From: Matt Bobrowski <mattbobrowski@google.com>
To: bpf@vger.kernel.org
Cc: ast@kernel.org, andrii@kernel.org, kpsingh@google.com,
jannh@google.com, jolsa@kernel.org, daniel@iogearbox.net,
brauner@kernel.org, linux-fsdevel@vger.kernel.org
Subject: [PATCH bpf-next 00/11] bpf: probe-read bpf_d_path() and add new acquire/release BPF kfuncs
Date: Tue, 20 Feb 2024 09:27:14 +0000 [thread overview]
Message-ID: <cover.1708377880.git.mattbobrowski@google.com> (raw)
On a number of occasions [0, 1, 2], usage of the pre-existing BPF
helper bpf_d_path() under certain circumstances has led to memory
corruption issues.
This patch series intends to address bpf_d_path()'s susceptibility to
such memory corruption issues by fundamentally swapping out the
underlying bpf_d_path() implementation such that it makes use of
probe-read semantics. Enforcing probe-read semantics onto bpf_d_path()
however doesn't come without it's own set of limitations. Therefore,
to overcome such limitations, this patch series also adds new BPF
kfunc based infrastructure which ultimately allows BPF program authors
to adopt a safer and true implementation of d_path() moving forward
which is fundamentally backed by KF_TRUSTED_ARGS semantics.
[0] https://lore.kernel.org/bpf/CAG48ez0ppjcT=QxU-jtCUfb5xQb3mLr=5FcwddF_VKfEBPs_Dg@mail.gmail.com/
[1] https://lore.kernel.org/bpf/20230606181714.532998-1-jolsa@kernel.org/
[2] https://lore.kernel.org/bpf/20220219113744.1852259-1-memxor@gmail.com/
Matt Bobrowski (11):
bpf: make bpf_d_path() helper use probe-read semantics
bpf/selftests: adjust selftests for BPF helper bpf_d_path()
bpf: rename fs_kfunc_set_ids to lsm_kfunc_set_ids
bpf: add new acquire/release BPF kfuncs for mm_struct
bpf/selftests: add selftests for mm_struct acquire/release BPF kfuncs
bpf: add new acquire/release based BPF kfuncs for exe_file
bpf/selftests: add selftests for exe_file acquire/release BPF kfuncs
bpf: add acquire/release based BPF kfuncs for fs_struct's paths
bpf/selftests: add selftests for root/pwd path based BPF kfuncs
bpf: add trusted d_path() based BPF kfunc bpf_path_d_path()
bpf/selftests: adapt selftests test_d_path for BPF kfunc
bpf_path_d_path()
fs/Makefile | 6 +-
fs/probe_read_d_path.c | 150 +++++++++++
include/linux/probe_read_d_path.h | 13 +
kernel/trace/bpf_trace.c | 249 ++++++++++++++++--
.../testing/selftests/bpf/prog_tests/d_path.c | 182 +++++++++++--
.../selftests/bpf/prog_tests/exe_file_kfunc.c | 49 ++++
.../selftests/bpf/prog_tests/mm_kfunc.c | 48 ++++
.../selftests/bpf/prog_tests/path_kfunc.c | 48 ++++
.../selftests/bpf/progs/d_path_common.h | 34 +++
.../bpf/progs/d_path_kfunc_failure.c | 66 +++++
.../bpf/progs/d_path_kfunc_success.c | 25 ++
.../bpf/progs/exe_file_kfunc_common.h | 23 ++
.../bpf/progs/exe_file_kfunc_failure.c | 181 +++++++++++++
.../bpf/progs/exe_file_kfunc_success.c | 52 ++++
.../selftests/bpf/progs/mm_kfunc_common.h | 19 ++
.../selftests/bpf/progs/mm_kfunc_failure.c | 103 ++++++++
.../selftests/bpf/progs/mm_kfunc_success.c | 30 +++
.../selftests/bpf/progs/path_kfunc_common.h | 20 ++
.../selftests/bpf/progs/path_kfunc_failure.c | 114 ++++++++
.../selftests/bpf/progs/path_kfunc_success.c | 30 +++
.../testing/selftests/bpf/progs/test_d_path.c | 20 +-
.../bpf/progs/test_d_path_check_rdonly_mem.c | 6 +-
.../bpf/progs/test_d_path_check_types.c | 6 +-
23 files changed, 1396 insertions(+), 78 deletions(-)
create mode 100644 fs/probe_read_d_path.c
create mode 100644 include/linux/probe_read_d_path.h
create mode 100644 tools/testing/selftests/bpf/prog_tests/exe_file_kfunc.c
create mode 100644 tools/testing/selftests/bpf/prog_tests/mm_kfunc.c
create mode 100644 tools/testing/selftests/bpf/prog_tests/path_kfunc.c
create mode 100644 tools/testing/selftests/bpf/progs/d_path_common.h
create mode 100644 tools/testing/selftests/bpf/progs/d_path_kfunc_failure.c
create mode 100644 tools/testing/selftests/bpf/progs/d_path_kfunc_success.c
create mode 100644 tools/testing/selftests/bpf/progs/exe_file_kfunc_common.h
create mode 100644 tools/testing/selftests/bpf/progs/exe_file_kfunc_failure.c
create mode 100644 tools/testing/selftests/bpf/progs/exe_file_kfunc_success.c
create mode 100644 tools/testing/selftests/bpf/progs/mm_kfunc_common.h
create mode 100644 tools/testing/selftests/bpf/progs/mm_kfunc_failure.c
create mode 100644 tools/testing/selftests/bpf/progs/mm_kfunc_success.c
create mode 100644 tools/testing/selftests/bpf/progs/path_kfunc_common.h
create mode 100644 tools/testing/selftests/bpf/progs/path_kfunc_failure.c
create mode 100644 tools/testing/selftests/bpf/progs/path_kfunc_success.c
--
2.44.0.rc0.258.g7320e95886-goog
/M
next reply other threads:[~2024-02-20 9:27 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-02-20 9:27 Matt Bobrowski [this message]
2024-02-20 9:27 ` [PATCH bpf-next 01/11] bpf: make bpf_d_path() helper use probe-read semantics Matt Bobrowski
2024-02-20 9:48 ` Christian Brauner
2024-02-20 13:22 ` Matt Bobrowski
2024-02-21 7:55 ` Christian Brauner
2024-02-21 13:38 ` Matt Bobrowski
2024-02-20 9:27 ` [PATCH bpf-next 02/11] bpf/selftests: adjust selftests for BPF helper bpf_d_path() Matt Bobrowski
2024-02-20 9:27 ` [PATCH bpf-next 03/11] bpf: rename fs_kfunc_set_ids to lsm_kfunc_set_ids Matt Bobrowski
2024-02-20 9:27 ` [PATCH bpf-next 04/11] bpf: add new acquire/release BPF kfuncs for mm_struct Matt Bobrowski
2024-02-20 9:27 ` [PATCH bpf-next 05/11] bpf/selftests: add selftests for mm_struct acquire/release BPF kfuncs Matt Bobrowski
2024-02-20 9:28 ` [PATCH bpf-next 06/11] bpf: add new acquire/release based BPF kfuncs for exe_file Matt Bobrowski
2024-02-20 9:28 ` [PATCH bpf-next 07/11] bpf/selftests: add selftests for exe_file acquire/release BPF kfuncs Matt Bobrowski
2024-02-20 9:28 ` [PATCH bpf-next 08/11] bpf: add acquire/release based BPF kfuncs for fs_struct's paths Matt Bobrowski
2024-02-20 9:28 ` [PATCH bpf-next 09/11] bpf/selftests: add selftests for root/pwd path based BPF kfuncs Matt Bobrowski
2024-02-20 9:28 ` [PATCH bpf-next 10/11] bpf: add trusted d_path() based BPF kfunc bpf_path_d_path() Matt Bobrowski
2024-02-20 9:28 ` [PATCH bpf-next 11/11] bpf/selftests: adapt selftests test_d_path for " Matt Bobrowski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=cover.1708377880.git.mattbobrowski@google.com \
--to=mattbobrowski@google.com \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=brauner@kernel.org \
--cc=daniel@iogearbox.net \
--cc=jannh@google.com \
--cc=jolsa@kernel.org \
--cc=kpsingh@google.com \
--cc=linux-fsdevel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).