On Wed, Jul 14, 2021 at 5:55 PM Yonghong Song <yhs@xxxxxx> wrote: > > > > On 7/12/21 12:12 PM, John Fastabend wrote: > > Hengqi Chen wrote: > >> Add vfs_read and vfs_write to bpf_d_path allowlist. > >> This will help tools like IOVisor's filetop to get > >> full file path. > >> > >> Signed-off-by: Hengqi Chen <hengqi.chen@xxxxxxxxx> > >> --- > > > > As I understand it dpath helper is allowed as long as we > > are not in NMI/interrupt context, so these should be fine > > to add. > > > > Acked-by: John Fastabend <john.fastabend@xxxxxxxxx> > > The corresponding bcc discussion thread is here: > https://github.com/iovisor/bcc/issues/3527 > > Acked-by: Yonghong Song <yhs@xxxxxx> > > > > >> kernel/trace/bpf_trace.c | 2 ++ > >> 1 file changed, 2 insertions(+) > >> > >> diff --git a/kernel/trace/bpf_trace.c b/kernel/trace/bpf_trace.c > >> index 64bd2d84367f..6d3f951f38c5 100644 > >> --- a/kernel/trace/bpf_trace.c > >> +++ b/kernel/trace/bpf_trace.c > >> @@ -861,6 +861,8 @@ BTF_ID(func, vfs_fallocate) > >> BTF_ID(func, dentry_open) > >> BTF_ID(func, vfs_getattr) > >> BTF_ID(func, filp_close) > >> +BTF_ID(func, vfs_read) > >> +BTF_ID(func, vfs_write) > >> BTF_SET_END(btf_allowlist_d_path) That feels incomplete. I know we can add more later, but why these two and not vfs_readv ? security_file_permission should probably be added as well ? Along with all sys_* entry points ?
