From patchwork Wed Apr 26 18:24:16 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Hannes Frederic Sowa <hannes@stressinduktion.org>
X-Patchwork-Id: 755592
X-Patchwork-Delegate: davem@davemloft.net
Return-Path: <netdev-owner@vger.kernel.org>
X-Original-To: patchwork-incoming@ozlabs.org
Delivered-To: patchwork-incoming@ozlabs.org
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by ozlabs.org (Postfix) with ESMTP id 3wCpQs54Mwz9s8W
	for <patchwork-incoming@ozlabs.org>;
	Thu, 27 Apr 2017 04:25:09 +1000 (AEST)
Authentication-Results: ozlabs.org; dkim=pass (2048-bit key;
	unprotected) header.d=stressinduktion.org
	header.i=@stressinduktion.org header.b="GZyZtQQM";
	dkim=pass (2048-bit key;
	unprotected) header.d=messagingengine.com
	header.i=@messagingengine.com header.b="JgqD4thA";
	dkim-atps=neutral
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S933561AbdDZSZH (ORCPT <rfc822;patchwork-incoming@ozlabs.org>);
	Wed, 26 Apr 2017 14:25:07 -0400
Received: from out4-smtp.messagingengine.com ([66.111.4.28]:44331 "EHLO
	out4-smtp.messagingengine.com" rhost-flags-OK-OK-OK-OK)
	by vger.kernel.org with ESMTP id S933467AbdDZSYz (ORCPT
	<rfc822;netdev@vger.kernel.org>); Wed, 26 Apr 2017 14:24:55 -0400
Received: from compute7.internal (compute7.nyi.internal [10.202.2.47])
	by mailout.nyi.internal (Postfix) with ESMTP id C020C21CF9;
	Wed, 26 Apr 2017 14:24:40 -0400 (EDT)
Received: from frontend1 ([10.202.2.160])
	by compute7.internal (MEProxy); Wed, 26 Apr 2017 14:24:40 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	stressinduktion.org; h=cc:date:from:in-reply-to:message-id
	:references:subject:to:x-me-sender:x-me-sender:x-sasl-enc
	:x-sasl-enc; s=fm1; bh=OKsT5tXQ7Sksk6/7unwye3PFPj4+P7wXC8FOGI+6L
	Cw=; b=GZyZtQQMr3ODhju6Yc+968KSxhXk2jnBlLt4UlfRR0DmOOiIYbDjafw08
	bATaj/RTQtAIuchAK6T5DjnC2JmMpQz5kQeDpBzpTVvPGX03sB7h8TKe+W/WEoOR
	h6WrKb+Z4sRxzbDn4X7R1BTxMHL1BR6NLoUQkE7YpV3HmE6msP2S2fkmoVN33ISg
	+6m4gKgr/ipEjSmAv1jaEpjrmvRGHwIfHHJGl0L/959ZxhbafX3YD4sOw2C8sfMv
	036SvPp4Pf3UwNrzGIZZIYrCb7j36fHBqXaEXmtDQ3K6sJyPbqYVxj4baUbzWvRF
	bQ87mjjccPDUmbfEehaBuS722P7Ug==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
	messagingengine.com; h=cc:date:from:in-reply-to:message-id
	:references:subject:to:x-me-sender:x-me-sender:x-sasl-enc
	:x-sasl-enc; s=fm1; bh=OKsT5tXQ7Sksk6/7unwye3PFPj4+P7wXC8FOGI+6L
	Cw=; b=JgqD4thANCOBDe5KU00vrhqOklRs3vmgXuwR11y777PXOM7NMJUA9IuKI
	zJOUHagw6e9i4v+Wv3ZcLS+5y7JyDlVktYllE65eEQmVBzlO2oBuwLgBRCFEFQtB
	RC0/V6PM2yF0Hc05VOc1OeKFfpk0CVOUVsqNgZ4LbZswUGsrRrlCmanYvD0bZepu
	YbZoHeC5jlgIxt583x32U8aVvEj+MIxFSGt72JhPFpSY5GFqokDMuUTZf5lsQ5di
	7zdviG8skw193mqGar8vcYaZW0kgXPbfSUNyW6oWxMRm3fGI6wHLSZz+mNkqVo8P
	hpAUOsMIFDqzySHDhYm25zmGV40sA==
X-ME-Sender: <xms:6OUAWZPezjgQakOzTuFYqp0ZG9xuc-6ZGTWNyvlICCh5dogMQlRWeQ>
X-Sasl-enc: hx4z6cIzOFzGjZMzpx/FjYP4oqfaDMTrTLzKBnUJLTtO 1493231080
Received: from m.localhost.localhost (unknown [213.55.211.100])
	by mail.messagingengine.com (Postfix) with ESMTPA id E9C217E98B;
	Wed, 26 Apr 2017 14:24:38 -0400 (EDT)
From: Hannes Frederic Sowa <hannes@stressinduktion.org>
To: netdev@vger.kernel.org
Cc: ast@kernel.org, daniel@iogearbox.com, jbenc@redhat.com,
	aconole@bytheb.org
Subject: [PATCH net-next 3/6] bpf: bpf_progs stores all loaded programs
Date: Wed, 26 Apr 2017 20:24:16 +0200
Message-Id: <20170426182419.14574-4-hannes@stressinduktion.org>
X-Mailer: git-send-email 2.9.3
In-Reply-To: <20170426182419.14574-1-hannes@stressinduktion.org>
References: <20170426182419.14574-1-hannes@stressinduktion.org>
Sender: netdev-owner@vger.kernel.org
Precedence: bulk
List-ID: <netdev.vger.kernel.org>
X-Mailing-List: netdev@vger.kernel.org

We later want to give users a quick dump of what is possible with procfs,
so store a list of all currently loaded bpf programs. Later this list
will be printed in procfs.

Signed-off-by: Hannes Frederic Sowa <hannes@stressinduktion.org>
---
 include/linux/filter.h |  4 ++--
 kernel/bpf/core.c      | 51 +++++++++++++++++++++++---------------------------
 kernel/bpf/syscall.c   |  4 ++--
 3 files changed, 27 insertions(+), 32 deletions(-)

diff --git a/include/linux/filter.h b/include/linux/filter.h
index 9a7786db14fa53..63624c619e371b 100644
--- a/include/linux/filter.h
+++ b/include/linux/filter.h
@@ -753,8 +753,8 @@ bpf_address_lookup(unsigned long addr, unsigned long *size,
 	return ret;
 }
 
-void bpf_prog_kallsyms_add(struct bpf_prog *fp);
-void bpf_prog_kallsyms_del(struct bpf_prog *fp);
+void bpf_prog_link(struct bpf_prog *fp);
+void bpf_prog_unlink(struct bpf_prog *fp);
 
 #else /* CONFIG_BPF_JIT */
 
diff --git a/kernel/bpf/core.c b/kernel/bpf/core.c
index 043f634ff58d87..2139118258cdf8 100644
--- a/kernel/bpf/core.c
+++ b/kernel/bpf/core.c
@@ -365,22 +365,6 @@ static struct latch_tree_root bpf_tree __cacheline_aligned;
 
 int bpf_jit_kallsyms __read_mostly;
 
-static void bpf_prog_ksym_node_add(struct bpf_prog_aux *aux)
-{
-	WARN_ON_ONCE(!list_empty(&aux->bpf_progs_head));
-	list_add_tail_rcu(&aux->bpf_progs_head, &bpf_progs);
-	latch_tree_insert(&aux->ksym_tnode, &bpf_tree, &bpf_tree_ops);
-}
-
-static void bpf_prog_ksym_node_del(struct bpf_prog_aux *aux)
-{
-	if (list_empty(&aux->bpf_progs_head))
-		return;
-
-	latch_tree_erase(&aux->ksym_tnode, &bpf_tree, &bpf_tree_ops);
-	list_del_rcu(&aux->bpf_progs_head);
-}
-
 static bool bpf_prog_kallsyms_candidate(const struct bpf_prog *fp)
 {
 	return fp->jited && !bpf_prog_was_classic(fp);
@@ -392,38 +376,45 @@ static bool bpf_prog_kallsyms_verify_off(const struct bpf_prog *fp)
 	       fp->aux->bpf_progs_head.prev == LIST_POISON2;
 }
 
-void bpf_prog_kallsyms_add(struct bpf_prog *fp)
+void bpf_prog_link(struct bpf_prog *fp)
 {
-	if (!bpf_prog_kallsyms_candidate(fp) ||
-	    !capable(CAP_SYS_ADMIN))
-		return;
+	struct bpf_prog_aux *aux = fp->aux;
 
 	spin_lock_bh(&bpf_lock);
-	bpf_prog_ksym_node_add(fp->aux);
+	list_add_tail_rcu(&aux->bpf_progs_head, &bpf_progs);
+	if (bpf_prog_kallsyms_candidate(fp))
+		latch_tree_insert(&aux->ksym_tnode, &bpf_tree, &bpf_tree_ops);
 	spin_unlock_bh(&bpf_lock);
 }
 
-void bpf_prog_kallsyms_del(struct bpf_prog *fp)
+void bpf_prog_unlink(struct bpf_prog *fp)
 {
-	if (!bpf_prog_kallsyms_candidate(fp))
-		return;
+	struct bpf_prog_aux *aux = fp->aux;
 
 	spin_lock_bh(&bpf_lock);
-	bpf_prog_ksym_node_del(fp->aux);
+	list_del_rcu(&aux->bpf_progs_head);
+	if (bpf_prog_kallsyms_candidate(fp))
+		latch_tree_erase(&aux->ksym_tnode, &bpf_tree, &bpf_tree_ops);
 	spin_unlock_bh(&bpf_lock);
 }
 
 static struct bpf_prog *bpf_prog_kallsyms_find(unsigned long addr)
 {
 	struct latch_tree_node *n;
+	struct bpf_prog *prog;
 
 	if (!bpf_jit_kallsyms_enabled())
 		return NULL;
 
 	n = latch_tree_find((void *)addr, &bpf_tree, &bpf_tree_ops);
-	return n ?
-	       container_of(n, struct bpf_prog_aux, ksym_tnode)->prog :
-	       NULL;
+	if (!n)
+		return NULL;
+
+	prog = container_of(n, struct bpf_prog_aux, ksym_tnode)->prog;
+	if (!prog->priv_cap_sys_admin)
+		return NULL;
+
+	return prog;
 }
 
 const char *__bpf_address_lookup(unsigned long addr, unsigned long *size,
@@ -474,6 +465,10 @@ int bpf_get_kallsym(unsigned int symnum, unsigned long *value, char *type,
 
 	rcu_read_lock();
 	list_for_each_entry_rcu(aux, &bpf_progs, bpf_progs_head) {
+		if (!bpf_prog_kallsyms_candidate(aux->prog) ||
+		    !aux->prog->priv_cap_sys_admin)
+			continue;
+
 		if (it++ != symnum)
 			continue;
 
diff --git a/kernel/bpf/syscall.c b/kernel/bpf/syscall.c
index 13642c73dca0b4..d61d1bd3e6fee6 100644
--- a/kernel/bpf/syscall.c
+++ b/kernel/bpf/syscall.c
@@ -664,7 +664,7 @@ void bpf_prog_put(struct bpf_prog *prog)
 {
 	if (atomic_dec_and_test(&prog->aux->refcnt)) {
 		trace_bpf_prog_put_rcu(prog);
-		bpf_prog_kallsyms_del(prog);
+		bpf_prog_unlink(prog);
 		call_rcu(&prog->aux->rcu, __bpf_prog_put_rcu);
 	}
 }
@@ -858,7 +858,7 @@ static int bpf_prog_load(union bpf_attr *attr)
 		/* failed to allocate fd */
 		goto free_used_maps;
 
-	bpf_prog_kallsyms_add(prog);
+	bpf_prog_link(prog);
 	trace_bpf_prog_load(prog, err);
 	return err;