Commit 61ee2cce authored by Alexei Starovoitov's avatar Alexei Starovoitov
Browse files

Merge branch 'remove-use-of-current-cgns-in-bpf_cgroup_from_id' 

Kumar Kartikeya Dwivedi says:

====================
Remove use of current->cgns in bpf_cgroup_from_id

bpf_cgroup_from_id currently ends up doing a check on whether the cgroup
being looked up is a descendant of the root cgroup of the current task's
cgroup namespace. This leads to unreliable results since this kfunc can
be invoked from any arbitrary context, for any arbitrary value of
current. Fix this by removing namespace-awarness in the kfunc, and
include a test that detects such a case and fails without the fix.

Changelog:
----------
v2 -> v3
v2: https://lore.kernel.org/bpf/20250811195901.1651800-1-memxor@gmail.com

 * Refactor cgroup_get_from_id into non-ns version. (Andrii)
 * Address nits from Eduard.

v1 -> v2
v1: https://lore.kernel.org/bpf/20250811175045.1055202-1-memxor@gmail.com

 * Add Ack from Tejun.
 * Fix selftest to perform namespace migration and cgroup setup in a
   child process to avoid changing test_progs namespace.
====================

Link: https://patch.msgid.link/20250915032618.1551762-1-memxor@gmail.com


Signed-off-by: default avatarAlexei Starovoitov <ast@kernel.org>
parents a9d4e9f0 a8250d16

include/linux/cgroup.h

+1 −0
Original line number Diff line number Diff line
@@ -650,6 +650,7 @@ static inline void cgroup_kthread_ready(void) 
}



void cgroup_path_from_kernfs_id(u64 id, char *buf, size_t buflen);

struct cgroup *__cgroup_get_from_id(u64 id);

struct cgroup *cgroup_get_from_id(u64 id);

#else /* !CONFIG_CGROUPS */

kernel/bpf/helpers.c

+1 −1
Original line number Diff line number Diff line
@@ -2546,7 +2546,7 @@ __bpf_kfunc struct cgroup *bpf_cgroup_from_id(u64 cgid) 
{

	struct cgroup *cgrp;



	cgrp = cgroup_get_from_id(cgid);

	cgrp = __cgroup_get_from_id(cgid);

	if (IS_ERR(cgrp))

		return NULL;

	return cgrp;

kernel/cgroup/cgroup.c

+20 −4
Original line number Diff line number Diff line
@@ -6343,15 +6343,15 @@ void cgroup_path_from_kernfs_id(u64 id, char *buf, size_t buflen) 
}



/*

 * cgroup_get_from_id : get the cgroup associated with cgroup id

 * __cgroup_get_from_id : get the cgroup associated with cgroup id

 * @id: cgroup id

 * On success return the cgrp or ERR_PTR on failure

 * Only cgroups within current task's cgroup NS are valid.

 * There are no cgroup NS restrictions.

 */

struct cgroup *cgroup_get_from_id(u64 id)

struct cgroup *__cgroup_get_from_id(u64 id)

{

	struct kernfs_node *kn;

	struct cgroup *cgrp, *root_cgrp;

	struct cgroup *cgrp;



	kn = kernfs_find_and_get_node_by_id(cgrp_dfl_root.kf_root, id);

	if (!kn)
@@ -6373,6 +6373,22 @@ struct cgroup *cgroup_get_from_id(u64 id) 


	if (!cgrp)

		return ERR_PTR(-ENOENT);

	return cgrp;

}



/*

 * cgroup_get_from_id : get the cgroup associated with cgroup id

 * @id: cgroup id

 * On success return the cgrp or ERR_PTR on failure

 * Only cgroups within current task's cgroup NS are valid.

 */

struct cgroup *cgroup_get_from_id(u64 id)

{

	struct cgroup *cgrp, *root_cgrp;



	cgrp = __cgroup_get_from_id(id);

	if (IS_ERR(cgrp))

		return cgrp;



	root_cgrp = current_cgns_cgroup_dfl();

	if (!cgroup_is_descendant(cgrp, root_cgrp)) {

tools/testing/selftests/bpf/cgroup_helpers.c

+20 −0
Original line number Diff line number Diff line
@@ -412,6 +412,26 @@ void remove_cgroup(const char *relative_path) 
		log_err("rmdiring cgroup %s .. %s", relative_path, cgroup_path);

}



/*

 * remove_cgroup_pid() - Remove a cgroup setup by process identified by PID

 * @relative_path: The cgroup path, relative to the workdir, to remove

 * @pid: PID to be used to find cgroup_path

 *

 * This function expects a cgroup to already be created, relative to the cgroup

 * work dir. It also expects the cgroup doesn't have any children or live

 * processes and it removes the cgroup.

 *

 * On failure, it will print an error to stderr.

 */

void remove_cgroup_pid(const char *relative_path, int pid)

{

	char cgroup_path[PATH_MAX + 1];



	format_cgroup_path_pid(cgroup_path, relative_path, pid);

	if (rmdir(cgroup_path))

		log_err("rmdiring cgroup %s .. %s", relative_path, cgroup_path);

}



/**

 * create_and_get_cgroup() - Create a cgroup, relative to workdir, and get the FD

 * @relative_path: The cgroup path, relative to the workdir, to join

tools/testing/selftests/bpf/cgroup_helpers.h

+1 −0
Original line number Diff line number Diff line
@@ -19,6 +19,7 @@ int cgroup_setup_and_join(const char *relative_path); 
int get_root_cgroup(void);

int create_and_get_cgroup(const char *relative_path);

void remove_cgroup(const char *relative_path);

void remove_cgroup_pid(const char *relative_path, int pid);

unsigned long long get_cgroup_id(const char *relative_path);

int get_cgroup1_hierarchy_id(const char *subsys_name);