diff mbox series

[v2,bpf-next,4/5] bpf: Add a bpf_getxattr kfunc

Message ID 20220621012811.2683313-5-kpsingh@kernel.org (mailing list archive)
State Superseded
Delegated to: BPF
Headers show
Series Add bpf_getxattr | expand

Checks

Context Check Description
netdev/tree_selection success Clearly marked for bpf-next
netdev/fixes_present success Fixes tag not required for -next series
netdev/subject_prefix success Link
netdev/cover_letter success Series has a cover letter
netdev/patch_count success Link
netdev/header_inline success No static functions without inline keyword in header files
netdev/build_32bit fail Errors and warnings before: 11 this patch: 13
netdev/cc_maintainers warning 7 maintainers not CCed: netdev@vger.kernel.org rostedt@goodmis.org songliubraving@fb.com mingo@redhat.com yhs@fb.com john.fastabend@gmail.com kafai@fb.com
netdev/build_clang fail Errors and warnings before: 6 this patch: 8
netdev/module_param success Was 0 now: 0
netdev/verify_signedoff success Signed-off-by tag matches author and committer
netdev/check_selftest success No net selftest shell script
netdev/verify_fixes success No Fixes tag
netdev/build_allmodconfig_warn fail Errors and warnings before: 11 this patch: 13
netdev/checkpatch warning CHECK: Blank lines aren't necessary before a close brace '}'
netdev/kdoc success Errors and warnings before: 0 this patch: 0
netdev/source_inline success Was 0 now: 0
bpf/vmtest-bpf-next-VM_Test-1 success Logs for Kernel LATEST on ubuntu-latest with gcc
bpf/vmtest-bpf-next-VM_Test-2 success Logs for Kernel LATEST on ubuntu-latest with llvm-15
bpf/vmtest-bpf-next-PR fail PR summary
bpf/vmtest-bpf-next-VM_Test-3 fail Logs for Kernel LATEST on z15 with gcc

Commit Message

KP Singh June 21, 2022, 1:28 a.m. UTC 
LSMs like SELinux store security state in xattrs. bpf_getxattr enables
BPF LSM to implement similar functionality. In combination with
bpf_local_storage, xattrs can be used to develop more complex security
policies.

This kfunc wraps around __vfs_getxattr which can sleep and is,
therefore, limited to sleepable programs using the newly added
sleepable_set for kfuncs.

Signed-off-by: KP Singh <kpsingh@kernel.org>
---
 kernel/trace/bpf_trace.c | 36 ++++++++++++++++++++++++++++++++++++
 1 file changed, 36 insertions(+)

Comments

kernel test robot June 21, 2022, 2:38 a.m. UTC | #1 
Hi KP,

I love your patch! Perhaps something to improve:

[auto build test WARNING on bpf-next/master]

url:    https://github.com/intel-lab-lkp/linux/commits/KP-Singh/Add-bpf_getxattr/20220621-093013
base:   https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git master
config: mips-allyesconfig (https://download.01.org/0day-ci/archive/20220621/202206211053.VsuVPf7q-lkp@intel.com/config)
compiler: mips-linux-gcc (GCC) 11.3.0
reproduce (this is a W=1 build):
        wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
        chmod +x ~/bin/make.cross
        # https://github.com/intel-lab-lkp/linux/commit/dd49d2ffb18adceafa98bd517008f59aa9bc910b
        git remote add linux-review https://github.com/intel-lab-lkp/linux
        git fetch --no-tags linux-review KP-Singh/Add-bpf_getxattr/20220621-093013
        git checkout dd49d2ffb18adceafa98bd517008f59aa9bc910b
        # save the config file
        mkdir build_dir && cp config build_dir/.config
        COMPILER_INSTALL_PATH=$HOME/0day COMPILER=gcc-11.3.0 make.cross W=1 O=build_dir ARCH=mips SHELL=/bin/bash kernel/

If you fix the issue, kindly add following tag where applicable
Reported-by: kernel test robot <lkp@intel.com>

All warnings (new ones prefixed by >>):

>> kernel/trace/bpf_trace.c:1185:25: warning: no previous prototype for 'bpf_getxattr' [-Wmissing-prototypes]
    1185 | noinline __weak ssize_t bpf_getxattr(struct dentry *dentry, struct inode *inode,
         |                         ^~~~~~~~~~~~


vim +/bpf_getxattr +1185 kernel/trace/bpf_trace.c

  1184	
> 1185	noinline __weak ssize_t bpf_getxattr(struct dentry *dentry, struct inode *inode,
  1186					     const char *name, void *value, int size)
  1187	{
  1188		return __vfs_getxattr(dentry, inode, name, value, size);
  1189	}
  1190
kernel test robot June 21, 2022, 3:20 a.m. UTC | #2 
Hi KP,

I love your patch! Perhaps something to improve:

[auto build test WARNING on bpf-next/master]

url:    https://github.com/intel-lab-lkp/linux/commits/KP-Singh/Add-bpf_getxattr/20220621-093013
base:   https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git master
config: x86_64-randconfig-a015-20220620 (https://download.01.org/0day-ci/archive/20220621/202206211035.p3LxbVfK-lkp@intel.com/config)
compiler: clang version 15.0.0 (https://github.com/llvm/llvm-project af6d2a0b6825e71965f3e2701a63c239fa0ad70f)
reproduce (this is a W=1 build):
        wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
        chmod +x ~/bin/make.cross
        # https://github.com/intel-lab-lkp/linux/commit/dd49d2ffb18adceafa98bd517008f59aa9bc910b
        git remote add linux-review https://github.com/intel-lab-lkp/linux
        git fetch --no-tags linux-review KP-Singh/Add-bpf_getxattr/20220621-093013
        git checkout dd49d2ffb18adceafa98bd517008f59aa9bc910b
        # save the config file
        mkdir build_dir && cp config build_dir/.config
        COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross W=1 O=build_dir ARCH=x86_64 SHELL=/bin/bash kernel/trace/

If you fix the issue, kindly add following tag where applicable
Reported-by: kernel test robot <lkp@intel.com>

All warnings (new ones prefixed by >>):

>> kernel/trace/bpf_trace.c:1185:25: warning: no previous prototype for function 'bpf_getxattr' [-Wmissing-prototypes]
   noinline __weak ssize_t bpf_getxattr(struct dentry *dentry, struct inode *inode,
                           ^
   kernel/trace/bpf_trace.c:1185:17: note: declare 'static' if the function is not intended to be used outside of this translation unit
   noinline __weak ssize_t bpf_getxattr(struct dentry *dentry, struct inode *inode,
                   ^
                   static 
   1 warning generated.


vim +/bpf_getxattr +1185 kernel/trace/bpf_trace.c

  1184	
> 1185	noinline __weak ssize_t bpf_getxattr(struct dentry *dentry, struct inode *inode,
  1186					     const char *name, void *value, int size)
  1187	{
  1188		return __vfs_getxattr(dentry, inode, name, value, size);
  1189	}
  1190
KP Singh June 21, 2022, 7:18 a.m. UTC | #3 
On Tue, Jun 21, 2022 at 5:20 AM kernel test robot <lkp@intel.com> wrote:
>
> Hi KP,
>
> I love your patch! Perhaps something to improve:
>
> [auto build test WARNING on bpf-next/master]
>
> url:    https://github.com/intel-lab-lkp/linux/commits/KP-Singh/Add-bpf_getxattr/20220621-093013
> base:   https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git master
> config: x86_64-randconfig-a015-20220620 (https://download.01.org/0day-ci/archive/20220621/202206211035.p3LxbVfK-lkp@intel.com/config)
> compiler: clang version 15.0.0 (https://github.com/llvm/llvm-project af6d2a0b6825e71965f3e2701a63c239fa0ad70f)
> reproduce (this is a W=1 build):
>         wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
>         chmod +x ~/bin/make.cross
>         # https://github.com/intel-lab-lkp/linux/commit/dd49d2ffb18adceafa98bd517008f59aa9bc910b
>         git remote add linux-review https://github.com/intel-lab-lkp/linux
>         git fetch --no-tags linux-review KP-Singh/Add-bpf_getxattr/20220621-093013
>         git checkout dd49d2ffb18adceafa98bd517008f59aa9bc910b
>         # save the config file
>         mkdir build_dir && cp config build_dir/.config
>         COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross W=1 O=build_dir ARCH=x86_64 SHELL=/bin/bash kernel/trace/
>
> If you fix the issue, kindly add following tag where applicable
> Reported-by: kernel test robot <lkp@intel.com>
>
> All warnings (new ones prefixed by >>):
>
> >> kernel/trace/bpf_trace.c:1185:25: warning: no previous prototype for function 'bpf_getxattr' [-Wmissing-prototypes]
>    noinline __weak ssize_t bpf_getxattr(struct dentry *dentry, struct inode *inode,
>                            ^
>    kernel/trace/bpf_trace.c:1185:17: note: declare 'static' if the function is not intended to be used outside of this translation unit
>    noinline __weak ssize_t bpf_getxattr(struct dentry *dentry, struct inode *inode,
>                    ^
>                    static
>    1 warning generated.
>

So it looks like this needs a function prototype. Let's do an initial round
of reviews on this series and I can respin with something like:

diff --git a/kernel/trace/bpf_trace.h b/kernel/trace/bpf_trace.h
index 9acbc11ac7bb..3f62e5d35037 100644
--- a/kernel/trace/bpf_trace.h
+++ b/kernel/trace/bpf_trace.h
@@ -25,6 +25,11 @@ TRACE_EVENT(bpf_trace_printk,
        TP_printk("%s", __get_str(bpf_string))
 );

+/* Prototypes for kernel functions exposed to tracing and LSM
+ * programs
+ */
+ssize_t bpf_getxattr(struct dentry *dentry, struct inode *inode,
+                    const char *name, void *value, int size);
 #endif /* _TRACE_BPF_TRACE_H */

(or anything else folks suggest)

- KP

>
> vim +/bpf_getxattr +1185 kernel/trace/bpf_trace.c
>
>   1184
> > 1185  noinline __weak ssize_t bpf_getxattr(struct dentry *dentry, struct inode *inode,
>   1186                                       const char *name, void *value, int size)
>   1187  {
>   1188          return __vfs_getxattr(dentry, inode, name, value, size);
>   1189  }
>   1190
>
> --
> 0-DAY CI Kernel Test Service
> https://01.org/lkp
Kumar Kartikeya Dwivedi June 21, 2022, 12:41 p.m. UTC | #4 
On Tue, Jun 21, 2022 at 12:48:08PM IST, KP Singh wrote:
> On Tue, Jun 21, 2022 at 5:20 AM kernel test robot <lkp@intel.com> wrote:
> >
> > Hi KP,
> >
> > I love your patch! Perhaps something to improve:
> >
> > [auto build test WARNING on bpf-next/master]
> >
> > url:    https://github.com/intel-lab-lkp/linux/commits/KP-Singh/Add-bpf_getxattr/20220621-093013
> > base:   https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next.git master
> > config: x86_64-randconfig-a015-20220620 (https://download.01.org/0day-ci/archive/20220621/202206211035.p3LxbVfK-lkp@intel.com/config)
> > compiler: clang version 15.0.0 (https://github.com/llvm/llvm-project af6d2a0b6825e71965f3e2701a63c239fa0ad70f)
> > reproduce (this is a W=1 build):
> >         wget https://raw.githubusercontent.com/intel/lkp-tests/master/sbin/make.cross -O ~/bin/make.cross
> >         chmod +x ~/bin/make.cross
> >         # https://github.com/intel-lab-lkp/linux/commit/dd49d2ffb18adceafa98bd517008f59aa9bc910b
> >         git remote add linux-review https://github.com/intel-lab-lkp/linux
> >         git fetch --no-tags linux-review KP-Singh/Add-bpf_getxattr/20220621-093013
> >         git checkout dd49d2ffb18adceafa98bd517008f59aa9bc910b
> >         # save the config file
> >         mkdir build_dir && cp config build_dir/.config
> >         COMPILER_INSTALL_PATH=$HOME/0day COMPILER=clang make.cross W=1 O=build_dir ARCH=x86_64 SHELL=/bin/bash kernel/trace/
> >
> > If you fix the issue, kindly add following tag where applicable
> > Reported-by: kernel test robot <lkp@intel.com>
> >
> > All warnings (new ones prefixed by >>):
> >
> > >> kernel/trace/bpf_trace.c:1185:25: warning: no previous prototype for function 'bpf_getxattr' [-Wmissing-prototypes]
> >    noinline __weak ssize_t bpf_getxattr(struct dentry *dentry, struct inode *inode,
> >                            ^
> >    kernel/trace/bpf_trace.c:1185:17: note: declare 'static' if the function is not intended to be used outside of this translation unit
> >    noinline __weak ssize_t bpf_getxattr(struct dentry *dentry, struct inode *inode,
> >                    ^
> >                    static
> >    1 warning generated.
> >
>
> So it looks like this needs a function prototype. Let's do an initial round
> of reviews on this series and I can respin with something like:
>
> diff --git a/kernel/trace/bpf_trace.h b/kernel/trace/bpf_trace.h
> index 9acbc11ac7bb..3f62e5d35037 100644
> --- a/kernel/trace/bpf_trace.h
> +++ b/kernel/trace/bpf_trace.h
> @@ -25,6 +25,11 @@ TRACE_EVENT(bpf_trace_printk,
>         TP_printk("%s", __get_str(bpf_string))
>  );
>
> +/* Prototypes for kernel functions exposed to tracing and LSM
> + * programs
> + */
> +ssize_t bpf_getxattr(struct dentry *dentry, struct inode *inode,
> +                    const char *name, void *value, int size);
>  #endif /* _TRACE_BPF_TRACE_H */
>
> (or anything else folks suggest)
>

You can silence this warning using __diag_push, e.g. see kfunc definitions in
net/netfilter/nf_conntrack_bpf.c.

> - KP
>
> >
> > vim +/bpf_getxattr +1185 kernel/trace/bpf_trace.c
> >
> >   1184
> > > 1185  noinline __weak ssize_t bpf_getxattr(struct dentry *dentry, struct inode *inode,
> >   1186                                       const char *name, void *value, int size)
> >   1187  {
> >   1188          return __vfs_getxattr(dentry, inode, name, value, size);
> >   1189  }
> >   1190
> >
> > --
> > 0-DAY CI Kernel Test Service
> > https://01.org/lkp

--
Kartikeya
KP Singh June 21, 2022, 4:06 p.m. UTC | #5 
On Tue, Jun 21, 2022 at 2:41 PM Kumar Kartikeya Dwivedi
<memxor@gmail.com> wrote:
>
> On Tue, Jun 21, 2022 at 12:48:08PM IST, KP Singh wrote:
> > On Tue, Jun 21, 2022 at 5:20 AM kernel test robot <lkp@intel.com> wrote:
> > >
> > > Hi KP,
> > >
> > > I love your patch! Perhaps something to improve:
> > >
> > > [auto build test WARNING on bpf-next/master]
[...]

> >
>
> You can silence this warning using __diag_push, e.g. see kfunc definitions in
> net/netfilter/nf_conntrack_bpf.c.

Thanks, done.

>
> > - KP
> >
> > >
> > > vim +/bpf_getxattr +1185 kernel/trace/bpf_trace.c
> > >
> > >   1184
> > > > 1185  noinline __weak ssize_t bpf_getxattr(struct dentry *dentry, struct inode *inode,
> > >   1186                                       const char *name, void *value, int size)
> > >   1187  {
> > >   1188          return __vfs_getxattr(dentry, inode, name, value, size);
> > >   1189  }
> > >   1190
> > >
> > > --
> > > 0-DAY CI Kernel Test Service
> > > https://01.org/lkp
>
> --
> Kartikeya
diff mbox series

Patch

diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
index 4be976cf7d63..b5682d55ebde 100644
--- a/kernel/trace/bpf_trace.c
+++ b/kernel/trace/bpf_trace.c
@@ -20,6 +20,7 @@ 
 #include <linux/fprobe.h>
 #include <linux/bsearch.h>
 #include <linux/sort.h>
+#include <linux/xattr.h>
 
 #include <net/bpf_sk_storage.h>
 
@@ -1181,6 +1182,41 @@  static const struct bpf_func_proto bpf_get_func_arg_cnt_proto = {
 	.arg1_type	= ARG_PTR_TO_CTX,
 };
 
+noinline __weak ssize_t bpf_getxattr(struct dentry *dentry, struct inode *inode,
+				     const char *name, void *value, int size)
+{
+	return __vfs_getxattr(dentry, inode, name, value, size);
+}
+
+BTF_SET_START(bpf_trace_kfunc_ids)
+BTF_ID(func, bpf_getxattr)
+BTF_SET_END(bpf_trace_kfunc_ids)
+
+BTF_SET_START(bpf_trace_sleepable_kfunc_ids)
+BTF_ID(func, bpf_getxattr)
+BTF_SET_END(bpf_trace_sleepable_kfunc_ids)
+
+static const struct btf_kfunc_id_set bpf_trace_kfunc_set = {
+	.owner = THIS_MODULE,
+	.check_set = &bpf_trace_kfunc_ids,
+	.sleepable_set = &bpf_trace_sleepable_kfunc_ids,
+};
+
+static int __init bpf_trace_kfunc_init(void)
+{
+	int ret;
+
+	ret = register_btf_kfunc_id_set(BPF_PROG_TYPE_TRACING,
+					&bpf_trace_kfunc_set);
+	if (!ret)
+		return ret;
+
+	return register_btf_kfunc_id_set(BPF_PROG_TYPE_LSM,
+					&bpf_trace_kfunc_set);
+
+}
+late_initcall(bpf_trace_kfunc_init);
+
 static const struct bpf_func_proto *
 bpf_tracing_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog)
 {