From: Hao Luo <haoluo@google.com>
To: Alexei Starovoitov <ast@kernel.org>,
Andrii Nakryiko <andrii@kernel.org>,
Daniel Borkmann <daniel@iogearbox.net>
Cc: Martin KaFai Lau <kafai@fb.com>, Song Liu <songliubraving@fb.com>,
Yonghong Song <yhs@fb.com>, KP Singh <kpsingh@kernel.org>,
Shakeel Butt <shakeelb@google.com>,
Joe Burton <jevburton.kernel@gmail.com>,
Stanislav Fomichev <sdf@google.com>,
bpf@vger.kernel.org, linux-kernel@vger.kernel.org,
Hao Luo <haoluo@google.com>
Subject: [PATCH RFC bpf-next v2 4/5] bpf: Pin cgroup_view
Date: Tue, 1 Feb 2022 12:55:33 -0800 [thread overview]
Message-ID: <20220201205534.1962784-5-haoluo@google.com> (raw)
In-Reply-To: <20220201205534.1962784-1-haoluo@google.com>
When pinning cgroup_view iter into bpffs, the pinning adds a tag to
the parent directory, indicating the underneath directory hierarchy
is a replicate of the cgroup hierarchy. Each of the directory connects
to a cgroup directory. Whenever a subdirectory is created, if there is
a subcgroup of the same name exists, the subdirectory will be populated
with entries holding a list of bpf objects registered in the tag's
inherit list. The inherit list is formed by the objects pinned in the
top level tagged directory. For example,
bpf_obj_pin(cgroup_view_link, "/sys/fs/bpf/A/obj");
pins a link in A. A becomes tagged and the link object is registered
in the inherit list of A's tag.
mkdir("/sys/fs/bpf/A/B");
When A/B is created, B inherits the pinned objects in A. B is populated
with objects.
> ls /sys/fs/bpf/A/B
obj
Currently, only pinning cgroup_view link can tag a directory. And once
tagged, only rmdir can remove the tag.
Signed-off-by: Hao Luo <haoluo@google.com>
---
kernel/bpf/inode.c | 84 ++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 84 insertions(+)
diff --git a/kernel/bpf/inode.c b/kernel/bpf/inode.c
index 9ae17a2bf779..b71840bf979d 100644
--- a/kernel/bpf/inode.c
+++ b/kernel/bpf/inode.c
@@ -71,6 +71,7 @@ static void free_obj_list(struct kref *kref)
list_for_each_entry(e, &list->list, list) {
list_del_rcu(&e->list);
bpf_any_put(e->obj, e->type);
+ kfree(e->name.name);
kfree(e);
}
kfree(list);
@@ -486,9 +487,20 @@ static int bpf_mkmap(struct dentry *dentry, umode_t mode, void *arg)
&bpffs_map_fops : &bpffs_obj_fops);
}
+static int
+bpf_inherit_object(struct dentry *dentry, umode_t mode, void *obj,
+ enum bpf_type type);
+
static int bpf_mklink(struct dentry *dentry, umode_t mode, void *arg)
{
struct bpf_link *link = arg;
+ int err;
+
+ if (bpf_link_support_inherit(link)) {
+ err = bpf_inherit_object(dentry, mode, link, BPF_TYPE_LINK);
+ if (err)
+ return err;
+ }
return bpf_mkobj_ops(dentry, mode, arg, &bpf_link_iops,
bpf_link_is_iter(link) ?
@@ -586,6 +598,78 @@ static const struct inode_operations bpf_dir_iops = {
.unlink = simple_unlink,
};
+/* bpf_inherit_object - register an object in a diretory tag's inherit list
+ * @dentry: dentry of the location to pin
+ * @mode: mode of created file entry
+ * @obj: bpf object
+ * @type: type of bpf object
+ *
+ * Could be called from bpf_obj_do_pin() or from mkdir().
+ */
+static int bpf_inherit_object(struct dentry *dentry, umode_t mode,
+ void *obj, enum bpf_type type)
+{
+ struct inode *dir = d_inode(dentry->d_parent);
+ struct obj_list *inherits;
+ struct bpf_inherit_entry *e;
+ struct bpf_dir_tag *tag;
+ const char *name;
+ bool queued = false, new_tag = false;
+
+ /* allocate bpf_dir_tag */
+ tag = inode_tag(dir);
+ if (!tag) {
+ new_tag = true;
+ tag = kzalloc(sizeof(struct bpf_dir_tag), GFP_KERNEL);
+ if (unlikely(!tag))
+ return -ENOMEM;
+
+ tag->type = BPF_DIR_KERNFS_REP;
+ inherits = kzalloc(sizeof(struct obj_list), GFP_KERNEL);
+ if (unlikely(!inherits)) {
+ kfree(tag);
+ return -ENOMEM;
+ }
+
+ kref_init(&inherits->refcnt);
+ INIT_LIST_HEAD(&inherits->list);
+ tag->inherit_objects = inherits;
+ /* initial tag points to the default root cgroup. */
+ tag->private = cgrp_dfl_root.kf_root->kn;
+ dir->i_private = tag;
+ } else {
+ inherits = tag->inherit_objects;
+ }
+
+ list_for_each_entry_rcu(e, &inherits->list, list) {
+ if (!strcmp(dentry->d_name.name, e->name.name)) {
+ queued = true;
+ break;
+ }
+ }
+
+ /* queue in tag's inherit_list. */
+ if (!queued) {
+ e = kzalloc(sizeof(struct bpf_inherit_entry), GFP_KERNEL);
+ if (!e) {
+ if (new_tag) {
+ kfree(tag);
+ kfree(inherits);
+ }
+ return -ENOMEM;
+ }
+
+ INIT_LIST_HEAD(&e->list);
+ e->mode = mode;
+ e->obj = obj;
+ e->type = type;
+ name = kstrdup(dentry->d_name.name, GFP_USER | __GFP_NOWARN);
+ e->name = (struct qstr)QSTR_INIT(name, strlen(name));
+ list_add_rcu(&e->list, &inherits->list);
+ }
+ return 0;
+}
+
/* pin iterator link into bpffs */
static int bpf_iter_link_pin_kernel(struct dentry *parent,
const char *name, struct bpf_link *link)
--
2.35.0.rc2.247.g8bbb082509-goog
next prev parent reply other threads:[~2022-02-01 20:55 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-01 20:55 [PATCH RFC bpf-next v2 0/5] Extend cgroup interface with bpf Hao Luo
2022-02-01 20:55 ` [PATCH RFC bpf-next v2 1/5] bpf: Bpffs directory tag Hao Luo
2022-02-01 20:55 ` [PATCH RFC bpf-next v2 2/5] bpf: Introduce inherit list for dir tag Hao Luo
2022-02-01 20:55 ` [PATCH RFC bpf-next v2 3/5] bpf: cgroup_view iter Hao Luo
2022-02-02 1:17 ` kernel test robot
2022-02-02 3:39 ` kernel test robot
2022-02-02 3:39 ` kernel test robot
2022-02-01 20:55 ` Hao Luo [this message]
2022-02-02 4:20 ` [PATCH RFC bpf-next v2 4/5] bpf: Pin cgroup_view kernel test robot
2022-02-02 5:11 ` kernel test robot
2022-02-02 5:11 ` kernel test robot
2022-02-01 20:55 ` [PATCH RFC bpf-next v2 5/5] selftests/bpf: test for pinning for cgroup_view link Hao Luo
2022-02-03 18:04 ` Alexei Starovoitov
2022-02-03 22:46 ` Hao Luo
2022-02-04 3:33 ` Alexei Starovoitov
2022-02-04 18:26 ` Hao Luo
2022-02-06 4:29 ` Alexei Starovoitov
2022-02-08 20:07 ` Hao Luo
2022-02-08 21:20 ` Alexei Starovoitov
2022-02-08 21:34 ` Hao Luo
2022-02-14 18:29 ` Hao Luo
2022-02-14 19:24 ` Alexei Starovoitov
2022-02-14 20:23 ` Hao Luo
2022-02-14 20:27 ` Alexei Starovoitov
2022-02-14 20:39 ` Hao Luo
-- strict thread matches above, loose matches on Subject: below --
2022-02-02 9:15 [PATCH RFC bpf-next v2 2/5] bpf: Introduce inherit list for dir tag kernel test robot
2022-02-02 9:32 ` Dan Carpenter
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220201205534.1962784-5-haoluo@google.com \
--to=haoluo@google.com \
--cc=andrii@kernel.org \
--cc=ast@kernel.org \
--cc=bpf@vger.kernel.org \
--cc=daniel@iogearbox.net \
--cc=jevburton.kernel@gmail.com \
--cc=kafai@fb.com \
--cc=kpsingh@kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=sdf@google.com \
--cc=shakeelb@google.com \
--cc=songliubraving@fb.com \
--cc=yhs@fb.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.