| Context |
Check |
Description |
| bpf/vmtest-bpf-next-PR |
fail
|
PR summary
|
| netdev/series_format |
success
|
Posting correctly formatted
|
| netdev/tree_selection |
success
|
Clearly marked for bpf-next
|
| netdev/ynl |
success
|
Generated files up to date;
no warnings/errors;
no diff in generated;
|
| netdev/fixes_present |
success
|
Fixes tag not required for -next series
|
| netdev/header_inline |
success
|
No static functions without inline keyword in header files
|
| netdev/build_32bit |
fail
|
Errors and warnings before: 962 this patch: 967
|
| netdev/build_tools |
success
|
No tools touched, skip
|
| netdev/cc_maintainers |
warning
|
12 maintainers not CCed: song@kernel.org john.fastabend@gmail.com eddyz87@gmail.com yonghong.song@linux.dev haoluo@google.com mhiramat@kernel.org sdf@google.com martin.lau@linux.dev rostedt@goodmis.org kpsingh@kernel.org mathieu.desnoyers@efficios.com linux-trace-kernel@vger.kernel.org
|
| netdev/build_clang |
fail
|
Errors and warnings before: 957 this patch: 959
|
| netdev/verify_signedoff |
success
|
Signed-off-by tag matches author and committer
|
| netdev/deprecated_api |
success
|
None detected
|
| netdev/check_selftest |
success
|
No net selftest shell script
|
| netdev/verify_fixes |
success
|
No Fixes tag
|
| netdev/build_allmodconfig_warn |
fail
|
Errors and warnings before: 978 this patch: 983
|
| netdev/checkpatch |
warning
|
WARNING: Block comments should align the * on each line
WARNING: please, no space before tabs
|
| netdev/build_clang_rust |
success
|
No Rust files in patch. Skipping build
|
| netdev/kdoc |
fail
|
Errors and warnings before: 0 this patch: 2
|
| netdev/source_inline |
success
|
Was 0 now: 0
|
| bpf/vmtest-bpf-next-VM_Test-0 |
success
|
Logs for Lint
|
| bpf/vmtest-bpf-next-VM_Test-3 |
success
|
Logs for Validate matrix.py
|
| bpf/vmtest-bpf-next-VM_Test-2 |
success
|
Logs for Unittests
|
| bpf/vmtest-bpf-next-VM_Test-1 |
success
|
Logs for ShellCheck
|
| bpf/vmtest-bpf-next-VM_Test-5 |
success
|
Logs for aarch64-gcc / build-release
|
| bpf/vmtest-bpf-next-VM_Test-10 |
success
|
Logs for aarch64-gcc / veristat
|
| bpf/vmtest-bpf-next-VM_Test-11 |
success
|
Logs for s390x-gcc / build / build for s390x with gcc
|
| bpf/vmtest-bpf-next-VM_Test-12 |
success
|
Logs for s390x-gcc / build-release
|
| bpf/vmtest-bpf-next-VM_Test-4 |
success
|
Logs for aarch64-gcc / build / build for aarch64 with gcc
|
| bpf/vmtest-bpf-next-VM_Test-17 |
success
|
Logs for s390x-gcc / veristat
|
| bpf/vmtest-bpf-next-VM_Test-18 |
success
|
Logs for set-matrix
|
| bpf/vmtest-bpf-next-VM_Test-19 |
success
|
Logs for x86_64-gcc / build / build for x86_64 with gcc
|
| bpf/vmtest-bpf-next-VM_Test-20 |
success
|
Logs for x86_64-gcc / build-release
|
| bpf/vmtest-bpf-next-VM_Test-28 |
fail
|
Logs for x86_64-llvm-17 / build / build for x86_64 with llvm-17
|
| bpf/vmtest-bpf-next-VM_Test-30 |
success
|
Logs for x86_64-llvm-17 / test
|
| bpf/vmtest-bpf-next-VM_Test-31 |
success
|
Logs for x86_64-llvm-17 / veristat
|
| bpf/vmtest-bpf-next-VM_Test-32 |
fail
|
Logs for x86_64-llvm-18 / build / build for x86_64 with llvm-18
|
| bpf/vmtest-bpf-next-VM_Test-34 |
success
|
Logs for x86_64-llvm-18 / test
|
| bpf/vmtest-bpf-next-VM_Test-35 |
success
|
Logs for x86_64-llvm-18 / veristat
|
| bpf/vmtest-bpf-next-VM_Test-9 |
success
|
Logs for aarch64-gcc / test (test_verifier, false, 360) / test_verifier on aarch64 with gcc
|
| bpf/vmtest-bpf-next-VM_Test-6 |
success
|
Logs for aarch64-gcc / test (test_maps, false, 360) / test_maps on aarch64 with gcc
|
| bpf/vmtest-bpf-next-VM_Test-16 |
success
|
Logs for s390x-gcc / test (test_verifier, false, 360) / test_verifier on s390x with gcc
|
| bpf/vmtest-bpf-next-VM_Test-21 |
success
|
Logs for x86_64-gcc / test (test_maps, false, 360) / test_maps on x86_64 with gcc
|
| bpf/vmtest-bpf-next-VM_Test-26 |
success
|
Logs for x86_64-gcc / test (test_verifier, false, 360) / test_verifier on x86_64 with gcc
|
| bpf/vmtest-bpf-next-VM_Test-8 |
success
|
Logs for aarch64-gcc / test (test_progs_no_alu32, false, 360) / test_progs_no_alu32 on aarch64 with gcc
|
| bpf/vmtest-bpf-next-VM_Test-7 |
success
|
Logs for aarch64-gcc / test (test_progs, false, 360) / test_progs on aarch64 with gcc
|
| bpf/vmtest-bpf-next-VM_Test-22 |
success
|
Logs for x86_64-gcc / test (test_progs, false, 360) / test_progs on x86_64 with gcc
|
| bpf/vmtest-bpf-next-VM_Test-23 |
success
|
Logs for x86_64-gcc / test (test_progs_no_alu32, false, 360) / test_progs_no_alu32 on x86_64 with gcc
|
| bpf/vmtest-bpf-next-VM_Test-24 |
success
|
Logs for x86_64-gcc / test (test_progs_no_alu32_parallel, true, 30) / test_progs_no_alu32_parallel on x86_64 with gcc
|
| bpf/vmtest-bpf-next-VM_Test-25 |
success
|
Logs for x86_64-gcc / test (test_progs_parallel, true, 30) / test_progs_parallel on x86_64 with gcc
|
| bpf/vmtest-bpf-next-VM_Test-27 |
success
|
Logs for x86_64-gcc / veristat / veristat on x86_64 with gcc
|
| bpf/vmtest-bpf-next-VM_Test-13 |
success
|
Logs for s390x-gcc / test (test_maps, false, 360) / test_maps on s390x with gcc
|
| bpf/vmtest-bpf-next-VM_Test-33 |
fail
|
Logs for x86_64-llvm-18 / build-release / build for x86_64 with llvm-18 and -O2 optimization
|
| bpf/vmtest-bpf-next-VM_Test-15 |
success
|
Logs for s390x-gcc / test (test_progs_no_alu32, false, 360) / test_progs_no_alu32 on s390x with gcc
|
| bpf/vmtest-bpf-next-VM_Test-29 |
fail
|
Logs for x86_64-llvm-17 / build-release / build for x86_64 with llvm-17 and -O2 optimization
|
| bpf/vmtest-bpf-next-VM_Test-14 |
success
|
Logs for s390x-gcc / test (test_progs, false, 360) / test_progs on s390x with gcc
|
@@ -10,6 +10,7 @@
#include <linux/bpf_perf_event.h>
#include <linux/btf.h>
#include <linux/filter.h>
+#include <linux/fs_struct.h>
#include <linux/uaccess.h>
#include <linux/ctype.h>
#include <linux/kprobes.h>
@@ -1569,6 +1570,83 @@ __bpf_kfunc void bpf_put_file(struct file *f)
fput(f);
}
+/**
+ * bpf_get_task_fs_root - get a reference on the fs_struct's root path for the
+ * supplied task_struct
+ * @Task: task_struct of which the fs_struct's root path to get a reference on
+ *
+ * Get a reference on the root path nested within the fs_struct of the
+ * associated *task*. The referenced path retruned from this kfunc must be
+ * released using bpf_put_path().
+ *
+ * Return: A referenced path pointer to the root path nested within the
+ * fs_struct of the supplied *task*, or NULL.
+ */
+__bpf_kfunc struct path *bpf_get_task_fs_root(struct task_struct *task)
+{
+ struct path *root;
+ struct fs_struct *fs;
+
+ task_lock(task);
+ fs = task->fs;
+ if (unlikely(fs)) {
+ task_unlock(task);
+ return NULL;
+ }
+
+ spin_lock(&fs->lock);
+ root = &fs->root;
+ path_get(root);
+ spin_unlock(&fs->lock);
+ task_unlock(task);
+
+ return root;
+}
+
+/**
+ * bpf_get_task_fs_pwd - get a reference on the fs_struct's pwd path for the
+ * supplied task_struct
+ * @task: task_struct of which the fs_struct's pwd path to get a reference on
+ *
+ * Get a reference on the pwd path nested within the fs_struct of the associated
+ * *task*. The referenced path retruned from this kfunc must be released using
+ * bpf_put_path().
+ *
+ * Return: A referenced path pointer to the root path nested within the
+ * fs_struct of the supplied *task*, or NULL.
+ */
+__bpf_kfunc struct path *bpf_get_task_fs_pwd(struct task_struct *task)
+{
+ struct path *pwd;
+ struct fs_struct *fs;
+
+ task_lock(task);
+ fs = task->fs;
+ if (unlikely(fs)) {
+ task_unlock(task);
+ return NULL;
+ }
+
+ spin_lock(&fs->lock);
+ pwd = &fs->pwd;
+ path_get(pwd);
+ spin_unlock(&fs->lock);
+ task_unlock(task);
+
+ return pwd;
+}
+
+/**
+ * bpf_put_path - put a reference on the supplied path
+ * @path: path of which to put a reference on
+ *
+ * Put a reference on the supplied *path*.
+ */
+__bpf_kfunc void bpf_put_path(struct path *path)
+{
+ path_put(path);
+}
+
__bpf_kfunc_end_defs();
BTF_KFUNCS_START(lsm_kfunc_set_ids)
@@ -1580,6 +1658,11 @@ BTF_ID_FLAGS(func, bpf_get_task_exe_file,
BTF_ID_FLAGS(func, bpf_get_mm_exe_file,
KF_ACQUIRE | KF_TRUSTED_ARGS | KF_RET_NULL)
BTF_ID_FLAGS(func, bpf_put_file, KF_RELEASE | KF_SLEEPABLE)
+BTF_ID_FLAGS(func, bpf_get_task_fs_root,
+ KF_ACQUIRE | KF_TRUSTED_ARGS | KF_RET_NULL)
+BTF_ID_FLAGS(func, bpf_get_task_fs_pwd,
+ KF_ACQUIRE | KF_TRUSTED_ARGS | KF_RET_NULL)
+BTF_ID_FLAGS(func, bpf_put_path, KF_RELEASE | KF_SLEEPABLE)
BTF_KFUNCS_END(lsm_kfunc_set_ids)
static int bpf_lsm_kfunc_filter(const struct bpf_prog *prog, u32 kfunc_id)
Add the ability to obtain a reference on the root and pwd paths which are nested within the fs_struct associated with a supplied task_struct. Both fs_struct's root and pwd are commonly operated on in BPF LSM program types and at times are further handed off to BPF helpers and such. There needs to be a mechanism that supports BPF LSM program types the ability to obtain stable handles to such paths in order to avoid possible memory corruption bugs [0]. We provide this mechanism through the introduction of the following new KF_ACQUIRE/KF_RELEASE BPF kfuncs: struct path *bpf_get_task_fs_root(struct task_struct *task); struct path *bpf_get_task_fs_pwd(struct task_struct *task); void bpf_put_path(struct path *path); Note that bpf_get_task_fs_root() and bpf_get_task_fs_pwd() are effectively open-coded variants of the in-kernel helpers get_fs_root() and get_fs_pwd(). We don't lean on these in-kernel helpers directly within the newly introduced BPF kfuncs as leaning on them would be rather awkward as we're wanting to return referenced path pointers directly BPF LSM program types. [0] https://lore.kernel.org/bpf/CAG48ez0ppjcT=QxU-jtCUfb5xQb3mLr=5FcwddF_VKfEBPs_Dg@mail.gmail.com/ Signed-off-by: Matt Bobrowski <mattbobrowski@google.com> --- kernel/trace/bpf_trace.c | 83 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 83 insertions(+)