeros correctly). > -- > 2.25.1 >
On 2021/7/20 3:02 AM, Andrii Nakryiko wrote: > On Mon, Jul 19, 2021 at 8:18 AM Hengqi Chen <hengqi.chen@gmail.com> wrote: >> >> Add vfs_* and security_* to bpf_d_path allowlist, so that we can use >> bpf_d_path helper to extract full file path from these functions' >> `struct path *` and `struct file *` arguments. This will help tools >> like IOVisor's filetop[2]/filelife to get full file path. >> >> Changes since v1: [1] >> - Alexei and Yonghong suggested that bpf_d_path helper could also >> apply to vfs_* and security_file_* kernel functions. Added them. >> >> [1] https://lore.kernel.org/bpf/20210712162424.2034006-1-hengqi.chen@gmail.com/ >> [2] https://github.com/iovisor/bcc/issues/3527 >> >> Signed-off-by: Hengqi Chen <hengqi.chen@gmail.com> >> --- >> kernel/trace/bpf_trace.c | 50 ++++++++++++++++++++++++++++++++++++++-- >> 1 file changed, 48 insertions(+), 2 deletions(-) >> >> diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c >> index 08906007306d..c784f3c7143f 100644 >> --- a/kernel/trace/bpf_trace.c >> +++ b/kernel/trace/bpf_trace.c >> @@ -850,16 +850,62 @@ BPF_CALL_3(bpf_d_path, struct path *, path, char *, buf, u32, sz) >> BTF_SET_START(btf_allowlist_d_path) >> #ifdef CONFIG_SECURITY >> BTF_ID(func, security_file_permission) >> -BTF_ID(func, security_inode_getattr) >> BTF_ID(func, security_file_open) >> +BTF_ID(func, security_file_ioctl) >> +BTF_ID(func, security_file_free) >> +BTF_ID(func, security_file_alloc) >> +BTF_ID(func, security_file_lock) >> +BTF_ID(func, security_file_fcntl) >> +BTF_ID(func, security_file_set_fowner) >> +BTF_ID(func, security_file_receive) >> +BTF_ID(func, security_inode_getattr) >> #endif >> #ifdef CONFIG_SECURITY_PATH >> BTF_ID(func, security_path_truncate) >> +BTF_ID(func, security_path_notify) >> +BTF_ID(func, security_path_unlink) >> +BTF_ID(func, security_path_mkdir) >> +BTF_ID(func, security_path_rmdir) >> +BTF_ID(func, security_path_mknod) >> +BTF_ID(func, security_path_symlink) >> +BTF_ID(func, security_path_link) >> +BTF_ID(func, security_path_rename) >> +BTF_ID(func, security_path_chmod) >> +BTF_ID(func, security_path_chown) >> +BTF_ID(func, security_path_chroot) >> #endif >> BTF_ID(func, vfs_truncate) >> BTF_ID(func, vfs_fallocate) >> -BTF_ID(func, dentry_open) >> BTF_ID(func, vfs_getattr) >> +BTF_ID(func, vfs_fadvise) >> +BTF_ID(func, vfs_fchmod) >> +BTF_ID(func, vfs_fchown) >> +BTF_ID(func, vfs_open) >> +BTF_ID(func, vfs_setpos) >> +BTF_ID(func, vfs_llseek) >> +BTF_ID(func, vfs_read) >> +BTF_ID(func, vfs_write) >> +BTF_ID(func, vfs_iocb_iter_read) >> +BTF_ID(func, vfs_iter_read) >> +BTF_ID(func, vfs_readv) >> +BTF_ID(func, vfs_iocb_iter_write) >> +BTF_ID(func, vfs_iter_write) >> +BTF_ID(func, vfs_writev) >> +BTF_ID(func, vfs_copy_file_range) >> +BTF_ID(func, vfs_getattr_nosec) >> +BTF_ID(func, vfs_ioctl) >> +BTF_ID(func, vfs_fsync_range) >> +BTF_ID(func, vfs_fsync) >> +BTF_ID(func, vfs_utimes) >> +BTF_ID(func, vfs_statfs) >> +BTF_ID(func, vfs_dedupe_file_range_one) >> +BTF_ID(func, vfs_dedupe_file_range) >> +BTF_ID(func, vfs_clone_file_range) >> +BTF_ID(func, vfs_cancel_lock) >> +BTF_ID(func, vfs_test_lock) >> +BTF_ID(func, vfs_setlease) >> +BTF_ID(func, vfs_lock_file) >> +BTF_ID(func, dentry_open) >> BTF_ID(func, filp_close) >> BTF_SET_END(btf_allowlist_d_path) >> > > Before we lend this expanded list of allowed functions, I think we > should address an issue that comes up from time to time with .BTF_ids. > Sometimes the referenced function can be changed from global to static > and get inlined by the compiler, and thus disappears from BTF > altogether. This will result in kernel build failure causing a lot of > confusion, because the change might be done by people unfamiliar with > the BTF_ID() stuff and not even aware of it. > Thanks for the detailed background. I was able to reproduce this kernel build failure. > This came up a few times before and it's frustrating for everyone > involved. Before we proceed with extending the list further, let's > teach resolve_btfids to warn on such missing function (so that we are > at least aware) but otherwise ignore it (probably leaving ID as zero, > but let's also confirm that all the users of BTF_ID() stuff handle > those zeros correctly). > Do you mean that resolve_btfids should be updated to emit warning messages instead of aborting the build process ? >> -- >> 2.25.1 >>
בתאריך יום ב׳, 19 ביולי 2021 ב-18:43 מאת Hengqi Chen <hengqi.chen@gmail.com>: > > Add vfs_* and security_* to bpf_d_path allowlist, so that we can use > bpf_d_path helper to extract full file path from these functions' > `struct path *` and `struct file *` arguments. This will help tools > like IOVisor's filetop[2]/filelife to get full file path. > > Changes since v1: [1] > - Alexei and Yonghong suggested that bpf_d_path helper could also > apply to vfs_* and security_file_* kernel functions. Added them. > > [1] https://lore.kernel.org/bpf/20210712162424.2034006-1-hengqi.chen@gmail.com/ > [2] https://github.com/iovisor/bcc/issues/3527 > > Signed-off-by: Hengqi Chen <hengqi.chen@gmail.com> > --- > kernel/trace/bpf_trace.c | 50 ++++++++++++++++++++++++++++++++++++++-- > 1 file changed, 48 insertions(+), 2 deletions(-) > > diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c > index 08906007306d..c784f3c7143f 100644 > --- a/kernel/trace/bpf_trace.c > +++ b/kernel/trace/bpf_trace.c > @@ -850,16 +850,62 @@ BPF_CALL_3(bpf_d_path, struct path *, path, char *, buf, u32, sz) > BTF_SET_START(btf_allowlist_d_path) > #ifdef CONFIG_SECURITY > BTF_ID(func, security_file_permission) > -BTF_ID(func, security_inode_getattr) > BTF_ID(func, security_file_open) > +BTF_ID(func, security_file_ioctl) > +BTF_ID(func, security_file_free) > +BTF_ID(func, security_file_alloc) > +BTF_ID(func, security_file_lock) > +BTF_ID(func, security_file_fcntl) > +BTF_ID(func, security_file_set_fowner) > +BTF_ID(func, security_file_receive) > +BTF_ID(func, security_inode_getattr) > #endif > #ifdef CONFIG_SECURITY_PATH > BTF_ID(func, security_path_truncate) > +BTF_ID(func, security_path_notify) > +BTF_ID(func, security_path_unlink) > +BTF_ID(func, security_path_mkdir) > +BTF_ID(func, security_path_rmdir) > +BTF_ID(func, security_path_mknod) > +BTF_ID(func, security_path_symlink) > +BTF_ID(func, security_path_link) > +BTF_ID(func, security_path_rename) > +BTF_ID(func, security_path_chmod) > +BTF_ID(func, security_path_chown) > +BTF_ID(func, security_path_chroot) > #endif > BTF_ID(func, vfs_truncate) > BTF_ID(func, vfs_fallocate) > -BTF_ID(func, dentry_open) > BTF_ID(func, vfs_getattr) > +BTF_ID(func, vfs_fadvise) > +BTF_ID(func, vfs_fchmod) > +BTF_ID(func, vfs_fchown) > +BTF_ID(func, vfs_open) > +BTF_ID(func, vfs_setpos) > +BTF_ID(func, vfs_llseek) > +BTF_ID(func, vfs_read) > +BTF_ID(func, vfs_write) > +BTF_ID(func, vfs_iocb_iter_read) > +BTF_ID(func, vfs_iter_read) > +BTF_ID(func, vfs_readv) > +BTF_ID(func, vfs_iocb_iter_write) > +BTF_ID(func, vfs_iter_write) > +BTF_ID(func, vfs_writev) > +BTF_ID(func, vfs_copy_file_range) > +BTF_ID(func, vfs_getattr_nosec) > +BTF_ID(func, vfs_ioctl) > +BTF_ID(func, vfs_fsync_range) > +BTF_ID(func, vfs_fsync) > +BTF_ID(func, vfs_utimes) > +BTF_ID(func, vfs_statfs) > +BTF_ID(func, vfs_dedupe_file_range_one) > +BTF_ID(func, vfs_dedupe_file_range) > +BTF_ID(func, vfs_clone_file_range) > +BTF_ID(func, vfs_cancel_lock) > +BTF_ID(func, vfs_test_lock) > +BTF_ID(func, vfs_setlease) > +BTF_ID(func, vfs_lock_file) > +BTF_ID(func, dentry_open) > BTF_ID(func, filp_close) > BTF_SET_END(btf_allowlist_d_path) > > -- > 2.25.1 > Thanks for opening this PR! I was looking for a way to do that in a tool I develop (Tracee), and had to implement this functionality by myself: https://github.com/aquasecurity/tracee/blob/main/tracee-ebpf/tracee/tracee.bpf.c#L1494 Maybe It's too much to ask, but I wonder if it will be possible to add other functions to this allowlist. Currently, other than vfs_write(v), and security_file_open, we also need it for security_sb_mount and security_bprm_check. For security_bprm_check() we extract the path from bprm->file->f_path. Actually, any securty_* function that has a struct argument from which it is possible to reach a path struct is a possible candidate for us. In addition to this, we also use it for the sched_process_exec tracepoint, but I'm not sure if adding a tracepoint is related here, as it is not exactly a function. Yaniv
On Wed, Jul 21, 2021 at 10:01 PM Hengqi Chen <hengqi.chen@gmail.com> wrote: > > > > On 2021/7/20 3:02 AM, Andrii Nakryiko wrote: > > On Mon, Jul 19, 2021 at 8:18 AM Hengqi Chen <hengqi.chen@gmail.com> wrote: > >> > >> Add vfs_* and security_* to bpf_d_path allowlist, so that we can use > >> bpf_d_path helper to extract full file path from these functions' > >> `struct path *` and `struct file *` arguments. This will help tools > >> like IOVisor's filetop[2]/filelife to get full file path. > >> > >> Changes since v1: [1] > >> - Alexei and Yonghong suggested that bpf_d_path helper could also > >> apply to vfs_* and security_file_* kernel functions. Added them. > >> > >> [1] https://lore.kernel.org/bpf/20210712162424.2034006-1-hengqi.chen@gmail.com/ > >> [2] https://github.com/iovisor/bcc/issues/3527 > >> > >> Signed-off-by: Hengqi Chen <hengqi.chen@gmail.com> > >> --- > >> kernel/trace/bpf_trace.c | 50 ++++++++++++++++++++++++++++++++++++++-- > >> 1 file changed, 48 insertions(+), 2 deletions(-) > >> > >> diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c > >> index 08906007306d..c784f3c7143f 100644 > >> --- a/kernel/trace/bpf_trace.c > >> +++ b/kernel/trace/bpf_trace.c > >> @@ -850,16 +850,62 @@ BPF_CALL_3(bpf_d_path, struct path *, path, char *, buf, u32, sz) > >> BTF_SET_START(btf_allowlist_d_path) > >> #ifdef CONFIG_SECURITY > >> BTF_ID(func, security_file_permission) > >> -BTF_ID(func, security_inode_getattr) > >> BTF_ID(func, security_file_open) > >> +BTF_ID(func, security_file_ioctl) > >> +BTF_ID(func, security_file_free) > >> +BTF_ID(func, security_file_alloc) > >> +BTF_ID(func, security_file_lock) > >> +BTF_ID(func, security_file_fcntl) > >> +BTF_ID(func, security_file_set_fowner) > >> +BTF_ID(func, security_file_receive) > >> +BTF_ID(func, security_inode_getattr) > >> #endif > >> #ifdef CONFIG_SECURITY_PATH > >> BTF_ID(func, security_path_truncate) > >> +BTF_ID(func, security_path_notify) > >> +BTF_ID(func, security_path_unlink) > >> +BTF_ID(func, security_path_mkdir) > >> +BTF_ID(func, security_path_rmdir) > >> +BTF_ID(func, security_path_mknod) > >> +BTF_ID(func, security_path_symlink) > >> +BTF_ID(func, security_path_link) > >> +BTF_ID(func, security_path_rename) > >> +BTF_ID(func, security_path_chmod) > >> +BTF_ID(func, security_path_chown) > >> +BTF_ID(func, security_path_chroot) > >> #endif > >> BTF_ID(func, vfs_truncate) > >> BTF_ID(func, vfs_fallocate) > >> -BTF_ID(func, dentry_open) > >> BTF_ID(func, vfs_getattr) > >> +BTF_ID(func, vfs_fadvise) > >> +BTF_ID(func, vfs_fchmod) > >> +BTF_ID(func, vfs_fchown) > >> +BTF_ID(func, vfs_open) > >> +BTF_ID(func, vfs_setpos) > >> +BTF_ID(func, vfs_llseek) > >> +BTF_ID(func, vfs_read) > >> +BTF_ID(func, vfs_write) > >> +BTF_ID(func, vfs_iocb_iter_read) > >> +BTF_ID(func, vfs_iter_read) > >> +BTF_ID(func, vfs_readv) > >> +BTF_ID(func, vfs_iocb_iter_write) > >> +BTF_ID(func, vfs_iter_write) > >> +BTF_ID(func, vfs_writev) > >> +BTF_ID(func, vfs_copy_file_range) > >> +BTF_ID(func, vfs_getattr_nosec) > >> +BTF_ID(func, vfs_ioctl) > >> +BTF_ID(func, vfs_fsync_range) > >> +BTF_ID(func, vfs_fsync) > >> +BTF_ID(func, vfs_utimes) > >> +BTF_ID(func, vfs_statfs) > >> +BTF_ID(func, vfs_dedupe_file_range_one) > >> +BTF_ID(func, vfs_dedupe_file_range) > >> +BTF_ID(func, vfs_clone_file_range) > >> +BTF_ID(func, vfs_cancel_lock) > >> +BTF_ID(func, vfs_test_lock) > >> +BTF_ID(func, vfs_setlease) > >> +BTF_ID(func, vfs_lock_file) > >> +BTF_ID(func, dentry_open) > >> BTF_ID(func, filp_close) > >> BTF_SET_END(btf_allowlist_d_path) > >> > > > > Before we lend this expanded list of allowed functions, I think we > > should address an issue that comes up from time to time with .BTF_ids. > > Sometimes the referenced function can be changed from global to static > > and get inlined by the compiler, and thus disappears from BTF > > altogether. This will result in kernel build failure causing a lot of > > confusion, because the change might be done by people unfamiliar with > > the BTF_ID() stuff and not even aware of it. > > > > Thanks for the detailed background. > I was able to reproduce this kernel build failure. > > > This came up a few times before and it's frustrating for everyone > > involved. Before we proceed with extending the list further, let's > > teach resolve_btfids to warn on such missing function (so that we are > > at least aware) but otherwise ignore it (probably leaving ID as zero, > > but let's also confirm that all the users of BTF_ID() stuff handle > > those zeros correctly). > > > > Do you mean that resolve_btfids should be updated to emit warning messages > instead of aborting the build process ? Yes. Just double-check that unresolved BTF IDs are filled out as zeros and don't break anything. > > >> -- > >> 2.25.1 > >>
diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c index 08906007306d..c784f3c7143f 100644 --- a/kernel/trace/bpf_trace.c +++ b/kernel/trace/bpf_trace.c @@ -850,16 +850,62 @@ BPF_CALL_3(bpf_d_path, struct path *, path, char *, buf, u32, sz) BTF_SET_START(btf_allowlist_d_path) #ifdef CONFIG_SECURITY BTF_ID(func, security_file_permission) -BTF_ID(func, security_inode_getattr) BTF_ID(func, security_file_open) +BTF_ID(func, security_file_ioctl) +BTF_ID(func, security_file_free) +BTF_ID(func, security_file_alloc) +BTF_ID(func, security_file_lock) +BTF_ID(func, security_file_fcntl) +BTF_ID(func, security_file_set_fowner) +BTF_ID(func, security_file_receive) +BTF_ID(func, security_inode_getattr) #endif #ifdef CONFIG_SECURITY_PATH BTF_ID(func, security_path_truncate) +BTF_ID(func, security_path_notify) +BTF_ID(func, security_path_unlink) +BTF_ID(func, security_path_mkdir) +BTF_ID(func, security_path_rmdir) +BTF_ID(func, security_path_mknod) +BTF_ID(func, security_path_symlink) +BTF_ID(func, security_path_link) +BTF_ID(func, security_path_rename) +BTF_ID(func, security_path_chmod) +BTF_ID(func, security_path_chown) +BTF_ID(func, security_path_chroot) #endif BTF_ID(func, vfs_truncate) BTF_ID(func, vfs_fallocate) -BTF_ID(func, dentry_open) BTF_ID(func, vfs_getattr) +BTF_ID(func, vfs_fadvise) +BTF_ID(func, vfs_fchmod) +BTF_ID(func, vfs_fchown) +BTF_ID(func, vfs_open) +BTF_ID(func, vfs_setpos) +BTF_ID(func, vfs_llseek) +BTF_ID(func, vfs_read) +BTF_ID(func, vfs_write) +BTF_ID(func, vfs_iocb_iter_read) +BTF_ID(func, vfs_iter_read) +BTF_ID(func, vfs_readv) +BTF_ID(func, vfs_iocb_iter_write) +BTF_ID(func, vfs_iter_write) +BTF_ID(func, vfs_writev) +BTF_ID(func, vfs_copy_file_range) +BTF_ID(func, vfs_getattr_nosec) +BTF_ID(func, vfs_ioctl) +BTF_ID(func, vfs_fsync_range) +BTF_ID(func, vfs_fsync) +BTF_ID(func, vfs_utimes) +BTF_ID(func, vfs_statfs) +BTF_ID(func, vfs_dedupe_file_range_one) +BTF_ID(func, vfs_dedupe_file_range) +BTF_ID(func, vfs_clone_file_range) +BTF_ID(func, vfs_cancel_lock) +BTF_ID(func, vfs_test_lock) +BTF_ID(func, vfs_setlease) +BTF_ID(func, vfs_lock_file) +BTF_ID(func, dentry_open) BTF_ID(func, filp_close) BTF_SET_END(btf_allowlist_d_path)
Add vfs_* and security_* to bpf_d_path allowlist, so that we can use bpf_d_path helper to extract full file path from these functions' `struct path *` and `struct file *` arguments. This will help tools like IOVisor's filetop[2]/filelife to get full file path. Changes since v1: [1] - Alexei and Yonghong suggested that bpf_d_path helper could also apply to vfs_* and security_file_* kernel functions. Added them. [1] https://lore.kernel.org/bpf/20210712162424.2034006-1-hengqi.chen@gmail.com/ [2] https://github.com/iovisor/bcc/issues/3527 Signed-off-by: Hengqi Chen <hengqi.chen@gmail.com> --- kernel/trace/bpf_trace.c | 50 ++++++++++++++++++++++++++++++++++++++-- 1 file changed, 48 insertions(+), 2 deletions(-)