Introduce bpf_kern_path and bpf_path_put #6427
Open
+422
−12
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Let the BPF verifier to recognize const char * arguments from LSM hooks (and other BPF program types) as valid const string pointers that can be passed to kfuncs expecting KF_ARG_PTR_TO_CONST_STR. Previously, kfuncs with KF_ARG_PTR_TO_CONST_STR only accepted PTR_TO_MAP_VALUE from readonly maps. This was limiting for LSM programs that receive const char * arguments from hooks like sb_mount's dev_name. Signed-off-by: Song Liu <[email protected]>
Add two new kfuncs to fs/bpf_fs_kfuncs.c that wrap kern_path() for use
by BPF LSM programs:
bpf_kern_path():
- Resolves a pathname string to a struct path
- Allocates memory for the path structure
- Returns NULL on error or if the path doesn't exist
- Marked with KF_ACQUIRE | KF_SLEEPABLE | KF_RET_NULL
bpf_path_put():
- Releases the path reference and frees the allocated memory
- Marked with KF_RELEASE to enforce acquire/release semantics
These kfuncs enable BPF LSM programs to resolve pathnames provided by
hook arguments (e.g., dev_name from sb_mount) and validate or inspect
the resolved paths. The verifier enforces proper resource management
through acquire/release tracking.
Example usage:
struct path *p = bpf_kern_path("/etc/passwd", LOOKUP_FOLLOW);
if (p) {
// Use the path...
bpf_path_put(p); // Must release
}
Signed-off-by: Song Liu <[email protected]>
Add comprehensive selftests for the new bpf_kern_path and bpf_path_put
kfuncs:
1. Functional tests (prog_tests/kern_path.c, progs/test_kern_path.c):
- test_kern_path_basic: Tests successful path resolution using
/proc/self/exe and validates the resolved path with bpf_path_d_path
- test_kern_path_sb_mount: Tests bpf_kern_path with dynamic input
from LSM hook parameter (dev_name from sb_mount), demonstrating
real-world usage where BPF programs resolve paths from hook args
2. Verifier success tests (progs/verifier_kern_path.c):
- kern_path_success: Proper acquire -> use -> release pattern
- kern_path_multiple_paths: Multiple concurrent path acquisitions
3. Verifier failure tests (progs/verifier_kern_path_fail.c):
- kern_path_unreleased: Resource leak detection
- path_put_unacquired: Releasing unacquired path
- path_use_after_put: Use-after-free detection
- double_path_put: Double-free detection
- kern_path_non_lsm: Program type restrictions (LSM only)
- kern_path_non_const_str: reject none const string
These tests verify both the functionality of the kfuncs and that the
verifier properly enforces acquire/release semantics to prevent
resource leaks.
Signed-off-by: Song Liu <[email protected]>
Author
|
Upstream branch: 688b745 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Pull request for series with
subject: Introduce bpf_kern_path and bpf_path_put
version: 1
url: https://patchwork.kernel.org/project/netdevbpf/list/?series=1028078