Received: by 2002:a05:6358:3188:b0:123:57c1:9b43 with SMTP id q8csp29115189rwd; Wed, 5 Jul 2023 07:24:16 -0700 (PDT) X-Google-Smtp-Source: ACHHUZ7ILQ2794vJNgftaXPcCGRxWYPZQfi6XjNaD+ZPcAAzRXMbeuWfQwQGDHR5vJORoVb9tawD X-Received: by 2002:a05:6a20:3943:b0:125:9d7f:3bff with SMTP id r3-20020a056a20394300b001259d7f3bffmr17133759pzg.44.1688567056307; Wed, 05 Jul 2023 07:24:16 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1688567056; cv=none; d=google.com; s=arc-20160816; b=Cxn/RzAlF7eFvPcexRdPMsfm+pMDm35NmaLmOg16TJBpDfFOcyo7TKbgBUBT8mwxV1 pq6FxN4CT01MjPuwRxPfyLYS5+fFYdmhhc3qth5yvKkRiNnCLmDhGM7M8wKJexATD5Al tYogygzUXXhoxawUpQXAPKzcwLxuWhtl6cbUfx73f/cAwfBFWdIoPlboLs2aAb4y1DqE qXB1CggP/YJR9kcGFhxtRpYSplS5HOLHClHzdiQbYWem6ltJ2tLPcp28M8msAoB8HMOY D7LTQ1zDRU+M0sf/Qu05VkbNMDuCkeSpq7GveIov55YDGx+MyKJZ1OL2BradfYJp/F6q 9CxA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=kBMTpyseKITv9CcI9AWOXgVU43mNM8k00/StLyquGN8=; fh=azx71+6rsbI8sznk5DUxkicCsZEe/sUFZOuBabZoRG8=; b=cZsoPxP3f9Z10r0CS7jAjkLPkMO6X+iDezsMNBY69xw1DjSC+t4GXDWAl/oiEia/Fs ys2HotBEjn/FLQHXEanEQL2lRRFqLVGPN/wx8lQku+zGZrSMAug9krkiKbIqEQLp77Ib k0pbHoMWqsq3HqNjBBR+1XKD6CD/7NCCnK/YOrkzzLkV5BEjKpgQpCBXdOYqlygm9iJS xidR6nLQbiQk3L9clHDHkhK9CWGgV+/2jumaOiBIAWq2dYWYBONJfTn9TiToW1VCu0In b6tqrfVZ6Il4CGtOAQmBJ8yrWC0q2/KhqhL3SevrwG+b+PDtOm4LuyB+9f48hW3mG+1T 0SHw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=HbCQTBeQ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id 200-20020a6219d1000000b00665dfbf3b17si22204639pfz.264.2023.07.05.07.24.00; Wed, 05 Jul 2023 07:24:16 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=HbCQTBeQ; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232303AbjGEOSO (ORCPT + 99 others); Wed, 5 Jul 2023 10:18:14 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:35642 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231213AbjGEOSN (ORCPT ); Wed, 5 Jul 2023 10:18:13 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 7A100CF; Wed, 5 Jul 2023 07:18:12 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id 09A1F615A2; Wed, 5 Jul 2023 14:18:12 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id CC6E1C433C8; Wed, 5 Jul 2023 14:18:09 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1688566691; bh=aQOxUV4yTa8OSUuniXMvzbe2uLvADx8VtghQS2mvrgQ=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=HbCQTBeQeZQ8zuxAkLMeHNo83Cr/btbUFFM31wDUjQsDxojQAqi3zO9e3gmmDkOaj OJXeRK59UQsH/EiZTw06WBkZiFu8O3Fv3eV0an/4OjYv9PlQ4/ybrHQl9OORWFD2fk NWaJYelkdHX8FtNugKe0vexlaBVVbSeG+wJHqXObMOeSHYM3veHtEzz7lyBYhdeF9V qfPMmFmlvWQgF7qzK4eoyOXJqXW3f0jSGKnF0ls4ODdzUAV/g3lF03gB4E6zK+KMZr wetPJxyNo8zsAKKZeYW2n6QDwtqpn8EPnYUFW3/tz34KnTSVEts/6POX+biC9P/Fjw 4Tu7GJZta4nnw== Date: Wed, 5 Jul 2023 16:18:07 +0200 From: Christian Brauner To: Alexey Gladkov Cc: Hou Tao , bpf@vger.kernel.org, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, Alexander Viro , Alexei Starovoitov Subject: Re: [PATCH v1] fs: Add kfuncs to handle idmapped mounts Message-ID: <20230705-blankziehen-halbwahrheiten-b52fae1fd86a@brauner> References: <20230704-peitschen-inzwischen-7ad743c764e8@brauner> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Jul 05, 2023 at 03:43:09PM +0200, Alexey Gladkov wrote: > On Tue, Jul 04, 2023 at 05:28:13PM +0200, Christian Brauner wrote: > > On Tue, Jul 04, 2023 at 05:11:12PM +0200, Alexey Gladkov wrote: > > > On Tue, Jul 04, 2023 at 07:42:53PM +0800, Hou Tao wrote: > > > > Hi, > > > > > > > > On 6/30/2023 7:08 PM, Alexey Gladkov wrote: > > > > > Since the introduction of idmapped mounts, file handling has become > > > > > somewhat more complicated. If the inode has been found through an > > > > > idmapped mount the idmap of the vfsmount must be used to get proper > > > > > i_uid / i_gid. This is important, for example, to correctly take into > > > > > account idmapped files when caching, LSM or for an audit. > > > > > > > > Could you please add a bpf selftest for these newly added kfuncs ? > > > > > > > > > > Signed-off-by: Alexey Gladkov > > > > > --- > > > > > fs/mnt_idmapping.c | 69 ++++++++++++++++++++++++++++++++++++++++++++++ > > > > > 1 file changed, 69 insertions(+) > > > > > > > > > > diff --git a/fs/mnt_idmapping.c b/fs/mnt_idmapping.c > > > > > index 4905665c47d0..ba98ce26b883 100644 > > > > > --- a/fs/mnt_idmapping.c > > > > > +++ b/fs/mnt_idmapping.c > > > > > @@ -6,6 +6,7 @@ > > > > > #include > > > > > #include > > > > > #include > > > > > +#include > > > > > > > > > > #include "internal.h" > > > > > > > > > > @@ -271,3 +272,71 @@ void mnt_idmap_put(struct mnt_idmap *idmap) > > > > > kfree(idmap); > > > > > } > > > > > } > > > > > + > > > > > +__diag_push(); > > > > > +__diag_ignore_all("-Wmissing-prototypes", > > > > > + "Global functions as their definitions will be in vmlinux BTF"); > > > > > + > > > > > +/** > > > > > + * bpf_is_idmapped_mnt - check whether a mount is idmapped > > > > > + * @mnt: the mount to check > > > > > + * > > > > > + * Return: true if mount is mapped, false if not. > > > > > + */ > > > > > +__bpf_kfunc bool bpf_is_idmapped_mnt(struct vfsmount *mnt) > > > > > +{ > > > > > + return is_idmapped_mnt(mnt); > > > > > +} > > > > > + > > > > > +/** > > > > > + * bpf_file_mnt_idmap - get file idmapping > > > > > + * @file: the file from which to get mapping > > > > > + * > > > > > + * Return: The idmap for the @file. > > > > > + */ > > > > > +__bpf_kfunc struct mnt_idmap *bpf_file_mnt_idmap(struct file *file) > > > > > +{ > > > > > + return file_mnt_idmap(file); > > > > > +} > > > > > > > > A dummy question here: the implementation of file_mnt_idmap() is > > > > file->f_path.mnt->mnt_idmap, so if the passed file is a BTF pointer, is > > > > there any reason why we could not do such dereference directly in bpf > > > > program ? > > > > > > I wanted to provide a minimal API for bpf programs. I thought that this > > > interface is stable enough, but after reading Christian's answer, it looks > > > like I was wrong. > > > > It isn't even about stability per se. It's unlikely that if we change > > internal details that types or arguments to these helpers change. That's > > why we did the work of abstracting this all away in the first place and > > making this an opaque type. > > > > The wider point is that according to the docs, kfuncs claim to have > > equivalent status to EXPORT_SYMBOL_*() with the added complexity of > > maybe having to take out of tree bpf programs into account. > > > > Right now, we can look at the in-kernel users of is_idmapped_mnt(), > > convert them and then kill this thing off if we wanted to. As soon as > > this is a kfunc such an endeavour becomes a measure of "f**** around and > > find out". That's an entirely avoidable conflict if we don't even expose > > it in the first place. > > > > I was hoping to make it possible to use is_idmapped_mnt or its equivalent > to at least be able to distinguish a file with an idmapped mount from a > regular one. Afaict, you can do this today pretty easily. For example, #!/usr/bin/env bpftrace #include #include #include kfunc:do_move_mount { printf("Target path %s\n", str(args->new_path->dentry->d_name.name)); printf("Target mount idmapped %d\n", args->new_path->mnt->mnt_idmap != kaddr("nop_mnt_idmap")); } sample output: Target path console Target mount idmapped 0 Target path rootfs Target mount idmapped 1