[PATCH bpf-next 04/11] bpf: add new acquire/release BPF kfuncs for mm_struct

[Matt Bobrowski <mattbobrowski@google.com>]

A BPF LSM program at times will introspect a mm_struct that is
associated with a task_struct. In order to perform this reliably, we
need introduce a new set of BPF kfuncs that have the ability to
acquire and release references on a mm_struct.

The following BPF kfuncs have been added in order to support this
capability:

struct mm_struct *bpf_task_mm_grab(struct task_struct *task);
void bpf_mm_drop(struct mm_struct *mm);

These newly added mm_struct based BPF kfuncs are simple wrappers
around the mmgrab() and mmdrop() in-kernel helpers. Both mmgrab() and
mmdrop() are used in favour of their somewhat similar counterparts
mmget() and mmput() as they're considered to be the more lightweight
variants in comparison i.e. they don't pin the associated address
space.

Signed-off-by: Matt Bobrowski <mattbobrowski@google.com>
---
 kernel/trace/bpf_trace.c | 43 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 43 insertions(+)

diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c
index c45c8d42316c..d1d29452dd0c 100644
--- a/kernel/trace/bpf_trace.c
+++ b/kernel/trace/bpf_trace.c
@@ -1472,10 +1472,53 @@ __bpf_kfunc int bpf_get_file_xattr(struct file *file, const char *name__str,
 	return __vfs_getxattr(dentry, dentry->d_inode, name__str, value, value_len);
 }
 
+/**
+ * bpf_task_mm_grab - get a reference on the mm_struct associated with the
+ * 		      supplied task_struct
+ * @task: task_struct of which the mm_struct is to be referenced
+ *
+ * Grab a reference on the mm_struct associated with the supplied *task*. This
+ * kfunc will return NULL for threads that do not possess a valid mm_struct, for
+ * example those that are flagged as PF_KTHREAD. A reference on a mm_struct
+ * pointer acquired by this kfunc must be released using bpf_mm_drop().
+ *
+ * This helper only pins the underlying mm_struct and not necessarily the
+ * address space that is associated with the referenced mm_struct that is
+ * returned from this kfunc. This kfunc internally calls mmgrab().
+ *
+ * Return: A referenced pointer to the mm_struct associated with the supplied
+ * 	   *task*, or NULL.
+ */
+__bpf_kfunc struct mm_struct *bpf_task_mm_grab(struct task_struct *task)
+{
+	struct mm_struct *mm;
+
+	task_lock(task);
+	mm = task->mm;
+	if (likely(mm))
+		mmgrab(mm);
+	task_unlock(task);
+
+	return mm;
+}
+
+/**
+ * bpf_mm_drop - put the reference on the supplied mm_struct
+ * @mm: mm_struct of which to put the reference on
+ *
+ * Put the reference on the supplied *mm*. This kfunc internally calls mmdrop().
+ */
+__bpf_kfunc void bpf_mm_drop(struct mm_struct *mm)
+{
+	mmdrop(mm);
+}
+
 __bpf_kfunc_end_defs();
 
 BTF_KFUNCS_START(lsm_kfunc_set_ids)
 BTF_ID_FLAGS(func, bpf_get_file_xattr, KF_SLEEPABLE | KF_TRUSTED_ARGS)
+BTF_ID_FLAGS(func, bpf_task_mm_grab, KF_ACQUIRE | KF_TRUSTED_ARGS | KF_RET_NULL);
+BTF_ID_FLAGS(func, bpf_mm_drop, KF_RELEASE);
 BTF_KFUNCS_END(lsm_kfunc_set_ids)
 
 static int bpf_lsm_kfunc_filter(const struct bpf_prog *prog, u32 kfunc_id)
-- 
2.44.0.rc0.258.g7320e95886-goog

/M