Received: by 2002:a05:6a10:16a7:0:0:0:0 with SMTP id gp39csp1164499pxb; Fri, 6 Nov 2020 02:41:46 -0800 (PST) X-Google-Smtp-Source: ABdhPJzY9pGM4DYjkRBuJdO8R9Kumykqbuq5pkKiq5JjN0gAC8oh2qTI8sFXEJ1+4/F7Hw3WKZm1 X-Received: by 2002:a17:906:2697:: with SMTP id t23mr1433090ejc.292.1604659306138; Fri, 06 Nov 2020 02:41:46 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1604659306; cv=none; d=google.com; s=arc-20160816; b=JPUYz6Iu2FfMHbbhTCarAj0ZvmsV3EA0t1zGYX0kUZjrdCMHYiZcgw5sHoT6T7KCWN DGPN25ytne6m4CnFPLRSVebrvkrjT3du85bhyPj/tapFBXrc/O9yKdkrmubbLBZ3BTmF 7hZ+GdTHzmFLpeWnXvv7pjfGyYju1ZoJtTaRaEHM8YJ0AKdoW0/UIMxHbFJrxcUDHuih e5T+jI4CEt6CWEvJHqXx7k+OpCQjY+kbTv4GKRxr3rhBJRD8zmzCLRswNYC67EXARyhO d7JU4IRAaJ7j4D6frTSwjnbZVNdf0sTPrnHYnXHcVhbTZ5BT+1+xSWFPaOOqU79MB+im v7DQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=6Qkos45I7JBc99J3NgQI9X1LqhcBblXueuCbnD5Pdqg=; b=BLq98a5YumNakZ/uFD6HTVxMkMRLXZ+87oVb0o9Xsqj90ukvsIWUAoFF6dYo+yVHr8 R8oR3yd/saiPGgtnqdAu/qD2EUBszPXhI0a59fXAice9gFK2SVlPqmpgytNxgUaN29+d Y6QfR46n/vdzs3Ei5biax7/bmSeiWcdtAg+8JncpEhYNBQkbjwxz2bQWh56YQZ+9ekzq 19kqRSHoRHzIZRMlXlVDlrT3I29RbV9GWg/OOHhWYv/T03GsIxyKq9jqY7cUm1nN1R1/ Y8xCJ1IZ+ZwBbw+gs2xLpt7cj+3pAaiH9r3UcZHBxmwp/QPakTmI8S6ggMyIj34kesYe QJzQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=i0Ong8IP; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id r17si510447ejr.194.2020.11.06.02.41.22; Fri, 06 Nov 2020 02:41:46 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@chromium.org header.s=google header.b=i0Ong8IP; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=chromium.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727038AbgKFKhy (ORCPT + 99 others); Fri, 6 Nov 2020 05:37:54 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35646 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726010AbgKFKhw (ORCPT ); Fri, 6 Nov 2020 05:37:52 -0500 Received: from mail-wm1-x344.google.com (mail-wm1-x344.google.com [IPv6:2a00:1450:4864:20::344]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 73264C0613CF for ; Fri, 6 Nov 2020 02:37:52 -0800 (PST) Received: by mail-wm1-x344.google.com with SMTP id c16so866915wmd.2 for ; Fri, 06 Nov 2020 02:37:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=6Qkos45I7JBc99J3NgQI9X1LqhcBblXueuCbnD5Pdqg=; b=i0Ong8IPvb2lWGPR7stBTKuuaNzBSmz7c+VJwEiIuvMVKc5ieonaEh04yJykNDiwDP fuhQvGEr9S5vLD+qxMOhTcKM37SiikdhHgJ0eV8XFtPsmrvjmBC8BbjtMXAwh5nc03q5 80BQ0bFS23QTZUFGSSW21Gy2oM2pRZIT3U2tU= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=6Qkos45I7JBc99J3NgQI9X1LqhcBblXueuCbnD5Pdqg=; b=KhWMHznOWldZcsr6jPNtV7wFjChYXg8eLbw0Y9aiMKCZqseNQV7Nwy1KNbaxQyTAXf cv3v0hzXrm9tpP1O/5L/+oM2kd1VZzQk7SxpImmAGNWxO/6Lu6wOc1DifgZYPhtqCWUm viUGOamgMWo7+m9Uc6NftMZb0X1JMW6ldtgW6/vrv38Db/I7F3pTU9Lx7NQsGJIbR9vz sKNmyBaN35qFGMOa/A2rX18X+q+OnfB7NMdwlyJsqFqJ4y/8qAOibUX8G87jHmlHCLBt Sk0LQQgzk9Y46MHuE9HINoBBB3QjdTO+8KMM4IYsZ/2Wj1DPZ7ctAK5zQqqG9XIyPITm eLSQ== X-Gm-Message-State: AOAM532jOeI+5ERAovqok4dfhj5trPs33PbckKKn4Vd7rUiA+8e2KxKq xFNkR5JqAOcpVe2nXdKsI5NPL01BYGwjAxgD X-Received: by 2002:a7b:c0d7:: with SMTP id s23mr1851735wmh.54.1604659070531; Fri, 06 Nov 2020 02:37:50 -0800 (PST) Received: from kpsingh.c.googlers.com.com (203.75.199.104.bc.googleusercontent.com. [104.199.75.203]) by smtp.gmail.com with ESMTPSA id t1sm1537639wrs.48.2020.11.06.02.37.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 06 Nov 2020 02:37:49 -0800 (PST) From: KP Singh To: linux-kernel@vger.kernel.org, bpf@vger.kernel.org Cc: Song Liu , Martin KaFai Lau , Alexei Starovoitov , Daniel Borkmann , Paul Turner , Jann Horn , Hao Luo Subject: [PATCH bpf-next v6 1/9] bpf: Allow LSM programs to use bpf spin locks Date: Fri, 6 Nov 2020 10:37:39 +0000 Message-Id: <20201106103747.2780972-2-kpsingh@chromium.org> X-Mailer: git-send-email 2.29.1.341.ge80a0c044ae-goog In-Reply-To: <20201106103747.2780972-1-kpsingh@chromium.org> References: <20201106103747.2780972-1-kpsingh@chromium.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: KP Singh Usage of spin locks was not allowed for tracing programs due to insufficient preemption checks. The verifier does not currently prevent LSM programs from using spin locks, but the helpers are not exposed via bpf_lsm_func_proto. Based on the discussion in [1], non-sleepable LSM programs should be able to use bpf_spin_{lock, unlock}. Sleepable LSM programs can be preempted which means that allowng spin locks will need more work (disabling preemption and the verifier ensuring that no sleepable helpers are called when a spin lock is held). [1]: https://lore.kernel.org/bpf/20201103153132.2717326-1-kpsingh@chromium.org/T/#md601a053229287659071600d3483523f752cd2fb Acked-by: Song Liu Acked-by: Martin KaFai Lau Signed-off-by: KP Singh --- kernel/bpf/bpf_lsm.c | 4 ++++ kernel/bpf/verifier.c | 20 +++++++++++++++----- 2 files changed, 19 insertions(+), 5 deletions(-) diff --git a/kernel/bpf/bpf_lsm.c b/kernel/bpf/bpf_lsm.c index 78ea8a7bd27f..cd8a617f2109 100644 --- a/kernel/bpf/bpf_lsm.c +++ b/kernel/bpf/bpf_lsm.c @@ -59,6 +59,10 @@ bpf_lsm_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) return &bpf_sk_storage_get_proto; case BPF_FUNC_sk_storage_delete: return &bpf_sk_storage_delete_proto; + case BPF_FUNC_spin_lock: + return &bpf_spin_lock_proto; + case BPF_FUNC_spin_unlock: + return &bpf_spin_unlock_proto; default: return tracing_prog_func_proto(func_id, prog); } diff --git a/kernel/bpf/verifier.c b/kernel/bpf/verifier.c index 6200519582a6..f863aa84d0a2 100644 --- a/kernel/bpf/verifier.c +++ b/kernel/bpf/verifier.c @@ -9719,11 +9719,21 @@ static int check_map_prog_compatibility(struct bpf_verifier_env *env, verbose(env, "trace type programs with run-time allocated hash maps are unsafe. Switch to preallocated hash maps.\n"); } - if ((is_tracing_prog_type(prog_type) || - prog_type == BPF_PROG_TYPE_SOCKET_FILTER) && - map_value_has_spin_lock(map)) { - verbose(env, "tracing progs cannot use bpf_spin_lock yet\n"); - return -EINVAL; + if (map_value_has_spin_lock(map)) { + if (prog_type == BPF_PROG_TYPE_SOCKET_FILTER) { + verbose(env, "socket filter progs cannot use bpf_spin_lock yet\n"); + return -EINVAL; + } + + if (is_tracing_prog_type(prog_type)) { + verbose(env, "tracing progs cannot use bpf_spin_lock yet\n"); + return -EINVAL; + } + + if (prog->aux->sleepable) { + verbose(env, "sleepable progs cannot use bpf_spin_lock yet\n"); + return -EINVAL; + } } if ((bpf_prog_is_dev_bound(prog->aux) || bpf_map_is_dev_bound(map)) && -- 2.29.1.341.ge80a0c044ae-goog