tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

Merge branch 'remove-use-of-current-cgns-in-bpf_cgroup_from_id'

Kumar Kartikeya Dwivedi says:

====================
Remove use of current->cgns in bpf_cgroup_from_id

bpf_cgroup_from_id currently ends up doing a check on whether the cgroup
being looked up is a descendant of the root cgroup of the current task's
cgroup namespace. This leads to unreliable results since this kfunc can
be invoked from any arbitrary context, for any arbitrary value of
current. Fix this by removing namespace-awarness in the kfunc, and
include a test that detects such a case and fails without the fix.

Changelog:
----------
v2 -> v3
v2: https://lore.kernel.org/bpf/20250811195901.1651800-1-memxor@gmail.com

* Refactor cgroup_get_from_id into non-ns version. (Andrii)
* Address nits from Eduard.

v1 -> v2
v1: https://lore.kernel.org/bpf/20250811175045.1055202-1-memxor@gmail.com

* Add Ack from Tejun.
* Fix selftest to perform namespace migration and cgroup setup in a
child process to avoid changing test_progs namespace.
====================

Link: https://patch.msgid.link/20250915032618.1551762-1-memxor@gmail.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>

Alexei Starovoitov 61ee2cce a9d4e9f0

+126 -5
+1
include/linux/cgroup.h
··· 650 650 } 651 651 652 652 void cgroup_path_from_kernfs_id(u64 id, char *buf, size_t buflen); 653 + struct cgroup *__cgroup_get_from_id(u64 id); 653 654 struct cgroup *cgroup_get_from_id(u64 id); 654 655 #else /* !CONFIG_CGROUPS */ 655 656
+1 -1
kernel/bpf/helpers.c
··· 2546 2546 { 2547 2547 struct cgroup *cgrp; 2548 2548 2549 - cgrp = cgroup_get_from_id(cgid); 2549 + cgrp = __cgroup_get_from_id(cgid); 2550 2550 if (IS_ERR(cgrp)) 2551 2551 return NULL; 2552 2552 return cgrp;
+20 -4
kernel/cgroup/cgroup.c
··· 6343 6343 } 6344 6344 6345 6345 /* 6346 - * cgroup_get_from_id : get the cgroup associated with cgroup id 6346 + * __cgroup_get_from_id : get the cgroup associated with cgroup id 6347 6347 * @id: cgroup id 6348 6348 * On success return the cgrp or ERR_PTR on failure 6349 - * Only cgroups within current task's cgroup NS are valid. 6349 + * There are no cgroup NS restrictions. 6350 6350 */ 6351 - struct cgroup *cgroup_get_from_id(u64 id) 6351 + struct cgroup *__cgroup_get_from_id(u64 id) 6352 6352 { 6353 6353 struct kernfs_node *kn; 6354 - struct cgroup *cgrp, *root_cgrp; 6354 + struct cgroup *cgrp; 6355 6355 6356 6356 kn = kernfs_find_and_get_node_by_id(cgrp_dfl_root.kf_root, id); 6357 6357 if (!kn) ··· 6373 6373 6374 6374 if (!cgrp) 6375 6375 return ERR_PTR(-ENOENT); 6376 + return cgrp; 6377 + } 6378 + 6379 + /* 6380 + * cgroup_get_from_id : get the cgroup associated with cgroup id 6381 + * @id: cgroup id 6382 + * On success return the cgrp or ERR_PTR on failure 6383 + * Only cgroups within current task's cgroup NS are valid. 6384 + */ 6385 + struct cgroup *cgroup_get_from_id(u64 id) 6386 + { 6387 + struct cgroup *cgrp, *root_cgrp; 6388 + 6389 + cgrp = __cgroup_get_from_id(id); 6390 + if (IS_ERR(cgrp)) 6391 + return cgrp; 6376 6392 6377 6393 root_cgrp = current_cgns_cgroup_dfl(); 6378 6394 if (!cgroup_is_descendant(cgrp, root_cgrp)) {
+20
tools/testing/selftests/bpf/cgroup_helpers.c
··· 412 412 log_err("rmdiring cgroup %s .. %s", relative_path, cgroup_path); 413 413 } 414 414 415 + /* 416 + * remove_cgroup_pid() - Remove a cgroup setup by process identified by PID 417 + * @relative_path: The cgroup path, relative to the workdir, to remove 418 + * @pid: PID to be used to find cgroup_path 419 + * 420 + * This function expects a cgroup to already be created, relative to the cgroup 421 + * work dir. It also expects the cgroup doesn't have any children or live 422 + * processes and it removes the cgroup. 423 + * 424 + * On failure, it will print an error to stderr. 425 + */ 426 + void remove_cgroup_pid(const char *relative_path, int pid) 427 + { 428 + char cgroup_path[PATH_MAX + 1]; 429 + 430 + format_cgroup_path_pid(cgroup_path, relative_path, pid); 431 + if (rmdir(cgroup_path)) 432 + log_err("rmdiring cgroup %s .. %s", relative_path, cgroup_path); 433 + } 434 + 415 435 /** 416 436 * create_and_get_cgroup() - Create a cgroup, relative to workdir, and get the FD 417 437 * @relative_path: The cgroup path, relative to the workdir, to join
+1
tools/testing/selftests/bpf/cgroup_helpers.h
··· 19 19 int get_root_cgroup(void); 20 20 int create_and_get_cgroup(const char *relative_path); 21 21 void remove_cgroup(const char *relative_path); 22 + void remove_cgroup_pid(const char *relative_path, int pid); 22 23 unsigned long long get_cgroup_id(const char *relative_path); 23 24 int get_cgroup1_hierarchy_id(const char *subsys_name); 24 25
+71
tools/testing/selftests/bpf/prog_tests/cgrp_kfunc.c
··· 4 4 #define _GNU_SOURCE 5 5 #include <cgroup_helpers.h> 6 6 #include <test_progs.h> 7 + #include <sched.h> 8 + #include <sys/wait.h> 7 9 8 10 #include "cgrp_kfunc_failure.skel.h" 9 11 #include "cgrp_kfunc_success.skel.h" ··· 89 87 "test_cgrp_from_id", 90 88 }; 91 89 90 + static void test_cgrp_from_id_ns(void) 91 + { 92 + LIBBPF_OPTS(bpf_test_run_opts, opts); 93 + struct cgrp_kfunc_success *skel; 94 + struct bpf_program *prog; 95 + int pid, pipe_fd[2]; 96 + 97 + skel = open_load_cgrp_kfunc_skel(); 98 + if (!ASSERT_OK_PTR(skel, "open_load_skel")) 99 + return; 100 + 101 + if (!ASSERT_OK(skel->bss->err, "pre_mkdir_err")) 102 + goto cleanup; 103 + 104 + prog = skel->progs.test_cgrp_from_id_ns; 105 + 106 + if (!ASSERT_OK(pipe(pipe_fd), "pipe")) 107 + goto cleanup; 108 + 109 + pid = fork(); 110 + if (!ASSERT_GE(pid, 0, "fork result")) { 111 + close(pipe_fd[0]); 112 + close(pipe_fd[1]); 113 + goto cleanup; 114 + } 115 + 116 + if (pid == 0) { 117 + int ret = 0; 118 + 119 + close(pipe_fd[0]); 120 + 121 + if (!ASSERT_GE(cgroup_setup_and_join("cgrp_from_id_ns"), 0, "join cgroup")) 122 + exit(1); 123 + 124 + if (!ASSERT_OK(unshare(CLONE_NEWCGROUP), "unshare cgns")) 125 + exit(1); 126 + 127 + ret = bpf_prog_test_run_opts(bpf_program__fd(prog), &opts); 128 + if (!ASSERT_OK(ret, "test run ret")) 129 + exit(1); 130 + 131 + if (!ASSERT_OK(opts.retval, "test run retval")) 132 + exit(1); 133 + 134 + if (!ASSERT_EQ(write(pipe_fd[1], &ret, sizeof(ret)), sizeof(ret), "write pipe")) 135 + exit(1); 136 + 137 + exit(0); 138 + } else { 139 + int res; 140 + 141 + close(pipe_fd[1]); 142 + 143 + ASSERT_EQ(read(pipe_fd[0], &res, sizeof(res)), sizeof(res), "read res"); 144 + ASSERT_EQ(waitpid(pid, NULL, 0), pid, "wait on child"); 145 + 146 + remove_cgroup_pid("cgrp_from_id_ns", pid); 147 + 148 + ASSERT_OK(res, "result from run"); 149 + } 150 + 151 + close(pipe_fd[0]); 152 + cleanup: 153 + cgrp_kfunc_success__destroy(skel); 154 + } 155 + 92 156 void test_cgrp_kfunc(void) 93 157 { 94 158 int i, err; ··· 169 101 170 102 run_success_test(success_tests[i]); 171 103 } 104 + 105 + if (test__start_subtest("test_cgrp_from_id_ns")) 106 + test_cgrp_from_id_ns(); 172 107 173 108 RUN_TESTS(cgrp_kfunc_failure); 174 109
+12
tools/testing/selftests/bpf/progs/cgrp_kfunc_success.c
··· 221 221 222 222 return 0; 223 223 } 224 + 225 + SEC("syscall") 226 + int test_cgrp_from_id_ns(void *ctx) 227 + { 228 + struct cgroup *cg; 229 + 230 + cg = bpf_cgroup_from_id(1); 231 + if (!cg) 232 + return 42; 233 + bpf_cgroup_release(cg); 234 + return 0; 235 + }