On Wed, Nov 4, 2020 at 12:47 AM Song Liu <songliubraving@xxxxxx> wrote: > > > > On Nov 3, 2020, at 7:31 AM, KP Singh <kpsingh@xxxxxxxxxxxx> wrote: > > > > From: KP Singh <kpsingh@xxxxxxxxxx> > > > > Similar to bpf_local_storage for sockets and inodes add local storage > > for task_struct. > > > > The life-cycle of storage is managed with the life-cycle of the > > task_struct. i.e. the storage is destroyed along with the owning task > > with a callback to the bpf_task_storage_free from the task_free LSM > > hook. > > > > The BPF LSM allocates an __rcu pointer to the bpf_local_storage in > > the security blob which are now stackable and can co-exist with other > > LSMs. > > > > The userspace map operations can be done by using a pid fd as a key > > passed to the lookup, update and delete operations. > > > > Signed-off-by: KP Singh <kpsingh@xxxxxxxxxx> > > Acked-by: Song Liu <songliubraving@xxxxxx> > > with a few nits: > > > --- > > include/linux/bpf_lsm.h | 23 +++ > > include/linux/bpf_types.h | 1 + > > include/uapi/linux/bpf.h | 39 ++++ > > kernel/bpf/Makefile | 1 + > > kernel/bpf/bpf_lsm.c | 4 + > > kernel/bpf/bpf_task_storage.c | 313 +++++++++++++++++++++++++++++++++ > > kernel/bpf/syscall.c | 3 +- > > kernel/bpf/verifier.c | 10 ++ > > security/bpf/hooks.c | 2 + > > tools/include/uapi/linux/bpf.h | 39 ++++ > > 10 files changed, 434 insertions(+), 1 deletion(-) > > create mode 100644 kernel/bpf/bpf_task_storage.c > > > > diff --git a/include/linux/bpf_lsm.h b/include/linux/bpf_lsm.h > > index aaacb6aafc87..326cb68a3632 100644 > > --- a/include/linux/bpf_lsm.h > > +++ b/include/linux/bpf_lsm.h > > @@ -7,6 +7,7 @@ > > #ifndef _LINUX_BPF_LSM_H > > #define _LINUX_BPF_LSM_H > > > > +#include "linux/sched.h" > > vscode? Yep, turns out it was clangd (which I use in vscode) and I needed to pass "--header-insertion=never" when starting the clangd server, I fixed all other instances as well. - KP
