[PATCH v2 1/1] bpf: Drop unprotected find_vpid() in favour of find_get_pid()

[PATCH v2 1/1] bpf: Drop unprotected find_vpid() in favour of find_get_pid()

[Lee Jones]

The documentation for find_pid() clearly states:

  "Must be called with the tasklist_lock or rcu_read_lock() held."

Presently we do neither.

Let's use find_get_pid() which searches for the vpid, then takes a
reference to it preventing early free, all within the safety of
rcu_read_lock().  Once we have our reference we can safely make use of
it up until the point it is put.

Cc: Alexei Starovoitov <ast@kernel.org>
Cc: Daniel Borkmann <daniel@iogearbox.net>
Cc: John Fastabend <john.fastabend@gmail.com>
Cc: Andrii Nakryiko <andrii@kernel.org>
Cc: Martin KaFai Lau <martin.lau@linux.dev>
Cc: Song Liu <song@kernel.org>
Cc: Yonghong Song <yhs@fb.com>
Cc: KP Singh <kpsingh@kernel.org>
Cc: Stanislav Fomichev <sdf@google.com>
Cc: Hao Luo <haoluo@google.com>
Cc: Jiri Olsa <jolsa@kernel.org>
Cc: bpf@vger.kernel.org
Fixes: 41bdc4b40ed6f ("bpf: introduce bpf subcommand BPF_TASK_FD_QUERY")
Signed-off-by: Lee Jones <lee@kernel.org>
---

v1 => v2:
  * Commit log update - no code differences

 kernel/bpf/syscall.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
index 83c7136c5788d..c20cff30581c4 100644
--- a/kernel/bpf/syscall.c
+++ b/kernel/bpf/syscall.c
@@ -4385,6 +4385,7 @@ static int bpf_task_fd_query(const union bpf_attr *attr,
 	const struct perf_event *event;
 	struct task_struct *task;
 	struct file *file;
+	struct pid *ppid;
 	int err;
 
 	if (CHECK_ATTR(BPF_TASK_FD_QUERY))
@@ -4396,7 +4397,9 @@ static int bpf_task_fd_query(const union bpf_attr *attr,
 	if (attr->task_fd_query.flags != 0)
 		return -EINVAL;
 
-	task = get_pid_task(find_vpid(pid), PIDTYPE_PID);
+	ppid = find_get_pid(pid);
+	task = get_pid_task(ppid, PIDTYPE_PID);
+	put_pid(ppid);
 	if (!task)
 		return -ENOENT;
 
-- 
2.37.1.455.g008518b4e5-goog

Re: [PATCH v2 1/1] bpf: Drop unprotected find_vpid() in favour of find_get_pid()

[Jiri Olsa]

On Wed, Aug 03, 2022 at 02:48:21PM +0100, Lee Jones wrote:
> The documentation for find_pid() clearly states:

nit: typo find_vpid

> 
>   "Must be called with the tasklist_lock or rcu_read_lock() held."
> 
> Presently we do neither.
> 
> Let's use find_get_pid() which searches for the vpid, then takes a
> reference to it preventing early free, all within the safety of
> rcu_read_lock().  Once we have our reference we can safely make use of
> it up until the point it is put.
> 
> Cc: Alexei Starovoitov <ast@kernel.org>
> Cc: Daniel Borkmann <daniel@iogearbox.net>
> Cc: John Fastabend <john.fastabend@gmail.com>
> Cc: Andrii Nakryiko <andrii@kernel.org>
> Cc: Martin KaFai Lau <martin.lau@linux.dev>
> Cc: Song Liu <song@kernel.org>
> Cc: Yonghong Song <yhs@fb.com>
> Cc: KP Singh <kpsingh@kernel.org>
> Cc: Stanislav Fomichev <sdf@google.com>
> Cc: Hao Luo <haoluo@google.com>
> Cc: Jiri Olsa <jolsa@kernel.org>
> Cc: bpf@vger.kernel.org
> Fixes: 41bdc4b40ed6f ("bpf: introduce bpf subcommand BPF_TASK_FD_QUERY")
> Signed-off-by: Lee Jones <lee@kernel.org>

Acked-by: Jiri Olsa <jolsa@kernel.org>

jirka

> ---
> 
> v1 => v2:
>   * Commit log update - no code differences
> 
>  kernel/bpf/syscall.c | 5 ++++-
>  1 file changed, 4 insertions(+), 1 deletion(-)
> 
> diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
> index 83c7136c5788d..c20cff30581c4 100644
> --- a/kernel/bpf/syscall.c
> +++ b/kernel/bpf/syscall.c
> @@ -4385,6 +4385,7 @@ static int bpf_task_fd_query(const union bpf_attr *attr,
>  	const struct perf_event *event;
>  	struct task_struct *task;
>  	struct file *file;
> +	struct pid *ppid;
>  	int err;
>  
>  	if (CHECK_ATTR(BPF_TASK_FD_QUERY))
> @@ -4396,7 +4397,9 @@ static int bpf_task_fd_query(const union bpf_attr *attr,
>  	if (attr->task_fd_query.flags != 0)
>  		return -EINVAL;
>  
> -	task = get_pid_task(find_vpid(pid), PIDTYPE_PID);
> +	ppid = find_get_pid(pid);
> +	task = get_pid_task(ppid, PIDTYPE_PID);
> +	put_pid(ppid);
>  	if (!task)
>  		return -ENOENT;
>  
> -- 
> 2.37.1.455.g008518b4e5-goog
> 

Re: [PATCH v2 1/1] bpf: Drop unprotected find_vpid() in favour of find_get_pid()

[Alexei Starovoitov]

On Wed, Aug 3, 2022 at 6:48 AM Lee Jones <lee@kernel.org> wrote:
>
> The documentation for find_pid() clearly states:
>
>   "Must be called with the tasklist_lock or rcu_read_lock() held."
>
> Presently we do neither.
>
> Let's use find_get_pid() which searches for the vpid, then takes a
> reference to it preventing early free, all within the safety of
> rcu_read_lock().  Once we have our reference we can safely make use of
> it up until the point it is put.
>
> Cc: Alexei Starovoitov <ast@kernel.org>
> Cc: Daniel Borkmann <daniel@iogearbox.net>
> Cc: John Fastabend <john.fastabend@gmail.com>
> Cc: Andrii Nakryiko <andrii@kernel.org>
> Cc: Martin KaFai Lau <martin.lau@linux.dev>
> Cc: Song Liu <song@kernel.org>
> Cc: Yonghong Song <yhs@fb.com>
> Cc: KP Singh <kpsingh@kernel.org>
> Cc: Stanislav Fomichev <sdf@google.com>
> Cc: Hao Luo <haoluo@google.com>
> Cc: Jiri Olsa <jolsa@kernel.org>
> Cc: bpf@vger.kernel.org
> Fixes: 41bdc4b40ed6f ("bpf: introduce bpf subcommand BPF_TASK_FD_QUERY")
> Signed-off-by: Lee Jones <lee@kernel.org>
> ---
>
> v1 => v2:
>   * Commit log update - no code differences
>
>  kernel/bpf/syscall.c | 5 ++++-
>  1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
> index 83c7136c5788d..c20cff30581c4 100644
> --- a/kernel/bpf/syscall.c
> +++ b/kernel/bpf/syscall.c
> @@ -4385,6 +4385,7 @@ static int bpf_task_fd_query(const union bpf_attr *attr,
>         const struct perf_event *event;
>         struct task_struct *task;
>         struct file *file;
> +       struct pid *ppid;
>         int err;
>
>         if (CHECK_ATTR(BPF_TASK_FD_QUERY))
> @@ -4396,7 +4397,9 @@ static int bpf_task_fd_query(const union bpf_attr *attr,
>         if (attr->task_fd_query.flags != 0)
>                 return -EINVAL;
>
> -       task = get_pid_task(find_vpid(pid), PIDTYPE_PID);
> +       ppid = find_get_pid(pid);
> +       task = get_pid_task(ppid, PIDTYPE_PID);
> +       put_pid(ppid);

rcu_read_lock/unlock around this line
would be a cheaper and faster alternative than pid's
refcount inc/dec.

Re: [PATCH v2 1/1] bpf: Drop unprotected find_vpid() in favour of find_get_pid()

[Lee Jones]

On Thu, 04 Aug 2022, Alexei Starovoitov wrote:

> On Wed, Aug 3, 2022 at 6:48 AM Lee Jones <lee@kernel.org> wrote:
> >
> > The documentation for find_pid() clearly states:
> >
> >   "Must be called with the tasklist_lock or rcu_read_lock() held."
> >
> > Presently we do neither.
> >
> > Let's use find_get_pid() which searches for the vpid, then takes a
> > reference to it preventing early free, all within the safety of
> > rcu_read_lock().  Once we have our reference we can safely make use of
> > it up until the point it is put.
> >
> > Cc: Alexei Starovoitov <ast@kernel.org>
> > Cc: Daniel Borkmann <daniel@iogearbox.net>
> > Cc: John Fastabend <john.fastabend@gmail.com>
> > Cc: Andrii Nakryiko <andrii@kernel.org>
> > Cc: Martin KaFai Lau <martin.lau@linux.dev>
> > Cc: Song Liu <song@kernel.org>
> > Cc: Yonghong Song <yhs@fb.com>
> > Cc: KP Singh <kpsingh@kernel.org>
> > Cc: Stanislav Fomichev <sdf@google.com>
> > Cc: Hao Luo <haoluo@google.com>
> > Cc: Jiri Olsa <jolsa@kernel.org>
> > Cc: bpf@vger.kernel.org
> > Fixes: 41bdc4b40ed6f ("bpf: introduce bpf subcommand BPF_TASK_FD_QUERY")
> > Signed-off-by: Lee Jones <lee@kernel.org>
> > ---
> >
> > v1 => v2:
> >   * Commit log update - no code differences
> >
> >  kernel/bpf/syscall.c | 5 ++++-
> >  1 file changed, 4 insertions(+), 1 deletion(-)
> >
> > diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
> > index 83c7136c5788d..c20cff30581c4 100644
> > --- a/kernel/bpf/syscall.c
> > +++ b/kernel/bpf/syscall.c
> > @@ -4385,6 +4385,7 @@ static int bpf_task_fd_query(const union bpf_attr *attr,
> >         const struct perf_event *event;
> >         struct task_struct *task;
> >         struct file *file;
> > +       struct pid *ppid;
> >         int err;
> >
> >         if (CHECK_ATTR(BPF_TASK_FD_QUERY))
> > @@ -4396,7 +4397,9 @@ static int bpf_task_fd_query(const union bpf_attr *attr,
> >         if (attr->task_fd_query.flags != 0)
> >                 return -EINVAL;
> >
> > -       task = get_pid_task(find_vpid(pid), PIDTYPE_PID);
> > +       ppid = find_get_pid(pid);
> > +       task = get_pid_task(ppid, PIDTYPE_PID);
> > +       put_pid(ppid);
> 
> rcu_read_lock/unlock around this line
> would be a cheaper and faster alternative than pid's
> refcount inc/dec.

This was already discussed here:

https://lore.kernel.org/all/YtsFT1yFtb7UW2Xu@krava/

-- 
Lee Jones [李琼斯]

Re: [PATCH v2 1/1] bpf: Drop unprotected find_vpid() in favour of find_get_pid()

[Lee Jones]

On Wed, 03 Aug 2022, Jiri Olsa wrote:

> On Wed, Aug 03, 2022 at 02:48:21PM +0100, Lee Jones wrote:
> > The documentation for find_pid() clearly states:
> 
> nit: typo find_vpid

Sorry missed this.

Will fix.

> >   "Must be called with the tasklist_lock or rcu_read_lock() held."
> > 
> > Presently we do neither.
> > 
> > Let's use find_get_pid() which searches for the vpid, then takes a
> > reference to it preventing early free, all within the safety of
> > rcu_read_lock().  Once we have our reference we can safely make use of
> > it up until the point it is put.
> > 
> > Cc: Alexei Starovoitov <ast@kernel.org>
> > Cc: Daniel Borkmann <daniel@iogearbox.net>
> > Cc: John Fastabend <john.fastabend@gmail.com>
> > Cc: Andrii Nakryiko <andrii@kernel.org>
> > Cc: Martin KaFai Lau <martin.lau@linux.dev>
> > Cc: Song Liu <song@kernel.org>
> > Cc: Yonghong Song <yhs@fb.com>
> > Cc: KP Singh <kpsingh@kernel.org>
> > Cc: Stanislav Fomichev <sdf@google.com>
> > Cc: Hao Luo <haoluo@google.com>
> > Cc: Jiri Olsa <jolsa@kernel.org>
> > Cc: bpf@vger.kernel.org
> > Fixes: 41bdc4b40ed6f ("bpf: introduce bpf subcommand BPF_TASK_FD_QUERY")
> > Signed-off-by: Lee Jones <lee@kernel.org>
> 
> Acked-by: Jiri Olsa <jolsa@kernel.org>

Thanks.

-- 
Lee Jones [李琼斯]

Re: [PATCH v2 1/1] bpf: Drop unprotected find_vpid() in favour of find_get_pid()

[Alexei Starovoitov]

On Mon, Aug 8, 2022 at 11:50 PM Lee Jones <lee@kernel.org> wrote:
>
> On Thu, 04 Aug 2022, Alexei Starovoitov wrote:
>
> > On Wed, Aug 3, 2022 at 6:48 AM Lee Jones <lee@kernel.org> wrote:
> > >
> > > The documentation for find_pid() clearly states:
> > >
> > >   "Must be called with the tasklist_lock or rcu_read_lock() held."
> > >
> > > Presently we do neither.
> > >
> > > Let's use find_get_pid() which searches for the vpid, then takes a
> > > reference to it preventing early free, all within the safety of
> > > rcu_read_lock().  Once we have our reference we can safely make use of
> > > it up until the point it is put.
> > >
> > > Cc: Alexei Starovoitov <ast@kernel.org>
> > > Cc: Daniel Borkmann <daniel@iogearbox.net>
> > > Cc: John Fastabend <john.fastabend@gmail.com>
> > > Cc: Andrii Nakryiko <andrii@kernel.org>
> > > Cc: Martin KaFai Lau <martin.lau@linux.dev>
> > > Cc: Song Liu <song@kernel.org>
> > > Cc: Yonghong Song <yhs@fb.com>
> > > Cc: KP Singh <kpsingh@kernel.org>
> > > Cc: Stanislav Fomichev <sdf@google.com>
> > > Cc: Hao Luo <haoluo@google.com>
> > > Cc: Jiri Olsa <jolsa@kernel.org>
> > > Cc: bpf@vger.kernel.org
> > > Fixes: 41bdc4b40ed6f ("bpf: introduce bpf subcommand BPF_TASK_FD_QUERY")
> > > Signed-off-by: Lee Jones <lee@kernel.org>
> > > ---
> > >
> > > v1 => v2:
> > >   * Commit log update - no code differences
> > >
> > >  kernel/bpf/syscall.c | 5 ++++-
> > >  1 file changed, 4 insertions(+), 1 deletion(-)
> > >
> > > diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
> > > index 83c7136c5788d..c20cff30581c4 100644
> > > --- a/kernel/bpf/syscall.c
> > > +++ b/kernel/bpf/syscall.c
> > > @@ -4385,6 +4385,7 @@ static int bpf_task_fd_query(const union bpf_attr *attr,
> > >         const struct perf_event *event;
> > >         struct task_struct *task;
> > >         struct file *file;
> > > +       struct pid *ppid;
> > >         int err;
> > >
> > >         if (CHECK_ATTR(BPF_TASK_FD_QUERY))
> > > @@ -4396,7 +4397,9 @@ static int bpf_task_fd_query(const union bpf_attr *attr,
> > >         if (attr->task_fd_query.flags != 0)
> > >                 return -EINVAL;
> > >
> > > -       task = get_pid_task(find_vpid(pid), PIDTYPE_PID);
> > > +       ppid = find_get_pid(pid);
> > > +       task = get_pid_task(ppid, PIDTYPE_PID);
> > > +       put_pid(ppid);
> >
> > rcu_read_lock/unlock around this line
> > would be a cheaper and faster alternative than pid's
> > refcount inc/dec.
>
> This was already discussed here:
>
> https://lore.kernel.org/all/YtsFT1yFtb7UW2Xu@krava/

Since several people thought about rcu_read_lock instead of your
approach it means that it's preferred.
Sooner or later somebody will send a patch to optimize
refcnt into rcu_read_lock.
So let's avoid the churn and do it now.

Re: [PATCH v2 1/1] bpf: Drop unprotected find_vpid() in favour of find_get_pid()

[Lee Jones]

On Tue, 09 Aug 2022, Alexei Starovoitov wrote:

> On Mon, Aug 8, 2022 at 11:50 PM Lee Jones <lee@kernel.org> wrote:
> >
> > On Thu, 04 Aug 2022, Alexei Starovoitov wrote:
> >
> > > On Wed, Aug 3, 2022 at 6:48 AM Lee Jones <lee@kernel.org> wrote:
> > > >
> > > > The documentation for find_pid() clearly states:
> > > >
> > > >   "Must be called with the tasklist_lock or rcu_read_lock() held."
> > > >
> > > > Presently we do neither.
> > > >
> > > > Let's use find_get_pid() which searches for the vpid, then takes a
> > > > reference to it preventing early free, all within the safety of
> > > > rcu_read_lock().  Once we have our reference we can safely make use of
> > > > it up until the point it is put.
> > > >
> > > > Cc: Alexei Starovoitov <ast@kernel.org>
> > > > Cc: Daniel Borkmann <daniel@iogearbox.net>
> > > > Cc: John Fastabend <john.fastabend@gmail.com>
> > > > Cc: Andrii Nakryiko <andrii@kernel.org>
> > > > Cc: Martin KaFai Lau <martin.lau@linux.dev>
> > > > Cc: Song Liu <song@kernel.org>
> > > > Cc: Yonghong Song <yhs@fb.com>
> > > > Cc: KP Singh <kpsingh@kernel.org>
> > > > Cc: Stanislav Fomichev <sdf@google.com>
> > > > Cc: Hao Luo <haoluo@google.com>
> > > > Cc: Jiri Olsa <jolsa@kernel.org>
> > > > Cc: bpf@vger.kernel.org
> > > > Fixes: 41bdc4b40ed6f ("bpf: introduce bpf subcommand BPF_TASK_FD_QUERY")
> > > > Signed-off-by: Lee Jones <lee@kernel.org>
> > > > ---
> > > >
> > > > v1 => v2:
> > > >   * Commit log update - no code differences
> > > >
> > > >  kernel/bpf/syscall.c | 5 ++++-
> > > >  1 file changed, 4 insertions(+), 1 deletion(-)
> > > >
> > > > diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
> > > > index 83c7136c5788d..c20cff30581c4 100644
> > > > --- a/kernel/bpf/syscall.c
> > > > +++ b/kernel/bpf/syscall.c
> > > > @@ -4385,6 +4385,7 @@ static int bpf_task_fd_query(const union bpf_attr *attr,
> > > >         const struct perf_event *event;
> > > >         struct task_struct *task;
> > > >         struct file *file;
> > > > +       struct pid *ppid;
> > > >         int err;
> > > >
> > > >         if (CHECK_ATTR(BPF_TASK_FD_QUERY))
> > > > @@ -4396,7 +4397,9 @@ static int bpf_task_fd_query(const union bpf_attr *attr,
> > > >         if (attr->task_fd_query.flags != 0)
> > > >                 return -EINVAL;
> > > >
> > > > -       task = get_pid_task(find_vpid(pid), PIDTYPE_PID);
> > > > +       ppid = find_get_pid(pid);
> > > > +       task = get_pid_task(ppid, PIDTYPE_PID);
> > > > +       put_pid(ppid);
> > >
> > > rcu_read_lock/unlock around this line
> > > would be a cheaper and faster alternative than pid's
> > > refcount inc/dec.
> >
> > This was already discussed here:
> >
> > https://lore.kernel.org/all/YtsFT1yFtb7UW2Xu@krava/
> 
> Since several people thought about rcu_read_lock instead of your
> approach it means that it's preferred.
> Sooner or later somebody will send a patch to optimize
> refcnt into rcu_read_lock.
> So let's avoid the churn and do it now.

I'm not wed to either approach.  Please discuss it with Yonghong and
Jiri and I'll do whatever is agreed upon.

-- 
Lee Jones [李琼斯]

Re: [PATCH v2 1/1] bpf: Drop unprotected find_vpid() in favour of find_get_pid()

[Jiri Olsa]

On Wed, Aug 10, 2022 at 12:03:33PM +0100, Lee Jones wrote:
> On Tue, 09 Aug 2022, Alexei Starovoitov wrote:
> 
> > On Mon, Aug 8, 2022 at 11:50 PM Lee Jones <lee@kernel.org> wrote:
> > >
> > > On Thu, 04 Aug 2022, Alexei Starovoitov wrote:
> > >
> > > > On Wed, Aug 3, 2022 at 6:48 AM Lee Jones <lee@kernel.org> wrote:
> > > > >
> > > > > The documentation for find_pid() clearly states:
> > > > >
> > > > >   "Must be called with the tasklist_lock or rcu_read_lock() held."
> > > > >
> > > > > Presently we do neither.
> > > > >
> > > > > Let's use find_get_pid() which searches for the vpid, then takes a
> > > > > reference to it preventing early free, all within the safety of
> > > > > rcu_read_lock().  Once we have our reference we can safely make use of
> > > > > it up until the point it is put.
> > > > >
> > > > > Cc: Alexei Starovoitov <ast@kernel.org>
> > > > > Cc: Daniel Borkmann <daniel@iogearbox.net>
> > > > > Cc: John Fastabend <john.fastabend@gmail.com>
> > > > > Cc: Andrii Nakryiko <andrii@kernel.org>
> > > > > Cc: Martin KaFai Lau <martin.lau@linux.dev>
> > > > > Cc: Song Liu <song@kernel.org>
> > > > > Cc: Yonghong Song <yhs@fb.com>
> > > > > Cc: KP Singh <kpsingh@kernel.org>
> > > > > Cc: Stanislav Fomichev <sdf@google.com>
> > > > > Cc: Hao Luo <haoluo@google.com>
> > > > > Cc: Jiri Olsa <jolsa@kernel.org>
> > > > > Cc: bpf@vger.kernel.org
> > > > > Fixes: 41bdc4b40ed6f ("bpf: introduce bpf subcommand BPF_TASK_FD_QUERY")
> > > > > Signed-off-by: Lee Jones <lee@kernel.org>
> > > > > ---
> > > > >
> > > > > v1 => v2:
> > > > >   * Commit log update - no code differences
> > > > >
> > > > >  kernel/bpf/syscall.c | 5 ++++-
> > > > >  1 file changed, 4 insertions(+), 1 deletion(-)
> > > > >
> > > > > diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
> > > > > index 83c7136c5788d..c20cff30581c4 100644
> > > > > --- a/kernel/bpf/syscall.c
> > > > > +++ b/kernel/bpf/syscall.c
> > > > > @@ -4385,6 +4385,7 @@ static int bpf_task_fd_query(const union bpf_attr *attr,
> > > > >         const struct perf_event *event;
> > > > >         struct task_struct *task;
> > > > >         struct file *file;
> > > > > +       struct pid *ppid;
> > > > >         int err;
> > > > >
> > > > >         if (CHECK_ATTR(BPF_TASK_FD_QUERY))
> > > > > @@ -4396,7 +4397,9 @@ static int bpf_task_fd_query(const union bpf_attr *attr,
> > > > >         if (attr->task_fd_query.flags != 0)
> > > > >                 return -EINVAL;
> > > > >
> > > > > -       task = get_pid_task(find_vpid(pid), PIDTYPE_PID);
> > > > > +       ppid = find_get_pid(pid);
> > > > > +       task = get_pid_task(ppid, PIDTYPE_PID);
> > > > > +       put_pid(ppid);
> > > >
> > > > rcu_read_lock/unlock around this line
> > > > would be a cheaper and faster alternative than pid's
> > > > refcount inc/dec.
> > >
> > > This was already discussed here:
> > >
> > > https://lore.kernel.org/all/YtsFT1yFtb7UW2Xu@krava/
> > 
> > Since several people thought about rcu_read_lock instead of your
> > approach it means that it's preferred.
> > Sooner or later somebody will send a patch to optimize
> > refcnt into rcu_read_lock.
> > So let's avoid the churn and do it now.
> 
> I'm not wed to either approach.  Please discuss it with Yonghong and
> Jiri and I'll do whatever is agreed upon.

yea, I thought using rcu_read_lock would be better, but I did not
have strong feelings against doing the pid's refcount inc/dec when
Yonghong supported that.. now with Alexei it's 2 against 1 in favour
of using rcu_read_lock ;-)

jirka

Re: [PATCH v2 1/1] bpf: Drop unprotected find_vpid() in favour of find_get_pid()

[Yonghong Song]

On 8/10/22 4:03 AM, Lee Jones wrote:
> On Tue, 09 Aug 2022, Alexei Starovoitov wrote:
> 
>> On Mon, Aug 8, 2022 at 11:50 PM Lee Jones <lee@kernel.org> wrote:
>>>
>>> On Thu, 04 Aug 2022, Alexei Starovoitov wrote:
>>>
>>>> On Wed, Aug 3, 2022 at 6:48 AM Lee Jones <lee@kernel.org> wrote:
>>>>>
>>>>> The documentation for find_pid() clearly states:
>>>>>
>>>>>    "Must be called with the tasklist_lock or rcu_read_lock() held."
>>>>>
>>>>> Presently we do neither.
>>>>>
>>>>> Let's use find_get_pid() which searches for the vpid, then takes a
>>>>> reference to it preventing early free, all within the safety of
>>>>> rcu_read_lock().  Once we have our reference we can safely make use of
>>>>> it up until the point it is put.
>>>>>
>>>>> Cc: Alexei Starovoitov <ast@kernel.org>
>>>>> Cc: Daniel Borkmann <daniel@iogearbox.net>
>>>>> Cc: John Fastabend <john.fastabend@gmail.com>
>>>>> Cc: Andrii Nakryiko <andrii@kernel.org>
>>>>> Cc: Martin KaFai Lau <martin.lau@linux.dev>
>>>>> Cc: Song Liu <song@kernel.org>
>>>>> Cc: Yonghong Song <yhs@fb.com>
>>>>> Cc: KP Singh <kpsingh@kernel.org>
>>>>> Cc: Stanislav Fomichev <sdf@google.com>
>>>>> Cc: Hao Luo <haoluo@google.com>
>>>>> Cc: Jiri Olsa <jolsa@kernel.org>
>>>>> Cc: bpf@vger.kernel.org
>>>>> Fixes: 41bdc4b40ed6f ("bpf: introduce bpf subcommand BPF_TASK_FD_QUERY")
>>>>> Signed-off-by: Lee Jones <lee@kernel.org>
>>>>> ---
>>>>>
>>>>> v1 => v2:
>>>>>    * Commit log update - no code differences
>>>>>
>>>>>   kernel/bpf/syscall.c | 5 ++++-
>>>>>   1 file changed, 4 insertions(+), 1 deletion(-)
>>>>>
>>>>> diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
>>>>> index 83c7136c5788d..c20cff30581c4 100644
>>>>> --- a/kernel/bpf/syscall.c
>>>>> +++ b/kernel/bpf/syscall.c
>>>>> @@ -4385,6 +4385,7 @@ static int bpf_task_fd_query(const union bpf_attr *attr,
>>>>>          const struct perf_event *event;
>>>>>          struct task_struct *task;
>>>>>          struct file *file;
>>>>> +       struct pid *ppid;
>>>>>          int err;
>>>>>
>>>>>          if (CHECK_ATTR(BPF_TASK_FD_QUERY))
>>>>> @@ -4396,7 +4397,9 @@ static int bpf_task_fd_query(const union bpf_attr *attr,
>>>>>          if (attr->task_fd_query.flags != 0)
>>>>>                  return -EINVAL;
>>>>>
>>>>> -       task = get_pid_task(find_vpid(pid), PIDTYPE_PID);
>>>>> +       ppid = find_get_pid(pid);
>>>>> +       task = get_pid_task(ppid, PIDTYPE_PID);
>>>>> +       put_pid(ppid);
>>>>
>>>> rcu_read_lock/unlock around this line
>>>> would be a cheaper and faster alternative than pid's
>>>> refcount inc/dec.
>>>
>>> This was already discussed here:
>>>
>>> https://lore.kernel.org/all/YtsFT1yFtb7UW2Xu@krava/
>>
>> Since several people thought about rcu_read_lock instead of your
>> approach it means that it's preferred.
>> Sooner or later somebody will send a patch to optimize
>> refcnt into rcu_read_lock.
>> So let's avoid the churn and do it now.
> 
> I'm not wed to either approach.  Please discuss it with Yonghong and
> Jiri and I'll do whatever is agreed upon.

Hi, Lee, Let us just do rcu_read_lock() approach then. I am okay with 
that. Thanks!

>