diff mbox series

[bpf-next,v7,4/5] bpf: Make fs kfuncs available for SYSCALL program type

Message ID AM6PR03MB50806C5D9B5314E55D4204A499E62@AM6PR03MB5080.eurprd03.prod.outlook.com (mailing list archive)
State Superseded
Delegated to: BPF
Headers show
Series bpf: Add open-coded style process file iterator and bpf_fget_task() kfunc | expand

Checks

Context Check Description
bpf/vmtest-bpf-next-VM_Test-0 success Logs for Lint
bpf/vmtest-bpf-next-VM_Test-5 success Logs for aarch64-gcc / build-release
bpf/vmtest-bpf-next-VM_Test-1 success Logs for ShellCheck
bpf/vmtest-bpf-next-VM_Test-2 success Logs for Unittests
bpf/vmtest-bpf-next-VM_Test-3 success Logs for Validate matrix.py
bpf/vmtest-bpf-next-VM_Test-19 success Logs for set-matrix
bpf/vmtest-bpf-next-VM_Test-20 fail Logs for x86_64-gcc / build / build for x86_64 with gcc
bpf/vmtest-bpf-next-VM_Test-21 success Logs for x86_64-gcc / build-release
bpf/vmtest-bpf-next-VM_Test-22 success Logs for x86_64-gcc / test
bpf/vmtest-bpf-next-VM_Test-9 success Logs for aarch64-gcc / test (test_verifier, false, 360) / test_verifier on aarch64 with gcc
bpf/vmtest-bpf-next-VM_Test-10 success Logs for aarch64-gcc / veristat-kernel
bpf/vmtest-bpf-next-VM_Test-16 success Logs for s390x-gcc / test (test_verifier, false, 360) / test_verifier on s390x with gcc
bpf/vmtest-bpf-next-VM_Test-4 success Logs for aarch64-gcc / build / build for aarch64 with gcc
bpf/vmtest-bpf-next-VM_Test-18 success Logs for s390x-gcc / veristat-meta
bpf/vmtest-bpf-next-VM_Test-11 success Logs for aarch64-gcc / veristat-meta
bpf/vmtest-bpf-next-VM_Test-23 success Logs for x86_64-gcc / veristat-kernel
bpf/vmtest-bpf-next-VM_Test-13 success Logs for s390x-gcc / build-release
bpf/vmtest-bpf-next-VM_Test-17 success Logs for s390x-gcc / veristat-kernel
bpf/vmtest-bpf-next-VM_Test-12 success Logs for s390x-gcc / build / build for s390x with gcc
bpf/vmtest-bpf-next-VM_Test-24 success Logs for x86_64-gcc / veristat-meta
bpf/vmtest-bpf-next-VM_Test-25 fail Logs for x86_64-llvm-17 / build / build for x86_64 with llvm-17
bpf/vmtest-bpf-next-VM_Test-26 fail Logs for x86_64-llvm-17 / build-release / build for x86_64 with llvm-17-O2
bpf/vmtest-bpf-next-VM_Test-27 success Logs for x86_64-llvm-17 / test
bpf/vmtest-bpf-next-VM_Test-6 success Logs for aarch64-gcc / test (test_maps, false, 360) / test_maps on aarch64 with gcc
bpf/vmtest-bpf-next-VM_Test-28 success Logs for x86_64-llvm-17 / veristat-kernel
bpf/vmtest-bpf-next-VM_Test-29 success Logs for x86_64-llvm-17 / veristat-meta
bpf/vmtest-bpf-next-VM_Test-31 fail Logs for x86_64-llvm-18 / build-release / build for x86_64 with llvm-18-O2
bpf/vmtest-bpf-next-VM_Test-30 fail Logs for x86_64-llvm-18 / build / build for x86_64 with llvm-18
bpf/vmtest-bpf-next-VM_Test-32 success Logs for x86_64-llvm-18 / test
bpf/vmtest-bpf-next-VM_Test-33 success Logs for x86_64-llvm-18 / veristat-kernel
bpf/vmtest-bpf-next-VM_Test-34 success Logs for x86_64-llvm-18 / veristat-meta
bpf/vmtest-bpf-next-PR fail PR summary
bpf/vmtest-bpf-next-VM_Test-15 success Logs for s390x-gcc / test (test_progs_no_alu32, false, 360) / test_progs_no_alu32 on s390x with gcc
bpf/vmtest-bpf-next-VM_Test-7 success Logs for aarch64-gcc / test (test_progs, false, 360) / test_progs on aarch64 with gcc
bpf/vmtest-bpf-next-VM_Test-8 success Logs for aarch64-gcc / test (test_progs_no_alu32, false, 360) / test_progs_no_alu32 on aarch64 with gcc
bpf/vmtest-bpf-next-VM_Test-14 success Logs for s390x-gcc / test (test_progs, false, 360) / test_progs on s390x with gcc
netdev/series_format success Posting correctly formatted
netdev/tree_selection success Clearly marked for bpf-next
netdev/ynl success Generated files up to date; no warnings/errors; no diff in generated;
netdev/fixes_present success Fixes tag not required for -next series
netdev/header_inline success No static functions without inline keyword in header files
netdev/build_32bit success Errors and warnings before: 1 this patch: 1
netdev/build_tools success Errors and warnings before: 0 (+0) this patch: 0 (+0)
netdev/cc_maintainers warning 6 maintainers not CCed: jack@suse.cz mattbobrowski@google.com shuah@kernel.org linux-kselftest@vger.kernel.org viro@zeniv.linux.org.uk mykolal@fb.com
netdev/build_clang success Errors and warnings before: 2 this patch: 2
netdev/verify_signedoff success Signed-off-by tag matches author and committer
netdev/deprecated_api success None detected
netdev/check_selftest success No net selftest shell script
netdev/verify_fixes success No Fixes tag
netdev/build_allmodconfig_warn success Errors and warnings before: 7 this patch: 7
netdev/checkpatch warning WARNING: line length of 90 exceeds 80 columns
netdev/build_clang_rust success No Rust files in patch. Skipping build
netdev/kdoc success Errors and warnings before: 1 this patch: 1
netdev/source_inline success Was 0 now: 0

Commit Message

Juntong Deng Jan. 21, 2025, 1:03 p.m. UTC
Currently fs kfuncs are only available for LSM program type, but fs
kfuncs are generic and useful for scenarios other than LSM.

This patch makes fs kfuncs available for SYSCALL program type.

Signed-off-by: Juntong Deng <juntong.deng@outlook.com>
---
 fs/bpf_fs_kfuncs.c                                 | 14 ++++++--------
 .../selftests/bpf/progs/verifier_vfs_reject.c      | 10 ----------
 2 files changed, 6 insertions(+), 18 deletions(-)

Comments

Alexei Starovoitov Jan. 22, 2025, 12:43 a.m. UTC | #1
On Tue, Jan 21, 2025 at 5:09 AM Juntong Deng <juntong.deng@outlook.com> wrote:
>
> Currently fs kfuncs are only available for LSM program type, but fs
> kfuncs are generic and useful for scenarios other than LSM.
>
> This patch makes fs kfuncs available for SYSCALL program type.
>
> Signed-off-by: Juntong Deng <juntong.deng@outlook.com>
> ---
>  fs/bpf_fs_kfuncs.c                                 | 14 ++++++--------
>  .../selftests/bpf/progs/verifier_vfs_reject.c      | 10 ----------
>  2 files changed, 6 insertions(+), 18 deletions(-)
>
> diff --git a/fs/bpf_fs_kfuncs.c b/fs/bpf_fs_kfuncs.c
> index 4a810046dcf3..8a7e9ed371de 100644
> --- a/fs/bpf_fs_kfuncs.c
> +++ b/fs/bpf_fs_kfuncs.c
> @@ -26,8 +26,6 @@ __bpf_kfunc_start_defs();
>   * acquired by this BPF kfunc will result in the BPF program being rejected by
>   * the BPF verifier.
>   *
> - * This BPF kfunc may only be called from BPF LSM programs.
> - *
>   * Internally, this BPF kfunc leans on get_task_exe_file(), such that calling
>   * bpf_get_task_exe_file() would be analogous to calling get_task_exe_file()
>   * directly in kernel context.
> @@ -49,8 +47,6 @@ __bpf_kfunc struct file *bpf_get_task_exe_file(struct task_struct *task)
>   * passed to this BPF kfunc. Attempting to pass an unreferenced file pointer, or
>   * any other arbitrary pointer for that matter, will result in the BPF program
>   * being rejected by the BPF verifier.
> - *
> - * This BPF kfunc may only be called from BPF LSM programs.
>   */
>  __bpf_kfunc void bpf_put_file(struct file *file)
>  {
> @@ -70,8 +66,6 @@ __bpf_kfunc void bpf_put_file(struct file *file)
>   * reference, or else the BPF program will be outright rejected by the BPF
>   * verifier.
>   *
> - * This BPF kfunc may only be called from BPF LSM programs.
> - *
>   * Return: A positive integer corresponding to the length of the resolved
>   * pathname in *buf*, including the NUL termination character. On error, a
>   * negative integer is returned.
> @@ -184,7 +178,8 @@ BTF_KFUNCS_END(bpf_fs_kfunc_set_ids)
>  static int bpf_fs_kfuncs_filter(const struct bpf_prog *prog, u32 kfunc_id)
>  {
>         if (!btf_id_set8_contains(&bpf_fs_kfunc_set_ids, kfunc_id) ||
> -           prog->type == BPF_PROG_TYPE_LSM)
> +           prog->type == BPF_PROG_TYPE_LSM ||
> +           prog->type == BPF_PROG_TYPE_SYSCALL)
>                 return 0;
>         return -EACCES;
>  }
> @@ -197,7 +192,10 @@ static const struct btf_kfunc_id_set bpf_fs_kfunc_set = {
>
>  static int __init bpf_fs_kfuncs_init(void)
>  {
> -       return register_btf_kfunc_id_set(BPF_PROG_TYPE_LSM, &bpf_fs_kfunc_set);
> +       int ret;
> +
> +       ret = register_btf_kfunc_id_set(BPF_PROG_TYPE_LSM, &bpf_fs_kfunc_set);
> +       return ret ?: register_btf_kfunc_id_set(BPF_PROG_TYPE_SYSCALL, &bpf_fs_kfunc_set);
>  }
>
>  late_initcall(bpf_fs_kfuncs_init);
> diff --git a/tools/testing/selftests/bpf/progs/verifier_vfs_reject.c b/tools/testing/selftests/bpf/progs/verifier_vfs_reject.c
> index d6d3f4fcb24c..5aab75fd2fa5 100644
> --- a/tools/testing/selftests/bpf/progs/verifier_vfs_reject.c
> +++ b/tools/testing/selftests/bpf/progs/verifier_vfs_reject.c
> @@ -148,14 +148,4 @@ int BPF_PROG(path_d_path_kfunc_invalid_buf_sz, struct file *file)
>         return 0;
>  }
>
> -SEC("fentry/vfs_open")
> -__failure __msg("calling kernel function bpf_path_d_path is not allowed")
> -int BPF_PROG(path_d_path_kfunc_non_lsm, struct path *path, struct file *f)
> -{
> -       /* Calling bpf_path_d_path() from a non-LSM BPF program isn't permitted.
> -        */
> -       bpf_path_d_path(path, buf, sizeof(buf));
> -       return 0;
> -}

A leftover from previous versions?
This test should still be rejected by the verifier.
Juntong Deng Jan. 22, 2025, 1:34 p.m. UTC | #2
On 2025/1/22 00:43, Alexei Starovoitov wrote:
> On Tue, Jan 21, 2025 at 5:09 AM Juntong Deng <juntong.deng@outlook.com> wrote:
>>
>> Currently fs kfuncs are only available for LSM program type, but fs
>> kfuncs are generic and useful for scenarios other than LSM.
>>
>> This patch makes fs kfuncs available for SYSCALL program type.
>>
>> Signed-off-by: Juntong Deng <juntong.deng@outlook.com>
>> ---
>>   fs/bpf_fs_kfuncs.c                                 | 14 ++++++--------
>>   .../selftests/bpf/progs/verifier_vfs_reject.c      | 10 ----------
>>   2 files changed, 6 insertions(+), 18 deletions(-)
>>
>> diff --git a/fs/bpf_fs_kfuncs.c b/fs/bpf_fs_kfuncs.c
>> index 4a810046dcf3..8a7e9ed371de 100644
>> --- a/fs/bpf_fs_kfuncs.c
>> +++ b/fs/bpf_fs_kfuncs.c
>> @@ -26,8 +26,6 @@ __bpf_kfunc_start_defs();
>>    * acquired by this BPF kfunc will result in the BPF program being rejected by
>>    * the BPF verifier.
>>    *
>> - * This BPF kfunc may only be called from BPF LSM programs.
>> - *
>>    * Internally, this BPF kfunc leans on get_task_exe_file(), such that calling
>>    * bpf_get_task_exe_file() would be analogous to calling get_task_exe_file()
>>    * directly in kernel context.
>> @@ -49,8 +47,6 @@ __bpf_kfunc struct file *bpf_get_task_exe_file(struct task_struct *task)
>>    * passed to this BPF kfunc. Attempting to pass an unreferenced file pointer, or
>>    * any other arbitrary pointer for that matter, will result in the BPF program
>>    * being rejected by the BPF verifier.
>> - *
>> - * This BPF kfunc may only be called from BPF LSM programs.
>>    */
>>   __bpf_kfunc void bpf_put_file(struct file *file)
>>   {
>> @@ -70,8 +66,6 @@ __bpf_kfunc void bpf_put_file(struct file *file)
>>    * reference, or else the BPF program will be outright rejected by the BPF
>>    * verifier.
>>    *
>> - * This BPF kfunc may only be called from BPF LSM programs.
>> - *
>>    * Return: A positive integer corresponding to the length of the resolved
>>    * pathname in *buf*, including the NUL termination character. On error, a
>>    * negative integer is returned.
>> @@ -184,7 +178,8 @@ BTF_KFUNCS_END(bpf_fs_kfunc_set_ids)
>>   static int bpf_fs_kfuncs_filter(const struct bpf_prog *prog, u32 kfunc_id)
>>   {
>>          if (!btf_id_set8_contains(&bpf_fs_kfunc_set_ids, kfunc_id) ||
>> -           prog->type == BPF_PROG_TYPE_LSM)
>> +           prog->type == BPF_PROG_TYPE_LSM ||
>> +           prog->type == BPF_PROG_TYPE_SYSCALL)
>>                  return 0;
>>          return -EACCES;
>>   }
>> @@ -197,7 +192,10 @@ static const struct btf_kfunc_id_set bpf_fs_kfunc_set = {
>>
>>   static int __init bpf_fs_kfuncs_init(void)
>>   {
>> -       return register_btf_kfunc_id_set(BPF_PROG_TYPE_LSM, &bpf_fs_kfunc_set);
>> +       int ret;
>> +
>> +       ret = register_btf_kfunc_id_set(BPF_PROG_TYPE_LSM, &bpf_fs_kfunc_set);
>> +       return ret ?: register_btf_kfunc_id_set(BPF_PROG_TYPE_SYSCALL, &bpf_fs_kfunc_set);
>>   }
>>
>>   late_initcall(bpf_fs_kfuncs_init);
>> diff --git a/tools/testing/selftests/bpf/progs/verifier_vfs_reject.c b/tools/testing/selftests/bpf/progs/verifier_vfs_reject.c
>> index d6d3f4fcb24c..5aab75fd2fa5 100644
>> --- a/tools/testing/selftests/bpf/progs/verifier_vfs_reject.c
>> +++ b/tools/testing/selftests/bpf/progs/verifier_vfs_reject.c
>> @@ -148,14 +148,4 @@ int BPF_PROG(path_d_path_kfunc_invalid_buf_sz, struct file *file)
>>          return 0;
>>   }
>>
>> -SEC("fentry/vfs_open")
>> -__failure __msg("calling kernel function bpf_path_d_path is not allowed")
>> -int BPF_PROG(path_d_path_kfunc_non_lsm, struct path *path, struct file *f)
>> -{
>> -       /* Calling bpf_path_d_path() from a non-LSM BPF program isn't permitted.
>> -        */
>> -       bpf_path_d_path(path, buf, sizeof(buf));
>> -       return 0;
>> -}
> 
> A leftover from previous versions?
> This test should still be rejected by the verifier.

Thanks for your reply.

Not a leftover.

bpf_path_d_path can be called from SYSCALL program type, not only LSM
program type, so it seems a bit weird to keep this test case?

But if you think we should keep it, I will keep it in the next version.
Alexei Starovoitov Jan. 22, 2025, 5:59 p.m. UTC | #3
On Wed, Jan 22, 2025 at 5:34 AM Juntong Deng <juntong.deng@outlook.com> wrote:
>
> On 2025/1/22 00:43, Alexei Starovoitov wrote:
> > On Tue, Jan 21, 2025 at 5:09 AM Juntong Deng <juntong.deng@outlook.com> wrote:
> >>
> >> Currently fs kfuncs are only available for LSM program type, but fs
> >> kfuncs are generic and useful for scenarios other than LSM.
> >>
> >> This patch makes fs kfuncs available for SYSCALL program type.
> >>
> >> Signed-off-by: Juntong Deng <juntong.deng@outlook.com>
> >> ---
> >>   fs/bpf_fs_kfuncs.c                                 | 14 ++++++--------
> >>   .../selftests/bpf/progs/verifier_vfs_reject.c      | 10 ----------
> >>   2 files changed, 6 insertions(+), 18 deletions(-)
> >>
> >> diff --git a/fs/bpf_fs_kfuncs.c b/fs/bpf_fs_kfuncs.c
> >> index 4a810046dcf3..8a7e9ed371de 100644
> >> --- a/fs/bpf_fs_kfuncs.c
> >> +++ b/fs/bpf_fs_kfuncs.c
> >> @@ -26,8 +26,6 @@ __bpf_kfunc_start_defs();
> >>    * acquired by this BPF kfunc will result in the BPF program being rejected by
> >>    * the BPF verifier.
> >>    *
> >> - * This BPF kfunc may only be called from BPF LSM programs.
> >> - *
> >>    * Internally, this BPF kfunc leans on get_task_exe_file(), such that calling
> >>    * bpf_get_task_exe_file() would be analogous to calling get_task_exe_file()
> >>    * directly in kernel context.
> >> @@ -49,8 +47,6 @@ __bpf_kfunc struct file *bpf_get_task_exe_file(struct task_struct *task)
> >>    * passed to this BPF kfunc. Attempting to pass an unreferenced file pointer, or
> >>    * any other arbitrary pointer for that matter, will result in the BPF program
> >>    * being rejected by the BPF verifier.
> >> - *
> >> - * This BPF kfunc may only be called from BPF LSM programs.
> >>    */
> >>   __bpf_kfunc void bpf_put_file(struct file *file)
> >>   {
> >> @@ -70,8 +66,6 @@ __bpf_kfunc void bpf_put_file(struct file *file)
> >>    * reference, or else the BPF program will be outright rejected by the BPF
> >>    * verifier.
> >>    *
> >> - * This BPF kfunc may only be called from BPF LSM programs.
> >> - *
> >>    * Return: A positive integer corresponding to the length of the resolved
> >>    * pathname in *buf*, including the NUL termination character. On error, a
> >>    * negative integer is returned.
> >> @@ -184,7 +178,8 @@ BTF_KFUNCS_END(bpf_fs_kfunc_set_ids)
> >>   static int bpf_fs_kfuncs_filter(const struct bpf_prog *prog, u32 kfunc_id)
> >>   {
> >>          if (!btf_id_set8_contains(&bpf_fs_kfunc_set_ids, kfunc_id) ||
> >> -           prog->type == BPF_PROG_TYPE_LSM)
> >> +           prog->type == BPF_PROG_TYPE_LSM ||
> >> +           prog->type == BPF_PROG_TYPE_SYSCALL)
> >>                  return 0;
> >>          return -EACCES;
> >>   }
> >> @@ -197,7 +192,10 @@ static const struct btf_kfunc_id_set bpf_fs_kfunc_set = {
> >>
> >>   static int __init bpf_fs_kfuncs_init(void)
> >>   {
> >> -       return register_btf_kfunc_id_set(BPF_PROG_TYPE_LSM, &bpf_fs_kfunc_set);
> >> +       int ret;
> >> +
> >> +       ret = register_btf_kfunc_id_set(BPF_PROG_TYPE_LSM, &bpf_fs_kfunc_set);
> >> +       return ret ?: register_btf_kfunc_id_set(BPF_PROG_TYPE_SYSCALL, &bpf_fs_kfunc_set);
> >>   }
> >>
> >>   late_initcall(bpf_fs_kfuncs_init);
> >> diff --git a/tools/testing/selftests/bpf/progs/verifier_vfs_reject.c b/tools/testing/selftests/bpf/progs/verifier_vfs_reject.c
> >> index d6d3f4fcb24c..5aab75fd2fa5 100644
> >> --- a/tools/testing/selftests/bpf/progs/verifier_vfs_reject.c
> >> +++ b/tools/testing/selftests/bpf/progs/verifier_vfs_reject.c
> >> @@ -148,14 +148,4 @@ int BPF_PROG(path_d_path_kfunc_invalid_buf_sz, struct file *file)
> >>          return 0;
> >>   }
> >>
> >> -SEC("fentry/vfs_open")
> >> -__failure __msg("calling kernel function bpf_path_d_path is not allowed")
> >> -int BPF_PROG(path_d_path_kfunc_non_lsm, struct path *path, struct file *f)
> >> -{
> >> -       /* Calling bpf_path_d_path() from a non-LSM BPF program isn't permitted.
> >> -        */
> >> -       bpf_path_d_path(path, buf, sizeof(buf));
> >> -       return 0;
> >> -}
> >
> > A leftover from previous versions?
> > This test should still be rejected by the verifier.
>
> Thanks for your reply.
>
> Not a leftover.
>
> bpf_path_d_path can be called from SYSCALL program type, not only LSM
> program type, so it seems a bit weird to keep this test case?

How is it weird?
How is this related to syscall prog?
It's a check that fentry prog cannot call it.
Juntong Deng Jan. 22, 2025, 9:20 p.m. UTC | #4
On 2025/1/22 17:59, Alexei Starovoitov wrote:
> On Wed, Jan 22, 2025 at 5:34 AM Juntong Deng <juntong.deng@outlook.com> wrote:
>>
>> On 2025/1/22 00:43, Alexei Starovoitov wrote:
>>> On Tue, Jan 21, 2025 at 5:09 AM Juntong Deng <juntong.deng@outlook.com> wrote:
>>>>
>>>> Currently fs kfuncs are only available for LSM program type, but fs
>>>> kfuncs are generic and useful for scenarios other than LSM.
>>>>
>>>> This patch makes fs kfuncs available for SYSCALL program type.
>>>>
>>>> Signed-off-by: Juntong Deng <juntong.deng@outlook.com>
>>>> ---
>>>>    fs/bpf_fs_kfuncs.c                                 | 14 ++++++--------
>>>>    .../selftests/bpf/progs/verifier_vfs_reject.c      | 10 ----------
>>>>    2 files changed, 6 insertions(+), 18 deletions(-)
>>>>
>>>> diff --git a/fs/bpf_fs_kfuncs.c b/fs/bpf_fs_kfuncs.c
>>>> index 4a810046dcf3..8a7e9ed371de 100644
>>>> --- a/fs/bpf_fs_kfuncs.c
>>>> +++ b/fs/bpf_fs_kfuncs.c
>>>> @@ -26,8 +26,6 @@ __bpf_kfunc_start_defs();
>>>>     * acquired by this BPF kfunc will result in the BPF program being rejected by
>>>>     * the BPF verifier.
>>>>     *
>>>> - * This BPF kfunc may only be called from BPF LSM programs.
>>>> - *
>>>>     * Internally, this BPF kfunc leans on get_task_exe_file(), such that calling
>>>>     * bpf_get_task_exe_file() would be analogous to calling get_task_exe_file()
>>>>     * directly in kernel context.
>>>> @@ -49,8 +47,6 @@ __bpf_kfunc struct file *bpf_get_task_exe_file(struct task_struct *task)
>>>>     * passed to this BPF kfunc. Attempting to pass an unreferenced file pointer, or
>>>>     * any other arbitrary pointer for that matter, will result in the BPF program
>>>>     * being rejected by the BPF verifier.
>>>> - *
>>>> - * This BPF kfunc may only be called from BPF LSM programs.
>>>>     */
>>>>    __bpf_kfunc void bpf_put_file(struct file *file)
>>>>    {
>>>> @@ -70,8 +66,6 @@ __bpf_kfunc void bpf_put_file(struct file *file)
>>>>     * reference, or else the BPF program will be outright rejected by the BPF
>>>>     * verifier.
>>>>     *
>>>> - * This BPF kfunc may only be called from BPF LSM programs.
>>>> - *
>>>>     * Return: A positive integer corresponding to the length of the resolved
>>>>     * pathname in *buf*, including the NUL termination character. On error, a
>>>>     * negative integer is returned.
>>>> @@ -184,7 +178,8 @@ BTF_KFUNCS_END(bpf_fs_kfunc_set_ids)
>>>>    static int bpf_fs_kfuncs_filter(const struct bpf_prog *prog, u32 kfunc_id)
>>>>    {
>>>>           if (!btf_id_set8_contains(&bpf_fs_kfunc_set_ids, kfunc_id) ||
>>>> -           prog->type == BPF_PROG_TYPE_LSM)
>>>> +           prog->type == BPF_PROG_TYPE_LSM ||
>>>> +           prog->type == BPF_PROG_TYPE_SYSCALL)
>>>>                   return 0;
>>>>           return -EACCES;
>>>>    }
>>>> @@ -197,7 +192,10 @@ static const struct btf_kfunc_id_set bpf_fs_kfunc_set = {
>>>>
>>>>    static int __init bpf_fs_kfuncs_init(void)
>>>>    {
>>>> -       return register_btf_kfunc_id_set(BPF_PROG_TYPE_LSM, &bpf_fs_kfunc_set);
>>>> +       int ret;
>>>> +
>>>> +       ret = register_btf_kfunc_id_set(BPF_PROG_TYPE_LSM, &bpf_fs_kfunc_set);
>>>> +       return ret ?: register_btf_kfunc_id_set(BPF_PROG_TYPE_SYSCALL, &bpf_fs_kfunc_set);
>>>>    }
>>>>
>>>>    late_initcall(bpf_fs_kfuncs_init);
>>>> diff --git a/tools/testing/selftests/bpf/progs/verifier_vfs_reject.c b/tools/testing/selftests/bpf/progs/verifier_vfs_reject.c
>>>> index d6d3f4fcb24c..5aab75fd2fa5 100644
>>>> --- a/tools/testing/selftests/bpf/progs/verifier_vfs_reject.c
>>>> +++ b/tools/testing/selftests/bpf/progs/verifier_vfs_reject.c
>>>> @@ -148,14 +148,4 @@ int BPF_PROG(path_d_path_kfunc_invalid_buf_sz, struct file *file)
>>>>           return 0;
>>>>    }
>>>>
>>>> -SEC("fentry/vfs_open")
>>>> -__failure __msg("calling kernel function bpf_path_d_path is not allowed")
>>>> -int BPF_PROG(path_d_path_kfunc_non_lsm, struct path *path, struct file *f)
>>>> -{
>>>> -       /* Calling bpf_path_d_path() from a non-LSM BPF program isn't permitted.
>>>> -        */
>>>> -       bpf_path_d_path(path, buf, sizeof(buf));
>>>> -       return 0;
>>>> -}
>>>
>>> A leftover from previous versions?
>>> This test should still be rejected by the verifier.
>>
>> Thanks for your reply.
>>
>> Not a leftover.
>>
>> bpf_path_d_path can be called from SYSCALL program type, not only LSM
>> program type, so it seems a bit weird to keep this test case?
> 
> How is it weird?
> How is this related to syscall prog?
> It's a check that fentry prog cannot call it.

Sorry, I misunderstood this test case.

This test case is used to test the filtering for aliases.

I will keep it in the next version.
diff mbox series

Patch

diff --git a/fs/bpf_fs_kfuncs.c b/fs/bpf_fs_kfuncs.c
index 4a810046dcf3..8a7e9ed371de 100644
--- a/fs/bpf_fs_kfuncs.c
+++ b/fs/bpf_fs_kfuncs.c
@@ -26,8 +26,6 @@  __bpf_kfunc_start_defs();
  * acquired by this BPF kfunc will result in the BPF program being rejected by
  * the BPF verifier.
  *
- * This BPF kfunc may only be called from BPF LSM programs.
- *
  * Internally, this BPF kfunc leans on get_task_exe_file(), such that calling
  * bpf_get_task_exe_file() would be analogous to calling get_task_exe_file()
  * directly in kernel context.
@@ -49,8 +47,6 @@  __bpf_kfunc struct file *bpf_get_task_exe_file(struct task_struct *task)
  * passed to this BPF kfunc. Attempting to pass an unreferenced file pointer, or
  * any other arbitrary pointer for that matter, will result in the BPF program
  * being rejected by the BPF verifier.
- *
- * This BPF kfunc may only be called from BPF LSM programs.
  */
 __bpf_kfunc void bpf_put_file(struct file *file)
 {
@@ -70,8 +66,6 @@  __bpf_kfunc void bpf_put_file(struct file *file)
  * reference, or else the BPF program will be outright rejected by the BPF
  * verifier.
  *
- * This BPF kfunc may only be called from BPF LSM programs.
- *
  * Return: A positive integer corresponding to the length of the resolved
  * pathname in *buf*, including the NUL termination character. On error, a
  * negative integer is returned.
@@ -184,7 +178,8 @@  BTF_KFUNCS_END(bpf_fs_kfunc_set_ids)
 static int bpf_fs_kfuncs_filter(const struct bpf_prog *prog, u32 kfunc_id)
 {
 	if (!btf_id_set8_contains(&bpf_fs_kfunc_set_ids, kfunc_id) ||
-	    prog->type == BPF_PROG_TYPE_LSM)
+	    prog->type == BPF_PROG_TYPE_LSM ||
+	    prog->type == BPF_PROG_TYPE_SYSCALL)
 		return 0;
 	return -EACCES;
 }
@@ -197,7 +192,10 @@  static const struct btf_kfunc_id_set bpf_fs_kfunc_set = {
 
 static int __init bpf_fs_kfuncs_init(void)
 {
-	return register_btf_kfunc_id_set(BPF_PROG_TYPE_LSM, &bpf_fs_kfunc_set);
+	int ret;
+
+	ret = register_btf_kfunc_id_set(BPF_PROG_TYPE_LSM, &bpf_fs_kfunc_set);
+	return ret ?: register_btf_kfunc_id_set(BPF_PROG_TYPE_SYSCALL, &bpf_fs_kfunc_set);
 }
 
 late_initcall(bpf_fs_kfuncs_init);
diff --git a/tools/testing/selftests/bpf/progs/verifier_vfs_reject.c b/tools/testing/selftests/bpf/progs/verifier_vfs_reject.c
index d6d3f4fcb24c..5aab75fd2fa5 100644
--- a/tools/testing/selftests/bpf/progs/verifier_vfs_reject.c
+++ b/tools/testing/selftests/bpf/progs/verifier_vfs_reject.c
@@ -148,14 +148,4 @@  int BPF_PROG(path_d_path_kfunc_invalid_buf_sz, struct file *file)
 	return 0;
 }
 
-SEC("fentry/vfs_open")
-__failure __msg("calling kernel function bpf_path_d_path is not allowed")
-int BPF_PROG(path_d_path_kfunc_non_lsm, struct path *path, struct file *f)
-{
-	/* Calling bpf_path_d_path() from a non-LSM BPF program isn't permitted.
-	 */
-	bpf_path_d_path(path, buf, sizeof(buf));
-	return 0;
-}
-
 char _license[] SEC("license") = "GPL";