On Fri, Mar 15, 2024 at 11:48:54AM -0700, Yonghong Song wrote: > Currently bpf_get_current_pid_tgid() is allowed in tracing, cgroup > and sk_msg progs while bpf_get_ns_current_pid_tgid() is only allowed > in tracing progs. > > We have an internal use case where for an application running > in a container (with pid namespace), user wants to get > the pid associated with the pid namespace in a cgroup bpf > program. Currently, cgroup bpf progs already allow > bpf_get_current_pid_tgid(). Let us allow bpf_get_ns_current_pid_tgid() > as well. > > With auditing the code, bpf_get_current_pid_tgid() is also used > by sk_msg prog. But there are no side effect to expose these two > helpers to all prog types since they do not reveal any kernel specific > data. The detailed discussion is in [1]. > > So with this patch, both bpf_get_current_pid_tgid() and bpf_get_ns_current_pid_tgid() > are put in bpf_base_func_proto(), making them available to all > program types. > > [1] https://lore.kernel.org/bpf/20240307232659.1115872-1-yonghong.song@xxxxxxxxx/ > > Signed-off-by: Yonghong Song <yonghong.song@xxxxxxxxx> Acked-by: Jiri Olsa <jolsa@xxxxxxxxxx> jirka > --- > kernel/bpf/cgroup.c | 2 -- > kernel/bpf/helpers.c | 4 ++++ > kernel/trace/bpf_trace.c | 4 ---- > net/core/filter.c | 2 -- > 4 files changed, 4 insertions(+), 8 deletions(-) > > diff --git a/kernel/bpf/cgroup.c b/kernel/bpf/cgroup.c > index 82243cb6c54d..8ba73042a239 100644 > --- a/kernel/bpf/cgroup.c > +++ b/kernel/bpf/cgroup.c > @@ -2575,8 +2575,6 @@ cgroup_current_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) > switch (func_id) { > case BPF_FUNC_get_current_uid_gid: > return &bpf_get_current_uid_gid_proto; > - case BPF_FUNC_get_current_pid_tgid: > - return &bpf_get_current_pid_tgid_proto; > case BPF_FUNC_get_current_comm: > return &bpf_get_current_comm_proto; > #ifdef CONFIG_CGROUP_NET_CLASSID > diff --git a/kernel/bpf/helpers.c b/kernel/bpf/helpers.c > index a89587859571..9234174ccb21 100644 > --- a/kernel/bpf/helpers.c > +++ b/kernel/bpf/helpers.c > @@ -1730,6 +1730,10 @@ bpf_base_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) > return &bpf_strtol_proto; > case BPF_FUNC_strtoul: > return &bpf_strtoul_proto; > + case BPF_FUNC_get_current_pid_tgid: > + return &bpf_get_current_pid_tgid_proto; > + case BPF_FUNC_get_ns_current_pid_tgid: > + return &bpf_get_ns_current_pid_tgid_proto; > default: > break; > } > diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c > index 0a5c4efc73c3..1b041911b1d8 100644 > --- a/kernel/trace/bpf_trace.c > +++ b/kernel/trace/bpf_trace.c > @@ -1525,8 +1525,6 @@ bpf_tracing_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) > return &bpf_ktime_get_boot_ns_proto; > case BPF_FUNC_tail_call: > return &bpf_tail_call_proto; > - case BPF_FUNC_get_current_pid_tgid: > - return &bpf_get_current_pid_tgid_proto; > case BPF_FUNC_get_current_task: > return &bpf_get_current_task_proto; > case BPF_FUNC_get_current_task_btf: > @@ -1582,8 +1580,6 @@ bpf_tracing_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) > return &bpf_send_signal_thread_proto; > case BPF_FUNC_perf_event_read_value: > return &bpf_perf_event_read_value_proto; > - case BPF_FUNC_get_ns_current_pid_tgid: > - return &bpf_get_ns_current_pid_tgid_proto; > case BPF_FUNC_ringbuf_output: > return &bpf_ringbuf_output_proto; > case BPF_FUNC_ringbuf_reserve: > diff --git a/net/core/filter.c b/net/core/filter.c > index 8adf95765cdd..0c66e4a3fc5b 100644 > --- a/net/core/filter.c > +++ b/net/core/filter.c > @@ -8342,8 +8342,6 @@ sk_msg_func_proto(enum bpf_func_id func_id, const struct bpf_prog *prog) > return &bpf_event_output_data_proto; > case BPF_FUNC_get_current_uid_gid: > return &bpf_get_current_uid_gid_proto; > - case BPF_FUNC_get_current_pid_tgid: > - return &bpf_get_current_pid_tgid_proto; > case BPF_FUNC_sk_storage_get: > return &bpf_sk_storage_get_proto; > case BPF_FUNC_sk_storage_delete: > -- > 2.43.0 > >
