From: Stanislav Fomichev <sdf@google.com>
To: netdev@vger.kernel.org, bpf@vger.kernel.org
Cc: davem@davemloft.net, ast@kernel.org, daniel@iogearbox.net,
Stanislav Fomichev <sdf@google.com>
Subject: [PATCH bpf-next 1/3] bpf: preserve command of the process that loaded the program
Date: Fri, 11 Oct 2019 09:21:22 -0700 [thread overview]
Message-ID: <20191011162124.52982-1-sdf@google.com> (raw)
Even though we have the pointer to user_struct and can recover
uid of the user who has created the program, it usually contains
0 (root) which is not very informative. Let's store the comm of the
calling process and export it via bpf_prog_info. This should help
answer the question "which process loaded this particular program".
Signed-off-by: Stanislav Fomichev <sdf@google.com>
---
include/linux/bpf.h | 1 +
include/uapi/linux/bpf.h | 2 ++
kernel/bpf/syscall.c | 4 ++++
3 files changed, 7 insertions(+)
diff --git a/include/linux/bpf.h b/include/linux/bpf.h
index 5b9d22338606..b03ea396afe5 100644
--- a/include/linux/bpf.h
+++ b/include/linux/bpf.h
@@ -421,6 +421,7 @@ struct bpf_prog_aux {
struct work_struct work;
struct rcu_head rcu;
};
+ char created_by_comm[BPF_CREATED_COMM_LEN];
};
struct bpf_array {
diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h
index a65c3b0c6935..4e883ecbba1e 100644
--- a/include/uapi/linux/bpf.h
+++ b/include/uapi/linux/bpf.h
@@ -326,6 +326,7 @@ enum bpf_attach_type {
#define BPF_F_NUMA_NODE (1U << 2)
#define BPF_OBJ_NAME_LEN 16U
+#define BPF_CREATED_COMM_LEN 16U
/* Flags for accessing BPF object from syscall side. */
#define BPF_F_RDONLY (1U << 3)
@@ -3252,6 +3253,7 @@ struct bpf_prog_info {
__aligned_u64 prog_tags;
__u64 run_time_ns;
__u64 run_cnt;
+ char created_by_comm[BPF_CREATED_COMM_LEN];
} __attribute__((aligned(8)));
struct bpf_map_info {
diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
index 82eabd4e38ad..51c125292eaf 100644
--- a/kernel/bpf/syscall.c
+++ b/kernel/bpf/syscall.c
@@ -1735,6 +1735,8 @@ static int bpf_prog_load(union bpf_attr *attr, union bpf_attr __user *uattr)
bpf_prog_kallsyms_add(prog);
perf_event_bpf_event(prog, PERF_BPF_EVENT_PROG_LOAD, 0);
+ get_task_comm(prog->aux->created_by_comm, current);
+
err = bpf_prog_new_fd(prog);
if (err < 0)
bpf_prog_put(prog);
@@ -2337,6 +2339,8 @@ static int bpf_prog_get_info_by_fd(struct bpf_prog *prog,
memcpy(info.tag, prog->tag, sizeof(prog->tag));
memcpy(info.name, prog->aux->name, sizeof(prog->aux->name));
+ memcpy(info.created_by_comm, prog->aux->created_by_comm,
+ sizeof(prog->aux->created_by_comm));
ulen = info.nr_map_ids;
info.nr_map_ids = prog->aux->used_map_cnt;
--
2.23.0.700.g56cf767bdb-goog
next reply other threads:[~2019-10-11 16:21 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-10-11 16:21 Stanislav Fomichev [this message]
2019-10-11 16:21 ` [PATCH bpf-next 2/3] tools/bpf: sync bpf.h Stanislav Fomichev
2019-10-11 16:21 ` [PATCH bpf-next 3/3] bpftool: print the comm of the process that loaded the program Stanislav Fomichev
2019-10-11 20:19 ` Martin Lau
2019-10-11 20:37 ` Stanislav Fomichev
2019-10-11 21:11 ` Arnaldo Carvalho de Melo
2019-10-11 21:30 ` Stanislav Fomichev
2019-10-12 0:10 ` [PATCH bpf-next 1/3] bpf: preserve command " Alexei Starovoitov
2019-10-12 0:38 ` Stanislav Fomichev
2019-10-15 21:21 ` debug annotations for bpf progs. Was: " Alexei Starovoitov
2019-10-15 22:14 ` Andrii Nakryiko
2019-10-15 22:24 ` Alexei Starovoitov
2019-10-15 22:33 ` Andrii Nakryiko
2019-10-15 22:48 ` Alexei Starovoitov
2019-10-15 22:26 ` Stanislav Fomichev
2019-10-16 14:01 ` Daniel Borkmann
2019-10-17 16:28 ` Stanislav Fomichev
2019-10-18 6:19 ` Alexei Starovoitov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191011162124.52982-1-sdf@google.com \
--to=sdf@google.com \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=davem@davemloft.net \
--cc=netdev@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).