diff options
| author | Martin KaFai Lau <martin.lau@kernel.org> | 2023-11-07 13:26:03 -0800 |
|---|---|---|
| committer | Martin KaFai Lau <martin.lau@kernel.org> | 2023-11-07 15:28:06 -0800 |
| commit | 8e1b802503bb630eafc3e97b2daf755368ec96e1 (patch) | |
| tree | 3de609f4f0ac0e64b1684ce0007776d92833b703 | |
| parent | d84b139f53e8fa8048f16814c6b2a53d7bc15c3d (diff) | |
| parent | 3c5864ba9cf912ff9809f315d28f296f21563cce (diff) | |
Merge branch 'Let BPF verifier consider {task,cgroup} is trusted in bpf_iter_reg'
Chuyi Zhou says:
====================
The patchset aims to let the BPF verivier consider
bpf_iter__cgroup->cgroup and bpf_iter__task->task is trusted suggested by
Alexei[1].
Please see individual patches for more details. And comments are always
welcome.
Link[1]:https://lore.kernel.org/bpf/20231022154527.229117-1-zhouchuyi@bytedance.com/T/#mb57725edc8ccdd50a1b165765c7619b4d65ed1b0
v2->v1:
* Patch #1: Add Yonghong's ack and add description of similar case in
log.
* Patch #2: Add Yonghong's ack
====================
Signed-off-by: Martin KaFai Lau <martin.lau@kernel.org>
| -rw-r--r-- | kernel/bpf/cgroup_iter.c | 2 | ||||
| -rw-r--r-- | kernel/bpf/task_iter.c | 2 | ||||
| -rw-r--r-- | tools/testing/selftests/bpf/progs/iters_css_task.c | 16 |
3 files changed, 6 insertions, 14 deletions
diff --git a/kernel/bpf/cgroup_iter.c b/kernel/bpf/cgroup_iter.c index d1b5c5618dd7..f04a468cf6a7 100644 --- a/kernel/bpf/cgroup_iter.c +++ b/kernel/bpf/cgroup_iter.c @@ -282,7 +282,7 @@ static struct bpf_iter_reg bpf_cgroup_reg_info = { .ctx_arg_info_size = 1, .ctx_arg_info = { { offsetof(struct bpf_iter__cgroup, cgroup), - PTR_TO_BTF_ID_OR_NULL }, + PTR_TO_BTF_ID_OR_NULL | PTR_TRUSTED }, }, .seq_info = &cgroup_iter_seq_info, }; diff --git a/kernel/bpf/task_iter.c b/kernel/bpf/task_iter.c index 4e156dca48de..26082b97894d 100644 --- a/kernel/bpf/task_iter.c +++ b/kernel/bpf/task_iter.c @@ -704,7 +704,7 @@ static struct bpf_iter_reg task_reg_info = { .ctx_arg_info_size = 1, .ctx_arg_info = { { offsetof(struct bpf_iter__task, task), - PTR_TO_BTF_ID_OR_NULL }, + PTR_TO_BTF_ID_OR_NULL | PTR_TRUSTED }, }, .seq_info = &task_seq_info, .fill_link_info = bpf_iter_fill_link_info, diff --git a/tools/testing/selftests/bpf/progs/iters_css_task.c b/tools/testing/selftests/bpf/progs/iters_css_task.c index e180aa1b1d52..9ac758649cb8 100644 --- a/tools/testing/selftests/bpf/progs/iters_css_task.c +++ b/tools/testing/selftests/bpf/progs/iters_css_task.c @@ -56,12 +56,9 @@ SEC("?iter/cgroup") int cgroup_id_printer(struct bpf_iter__cgroup *ctx) { struct seq_file *seq = ctx->meta->seq; - struct cgroup *cgrp, *acquired; + struct cgroup *cgrp = ctx->cgroup; struct cgroup_subsys_state *css; struct task_struct *task; - u64 cgrp_id; - - cgrp = ctx->cgroup; /* epilogue */ if (cgrp == NULL) { @@ -73,20 +70,15 @@ int cgroup_id_printer(struct bpf_iter__cgroup *ctx) if (ctx->meta->seq_num == 0) BPF_SEQ_PRINTF(seq, "prologue\n"); - cgrp_id = cgroup_id(cgrp); - - BPF_SEQ_PRINTF(seq, "%8llu\n", cgrp_id); + BPF_SEQ_PRINTF(seq, "%8llu\n", cgroup_id(cgrp)); - acquired = bpf_cgroup_from_id(cgrp_id); - if (!acquired) - return 0; - css = &acquired->self; + css = &cgrp->self; css_task_cnt = 0; bpf_for_each(css_task, task, css, CSS_TASK_ITER_PROCS) { if (task->pid == target_pid) css_task_cnt++; } - bpf_cgroup_release(acquired); + return 0; } |