Received: by 2002:a05:6a10:a0d1:0:0:0:0 with SMTP id j17csp1625489pxa; Sun, 23 Aug 2020 10:00:20 -0700 (PDT) X-Google-Smtp-Source: ABdhPJw/dVM9VuZuDFeBKnssYAiM1bIRBjLMpgsUtcYh3vn0pDv3tKUjyjBGSikvo/YzbjtV5uDs X-Received: by 2002:a50:9996:: with SMTP id m22mr1946382edb.241.1598202020757; Sun, 23 Aug 2020 10:00:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1598202020; cv=none; d=google.com; s=arc-20160816; b=NnSRKWkrRaAIS/C2Z3dIOc+uPv2N7+UWHSPaSXoLYp+YE/eKb2V5yKSuXb8HKsDMzA M3IFmMEE0fFJPVCx1nU19Oan7lRVioKGiAEZjeD8RTIyH/71faR+LZIp6rOzI8e+oT/Q Y42G+81Fv/9M78AA4b8hHwDPtNxsX1D+URUkc3K3INcuFVrjc/LniZIXeHdSnKFmypLi GRwGPXhZBvdGLgDt3ROcwpWZ+12xM2juV52OkLhrcc4rNutP1MfM05JXmuGreArWaa/j vPQFu65hCegA+zGft70WNoBBtx+afkrE0ASpWbw2kM7rIw4h+qtl6+26JDv7v65/7I7l sOIw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=18/xgqr3LuTAtwT4Epl6wVligdRW7Arzmd8zqsysMK4=; b=VeGtpzJ3OSfZW8zNvq8DoDf1Sq0/iUCbfhalJIzeiPK2eKFP2UhcWVouHpYULqIFCQ 00Y/TsF76KQzbO2ILabSO6ISA2Y4Eaq/jXNf19O8vWhj7JDEYpywZwhbD4nElNzKnX2W Ce7D3Cz8LjzVzmSIM9IvLnfT8B7VoNvR5W0ASq8JST2G9k4p8dt9BD4P2W58As9lp5PL I2mIP+sdphV8BWioQGH2wAPEPWO4yTd94diDOcuEKPmTyKHsJ7vXppEMOgBl8B1npFWo rfTpMH/RoHzqi3xnbwVP94AJSXk79gY1o+XVphWJEjACqIG2w6pSyRaLkIlrtJz1bqgV seiQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=YReisOj5; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id h15si720324ejg.226.2020.08.23.09.59.56; Sun, 23 Aug 2020 10:00:20 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=YReisOj5; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727990AbgHWQ46 (ORCPT + 99 others); Sun, 23 Aug 2020 12:56:58 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:59214 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727942AbgHWQ41 (ORCPT ); Sun, 23 Aug 2020 12:56:27 -0400 Received: from mail-wr1-x443.google.com (mail-wr1-x443.google.com [IPv6:2a00:1450:4864:20::443]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id D6867C0617A0 for ; Sun, 23 Aug 2020 09:56:23 -0700 (PDT) Received: by mail-wr1-x443.google.com with SMTP id d16so6404149wrq.9 for ; Sun, 23 Aug 2020 09:56:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=18/xgqr3LuTAtwT4Epl6wVligdRW7Arzmd8zqsysMK4=; b=YReisOj5A10nre+hTA/anFaK0QqhFXNFKWmLT2SVOCbx/9zw2s/YzQ5W9HR4djpVVn 8a6QLN+XHRNFtN9LEcf0NrVzF0+sP7kaucXtqDvOiZNyLYsNM3B0zCtQ4wz402mIxlL/ wkjoK3X8NR4YOBlyqIxe7gBLWa9yF740NlvIE= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=18/xgqr3LuTAtwT4Epl6wVligdRW7Arzmd8zqsysMK4=; b=sYk1VDylWclkPrH5bMSO8obk5Yd5jLBcft7smuVKXbalZzk/1V96vVHhkWZUaHmbGw GJFRfNF9VMCUBxZjXOl9ohgk27om99JbJRhyfUw6OiC1BdgmnvxoS4v0YbxzcXt34oTV kTiT8KcDcs8mIXfm74FWoJfOafMTYhVH1LkaRJm8AH8lnAmJFRx/ZqXdZu0Ic+MmL9uo MjS8DTP1Upe8tfP7iJ4E1RQE3c8dAq18B6GSFQuVlbnIqiYZCJYHt7fKIvw4ruJTRuuz FlppAugPwW1mqVGUs4DW487B7Rl3nqMdRQIWNo+TqTcv4UB8Yl0Pn9ETLHw+9pUJ6NhM gMjw== X-Gm-Message-State: AOAM530lbkpH+pW06XqHQKg+NKPmeG8lQwoRoeqntj/HwDxfStgN2iY/ qQCHtIBsjpPkXAtmUHIfI/IV9np0pcxrcQ== X-Received: by 2002:a5d:4b12:: with SMTP id v18mr2154210wrq.254.1598201782272; Sun, 23 Aug 2020 09:56:22 -0700 (PDT) Received: from kpsingh.zrh.corp.google.com ([81.6.44.51]) by smtp.gmail.com with ESMTPSA id d10sm5425974wrg.3.2020.08.23.09.56.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 23 Aug 2020 09:56:21 -0700 (PDT) From: KP Singh To: linux-kernel@vger.kernel.org, bpf@vger.kernel.org, linux-security-module@vger.kernel.org Cc: Martin KaFai Lau , Alexei Starovoitov , Daniel Borkmann , Paul Turner , Jann Horn , Florent Revest Subject: [PATCH bpf-next v9 6/7] bpf: Allow local storage to be used from LSM programs Date: Sun, 23 Aug 2020 18:56:11 +0200 Message-Id: <20200823165612.404892-7-kpsingh@chromium.org> X-Mailer: git-send-email 2.28.0.297.g1956fa8f8d-goog In-Reply-To: <20200823165612.404892-1-kpsingh@chromium.org> References: <20200823165612.404892-1-kpsingh@chromium.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: KP Singh Adds support for both bpf_{sk, inode}_storage_{get, delete} to be used in LSM programs. These helpers are not used for tracing programs (currently) as their usage is tied to the life-cycle of the object and should only be used where the owning object won't be freed (when the owning object is passed as an argument to the LSM hook). Thus, they are safer to use in LSM hooks than tracing. Usage of local storage in tracing programs will probably follow a per function based whitelist approach. Since the UAPI helper signature for bpf_sk_storage expect a bpf_sock, it, leads to a compilation warning for LSM programs, it's also updated to accept a void * pointer instead. Acked-by: Martin KaFai Lau Signed-off-by: KP Singh --- include/net/bpf_sk_storage.h | 2 ++ include/uapi/linux/bpf.h | 7 +++++-- kernel/bpf/bpf_lsm.c | 21 ++++++++++++++++++++- net/core/bpf_sk_storage.c | 25 +++++++++++++++++++++++++ tools/include/uapi/linux/bpf.h | 7 +++++-- 5 files changed, 57 insertions(+), 5 deletions(-) diff --git a/include/net/bpf_sk_storage.h b/include/net/bpf_sk_storage.h index 3c516dd07caf..119f4c9c3a9c 100644 --- a/include/net/bpf_sk_storage.h +++ b/include/net/bpf_sk_storage.h @@ -20,6 +20,8 @@ void bpf_sk_storage_free(struct sock *sk); extern const struct bpf_func_proto bpf_sk_storage_get_proto; extern const struct bpf_func_proto bpf_sk_storage_delete_proto; +extern const struct bpf_func_proto sk_storage_get_btf_proto; +extern const struct bpf_func_proto sk_storage_delete_btf_proto; struct bpf_local_storage_elem; struct bpf_sk_storage_diag; diff --git a/include/uapi/linux/bpf.h b/include/uapi/linux/bpf.h index b0504ab59a2e..c7f0a806932d 100644 --- a/include/uapi/linux/bpf.h +++ b/include/uapi/linux/bpf.h @@ -2808,7 +2808,7 @@ union bpf_attr { * * **-ERANGE** if resulting value was out of range. * - * void *bpf_sk_storage_get(struct bpf_map *map, struct bpf_sock *sk, void *value, u64 flags) + * void *bpf_sk_storage_get(struct bpf_map *map, void *sk, void *value, u64 flags) * Description * Get a bpf-local-storage from a *sk*. * @@ -2824,6 +2824,9 @@ union bpf_attr { * "type". The bpf-local-storage "type" (i.e. the *map*) is * searched against all bpf-local-storages residing at *sk*. * + * *sk* is a kernel **struct sock** pointer for LSM program. + * *sk* is a **struct bpf_sock** pointer for other program types. + * * An optional *flags* (**BPF_SK_STORAGE_GET_F_CREATE**) can be * used such that a new bpf-local-storage will be * created if one does not exist. *value* can be used @@ -2836,7 +2839,7 @@ union bpf_attr { * **NULL** if not found or there was an error in adding * a new bpf-local-storage. * - * long bpf_sk_storage_delete(struct bpf_map *map, struct bpf_sock *sk) + * long bpf_sk_storage_delete(struct bpf_map *map, void *sk) * Description * Delete a bpf-local-storage from a *sk*. * Return diff --git a/kernel/bpf/bpf_lsm.c b/kernel/bpf/bpf_lsm.c index fb278144e9fd..9cd1428c7199 100644 --- a/kernel/bpf/bpf_lsm.c +++ b/kernel/bpf/bpf_lsm.c @@ -11,6 +11,8 @@ #include #include #include +#include +#include /* For every LSM hook that allows attachment of BPF programs, declare a nop * function where a BPF program can be attached. @@ -45,10 +47,27 @@ int bpf_lsm_verify_prog(struct bpf_verifier_log *vlog, return 0; } +static const struct bpf_func_proto * +bpf_lsm_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) +{ + switch (func_id) { + case BPF_FUNC_inode_storage_get: + return &bpf_inode_storage_get_proto; + case BPF_FUNC_inode_storage_delete: + return &bpf_inode_storage_delete_proto; + case BPF_FUNC_sk_storage_get: + return &sk_storage_get_btf_proto; + case BPF_FUNC_sk_storage_delete: + return &sk_storage_delete_btf_proto; + default: + return tracing_prog_func_proto(func_id, prog); + } +} + const struct bpf_prog_ops lsm_prog_ops = { }; const struct bpf_verifier_ops lsm_verifier_ops = { - .get_func_proto = tracing_prog_func_proto, + .get_func_proto = bpf_lsm_func_proto, .is_valid_access = btf_ctx_access, }; diff --git a/net/core/bpf_sk_storage.c b/net/core/bpf_sk_storage.c index f29d9a9b4ea4..55fae03b4cc3 100644 --- a/net/core/bpf_sk_storage.c +++ b/net/core/bpf_sk_storage.c @@ -12,6 +12,7 @@ #include #include #include +#include DEFINE_BPF_STORAGE_CACHE(sk_cache); @@ -377,6 +378,30 @@ const struct bpf_func_proto bpf_sk_storage_delete_proto = { .arg2_type = ARG_PTR_TO_SOCKET, }; +BTF_ID_LIST(sk_storage_btf_ids) +BTF_ID_UNUSED +BTF_ID(struct, sock) + +const struct bpf_func_proto sk_storage_get_btf_proto = { + .func = bpf_sk_storage_get, + .gpl_only = false, + .ret_type = RET_PTR_TO_MAP_VALUE_OR_NULL, + .arg1_type = ARG_CONST_MAP_PTR, + .arg2_type = ARG_PTR_TO_BTF_ID, + .arg3_type = ARG_PTR_TO_MAP_VALUE_OR_NULL, + .arg4_type = ARG_ANYTHING, + .btf_id = sk_storage_btf_ids, +}; + +const struct bpf_func_proto sk_storage_delete_btf_proto = { + .func = bpf_sk_storage_delete, + .gpl_only = false, + .ret_type = RET_INTEGER, + .arg1_type = ARG_CONST_MAP_PTR, + .arg2_type = ARG_PTR_TO_BTF_ID, + .btf_id = sk_storage_btf_ids, +}; + struct bpf_sk_storage_diag { u32 nr_maps; struct bpf_map *maps[]; diff --git a/tools/include/uapi/linux/bpf.h b/tools/include/uapi/linux/bpf.h index b0504ab59a2e..c7f0a806932d 100644 --- a/tools/include/uapi/linux/bpf.h +++ b/tools/include/uapi/linux/bpf.h @@ -2808,7 +2808,7 @@ union bpf_attr { * * **-ERANGE** if resulting value was out of range. * - * void *bpf_sk_storage_get(struct bpf_map *map, struct bpf_sock *sk, void *value, u64 flags) + * void *bpf_sk_storage_get(struct bpf_map *map, void *sk, void *value, u64 flags) * Description * Get a bpf-local-storage from a *sk*. * @@ -2824,6 +2824,9 @@ union bpf_attr { * "type". The bpf-local-storage "type" (i.e. the *map*) is * searched against all bpf-local-storages residing at *sk*. * + * *sk* is a kernel **struct sock** pointer for LSM program. + * *sk* is a **struct bpf_sock** pointer for other program types. + * * An optional *flags* (**BPF_SK_STORAGE_GET_F_CREATE**) can be * used such that a new bpf-local-storage will be * created if one does not exist. *value* can be used @@ -2836,7 +2839,7 @@ union bpf_attr { * **NULL** if not found or there was an error in adding * a new bpf-local-storage. * - * long bpf_sk_storage_delete(struct bpf_map *map, struct bpf_sock *sk) + * long bpf_sk_storage_delete(struct bpf_map *map, void *sk) * Description * Delete a bpf-local-storage from a *sk*. * Return -- 2.28.0.297.g1956fa8f8d-goog