Only the tasks belonging to "current" pid namespace are enumerated. For task/file target, the bpf program will have access to struct task_struct *task u32 fd struct file *file where fd/file is an open file for the task. Signed-off-by: Yonghong Song <yhs@xxxxxx> --- kernel/bpf/Makefile | 2 +- kernel/bpf/dump_task.c | 320 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 321 insertions(+), 1 deletion(-) create mode 100644 kernel/bpf/dump_task.c diff --git a/kernel/bpf/Makefile b/kernel/bpf/Makefile index 4a1376ab2bea..7e2c73deabab 100644 --- a/kernel/bpf/Makefile +++ b/kernel/bpf/Makefile @@ -26,7 +26,7 @@ obj-$(CONFIG_BPF_SYSCALL) += reuseport_array.o endif ifeq ($(CONFIG_SYSFS),y) obj-$(CONFIG_DEBUG_INFO_BTF) += sysfs_btf.o -obj-$(CONFIG_BPF_SYSCALL) += dump.o +obj-$(CONFIG_BPF_SYSCALL) += dump.o dump_task.o endif ifeq ($(CONFIG_BPF_JIT),y) obj-$(CONFIG_BPF_SYSCALL) += bpf_struct_ops.o diff --git a/kernel/bpf/dump_task.c b/kernel/bpf/dump_task.c new file mode 100644 index 000000000000..cb0767f4d962 --- /dev/null +++ b/kernel/bpf/dump_task.c @@ -0,0 +1,320 @@ +// SPDX-License-Identifier: GPL-2.0-only +/* Copyright (c) 2020 Facebook */ + +#include <linux/init.h> +#include <linux/namei.h> +#include <linux/pid_namespace.h> +#include <linux/fs.h> +#include <linux/fdtable.h> +#include <linux/filter.h> + +struct bpfdump_seq_task_info { + struct pid_namespace *ns; + struct task_struct *task; + u32 id; +}; + +static struct task_struct *task_seq_get_next(struct pid_namespace *ns, u32 *id) +{ + struct task_struct *task; + struct pid *pid; + + rcu_read_lock(); + pid = idr_get_next(&ns->idr, id); + task = get_pid_task(pid, PIDTYPE_PID); + if (task) + get_task_struct(task); + rcu_read_unlock(); + + return task; +} + +static void *task_seq_start(struct seq_file *seq, loff_t *pos) +{ + struct bpfdump_seq_task_info *info = seq->private; + struct task_struct *task; + u32 id = info->id + 1; + + if (*pos == 0) + info->ns = task_active_pid_ns(current); + + task = task_seq_get_next(info->ns, &id); + if (!task) + return NULL; + + ++*pos; + info->task = task; + info->id = id; + + return task; +} + +static void *task_seq_next(struct seq_file *seq, void *v, loff_t *pos) +{ + struct bpfdump_seq_task_info *info = seq->private; + struct task_struct *task; + u32 id = info->id + 1; + + ++*pos; + task = task_seq_get_next(info->ns, &id); + if (!task) + return NULL; + + put_task_struct(info->task); + info->task = task; + info->id = id; + return task; +} + +struct bpfdump__task { + struct bpf_dump_meta *meta; + struct task_struct *task; +}; + +int __init __bpfdump__task(struct bpf_dump_meta *meta, struct task_struct *task) +{ + return 0; +} + +static int task_seq_show(struct seq_file *seq, void *v) +{ + struct bpf_dump_meta meta; + struct bpfdump__task ctx; + struct bpf_prog *prog; + int ret = 0; + + prog = bpf_dump_get_prog(seq, sizeof(struct bpfdump_seq_task_info), + &meta.session_id, &meta.seq_num, + v == (void *)0); + if (prog) { + meta.seq = seq; + ctx.meta = &meta; + ctx.task = v; + ret = bpf_dump_run_prog(prog, &ctx); + } + + return ret == 0 ? 0 : -EINVAL; +} + +static void task_seq_stop(struct seq_file *seq, void *v) +{ + struct bpfdump_seq_task_info *info = seq->private; + + if (!v) + task_seq_show(seq, v); + + if (info->task) { + put_task_struct(info->task); + info->task = NULL; + } +} + +static const struct seq_operations task_seq_ops = { + .start = task_seq_start, + .next = task_seq_next, + .stop = task_seq_stop, + .show = task_seq_show, +}; + +struct bpfdump_seq_task_file_info { + struct pid_namespace *ns; + struct task_struct *task; + struct files_struct *files; + u32 id; + u32 fd; +}; + +static struct file *task_file_seq_get_next(struct pid_namespace *ns, u32 *id, + int *fd, struct task_struct **task, + struct files_struct **fstruct) +{ + struct files_struct *files; + struct task_struct *tk; + u32 sid = *id; + int sfd; + + /* If this function returns a non-NULL file object, + * it held a reference to the files_struct and file. + * Otherwise, it does not hold any reference. + */ +again: + if (*fstruct) { + files = *fstruct; + sfd = *fd; + } else { + tk = task_seq_get_next(ns, &sid); + if (!tk) + return NULL; + files = get_files_struct(tk); + put_task_struct(tk); + if (!files) + return NULL; + *fstruct = files; + *task = tk; + if (sid == *id) { + sfd = *fd; + } else { + *id = sid; + sfd = 0; + } + } + + rcu_read_lock(); + for (; sfd < files_fdtable(files)->max_fds; sfd++) { + struct file *f; + + f = fcheck_files(files, sfd); + if (!f) + continue; + + *fd = sfd; + get_file(f); + rcu_read_unlock(); + return f; + } + + /* the current task is done, go to the next task */ + rcu_read_unlock(); + put_files_struct(files); + *fstruct = NULL; + sid = ++(*id); + goto again; +} + +static void *task_file_seq_start(struct seq_file *seq, loff_t *pos) +{ + struct bpfdump_seq_task_file_info *info = seq->private; + struct files_struct *files = NULL; + struct task_struct *task = NULL; + struct file *file; + u32 id = info->id; + int fd = info->fd + 1; + + if (*pos == 0) + info->ns = task_active_pid_ns(current); + + file = task_file_seq_get_next(info->ns, &id, &fd, &task, &files); + if (!file) { + info->files = NULL; + return NULL; + } + + ++*pos; + info->id = id; + info->fd = fd; + info->task = task; + info->files = files; + + return file; +} + +static void *task_file_seq_next(struct seq_file *seq, void *v, loff_t *pos) +{ + struct bpfdump_seq_task_file_info *info = seq->private; + struct files_struct *files = info->files; + struct task_struct *task = info->task; + int fd = info->fd + 1; + struct file *file; + u32 id = info->id; + + ++*pos; + fput((struct file *)v); + file = task_file_seq_get_next(info->ns, &id, &fd, &task, &files); + if (!file) { + info->files = NULL; + return NULL; + } + + info->id = id; + info->fd = fd; + info->task = task; + info->files = files; + + return file; +} + +struct bpfdump__task_file { + struct bpf_dump_meta *meta; + struct task_struct *task; + u32 fd; + struct file *file; +}; + +int __init __bpfdump__task_file(struct bpf_dump_meta *meta, + struct task_struct *task, u32 fd, + struct file *file) +{ + return 0; +} + +static int task_file_seq_show(struct seq_file *seq, void *v) +{ + struct bpfdump_seq_task_file_info *info = seq->private; + struct bpfdump__task_file ctx; + struct bpf_dump_meta meta; + struct bpf_prog *prog; + int ret = 0; + + prog = bpf_dump_get_prog(seq, sizeof(struct bpfdump_seq_task_file_info), + &meta.session_id, &meta.seq_num, v == (void *)0); + if (prog) { + meta.seq = seq; + ctx.meta = &meta; + ctx.task = info->task; + ctx.fd = info->fd; + ctx.file = v; + ret = bpf_dump_run_prog(prog, &ctx); + } + + return ret == 0 ? 0 : -EINVAL; +} + +static void task_file_seq_stop(struct seq_file *seq, void *v) +{ + struct bpfdump_seq_task_file_info *info = seq->private; + + if (v) + fput((struct file *)v); + else + task_file_seq_show(seq, v); + + if (info->files) { + put_files_struct(info->files); + info->files = NULL; + } +} + +static const struct seq_operations task_file_seq_ops = { + .start = task_file_seq_start, + .next = task_file_seq_next, + .stop = task_file_seq_stop, + .show = task_file_seq_show, +}; + +static int __init task_dump_init(void) +{ + struct bpf_dump_reg task_file_reg_info = { + .target = "task/file", + .target_proto = "__bpfdump__task_file", + .prog_ctx_type_name = "bpfdump__task_file", + .seq_ops = &task_file_seq_ops, + .seq_priv_size = sizeof(struct bpfdump_seq_task_file_info), + .target_feature = 0, + }; + struct bpf_dump_reg task_reg_info = { + .target = "task", + .target_proto = "__bpfdump__task", + .prog_ctx_type_name = "bpfdump__task", + .seq_ops = &task_seq_ops, + .seq_priv_size = sizeof(struct bpfdump_seq_task_info), + .target_feature = 0, + }; + int ret; + + ret = bpf_dump_reg_target(&task_reg_info); + if (ret) + return ret; + + return bpf_dump_reg_target(&task_file_reg_info); +} +late_initcall(task_dump_init); -- 2.24.1